RubyGems - active_directory_login - Versions diffs - 0.0.2 - Mend

active_directory_login 0.0.2

Files changed (18) hide show

checksums.yaml +7 -0
data/.gitignore +19 -0
data/Gemfile +6 -0
data/LICENSE.txt +22 -0
data/README.md +29 -0
data/Rakefile +1 -0
data/active_directory_login.gemspec +35 -0
data/lib/active_directory_login.rb +54 -0
data/lib/active_directory_login/client.rb +302 -0
data/lib/active_directory_login/group_resource.rb +41 -0
data/lib/active_directory_login/health_check.rb +37 -0
data/lib/active_directory_login/version.rb +3 -0
data/lib/devise/strategies/active_directory_authenticatable.rb +35 -0
data/spec/active_directory_login_spec.rb +94 -0
data/spec/client_spec.rb +52 -0
data/spec/models/user.rb +23 -0
data/spec/spec_helper.rb +27 -0
metadata +218 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 63d211b6c19283ade2b7a91ecde8921897628c65
+  data.tar.gz: 86cbf612ecbe3cae984232fad88e0407b10b5ad2
+SHA512:
+  metadata.gz: 3ef4e694e3546391df61ac16852e7648189e0f2673f40d336d9d8aed19ac89051560eff7c896436bcdeff9c2a16271d7c4e04b04be20bed1798aef31c997a536
+  data.tar.gz: f0a7c74005dbb3b6de2127611ba9013ddad988a788f5a16ae8ca3b1e0ce947dfa68525df1426e95cc1c2171029f191d6aa91d8acc48e7701923ab1664c4e839b

data/.gitignore ADDED Viewed

@@ -0,0 +1,19 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.rvmrc

data/Gemfile ADDED Viewed

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+gemspec
+gem 'datacom_active_directory'
+gem 'datacom-net-ldap'

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Brad Murray
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,29 @@
+# ActiveDirectoryLogin
+TODO: Write a gem description
+## Installation
+Add this line to your application's Gemfile:
+    gem 'active_directory_login'
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install active_directory_login
+## Usage
+TODO: Write usage instructions here
+## Contributing
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile ADDED Viewed

	@@ -0,0 +1 @@
1	+ require "bundler/gem_tasks"

data/active_directory_login.gemspec ADDED Viewed

@@ -0,0 +1,35 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'active_directory_login/version'
+Gem::Specification.new do |spec|
+  spec.name          = "active_directory_login"
+  spec.version       = ActiveDirectoryLogin::VERSION
+  spec.authors       = ["Brad Murray"]
+  spec.email         = ["wyaeld@gmail.com"]
+  spec.description   = "Devise based AD User Logins"
+  spec.summary       = "Devise based AD User Logins"
+  spec.homepage      = %q{http://github.com/datacom/active_directory_login}
+  spec.license       = "MIT"
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rails", "~> 4.0"
+  spec.add_development_dependency "devise", "3.0.0"
+  spec.add_development_dependency "warden"
+  spec.add_development_dependency 'rspec', '~> 2.14'
+  spec.add_development_dependency 'rspec-rails', '~> 2.14'
+  spec.add_development_dependency 'flexmock'
+  spec.add_development_dependency 'pry'
+  spec.add_dependency "datacom_active_directory", '1.5.5.datacom'
+  spec.add_dependency "datacom-net-ldap", '0.5.0.datacom'
+end

data/lib/active_directory_login.rb ADDED Viewed

@@ -0,0 +1,54 @@
+autoload 'Logger', 'logger'
+require 'forwardable'
+require "active_directory"
+require "active_directory_login/client"
+require 'warden'
+require 'devise/strategies/authenticatable'
+require 'devise/strategies/active_directory_authenticatable'
+module ActiveDirectoryLogin
+  class Error < RuntimeError; end
+  class AuthenticationError < Error; end
+  class NoUserError < Error; end
+  class ConfigurationError < Error; end
+  class NoSearchKey < Error; end
+  class << self
+    extend Forwardable
+    def_delegators :default_client, :auth_method, :username, :password, :host, :port, :base, :auth
+    def_delegators :default_client, :auth_method=, :username=, :password=, :host=, :port=, :base=, :auth=
+    def_delegators :default_client, :staff_dn, :superuser_dn, :user_dn
+    def_delegators :default_client, :staff_dn=, :superuser_dn=, :user_dn=
+    def_delegators :default_client, :validate!, :sync_groups, :benched
+    def_delegators :default_client, :with_user, :lock_user, :authenticate_user, :has_member_access?, :create_or_update_user
+    #logger modelled on https://github.com/pusher/pusher-gem/blob/master/lib/pusher.rb
+    attr_writer :logger
+    def logger
+      @logger ||= begin
+        log = Logger.new($stdout)
+        log.level = Logger::INFO
+        log
+      end
+    end
+    def default_client
+      @default_client ||= ActiveDirectoryLogin::Client.new
+    end
+  end
+end
+require "active_directory_login/version"
+require "active_directory_login/health_check"
+Warden::Strategies.add(:active_directory_authenticatable, Devise::Strategies::ActiveDirectoryAuthenticatable)

data/lib/active_directory_login/client.rb ADDED Viewed

@@ -0,0 +1,302 @@
+require 'active_directory'
+# require 'secure_random'
+module ActiveDirectoryLogin
+  class Client
+    attr_accessor :host, :auth_method, :username, :password, :port, :base
+    attr_accessor :staff_dn, :superuser_dn, :user_dn
+    attr_reader  :auth
+    def initialize(options = {})
+      options = {
+        auth_method: 'anonymous',
+        port: '389',
+      }.merge(options)
+      @host, @port, @base, @auth_method, @password, @username, @staff_dn, @superuser_dn, @user_dn = options.values_at(
+        :host, :port, :base, :auth_method, :password, :username, :staff_dn, :superuser_dn, :user_dn
+        )
+    end
+    def validate!
+      %W(
+        host
+        port
+        base
+        auth_method
+        username
+        password
+        staff_dn
+        superuser_dn
+        user_dn
+      ).each do |key|
+        # puts "KEY #{key} VALUE #{self.send(key)}"
+        raise ConfigurationError if self.send(key).nil?
+      end
+      true
+    end
+    def settings
+      {
+        host: host,
+        port: port,
+        base: base,
+        auth: {
+          method: auth_method.to_sym,
+          username: username,
+          password: password
+        }
+      }
+    end
+    def ensure_connection
+      if !ActiveDirectory::Base.connected?
+        validate!
+        ActiveDirectory::Base.setup(settings)
+        # ActiveDirectory::Base.enable_cache
+      end
+    end
+    def with_user(username_or_email, password, &block)
+      raise Error, "block required" if block.nil?
+      @ad_user = find_user(username_or_email)
+      @ad_user_password = password
+      @query = query(username_or_email)
+      @app_user = @query.first
+      value = block.call
+      reset_ivars
+      return value
+    end
+    def reset_ivars
+      @ad_user = nil
+      @app_user = nil
+      @query = nil
+      @groups = nil
+      @ad_user_password = nil
+    end
+    def lock_user
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      @app_user.try(:lock_access!) #its ok if no user
+    end
+    def authenticate_user
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      @ad_user.try(:authenticate, @ad_user_password)
+    end
+    def query(username_or_email)
+      @query ||= (username_or_email =~ /@/) ?
+        User.where { (provider == User::LDAP) & (email =~ username_or_email) } :
+        User.where { (provider == User::LDAP) & (username =~ username_or_email) }
+    end
+    def create_or_update_user
+      user = @query.first_or_initialize(
+        name:      "#{@ad_user.givenname} #{@ad_user.sn}",
+        email:     @ad_user.mail.downcase,
+        username:  @ad_user[:sAMAccountName]
+      )
+      # Update the user's password and permissions (can't use update_attributes as it might not be saved yet)
+      user.password              = @ad_user_password
+      user.password_confirmation = @ad_user_password
+      user.staff                 = staff_access?
+      user.superuser             = superuser_access?
+      user.locked_at             = nil # unlock_access! saves without validating so no good
+      user.save! # only saves if changed or new
+      return user
+    end
+    def find_user username_or_email
+      ensure_connection
+      raise NoSearchKey unless username_or_email && !username_or_email.empty?
+      ad_key  = (username_or_email =~ /@/) ? :mail : :sAMAccountName
+      ad_user = ActiveDirectory::User.find(:first, ad_key => username_or_email)
+    end
+    def find_group group_dn
+      ensure_connection
+      raise NoSearchKey unless group_dn && !group_dn.empty?
+      ActiveDirectory::Group.find(:first, distinguishedname: group_dn)
+    end
+    # def groups
+    #   @staff_group ||= ActiveDirectory::Group.find(:first, distinguishedname: staff_dn)
+    #   @superuser_group ||= ActiveDirectory::Group.find(:first, distinguishedname: superuser_dn)
+    #   @user_group ||= ActiveDirectory::Group.find(:first, distinguishedname: user_dn)
+    #   [@staff_group, @superuser_group, @user_group]
+    # end
+    def has_member_access?
+      raise NoUserError, "need to call inside a .with_user block" if @ad_user.nil?
+      staff_access? || superuser_access? || user_access?
+    end
+    def sync_all
+      [staff_dn, superuser_dn, user_dn].each do |dn|
+        sync_group(dn)
+      end
+    end
+    def benched
+      bench = Benchmark.realtime{   Devise.stretches = 2; sync_groups }
+      ActiveDirectoryLogin.logger.info "Benchmark"
+      ActiveDirectoryLogin.logger.info bench
+    end
+    def sync_groups
+      ensure_connection
+      ActiveRecord::Base.transaction do
+        # update staff
+        staff_group = find_group(staff_dn)
+        staff_member_emails = staff_group.member.collect(&:mail).map(&:downcase)
+        allowed = User.where(email: staff_member_emails, staff: false)
+        staff_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(staff: true)
+        pending = staff_member_emails - staff_allowed_emails
+        disallowed = User.where.not(email: staff_member_emails).where(staff: true)
+        staff_disallowed_emails = disallowed.collect(&:email)
+        disallowed.update_all(staff: false)
+        pending = pending - staff_disallowed_emails
+        staff_unchanged = User.where(email: staff_member_emails, staff: true)
+        staff_unchanged_emails = staff_unchanged.collect(&:email)
+        pending = pending - staff_unchanged_emails
+        # create any new staff
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        staff_created_emails = pending
+        ## update superuser
+        superuser_group = find_group(superuser_dn)
+        superuser_member_emails = superuser_group.member.collect(&:mail).map(&:downcase)
+        superuser_member_emails = superuser_member_emails - staff_member_emails
+        allowed = User.where(email: superuser_member_emails, superuser: false)
+        superuser_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(superuser: true)
+        pending = superuser_member_emails - superuser_allowed_emails
+        disallowed = User.where.not(email: superuser_member_emails).where(superuser: true)
+        superuser_disallowed_emails = disallowed.collect(&:email)
+        disallowed.update_all(superuser: false)
+        pending = pending - superuser_disallowed_emails
+        superuser_unchanged = User.where(email: superuser_member_emails, superuser: true)
+        superuser_unchanged_emails = superuser_unchanged.collect(&:email)
+        pending = pending - superuser_unchanged_emails
+        # create any new superuser
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        superuser_created_emails = pending
+        ## update users
+        user_group = find_group(user_dn)
+        # member_cns = user_group.entry[:member]
+        member_emails = user_group.member.collect(&:mail).map(&:downcase)
+        member_emails = member_emails - superuser_member_emails - staff_member_emails
+        allowed = User.where(email: member_emails, staff: false, superuser: false).where.not(locked_at: nil)
+        user_allowed_emails = allowed.collect(&:email)
+        allowed.update_all(locked_at: nil)
+        pending = member_emails - user_allowed_emails
+        disallowed = User.where.not(email: member_emails, staff: false, superuser: false)
+        user_disallowed_emails = disallowed.collect(&:email)
+        disallowed.each {|u| u.lock_access! }
+        user_unchanged = User.where(email: member_emails, staff: false, superuser: false)
+        user_unchanged_emails = user_unchanged.collect(&:email)
+        pending = pending - user_unchanged_emails
+        # binding.pry
+        #create any new superuser
+        pending.each do |pending_email|
+          with_user(pending_email, SecureRandom.hex){ create_or_update_user }
+        end
+        user_created_emails = pending
+        #report on changes
+        ActiveDirectoryLogin.logger.info "Staff allowed: #{staff_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "Staff disallowed: #{staff_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "Staff created: #{staff_created_emails}"
+        ActiveDirectoryLogin.logger.info "Staff unchanged: #{staff_unchanged_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers allowed: #{superuser_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers disallowed: #{superuser_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers created: #{superuser_created_emails}"
+        ActiveDirectoryLogin.logger.info "Superusers unchanged: #{superuser_unchanged_emails}"
+        ActiveDirectoryLogin.logger.info "User allowed: #{user_allowed_emails}"
+        ActiveDirectoryLogin.logger.info "User disallowed: #{user_disallowed_emails}"
+        ActiveDirectoryLogin.logger.info "User created: #{user_created_emails}"
+        ActiveDirectoryLogin.logger.info "User unchanged: #{user_unchanged_emails}"
+      end
+      ActiveDirectoryLogin.logger.info "Staff: #{User.staff.count}"
+      ActiveDirectoryLogin.logger.info "Superusers: #{User.superusers.count}"
+      ActiveDirectoryLogin.logger.info "Users: #{User.normals.count}"
+    end
+    private
+    def group_names
+      @groups ||= @ad_user.entry[:memberof]
+    end
+    def staff_access?
+      group_names.include? staff_dn
+    end
+    def superuser_access?
+      group_names.include? superuser_dn
+    end
+    def user_access?
+      group_names.include? user_dn
+    end
+  end #class
+end

data/lib/active_directory_login/group_resource.rb ADDED Viewed

@@ -0,0 +1,41 @@
+module ActiveDirectoryLogin
+  class GroupResource
+    def initialize(client)
+      @client = client
+    end
+    def self.find group_name
+      ActiveDirectory::Group.find(:first, distinguishedname: group_name)
+    end
+    def self.member_names group
+      group.member.map &:name
+    end
+    def self.member_emails group
+      group.member.map &:mail
+    end
+    def self.has_group_access? groups
+      staff = staff_group? groups
+      system = system_group? groups
+      general = general_group? groups
+      staff || system || general
+    end
+    def self.staff_group? groups
+      groups.include? ENV['DG_STAFF_DN']
+    end
+    def self.system_group? groups
+      groups.include? ENV['DG_SYSTEM_DN']
+    end
+    def self.general_group? groups
+      groups.include? ENV['DG_USER_DN']
+    end
+  end
+end

data/lib/active_directory_login/health_check.rb ADDED Viewed

@@ -0,0 +1,37 @@
+module ActiveDirectoryLogin
+  module HealthCheck
+    def self.valid_config?
+      ActiveDirectoryLogin.default_client.validate!
+    end
+    def self.health_check_errors
+      # We use these twice
+      output = []
+      begin
+        ActiveDirectoryLogin.default_client.ensure_connection
+      rescue => e
+        output << "LDAP: Connecting: #{e.message}"
+      end
+      begin
+        ActiveDirectoryLogin.default_client.ensure_connection
+      rescue => e
+        output << "LDAP: Authorizing: #{e.message}" unless output.include?("LDAP: Connecting: #{e.message}")
+      end
+      output << "LDAP: Authorizing: #{ActiveDirectory::Base.error}" if ActiveDirectory::Base.error?
+      begin
+        ActiveDirectory::Group.find(:first, distinguishedname: ActiveDirectoryLogin.user_dn)
+      rescue
+        output << 'LDAP: Searching failed; check base and authorisation config'
+      end
+      output.to_sentence
+    end
+    def self.healthy?
+      health_check_errors.empty?
+    end
+  end
+end

data/lib/active_directory_login/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module ActiveDirectoryLogin
+  VERSION = "0.0.2"
+end

data/lib/devise/strategies/active_directory_authenticatable.rb ADDED Viewed

@@ -0,0 +1,35 @@
+require 'devise/strategies/authenticatable'
+require 'pry'
+module Devise
+  module Strategies
+    class ActiveDirectoryAuthenticatable < Authenticatable
+      def authenticate!
+        #FIXME enterprise mode was here
+        if params[:user]
+          username_or_email = params[:user][:login]
+          ActiveDirectoryLogin.with_user(username_or_email, params[:user][:password]) do
+            if ActiveDirectoryLogin.authenticate_user
+              if ActiveDirectoryLogin.has_member_access?
+                user = ActiveDirectoryLogin.create_or_update_user
+                success!(user)
+              else
+                ActiveDirectoryLogin.lock_user
+                fail(:locked)
+              end
+            else
+              fail(:invalid)
+            end
+          end #with_user
+        end
+      end
+    end
+  end
+end

data/spec/active_directory_login_spec.rb ADDED Viewed

@@ -0,0 +1,94 @@
+require 'spec_helper'
+require 'active_directory_login'
+require 'active_directory_login/group_resource'
+require 'active_directory_login/user_resource'
+require 'devise/strategies/authenticatable'
+require 'devise'
+describe ActiveDirectoryLogin do
+  before do
+    @client = ActiveDirectoryLogin::Client.new({
+     auth_method: 'simple',
+     username: 'svcdgauth',
+     password: 'Friday10',
+     host: 'dnzdc3.datacom.co.nz',
+     port: '389',
+     base: 'DC=datacom,DC=co,DC=nz'
+     })
+    @client.connect!
+    @user_resource = ActiveDirectoryLogin::UserResource
+    @group_resource = ActiveDirectoryLogin::GroupResource
+  end
+  let(:staff_group) {"CN=DocGenie-Staff,OU=Datacom Systems Wellington,OU=Datacom Systems,OU=Groups - Universal Distribution Lists,DC=datacom,DC=co,DC=nz"}
+  describe '.user' do
+    it 'requires a value' do
+      expect { @user_resource.find nil
+       }.to raise_error ActiveDirectoryLogin::NoSearchKey
+     end
+     it 'requires a value' do
+      expect { @user_resource.find ''
+       }.to raise_error ActiveDirectoryLogin::NoSearchKey
+     end
+   end
+   it 'finds me by username' do
+    login = 'bradmu'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds me by email' do
+    login = 'brad.murray@datacom.co.nz'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds me by email' do
+    login = 'brad.murray@datacom.co.nz'
+    user = @user_resource.find login
+    user[:cn].should == "Brad Murray [DATACOM]"
+  end
+  it 'finds DocGenie staff group' do
+    group = @group_resource.find staff_group
+    group.name.should == "DocGenie-Staff"
+  end
+  it 'can get members of DocGenie staff group' do
+    group = @group_resource.find staff_group
+    group.member.count.should == 5
+    @group_resource.member_names(group).should == ["Patrick Copeland [DATACOM]",
+    "Owen Bannister [DATACOM]",
+    "Tatyana Kudiyarova [DATACOM]",
+    "Brad Murray [DATACOM]",
+    "Blair Nilsson [DATACOM]"]
+  end
+  it 'can find user groups' do
+    login = 'owen.bannister@datacom.co.nz'
+    user = @user_resource.find login
+    groups = @user_resource.groups user
+    groups.count.should > 0
+    groups.include?(staff_group).should == true
+  end
+    # let(:User) { stub 'User'}
+  it 'can validate me by my groups' do
+    login = 'owen.bannister@datacom.co.nz'
+    user = @user_resource.find login
+    permission = @group_resource.has_group_access? @user_resource.groups(user)
+    permission.should == false
+    ENV['DG_STAFF_DN'] =  staff_group
+    permission = @group_resource.has_group_access? @user_resource.groups(user)
+    permission.should == true
+  end
+end

data/spec/client_spec.rb ADDED Viewed

@@ -0,0 +1,52 @@
+require 'spec_helper'
+require 'active_directory_login/client'
+describe ActiveDirectoryLogin::Client do
+  def valid_options
+    options = {}
+    options[:auth_method] = 'simple'
+    options[:username] = 'foo'
+    options[:password] = 'bar'
+    options[:host] = 'ldap.example.com'
+    options[:port] = '633'
+    options[:base] = 'DC=example,DC=com'
+    options
+  end
+  describe 'initialize' do
+    subject { ActiveDirectoryLogin::Client.new options}
+    describe 'with defaults' do
+      let(:options) { Hash.new }
+      its(:host) { should == nil}
+      its(:port) { should == '389'}
+      its(:base) { should == nil}
+      its(:username) { should == nil }
+      its(:password) { should == nil}
+      its(:auth_method) { should == 'anonymous'}
+    end
+    describe 'with values' do
+      let(:options) { valid_options }
+      its(:host) { should == 'ldap.example.com'}
+      its(:port) { should == '633'}
+      its(:base) { should == 'DC=example,DC=com'}
+      its(:username) { should == 'foo'}
+      its(:password) { should == 'bar'}
+      its(:auth_method) { should == 'simple'}
+    end
+  end
+end

data/spec/models/user.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# require 'active_model/naming'
+# require 'active_model/model'
+require 'active_model'
+class User
+  include ActiveModel::Model
+  # after_initialize :defaults
+  # def defaults
+  #   binding.pry
+  # end
+  # def init(args)
+  #   args.each_pair do |k,v|
+  #     self[k] = v
+  #   end
+  # end
+  attr_accessor :name, :email, :staff
+  alias_method :staff?, :staff
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,27 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'although not required, it is recommended that you use bundler when running the tests'
+end
+require 'rails'
+require 'rspec'
+# require 'rspec/rails'
+require 'rspec/autorun'
+# require 'flexmock/rspec/configure'
+require 'pry'
+unless Object.const_defined? 'User'
+	# binding.pry
+  require 'models/user'
+  # mock_model 'User'
+end
+RSpec.configure do |config|
+	# co
+end

metadata ADDED Viewed

@@ -0,0 +1,218 @@
+--- !ruby/object:Gem::Specification
+name: active_directory_login
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Brad Murray
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2014-03-11 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: warden
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+- !ruby/object:Gem::Dependency
+  name: flexmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: datacom_active_directory
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.5.5.datacom
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.5.5.datacom
+- !ruby/object:Gem::Dependency
+  name: datacom-net-ldap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.0.datacom
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.0.datacom
+description: Devise based AD User Logins
+email:
+- wyaeld@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- active_directory_login.gemspec
+- lib/active_directory_login.rb
+- lib/active_directory_login/client.rb
+- lib/active_directory_login/group_resource.rb
+- lib/active_directory_login/health_check.rb
+- lib/active_directory_login/version.rb
+- lib/devise/strategies/active_directory_authenticatable.rb
+- spec/active_directory_login_spec.rb
+- spec/client_spec.rb
+- spec/models/user.rb
+- spec/spec_helper.rb
+homepage: http://github.com/datacom/active_directory_login
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.2.2
+signing_key:
+specification_version: 4
+summary: Devise based AD User Logins
+test_files:
+- spec/active_directory_login_spec.rb
+- spec/client_spec.rb
+- spec/models/user.rb
+- spec/spec_helper.rb