Class: Entitlements::Extras::LDAPGroup::Rules::LDAPGroup

Inherits:
Data::Groups::Calculated::Rules::Base show all
Includes:
Contracts::Core
Defined in:
lib/entitlements/extras/ldap_group/rules/ldap_group.rb

Constant Summary collapse

C = 
::Contracts

Class Method Summary collapse

Methods included from Contracts::Core

common, extended, included

Class Method Details

.ldapObject 



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/entitlements/extras/ldap_group/rules/ldap_group.rb', line 50

def self.ldap
  @ldap ||= begin
    config = Entitlements::Extras::LDAPGroup::Base.config
    opts = {
      addr: config.fetch("ldap_uri"),
      binddn: config.fetch("ldap_binddn"),
      bindpw: config.fetch("ldap_bindpw"),
      ca_file: config.fetch("ldap_ca_file", ENV["LDAP_CACERT"]),
      person_dn_format: config.fetch("person_dn_format")
    }
    opts[:disable_ssl_verification] = true if config.fetch("disable_ssl_verification", false)
    if RubyVersionCheck.ruby_version2?
      Entitlements::Service::LDAP.new_with_cache(opts)
    else
      Entitlements::Service::LDAP.new_with_cache(**opts)
    end
  end
end

.matches(value:, filename: nil, options: {}) ⇒ Object 



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/entitlements/extras/ldap_group/rules/ldap_group.rb', line 24

def self.matches(value:, filename: nil, options: {})
  Entitlements.cache[:ldap_cache] ||= {}
  Entitlements.cache[:ldap_cache][value] ||= begin
    entry = ldap.read(value)
    unless entry
      message = if filename
        "Failed to read ldap_group = #{value} (referenced in #{filename})"
      else
        # :nocov:
        "Failed to read ldap_group = #{value}"
        # :nocov:
      end
      raise Entitlements::Data::Groups::GroupNotFoundError, message
    end
    Entitlements::Service::LDAP.entry_to_group(entry)
  end
  Entitlements.cache[:ldap_cache][value].members(people_obj: Entitlements.cache[:people_obj])
end