Class: Gitlab::LDAP::Adapter

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/ldap/adapter.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(provider, ldap = nil) ⇒ Adapter

Returns a new instance of Adapter


16
17
18
19
# File 'lib/gitlab/ldap/adapter.rb', line 16

def initialize(provider, ldap=nil)
  @provider = provider
  @ldap = ldap || Net::LDAP.new(config.adapter_options)
end

Instance Attribute Details

#ldapObject (readonly)

Returns the value of attribute ldap


4
5
6
# File 'lib/gitlab/ldap/adapter.rb', line 4

def ldap
  @ldap
end

#providerObject (readonly)

Returns the value of attribute provider


4
5
6
# File 'lib/gitlab/ldap/adapter.rb', line 4

def provider
  @provider
end

Class Method Details

.config(provider) ⇒ Object


12
13
14
# File 'lib/gitlab/ldap/adapter.rb', line 12

def self.config(provider)
  Gitlab::LDAP::Config.new(provider)
end

.open(provider, &block) ⇒ Object


6
7
8
9
10
# File 'lib/gitlab/ldap/adapter.rb', line 6

def self.open(provider, &block)
  Net::LDAP.open(config(provider).adapter_options) do |ldap|
    block.call(self.new(provider, ldap))
  end
end

Instance Method Details

#configObject


21
22
23
# File 'lib/gitlab/ldap/adapter.rb', line 21

def config
  Gitlab::LDAP::Config.new(provider)
end

#dn_matches_filter?(dn, filter) ⇒ Boolean

Returns:

  • (Boolean)

65
66
67
68
69
70
# File 'lib/gitlab/ldap/adapter.rb', line 65

def dn_matches_filter?(dn, filter)
  ldap_search(base: dn,
              filter: filter,
              scope: Net::LDAP::SearchScope_BaseObject,
              attributes: %w{dn}).any?
end

#ldap_search(*args) ⇒ Object


72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# File 'lib/gitlab/ldap/adapter.rb', line 72

def ldap_search(*args)
  # Net::LDAP's `time` argument doesn't work. Use Ruby `Timeout` instead.
  Timeout.timeout(config.timeout) do
    results = ldap.search(*args)

    if results.nil?
      response = ldap.get_operation_result

      unless response.code.zero?
        Rails.logger.warn("LDAP search error: #{response.message}")
      end

      []
    else
      results
    end
  end
rescue Timeout::Error
  Rails.logger.warn("LDAP search timed out after #{config.timeout} seconds")
  []
end

#user(*args) ⇒ Object


61
62
63
# File 'lib/gitlab/ldap/adapter.rb', line 61

def user(*args)
  users(*args).first
end

#users(field, value, limit = nil) ⇒ Object


25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'lib/gitlab/ldap/adapter.rb', line 25

def users(field, value, limit = nil)
  if field.to_sym == :dn
    options = {
      base: value,
      scope: Net::LDAP::SearchScope_BaseObject
    }
  else
    options = {
      base: config.base,
      filter: Net::LDAP::Filter.eq(field, value)
    }
  end

  if config.user_filter.present?
    user_filter = Net::LDAP::Filter.construct(config.user_filter)

    options[:filter] = if options[:filter]
                         Net::LDAP::Filter.join(options[:filter], user_filter)
                       else
                         user_filter
                       end
  end

  if limit.present?
    options.merge!(size: limit)
  end

  entries = ldap_search(options).select do |entry|
    entry.respond_to? config.uid
  end

  entries.map do |entry|
    Gitlab::LDAP::Person.new(entry, provider)
  end
end