Class: Net::LDAP::Entry

Inherits:
Object
  • Object
show all
Defined in:
lib/socialcast/net_ldap_ext.rb

Instance Method Summary collapse

Instance Method Details

#build_xml_from_mappings(user, ldap_connection, mappings = {}, permission_mappings = {}) ⇒ Object 



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/socialcast/net_ldap_ext.rb', line 34

def build_xml_from_mappings(user, ldap_connection, mappings = {}, permission_mappings = {})
  primary_attributes = %w{unique_identifier first_name last_name employee_number}
  primary_attributes.each do |attribute|
    next unless mappings.has_key?(attribute)
    user.tag! attribute, grab(mappings[attribute])
  end

  contact_attributes = %w{email location cell_phone office_phone}
  user.tag! 'contact-info' do |contact_info|
   contact_attributes.each do |attribute|
      next unless mappings.has_key?(attribute)
      contact_info.tag! attribute, grab(mappings[attribute])
    end
  end

  custom_attributes = mappings.keys - (primary_attributes + contact_attributes)
  user.tag! 'custom-fields', :type => "array" do |custom_fields|
    custom_attributes.each do |attribute|
      custom_fields.tag! 'custom-field' do |custom_field|
        if attribute == 'manager'
          custom_field.id 'manager_email'
          custom_field.label 'manager_email'
          custom_field.value dereference_mail(ldap_connection, mappings[attribute], mappings['email'])
        else
          custom_field.id attribute
          custom_field.label attribute
          custom_field.value grab(mappings[attribute])
        end
      end
    end
  end

  membership_attribute = permission_mappings.fetch 'attribute_name', 'memberof'
  memberships = self[membership_attribute]
  external_ldap_groups = Array.wrap(permission_mappings.fetch('account_types', {})['external'])
  if external_ldap_groups.any? { |external_ldap_group| memberships.include?(external_ldap_group) }
    user.tag! 'account-type', 'external'
  else
    user.tag! 'account-type', 'member'
    if permission_roles_mappings = permission_mappings['roles']
      user.tag! 'roles', :type => 'array' do |roles|
        permission_roles_mappings.each_pair do |socialcast_role, ldap_groups|
          Array.wrap(ldap_groups).each do |ldap_group|
            if memberships.include?(ldap_group)
              roles.role socialcast_role
              break
            end
          end
        end
      end
    end
  end
end

#dereference_mail(ldap_connection, dn_field, mail_attribute) ⇒ Object 



27
28
29
30
31
32
 
# File 'lib/socialcast/net_ldap_ext.rb', line 27

def dereference_mail(ldap_connection, dn_field, mail_attribute)
  dn = grab(dn_field)
  ldap_connection.search(:base => dn, :scope => Net::LDAP::SearchScope_BaseObject) do |entry|
    return entry.grab(mail_attribute)
  end
end

#grab(attribute) ⇒ Object

grab a single value of an attribute abstracts away ldap multivalue attributes



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/socialcast/net_ldap_ext.rb', line 7

def grab(attribute)
  attribute = begin
    attribute.camelize.constantize
  rescue NameError
    attribute
  end

  case attribute
  when Hash
    dup_attribute = attribute.dup
    value = dup_attribute.delete("value")
    value % Hash[dup_attribute.map {|k,v| [k, grab(v)]}].symbolize_keys
  when String
    Array.wrap(self[attribute]).compact.first
  when Class, Module
    return nil unless attribute.respond_to?(:run)
    attribute.run(self)
  end
end