Class: Ldap::RubyLdapFacade
- Inherits:
-
Object
- Object
- Ldap::RubyLdapFacade
- Includes:
- Slf4r::Logger
- Defined in:
- lib/ldap/unboundid_ldap_facade.rb,
lib/ldap/ruby_ldap_facade.rb
Overview
end
Class Method Summary collapse
Instance Method Summary collapse
- #authenticate(dn, password) ⇒ Object
-
#base(treebase = nil, ldap_base = @ldap2.base) ⇒ Object
helper to concat the base from the various parts.
-
#create_object(dn_prefix, treebase, key_field, props, silence = false) ⇒ Object
Nil in case of an error or the new id of the created object.
-
#delete_object(dn_prefix, treebase) ⇒ Object
Nil in case of an error or true.
-
#dn(dn_prefix, treebase) ⇒ Object
helper to concat the dn from the various parts.
-
#initialize(config) ⇒ RubyLdapFacade
constructor
A new instance of RubyLdapFacade.
-
#read_objects(treebase, key_fields, conditions, field_names, order_field = '') ⇒ Object
Array of Hashes with a name/values pair for each attribute.
- #retrieve_next_id(treebase, key_field) ⇒ Object
-
#update_object(dn_prefix, treebase, actions) ⇒ Object
Nil in case of an error or true.
Constructor Details
#initialize(config) ⇒ RubyLdapFacade
Returns a new instance of RubyLdapFacade.
34 35 36 37 38 39 40 41 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 34 def initialize(config) if config.is_a? Hash @ldap2 = Connection.new(config) @ldap2.bind(config[:auth][:username], config[:auth][:password]) else @ldap2 = config end end |
Class Method Details
.open(config) {|ldap| ... } ⇒ Object
24 25 26 27 28 29 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 24 def self.open(config) ldap2 = Connection.new(config) ldap2.bind(config[:auth][:username], config[:auth][:password]) do |ldap| yield ldap end end |
Instance Method Details
#authenticate(dn, password) ⇒ Object
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 164 def authenticate(dn, password) bound = false ldap_con = LDAP::Conn.new(@ldap2.host, @ldap2.port) ldap_con.set_option( LDAP::LDAP_OPT_PROTOCOL_VERSION, 3 ) begin ldap_con.bind(dn, password, LDAP::LDAP_AUTH_SIMPLE) do bound = true end rescue LDAP::ResultError => msg if msg.to_s =~ /Invalid\ credentials/i logger.info("Invalid Credentials: #{dn}") else logger.warn "Authentication Error: #{msg.to_s}" end end bound end |
#base(treebase = nil, ldap_base = @ldap2.base) ⇒ Object
helper to concat the base from the various parts
194 195 196 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 194 def base(treebase = nil, ldap_base = @ldap2.base) [ treebase, ldap_base ].compact.join(",") end |
#create_object(dn_prefix, treebase, key_field, props, silence = false) ⇒ Object
Returns nil in case of an error or the new id of the created object.
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 60 def create_object(dn_prefix, treebase, key_field, props, silence = false) mods = props.collect do |k,v| LDAP.mod(LDAP::LDAP_MOD_ADD, k.to_s, v.is_a?(::Array) ? v : [v.to_s] ) end if @ldap2.add( dn(dn_prefix, treebase), mods) props[key_field.to_sym] else unless silence msg = ldap_error("create", dn(dn_prefix, treebase)) + "\n\t#{props.inspect}" # TODO maybe raise always an error if @ldap2.get_operation_result.code.to_s == "68" raise ::DataMapper::PersistenceError.new(msg) else logger.warn(msg) end end nil end end |
#delete_object(dn_prefix, treebase) ⇒ Object
Returns nil in case of an error or true.
150 151 152 153 154 155 156 157 158 159 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 150 def delete_object(dn_prefix, treebase) if @ldap2.delete( dn(dn_prefix, treebase) ) true else logger.warn(ldap_error("delete", dn(dn_prefix, treebase))) nil end end |
#dn(dn_prefix, treebase) ⇒ Object
helper to concat the dn from the various parts
186 187 188 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 186 def dn(dn_prefix, treebase) [ dn_prefix, base(treebase) ].compact.join(",") end |
#read_objects(treebase, key_fields, conditions, field_names, order_field = '') ⇒ Object
Returns Array of Hashes with a name/values pair for each attribute.
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 85 def read_objects(treebase, key_fields, conditions, field_names, order_field = '') if !conditions.nil? and conditions.size > 0 filter = Conditions2Filter.convert(conditions).to_s else filter = "(objectclass=*)" end searchbase = base(treebase) # If there is a :dn in the filter skip everything and look it up if dn = conditions.detect { |c| c[1] == "dn" } then searchbase = dn[2] filter = nil end result = [] begin @ldap2.search(searchbase, LDAP::LDAP_SCOPE_SUBTREE, filter, field_names, false, 0, 0, order_field) do |res| mapp = to_map(field_names, res) # TODO maybe make filter which removes this unless # TODO move this into the ldap_Adapter to make it more general, so that # all field with Integer gets converted, etc # NOTE: somehow the fields are downcase coming from query.model result << mapp if key_fields.detect do |key_field| mapp.keys.detect {|k| k.to_s.downcase == key_field.downcase } end end end result end |
#retrieve_next_id(treebase, key_field) ⇒ Object
43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 43 def retrieve_next_id(treebase, key_field) max = 0 @ldap2.search(base(treebase), LDAP::LDAP_SCOPE_SUBTREE, "(objectclass=*)", [key_field]) do |entry| n = (entry.vals(key_field) || [0]).first.to_i max = n if max < n end max + 1 end |
#update_object(dn_prefix, treebase, actions) ⇒ Object
Returns nil in case of an error or true.
125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 |
# File 'lib/ldap/ruby_ldap_facade.rb', line 125 def update_object(dn_prefix, treebase, actions) mods = actions.collect do |act| mod_op = case act[0] when :add LDAP::LDAP_MOD_ADD when :replace LDAP::LDAP_MOD_REPLACE when :delete LDAP::LDAP_MOD_DELETE end LDAP.mod(mod_op, act[1].to_s, act[2] == [] ? [] : [act[2].to_s]) end if @ldap2.modify( dn(dn_prefix, treebase), mods ) true else logger.warn(ldap_error("update", dn(dn_prefix, treebase) + "\n\t#{actions.inspect}")) nil end end |