Module: Adauth

Defined in:

lib/adauth.rb,
lib/adauth/rails.rb,
lib/adauth/config.rb,
lib/adauth/version.rb,
lib/adauth/ad_object.rb,
lib/adauth/connection.rb,
lib/adauth/authenticate.rb,
lib/adauth/ad_objects/ou.rb,
lib/adauth/rails/helpers.rb,
lib/adauth/search_results.rb,
lib/adauth/ad_objects/user.rb,
lib/adauth/ad_objects/group.rb,
lib/adauth/ad_objects/folder.rb,
lib/adauth/rails/model_bridge.rb,
lib/adauth/ad_objects/computer.rb,
lib/generators/adauth/config/config_generator.rb,
lib/generators/adauth/sessions/sessions_generator.rb

Overview

Adauth Container Module

Defined Under Namespace

Modules: AdObjects, Generators, Rails Classes: AdObject, Config, Connection, SearchResults

Constant Summary

Version =

Adauths Version Number

'2.0.5'

Class Method Summary

• .add_field(object, adauth_method, ldap_method) ⇒ Object

  Add a field to the specified model.

• .allowed_to_login(user) ⇒ Object

  Check if the user is allowed to login.

• .authenticate(username, password) ⇒ Object

  Authenticates the specifed user agains the domain.

• .configure {|@config| ... } ⇒ Object

  Yields a new config object and then sets it as the Adauth Config.

• .connect ⇒ Object

  Connects to ActiveDirectory using the query user details.

• .connection ⇒ Object

  Returns Adauths current connection to ActiveDirectory.

• .connection_hash(user, password) ⇒ Object

  Generates a hash for the connection class, takes a username and password.

• .logger ⇒ Object

  Returns the logger object.

• .logger=(inputs) ⇒ Object

  Lets you set a new logger.

Class Method Details

.add_field(object, adauth_method, ldap_method) ⇒ Object

Add a field to the specified model

# File 'lib/adauth/ad_object.rb', line 7

def self.add_field(object, adauth_method, ldap_method)
    Adauth.logger.info(object.inspect) { "Adding field \"#{ldap_method}\"" }
    object::Fields[adauth_method] = ldap_method
end

.allowed_to_login(user) ⇒ Object

Check if the user is allowed to login

# File 'lib/adauth/authenticate.rb', line 25

def self.allowed_to_login(user)
  if (@config.allowed_groups.empty? && @config.allowed_ous.empty?) && (@config.denied_groups.empty? && @config.denied_ous.empty?)
    return true
  else
    return (allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested) && allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous))
  end
end

.authenticate(username, password) ⇒ Object

Authenticates the specifed user agains the domain

Checks the groups & ous are in the allow/deny lists

# File 'lib/adauth/authenticate.rb', line 5

def self.authenticate(username, password)
    begin
        Adauth.logger.info("authentication") { "Attempting to authenticate as #{username}" }
        if Adauth::AdObjects::User.authenticate(username, password)
            user = Adauth::AdObjects::User.where('sAMAccountName', username).first
            if allowed_to_login(user)
                Adauth.logger.info("authentication") { "Authentication succesful" }
                return user
            else
                Adauth.logger.info("authentication") { "Authentication failed (not in allowed group or ou)" }
                return false
            end
        end
    rescue RuntimeError
        Adauth.logger.info("authentication") { "Authentication failed (RuntimeError)" }
        return false
    end
end

.configure {|@config| ... } ⇒ Object

Yields a new config object and then sets it as the Adauth Config

Yields:

• (@config)

# File 'lib/adauth.rb', line 30

def self.configure
    @logger ||= Logger.new('log/adauth.log', 'weekly')
    @logger.info('load') { "Loading new config" }
    @connection = nil
    @config = Config.new
    yield(@config)
end

.connect ⇒ Object

Connects to ActiveDirectory using the query user details

# File 'lib/adauth.rb', line 47

def self.connect
    @logger.info('connection') { "Connecting to AD as \"#{@config.query_user}\"" }
    @connection = Adauth::Connection.new(connection_hash(@config.query_user, @config.query_password)).bind
end

.connection ⇒ Object

Returns Adauths current connection to ActiveDirectory

# File 'lib/adauth.rb', line 39

def self.connection
    @logger.fatal('connection') { "Attempted to create connection without configuring" } if @config == nil
    raise 'Adauth needs configuring before use' if @config == nil # Still raise an error here even after logging it so that adauth stops dead and doesn't error on the next line
    connect unless @connection
    @connection
end

.connection_hash(user, password) ⇒ Object

Generates a hash for the connection class, takes a username and password

# File 'lib/adauth.rb', line 53

def self.connection_hash(user, password)
    { 
        :domain => @config.domain, 
        :server => @config.server, 
        :port => @config.port, 
        :base => @config.base, 
        :encryption => @config.encryption,
        :allow_fallback => @config.allow_fallback,
        :username => user, 
        :password => password,
        :anonymous_bind => @config.anonymous_bind 
    }
end

.logger ⇒ Object

Returns the logger object

# File 'lib/adauth.rb', line 68

def self.logger
  @logger
end

.logger=(inputs) ⇒ Object

Lets you set a new logger

# File 'lib/adauth.rb', line 73

def self.logger=(inputs)
  @logger = inputs
end