1

我有以下代码:

if (!EAP-Message) {
    # Now check against the authorized_macs file
    <%- @filename.each do |key,value| -%>
    <%= key %>
    if (!ok) {
    <%- end -%>
                        eap
                    }
                    else {
                        # accept
                        update control {
                            Auth-Type := Accept
                        }
                    }
                }
                else {
                    # accept
                    update control {
                        Auth-Type := Accept
                    }   
                }
            }
            else {
                # accept
                update control {
                    Auth-Type := Accept
                }
            }
        }
        else {
            # accept
            update control {
                Auth-Type := Accept
            }
        }
    }
    else {
        # accept
        update control {
            Auth-Type := Accept
        }
    }
}
else {
    eap
}

我想通过在每个循环之后添加缩进或空格或制表符来正确缩进文件,使其看起来像这样:

if (!EAP-Message) {
    # Now check against the authorized_macs file
    authorized_macs_10
    if (!ok) {
        authorized_macs_11
        if (!ok) {
            authorized_macs_12
            if (!ok) {
                authorized_macs_13
                if (!ok) {
                    authorized_macs_14
                    if (!ok) {
                        eap
                    }
                    else {
                        # accept
                        update control {
                            Auth-Type := Accept
                        }
                    }
                }
                else {
                    # accept
                    update control {
                        Auth-Type := Accept
                    }
                }
            }
            else {
                # accept
                update control {
                    Auth-Type := Accept
                }
            }
        }
        else {
            # accept
            update control {
                Auth-Type := Accept
            }
        }
    }
    else {
        # accept
        update control {
            Auth-Type := Accept
        }
    }
}
else {
    eap
}

这是我的 freeradius puppet 模块的 /etc/freeradius/sites-available/default 的一部分,终于完成了。该@filename变量是一个 hiera_hash,我从一个 yaml 文件中获得。以下是相关部分:

test_freeradius::files:
'authorized_macs_10':
    macs: 
        - 'aaaaa'
        - 'bbbbb'
    vlan: '10' 
'authorized_macs_11':
    macs: 
        - 'ccccc' 
        - 'ddddd'  
    vlan: '11'
'authorized_macs_12':
    macs: 
        - 'eeeee'
        - 'fffff'
    vlan: '12'
'authorized_macs_13':
    macs:
        - 'ggggg'
        - 'hhhhh'
    vlan: '13'
'authorized_macs_14':
    macs:
        - 'iiiii'
        - 'jjjjj'
    vlan: '14'

下面是我用来创建default文件内容的定义:

define test_freeradius::files (

  $macs,
  $vlan,
  $macfile  = $title,

) {

  include test_freeradius::service

  ensure_resource('file', '/etc/freeradius/modules/files', {
      ensure  => 'file',
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => template("${module_name}/files.erb"),
      require => Class['test_freeradius::install'],
      notify  => Service['freeradius'],
    }
  )

  file { "/etc/freeradius/${macfile}" :
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template("${module_name}/macfiles.erb"),
    require => Class['test_freeradius::install'],
    notify  => Service['freeradius'],
  }

  ensure_resource('file', '/etc/freeradius/sites-available/default', {
      ensure  => 'file',
      owner   => 'root',
      group   => 'freerad',
      mode    => '0644',
      content => template("${module_name}/default.erb"),
      require => Class['test_freeradius::install'],
      notify  => Service['freeradius'],
    }
  )

  ensure_resource('file', '/etc/freeradius/sites-enabled/default', {
      ensure => 'link',
      target => '/etc/freeradius/sites-available/default',
    }
  )
}

循环做了它应该做的事情,但是没有缩进,我尝试了不同的事情,比如<%= " "%>在几个位置添加并为if (!ok) {零件创建一个变量,不幸的是没有成功,也许我应该重组代码?有任何想法吗?

4

2 回答 2

3

通过在迭代时构建缩进字符串,您应该能够通过 Ruby scriptlet 代码生成适当的缩进。例如,

if (!EAP-Message) {
    # Now check against the authorized_macs file
    <%- indent = '' -%>
    <%- @filename.each do |key,value| -%>
    <%= indent %><%= key %>
    <%= indent %>if (!ok) {
    <%- indent += '    ' -%>
    <%- end -%>
                        eap
    ...

不过,在我看来,您可能还有另一个问题。你能确信@filenames散列总是包含五个条目吗?如果它包含其他数量的条目,那么您的模板将产生格式错误的输出,因为会有太多或太少的块闭包。

您可以通过使用类似于我已经描述的方法来解决这个问题,以便在迭代时在字符串中构建块闭包,然后在适当的点输出字符串(而不是使用模板文本来关闭块)。

于 2017-05-16T17:44:10.007 回答
1

这是 freeradius 模块的最终结果。这些是我一直在寻求帮助的相关代码片段。

默认.erb

if (!EAP-Message) {
    # Now check against the authorized_macs file
    <%- indent = '' -%>
    <%- @filename.each do |key,value| -%>
    <%= indent %><%= key %>
    <%= indent %>if (!ok) {
    <%- indent += '    ' -%>
    <%- end -%>
    <%= indent %>eap
<%- @filename.each do |key,value| -%>
    <%= indent %>}
    <%= indent %>else {
        <%= indent %># accept
        <%= indent %>update control {
            <%= indent %>Auth-Type := Accept
        <%= indent %>}
    <%= indent %>}
<% indent = indent.slice(0..-5) -%>
<%- end -%> 
}
else {
    eap
}

虚拟服务器配置的post-auth部分有点棘手,因为我必须读取哈希,记下键并以相反的顺序分配 vlan,所以我将哈希转换为数组,尊重它并将数组转换回哈希.

内隧道

post-auth {
    <%- indent = '' -%>
    <%- @filename.each do |key,value| -%>
    <%= indent %><%= key %>
    <%= indent %>if (!ok) {
    <%- indent += '    ' -%>
    <%- end -%>
    <%= indent %>ldap
<%- @new_files = Hash[@filename.to_a.reverse].to_hash -%>
<%- @new_files.each do |key,value| -%>
<%= indent %>}
<%= indent %>else {
    <%= indent %>update reply {
        <%= indent %>Tunnel-Type = VLAN
        <%= indent %>Tunnel-Medium-Type = IEEE-802
        <%= indent %>Tunnel-Private-Group-ID =  <%= value['vlan'] %>
    <%= indent %>}
<%= indent %>}
<%- indent = indent.slice(0..-5) -%>
<%- end -%>

    ldap
<%- @groups.each do |key,value| -%>
<%- if key == 'vlan_10' -%>
    if (LDAP-Group == vlan_10) {
        update reply {
            Tunnel-Type = VLAN
            Tunnel-Medium-Type = IEEE-802
            Tunnel-Private-Group-ID = 10
        }
    }
<%- else -%>
    elsif (LDAP-Group == <%= key %>) {
        update reply {
            Tunnel-Type = VLAN
            Tunnel-Medium-Type = IEEE-802
            Tunnel-Private-Group-ID = <%= value['vlan'] %>
        }
    }
<%- end -%>
<%- end -%>

    Post-Auth-Type REJECT {
        attr_filter.access_reject
    }
}

谢谢大家,尤其是约翰!

于 2017-05-17T10:43:56.460 回答