Module: Hydra::LDAP
- Defined in:
- lib/hydra-ldap.rb,
lib/hydra/ldap/engine.rb,
lib/hydra/ldap/version.rb
Defined Under Namespace
Classes: Engine, GroupNotFound, MissingOwnerError, NoUsersError
Constant Summary
collapse
- VERSION =
"0.0.3"
Class Method Summary
collapse
Class Method Details
.add_users_to_group(group_code, users) ⇒ Object
94
95
96
97
98
99
100
101
|
# File 'lib/hydra-ldap.rb', line 94
def self.add_users_to_group(group_code, users)
invalidate_cache(group_code)
ops = []
users.each do |u|
ops << [:add, :member, "uid=#{u}"]
end
connection.modify(:dn=>dn(group_code), :operations=>ops)
end
|
.connection ⇒ Object
15
16
17
|
# File 'lib/hydra-ldap.rb', line 15
def self.connection
@ldap_conn ||= Net::LDAP.new(ldap_connection_config)
end
|
.create_group(code, description, owner, users) ⇒ Object
51
52
53
54
55
56
57
58
59
60
61
62
|
# File 'lib/hydra-ldap.rb', line 51
def self.create_group(code, description, owner, users)
raise NoUsersError, "Unable to persist a group without users" unless users.present?
raise MissingOwnerError, "Unable to persist a group without owner" unless owner
attributes = {
:cn => code,
:objectclass => "groupofnames",
:description => description,
:member=>users.map {|u| "uid=#{u}"},
:owner=>"uid=#{owner}"
}
connection.add(:dn=>dn(code), :attributes=>attributes)
end
|
.delete_group(code) ⇒ Object
64
65
66
|
# File 'lib/hydra-ldap.rb', line 64
def self.delete_group(code)
Hydra::LDAP.connection.delete(:dn=>dn(code))
end
|
.dn(code) ⇒ Object
47
48
49
|
# File 'lib/hydra-ldap.rb', line 47
def self.dn(code)
dn = "cn=#{code},#{group_base}"
end
|
.find_group(group_code) ⇒ Object
117
118
119
120
121
122
123
124
125
126
127
128
|
# File 'lib/hydra-ldap.rb', line 117
def self.find_group(group_code)
@cache ||= {}
return @cache[group_code] if @cache[group_code]
result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(cn=#{group_code}))"), :attributes=>['member', 'owner', 'description'])
val = {}
raise GroupNotFound, "Can't find group '#{group_code}' in ldap" unless result.first
result.first.each do |k, v|
val[k] = v
end
@cache[group_code] = val
end
|
.group_base ⇒ Object
39
40
41
|
# File 'lib/hydra-ldap.rb', line 39
def self.group_base
ldap_config[:group_base]
end
|
.groups_for_user(uid) ⇒ Object
same as ldapsearch -h ec2-107-20-53-121.compute-1.amazonaws.com -p 389 -x -b dc=example,dc=com -D “cn=admin,dc=example,dc=com” -W “(&(objectClass=groupofnames)(member=uid=vanessa))” cn
70
71
72
73
|
# File 'lib/hydra-ldap.rb', line 70
def self.groups_for_user(uid)
result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(member=uid=#{uid}))"), :attributes=>['cn'])
result.map{|r| r[:cn].first}
end
|
.groups_owned_by_user(uid) ⇒ Object
75
76
77
78
|
# File 'lib/hydra-ldap.rb', line 75
def self.groups_owned_by_user(uid)
result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(owner=uid=#{uid}))"), :attributes=>['cn'])
result.map{|r| r[:cn].first}
end
|
.invalidate_cache(group_code) ⇒ Object
112
113
114
115
|
# File 'lib/hydra-ldap.rb', line 112
def self.invalidate_cache(group_code)
@cache ||= {}
@cache[group_code] = nil
end
|
.ldap_config ⇒ Object
33
34
35
36
37
|
# File 'lib/hydra-ldap.rb', line 33
def self.ldap_config
root = defined?(Rails) ? Rails.root : '.'
env = defined?(Rails) ? Rails.env : 'test'
@ldap_config ||= YAML::load(ERB.new(IO.read(File.join(root, 'config', 'hydra-ldap.yml'))).result)[env].with_indifferent_access
end
|
.ldap_connection_config ⇒ Object
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# File 'lib/hydra-ldap.rb', line 19
def self.ldap_connection_config
return @ldap_connection_config if @ldap_connection_config
@ldap_connection_config = {}
yml = ldap_config
@ldap_connection_config[:host] = yml[:host]
@ldap_connection_config[:port] = yml[:port]
if yml[:username] && yml[:password]
@ldap_connection_config[:auth]={:method=>:simple}
@ldap_connection_config[:auth][:username] = yml[:username]
@ldap_connection_config[:auth][:password] = yml[:password]
end
@ldap_connection_config
end
|
.owner_for_group(group_code) ⇒ Object
89
90
91
92
|
# File 'lib/hydra-ldap.rb', line 89
def self.owner_for_group(group_code)
result = find_group(group_code)
result[:owner].first.sub(/^uid=/, '')
end
|
.remove_users_from_group(group_code, users) ⇒ Object
103
104
105
106
107
108
109
110
|
# File 'lib/hydra-ldap.rb', line 103
def self.remove_users_from_group(group_code, users)
invalidate_cache(group_code)
ops = []
users.each do |u|
ops << [:delete, :member, "uid=#{u}"]
end
connection.modify(:dn=>dn(group_code), :operations=>ops)
end
|
.title_of_group(group_code) ⇒ Object
79
80
81
82
|
# File 'lib/hydra-ldap.rb', line 79
def self.title_of_group(group_code)
result = find_group(group_code)
result[:description].first
end
|
.treebase ⇒ Object
43
44
45
|
# File 'lib/hydra-ldap.rb', line 43
def self.treebase
ldap_config[:base]
end
|
.users_for_group(group_code) ⇒ Object
84
85
86
87
|
# File 'lib/hydra-ldap.rb', line 84
def self.users_for_group(group_code)
result = find_group(group_code)
result[:member].map { |v| v.sub(/^uid=/, '') }
end
|