From 1d9d3b4e99ea48e265c4333d0f174983ee936d56 Mon Sep 17 00:00:00 2001
From: DW Talton <dtalton@contractor.linuxfoundation.org>
Date: Tue, 31 Mar 2020 12:31:55 -0700
Subject: [PATCH] Add Nexus3 user capabilities

Add Nexus3 CRUD user capabilities. Also includes password generator
helper.

Issue-ID: RELENG-2701
Signed-off-by: DW Talton <dtalton@contractor.linuxfoundation.org>
Change-Id: I47fbf7939edb883a07b8aa421e776062317d6103
---
 lftools/api/endpoints/nexus3.py | 48 +++++++++++++++++++++++++++++++++++++++++
 lftools/cli/nexus3/user.py      | 25 +++++++++++++++++++++
 lftools/helpers.py              | 20 +++++++++++++++++
 3 files changed, 93 insertions(+)
 create mode 100644 lftools/helpers.py

diff --git a/lftools/api/endpoints/nexus3.py b/lftools/api/endpoints/nexus3.py
index 9d60fc21..bab2c1e3 100644
--- a/lftools/api/endpoints/nexus3.py
+++ b/lftools/api/endpoints/nexus3.py
@@ -16,6 +16,7 @@ import json
 import logging
 
 from lftools import config
+from lftools import helpers
 import lftools.api.client as client
 
 log = logging.getLogger(__name__)
@@ -103,6 +104,40 @@ class Nexus3(client.RestApi):
         else:
             return "Failed to create tag {}".format(name)
 
+    def create_user(self, username, first_name, last_name, email_address, roles, password=None):
+        """Create a new user.
+
+        @param username:
+        @param first_name:
+        @param last_name:
+        @param email:
+        @param status:
+        @param roles:
+        @param password:
+        """
+        list_of_roles = roles.split(",")
+        data = {
+            "userId": username,
+            "firstName": first_name,
+            "lastName": last_name,
+            "emailAddress": email_address,
+            "status": "active",
+            "roles": list_of_roles,
+        }
+
+        if password:
+            data["password"] = password
+        else:
+            data["password"] = helpers.generate_password()
+
+        json_data = json.dumps(data)
+        result = self.post("beta/security/users", data=json_data)[0]
+
+        if result.status_code == 200:
+            return "User {} successfully created with password {}".format(username, data["password"])
+        else:
+            log.error("Failed to create user {}".format(username))
+
     def delete_script(self, name):
         """Delete a script from the server.
 
@@ -127,6 +162,19 @@ class Nexus3(client.RestApi):
         else:
             return "Failed to delete tag {}.".format(name)
 
+    def delete_user(self, username):
+        """Delete a user.
+
+        @param username:
+        """
+        result = self.delete("beta/security/users/{}".format(username))
+
+        if hasattr(result, "status_code"):
+            if result.status_code == 204:
+                return "Successfully deleted user {}".format(username)
+        else:
+            return "Failed to delete user {} with error: {}".format(username, result[1])
+
     def list_assets(self, repository, **kwargs):
         """List the assets of a given repo.
 
diff --git a/lftools/cli/nexus3/user.py b/lftools/cli/nexus3/user.py
index 43aa1e47..fcbee1cd 100644
--- a/lftools/cli/nexus3/user.py
+++ b/lftools/cli/nexus3/user.py
@@ -37,3 +37,28 @@ def search_user(ctx, username):
     r = ctx.obj["nexus3"]
     data = r.list_user(username)
     log.info(tabulate(data, headers=["User ID", "First Name", "Last Name", "Email Address", "Status", "Roles",],))
+
+
+@user.command(name="create")
+@click.argument("username")
+@click.argument("first_name")
+@click.argument("last_name")
+@click.argument("email_address")
+@click.argument("roles")
+@click.argument("password", required=False)
+@click.pass_context
+def user_create(ctx, username, first_name, last_name, email_address, roles, password):
+    """Create a new user account."""
+    r = ctx.obj["nexus3"]
+    data = r.create_user(username, first_name, last_name, email_address, roles, password)
+    log.info(data)
+
+
+@user.command(name="delete")
+@click.argument("username")
+@click.pass_context
+def user_delete(ctx, username):
+    """Delete a user account."""
+    r = ctx.obj["nexus3"]
+    data = r.delete_user(username)
+    log.info(data)
diff --git a/lftools/helpers.py b/lftools/helpers.py
new file mode 100644
index 00000000..be7ff868
--- /dev/null
+++ b/lftools/helpers.py
@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: EPL-1.0
+##############################################################################
+# Copyright (c) 2020 The Linux Foundation and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+##############################################################################
+
+"""Nexus3 REST API interface."""
+
+import random
+import string
+
+
+def generate_password(length=12):
+    punctuation = "!#$%&()*+,-.:;<=>?@[]^_{|}~"
+    password_characters = string.ascii_letters + string.digits + punctuation
+    return "".join(random.choice(password_characters) for _ in range(length))
-- 
2.16.6