ActiveSambaLdap 0.0.7

data/lib/active_samba_ldap/base.rb

@@ -0,0 +1,137 @@
+require 'active_samba_ldap/reloadable'
+
+module ActiveSambaLdap
+  class Error < StandardError
+    include ActiveSambaLdap::GetTextSupport
+  end
+
+  class MissingRequiredVariableError < Error
+    attr_reader :names
+    def initialize(names)
+      names = names.to_a
+      @names = names
+      super(n_("required variable is not set: %s",
+               "required variables are not set: %s",
+               names.size) % names.join(', '))
+    end
+
+    def name
+      @names.first
+    end
+  end
+
+  class UidNumberAlreadyExists < Error
+    attr_reader :number
+    def initialize(number)
+      @number = number
+      super(_("uid number already exists: %s") % number)
+    end
+  end
+
+  class GroupDoesNotExist < Error
+    attr_reader :name
+    def initialize(name)
+      @name = name
+      super(_("group doesn't exist: %s") % name)
+    end
+  end
+
+  class GidNumberAlreadyExists < Error
+    attr_reader :number
+    def initialize(number)
+      @number = number
+      super(_("gid number already exists: %s") % number)
+    end
+  end
+
+  class GidNumberDoesNotExist < Error
+    attr_reader :number
+    def initialize(number)
+      @number = number
+      super(_("gid number doesn't exist: %s") % number)
+    end
+  end
+
+  class GroupDoesNotHaveSambaSID < Error
+    attr_reader :number
+    def initialize(number)
+      @number = number
+      super(_("sambaSID attribute doesn't exist for gid number '%s'") % number)
+    end
+  end
+
+  class CanNotChangePrimaryGroup < Error
+    attr_reader :group, :members
+    def initialize(group, members)
+      @group = group
+      @members = members
+      format = _("cannot change primary group from '%s' to other group " \
+                 "due to no other belonged groups: %s")
+      super(format % [group, members.join(', ')])
+    end
+  end
+
+  class PrimaryGroupCanNotBeDestroyed < Error
+    attr_reader :group, :members
+    def initialize(group, members)
+      @group = group
+      @members = members
+      format = _("cannot destroy group '%s' due to members who belong " \
+                 "to the group as primary group: %s")
+      super(format % [group, members.join(', ')])
+    end
+  end
+
+  class InvalidConfigurationFormatError < Error
+    attr_reader :file, :location, :detail
+    def initialize(file, location, detail)
+      @file = file
+      @location = location
+      @detail = detail
+      format = _("found invalid configuration format at %s:%s: %s")
+      super(format % [file, location, detail])
+    end
+  end
+
+  class InvalidConfigurationValueError < Error
+    attr_reader :name, :value, :detail
+    def initialize(name, value, detail)
+      @name = name
+      @value = value
+      @detail = detail
+      format = _("the value of %s '%s' is invalid: %s")
+      super(format % [name, value.inspect, detail])
+    end
+  end
+
+  class NotSambaAavialableError < Error
+    attr_reader :object
+    def initialize(object)
+      @object = object
+      super(_("%s is not Samba available") % [object.inspect])
+    end
+  end
+
+  class Base < ActiveLdap::Base
+    include Reloadable
+
+    class << self
+      def restart_nscd
+        nscd_working = system("/etc/init.d/nscd status >/dev/null 2>&1")
+        system("/etc/init.d/nscd stop >/dev/null 2>&1") if nscd_working
+        yield if block_given?
+      ensure
+        system("/etc/init.d/nscd start >/dev/null 2>&1") if nscd_working
+      end
+
+      private
+      def extract_ldap_mapping_options(options)
+        extracted_options = {}
+        ActiveLdap::Base::VALID_LDAP_MAPPING_OPTIONS.each do |key|
+          extracted_options[key] = options[key] if options.has_key?(key)
+        end
+        extracted_options
+      end
+    end
+  end
+end

data/lib/active_samba_ldap/command.rb

@@ -0,0 +1,100 @@
+require 'optparse'
+require 'ostruct'
+
+require 'active_samba_ldap'
+
+module ActiveSambaLdap
+  module Command
+    include ActiveSambaLdap::GetTextSupport
+
+    module_function
+    def parse_options(argv=nil)
+      argv ||= ARGV.dup
+      options = OpenStruct.new
+      configuration_files = default_configuration_files
+      opts = OptionParser.new do |opts|
+        yield(opts, options)
+
+        opts.separator("")
+        opts.separator(_("Common options:"))
+
+        opts.on_tail("--config=CONFIG",
+                     _("Specify configuration file"),
+                     _("Default configuration files:"),
+                     *configuration_files.collect {|x| "  #{x}"}) do |file|
+          configuration_files << file
+        end
+
+        opts.on_tail("-h", "--help", _("Show this message")) do
+          puts opts
+          exit
+        end
+
+        opts.on_tail("--version", _("Show version")) do
+          puts VERSION
+          exit
+        end
+      end
+
+      begin
+        opts.parse!(argv)
+      rescue OptionParser::ParseError
+        $stderr.puts($!)
+        $stderr.puts(opts)
+        exit 1
+      end
+
+      read_configuration_files(configuration_files)
+
+      [argv, opts, options]
+    end
+
+    def read_password(prompt, input=$stdin, output=$stdout)
+      output.print prompt
+      system "/bin/stty -echo" if input.tty?
+      password = input.gets
+      password = password.chomp if password
+      password
+    ensure
+      system "/bin/stty echo" if input.tty?
+      output.puts
+    end
+
+    def default_configuration_files
+      configuration_files = File.join(File.dirname(__FILE__),
+                                      "configuration_files")
+      if File.exists?(configuration_files)
+        files = File.readlines(configuration_files).collect do |line|
+          line.strip
+        end.reject do |line|
+          line.empty? or /^#/ =~ line
+        end
+      else
+        files = [
+          "/etc/activesambaldap/config.yaml",
+          "/etc/activesambaldap/bind.yaml",
+        ]
+      end
+      begin
+        configuration_files_for_user = [
+          File.expand_path(File.join("~", ".activesambaldap.conf")),
+          File.expand_path(File.join("~", ".activesambaldap.bind")),
+        ]
+        files.concat(configuration_files_for_user)
+      rescue ArgumentError
+      end
+      files
+    end
+
+    def read_configuration_files(files)
+      return if files.empty?
+      Base.configurations = files.inject({}) do |result, file|
+        if File.readable?(file)
+          result.merge(Configuration.read(file))
+        else
+          result
+        end
+      end
+    end
+  end
+end

data/lib/active_samba_ldap/computer.rb

@@ -0,0 +1,24 @@
+require 'active_samba_ldap/base'
+require 'active_samba_ldap/entry'
+require 'active_samba_ldap/samba_entry'
+require 'active_samba_ldap/account_entry'
+require 'active_samba_ldap/computer_account_entry'
+require 'active_samba_ldap/samba_account_entry'
+
+module ActiveSambaLdap
+  class Computer < Base
+    include Reloadable
+
+    include Entry
+    include SambaEntry
+
+    include AccountEntry
+    include ComputerAccountEntry
+    include SambaAccountEntry
+
+    private
+    def default_account_flags
+      "[W]"
+    end
+  end
+end

data/lib/active_samba_ldap/computer_account_entry.rb

@@ -0,0 +1,34 @@
+module ActiveSambaLdap
+  module ComputerAccountEntry
+    NAME_RE = /\A#{AccountEntry::NAME_RE_SRC}\$\z/
+
+    def self.included(base)
+      super
+      base.extend(ClassMethods)
+      base.validates_format_of :uid, :with => NAME_RE
+    end
+
+    module ClassMethods
+      def valid_name?(name)
+        NAME_RE =~ name ? true : false
+      end
+
+      private
+      def default_prefix
+        configuration[:computers_suffix]
+      end
+    end
+
+    def remove_from_group(group)
+      group.computers.delete(self)
+    end
+
+    def default_gid_number
+      self.class.configuration[:default_computer_gid]
+    end
+
+    def created_group_name
+      super.sub(/\$$/, '')
+    end
+  end
+end

data/lib/active_samba_ldap/configuration.rb

@@ -0,0 +1,333 @@
+require 'socket'
+
+module ActiveSambaLdap
+  module Configuration
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    class << self
+      def read(file)
+        require 'yaml'
+        require 'erb'
+        erb = ERB.new(File.read(file))
+        erb.filename = file
+        result = nil
+        begin
+          begin
+            result = YAML.load(erb.result)
+            unless result
+              raise InvalidConfigurationFormatError.new(file, "0",
+                                                        "empty source")
+            end
+          rescue ArgumentError
+            if /syntax error on line (\d+), col (\d+): `(.*)'/ =~ $!.message
+              raise InvalidConfigurationFormatError.new(file, "#{$1}:#{$2}", $3)
+            else
+              raise
+            end
+          end
+        rescue InvalidConfigurationFormatError
+          raise
+        rescue Exception
+          file, location = $@.first.split(/:/, 2)
+          detail = "#{$!.class}: #{$!.message}"
+          raise InvalidConfigurationFormatError.new(file, location, detail)
+        end
+        result
+      end
+    end
+
+    module ClassMethods
+      class ValidHash < Hash
+        def [](name)
+          if Private.required_variables.include?(name) and !has_key?(name)
+            raise MissingRequiredVariableError.new(name)
+          end
+          super(name)
+        end
+      end
+
+      def remove_connection_related_configuration(config)
+        target_keys = Private::VARIABLES.collect do |name|
+          name.to_sym
+        end - ActiveLdap::Adapter::Base::VALID_ADAPTER_CONFIGURATION_KEYS
+        super(config).reject do |key, value|
+          target_keys.include?(key)
+        end
+      end
+
+      def merge_configuration(config, *rest)
+        config = config.symbolize_keys
+        config = (configurations["common"] || {}).symbolize_keys.merge(config)
+        ValidHash.new.merge(super(Private.new(config).merge, *rest))
+      end
+
+      def required_configuration_variables(*names)
+        config = configuration
+        if config.nil?
+          missing_variables = names
+        else
+          missing_variables = names.find_all do |name|
+            config[name.to_sym].nil?
+          end
+        end
+        unless missing_variables.empty?
+          raise MissingRequiredVariableError.new(missing_variables)
+        end
+      end
+
+      class Private
+        include ActiveSambaLdap::GetTextSupport
+
+        VARIABLES = %w(base host port scope bind_dn
+                       password method allow_anonymous
+
+                       sid smb_conf samba_domain samba_netbios_name
+                       password_hash_type
+
+                       users_suffix groups_suffix computers_suffix
+                       idmap_suffix
+
+                       start_uid start_gid
+
+                       user_login_shell user_home_directory
+                       user_home_directory_mode
+                       user_gecos user_home_unc user_profile
+                       user_home_drive user_logon_script mail_domain
+
+                       skeleton_directory
+
+                       default_user_gid default_computer_gid
+                       default_max_password_age)
+
+        class << self
+          def required_variables
+            @required_variables ||= compute_required_variables
+          end
+
+          def compute_required_variables
+            not_required_variables = %w(base scope ldap_scope)
+            (VARIABLES - public_methods - not_required_variables).collect do |x|
+              x.to_sym
+            end
+          end
+        end
+
+        def initialize(target)
+          @target = target.symbolize_keys
+        end
+
+        def merge
+          result = @target.dup
+          VARIABLES.each do |variable|
+            key = variable.to_sym
+            result[key] ||= send(variable) if respond_to?(variable)
+
+            normalize_method = "normalize_#{variable}"
+            if respond_to?(normalize_method)
+              result[key] = __send__(normalize_method, result[key])
+            end
+
+            validate_method = "validate_#{variable}"
+            if respond_to?(validate_method)
+              __send__(validate_method, result[key])
+            end
+          end
+          result
+        end
+
+        def [](name)
+          @target[name.to_sym] || (respond_to?(name) ? send(name) : nil)
+        end
+
+        def sid
+          result = `net getlocalsid`
+          if $?.success?
+            result.chomp.gsub(/\G[^:]+:\s*/, '')
+          else
+            nil
+          end
+        end
+
+        def smb_conf
+          %w(/etc/samba/smb.conf /usr/local/etc/samba/smb.conf).each do |guess|
+            return guess if File.exist?(guess)
+          end
+          nil
+        end
+
+        def samba_domain
+          _smb_conf = self["smb_conf"]
+          if _smb_conf
+            File.open(_smb_conf) do |f|
+              f.read.grep(/^\s*[^#;]/).each do |line|
+                if /^\s*workgroup\s*=\s*(\S+)\s*$/i =~ line
+                  return $1.upcase
+                end
+              end
+            end
+          else
+            nil
+          end
+        end
+
+        def samba_netbios_name
+          netbios_name = nil
+          _smb_conf = self["smb_conf"]
+          if _smb_conf
+            File.open(_smb_conf) do |f|
+              f.read.grep(/^\s*[^#;]/).each do |line|
+                if /^\s*netbios\s*name\s*=\s*(.+)\s*$/i =~ line
+                  netbios_name = $1
+                  break
+                end
+              end
+            end
+          end
+          netbios_name ||= Socket.gethostname
+          netbios_name ? netbios_name.upcase : nil
+        end
+
+        def host
+          "localhost"
+        end
+
+        def port
+          389
+        end
+
+        def allow_anonymous
+          false
+        end
+
+        def method
+          :plain
+        end
+
+        def users_suffix
+          retrieve_value_from_smb_conf(/ldap\s+user\s+suffix/i) || "ou=Users"
+        end
+
+        def groups_suffix
+          retrieve_value_from_smb_conf(/ldap\s+group\s+suffix/i) || "ou=Groups"
+        end
+
+        def computers_suffix
+          retrieve_value_from_smb_conf(/ldap\s+machine\s+suffix/i) ||
+            "ou=Computers"
+        end
+
+        def idmap_suffix
+          retrieve_value_from_smb_conf(/ldap\s+idmap\s+suffix/i) || "ou=Idmap"
+        end
+
+        def start_uid
+          10000
+        end
+
+        def start_gid
+          10000
+        end
+
+        def default_user_gid
+          rid = ActiveSambaLdap::Group::DOMAIN_USERS_RID
+          ActiveSambaLdap::Group.rid2gid(rid)
+        end
+
+        def default_computer_gid
+          rid = ActiveSambaLdap::Group::DOMAIN_COMPUTERS_RID
+          ActiveSambaLdap::Group.rid2gid(rid)
+        end
+
+        def skeleton_directory
+          "/etc/skel"
+        end
+
+        def user_home_unc
+          netbios_name = self["samba_netbios_name"]
+          netbios_name ? "\\\\#{netbios_name}\\%U" : nil
+        end
+
+        def user_profile
+          netbios_name = self["samba_netbios_name"]
+          netbios_name ? "\\\\#{netbios_name}\\profiles\\%U" : nil
+        end
+
+        def user_home_directory
+          "/home/%U"
+        end
+
+        def user_home_directory_mode
+          0755
+        end
+
+        def normalize_user_home_directory_mode(mode)
+          if mode
+            Integer(mode)
+          else
+            nil
+          end
+        rescue ArgumentError
+          raise InvalidConfigurationValueError.new("user_home_directory",
+                                                   mode, $!.message)
+        end
+
+        def user_login_shell
+          "/bin/false"
+        end
+
+        def user_home_drive
+          "H:"
+        end
+
+        def user_logon_script
+          "logon.bat"
+        end
+
+        def user_gecos
+          nil
+        end
+
+        def bind_dn
+          nil
+        end
+
+        def password_hash_type
+          :ssha
+        end
+
+        def normalize_password_hash_type(type)
+          type.to_s.downcase.to_sym
+        end
+
+        AVAILABLE_HASH_TYPES = [:crypt, :md5, :smd5, :sha, :ssha]
+        def validate_password_hash_type(type)
+          unless AVAILABLE_HASH_TYPES.include?(type)
+            types = AVAILABLE_HASH_TYPES.collect {|x| x.inspect}.join(", ")
+            raise InvalidConfigurationValueError.new("password_hash_type",
+                                                     type,
+                                                     _("must be in %s") % types)
+          end
+        end
+
+        private
+        def retrieve_value_from_smb_conf(key)
+          smb_conf = self['smb_conf']
+          if smb_conf and File.readable?(smb_conf)
+            line = File.read(smb_conf).grep(key).reject do |l|
+              /^\s*[#;]/ =~ l
+            end.first
+            if line
+              line.split(/=/, 2)[1].strip
+            else
+              nil
+            end
+          else
+            nil
+          end
+        end
+      end
+    end
+  end
+end