CLI cookbook: how to create a Delphix self-service user
Delphix Self-Service administrators can use this CLI cookbook recipe to create a user on Delphix Self-Service using the Delphix Engine CLI.
The following script is for educational and demonstration purposes only and is not supported by Delphix.
This script can be downloaded by selecting createJSUser.sh.
Creating a Delphix self-service user
CODE
#!/bin/bash
# A sample script for calls to the CLI. This one creates a Self-Service user.
#
# VERY IMPORTANT: In order for this to work, you need to go through the steps here:
# https://docs.delphix.com/display/DOCS533/CLI+Cookbook%3A+Configuring+Key-Based+SSH+Authentication+for+Automation
# After this you will not need to use a username and password to log into the delphix engine. If you do not
# setup the SSH authentication you will have to manually enter the password.
#
# Note that the CLI only allows branches to be created from existing bookmarks.
##### Constants
# Describes a Delphix software revision.
VERSION="1.6.2"
##### Default Values. These can be overwriten with optional arguments.
engine="10.0.1.10"
username="dev"
##examples##
# Create user with NATIVE authentication
#./createJSUser.sh -P <password> NATIVE <username>
# Create user with LDAP authentication
#./createJSUser.sh -r <principal> <LDAP username>
##### Functions
# Help Menu
function usage {
echo "Usage: createJSUser.sh [[-h] | options...] <auth> <newjsuser>"
echo "Create a Self-Service Only user."
echo ""
echo "Positional arguments"
echo " <auth type NATIVE/LDAP>"
echo " <newjsuser>"
echo ""
echo "Optional Arguments:"
echo " -h Show this message and exit"
echo " -d Delphix engine IP address or host name, otherwise revert to default"
echo " -u Server user. Password needs to manually provide at run time, otherwise revert to default"
echo " -P password for NATIVE authentication, MUST incase auth=NATIVE"
echo " -f firstName of user"
echo " -l lastName of user"
echo " -e emailAddress of user"
echo " -o homePhoneNumber of user"
echo " -m mobilePhoneNumber of user"
echo " -w workPhoneNumber of user"
echo " -r principal for LDAP authentication, MUST incase of auth=LDAP"
}
# Create Our Session, including establishing the API version.
function create_session
{
echo "creating session..."
SSH_CMD="ssh ${username}@${engine}"
${SSH_CMD} "version $VERSION"
check_result
}
# Check the result of the curl. If there are problems, inform the user then exit.
function check_result
{
exitStatus=$?
if [ $exitStatus -ne 0 ]
then
echo "command failed with exit status $exitStatus"
echo $result
exit 1
fi
}
function create_user
{
# Check on authorization type
paramString="user create;"
if [[ $authtype = "NATIVE" && -n $userpwd ]]
then
pointParams="set authenticationType=$authtype;"
pointParams="$pointParams set credential.type=PasswordCredential; set credential.password=$userpwd;"
elif [[ $authtype = "LDAP" && -n $principal ]]
then
pointParams="set authenticationType=$authtype; set principal=$principal;"
fi
# These are the required parameters.
paramString="$paramString set type=User; set name=$newjsuser;"
# Fill in optional parameters if there are any.
if [[ -n $firstname ]]
then
paramString="$paramString set firstName=\"$firstname\";"
fi
if [[ -n $lastname ]]
then
paramString="$paramString set lastName=\"$lastname\";"
fi
if [[ -n $emailaddress ]]
then
paramString="$paramString set emailAddress=\"$emailaddress\";"
fi
if [[ -n $homephone ]]
then
paramString="$paramString set homePhoneNumber=\"$homephone\";"
fi
if [[ -n $mobilephone ]]
then
paramString="$paramString set mobilePhoneNumber=\"$mobilephone\";"
fi
if [[ -n $workphone ]]
then
paramString="$paramString set workPhoneNumber=\"$workphone\";"
fi
paramString="$paramString ${pointParams} commit;"
#echo $paramString
echo "Creating user..."
result=$(${SSH_CMD} $paramString)
check_result
#echo $result
echo "New user $newjsuser successfully created"
##### ROLE-3 is Self-Service Role
paramString="authorization create;"
paramString="$paramString set type=Authorization; set role=ROLE-3; set target=$newjsuser; set user=$newjsuser;commit;"
#echo $paramString
result=$(${SSH_CMD} $paramString)
check_result
echo "Assigned Self-Service Role to user $newjsuser"
}
##### Main
##### Main
while getopts "u:d:P:r:f:l:e:o:m:w:h" flag; do
case "$flag" in
u ) username=${OPTARG%:*}
;;
d ) engine=$OPTARG
;;
P ) userpwd=$OPTARG
;;
r ) principal=$OPTARG
;;
f ) firstname=$OPTARG
;;
l ) lastname=$OPTARG
;;
e ) emailaddress=$OPTARG
;;
o ) homephone=$OPTARG
;;
m ) mobilephone=$OPTARG
;;
w ) workphone=$OPTARG
;;
h ) usage
exit
;;
* ) usage
exit 1
esac
done
# Shift the parameters so we only have the positional arguments left
shift $((OPTIND-1))
# Check that there are 2 positional arguments
if [ $# != 2 ]
then
echo "usage1"
usage
exit 1
fi
# Get the two positional arguments
authtype=$1
shift
newjsuser=$1
create_session
create_user