Class: Entitlements::Data::People::LDAP
- Inherits:
-
Object
- Object
- Entitlements::Data::People::LDAP
- Includes:
- Contracts::Core
- Defined in:
- lib/entitlements.rb,
lib/entitlements/data/people/ldap.rb
Constant Summary collapse
- C =
::Contracts
- PEOPLE_ATTRIBUTES =
Default attributes
%w[cn]
- UID_ATTRIBUTE =
"uid"
- PARAMETERS =
Parameters
{ "base" => { required: true, type: String }, "ldap_binddn" => { required: true, type: String }, "ldap_bindpw" => { required: true, type: String }, "ldap_uri" => { required: true, type: String }, "ldap_ca_file" => { required: false, type: String }, "person_dn_format" => { required: true, type: String }, "disable_ssl_verification" => { required: false, type: [FalseClass, TrueClass] }, "additional_attributes" => { required: false, type: Array }, "uid_attribute" => { required: false, type: String } }
Class Method Summary collapse
- .fingerprint(config) ⇒ Object
- .new_from_config(config) ⇒ Object
- .validate_config!(key, config) ⇒ Object
Instance Method Summary collapse
-
#initialize(ldap:, people_ou:, uid_attr: UID_ATTRIBUTE, people_attr: PEOPLE_ATTRIBUTES) ⇒ LDAP
constructor
A new instance of LDAP.
- #read(uid = nil) ⇒ Object
Constructor Details
#initialize(ldap:, people_ou:, uid_attr: UID_ATTRIBUTE, people_attr: PEOPLE_ATTRIBUTES) ⇒ LDAP
Returns a new instance of LDAP.
94 95 96 97 98 99 |
# File 'lib/entitlements/data/people/ldap.rb', line 94 def initialize(ldap:, people_ou:, uid_attr: UID_ATTRIBUTE, people_attr: PEOPLE_ATTRIBUTES) @ldap = ldap @people_ou = people_ou @uid_attr = uid_attr @people_attr = people_attr end |
Class Method Details
.fingerprint(config) ⇒ Object
37 38 39 |
# File 'lib/entitlements/data/people/ldap.rb', line 37 def self.fingerprint(config) PARAMETERS.keys.map { |key| config[key].inspect }.join("||") end |
.new_from_config(config) ⇒ Object
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/entitlements/data/people/ldap.rb', line 50 def self.new_from_config(config) new( ldap: Entitlements::Service::LDAP.new_with_cache( addr: config.fetch("ldap_uri"), binddn: config.fetch("ldap_binddn"), bindpw: config.fetch("ldap_bindpw"), ca_file: config.fetch("ldap_ca_file", ENV["LDAP_CACERT"]), disable_ssl_verification: config.fetch("ldap_disable_ssl_verification", false), person_dn_format: config.fetch("person_dn_format") ), people_ou: config.fetch("base"), uid_attr: config.fetch("uid_attribute", UID_ATTRIBUTE), people_attr: config.fetch("additional_attributes", PEOPLE_ATTRIBUTES) ) end |
.validate_config!(key, config) ⇒ Object
75 76 77 78 |
# File 'lib/entitlements/data/people/ldap.rb', line 75 def self.validate_config!(key, config) text = "LDAP people configuration for data source #{key.inspect}" Entitlements::Util::Util.validate_attr!(PARAMETERS, config, text) end |
Instance Method Details
#read(uid = nil) ⇒ Object
107 108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/entitlements/data/people/ldap.rb', line 107 def read(uid = nil) @people ||= begin Entitlements.logger.debug "Loading people from LDAP" ldap.search(base: people_ou, filter: Net::LDAP::Filter.eq(uid_attr, "*"), attrs: people_attr.sort) .map { |person_dn, entry| [Entitlements::Util::Util.first_attr(person_dn).downcase, entry_to_person(entry)] } .to_h end return @people if uid.nil? return @people[uid.downcase] if @people[uid.downcase] raise Entitlements::Data::People::NoSuchPersonError, "read(#{uid.inspect}) matched no known person" end |