Method: OpenNebula::LdapAuth#get_groups

Defined in:
lib/opennebula/ldap_auth.rb

#get_groupsObject 



209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
 
# File 'lib/opennebula/ldap_auth.rb', line 209

def get_groups
    if @options[:rfc2307bis]
        ldap_groups = [@user['memberOf']].flatten
    else
        group_base = @options[:group_base] ? @options[:group_base] : @options[:base]
        filter = Net::LDAP::Filter.ex(@options[:group_field], @user[@options[:user_group_field]].first)
        ldap_groups = @ldap.search(
            :base       => group_base,
            :attributes => [ "dn" ],
            :filter     => filter
        ).map! { |entry| entry.dn }
    end

    groups = []
    ldap_groups.each do |group|
        if (g = in_hash_ignore_case?(@mapping, group))
            if !@options[:group_admin_group_dn].nil? and ldap_groups.any? {
                    |s| s.casecmp(@options[:group_admin_group_dn])==0
            }
                groups << "*#{@mapping[g]}"
            else
                groups << @mapping[g]
            end
        end
    end

    groups.delete(false)
    groups.compact.uniq
end