Needed write scope
All checks were successful
/ formatting-nix (push) Successful in 4s
/ build (push) Successful in 3m40s
/ test (push) Successful in 1m50s
/ formatting-rust (push) Successful in 5s
/ lint (push) Successful in 1m3s

This commit is contained in:
Daniel Flanagan 2024-08-08 16:25:24 -05:00
parent 3c5908371b
commit 62e0b2629e

View file

@ -38,18 +38,17 @@ echo "$idm_password" | krun kanidm login -D idm_admin
function create_user { function create_user {
username="$1"; shift username="$1"; shift
echo "Creating person (user) '${username}'..." echo "Creating person (user) '${username}'..."
# krun kanidm person delete "$username" --name idm_admin
krun kanidm person create "$username" "$username user" --name idm_admin krun kanidm person create "$username" "$username user" --name idm_admin
krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin
( (
sleep 0.1 sleep 0.1
echo "pass" echo "pass"
sleep 0.1 sleep 0.2
echo "$FAKE_PASSWORD" echo "$FAKE_PASSWORD"
sleep 0.1 sleep 0.2
echo "$FAKE_PASSWORD" echo "$FAKE_PASSWORD"
sleep 0.1 sleep 0.2
# echo "totp" # echo "totp"
# sleep 0.1 # sleep 0.1
# echo "totpname" # echo "totpname"
@ -62,9 +61,9 @@ function create_user {
echo "commit" echo "commit"
sleep 0.1 sleep 0.1
echo "y" echo "y"
sleep 0.1 # sleep 0.1
echo "end" # echo "end"
) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt ) | krun kanidm person credential update "$username" --name idm_admin
} }
# setup loose policies for testing # setup loose policies for testing
@ -77,16 +76,16 @@ krun kanidm group create "$adm_group" --name idm_admin
# create our OAuth 2 application # create our OAuth 2 application
krun kanidm system oauth2 create "$app" "Yourcloud" "http://localhost:3000" --name idm_admin krun kanidm system oauth2 create "$app" "Yourcloud" "http://localhost:3000" --name idm_admin
krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read --name idm_admin krun kanidm system oauth2 update-scope-map "$app" "$adm_group" admin openid email read write --name idm_admin
# TODO: expired/disabled users? # TODO: expired/disabled users?
# for u in alice bob user1 user2 user3; do for u in alice bob user1 user2 user3; do
# create_user "$u" create_user "$u"
# done done
for u in gilfoyle dinesh; do for u in gilfoyle dinesh; do
create_user "$u" create_user "$u"
done done
# add users to groups # add users to groups
# krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
# krun kanidm group add-members "$adm_group" dinesh --name idm_admin krun kanidm group add-members "$adm_group" dinesh --name idm_admin