1. Home
  2. Categories
  3. Support
  4. Manipulate users using pgutil

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

Manipulate users using pgutil

  • steviecoaster

    Are there plans to include the ability to work with user accounts via pgutil? For my use case I would like to be able to programmatically create a user account and assign it a read-only role to a specific feed such that I can configure and consume packages from the restricted feed on an endpoint. Currently there is not a way programmatically (at least that I can get to work) to do this sort of thing programmatically via PowerShell.

    I've another thread on the forums which I was pulling on the HTTP api thread, but that led to a dead end as I can't craft appropriate JSON that the endpoint accepts, not for lack of trying haha.

    0 atripp 1 Reply
  • atripp
    inedo-engineer

    Hi @steviecoaster ,

    The "Security API" has been on our mind for years, but I'm not sure if any of our paid users have expressed interested in it; I suspect it's because they are using AD/LDAP, so there's no need to automate users this?

    AD/LDAP is one of the reasons that users purchase ProGet, so there's obviously a concern of creating an easily-scriptable alternative.. as I'm sure you can understand!

    The Native API should definitely work, since it's just a wrapper on Stored Procs.. and the UI uses those same Stored Procs to do it's thing. However, it definitely requires some studying (likely looking at the sproc code) and may requires a few calls to learn the internal IDs.

    I recently wrote a very simple "script" to call a Native API in our Otter product, and I guess it's not even using JSON:

    Invoke-WebRequest -Method Post -Uri "http://otter.localhost/api/json/Rafts_CreateOrUpdateRaftItem" -Body @{
    API_Key = "abc123"
    Raft_Id = 1
    RaftItemType_Code = 4
    RaftItem_Name = "mypath/myscript.ps1"
    ModifiedOn_Date = Get-Date
    ModifiedBy_User_Name = "API"
    Content_Bytes = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("'hello world'"))
}

    Seemed to work fine, so maybe use that Pattern?

    Otherwise, I'm aware of one customer that sets up lots of instances in an edge network, but they just wrote a SQL Script to provision a lot of other settings. Even if we had an API, that was easier for them. So perhaps that's an option as well...

    0
  • steviecoaster

    My end goal is to either replace Sonatype Nexus with Inedo ProGet or at least allow the choice of repository solution included with one of our canned Environments that we offer customers here at Chocolatey.

    Right now we are able to fully provision a Sonatype Nexus server via the API so that the server has

    1. The necessary repositories created
    2. The necessary scripts/packages stored
    3. Security configured on the repositories.

    Today I can get ~80% of the way there with Inedo, but until I can lock it down I can't start the work of baking it into our stuff. ProGet is the only repository in our testing that plays very very well with Chocolatey (thanks for that, btw), but without being able to natively do the security bits I'm afraid I can't move forward.

    I hear you with the AD thing, but I can't guarantee AD will be available in all the environments we deploy too.

    Our goal is to give them a turn-key "thing" they can be up and running with in under an hour and if they need to change things after the fact, they can work with our Support team to make those adjustments. Has worked out fairly well so far!

    0 atripp 1 Reply
  • atripp
    inedo-engineer

    hi @steviecoaster ,

    Thanks for explaining; this is something we will consider on our roadmap planning, but it's currently a "free user" request which is difficult to prioritize with so many other requests from paid users.

    HOWEVER, if we had a tech/marketing partnership that would allow us to prioritize this differently. That's above my paygrade, but I can definitely make a strong case internally... is that something you would want to pursue? I suspect It'd end up with our CEO's chatting and figuring something out heh.

    In the mean time, the Native API willdefinitely work to automate everything you're trying to do. You can also just do some basic sql commands to insert stuff in the database, which would be easier.

    Alana

    0
  • steviecoaster

    @atripp said in Manipulate users using pgutil:

    tech/marketing partnership

    That is above my pay grade as well to iron out he specifics but it is in my wheelhouse to push for it internally :)

    1 atripp 1 Reply
  • atripp
    inedo-engineer

    @steviecoaster great, hopefully we'll get somethig figured out :)

    0
  • steviecoaster

    I'VE DONE IT!!! What a wild ride. I ended up using the Stored Procedures for things. Going that route did the trick nicely. Though I did have to spend the weekend learning SQL to understand exactly what the hell is going on inside of Stored Procedures haha.

    But, I've now got the code I need to go from 0 to a deployed ProGet instance programmatically. Still a bit of polishing left to do, and a whole heck of a lot of testing but I am super excited about this! Thank you very much for the Stored Procedure hint!!! I very much appreciate it.

    1 atripp 1 Reply
  • atripp
    inedo-engineer

    @steviecoaster great news, glad you got it all working 😁

    1
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation