Merge branch 'dev' of https://github.com/PhysiciansDataCollaborative/auth into refactor/interface

sdiemert · sdiemert · commit 3f1e90ee0a43 · 2015-06-17T08:58:45.000-07:00
diff --git a/Dockerfile b/Dockerfile
@@ -24,7 +24,7 @@ RUN ( \
       echo "set -e -o nounset"; \
       echo ""; \
       echo ""; \
-      echo "# If jurisdiction folder doesn't exist, then initialize DACS"; \
+      echo "# Prepare DACS"; \
       echo "#"; \
       echo "if [ ! -d \${DACS_STOREDIR}/federations/\${DACS_FEDERATION}/\${DACS_JURISDICTION}/ ]"; \
       echo "then"; \
@@ -34,24 +34,24 @@ RUN ( \
       echo "    cp /app/federations/site.conf \${DACS_STOREDIR}/federations/"; \
       echo "    touch \${DACS_STOREDIR}/federations/\${DACS_FEDERATION}/roles"; \
       echo "    touch \${DACS_STOREDIR}/federations/\${DACS_FEDERATION}/federation_keyfile"; \
-      echo "    dacskey -uj \${DACS_JURISDICTION} -v \${DACS_STOREDIR}/federations/\${DACS_FEDERATION}/federation_keyfile"; \
       echo "  )||("; \
       echo "    ERROR: DACS initialization unsuccessful >&2"; \
       echo "  )"; \
       echo "fi"; \
       echo "chown -R app:app \${DACS_STOREDIR}/"; \
+      echo "/sbin/setuser app dacskey -uj \${DACS_JURISDICTION} -v \${DACS_STOREDIR}/federations/\${DACS_FEDERATION}/federation_keyfile"; \
       echo ""; \
       echo ""; \
       echo "# Start service"; \
       echo "#"; \
-      echo "export BRANCH=\${BRANCH_AUTH}"; \
       echo "export CONTROLPORT=\${PORT_AUTH_C}"; \
       echo "export MAINPORT=\${PORT_AUTH_M}"; \
+      echo "export DACS=\${DACS_STOREDIR}"; \
       echo "export FEDERATION=\${DACS_FEDERATION}"; \
       echo "export JURISDICTION=\${DACS_JURISDICTION}"; \
       echo "export ROLEFILE=\${DACS_ROLEFILE}"; \
+      echo "export KEYFILE=\${DACS_KEYFILE}"; \
       echo "export SECRET=\${NODE_SECRET}"; \
-      echo "export DACS=\${DACS_STOREDIR}"; \
       echo "#"; \
       echo "cd /app/"; \
       echo "/sbin/setuser app npm start"; \
diff --git a/auth.sh b/auth.sh
diff --git a/dacs_add.sh b/dacs_add.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+#
+# Exit on errors or unitialized variables
+#
+set -o nounset
+
+
+# Expected input
+#
+# $0 this script
+# $1 Endpoint number
+# $2 Clinician number
+# $3 Visualizer login name [optional]
+# $4 Jurisdiction [optional]
+# $5 Password [optional]
+
+
+# Check parameters
+#
+if([ $# -lt 3 ] || [ $# -gt 6 ])
+then
+	echo ""
+	echo "Unexpected number of parameters."
+	echo ""
+	echo "Usage: dacs_add.sh [userName] [userRole] [doctorID] [clinicID] [optional:jurisdiction] [optional:password]"
+	echo ""
+	exit
+fi
+
+
+# Set variables from parameters, prompt when password not provided
+#
+export U_NAME=${1}
+export U_ROLE=${2}
+export DOCTOR=${3}
+export CLINIC=${4}
+export JURISDICTION=${5:-TEST}
+#
+if [ $# -eq  5 ]
+then
+	echo "Please provide a password for user "${U_NAME}":"
+	read -s PASSWORD
+	echo ""
+else
+	PASSWORD=${6}
+fi
+
+
+# Add user to DACS
+#
+if( dacspasswd -uj ${JURISDICTION} -l | grep ${U_NAME})
+then
+	echo "Existing DACS user replaced"
+	/usr/bin/dacspasswd -uj ${JURISDICTION} -d ${U_NAME}
+fi
+/usr/bin/dacspasswd -uj ${JURISDICTION} -p ${PASSWORD} -a ${U_NAME}
+
+
+# Add user to DACS_ROLEFILE, notify if overwriting
+#
+if ( cat ${DACS_ROLEFILE} | grep -io ^${U_NAME}: )
+then
+	echo "Existing user role replaced"
+	sed -i /${U_NAME}:/d ${DACS_ROLEFILE}
+fi
+echo ${U_NAME}:admin | tee -a ${DACS_ROLEFILE}
+
+
+# Set private data
+#
+( dacspasswd -uj ${JURISDICTION} -pds '{ "clinician" : "'${DOCTOR}'", "clinic" : "'${CLINIC}'" }' ${U_NAME} )|| \
+	echo "ERROR: Failed to add private data."
diff --git a/dacs_remove.sh b/dacs_remove.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+# Exit on errors or unitialized variables
+#
+set -e -o nounset
+
+
+# Expected input
+#
+# $0 this script
+# $1 Endpoint number
+# $2 Jurisdiction [optional]
+
+
+# Check parameters
+#
+if([ $# -eq 0 ]||[ $# -gt 2 ])
+then
+	echo ""
+	echo "Unexpected number of parameters."
+	echo ""
+	echo "Usage: dacs_remove.sh [userName] [optional:jurisdiction]"
+	echo ""
+	exit
+fi
+
+
+# Set variables from parameters
+#
+export U_NAME=${1}
+export JURISDICTION=${2:-$DACS_JURISDICTION}
+
+
+# Remove user from DACS
+#
+( /usr/bin/dacspasswd -uj ${JURISDICTION} -d ${U_NAME} )|| \
+  echo "ERROR: Failed on Auth remove."
+
+
+# Remove user from DACS_ROLEFILE
+#
+if ( cat ${DACS_ROLEFILE} | grep -io ^${U_NAME}: )
+then
+	sed -i /${U_NAME}:/d ${DACS_ROLEFILE}
+else
+  echo "ERROR: Not found in ROLEFILE"
+fi
