Module: Cratus::LDAP

Defined in:
lib/cratus/ldap.rb

Overview

The LDAP swiss-army knife for cratus

Class Method Summary collapse

Class Method Details

.connectObject

Actually connect (bind) to LDAP



23
24
25
26
27
28
 
# File 'lib/cratus/ldap.rb', line 23

def self.connect
  connection
  validate_ldap_connection
  @ldap_connection.bind
  @ldap_bound = true
end

.connected?Boolean

Returns:

  • (Boolean) 


30
31
32
 
# File 'lib/cratus/ldap.rb', line 30

def self.connected?
  @ldap_bound
end

.connectionObject

Define the LDAP connection Note: does not actually connect (bind), just sets up the connection



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'lib/cratus/ldap.rb', line 6

def self.connection
  options = {
    host: Cratus.config.host,
    port: Cratus.config.port,
    base: Cratus.config.basedn,
    auth: {
      method: :simple,
      username: Cratus.config.username,
      password: Cratus.config.password
    }
  }
  # TODO: make the validations do something useful
  # validate_connection_options(options)
  @ldap_connection ||= Net::LDAP.new(options)
end

.replace_attribute(dn, attribute, values) ⇒ Object

Modify an LDAP object’s attribute



65
66
67
68
69
70
71
 
# File 'lib/cratus/ldap.rb', line 65

def self.replace_attribute(dn, attribute, values)
  validate_ldap_connection
  validate_ldap_bound
  validate_attribute_values(values)

  connection.replace_attribute(dn, attribute, values)
end

.search(filter, options = {}) ⇒ Object

Perform an LDAP search

Required Options: :basedn Optional Options: :attrs, :scope



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/cratus/ldap.rb', line 38

def self.search(filter, options = {})
  validate_ldap_connection
  validate_ldap_bound
  validate_search_options(options)

  attrs = options.key?(:attrs) ? options[:attrs] : []
  scope = options.key?(:scope) ? options[:scope] : 'subtree'

  scope_class = case scope.to_s
                when 'subtree', 'recursive', 'whole_subtree'
                  Net::LDAP::SearchScope_WholeSubtree
                when 'single', 'single_level'
                  Net::LDAP::SearchScope_SingleLevel
                when 'object', 'base_object'
                  Net::LDAP::SearchScope_BaseObject
                else
                  raise 'Invalid LDAP Scope!'
                end

  results = connection.search(
    base: options[:basedn], filter: filter,
    scope: scope_class, attributes: [*attrs].map(&:to_s)
  )
  results.nil? ? raise(Exceptions::FailedLDAPSearch) : results.compact
end

.validate_attribute_values(values) ⇒ Object 



91
92
93
 
# File 'lib/cratus/ldap.rb', line 91

def self.validate_attribute_values(values)
  raise 'Values Must Be Array' unless values.is_a?(Array)
end

.validate_connection_options(options) ⇒ Object 



95
96
97
98
99
100
101
 
# File 'lib/cratus/ldap.rb', line 95

def self.validate_connection_options(options)
  raise 'Invalid Options' unless options.respond_to?(:key?)

  %i[host port basedn username password].each do |key|
    raise "Missing Option: #{key}" unless options.key?(key)
  end
end

.validate_ldap_boundObject

Validation Methods



75
76
77
 
# File 'lib/cratus/ldap.rb', line 75

def self.validate_ldap_bound
  raise 'LDAP Not Connected' unless connected?
end

.validate_ldap_connectionObject 



79
80
81
 
# File 'lib/cratus/ldap.rb', line 79

def self.validate_ldap_connection
  raise 'No LDAP Connection' unless connection
end

.validate_search_options(options) ⇒ Object 



83
84
85
86
87
88
89
 
# File 'lib/cratus/ldap.rb', line 83

def self.validate_search_options(options)
  raise 'Invalid Options' unless options.respond_to?(:key?)

  [:basedn].each do |key|
    raise "Missing Option: #{key}" unless options.key?(key)
  end
end