Class: LdapFluff::Generic
- Inherits:
-
Object
- Object
- LdapFluff::Generic
- Defined in:
- lib/ldap_fluff/generic.rb
Direct Known Subclasses
Defined Under Namespace
Classes: UnauthenticatedException
Instance Attribute Summary collapse
-
#ldap ⇒ Object
Returns the value of attribute ldap.
-
#member_service ⇒ Object
Returns the value of attribute member_service.
Instance Method Summary collapse
- #group_exists?(gid) ⇒ Boolean
- #groups_for_uid(uid) ⇒ Object
- #includes_cn?(cn) ⇒ Boolean
-
#initialize(config = {}) ⇒ Generic
constructor
A new instance of Generic.
-
#is_in_groups(uid, gids = [], all = true) ⇒ Object
returns whether a user is a member of ALL or ANY particular groups note: this method is much faster than groups_for_uid.
- #service_bind ⇒ Object
- #user_exists?(uid) ⇒ Boolean
- #users_for_gid(gid) ⇒ Object
Constructor Details
#initialize(config = {}) ⇒ Generic
Returns a new instance of Generic.
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# File 'lib/ldap_fluff/generic.rb', line 4 def initialize(config = {}) @ldap = Net::LDAP.new(:host => config.host, :base => config.base_dn, :port => config.port, :encryption => config.encryption, :instrumentation_service => config.instrumentation_service) @bind_user = config.service_user @bind_pass = config.service_pass @anon = config.anon_queries @attr_login = config.attr_login @base = config.base_dn @group_base = (config.group_base.empty? ? config.base_dn : config.group_base) @use_netgroups = config.use_netgroups @use_rfc4519_group_membership = config.use_rfc4519_group_membership @member_service = create_member_service(config) end |
Instance Attribute Details
#ldap ⇒ Object
Returns the value of attribute ldap.
2 3 4 |
# File 'lib/ldap_fluff/generic.rb', line 2 def ldap @ldap end |
#member_service ⇒ Object
Returns the value of attribute member_service.
2 3 4 |
# File 'lib/ldap_fluff/generic.rb', line 2 def member_service @member_service end |
Instance Method Details
#group_exists?(gid) ⇒ Boolean
29 30 31 32 33 34 35 |
# File 'lib/ldap_fluff/generic.rb', line 29 def group_exists?(gid) service_bind @member_service.find_group(gid) true rescue self.class::MemberService::GIDNotFoundException false end |
#groups_for_uid(uid) ⇒ Object
37 38 39 40 41 42 |
# File 'lib/ldap_fluff/generic.rb', line 37 def groups_for_uid(uid) service_bind @member_service.find_user_groups(uid) rescue self.class::MemberService::UIDNotFoundException [] end |
#includes_cn?(cn) ⇒ Boolean
70 71 72 73 |
# File 'lib/ldap_fluff/generic.rb', line 70 def includes_cn?(cn) filter = Net::LDAP::Filter.eq('cn', cn) @ldap.search(:base => @ldap.base, :filter => filter).present? end |
#is_in_groups(uid, gids = [], all = true) ⇒ Object
returns whether a user is a member of ALL or ANY particular groups note: this method is much faster than groups_for_uid
gids should be an array of group common names
returns true if owner is in ALL of the groups if all=true, otherwise returns true if owner is in ANY of the groups
59 60 61 62 63 64 65 66 67 68 |
# File 'lib/ldap_fluff/generic.rb', line 59 def is_in_groups(uid, gids = [], all = true) service_bind groups = @member_service.find_user_groups(uid).sort gids = gids.sort if all groups & gids == gids else (groups & gids).any? end end |
#service_bind ⇒ Object
75 76 77 78 79 80 |
# File 'lib/ldap_fluff/generic.rb', line 75 def service_bind unless @anon || bind?(@bind_user, @bind_pass, :search => false) raise UnauthenticatedException, "Could not bind to #{class_name} user #{@bind_user}" end end |
#user_exists?(uid) ⇒ Boolean
21 22 23 24 25 26 27 |
# File 'lib/ldap_fluff/generic.rb', line 21 def user_exists?(uid) service_bind @member_service.find_user(uid) true rescue self.class::MemberService::UIDNotFoundException false end |
#users_for_gid(gid) ⇒ Object
44 45 46 47 48 49 50 |
# File 'lib/ldap_fluff/generic.rb', line 44 def users_for_gid(gid) return [] unless group_exists?(gid) search = @member_service.find_group(gid).last method = select_member_method(search) return [] if method.nil? users_from_search_results(search, method) end |