Class: ActiveDirectory::User
Overview
Represents a User object within an Active Directory instance.
Constant Summary collapse
- ATTRIBUTES =
Attributes that we wish to pull from Active Directory for any User that can be located within the directory.
["displayName", # Name (e.g. "John Doe") "givenName", # Given (First) Name "sn", # Surname (Last) "distinguishedName", # DN of User "sAMAccountName", # Account Name "mail", # Primary E-Mail Address "manager", # DN Reference to Manager "directReports", # DN References to Minions "memberOf", # Group Membership "company", # Company Name "department", # Department Name "title", # Title "mobile", # Mobile Phone Number "telephoneNumber", # Primary Phone Number "streetAddress", # Street Address "l", # City "st", # State "postalCode", # Zip Code "co"]
Instance Attribute Summary collapse
-
#city ⇒ Object
readonly
City / Town.
-
#company ⇒ Object
readonly
Company Name.
-
#country ⇒ Object
readonly
Country.
-
#department ⇒ Object
readonly
Department Name.
-
#direct_reports ⇒ Object
readonly
Proxy for loading and returning the users who report directly to this user.
-
#dn ⇒ Object
readonly
Distinguished Name (DN).
-
#email ⇒ Object
readonly
Primary E-Mail Address.
-
#given_name ⇒ Object
readonly
Given Name (e.g. “John”).
-
#groups ⇒ Object
readonly
Proxy for loading and returning the group membership of this user.
-
#main_number ⇒ Object
readonly
Primary Phone Number.
-
#manager ⇒ Object
readonly
Proxy for loading and returning this users’ manager.
-
#mobile_number ⇒ Object
readonly
Mobile Number.
-
#name ⇒ Object
readonly
Display Name (e.g. “John Q. Public”).
-
#state ⇒ Object
readonly
State/Province.
-
#street_address ⇒ Object
readonly
Street Address.
-
#surname ⇒ Object
readonly
Surname (e.g. “Public”).
-
#title ⇒ Object
readonly
Job Title.
-
#username ⇒ Object
readonly
Account/Username (e.g. “jpublic”).
-
#zip ⇒ Object
readonly
Zip/Postal Code.
Instance Method Summary collapse
-
#authenticate(password) ⇒ Object
Attempts to authenticate the loaded user with the supplied password.
-
#initialize(identifier) ⇒ User
constructor
Attempts to load a User by a Distinguished Name (DN) or sAMAccountName.
-
#member_of?(group) ⇒ Boolean
Determines if the user is a member of the given group.
-
#to_s ⇒ Object
Conveniently return the name of the User if the object is called directly.
Methods inherited from Base
close, connect, connection, find, logger, reconnect
Constructor Details
#initialize(identifier) ⇒ User
Attempts to load a User by a Distinguished Name (DN) or sAMAccountName.
116 117 118 119 120 121 122 123 124 |
# File 'lib/active_directory/user.rb', line 116 def initialize(identifier) if (identifier =~ /(CN|cn)=/) != nil load_by_dn(identifier) else load_by_username(identifier) end end |
Instance Attribute Details
#city ⇒ Object (readonly)
City / Town
69 70 71 |
# File 'lib/active_directory/user.rb', line 69 def city @city end |
#company ⇒ Object (readonly)
Company Name
54 55 56 |
# File 'lib/active_directory/user.rb', line 54 def company @company end |
#country ⇒ Object (readonly)
Country
78 79 80 |
# File 'lib/active_directory/user.rb', line 78 def country @country end |
#department ⇒ Object (readonly)
Department Name
57 58 59 |
# File 'lib/active_directory/user.rb', line 57 def department @department end |
#direct_reports ⇒ Object (readonly)
Proxy for loading and returning the users who report directly to this user.
81 82 83 |
# File 'lib/active_directory/user.rb', line 81 def direct_reports @direct_reports end |
#dn ⇒ Object (readonly)
Distinguished Name (DN)
33 34 35 |
# File 'lib/active_directory/user.rb', line 33 def dn @dn end |
#email ⇒ Object (readonly)
Primary E-Mail Address
45 46 47 |
# File 'lib/active_directory/user.rb', line 45 def email @email end |
#given_name ⇒ Object (readonly)
Given Name (e.g. “John”)
39 40 41 |
# File 'lib/active_directory/user.rb', line 39 def given_name @given_name end |
#groups ⇒ Object (readonly)
Proxy for loading and returning the group membership of this user.
87 88 89 |
# File 'lib/active_directory/user.rb', line 87 def groups @groups end |
#main_number ⇒ Object (readonly)
Primary Phone Number
60 61 62 |
# File 'lib/active_directory/user.rb', line 60 def main_number @main_number end |
#manager ⇒ Object (readonly)
Proxy for loading and returning this users’ manager.
84 85 86 |
# File 'lib/active_directory/user.rb', line 84 def manager @manager end |
#mobile_number ⇒ Object (readonly)
Mobile Number
63 64 65 |
# File 'lib/active_directory/user.rb', line 63 def mobile_number @mobile_number end |
#name ⇒ Object (readonly)
Display Name (e.g. “John Q. Public”)
36 37 38 |
# File 'lib/active_directory/user.rb', line 36 def name @name end |
#state ⇒ Object (readonly)
State/Province
72 73 74 |
# File 'lib/active_directory/user.rb', line 72 def state @state end |
#street_address ⇒ Object (readonly)
Street Address
66 67 68 |
# File 'lib/active_directory/user.rb', line 66 def street_address @street_address end |
#surname ⇒ Object (readonly)
Surname (e.g. “Public”)
42 43 44 |
# File 'lib/active_directory/user.rb', line 42 def surname @surname end |
#title ⇒ Object (readonly)
Job Title
51 52 53 |
# File 'lib/active_directory/user.rb', line 51 def title @title end |
#username ⇒ Object (readonly)
Account/Username (e.g. “jpublic”)
48 49 50 |
# File 'lib/active_directory/user.rb', line 48 def username @username end |
#zip ⇒ Object (readonly)
Zip/Postal Code
75 76 77 |
# File 'lib/active_directory/user.rb', line 75 def zip @zip end |
Instance Method Details
#authenticate(password) ⇒ Object
Attempts to authenticate the loaded user with the supplied password. Returns true if the authentication attempt was successful.
130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 |
# File 'lib/active_directory/user.rb', line 130 def authenticate(password) # Clean up the password before we run it through our series of tests. password.strip! # If no password was specified, raise an exception. This check must # occur to avoid a huge security hole if anonymous bind is on - if this # check is not performed, someone can authenticate without providing a # password when anonymous bind is turned on. raise PasswordInvalid unless (!password.nil? and password.length > 0) # Clone our shared connection for isolated use in determining the # validity of our user's credentials. auth_connection = Base.connection.clone # Unbind the connection if it is already bound. auth_connection.unbind if auth_connection.bound? begin # Attempt to bind to the connection as the currently loaded user with # the supplied password. auth_connection.bind("#{@username}@#{@@server_settings[:domain]}", password) return true rescue LDAP::ResultError if ($!.to_s == "Invalid credentials") raise PasswordInvalid else raise end ensure auth_connection.unbind auth_connection = nil end return false end |
#member_of?(group) ⇒ Boolean
Determines if the user is a member of the given group. Returns true if the user is in the passed group.
218 219 220 |
# File 'lib/active_directory/user.rb', line 218 def member_of?(group) @groups.include?(group.dn) end |
#to_s ⇒ Object
Conveniently return the name of the User if the object is called directly.
176 177 178 |
# File 'lib/active_directory/user.rb', line 176 def to_s #:nodoc: @name end |