============= Configuration ============= All settings directives are done by yaml files. This is where you specify which process Excalibur should call, which way it should do it, depending on who asks it. sources.yml =========== WARNING : 'all' and ',' are reserved in the Excalibur syntax, don't use them as sources names. Api configuration by sources. Each source can have an apikey entry, which will be matched against the apikey carried by the request. Multiple apikeys can be registered by setting the value of this entry to a list. The ip entry works the same way, and is used to determine which ips are authorized. A single request can target one or many sources. When building the request, to target multiple establishments you should use "," as separator, in the following example it would thus be source="uds,ensas". You can also set the source to "all" in the request, in which case the PluginRunner will return all the sources where your credentials are found. The parameters with which each plugin is to be executed depending on the user requiring it are registered here. Example : :: uds: apikey: S3CR3T ip: - 127.0.0.1 - X.X.X.X plugins: Ldap: - url: ldaps://ldap1.domaine.fr:636 binddn: S3CR3T password: S3CR3T basedn: ou=users password method: [userPassword, sambaLMPassword, sambaNTPassword] login attribute: uid - url: ldaps://ldap2.domaine.fr:636 binddn: S3CR3T password: S3CR3T basedn: ou=users password method: [unicodePwd] login attribute: sAMAccountName Kerberos: - spn: S3CR3T keytabfile: "file.keytab" kinit_command: "/usr/bin/kinit" kadmin_command: "/usr/sbin/kadmin" Process: - path: /path/script_webmail.sh user_deactivate_parameters: [login, ] Ldapuds: - spore: http://ldapws.domaine.fr/description.json token: S3CR3T Aduds: - spore: http://aduds.domaine.fr/description.json token: S3CR3T deactivation_code: 66050 delete_info: delete ensas: ... A further level can be set in order to manage sources by projects. Example : :: project1: source1: ... source2: ... project2: source1: ... ressources.yml ============== Methods and arguments descriptions by sources. The registered keys found under the "arguments" entry are the the request arguments for which validations will be made. If you want a validation to be optional, i.e to be runned only if the the argument is present, you can set optional to true at the same level than the check. Example : :: user: setpassword: request method: GET arguments: login: checks: min_length: 2 max_length: 50 password: checks: min_length: 8 max_length: 50 encoding: base64 first_name: checks: min_length: 8 max_length: 50 optional:true ... acl.yml ======= List of allowed methods by sources. This module is used by the PluginRunner for validation purposes. On receiving the request it ensures that the plugins it targets contain the methods that are going to be called by the request. Example : :: uds: user: - setpassword - deactivate - archive ensas: user: - setpassword A further level can be specified to manage sources by project. Example : :: project1: source1: actions: - action1 - action2 source2: actions: - action1 project2: source1: actions: - action1 - action2 plugins module ============== A private module dedicated to plugins must be present in your app. It should conform to the following format : :: plugins Plugin1.py Plugin2.py Plugin3.py Each plugin class must be contained in an homonymous .py. This class must contain all the methods that the yml description files describe as available. Those methods signatures should at least be able to take as arguments "parameters" and "arguments", their return type is up to you. Example : :: class Plugin1(object) : def user_deactivate(self, parameters, arguments): ... return data def user_archive(self, parameters, arguments): ... return data def user_setpassword(self, parameters, arguments): ... return data In a Django project =================== In your django project's settings.py, the yaml file paths and the plugins module's name should be specified, for instance : :: from os.path import abspath, basename, dirname, join, normpath SETTINGS_ROOT = dirname(abspath(__file__)) EXCALIBUR_SOURCES_FILE = join(SETTINGS_ROOT, "sources.yml") EXCALIBUR_RESSOURCES_FILE = join(SETTINGS_ROOT, "ressources.yml") EXCALIBUR_ACL_FILE = join(SETTINGS_ROOT, "acl.yml") EXCALIBUR_PLUGINS_MODULE = "yourproject.yourapp.plugins"