class Chef::EncryptedAttribute::RemoteUsers
Helpers to get remote Chef
Users keys.
@note This class methods require admin privileges.
Public Class Methods
Gets all Chef
users public keys.
@note This method requires admin privileges.
@return [Array<String>] public key list. @api private
# File lib/chef/encrypted_attribute/remote_users.rb, line 105 def self.all_public_keys # Chef::User.list(inflate=true) has a bug (fixed in 11.14.0) # https://tickets.chef.io/browse/CHEF-5328 get_users_public_keys(Chef::User.list.keys) end
Remote users public keys cache.
You can disable it setting it's size to zero:
“`ruby Chef::EncryptedAttribute::RemoteUsers.cache
.max_size(0) “`
@return [CacheLru] Remote users LRU cache.
# File lib/chef/encrypted_attribute/remote_users.rb, line 39 def self.cache @@cache ||= Chef::EncryptedAttribute::CacheLru.new end
Gets some Chef
users public keys.
@note This method requires admin privileges.
@param users [Array<String>, '*'] user list. Use `'*'` to get all users
public keys.
@return [Array<String>] public key list. @raise [ArgumentError] if user list is wrong.
# File lib/chef/encrypted_attribute/remote_users.rb, line 51 def self.get_public_keys(users = []) if users == '*' # users are [a-z0-9\-_]+, cannot be * cache.key?('*') ? cache['*'] : cache['*'] = all_public_keys elsif users.is_a?(Array) get_users_public_keys(users) elsif !users.nil? fail ArgumentError, "#{self.class}##{__method__} users argument must be an array "\ 'or "*".' end end
Reads a Chef
user public key.
@note This method requires admin privileges.
@param name [String] user name. @return [String] user public key as string. @raise [InsufficientPrivileges] if you lack enough privileges to read
the keys from the Chef Server.
@api private
# File lib/chef/encrypted_attribute/remote_users.rb, line 72 def self.get_user_public_key(name) return cache[name] if cache.key?(name) user = Chef::User.load(name) cache[name] = user.public_key rescue Net::HTTPServerException => e case e.response.code when '403' raise InsufficientPrivileges, 'Your node needs admin privileges to be able to work with '\ 'Chef Users.' when '404' then raise UserNotFound, "Chef User not found: \"#{name}\"." else raise e end end
Gets some Chef
users public keys.
@note This method requires admin privileges.
@param users [Array<String>] user list. @return [Array<String>] public key list. @api private
# File lib/chef/encrypted_attribute/remote_users.rb, line 95 def self.get_users_public_keys(users) users.map { |n| get_user_public_key(n) } end