====== Systems - SSH: Manage users ======

===== Introduction =====

[[https://github.com/bcvsolutions/ssh-connector|SSH connector]] is used for communication through SSH protocol. Connector uses CSV files to transfer data between IDM and the connected server. These CSV files must be parsed in scripts specified in the connector configuration. Then the script performs operation required by IDM based on the information provided in CSV. Scripts are stored on the connected server.

===== Schema =====

A required schema attribute is

<code>__NAME__

</code>- java.lang.String. Value of this attribute is used in the scripts as "AccountId".


===== Example CSV files =====

Get operation - example input of the script:
<code>
getUser
AccountId
user1

</code>

Get operation - example output of the script:

<code>AccountId;Name;EmailAddress
"user1";"John Doe";"john.doe@domain.tld"

</code>

Create operation - example input of the script:

<code>createUser
Name;EmailAddress
John Doe;john.doe@domain.tld

</code>

Create operation - example output of the script:

<code>AccountId
user1

</code>

List objects operation - example input of the script:

<code>listObjects
objectType
Users

</code>

List objects operation - example output of the script:

<code>AccountId
user1
user2
user3

</code>

===== Example of bash script for all connector operations =====

The script uses external AWK script for parsing CSV: {{.:csvawk.txt|csvawk.txt}}

<code bash>
#!/bin/bash

# Autor: BCV solutions s.r.o.

#####################################################################################################################################################
# CONFIGURATION                                                                        #
#####################################################################################################################################################
# Awk skript for CSV parsing
AWKCSV="/home/bcv/csvawk.txt"

# Used programs (standard linux distribution)
AWK=/bin/awk

# Log file
LOG_FILE="/home/bcv/ssh_connector.log"
#####################################################################################################################################################

# Log
Log () {
    cat ->> $LOG_FILE
}
# Error
Error() {
    cat - >&2
    [ $# -ge 1 ] && exit $1
}

parseInput() {
    Log <<< "parseInput() BEGIN"
    OIFS=$IFS;
    IFS=\;
    local row=0
    while read input; do
        row=$((row+1))
        Log <<< "row: $row, input: $input"
        if [ ${row} -eq 1 ]; then IDM_Request=$input; fi
        if [ ${row} -eq 2 ]; then CSVH=( $input ); fi
        if [ ${row} -eq 3 ]; then
            IFS=$OIFS
            eval $($AWK -f $AWKCSV <<< ${input})
            break
        fi
    done
    IFS=$OIFS;
    #Basic input validation - header cannot have less columns than values
    if [ ${#CSVV[*]} -gt ${#CSVH[*]} ]; then
        Error 1 <<< "ERROR: Spatny format CSV dat $1."
    fi
    for i in $(seq 0 $((${#CSVH[*]} - 1))); do
        eval "CSV_${CSVH[$i]}=\"${CSVV[$i]}\""
    done

    Log <<< "parseInput() END"
}

# Use operation from IDM
useOperation() {
Log <<< "useOperation() BEGIN"
Log <<< "variable IDM_REQUEST: $IDM_Request"
    case "$IDM_Request" in
        ("listObjects") listUsers ;;
        ("getUser") getUser ;;
        ("createUser") createUser ;;
        ("updateUser") updateUser ;;
        ("deleteUser") deleteUser ;;
        (*) Error 1 <<< "ERROR: Unsupported operation $IDM_Request." ;;
    esac
    Log <<< "useOperation() END"
}

listUsers(){
Log <<< "listUsers() BEGIN"
    echo "AccountId"
    # Add your code here
Log <<< "listUsers() END"
}

getUser() {
Log <<< "getUser() BEGIN"
    if [ "x$CSV_AccountId" != "x" ]; then
        CSV_login=$CSV_AccountId
    elif [ "x$CSV_Name" != "x" ]; then
        CSV_login=$CSV_name
    else
        Error 110 <<< "ERROR: Nebylo zadano accountId ani Name."
    fi
Log <<< "getUser() LOGIN: $CSV_AccountId"
    #echo "AccountId;attrname"
    #echo "${CSV_login};attrvalue
    # Add your code here
Log <<< "getUser() END"
}

createUser() {
Log <<< "createUser() BEGIN"
Log <<< "createUser() LOGIN: $CSV_AccountId"
    # Add your code here
echo $CSV_login
Log <<< "createUser() END"
}

updateUser() {
Log <<< "updateUser() BEGIN"
Log <<< "updateUser() LOGIN: $CSV_AccountId"
    # Add your code here
echo $CSV_AccountId
Log <<< "updateUser() END"
}

deleteUser() {
Log <<< "deleteUser() BEGIN"
Log <<< "deleteUser() LOGIN: $CSV_AccountId"
    # Add your code here
Log <<< "deleteUser() END"
}

Log <<< "======== SCRIPT STARTED ========"
parseInput
useOperation
Log <<< "======== SCRIPT FINISHED ========"

</code>

===== Known issues =====

See the list of known issues in our [[https://redmine.czechidm.com/projects/ssh-connector/issues|tracking system]]