Class: Adauth::AdObject

Inherits:

Object

• Object
• Adauth::AdObject

Includes:

Expects

Defined in:

lib/adauth/ad_object.rb

Overview

Active Directory Interface Object

Objects inherit from this class.

Provides all the common functions for Active Directory.

Direct Known Subclasses

Adauth::AdObjects::Computer, Adauth::AdObjects::Folder, Adauth::AdObjects::Group, Adauth::AdObjects::OU, Adauth::AdObjects::User

Class Method Summary

• .add_object_filter(filter) ⇒ Object

  Adds the object filter to the passed filter.

• .all ⇒ Object

  Returns all objects which have the ObjectClass of the inherited class.

• .filter(filter) ⇒ Object

  Returns all LDAP objects that match the given filter.

• .method_missing(method, *args) ⇒ Object
• .reverse_field(search) ⇒ Object
• .where(field, value) ⇒ Object

  Returns all the objects which match the supplied query.

Instance Method Summary

• #cn_groups_nested ⇒ Object

  The same as cn_groups, but with the parent groups included.

• #delete ⇒ Object

  Delete the object.

• #dn_ous ⇒ Object

  CSV Version of the ous list (can’t be pulled over from AD).

• #groups ⇒ Object

  Returns all the groups the object is a member of.

• #handle_field(field) ⇒ Object

  Handle the output for the given field.

• #initialize(ldap_object) ⇒ AdObject constructor

  Creates a new instance of the object and sets @ldap_object to the passed Net::LDAP entity.

• #is_a_member?(parent) ⇒ Boolean

  Checks to see if the object is a member of a given parent (though DN).

• #ldap_object ⇒ Object

  Allows direct access to @ldap_object.

• #members ⇒ Object

  Returns an array of member objects for this object.

• #method_missing(method, *args) ⇒ Object
• #modify(operations) ⇒ Object

  Runs a modify action on the current object, takes an aray of operations.

• #ous ⇒ Object

  Returns all the ous the object is in.

Constructor Details

#initialize(ldap_object) ⇒ AdObject

Creates a new instance of the object and sets @ldap_object to the passed Net::LDAP entity

# File 'lib/adauth/ad_object.rb', line 80

def initialize(ldap_object)
    expects ldap_object, Net::LDAP::Entry
    @ldap_object = ldap_object
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method, *args) ⇒ Object

# File 'lib/adauth/ad_object.rb', line 28

def method_missing(method, *args)
  field = self.class::Fields[method]
  return handle_field(field) if field
  return super
end

Class Method Details

.add_object_filter(filter) ⇒ Object

Adds the object filter to the passed filter

# File 'lib/adauth/ad_object.rb', line 75

def self.add_object_filter(filter)
  filter & self::ObjectFilter
end

.all ⇒ Object

Returns all objects which have the ObjectClass of the inherited class

# File 'lib/adauth/ad_object.rb', line 43

def self.all
    Adauth.logger.info(self.class.inspect) { "Searching for all objects matching filter \"#{self::ObjectFilter}\"" }
    Adauth::SearchResults.new(self.filter(self::ObjectFilter))
end

.filter(filter) ⇒ Object

Returns all LDAP objects that match the given filter

Use with add_object_filter to make sure that you only get objects that match the object you are querying though

# File 'lib/adauth/ad_object.rb', line 60

def self.filter(filter)
  results = []

  result = Adauth.connection.search(:filter => filter)

  raise 'Search returned NIL' if result == nil

  result.each do |entry|
    results << self.new(entry)
  end

  results
end

.method_missing(method, *args) ⇒ Object

# File 'lib/adauth/ad_object.rb', line 20

def self.method_missing(method, *args)
  return super unless method =~ /^find_by_/
  method_field = method.to_s.split("_").last
  field = self::Fields[method_field.to_sym]
  return super unless field
  self.where(field, args.first)
end

.reverse_field(search) ⇒ Object

# File 'lib/adauth/ad_object.rb', line 34

def self.reverse_field(search)
  hash = {}
  self::Fields.each do |k, v|
    hash[v] = k
  end
  return hash[search]
end

.where(field, value) ⇒ Object

Returns all the objects which match the supplied query

Uses ObjectFilter to restrict to the current object

# File 'lib/adauth/ad_object.rb', line 51

def self.where(field, value)
    search_filter = Net::LDAP::Filter.eq(field, value)
    Adauth.logger.info(self.class.inspect) { "Searching for all \"#{self::ObjectFilter}\" where #{field} = #{value}" }
    Adauth::SearchResults.new(filter(add_object_filter(search_filter)))
end

Instance Method Details

#cn_groups_nested ⇒ Object

The same as cn_groups, but with the parent groups included

# File 'lib/adauth/ad_object.rb', line 107

def cn_groups_nested
  @cn_groups_nested = cn_groups
  cn_groups.each do |group|
    ado = Adauth::AdObjects::Group.where('name', group).first
    if ado
      groups = convert_to_objects ado.cn_groups
      groups.each do |g|
        @cn_groups_nested.push g if !(@cn_groups_nested.include?(g))
      end
    end
  end
  return @cn_groups_nested
end

#delete ⇒ Object

Delete the object

# File 'lib/adauth/ad_object.rb', line 176

def delete
  Adauth.connection.delete(dn: @ldap_object.dn)
end

#dn_ous ⇒ Object

CSV Version of the ous list (can’t be pulled over from AD)

# File 'lib/adauth/ad_object.rb', line 133

def dn_ous
    unless @dn_ous
        @dn_ous = []
        @ldap_object.dn.split(/,/).each do |entry|
            @dn_ous.push entry.gsub(/OU=/, '').gsub(/CN=/,'') if entry =~ /OU=/ or entry == "CN=Users"
        end
    end
    @dn_ous
end

#groups ⇒ Object

Returns all the groups the object is a member of

# File 'lib/adauth/ad_object.rb', line 99

def groups
    unless @groups
        @groups = convert_to_objects(cn_groups)
    end
    @groups
end

#handle_field(field) ⇒ Object

Handle the output for the given field

# File 'lib/adauth/ad_object.rb', line 91

def handle_field(field)
  case field
    when Symbol then return return_symbol_value(field)
    when Array then return  @ldap_object.send(field.first).collect(&field.last)
  end
end

#is_a_member?(parent) ⇒ Boolean

Checks to see if the object is a member of a given parent (though DN)

Returns:

• (Boolean)

# File 'lib/adauth/ad_object.rb', line 166

def is_a_member?(parent)
  my_split_dn = @ldap_object.dn.split(",")
  parent_split_dn = parent.ldap_object.dn.split(",")
  if (my_split_dn.count - 1) == parent_split_dn.count
    return true if my_split_dn[1] == parent_split_dn[0]
  end
  return false
end

#ldap_object ⇒ Object

Allows direct access to @ldap_object

# File 'lib/adauth/ad_object.rb', line 86

def ldap_object
    @ldap_object
end

#members ⇒ Object

Returns an array of member objects for this object

# File 'lib/adauth/ad_object.rb', line 153

def members
    unless @members
        @members = []
        [Adauth::AdObjects::Computer, Adauth::AdObjects::OU, Adauth::AdObjects::User, Adauth::AdObjects::Group].each do |object|
            object.all.each do |entity|
                @members.push entity if entity.is_a_member?(self)
            end
        end
    end
    @members
end

#modify(operations) ⇒ Object

Runs a modify action on the current object, takes an aray of operations

# File 'lib/adauth/ad_object.rb', line 144

def modify(operations)
  Adauth.logger.info(self.class.inspect) { "Attempting modify operation" }
  unless Adauth.connection.modify :dn => @ldap_object.dn, :operations => operations
    Adauth.logger.fatal(self.class.inspect) { "Modify Operation Failed! Code: #{Adauth.connection.get_operation_result.code} Message: #{Adauth.connection.get_operation_result.message}" }
    raise 'Modify Operation Failed (see log for details)'
  end
end

#ous ⇒ Object

Returns all the ous the object is in

# File 'lib/adauth/ad_object.rb', line 122

def ous
    unless @ous
        @ous = []
        @ldap_object.dn.split(/,/).each do |entry|
            @ous.push Adauth::AdObjects::OU.where('name', entry.gsub(/OU=/, '')).first if entry =~ /OU=/
        end
    end
    @ous
end