Class: Gitlab::Auth::Ldap::Adapter

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/auth/ldap/adapter.rb

Constant Summary collapse

SEARCH_RETRY_FACTOR =
[1, 1, 2, 3].freeze
MAX_SEARCH_RETRIES =
Rails.env.test? ? 1 : SEARCH_RETRY_FACTOR.size

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(provider, ldap = nil) ⇒ Adapter

Returns a new instance of Adapter.


22
23
24
25
# File 'lib/gitlab/auth/ldap/adapter.rb', line 22

def initialize(provider, ldap = nil)
  @provider = provider
  @ldap = ldap || renew_connection_adapter
end

Instance Attribute Details

#ldapObject (readonly)

Returns the value of attribute ldap.


10
11
12
# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def ldap
  @ldap
end

#providerObject (readonly)

Returns the value of attribute provider.


10
11
12
# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def provider
  @provider
end

Class Method Details

.config(provider) ⇒ Object


18
19
20
# File 'lib/gitlab/auth/ldap/adapter.rb', line 18

def self.config(provider)
  Gitlab::Auth::Ldap::Config.new(provider)
end

.open(provider, &block) ⇒ Object


12
13
14
15
16
# File 'lib/gitlab/auth/ldap/adapter.rb', line 12

def self.open(provider, &block)
  Net::LDAP.open(config(provider).adapter_options) do |ldap|
    block.call(self.new(provider, ldap))
  end
end

Instance Method Details

#configObject


27
28
29
# File 'lib/gitlab/auth/ldap/adapter.rb', line 27

def config
  Gitlab::Auth::Ldap::Config.new(provider)
end

#dn_matches_filter?(dn, filter) ⇒ Boolean

Returns:

  • (Boolean)

40
41
42
43
44
45
# File 'lib/gitlab/auth/ldap/adapter.rb', line 40

def dn_matches_filter?(dn, filter)
  ldap_search(base: dn,
              filter: filter,
              scope: Net::LDAP::SearchScope_BaseObject,
              attributes: %w{dn}).any?
end

#ldap_search(*args) ⇒ Object


47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# File 'lib/gitlab/auth/ldap/adapter.rb', line 47

def ldap_search(*args)
  retries ||= 0

  # Net::LDAP's `time` argument doesn't work. Use Ruby `Timeout` instead.
  Timeout.timeout(timeout_time(retries)) do
    results = ldap.search(*args)

    if results.nil?
      response = ldap.get_operation_result
      check_empty_response_code(response)
      []
    else
      results
    end
  end
rescue Net::LDAP::Error, Timeout::Error => error
  retries += 1
  error_message = connection_error_message(error)

  Gitlab::AppLogger.warn(error_message)

  if retries < MAX_SEARCH_RETRIES
    renew_connection_adapter
    retry
  else
    raise LdapConnectionError, error_message
  end
end

#user(*args) ⇒ Object


36
37
38
# File 'lib/gitlab/auth/ldap/adapter.rb', line 36

def user(*args)
  users(*args).first
end

#users(fields, value, limit = nil) ⇒ Object


31
32
33
34
# File 'lib/gitlab/auth/ldap/adapter.rb', line 31

def users(fields, value, limit = nil)
  options = user_options(Array(fields), value, limit)
  users_search(options)
end