Class: Puppet::Node::Ldap

Inherits:

Indirector::Ldap

• Object
• Indirector::Terminus
• Indirector::Ldap
• Puppet::Node::Ldap

Defined in:

lib/puppet/indirector/node/ldap.rb

Constant Summary

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Constants included from Util::Docs

Util::Docs::HEADER_LEVELS

Instance Attribute Summary

Attributes included from Util::Docs

#doc, #nodoc

Instance Method Summary

• #class_attributes ⇒ Object

  The attributes that Puppet class information is stored in.

• #entry2hash(entry, fqdn = false) ⇒ Object

  Convert the found entry into a simple hash.

• #find(request) ⇒ Object

  Look for our node in ldap.

• #name2hash(name) ⇒ Object

  Separate this out so it’s relatively atomic.

• #parent_attribute ⇒ Object

  The parent attribute, if we have one.

• #search(request) ⇒ Object

  Find more than one node.

• #search_attributes ⇒ Object

  Default to all attributes.

• #search_filter(name) ⇒ Object

  The ldap search filter to use.

• #stacked_attributes ⇒ Object

  The attributes that Puppet will stack as array over the full hierarchy.

Methods inherited from Indirector::Ldap

#connection, #ldapsearch, #process, #search_base

Methods inherited from Indirector::Terminus

abstract_terminus?, #allow_remote_requests?, const2name, #indirection, indirection_name, inherited, #initialize, mark_as_abstract_terminus, model, #model, #name, name2const, register_terminus_class, terminus_class, terminus_classes, #terminus_type, #validate, #validate_key, #validate_model

Methods included from Util::InstanceLoader

#instance_docs, #instance_hash, #instance_load, #instance_loader, #instance_loading?, #loaded_instance, #loaded_instances

Methods included from Util

absolute_path?, benchmark, chuser, clear_environment, default_env, deterministic_rand, deterministic_rand_int, exit_on_fail, get_env, get_environment, logmethods, merge_environment, path_to_uri, pretty_backtrace, replace_file, safe_posix_fork, set_env, symbolizehash, thinmark, uri_encode, uri_query_encode, uri_to_path, which, withenv, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::SymbolicFileMode

#normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Methods included from Util::Docs

#desc, #dochook, #doctable, #markdown_definitionlist, #markdown_header, #nodoc?, #pad, scrub

Constructor Details

This class inherits a constructor from Puppet::Indirector::Terminus

Instance Method Details

#class_attributes ⇒ Object

The attributes that Puppet class information is stored in.

# File 'lib/puppet/indirector/node/ldap.rb', line 11

def class_attributes
  Puppet[:ldapclassattrs].split(/\s*,\s*/)
end

#entry2hash(entry, fqdn = false) ⇒ Object

Convert the found entry into a simple hash.

# File 'lib/puppet/indirector/node/ldap.rb', line 85

def entry2hash(entry, fqdn = false)
  result = {}

  cn  = entry.dn[     /cn\s*=\s*([^,\s]+)/i,1]
  dcs = entry.dn.scan(/dc\s*=\s*([^,\s]+)/i)
  result[:name]    = fqdn ? ([cn]+dcs).join('.') : cn
  result[:parent] = get_parent_from_entry(entry) if parent_attribute
  result[:classes] = get_classes_from_entry(entry)
  result[:stacked] = get_stacked_values_from_entry(entry)
  result[:parameters] = get_parameters_from_entry(entry)

  result[:environment] = result[:parameters]["environment"] if result[:parameters]["environment"]

  result[:stacked_parameters] = {}

  if result[:stacked]
    result[:stacked].each do |value|
      param = value.split('=', 2)
      result[:stacked_parameters][param[0]] = param[1]
    end
  end

  if result[:stacked_parameters]
    result[:stacked_parameters].each do |param, value|
      result[:parameters][param] = value unless result[:parameters].include?(param)
    end
  end

  result[:parameters] = convert_parameters(result[:parameters])

  result
end

#find(request) ⇒ Object

Look for our node in ldap.

# File 'lib/puppet/indirector/node/ldap.rb', line 28

def find(request)
  names = [request.key]
  names << request.key.sub(/\..+/, '') if request.key.include?(".") # we assume it's an fqdn
  names << "default"

  facts = request.options[:facts].is_a?(Puppet::Node::Facts) ? request.options[:facts] : nil

  node = nil
  names.each do |name|
    next unless info = name2hash(name)

    merge_parent(info) if info[:parent]
    info[:environment] ||= request.environment
    node = info2node(request.key, info, facts)
    break
  end

  node
end

#name2hash(name) ⇒ Object

Separate this out so it’s relatively atomic. It’s tempting to call process instead of name2hash() here, but it ends up being difficult to test because all exceptions get caught by ldapsearch. LAK:NOTE Unfortunately, the ldap support is too stupid to throw anything but LDAP::ResultError, even on bad connections, so we are rough-handed with our error handling.

# File 'lib/puppet/indirector/node/ldap.rb', line 21

def name2hash(name)
  info = nil
  ldapsearch(search_filter(name)) { |entry| info = entry2hash(entry) }
  info
end

#parent_attribute ⇒ Object

The parent attribute, if we have one.

# File 'lib/puppet/indirector/node/ldap.rb', line 70

def parent_attribute
  if pattr = Puppet[:ldapparentattr] and ! pattr.empty?
    pattr
  else
    nil
  end
end

#search(request) ⇒ Object

Find more than one node. LAK:NOTE This is a bit of a clumsy API, because the ‘search’ method currently requires a key. It seems appropriate in some cases but not others, and I don’t really know how to get rid of it as a requirement but allow it when desired.

# File 'lib/puppet/indirector/node/ldap.rb', line 51

def search(request)
  if classes = request.options[:class]
    classes = [classes] unless classes.is_a?(Array)
    filter = "(&(objectclass=puppetClient)(puppetclass=" + classes.join(")(puppetclass=") + "))"
  else
    filter = "(objectclass=puppetClient)"
  end

  infos = []
  ldapsearch(filter) { |entry| infos << entry2hash(entry, request.options[:fqdn]) }

  return infos.collect do |info|
    merge_parent(info) if info[:parent]
    info[:environment] ||= request.environment
    info2node(info[:name], info)
  end
end

#search_attributes ⇒ Object

Default to all attributes.

# File 'lib/puppet/indirector/node/ldap.rb', line 119

def search_attributes
  ldapattrs = Puppet[:ldapattrs]

  # results in everything getting returned
  return nil if ldapattrs == "all"

  search_attrs = class_attributes + ldapattrs.split(/\s*,\s*/)

  if pattr = parent_attribute
    search_attrs << pattr
  end

  search_attrs
end

#search_filter(name) ⇒ Object

The ldap search filter to use.

# File 'lib/puppet/indirector/node/ldap.rb', line 135

def search_filter(name)
  filter = Puppet[:ldapstring]

  if filter.include? "%s"
    # Don't replace the string in-line, since that would hard-code our node
    # info.
    filter = filter.gsub('%s', name)
  end
  filter
end

#stacked_attributes ⇒ Object

The attributes that Puppet will stack as array over the full hierarchy.

# File 'lib/puppet/indirector/node/ldap.rb', line 80

def stacked_attributes
  Puppet[:ldapstackedattrs].split(/\s*,\s*/)
end