Needed write scope
This commit is contained in:
parent
3c5908371b
commit
62e0b2629e
|
@ -38,18 +38,17 @@ echo "$idm_password" | krun kanidm login -D idm_admin
|
||||||
function create_user {
|
function create_user {
|
||||||
username="$1"; shift
|
username="$1"; shift
|
||||||
echo "Creating person (user) '${username}'..."
|
echo "Creating person (user) '${username}'..."
|
||||||
# krun kanidm person delete "$username" --name idm_admin
|
|
||||||
krun kanidm person create "$username" "$username user" --name idm_admin
|
krun kanidm person create "$username" "$username user" --name idm_admin
|
||||||
krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin
|
krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin
|
||||||
|
|
||||||
(
|
(
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
echo "pass"
|
echo "pass"
|
||||||
sleep 0.1
|
sleep 0.2
|
||||||
echo "$FAKE_PASSWORD"
|
echo "$FAKE_PASSWORD"
|
||||||
sleep 0.1
|
sleep 0.2
|
||||||
echo "$FAKE_PASSWORD"
|
echo "$FAKE_PASSWORD"
|
||||||
sleep 0.1
|
sleep 0.2
|
||||||
# echo "totp"
|
# echo "totp"
|
||||||
# sleep 0.1
|
# sleep 0.1
|
||||||
# echo "totpname"
|
# echo "totpname"
|
||||||
|
@ -62,9 +61,9 @@ function create_user {
|
||||||
echo "commit"
|
echo "commit"
|
||||||
sleep 0.1
|
sleep 0.1
|
||||||
echo "y"
|
echo "y"
|
||||||
sleep 0.1
|
# sleep 0.1
|
||||||
echo "end"
|
# echo "end"
|
||||||
) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt
|
) | krun kanidm person credential update "$username" --name idm_admin
|
||||||
}
|
}
|
||||||
|
|
||||||
# setup loose policies for testing
|
# setup loose policies for testing
|
||||||
|
@ -77,16 +76,16 @@ krun kanidm group create "$adm_group" --name idm_admin
|
||||||
|
|
||||||
# create our OAuth 2 application
|
# create our OAuth 2 application
|
||||||
krun kanidm system oauth2 create "$app" "Yourcloud" "http://localhost:3000" --name idm_admin
|
krun kanidm system oauth2 create "$app" "Yourcloud" "http://localhost:3000" --name idm_admin
|
||||||
krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read --name idm_admin
|
krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read write --name idm_admin
|
||||||
|
|
||||||
# TODO: expired/disabled users?
|
# TODO: expired/disabled users?
|
||||||
# for u in alice bob user1 user2 user3; do
|
for u in alice bob user1 user2 user3; do
|
||||||
# create_user "$u"
|
create_user "$u"
|
||||||
# done
|
done
|
||||||
for u in gilfoyle dinesh; do
|
for u in gilfoyle dinesh; do
|
||||||
create_user "$u"
|
create_user "$u"
|
||||||
done
|
done
|
||||||
|
|
||||||
# add users to groups
|
# add users to groups
|
||||||
# krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
|
krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
|
||||||
# krun kanidm group add-members "$adm_group" dinesh --name idm_admin
|
krun kanidm group add-members "$adm_group" dinesh --name idm_admin
|
||||||
|
|
Loading…
Reference in a new issue