Class: Gitlab::Auth::Ldap::Adapter

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/auth/ldap/adapter.rb

Constant Summary collapse

SEARCH_RETRY_FACTOR =
[1, 1, 2, 3].freeze
MAX_SEARCH_RETRIES =
Rails.env.test? ? 1 : SEARCH_RETRY_FACTOR.size.freeze

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(provider, ldap = nil) ⇒ Adapter

Returns a new instance of Adapter.


22
23
24
25
# File 'lib/gitlab/auth/ldap/adapter.rb', line 22

def initialize(provider, ldap = nil)
  @provider = provider
  @ldap = ldap || renew_connection_adapter
end

Instance Attribute Details

#ldapObject (readonly)

Returns the value of attribute ldap


10
11
12
# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def ldap
  @ldap
end

#providerObject (readonly)

Returns the value of attribute provider


10
11
12
# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def provider
  @provider
end

Class Method Details

.config(provider) ⇒ Object


18
19
20
# File 'lib/gitlab/auth/ldap/adapter.rb', line 18

def self.config(provider)
  Gitlab::Auth::Ldap::Config.new(provider)
end

.open(provider, &block) ⇒ Object


12
13
14
15
16
# File 'lib/gitlab/auth/ldap/adapter.rb', line 12

def self.open(provider, &block)
  Net::LDAP.open(config(provider).adapter_options) do |ldap|
    block.call(self.new(provider, ldap))
  end
end

Instance Method Details

#configObject


27
28
29
# File 'lib/gitlab/auth/ldap/adapter.rb', line 27

def config
  Gitlab::Auth::Ldap::Config.new(provider)
end

#dn_matches_filter?(dn, filter) ⇒ Boolean

Returns:

  • (Boolean)

40
41
42
43
44
45
# File 'lib/gitlab/auth/ldap/adapter.rb', line 40

def dn_matches_filter?(dn, filter)
  ldap_search(base: dn,
              filter: filter,
              scope: Net::LDAP::SearchScope_BaseObject,
              attributes: %w{dn}).any?
end

#ldap_search(*args) ⇒ Object


47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/gitlab/auth/ldap/adapter.rb', line 47

def ldap_search(*args)
  retries ||= 0

  # Net::LDAP's `time` argument doesn't work. Use Ruby `Timeout` instead.
  Timeout.timeout(timeout_time(retries)) do
    results = ldap.search(*args)

    if results.nil?
      response = ldap.get_operation_result

      unless response.code == 0
        Gitlab::AppLogger.warn("LDAP search error: #{response.message}")
      end

      []
    else
      results
    end
  end
rescue Net::LDAP::Error, Timeout::Error => error
  retries += 1
  error_message = connection_error_message(error)

  Gitlab::AppLogger.warn(error_message)

  if retries < MAX_SEARCH_RETRIES
    renew_connection_adapter
    retry
  else
    raise LdapConnectionError, error_message
  end
end

#user(*args) ⇒ Object


36
37
38
# File 'lib/gitlab/auth/ldap/adapter.rb', line 36

def user(*args)
  users(*args).first
end

#users(fields, value, limit = nil) ⇒ Object


31
32
33
34
# File 'lib/gitlab/auth/ldap/adapter.rb', line 31

def users(fields, value, limit = nil)
  options = user_options(Array(fields), value, limit)
  users_search(options)
end