cfengine, json and quotes
12 views
Skip to first unread message
Berthold Cogel
Jul 28, 2020, 8:08:41 AM7/28/20
to help-cfengine
Hello,
I'm struggeling with the usage of quotes in JSON.
I want to generate ACLs for OpenLDAP from JSON Files with a mustache
template. So far, everything seemed to work.
{
"access": [
{
"comment": [ "any comment", "with second line"],
"object": "dn.subtree='ou=People,dc=example,dc=com'",
"attrs": "entry,objectclass,uid,cn",
"acl": [ "peername.ip=xxx.yyy.zzz.sss%255.255.255.128 break",
"peername.ip=aaa.bbb.ccc.ttt%255.255.255.128 break" ]
},
{
"comment": [ "next entry", "" ],
"object": "dn.subtree='ou=People,dc=example,dc=com'",
"attrs": "entry,objectclass,uid,cn",
"acl": [
"dn.regex='^cn=([^,]+),ou=AuthConsumer,dc=example,dc=com$' read",
"* break" ]
}
]
}
Reading the data...
"acl_data" data => '{"access": []}';
acl_data" data => data_expand(
readjson("$(constants.conf_dir)/$(this.bundle)/json_data/$(ldap_acl_json)")
),
if =>
fileexists("$(constants.conf_dir)/$(this.bundle)/json_data/$(ldap_acl_json)");
and expanding the mustache works fine.
# any comment
# with second line
access to dn.subtree='ou=ou=People,dc=example,dc=com'
attrs=entry,objectclass,uid,cn
by peername.ip=xxx.yyy.zzz.sss%255.255.255.128 break
by peername.ip=aaa.bbb.ccc.ttt%255.255.255.128 break
# next entry
#
access to dn.subtree='ou=ou=People,dc=example,dc=com'
attrs=entry,objectclass,uid,cn
by dn.regex='^cn=([^,]+),ou=AuthConsumer,dc=example,dc=com$' read
by * break
But this doesn't work with slapd. I have to use double quotes within the
value of an JSON attribute because the slapd accepts only these.
Using something like
"object": "dn.subtree=\"ou=People,dc=example,dc=com\"",
produces
dn.subtree="ou=People,dc=example,dc=com"
Even using double or triple '\' doesn't give anything of use.
Of course I can change JSON and mustache to avoid the quotes within
values, but I like to understand, how to handle this problem the
cfengine way.
Regards
Berthold Cogel
I'm struggeling with the usage of quotes in JSON.
I want to generate ACLs for OpenLDAP from JSON Files with a mustache
template. So far, everything seemed to work.
{
"access": [
{
"comment": [ "any comment", "with second line"],
"object": "dn.subtree='ou=People,dc=example,dc=com'",
"attrs": "entry,objectclass,uid,cn",
"acl": [ "peername.ip=xxx.yyy.zzz.sss%255.255.255.128 break",
"peername.ip=aaa.bbb.ccc.ttt%255.255.255.128 break" ]
},
{
"comment": [ "next entry", "" ],
"object": "dn.subtree='ou=People,dc=example,dc=com'",
"attrs": "entry,objectclass,uid,cn",
"acl": [
"dn.regex='^cn=([^,]+),ou=AuthConsumer,dc=example,dc=com$' read",
"* break" ]
}
]
}
Reading the data...
"acl_data" data => '{"access": []}';
acl_data" data => data_expand(
readjson("$(constants.conf_dir)/$(this.bundle)/json_data/$(ldap_acl_json)")
),
if =>
fileexists("$(constants.conf_dir)/$(this.bundle)/json_data/$(ldap_acl_json)");
and expanding the mustache works fine.
# any comment
# with second line
access to dn.subtree='ou=ou=People,dc=example,dc=com'
attrs=entry,objectclass,uid,cn
by peername.ip=xxx.yyy.zzz.sss%255.255.255.128 break
by peername.ip=aaa.bbb.ccc.ttt%255.255.255.128 break
# next entry
#
access to dn.subtree='ou=ou=People,dc=example,dc=com'
attrs=entry,objectclass,uid,cn
by dn.regex='^cn=([^,]+),ou=AuthConsumer,dc=example,dc=com$' read
by * break
But this doesn't work with slapd. I have to use double quotes within the
value of an JSON attribute because the slapd accepts only these.
Using something like
"object": "dn.subtree=\"ou=People,dc=example,dc=com\"",
produces
dn.subtree="ou=People,dc=example,dc=com"
Even using double or triple '\' doesn't give anything of use.
Of course I can change JSON and mustache to avoid the quotes within
values, but I like to understand, how to handle this problem the
cfengine way.
Regards
Berthold Cogel
Aleksey Tsalolikhin
Jul 28, 2020, 9:29:14 AM7/28/20
to Berthold Cogel, help-cfengine
Hi Berthold,
Try using {{{x}}} in your mustache template instead of {{x}} around variables.
See Stack Overflow question Mustache: Globally disable html escaping?
Best,
Aleksey
--
Founder
Vertical Sysadmin, Inc.
Achieve real learning.
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/help-cfengine/dec1fa50-5786-1262-a3e3-872106f8d0e8%40uni-koeln.de.
Berthold Cogel
Jul 28, 2020, 10:10:15 AM7/28/20
to Aleksey Tsalolikhin, help-cfengine
Am 28.07.20 um 15:28 schrieb Aleksey Tsalolikhin:
>
> Best,
> Aleksey
>
Hello Aleksey,
thanks a lot! This works like a charm.
Regards
Berthold Cogel
> Hi Berthold,
>
> Try using {{{x}}} in your mustache template instead of {{x}} around
> variables.
>
> See Stack Overflow question Mustache: Globally disable html escaping?
> <https://stackoverflow.com/questions/22910428/mustache-globally-disable-html-escaping>
>
> Try using {{{x}}} in your mustache template instead of {{x}} around
> variables.
>
> See Stack Overflow question Mustache: Globally disable html escaping?
>
> Best,
> Aleksey
>
Hello Aleksey,
thanks a lot! This works like a charm.
Regards
Berthold Cogel
Reply all
Reply to author
Forward
0 new messages