Class: Sinatra::ADAuth::User

Inherits:

Object

• Object
• Sinatra::ADAuth::User

Defined in:

lib/sinatra/ad_user.rb

Constant Summary

ATTR_SV =

ATTR_SV is for single valued attributes only. Generated readers will convert the value to a string before returning or calling your Proc.

{
  :login => :samaccountname,
  :first_name => :givenname,
  :last_name => :sn,
  :email => :mail
}

ATTR_MV =

ATTR_MV is for multi-valued attributes. Generated readers will always return an array.

{
  :groups => [ :memberof,
    # Get the simplified name of first-level groups.
    # TODO: Handle escaped special characters
    Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ]
}

Class Method Summary

• .authenticate(login, pass, conf_file = nil) ⇒ Object

  Automatically fail login if login or password are empty.

Instance Method Summary

• #full_name ⇒ Object
• #member_of?(group) ⇒ Boolean
• #name ⇒ Object

Class Method Details

.authenticate(login, pass, conf_file = nil) ⇒ Object

Automatically fail login if login or password are empty. Otherwise, try to initialize a Net::LDAP object and call its bind method. If successful, we find the LDAP entry for the user and initialize with it. Returns nil on failure.

# File 'lib/sinatra/ad_user.rb', line 78

def self.authenticate(login, pass, conf_file=nil)
  return nil if login.empty? or pass.empty?

  if ! self.read_conf(conf_file)
    return nil
  end
  conn = Net::LDAP.new :host => @@server,
    :port => @@port,
    :base => @@base,
    :auth => { :username => "#{login}@#{@@domain}",
      :password => pass,
      :method => :simple }
  if conn.bind and user = conn.search(:filter => "sAMAccountName=#{login}").first
    return self.new(user)
  else
    return nil
  end
  # If we don't rescue this, Net::LDAP is decidedly ungraceful about failing
  # to connect to the server. We'd prefer to say authentication failed.
rescue Net::LDAP::LdapError => e
  return nil
end

Instance Method Details

#full_name ⇒ Object

# File 'lib/sinatra/ad_user.rb', line 101

def full_name
  self.first_name + ' ' + self.last_name
end

#member_of?(group) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/sinatra/ad_user.rb', line 108

def member_of?(group)
  self.groups.include?(group)
end

#name ⇒ Object

# File 'lib/sinatra/ad_user.rb', line 104

def name
  self.first_name.gsub("[", "").gsub("]", "").gsub("\"", "")
end