active_directory_login 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/active_directory_login/client.rb +11 -11
- data/lib/active_directory_login/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c892e5b739bd1f8cd09c4a398b85fa08e59d7134
|
|
4
|
+
data.tar.gz: ba290b49088433670ae44dce6a1c047f61bfa4a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 394ec0c6b95043a8bcad2975e8c8cbe2ea2dbb1b852680e6d572202c0b2bd22eff3ac16aefb9f715ce4f59171395dc11d261640a1c21d664dbd2351d503df1f0
|
|
7
|
+
data.tar.gz: a2a0f4dbcddbc9884cacfc8033d4023a7f6e9fe28645e267e90349336b4b60e77c60c4a89592bb18fca3760ca5f7d9058f5ddca9f7d2094ece9264a33093452e
|
|
@@ -93,8 +93,8 @@ module ActiveDirectoryLogin
|
|
|
93
93
|
end
|
|
94
94
|
|
|
95
95
|
def query
|
|
96
|
-
|
|
97
|
-
|
|
96
|
+
@query = User.where('provider = :provider AND lower(username) LIKE :username',
|
|
97
|
+
{ provider: User::LDAP, username: @ad_user.sAMAccountName.downcase })
|
|
98
98
|
end
|
|
99
99
|
|
|
100
100
|
def create_or_update_user
|
|
@@ -174,17 +174,17 @@ module ActiveDirectoryLogin
|
|
|
174
174
|
staff_member_names = staff_group.member.map { |u| u.sAMAccountName.downcase }
|
|
175
175
|
|
|
176
176
|
# users not flagged as staff in docgenie but in AD staff group
|
|
177
|
-
allowed = User.where
|
|
177
|
+
allowed = User.where(staff: false).where("lower(username) IN (:names)", { names: staff_member_names })
|
|
178
178
|
allowed.update_all(staff: true)
|
|
179
179
|
staff_allowed_names = allowed.map { |u| u.username.downcase }
|
|
180
180
|
|
|
181
181
|
# users flagged as staff in docgenie but not in AD staff group
|
|
182
|
-
disallowed = User.where
|
|
182
|
+
disallowed = User.where(staff: true).where.not("lower(username) IN (:names)", { names: staff_member_names })
|
|
183
183
|
disallowed.update_all(staff: false)
|
|
184
184
|
staff_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
185
185
|
|
|
186
186
|
# users flagged as staff in docgenie and in AD staff group
|
|
187
|
-
staff_unchanged = User.where
|
|
187
|
+
staff_unchanged = User.where(staff: true).where("lower(username) IN (:names)", { names: staff_member_names })
|
|
188
188
|
staff_unchanged_names = staff_unchanged.map { |u| u.username.downcase }
|
|
189
189
|
|
|
190
190
|
# users in AD staff group but not in docgenie (at all)
|
|
@@ -199,15 +199,15 @@ module ActiveDirectoryLogin
|
|
|
199
199
|
superuser_group = find_group(superuser_dn)
|
|
200
200
|
superuser_member_names = superuser_group.member.map { |u| u.sAMAccountName.downcase } - staff_member_names
|
|
201
201
|
|
|
202
|
-
allowed = User.where
|
|
202
|
+
allowed = User.where(staff: false).where("lower(username) IN (:names)", { names: superuser_member_names })
|
|
203
203
|
allowed.update_all(superuser: true)
|
|
204
204
|
superuser_allowed_names = allowed.map { |u| u.username.downcase }
|
|
205
205
|
|
|
206
|
-
disallowed = User.where
|
|
206
|
+
disallowed = User.where(staff: true).where.not("lower(username) IN (:names)", { names: superuser_member_names })
|
|
207
207
|
disallowed.update_all(superuser: false)
|
|
208
208
|
superuser_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
209
209
|
|
|
210
|
-
superuser_unchanged = User.where
|
|
210
|
+
superuser_unchanged = User.where(staff: true).where("lower(username) IN (:names)", { names: superuser_member_names })
|
|
211
211
|
superuser_unchanged_names = superuser_unchanged.map { |u| u.username.downcase }
|
|
212
212
|
|
|
213
213
|
# create any new superuser
|
|
@@ -225,15 +225,15 @@ module ActiveDirectoryLogin
|
|
|
225
225
|
member_names = user_group.member.map { |u| u.sAMAccountName.downcase }
|
|
226
226
|
member_names = member_names - superuser_member_names - staff_member_names
|
|
227
227
|
|
|
228
|
-
allowed = User.where
|
|
228
|
+
allowed = User.where(staff: false, superuser: false).where.not(locked_at: nil).where("lower(username) IN (:names)", { names: member_names })
|
|
229
229
|
allowed.update_all(locked_at: nil)
|
|
230
230
|
user_allowed_names = allowed.map { |u| u.username.downcase }
|
|
231
231
|
|
|
232
|
-
disallowed = User.where
|
|
232
|
+
disallowed = User.where(staff: false, superuser: false, locked_at: nil).where.not("lower(username) IN (:names)", { names: member_names })
|
|
233
233
|
disallowed.each { |u| u.lock_access! }
|
|
234
234
|
user_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
235
235
|
|
|
236
|
-
user_unchanged = User.where
|
|
236
|
+
user_unchanged = User.where(staff: false, superuser: false, locked_at: nil).where("lower(username) IN (:names)", { names: member_names })
|
|
237
237
|
user_unchanged_names = user_unchanged.map { |u| u.username.downcase }
|
|
238
238
|
|
|
239
239
|
#create any new user
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_directory_login
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brad Murray
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|