class Ucert::JpmAccessTracker

Class to handle Jpm for BE user account IDs

Attributes

file_jpm_user_map[RW]

Class constant variables

jpm_2_ad_user[R]
jpm_user_entitlement[R]
jpm_user_group_entitlement[R]
jpm_user_group_entitlement_report[RW]

Class constant variables

jpm_user_status_report[RW]

Class constant variables

verbose[RW]

Class constant variables

Public Class Methods

new(params ={}) click to toggle source

Instance default variables

# File lib/ucert/jpm_access_tracker.rb, line 19
def initialize (params ={})
  @verbose=params.fetch(:verbose, false)
  # JPM Access user entitlement report generation: Logon to Jpm for BE sites www.jpmorganaccess.com
  # Once logon, click "Administration" -> "Reports", select "Entitlements Report" -> "Custom"
  # In the Customization window,  select "Summary + Details" for "Report Layout" field, "Pipe Delimited" for "Output" field
  # under "Report Criteria" sub-menu, choose "All Users" for the "Select Users/Groups" field
  # under "Additional Criteria" sub-menu, check both "Active" and "Inactive" for "User Status"; select "All Products" for "Products" field, "All Functions" for "Functions" field , "All Accounts" for "Accounts / Account Groups" field
  # Press "Run" button to generate the report
  @jpm_user_entitlement_report = File.dirname(__FILE__)+"/../../data/jpm_access/jpm_user_entitlements_details.txt"
              # Select "User Group" instead of "User"; following the rest instrctions above to generate User Group entitlement report.
              # Note: As of 01/05/2015 the Group function is not utilized in the CMBNY account. So we have a stud here for furture implementation only.
              @jpm_user_group_entitlement_report = File.dirname(__FILE__)+"/../../data/jpm_access/jpm_user_entitlements_details.txt"
  # JPM Access to AD user map file
  @file_jpm_user_map =  File.dirname(__FILE__)+"/../../data/jpm_access/jpm_access_user_map.txt"
              # Load user map from the local cacsh file
              @jpm_2_ad_user=load_known_user_map_from_file(@file_jpm_user_map)
              # Load the user entitlement instance variable from the user report
              @jpm_user_entitlement=parse_jpm_user_entitlement_report(@jpm_user_entitlement_report)
              # Load the user group entitlement instance variable from the user group report
              @jpm_user_group_entitlement=parse_jpm_user_group_entitlement_report(@jpm_user_group_entitlement_report)
              # Procedure to add DN foreign key to the @jpm_user_entitlement, by performing the AD search
              insert_dn
              # Save the user map to local cache file
              save!
      end

Public Instance Methods

dn_2_index(dn) click to toggle source

Retrieve the user index from the @jpm_user_entitlement data structure

# File lib/ucert/jpm_access_tracker.rb, line 100
def dn_2_index (dn)
                begin
(1..@jpm_user_entitlement.count).map do |index|
  return index if @jpm_user_entitlement[index]["DN"]==dn
end
                rescue => ee
                        puts "Exception on method #{__method__}: #{ee}"
                end
end
jpm_search_by_dn(dn) click to toggle source

Search user entitlement record by AD DN

# File lib/ucert/jpm_access_tracker.rb, line 190
    def jpm_search_by_dn (dn)
            begin
  puts "Perform search on the user entitlement records by AD DN: #{dn}" if @verbose
  @jpm_user_entitlement.each do |key, val|
      return val if @jpm_user_entitlement[key]['DN'].eql? dn
  end
                    return nil
rescue => ee
  puts "Exception on method #{__method__}: #{ee}"
end
    end
Also aliased as: search_by_dn
print_user()
save!(file=@file_jpm_user_map)
Alias for: save_jpm_user_map!
search_by_dn(dn)
Alias for: jpm_search_by_dn

Private Instance Methods

insert_dn() click to toggle source

Procedures to add additonal field 'dn' into the @jpm_user_entitlement data structure, by person the AD search

# File lib/ucert/jpm_access_tracker.rb, line 111
def insert_dn
                begin
                        tracker = Ucert::AdTracker.new(:verbose=>false)
                         @jpm_user_entitlement.each do |index, record|
                                puts "\n\nPerform DN lookup for record: #{record}" if @verbose
                                key1 = record['Email'] if record['Email']
                                key2 = record['User ID'] if record['User ID']
                                key3 = record['User First Name'] + record['User Last Name'] if record['User First Name'] and record['User Last Name']
                                key4 = record['Employee ID'] if record['Employee ID']
                                my_key = record['User ID'].upcase
                                puts "Perform 1st order search from the local cache: #{my_key}" if @verbose
                                if @jpm_2_ad_user.key?(my_key)
                                        dn=@jpm_2_ad_user[my_key]
                                        # additional logic to update the existing DN record
                                        unless tracker.ad_person_records.key?(dn)
                                                dn = update_dn(tracker,dn)
                                        end
                                        puts "Found in the local cache file: #{dn}" if @verbose
                                else
                                        if dn.nil? and !key1.nil?
                                                puts "Perform 2nd order search only if the 1st one fail, by using: #{key1}" if @verbose
                                                dn = tracker.ad_search_by_text(key1, "person")
                                        end
                                        if dn.nil? and !key2.nil?
                                                puts "Perform 3rd order search only if the last fail, by using: #{key2}" if @verbose
                                                dn = tracker.ad_search_by_text(key2, "person")
                                        end
                                        if dn.nil? and !key3.nil?
                                                puts "Perform 4th order search only if the last fail, by using: #{key3}" if @verbose
                                                dn = tracker.ad_search_by_text(key3, "person")
                                        end
                                        if dn.nil? and !key4.nil?
                                                puts "Perform 5th order search only if the last fail, by using: #{key4}" if @verbose
                                                dn = tracker.ad_search_by_text(key4, "person")
                                        end
                                end
                                @jpm_user_entitlement[index]['DN'] = dn
                        end
                        tracker=nil
                rescue => ee
                        puts "Exception on method #{__method__}: #{ee}"
                end
end
parse_jpm_user_entitlement_report(file) click to toggle source

Parsing the Jpm Access user entitlement report in text format

# File lib/ucert/jpm_access_tracker.rb, line 46
  def parse_jpm_user_entitlement_report (file)
begin
                          puts "Parse the user entitlement detail report: #{file}" if @verbose
  jpm_user_entitlement=Hash.new
  user_index=1
                          line_cnt=0
  doc = File.open(file,'r')
                          header=Array.new
  doc.each_line do |line|
                                  line_cnt+=1
                                  if line_cnt==1
                                          header=line.chomp.split('|')
                                          puts "JPM Access User Entitlement Header:\n #{header}" if @verbose
                                          next                                              # skip the header line
                                  end
                                  record=line.chomp.split('|')
                                  #puts "Processing record:\n #{header}\n\n#{record}" if @verbose
    #user_index+=1
    record_h=Hash[header.zip(record)[0..26]]
                                  right_h=Hash[header.zip(record)[27..80]]
                                  puts "Adding JPM Entitlement Record: #{record_h}" if @verbose
    if jpm_user_entitlement.key?(user_index)
                                          puts "Checking record User_ID field match: #{jpm_user_entitlement[user_index]['User ID']}, #{record_h['User ID']}" if @verbose
                                          if jpm_user_entitlement[user_index]["User ID"] == record_h["User ID"]
                                                  jpm_user_entitlement[user_index]["Rights"].push(right_h)
                                          else
                                                  user_index+=1
                                                  jpm_user_entitlement[user_index]=record_h
                                                  jpm_user_entitlement[user_index]["Rights"]=[right_h]
                                                  puts "Processing user record number: #{user_index}" if @verbose
                                          end
                                  else
                                          jpm_user_entitlement[user_index]=Hash.new
                                          jpm_user_entitlement[user_index]=record_h
                                          jpm_user_entitlement[user_index]["Rights"]=[right_h]
                                  end
  end
  doc=nil
  return jpm_user_entitlement
rescue => ee
                          puts "Exception on method #{__method__}: #{ee}"
                  end
  end
parse_jpm_user_group_entitlement_report(file) click to toggle source

Parsing the Jpm Access user group entitlement report in text format - TBD as currently this feature is not in use

# File lib/ucert/jpm_access_tracker.rb, line 91
  def parse_jpm_user_group_entitlement_report (file)
begin

rescue => ee
                          puts "Exception on method #{__method__}: #{ee}"
                  end
  end
print_user_entitlement() click to toggle source

Print out the user entitlement table in plain text, to be imported into database

Also aliased as: print_user
save_jpm_user_map!(file=@file_jpm_user_map) click to toggle source

Save the Prime to AD user mapping relation into the cache file

# File lib/ucert/jpm_access_tracker.rb, line 170
def save_jpm_user_map!(file=@file_jpm_user_map)
        puts "Saving the known Prime to AD user mapping relationship to file: #{file} ..." if @verbose
        begin
                timestamp=Time.now
                f=File.open(file, 'w')
                f.write "# local Jpm for Securitites to AD user map file created by the #{self.class} class #{__method__} method at: #{timestamp}"
                @jpm_user_entitlement.values.map do |record|
                        key = record['User ID'].upcase
                        value = record['DN']
                        f.write "\n#{key}|#{value}"
                end
                f.close
                puts "Jpm Securitites to AD user map file is successfully saved to: #{file}" if @verbose
        rescue => ee
                puts "Exception on method #{__method__}: #{ee}" if @verbose
        end
end
Also aliased as: save!