Skip to content

Commit 56be6a8

Browse files
robertpatrickrobertpatrick
authored
Merge pull request #1035 from oracle/Issue-492-user-dynamic-attributes
add user attributes to security user in model
2 parents 59cb390 + 94d34fc commit 56be6a8

File tree

5 files changed

+71
-9
lines changed

5 files changed

+71
-9
lines changed

core/src/main/python/wlsdeploy/aliases/model_constants.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -298,6 +298,7 @@
298298
UNIX_MACHINE_ATTRIBUTE = 'PostBindGID'
299299
UPDATE_MODE = 'UpdateMode'
300300
USER = 'User'
301+
USER_ATTRIBUTES = 'UserAttribute'
301302
VIRTUAL_TARGET = 'VirtualTarget'
302303
VIRTUAL_USER_AUTHENTICATOR = 'VirtualUserAuthenticator'
303304
WATCH = 'Watch'

core/src/main/python/wlsdeploy/tool/util/default_authenticator_helper.py

Lines changed: 25 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
"""
2-
Copyright (c) 2021, Oracle Corporation and/or its affiliates.
2+
Copyright (c) 2021, 2022, Oracle Corporation and/or its affiliates.
33
Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
44
"""
55
import com.octetstring.vde.util.PasswordEncryptor as PasswordEncryptor
@@ -15,6 +15,7 @@
1515
from wlsdeploy.aliases.model_constants import GROUP_MEMBER_OF
1616
from wlsdeploy.aliases.model_constants import PASSWORD
1717
from wlsdeploy.aliases.model_constants import USER
18+
from wlsdeploy.aliases.model_constants import USER_ATTRIBUTES
1819
from wlsdeploy.exception import exception_helper
1920
from wlsdeploy.logging.platform_logger import PlatformLogger
2021
from wlsdeploy.tool.util.targets import file_template_helper
@@ -33,6 +34,8 @@
3334
HASH_GROUPS = 'groups'
3435
HASH_GROUP = 'groupMemberOf'
3536
HASH_USER_PASSWORD = 'password'
37+
HASH_ATTRIBUTES = 'userattr'
38+
HASH_ATTRIBUTE = 'attribute'
3639

3740

3841
class DefaultAuthenticatorHelper(object):
@@ -121,6 +124,23 @@ def _build_group_mapping_hash(self, group_mapping_section, name):
121124

122125
return hash_entry
123126

127+
def _user_attributes(self, user_mapping_section, user_attributes):
128+
"""
129+
Build a template hash map from the user attributes found under the
130+
user attribute folder in the model.
131+
:param user_mapping_section: The security user section from the model
132+
:param name: user_attributes model section
133+
:return: template
134+
"""
135+
hash_entry = list()
136+
if len(user_attributes) == 0:
137+
return
138+
139+
for attribute in user_attributes:
140+
hash_entry.append({HASH_ATTRIBUTE: attribute + ': ' + user_attributes[attribute]})
141+
142+
return hash_entry
143+
124144
def _build_user_mapping_hash(self, user_mapping_section, name):
125145
"""
126146
Build a template hash map from the security user data from the model.
@@ -148,7 +168,10 @@ def _build_user_mapping_hash(self, user_mapping_section, name):
148168
hash_entry[HASH_GROUPS] = group_mappings
149169
else:
150170
hash_entry[HASH_GROUPS] = group_list
151-
171+
attribute_folder = dictionary_utils.get_element(group_attributes, USER_ATTRIBUTES)
172+
dict_hash = self._user_attributes(user_mapping_section, attribute_folder)
173+
if len(dict_hash) > 0:
174+
hash_entry[HASH_ATTRIBUTES] = dict_hash
152175
return hash_entry
153176

154177
def _encode_password(self, user, password):

core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/Security.json

Lines changed: 39 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"copyright": "Copyright (c) 2017, 2020, Oracle Corporation and/or its affiliates. All rights reserved.",
2+
"copyright": "Copyright (c) 2017, 2022, Oracle Corporation and/or its affiliates. All rights reserved.",
33
"license": "Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl",
44
"wlst_type": "Security",
55
"default_name_value": "%DOMAIN%",
@@ -21,13 +21,45 @@
2121
"User": {
2222
"wlst_type": "User",
2323
"child_folders_type": "multiple",
24-
"folders": { },
24+
"folders": {
25+
"UserAttribute": {
26+
"wlst_type": "UserAttribute",
27+
"default_name_value": "${NO_NAME_0:%USER%}",
28+
"folders": {},
29+
"attributes": {
30+
"c": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "c", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
31+
"departmentnumber": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "departmentnumber", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
32+
"displayname": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "displayname", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
33+
"employeenumber": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "employeenumber", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
34+
"employeetype": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "employeetype", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
35+
"facsimiletelephonenumber": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "facsimiletelephonenumber", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
36+
"givenname": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "givenname", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
37+
"homephone": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "homephone", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
38+
"homepostaladdress": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "homepostaladdress", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
39+
"l": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "l", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
40+
"mail": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "mail", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
41+
"mobile": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "mobile", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
42+
"pager": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "pager", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
43+
"postaladdress": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "postaladdress", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
44+
"postofficebox": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "postofficebox", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
45+
"preferredlanguage": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "preferredlanguage", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
46+
"st": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "st", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
47+
"street": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "street", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
48+
"telephonenumber": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "telephonenumber", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
49+
"title": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "title", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ]
50+
},
51+
"wlst_attributes_path": "WP001",
52+
"wlst_paths": {
53+
"WP001": "/Security/%SECURITY%/User/%USER%/UserAttribute/%USERATTRIBUTE%"
54+
}
55+
}
56+
},
2557
"attributes": {
26-
"Description": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Description", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
27-
"GroupMemberOf": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "GroupMemberOf", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "delimited_string", "get_method": "NONE" } ],
28-
"IsDefaultAdmin": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "IsDefaultAdmin", "wlst_path": "WP001", "value": {"default": false }, "wlst_type": "boolean", "get_method": "NONE" } ],
29-
"Name": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Name", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
30-
"Password": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Password", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "password", "get_method": "NONE" } ]
58+
"Description": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Description", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
59+
"GroupMemberOf": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "GroupMemberOf", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "delimited_string", "get_method": "NONE" } ],
60+
"IsDefaultAdmin": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "IsDefaultAdmin", "wlst_path": "WP001", "value": {"default": false }, "wlst_type": "boolean", "get_method": "NONE" } ],
61+
"Name": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Name", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "string", "get_method": "NONE" } ],
62+
"Password": [ {"version": "[10,)", "wlst_mode": "offline", "wlst_name": "Password", "wlst_path": "WP001", "value": {"default": "None" }, "wlst_type": "password", "get_method": "NONE" } ]
3163
},
3264
"wlst_attributes_path": "WP001",
3365
"wlst_paths": {

core/src/main/resources/oracle/weblogic/deploy/security/DefaultAuthenticatorInit.ldift

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,4 +27,7 @@ objectclass: wlsUser
2727
{{#groups}}
2828
wlsMemberOf: cn={{{groupMemberOf}}},ou=groups,ou=@realm@,dc=@domain@
2929
{{/groups}}
30+
{{#userattr}}
31+
{{{attribute}}}
32+
{{/userattr}}
3033
{{/user}}

documentation/2.0/content/samples/usersgroups-model.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ The model allows for the definition of a set of users and groups that will be lo
3939

4040
The user password can be specified with a placeholder or encrypted with the [Encrypt Tool]({{< relref "/userguide/tools/encrypt.md" >}}). An example `Security` section that adds an additional group `AppMonitors`, adds two new users and places the users into groups is as follows:
4141

42+
You can add user attributes that are defined for the DefaultAuthenticator. This is a limited set of attributes that go under a separate folder `UserAttribute` in the model under the `User` section.
4243
```yaml
4344
topology:
4445
Security:
@@ -52,6 +53,8 @@ topology:
5253
joe:
5354
Password: welcome1
5455
GroupMemberOf: [ AppMonitors ]
56+
UserAttribute:
57+
mail: [email protected]
5558
```
5659

5760
#### Known limitations

0 commit comments

Comments
 (0)