active_directory_login 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/active_directory_login/client.rb +11 -11
- data/lib/active_directory_login/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c892e5b739bd1f8cd09c4a398b85fa08e59d7134
|
|
4
|
+
data.tar.gz: ba290b49088433670ae44dce6a1c047f61bfa4a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 394ec0c6b95043a8bcad2975e8c8cbe2ea2dbb1b852680e6d572202c0b2bd22eff3ac16aefb9f715ce4f59171395dc11d261640a1c21d664dbd2351d503df1f0
|
|
7
|
+
data.tar.gz: a2a0f4dbcddbc9884cacfc8033d4023a7f6e9fe28645e267e90349336b4b60e77c60c4a89592bb18fca3760ca5f7d9058f5ddca9f7d2094ece9264a33093452e
|
|
@@ -93,8 +93,8 @@ module ActiveDirectoryLogin
|
|
|
93
93
|
end
|
|
94
94
|
|
|
95
95
|
def query
|
|
96
|
-
|
|
97
|
-
|
|
96
|
+
@query = User.where('provider = :provider AND lower(username) LIKE :username',
|
|
97
|
+
{ provider: User::LDAP, username: @ad_user.sAMAccountName.downcase })
|
|
98
98
|
end
|
|
99
99
|
|
|
100
100
|
def create_or_update_user
|
|
@@ -174,17 +174,17 @@ module ActiveDirectoryLogin
|
|
|
174
174
|
staff_member_names = staff_group.member.map { |u| u.sAMAccountName.downcase }
|
|
175
175
|
|
|
176
176
|
# users not flagged as staff in docgenie but in AD staff group
|
|
177
|
-
allowed = User.where
|
|
177
|
+
allowed = User.where(staff: false).where("lower(username) IN (:names)", { names: staff_member_names })
|
|
178
178
|
allowed.update_all(staff: true)
|
|
179
179
|
staff_allowed_names = allowed.map { |u| u.username.downcase }
|
|
180
180
|
|
|
181
181
|
# users flagged as staff in docgenie but not in AD staff group
|
|
182
|
-
disallowed = User.where
|
|
182
|
+
disallowed = User.where(staff: true).where.not("lower(username) IN (:names)", { names: staff_member_names })
|
|
183
183
|
disallowed.update_all(staff: false)
|
|
184
184
|
staff_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
185
185
|
|
|
186
186
|
# users flagged as staff in docgenie and in AD staff group
|
|
187
|
-
staff_unchanged = User.where
|
|
187
|
+
staff_unchanged = User.where(staff: true).where("lower(username) IN (:names)", { names: staff_member_names })
|
|
188
188
|
staff_unchanged_names = staff_unchanged.map { |u| u.username.downcase }
|
|
189
189
|
|
|
190
190
|
# users in AD staff group but not in docgenie (at all)
|
|
@@ -199,15 +199,15 @@ module ActiveDirectoryLogin
|
|
|
199
199
|
superuser_group = find_group(superuser_dn)
|
|
200
200
|
superuser_member_names = superuser_group.member.map { |u| u.sAMAccountName.downcase } - staff_member_names
|
|
201
201
|
|
|
202
|
-
allowed = User.where
|
|
202
|
+
allowed = User.where(staff: false).where("lower(username) IN (:names)", { names: superuser_member_names })
|
|
203
203
|
allowed.update_all(superuser: true)
|
|
204
204
|
superuser_allowed_names = allowed.map { |u| u.username.downcase }
|
|
205
205
|
|
|
206
|
-
disallowed = User.where
|
|
206
|
+
disallowed = User.where(staff: true).where.not("lower(username) IN (:names)", { names: superuser_member_names })
|
|
207
207
|
disallowed.update_all(superuser: false)
|
|
208
208
|
superuser_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
209
209
|
|
|
210
|
-
superuser_unchanged = User.where
|
|
210
|
+
superuser_unchanged = User.where(staff: true).where("lower(username) IN (:names)", { names: superuser_member_names })
|
|
211
211
|
superuser_unchanged_names = superuser_unchanged.map { |u| u.username.downcase }
|
|
212
212
|
|
|
213
213
|
# create any new superuser
|
|
@@ -225,15 +225,15 @@ module ActiveDirectoryLogin
|
|
|
225
225
|
member_names = user_group.member.map { |u| u.sAMAccountName.downcase }
|
|
226
226
|
member_names = member_names - superuser_member_names - staff_member_names
|
|
227
227
|
|
|
228
|
-
allowed = User.where
|
|
228
|
+
allowed = User.where(staff: false, superuser: false).where.not(locked_at: nil).where("lower(username) IN (:names)", { names: member_names })
|
|
229
229
|
allowed.update_all(locked_at: nil)
|
|
230
230
|
user_allowed_names = allowed.map { |u| u.username.downcase }
|
|
231
231
|
|
|
232
|
-
disallowed = User.where
|
|
232
|
+
disallowed = User.where(staff: false, superuser: false, locked_at: nil).where.not("lower(username) IN (:names)", { names: member_names })
|
|
233
233
|
disallowed.each { |u| u.lock_access! }
|
|
234
234
|
user_disallowed_names = disallowed.map { |u| u.username.downcase }
|
|
235
235
|
|
|
236
|
-
user_unchanged = User.where
|
|
236
|
+
user_unchanged = User.where(staff: false, superuser: false, locked_at: nil).where("lower(username) IN (:names)", { names: member_names })
|
|
237
237
|
user_unchanged_names = user_unchanged.map { |u| u.username.downcase }
|
|
238
238
|
|
|
239
239
|
#create any new user
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: active_directory_login
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brad Murray
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-07-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|