Class: Entitlements::Data::People::LDAP
- Inherits:
-
Object
- Object
- Entitlements::Data::People::LDAP
show all
- Includes:
- Contracts::Core
- Defined in:
- lib/entitlements.rb,
lib/entitlements/data/people/ldap.rb
Constant Summary
collapse
- C =
::Contracts
- PEOPLE_ATTRIBUTES =
%w[cn]
- UID_ATTRIBUTE =
"uid"
- PARAMETERS =
{
"base" => { required: true, type: String },
"ldap_binddn" => { required: true, type: String },
"ldap_bindpw" => { required: true, type: String },
"ldap_uri" => { required: true, type: String },
"ldap_ca_file" => { required: false, type: String },
"person_dn_format" => { required: true, type: String },
"disable_ssl_verification" => { required: false, type: [FalseClass, TrueClass] },
"additional_attributes" => { required: false, type: Array },
"uid_attribute" => { required: false, type: String }
}
Class Method Summary
collapse
Instance Method Summary
collapse
common, extended, included
Constructor Details
#initialize(ldap:, people_ou:, uid_attr: UID_ATTRIBUTE, people_attr: PEOPLE_ATTRIBUTES) ⇒ LDAP
Returns a new instance of LDAP.
94
95
96
97
98
99
|
# File 'lib/entitlements/data/people/ldap.rb', line 94
def initialize(ldap:, people_ou:, uid_attr: UID_ATTRIBUTE, people_attr: PEOPLE_ATTRIBUTES)
@ldap = ldap
@people_ou = people_ou
@uid_attr = uid_attr
@people_attr = people_attr
end
|
Class Method Details
.fingerprint(config) ⇒ Object
37
38
39
|
# File 'lib/entitlements/data/people/ldap.rb', line 37
def self.fingerprint(config)
PARAMETERS.keys.map { |key| config[key].inspect }.join("||")
end
|
.new_from_config(config) ⇒ Object
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# File 'lib/entitlements/data/people/ldap.rb', line 50
def self.new_from_config(config)
new(
ldap: Entitlements::Service::LDAP.new_with_cache(
addr: config.fetch("ldap_uri"),
binddn: config.fetch("ldap_binddn"),
bindpw: config.fetch("ldap_bindpw"),
ca_file: config.fetch("ldap_ca_file", ENV["LDAP_CACERT"]),
disable_ssl_verification: config.fetch("ldap_disable_ssl_verification", false),
person_dn_format: config.fetch("person_dn_format")
),
people_ou: config.fetch("base"),
uid_attr: config.fetch("uid_attribute", UID_ATTRIBUTE),
people_attr: config.fetch("additional_attributes", PEOPLE_ATTRIBUTES)
)
end
|
.validate_config!(key, config) ⇒ Object
75
76
77
78
|
# File 'lib/entitlements/data/people/ldap.rb', line 75
def self.validate_config!(key, config)
text = "LDAP people configuration for data source #{key.inspect}"
Entitlements::Util::Util.validate_attr!(PARAMETERS, config, text)
end
|
Instance Method Details
#read(uid = nil) ⇒ Object
107
108
109
110
111
112
113
114
115
116
117
118
|
# File 'lib/entitlements/data/people/ldap.rb', line 107
def read(uid = nil)
@people ||= begin
Entitlements.logger.debug "Loading people from LDAP"
ldap.search(base: people_ou, filter: Net::LDAP::Filter.eq(uid_attr, "*"), attrs: people_attr.sort)
.map { |person_dn, entry| [Entitlements::Util::Util.first_attr(person_dn).downcase, entry_to_person(entry)] }
.to_h
end
return @people if uid.nil?
return @people[uid.downcase] if @people[uid.downcase]
raise Entitlements::Data::People::NoSuchPersonError, "read(#{uid.inspect}) matched no known person"
end
|