Class: AuthSourceLdap

Inherits:
AuthSource
  • Object
show all
Defined in:
app/models/auth_source_ldap.rb

Instance Method Summary collapse

Methods inherited from AuthSource

#account_password, #account_password=, allow_password_changes?, #allow_password_changes?, authenticate, search

Methods included from Redmine::Ciphering

cipher_key, decrypt_text, encrypt_text, included, logger

Methods included from Redmine::SubclassFactory

included

Constructor Details

#initialize(attributes = nil, *args) ⇒ AuthSourceLdap


33
34
35
36
# File 'app/models/auth_source_ldap.rb', line 33

def initialize(attributes=nil, *args)
  super
  self.port = 389 if self.port == 0
end

Instance Method Details

#auth_method_nameObject


62
63
64
# File 'app/models/auth_source_ldap.rb', line 62

def auth_method_name
  "LDAP"
end

#authenticate(login, password) ⇒ Object


38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'app/models/auth_source_ldap.rb', line 38

def authenticate(, password)
  return nil if .blank? || password.blank?

  with_timeout do
    attrs = get_user_dn(, password)
    if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
      logger.debug "Authentication successful for '#{}'" if logger && logger.debug?
      return attrs.except(:dn)
    end
  end
rescue Net::LDAP::LdapError => e
  raise AuthSourceException.new(e.message)
end

#search(q) ⇒ Object

Searches the source for users and returns an array of results


72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'app/models/auth_source_ldap.rb', line 72

def search(q)
  q = q.to_s.strip
  return [] unless searchable? && q.present?

  results = []
  search_filter = base_filter & Net::LDAP::Filter.begins(self., q)
  ldap_con = initialize_ldap_con(self., self.)
  ldap_con.search(:base => self.base_dn,
                  :filter => search_filter,
                  :attributes => ['dn', self., self.attr_firstname, self.attr_lastname, self.attr_mail],
                  :size => 10) do |entry|
    attrs = get_user_attributes_from_ldap_entry(entry)
    attrs[:login] = AuthSourceLdap.get_attr(entry, self.)
    results << attrs
  end
  results
rescue Net::LDAP::LdapError => e
  raise AuthSourceException.new(e.message)
end

#searchable?Boolean

Returns true if this source can be searched for users


67
68
69
# File 'app/models/auth_source_ldap.rb', line 67

def searchable?
  !.to_s.include?("$login") && %w(login firstname lastname mail).all? {|a| send("attr_#{a}?")}
end

#test_connectionObject

test the connection to the LDAP


53
54
55
56
57
58
59
60
# File 'app/models/auth_source_ldap.rb', line 53

def test_connection
  with_timeout do
    ldap_con = initialize_ldap_con(self., self.)
    ldap_con.open { }
  end
rescue Net::LDAP::LdapError => e
  raise AuthSourceException.new(e.message)
end