Class: Entitlements::Extras::LDAPGroup::Rules::LDAPGroup
- Inherits:
-
Data::Groups::Calculated::Rules::Base
- Object
- Data::Groups::Calculated::Rules::Base
- Entitlements::Extras::LDAPGroup::Rules::LDAPGroup
- Includes:
- Contracts::Core
- Defined in:
- lib/entitlements/extras/ldap_group/rules/ldap_group.rb
Constant Summary collapse
- C =
::Contracts
Class Method Summary collapse
Class Method Details
.ldap ⇒ Object
50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/entitlements/extras/ldap_group/rules/ldap_group.rb', line 50 def self.ldap @ldap ||= begin config = Entitlements::Extras::LDAPGroup::Base.config opts = { addr: config.fetch("ldap_uri"), binddn: config.fetch("ldap_binddn"), bindpw: config.fetch("ldap_bindpw"), ca_file: config.fetch("ldap_ca_file", ENV["LDAP_CACERT"]), person_dn_format: config.fetch("person_dn_format") } opts[:disable_ssl_verification] = true if config.fetch("disable_ssl_verification", false) Entitlements::Service::LDAP.new_with_cache(opts) end end |
.matches(value:, filename: nil, options: {}) ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/entitlements/extras/ldap_group/rules/ldap_group.rb', line 24 def self.matches(value:, filename: nil, options: {}) Entitlements.cache[:ldap_cache] ||= {} Entitlements.cache[:ldap_cache][value] ||= begin entry = ldap.read(value) unless entry = if filename "Failed to read ldap_group = #{value} (referenced in #{filename})" else # :nocov: "Failed to read ldap_group = #{value}" # :nocov: end raise Entitlements::Data::Groups::GroupNotFoundError, end Entitlements::Service::LDAP.entry_to_group(entry) end Entitlements.cache[:ldap_cache][value].members(people_obj: Entitlements.cache[:people_obj]) end |