Class: Gitlab::Auth::Ldap::Adapter

Inherits:

Object

• Object
• Gitlab::Auth::Ldap::Adapter

Defined in:

lib/gitlab/auth/ldap/adapter.rb

Constant Summary

SEARCH_RETRY_FACTOR =

[1, 1, 2, 3].freeze

MAX_SEARCH_RETRIES =

Rails.env.test? ? 1 : SEARCH_RETRY_FACTOR.size.freeze

Instance Attribute Summary

• #ldap ⇒ Object readonly

  Returns the value of attribute ldap.

• #provider ⇒ Object readonly

  Returns the value of attribute provider.

Class Method Summary

• .config(provider) ⇒ Object
• .open(provider, &block) ⇒ Object

Instance Method Summary

• #config ⇒ Object
• #dn_matches_filter?(dn, filter) ⇒ Boolean
• #initialize(provider, ldap = nil) ⇒ Adapter constructor

  A new instance of Adapter.

• #ldap_search(*args) ⇒ Object
• #user(*args) ⇒ Object
• #users(fields, value, limit = nil) ⇒ Object

Constructor Details

#initialize(provider, ldap = nil) ⇒ Adapter

Returns a new instance of Adapter.

# File 'lib/gitlab/auth/ldap/adapter.rb', line 22

def initialize(provider, ldap = nil)
  @provider = provider
  @ldap = ldap || renew_connection_adapter
end

Instance Attribute Details

#ldap ⇒ Object (readonly)

Returns the value of attribute ldap

# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def ldap
  @ldap
end

#provider ⇒ Object (readonly)

Returns the value of attribute provider

# File 'lib/gitlab/auth/ldap/adapter.rb', line 10

def provider
  @provider
end

Class Method Details

.config(provider) ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 18

def self.config(provider)
  Gitlab::Auth::Ldap::Config.new(provider)
end

.open(provider, &block) ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 12

def self.open(provider, &block)
  Net::LDAP.open(config(provider).adapter_options) do |ldap|
    block.call(self.new(provider, ldap))
  end
end

Instance Method Details

#config ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 27

def config
  Gitlab::Auth::Ldap::Config.new(provider)
end

#dn_matches_filter?(dn, filter) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/ldap/adapter.rb', line 40

def dn_matches_filter?(dn, filter)
  ldap_search(base: dn,
              filter: filter,
              scope: Net::LDAP::SearchScope_BaseObject,
              attributes: %w{dn}).any?
end

#ldap_search(*args) ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 47

def ldap_search(*args)
  retries ||= 0

  # Net::LDAP's `time` argument doesn't work. Use Ruby `Timeout` instead.
  Timeout.timeout(timeout_time(retries)) do
    results = ldap.search(*args)

    if results.nil?
      response = ldap.get_operation_result

      unless response.code == 0
        Gitlab::AppLogger.warn("LDAP search error: #{response.message}")
      end

      []
    else
      results
    end
  end
rescue Net::LDAP::Error, Timeout::Error => error
  retries += 1
  error_message = connection_error_message(error)

  Gitlab::AppLogger.warn(error_message)

  if retries < MAX_SEARCH_RETRIES
    renew_connection_adapter
    retry
  else
    raise LdapConnectionError, error_message
  end
end

#user(*args) ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 36

def user(*args)
  users(*args).first
end

#users(fields, value, limit = nil) ⇒ Object

# File 'lib/gitlab/auth/ldap/adapter.rb', line 31

def users(fields, value, limit = nil)
  options = user_options(Array(fields), value, limit)
  users_search(options)
end