Class: ActiveDirectory::Group

# File 'lib/active_directory/group.rb', line 53

def self.create_security_group(ou, name, type)
  type_mask = GroupType::SECURITY_ENABLED
  case type
  when :local
    type_mask |= GroupType::RESSOURCE_GROUP
  when :global
    type_mask |= GroupType::ACCOUNT_GROUP
  when :universal
    type_mask |= GroupType::UNIVERSAL_GROUP
  else
    raise "Unknown type specified : #{type}"
  end
  dn = 'CN=' + name + "," + ou
  attributes = {
    :objectClass => ['top', 'group'],
    :sAMAccountName => name,
    :objectCategory => "CN=Group,CN=Schema,CN=Configuration,DC=afssa,DC=fr",
    :groupType => type_mask.to_s
  }
  @@ldap.add(:dn => dn, :attributes => attributes)
  self.from_dn(dn)
end

.filter ⇒ `Object`

:nodoc:



27
28
29

# File 'lib/active_directory/group.rb', line 27

def self.filter # :nodoc:
	Net::LDAP::Filter.eq(:objectClass,'group')
end

.required_attributes ⇒ `Object`

:nodoc:



31
32
33

# File 'lib/active_directory/group.rb', line 31

def self.required_attributes # :nodoc:
	{ :objectClass => [ 'top', 'group' ] }
end

Instance Method Details

#add(new_member) ⇒ `Object`

Add the passed User or Group object to this Group. Returns true if the User or Group is already a member of the group, or if the operation to add them succeeds.

# File 'lib/active_directory/group.rb', line 81

def add(new_member)
	return false unless new_member.is_a?(User) || new_member.is_a?(Group)
	if @@ldap.modify(:dn => distinguishedName, :operations => [
		[ :add, :member, new_member.distinguishedName ]
	])
		return true
	else
		return has_member?(new_member)
	end
end

#groups ⇒ `Object`

Returns an array of Group objects that this Group belongs to.

# File 'lib/active_directory/group.rb', line 157

def groups
	return [] if memberOf.nil?
	@groups ||= Group.find(:all, :distinguishedname => @entry.memberOf).delete_if { |g| g.nil? }
end

#has_member?(user) ⇒ `Boolean`

Returns true if the passed User or Group object belongs to this group. For performance reasons, the check is handled by the User or Group object passed.

Returns:

(Boolean)



49
50
51

# File 'lib/active_directory/group.rb', line 49

def has_member?(user)
	user.member_of?(self)
end

#has_members? ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/active_directory/group.rb', line 108

def has_members?
	begin
		return (@entry.member.nil? || @entry.member.empty?) ? false : true
	rescue NoMethodError
		return false
	end
end

#member_groups(recursive = false) ⇒ `Object`

Returns an array of all Group objects that belong to this group.

If the recursive argument is passed as false, then only Groups that belong explicitly to this Group are returned.

If the recursive argument is passed as true, then all Groups that belong to this Group, or any of its subgroups, are returned.

# File 'lib/active_directory/group.rb', line 144

def member_groups(recursive = false)
                      @member_groups ||= Group.find(:all, :distinguishedname => @entry[:member]).delete_if { |g| g.nil? }
                      if recursive then
                        self.member_groups.each do |group|
                          @member_groups.concat(group.member_groups(true))
                        end
                      end
                      return @member_groups
end

#member_users(recursive = false) ⇒ `Object`

Returns an array of all User objects that belong to this group.

If the recursive argument is passed as false, then only Users who belong explicitly to this Group are returned.

If the recursive argument is passed as true, then all Users who belong to this Group, or any of its subgroups, are returned.

# File 'lib/active_directory/group.rb', line 125

def member_users(recursive = false)
                      @member_users = User.find(:all, :distinguishedname => @entry[:member]).delete_if { |u| u.nil? }
                      if recursive then
                        self.member_groups.each do |group|
                          @member_users.concat(group.member_users(true))
                        end
                      end
                      return @member_users
end

#reload ⇒ `Object`

:nodoc:

# File 'lib/active_directory/group.rb', line 35

def reload # :nodoc:
	@member_users_non_r  = nil
	@member_users_r      = nil
	@member_groups_non_r = nil
	@member_groups_r     = nil
	@groups              = nil
	super
end

#remove(member) ⇒ `Object`

Remove a User or Group from this Group. Returns true if the User or Group does not belong to this Group, or if the oepration to remove them succeeds.

# File 'lib/active_directory/group.rb', line 97

def remove(member)
	return false unless member.is_a?(User) || member.is_a?(Group)
	if @@ldap.modify(:dn => distinguishedName, :operations => [
		[ :delete, :member, member.distinguishedName ]
	])
		return true
	else
		return !has_member?(member)
	end
end

Class: ActiveDirectory::Group

Constant Summary

Constants inherited from Base

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Member

Methods inherited from Base

Constructor Details

Dynamic Method Handling

Class Method Details

.create_security_group(ou, name, type) ⇒ Object

.filter ⇒ Object

.required_attributes ⇒ Object

Instance Method Details

#add(new_member) ⇒ Object

#groups ⇒ Object

#has_member?(user) ⇒ Boolean

#has_members? ⇒ Boolean

#member_groups(recursive = false) ⇒ Object

#member_users(recursive = false) ⇒ Object

#reload ⇒ Object

#remove(member) ⇒ Object

.create_security_group(ou, name, type) ⇒ `Object`

.filter ⇒ `Object`

.required_attributes ⇒ `Object`

#add(new_member) ⇒ `Object`

#groups ⇒ `Object`

#has_member?(user) ⇒ `Boolean`

#has_members? ⇒ `Boolean`

#member_groups(recursive = false) ⇒ `Object`

#member_users(recursive = false) ⇒ `Object`

#reload ⇒ `Object`

#remove(member) ⇒ `Object`