Class: Another::Ldap::Proxy::Operation

Inherits:

LDAP::Server::Operation

• Object
• LDAP::Server::Operation
• Another::Ldap::Proxy::Operation

Defined in:

lib/another/ldap/proxy/operation.rb

Constant Summary

PROXY_MODE_FIRST =

'first'

Class Attribute Summary

• .backend_mode ⇒ Object readonly

  Returns the value of attribute backend_mode.

• .backends ⇒ Object readonly

  Returns the value of attribute backends.

• .logger ⇒ Object readonly

  Returns the value of attribute logger.

• .root_password ⇒ Object readonly

  Returns the value of attribute root_password.

• .root_username ⇒ Object readonly

  Returns the value of attribute root_username.

Instance Attribute Summary

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

Class Method Summary

• .add_backend(backend) ⇒ Object
• .new_operation(&block) ⇒ Object
• .set_backend_mode(backend_mode) ⇒ Object
• .set_logger(logger) ⇒ Object
• .set_root_credentials(root_username, root_password) ⇒ Object

Instance Method Summary

• #_validate_root_credentials(username, password) ⇒ Object
• #initialize(connection, messageID) ⇒ Operation constructor

  A new instance of Operation.

• #search(basedn, scope, deref, filter) ⇒ Object
• #simple_bind(version, dn, password) ⇒ Object

Constructor Details

#initialize(connection, messageID) ⇒ Operation

Returns a new instance of Operation.

# File 'lib/another/ldap/proxy/operation.rb', line 18

def initialize(connection, messageID)
  super

  @proxy_mode = self.class.backend_mode
  @proxy_backends = self.class.backends
  @root_username = self.class.root_username
  @root_password = self.class.root_password
  @logger = self.class.logger
end

Class Attribute Details

.backend_mode ⇒ Object (readonly)

Returns the value of attribute backend_mode.

# File 'lib/another/ldap/proxy/operation.rb', line 67

def backend_mode
  @backend_mode
end

.backends ⇒ Object (readonly)

Returns the value of attribute backends.

# File 'lib/another/ldap/proxy/operation.rb', line 67

def backends
  @backends
end

.logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/another/ldap/proxy/operation.rb', line 67

def logger
  @logger
end

.root_password ⇒ Object (readonly)

Returns the value of attribute root_password.

# File 'lib/another/ldap/proxy/operation.rb', line 67

def root_password
  @root_password
end

.root_username ⇒ Object (readonly)

Returns the value of attribute root_username.

# File 'lib/another/ldap/proxy/operation.rb', line 67

def root_username
  @root_username
end

Instance Attribute Details

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/another/ldap/proxy/operation.rb', line 16

def logger
  @logger
end

Class Method Details

.add_backend(backend) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 88

def add_backend(backend)
  @backends ||= []
  @backends << backend if backend
end

.new_operation(&block) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 69

def new_operation(&block)
  proxy_operation_class = Class.new(self)
  proxy_operation_class.instance_eval(&block) if block_given?
  proxy_operation_class
end

.set_backend_mode(backend_mode) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 84

def set_backend_mode(backend_mode)
  @backend_mode = backend_mode
end

.set_logger(logger) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 75

def set_logger(logger)
  @logger = logger
end

.set_root_credentials(root_username, root_password) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 79

def set_root_credentials(root_username, root_password)
  @root_username = root_username
  @root_password = root_password
end

Instance Method Details

#_validate_root_credentials(username, password) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 62

def _validate_root_credentials(username, password)
  @root_username == username && @root_password == password
end

#search(basedn, scope, deref, filter) ⇒ Object

# File 'lib/another/ldap/proxy/operation.rb', line 42

def search(basedn, scope, deref, filter)
  logger&.info "Operation#search ( #{basedn}, #{scope}, #{filter} )"

  client_scope = Another::Ldap::Proxy::ScopeConverter.from_server_to_client(scope)
  client_filter = Another::Ldap::Proxy::FilterConverter.from_server_to_client(filter)

  @proxy_backends.each do |backend|
    results = backend.search(basedn, client_scope, deref, client_filter)

    next if results.empty?

    results.each do |entry|
      dn, attributes = Another::Ldap::Proxy::EntryConverter.from_client_to_server(entry)
      send_SearchResultEntry(dn, attributes)
    end

    break if @proxy_mode == PROXY_MODE_FIRST
  end
end

#simple_bind(version, dn, password) ⇒ Object

Raises:

• (LDAP::ResultError::InvalidCredentials)

# File 'lib/another/ldap/proxy/operation.rb', line 28

def simple_bind(version, dn, password)
  logger&.info "Operation#simple_bind : version:#{version} dn:#{dn}"
  logger&.debug "Operation#simple_bind : dn:#{dn} password:#{password}"

  return if _validate_root_credentials(dn, password)

  @proxy_backends.each do |backend|
    return if backend.bind(version, dn, password)
  end

  logger&.warn "Operation#simple_bind : user #{dn} rejected"
  raise LDAP::ResultError::InvalidCredentials, "user #{dn} rejected"
end