Module: Hydra::LDAP
- Defined in:
- lib/hydra-ldap.rb,
lib/hydra/ldap/engine.rb,
lib/hydra/ldap/version.rb
Defined Under Namespace
Classes: Engine, GroupNotFound, MissingOwnerError, NoUsersError
Constant Summary collapse
- VERSION =
"0.0.4"
Class Method Summary collapse
- .add_users_to_group(group_code, users) ⇒ Object
- .connection ⇒ Object
-
.create_group(code, attributes) ⇒ Object
def self.create_group(code, description, owner, users) dn => dn(code) attributes = { :cn => code, :objectclass => “groupofnames”, :description => description, :member=>users.map {|u| “uid=#{u}”}, :owner=>“uid=#owner” }.
- .delete_group(code) ⇒ Object
- .dn(code) ⇒ Object
-
.does_group_exist?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘cn’, cn)).
-
.does_user_exist?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘uid’, uid)).
-
.find_group(group_code, filter, attributes, &block) ⇒ Object
NW result = connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct(“(&(objectClass=groupofnames)(cn=#group_code))”), :attributes=>[‘member’, ‘owner’, ‘description’]) result.first.each do |k, v| val = v end.
- .get_user(filter, attribute = []) ⇒ Object
- .group_base ⇒ Object
-
.groups_for_user(filter, attributes = ['psMemberOf'], &block) ⇒ Object
same as ldapsearch -h ec2-107-20-53-121.compute-1.amazonaws.com -p 389 -x -b dc=example,dc=com -D “cn=admin,dc=example,dc=com” -W “(&(objectClass=groupofnames)(member=uid=vanessa))” cn Northwestern passes attributes= PSU filter=Net::LDAP::Filter.eq(‘uid’, uid) NW filter=Net::LDAP::Filter.construct(“(&(objectClass=groupofnames)(member=uid=#uid))”)).
-
.groups_owned_by_user(filter, attributes = ['cn'], &block) ⇒ Object
NW - return result.map{|r| r.first}.
- .invalidate_cache(group_code) ⇒ Object
-
.is_user_unique?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘uid’, uid)).
- .ldap_config ⇒ Object
- .ldap_connection_config ⇒ Object
-
.owner_for_group(group_code, filter, attributes = ['owner'], &block) ⇒ Object
result.first.sub(/^uid=/, ”).
- .remove_users_from_group(group_code, users) ⇒ Object
-
.title_of_group(group_code, filter, attributes = ['description'], &block) ⇒ Object
result.first.
- .treebase ⇒ Object
-
.users_for_group(group_code, filter, attributes = ['member'], &block) ⇒ Object
result.map { |v| v.sub(/^uid=/, ”) }.
Class Method Details
.add_users_to_group(group_code, users) ⇒ Object
112 113 114 115 116 117 118 119 |
# File 'lib/hydra-ldap.rb', line 112 def self.add_users_to_group(group_code, users) invalidate_cache(group_code) ops = [] users.each do |u| ops << [:add, ldap_config[:group_member], "uid=#{u}"] end connection.modify(:dn=>dn(group_code), :operations=>ops) end |
.connection ⇒ Object
14 15 16 |
# File 'lib/hydra-ldap.rb', line 14 def self.connection @ldap_conn ||= Net::LDAP.new(ldap_connection_config) end |
.create_group(code, attributes) ⇒ Object
def self.create_group(code, description, owner, users) dn => dn(code) attributes =
:cn => code,
:objectclass => "groupofnames",
:description => description,
:member=>users.map {|u| "uid=#{u"},
:owner=>"uid=#owner"
}
59 60 61 62 63 |
# File 'lib/hydra-ldap.rb', line 59 def self.create_group(code, attributes) raise NoUsersError, "Unable to persist a group without users" unless attributes[:uniquemember] raise MissingOwnerError, "Unable to persist a group without owner" unless attributes[:owner] connection.add(:dn=>dn(code), :attributes=>attributes) end |
.delete_group(code) ⇒ Object
65 66 67 |
# File 'lib/hydra-ldap.rb', line 65 def self.delete_group(code) connection.delete(:dn=>dn(code)) end |
.dn(code) ⇒ Object
46 47 48 |
# File 'lib/hydra-ldap.rb', line 46 def self.dn(code) dn = "cn=#{code},#{group_base}" end |
.does_group_exist?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘cn’, cn))
166 167 168 169 |
# File 'lib/hydra-ldap.rb', line 166 def self.does_group_exist?(filter) hits = connection.search(:base=>group_base, :filter=>filter) return hits.count == 1 end |
.does_user_exist?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘uid’, uid))
154 155 156 157 |
# File 'lib/hydra-ldap.rb', line 154 def self.does_user_exist?(filter) hits = connection.search(:base=>treebase, :filter=>filter) return !hits.empty? end |
.find_group(group_code, filter, attributes, &block) ⇒ Object
NW result = connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct(“(&(objectClass=groupofnames)(cn=#group_code))”), :attributes=>[‘member’, ‘owner’, ‘description’]) result.first.each do |k, v|
val[k] = v
end
139 140 141 142 143 144 145 146 |
# File 'lib/hydra-ldap.rb', line 139 def self.find_group(group_code, filter, attributes, &block) @cache ||= {} return @cache[[group_code, filter, attributes]] if @cache[[group_code, filter, attributes]] result = connection.search(:base=>group_base, :filter=> filter, :attributes=>attributes) raise GroupNotFound, "Can't find group '#{group_code}' in ldap" unless result.first @cache[[group_code, filter, attributes]] = result block.call(result) if block_given? end |
.get_user(filter, attribute = []) ⇒ Object
148 149 150 151 |
# File 'lib/hydra-ldap.rb', line 148 def self.get_user(filter, attribute=[]) result = connection.search(:base=>treebase, :filter => filter, :attributes => attribute) return result end |
.group_base ⇒ Object
38 39 40 |
# File 'lib/hydra-ldap.rb', line 38 def self.group_base ldap_config[:group_base] end |
.groups_for_user(filter, attributes = ['psMemberOf'], &block) ⇒ Object
same as ldapsearch -h ec2-107-20-53-121.compute-1.amazonaws.com -p 389 -x -b dc=example,dc=com -D “cn=admin,dc=example,dc=com” -W “(&(objectClass=groupofnames)(member=uid=vanessa))” cn Northwestern passes attributes= PSU filter=Net::LDAP::Filter.eq(‘uid’, uid) NW filter=Net::LDAP::Filter.construct(“(&(objectClass=groupofnames)(member=uid=#uid))”))
74 75 76 77 |
# File 'lib/hydra-ldap.rb', line 74 def self.groups_for_user(filter, attributes=['psMemberOf'], &block) result = connection.search(:base=>group_base, :filter => filter, :attributes => attributes) block.call(result) if block_given? end |
.groups_owned_by_user(filter, attributes = ['cn'], &block) ⇒ Object
NW - return result.map{|r| r.first}
80 81 82 83 |
# File 'lib/hydra-ldap.rb', line 80 def self.groups_owned_by_user(filter, attributes=['cn'], &block) result = connection.search(:base=>group_base, :filter=> filter, :attributes=>attributes) block.call(result) if block_given? end |
.invalidate_cache(group_code) ⇒ Object
130 131 132 133 |
# File 'lib/hydra-ldap.rb', line 130 def self.invalidate_cache(group_code) @cache ||= {} @cache[group_code] = nil end |
.is_user_unique?(filter) ⇒ Boolean
hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq(‘uid’, uid))
160 161 162 163 |
# File 'lib/hydra-ldap.rb', line 160 def self.is_user_unique?(filter) hits = connection.search(:base=>treebase, :filter=>filter) return hits.count == 1 end |
.ldap_config ⇒ Object
32 33 34 35 36 |
# File 'lib/hydra-ldap.rb', line 32 def self.ldap_config root = Rails.root || '.' env = Rails.env || 'test' @ldap_config ||= YAML::load(ERB.new(IO.read(File.join(root, 'config', 'hydra-ldap.yml'))).result)[env].with_indifferent_access end |
.ldap_connection_config ⇒ Object
18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/hydra-ldap.rb', line 18 def self.ldap_connection_config return @ldap_connection_config if @ldap_connection_config @ldap_connection_config = {} yml = ldap_config @ldap_connection_config[:host] = yml[:host] @ldap_connection_config[:port] = yml[:port] if yml[:username] && yml[:password] @ldap_connection_config[:auth]={:method=>:simple} @ldap_connection_config[:auth][:username] = yml[:username] @ldap_connection_config[:auth][:password] = yml[:password] end @ldap_connection_config end |
.owner_for_group(group_code, filter, attributes = ['owner'], &block) ⇒ Object
result.first.sub(/^uid=/, ”)
104 105 106 107 108 109 110 |
# File 'lib/hydra-ldap.rb', line 104 def self.owner_for_group(group_code, filter, attributes=['owner'], &block) if block_given? find_group(group_code, filter, attributes, &block) else find_group(group_code, filter, attributes) end end |
.remove_users_from_group(group_code, users) ⇒ Object
121 122 123 124 125 126 127 128 |
# File 'lib/hydra-ldap.rb', line 121 def self.remove_users_from_group(group_code, users) invalidate_cache(group_code) ops = [] users.each do |u| ops << [:delete, ldap_config[:group_member], "uid=#{u}"] end connection.modify(:dn=>dn(group_code), :operations=>ops) end |
.title_of_group(group_code, filter, attributes = ['description'], &block) ⇒ Object
result.first
86 87 88 89 90 91 92 |
# File 'lib/hydra-ldap.rb', line 86 def self.title_of_group(group_code, filter, attributes=['description'], &block) if block_given? find_group(group_code, filter, attributes, &block) else find_group(group_code, filter, attributes) end end |
.treebase ⇒ Object
42 43 44 |
# File 'lib/hydra-ldap.rb', line 42 def self.treebase ldap_config[:base] end |
.users_for_group(group_code, filter, attributes = ['member'], &block) ⇒ Object
result.map { |v| v.sub(/^uid=/, ”) }
95 96 97 98 99 100 101 |
# File 'lib/hydra-ldap.rb', line 95 def self.users_for_group(group_code, filter, attributes=['member'], &block) if block_given? find_group(group_code, filter, attributes, &block) else find_group(group_code, filter, attributes) end end |