Class: ActiveDirectory::Group

Inherits:
Base
  • Object
show all
Includes:
Member
Defined in:
lib/bsb_active_directory/group.rb

Constant Summary

Constants inherited from Base

Base::NIL_FILTER

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Member

#join, #member_of?, #unjoin

Methods inherited from Base

#==, cache?, #changed?, class_name, clear_cache, connected?, create, decode_field, #destroy, disable_cache, enable_cache, encode_field, error, error?, error_code, exists?, find, find_all, find_cached_results, find_first, from_dn, #get_attr, get_field_type, #initialize, make_filter, make_filter_from_hash, method_missing, #method_missing, #move, #new_record?, parse_finder_spec, #save, #set_attr, setup, #sid, #to_ary, #update_attribute, #update_attributes, #valid_attribute?

Constructor Details

This class inherits a constructor from ActiveDirectory::Base

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class ActiveDirectory::Base

Class Method Details

.create_security_group(ou, name, type) ⇒ Object 


53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/bsb_active_directory/group.rb', line 53

def self.create_security_group(ou, name, type)
  type_mask = GroupType::SECURITY_ENABLED
  case type
  when 'local'
    type_mask |= GroupType::RESSOURCE_GROUP
  when 'global'
    type_mask |= GroupType::ACCOUNT_GROUP
  when 'universal'
    type_mask |= GroupType::UNIVERSAL_GROUP
  else
    raise "Unknown type specified : #{type}"
  end
  dn = 'CN=' + name + ',' + ou
  attributes = {
    objectClass: %w[top group],
    cn: name,
    sAMAccountName: name,
    groupType: type_mask.to_s
  }
  @@ldap.add(dn: dn, attributes: attributes)
  from_dn(dn)
end

.filterObject

:nodoc:


27
28
29
 
# File 'lib/bsb_active_directory/group.rb', line 27

def self.filter # :nodoc:
  Net::LDAP::Filter.eq(:objectClass, 'group')
end

.required_attributesObject

:nodoc:


31
32
33
 
# File 'lib/bsb_active_directory/group.rb', line 31

def self.required_attributes # :nodoc:
  { objectClass: %w[top group] }
end

Instance Method Details

#add(new_member) ⇒ Object

Add the passed User or Group object to this Group. Returns true if the User or Group is already a member of the group, or if the operation to add them succeeds.


81
82
83
84
85
86
87
88
89
90
 
# File 'lib/bsb_active_directory/group.rb', line 81

def add(new_member)
  return false unless new_member.is_a?(User) || new_member.is_a?(Group)
  if @@ldap.modify(dn: distinguishedName, operations: [
                     [:add, :member, new_member.distinguishedName]
                   ])
    return true
  else
    return has_member?(new_member)
  end
end

#groupsObject

Returns an array of Group objects that this Group belongs to.


155
156
157
158
 
# File 'lib/bsb_active_directory/group.rb', line 155

def groups
  return [] if memberOf.nil?
  @groups ||= Group.find(:all, distinguishedname: @entry.memberOf).delete_if(&:nil?)
end

#has_member?(user) ⇒ Boolean

Returns true if the passed User or Group object belongs to this group. For performance reasons, the check is handled by the User or Group object passed.

Returns:

  • (Boolean) 

49
50
51
 
# File 'lib/bsb_active_directory/group.rb', line 49

def has_member?(user)
  user.member_of?(self)
end

#has_members?Boolean

Returns:

  • (Boolean) 

108
109
110
111
112
 
# File 'lib/bsb_active_directory/group.rb', line 108

def has_members?
  return @entry.member.nil? || @entry.member.empty? ? false : true
rescue NoMethodError
  return false
end

#member_groups(recursive = false) ⇒ Object

Returns an array of all Group objects that belong to this group.

If the recursive argument is passed as false, then only Groups that belong explicitly to this Group are returned.

If the recursive argument is passed as true, then all Groups that belong to this Group, or any of its subgroups, are returned.


142
143
144
145
146
147
148
149
150
 
# File 'lib/bsb_active_directory/group.rb', line 142

def member_groups(recursive = false)
  @member_groups ||= Group.find(:all, distinguishedname: @entry[:member]).delete_if(&:nil?)
  if recursive
    member_groups.each do |group|
      @member_groups.concat(group.member_groups(true))
    end
  end
  @member_groups
end

#member_users(recursive = false) ⇒ Object

Returns an array of all User objects that belong to this group.

If the recursive argument is passed as false, then only Users who belong explicitly to this Group are returned.

If the recursive argument is passed as true, then all Users who belong to this Group, or any of its subgroups, are returned.


123
124
125
126
127
128
129
130
131
 
# File 'lib/bsb_active_directory/group.rb', line 123

def member_users(recursive = false)
  @member_users = User.find(:all, distinguishedname: @entry[:member]).delete_if(&:nil?)
  if recursive
    member_groups.each do |group|
      @member_users.concat(group.member_users(true))
    end
  end
  @member_users
end

#reloadObject

:nodoc:


35
36
37
38
39
40
41
42
 
# File 'lib/bsb_active_directory/group.rb', line 35

def reload # :nodoc:
  @member_users_non_r  = nil
  @member_users_r      = nil
  @member_groups_non_r = nil
  @member_groups_r     = nil
  @groups              = nil
  super
end

#remove(member) ⇒ Object

Remove a User or Group from this Group. Returns true if the User or Group does not belong to this Group, or if the oepration to remove them succeeds.


97
98
99
100
101
102
103
104
105
106
 
# File 'lib/bsb_active_directory/group.rb', line 97

def remove(member)
  return false unless member.is_a?(User) || member.is_a?(Group)
  if @@ldap.modify(dn: distinguishedName, operations: [
                     [:delete, :member, member.distinguishedName]
                   ])
    return true
  else
    return !has_member?(member)
  end
end