activeldap 0.9.0 → 0.10.0

data/lib/active_ldap/adapter/net_ldap.rb

@@ -29,7 +29,11 @@ module ActiveLdap
           }
           config[:encryption] = {:method => method} if method
           begin
-            Net::LDAP::Connection.new(config)
+            uri = construct_uri(host, port, method == :simple_tls)
+            with_start_tls = method == :start_tls
+            info = {:uri => uri, :with_start_tls => with_start_tls}
+            [log("connect", info) {Net::LDAP::Connection.new(config)},
+             uri, with_start_tls]
           rescue Net::LDAP::LdapError
             raise ConnectionError, $!.message
           end
@@ -37,7 +41,7 @@ module ActiveLdap
       end
 
       def unbind(options={})
-        @bound = false
+        log("unbind") {@bound = false}
       end
 
       def bind(options={})
@@ -52,7 +56,7 @@ module ActiveLdap
       def bind_as_anonymous(options={})
         super do
           @bound = false
-          execute(:bind, :method => :anonymous)
+          execute(:bind, {:name => "bind: anonymous"}, {:method => :anonymous})
           @bound = true
         end
       end
@@ -70,7 +74,11 @@ module ActiveLdap
             :attributes => attrs,
             :size => limit,
           }
-          execute(:search, args) do |entry|
+          info = {
+            :base => base, :scope => scope_name(scope),
+            :filter => filter, :attributes => attrs,
+          }
+          execute(:search, info, args) do |entry|
             attributes = {}
             entry.original_attribute_names.each do |name|
               attributes[name] = entry[name]
@@ -80,31 +88,11 @@ module ActiveLdap
         end
       end
 
-      def to_ldif(dn, attributes)
-        entry = Net::LDAP::Entry.new(dn.dup)
-        attributes.each do |key, values|
-          entry[key] = values.flatten
-        end
-        entry.to_ldif
-      end
-
-      def load(ldifs, options={})
-        super do |ldif|
-          entry = Net::LDAP::Entry.from_single_ldif_string(ldif)
-          attributes = {}
-          entry.each do |name, values|
-            attributes[name] = values
-          end
-          attributes.delete(:dn)
-          execute(:add,
-                  :dn => entry.dn,
-                  :attributes => attributes)
-        end
-      end
-
       def delete(targets, options={})
         super do |target|
-          execute(:delete, :dn => target)
+          args = {:dn => target}
+          info = args.dup
+          execute(:delete, info, args)
         end
       end
 
@@ -116,21 +104,38 @@ module ActiveLdap
               attributes[name] = values
             end
           end
-          execute(:add, :dn => dn, :attributes => attributes)
+          args = {:dn => dn, :attributes => attributes}
+          info = args.dup
+          execute(:add, info, args)
         end
       end
 
       def modify(dn, entries, options={})
         super do |dn, entries|
-          execute(:modify,
+          info = {:dn => dn, :attributes => entries}
+          execute(:modify, info,
                   :dn => dn,
                   :operations => parse_entries(entries))
         end
       end
 
+      def modify_rdn(dn, new_rdn, delete_old_rdn, new_superior, options={})
+        super do |dn, new_rdn, delete_old_rdn, new_superior|
+          info = {
+            :name => "modify: RDN", :dn => dn, :new_rdn => new_rdn,
+            :delete_old_rdn => delete_old_rdn,
+          }
+          execute(:rename, info,
+                  :olddn => dn,
+                  :newrdn => new_rdn,
+                  :delete_attributes => delete_old_rdn)
+        end
+      end
+
       private
-      def execute(method, *args, &block)
-        result = @connection.send(method, *args, &block)
+      def execute(method, info=nil, *args, &block)
+        name = (info || {}).delete(:name) || method
+        result = log(name, info) {@connection.send(method, *args, &block)}
         message = nil
         if result.is_a?(Hash)
           message = result[:errorMessage]
@@ -139,16 +144,8 @@ module ActiveLdap
         unless result.zero?
           klass = LdapError::ERRORS[result]
           klass ||= LdapError
-          raise klass,
-                [Net::LDAP.result2string(result), message].compact.join(": ")
-        end
-      end
-
-      def root_dse(attrs, options={})
-        search(:base => "",
-               :scope => :base,
-               :attributes => attrs).collect do |dn, attributes|
-          attributes
+          message = [Net::LDAP.result2string(result), message].compact.join(": ")
+          raise klass, message
         end
       end
 
@@ -177,6 +174,14 @@ module ActiveLdap
         value
       end
 
+      def scope_name(scope)
+        {
+          Net::LDAP::SearchScope_BaseObject => :base,
+          Net::LDAP::SearchScope_WholeSubtree => :sub,
+          Net::LDAP::SearchScope_SingleLevel => :one,
+        }[scope]
+      end
+
       def sasl_bind(bind_dn, options={})
         super do |bind_dn, mechanism, quiet|
           normalized_mechanism = mechanism.downcase.gsub(/-/, '_')
@@ -191,7 +196,10 @@ module ActiveLdap
             :challenge_response => challenge_response,
           }
           @bound = false
-          execute(:bind, args)
+          info = {
+            :name => "bind: SASL", :dn => bind_dn, :mechanism => mechanism,
+          }
+          execute(:bind, info, args)
           @bound = true
         end
       end
@@ -263,7 +271,7 @@ module ActiveLdap
             :password => passwd,
           }
           @bound = false
-          execute(:bind, args)
+          execute(:bind, {:dn => bind_dn}, args)
           @bound = true
         end
       end
@@ -281,7 +289,7 @@ module ActiveLdap
 
       def ensure_mod_type(type)
         case type
-        when :replace, :add
+        when :replace, :add, :delete
           type
         else
           raise ArgumentError, _("unknown type: %s") % type

data/lib/active_ldap/association/has_many_wrap.rb

@@ -33,7 +33,7 @@ module ActiveLdap
         found_targets = {}
         foreign_base_key = primary_key
         targets.each do |target|
-          found_targets[target.send(foreign_base_key)] ||= target
+          found_targets[target[foreign_base_key]] ||= target
         end
 
         klass = foreign_class

data/lib/active_ldap/attributes.rb

@@ -3,8 +3,8 @@ module ActiveLdap
     def self.included(base)
       base.class_eval do
         extend(ClassMethods)
-        extend(Normalize)
-        include(Normalize)
+        extend(Normalizable)
+        include(Normalizable)
       end
     end
 
@@ -19,9 +19,20 @@ module ActiveLdap
           result + ancestor.instance_eval {@attr_protected ||= []}
         end
       end
+
+      def blank_value?(value)
+        case value
+        when Hash
+          value.values.all? {|val| blank_value?(val)}
+        when Array
+          value.all? {|val| blank_value?(val)}
+        else
+          value.blank?
+        end
+      end
     end
 
-    module Normalize
+    module Normalizable
       def normalize_attribute_name(name)
         name.to_s.downcase
       end
@@ -36,13 +47,7 @@ module ActiveLdap
         end
 
         name = normalize_attribute_name(name)
-        rubyish_class_name = Inflector.underscore(value.class.name)
-        handler = "normalize_attribute_value_of_#{rubyish_class_name}"
-        if respond_to?(handler, true)
-          [name, send(handler, name, value)]
-        else
-          [name, [schema.attribute(name).normalize_value(value)]]
-        end
+        [name, schema.attribute(name).normalize_value(value)]
       end
 
       def unnormalize_attributes(attributes)
@@ -59,7 +64,7 @@ module ActiveLdap
         else
           values.each do |value|
             if value.is_a?(Hash)
-              suffix, real_value = extract_attribute_options(value)
+              suffix, real_value = unnormalize_attribute_options(value)
               new_name = name + suffix
               result[new_name] ||= []
               result[new_name].concat(real_value)
@@ -72,86 +77,6 @@ module ActiveLdap
         result
       end
 
-      private
-      def normalize_attribute_value_of_array(name, value)
-	attribute = schema.attribute(name)
-        if value.size > 1 and attribute.single_value?
-          format = _("Attribute %s can only have a single value")
-          message = format % self.class.human_attribute_name(attribute)
-          raise TypeError, message
-        end
-        if value.empty?
-          if schema.attribute(name).binary_required?
-            [{'binary' => value}]
-          else
-            value
-          end
-        else
-          value.collect do |entry|
-            normalize_attribute(name, entry)[1][0]
-          end
-        end
-      end
-
-      def normalize_attribute_value_of_hash(name, value)
-        if value.keys.size > 1
-          format = _("Hashes must have one key-value pair only: %s")
-          raise TypeError, format % value.inspect
-        end
-        unless value.keys[0].match(/^(lang-[a-z][a-z]*)|(binary)$/)
-          logger.warn do
-            format = _("unknown option did not match lang-* or binary: %s")
-            format % value.keys[0]
-          end
-        end
-        # Contents MUST be a String or an Array
-        if !value.has_key?('binary') and schema.attribute(name).binary_required?
-          suffix, real_value = extract_attribute_options(value)
-          name, values =
-            normalize_attribute_options("#{name}#{suffix};binary", real_value)
-          values
-        else
-          [value]
-        end
-      end
-
-      def normalize_attribute_value_of_nil_class(name, value)
-        if schema.attribute(name).binary_required?
-          [{'binary' => []}]
-        else
-          []
-        end
-      end
-
-      def normalize_attribute_value_of_string(name, value)
-        if schema.attribute(name).binary_required?
-          [{'binary' => [value]}]
-        else
-          [value]
-        end
-      end
-
-      def normalize_attribute_value_of_date(name, value)
-        new_value = sprintf('%.04d%.02d%.02d%.02d%.02d%.02d%s',
-                            value.year, value.month, value.mday, 0, 0, 0,
-                            '+0000')
-        normalize_attribute_value_of_string(name, new_value)
-      end
-
-      def normalize_attribute_value_of_time(name, value)
-        new_value = sprintf('%.04d%.02d%.02d%.02d%.02d%.02d%s',
-                            0, 0, 0, value.hour, value.min, value.sec,
-                            value.zone)
-        normalize_attribute_value_of_string(name, new_value)
-      end
-
-      def normalize_attribute_value_of_date_time(name, value)
-        new_value = sprintf('%.04d%.02d%.02d%.02d%.02d%.02d%s',
-                            value.year, value.month, value.mday, value.hour,
-                            value.min, value.sec, value.zone)
-        normalize_attribute_value_of_string(name, new_value)
-      end
-
       # normalize_attribute_options
       #
       # Makes the Hashized value from the full attribute name
@@ -165,18 +90,18 @@ module ActiveLdap
          [options.reverse.inject(value) {|result, option| {option => result}}]]
       end
 
-      # extract_attribute_options
+      # unnormalize_attribute_options
       #
-      # Extracts all of the subtypes from a given set of nested hashes
+      # Unnormalizes all of the subtypes from a given set of nested hashes
       # and returns the attribute suffix and the final true value
-      def extract_attribute_options(value)
+      def unnormalize_attribute_options(value)
         options = ''
         ret_val = value
         if value.class == Hash
           options = ';' + value.keys[0]
           ret_val = value[value.keys[0]]
           if ret_val.class == Hash
-            sub_options, ret_val = extract_attribute_options(ret_val)
+            sub_options, ret_val = unnormalize_attribute_options(ret_val)
             options += sub_options
           end
         end

data/lib/active_ldap/base.rb

@@ -123,16 +123,63 @@ module ActiveLdap
   end
 
   class LdifInvalid < Error
-    attr_reader :ldif, :reason
-    def initialize(ldif, reason=nil)
+    attr_reader :ldif, :reason, :line, :column, :nearest
+    def initialize(ldif, reason=nil, line=nil, column=nil)
       @ldif = ldif
       @reason = reason
+      @line = line
+      @column = column
+      @nearest = nil
       if @reason
-        message = _("%s is invalid LDIF: %s") % [@ldif, @reason]
+        message = _("invalid LDIF: %s:") % @reason
       else
-        message = _("%s is invalid LDIF") % @ldif
+        message = _("invalid LDIF:")
       end
-      super(message)
+      if @line and @column
+        @nearest = detect_nearest(@line, @column)
+        snippet = generate_snippet
+        message << "\n#{snippet}\n"
+      end
+      super("#{message}\n#{numbered_ldif}")
+    end
+
+    NEAREST_MARK = "|@|"
+    private
+    def detect_nearest(line, column)
+      nearest = @ldif.to_a[line - 1] || ""
+      if column - 1 == nearest.size # for JRuby 1.0.2 :<
+        nearest << NEAREST_MARK
+      else
+        nearest[column - 1, 0] = NEAREST_MARK
+      end
+      nearest = "#{@ldif.to_a[line - 2]}#{nearest}" if nearest == NEAREST_MARK
+      nearest
+    end
+
+    def generate_snippet
+      nearest = @nearest.chomp
+      column_column = ":#{@column}"
+      target_position_info = "#{@line}#{column_column}: "
+      if /\n/ =~ nearest
+        snippet = "%#{Math.log10(@line).truncate}d" % (@line - 1)
+        snippet << " " * column_column.size
+        snippet << ": "
+        snippet << nearest.gsub(/\n/, "\n#{target_position_info}")
+      else
+        snippet = "#{target_position_info}#{nearest}"
+      end
+      snippet
+    end
+
+    def numbered_ldif
+      return @ldif if @ldif.blank?
+      lines = @ldif.to_a
+      format = "%#{Math.log10(lines.size).truncate + 1}d: %s"
+      i = 0
+      lines.collect do |line|
+        i += 1
+        format % [i, line]
+      end.join
     end
   end
 
@@ -173,6 +220,15 @@ module ActiveLdap
     end
   end
 
+  class AttributeValueInvalid < Error
+    attr_reader :attribute, :value
+    def initialize(attribute, value, message)
+      @attribute = attribute
+      @value = value
+      super(message)
+    end
+  end
+
   # Base
   #
   # Base is the primary class which contains all of the core
@@ -190,9 +246,12 @@ module ActiveLdap
       end
     end
 
+    cattr_accessor :colorize_logging, :instance_writer => false
+    @@colorize_logging = true
+
     VALID_LDAP_MAPPING_OPTIONS = [:dn_attribute, :prefix, :scope,
                                   :classes, :recommended_classes,
-                                  :sort_by, :order]
+                                  :excluded_classes, :sort_by, :order]
 
     cattr_accessor :logger
     cattr_accessor :configurations
@@ -228,6 +287,7 @@ module ActiveLdap
     class_local_attr_accessor false, :prefix, :base
     class_local_attr_accessor true, :dn_attribute, :scope, :sort_by, :order
     class_local_attr_accessor true, :required_classes, :recommended_classes
+    class_local_attr_accessor true, :excluded_classes
 
     class << self
       # Hide new in Base
@@ -297,6 +357,7 @@ module ActiveLdap
         self.scope = options[:scope]
         self.required_classes = options[:classes]
         self.recommended_classes = options[:recommended_classes]
+        self.excluded_classes = options[:excluded_classes]
         self.sort_by = options[:sort_by]
         self.order = options[:order]
 
@@ -323,6 +384,16 @@ module ActiveLdap
         end.join(",")
       end
 
+      alias_method :base_without_parsed_cache_clear=, :base=
+      def base=(value)
+        self.base_without_parsed_cache_clear = value
+        @parsed_base = nil
+      end
+
+      def parsed_base
+        @parsed_base ||= DN.parse(base)
+      end
+
       alias_method :scope_without_validation=, :scope=
       def scope=(scope)
         validate_scope(scope)
@@ -410,6 +481,7 @@ module ActiveLdap
     self.scope = :sub
     self.required_classes = ['top']
     self.recommended_classes = []
+    self.excluded_classes = []
 
     include Enumerable
 
@@ -424,25 +496,26 @@ module ActiveLdap
       init_base
       @new_entry = true
       initial_classes = required_classes | recommended_classes
-      if attributes.nil?
-        apply_object_class(initial_classes)
-      elsif attributes.is_a?(String) or attributes.is_a?(Array)
-        apply_object_class(initial_classes)
+      case attributes
+      when nil
+        self.classes = initial_classes
+      when String, Array, DN
+        self.classes = initial_classes
         self.dn = attributes
-      elsif attributes.is_a?(Hash)
+      when Hash
         classes, attributes = extract_object_class(attributes)
-        apply_object_class(classes | initial_classes)
+        self.classes = classes | initial_classes
         normalized_attributes = {}
         attributes.each do |key, value|
           real_key = to_real_attribute_name(key) || key
           normalized_attributes[real_key] = value
         end
-        self.dn = normalized_attributes[dn_attribute]
+        self.dn = normalized_attributes.delete(dn_attribute)
         self.attributes = normalized_attributes
       else
-        message = _("'%s' must be either nil, DN value as String or Array " \
-                    "or attributes as Hash") % attributes.inspect
-        raise ArgumentError, message
+        format = _("'%s' must be either nil, DN value as ActiveLdap::DN, " \
+                   "String or Array or attributes as Hash")
+        raise ArgumentError, format % attributes.inspect
       end
       yield self if block_given?
       assert_dn_attribute
@@ -471,13 +544,11 @@ module ActiveLdap
     end
 
     def may
-      ensure_apply_object_class
-      @may
+      entry_attribute.may
     end
 
     def must
-      ensure_apply_object_class
-      @must
+      entry_attribute.must
     end
 
     # attributes
@@ -485,15 +556,7 @@ module ActiveLdap
     # Return attribute methods so that a program can determine available
     # attributes dynamically without schema awareness
     def attribute_names(normalize=false)
-      ensure_apply_object_class
-      names = @attribute_names.keys
-      if normalize
-        names.collect do |name|
-          to_real_attribute_name(name)
-        end.uniq
-      else
-        names
-      end
+      entry_attribute.names(normalize)
     end
 
     def attribute_present?(name)
@@ -520,16 +583,7 @@ module ActiveLdap
     #
     # Return the authoritative dn
     def dn
-      return base if @dn_is_base
-
-      dn_value = id
-      if dn_value.nil?
-        raise DistinguishedNameNotSetError.new,
-                _("%s's DN attribute (%s) isn't set") % [self, dn_attribute]
-      end
-      _base = base
-      _base = nil if _base.empty?
-      ["#{dn_attribute}=#{dn_value}", _base].compact.join(",")
+      @dn ||= compute_dn
     end
 
     def id
@@ -542,6 +596,7 @@ module ActiveLdap
 
     def dn=(value)
       set_attribute(dn_attribute, value)
+      @dn = nil
     end
     alias_method(:id=, :dn=)
 
@@ -593,8 +648,6 @@ module ActiveLdap
     #       using class_eval instead of using method_missing.  This would
     #       give tab completion in irb.
     def method_missing(name, *args, &block)
-      ensure_apply_object_class
-
       key = name.to_s
       case key
       when /=$/
@@ -629,8 +682,7 @@ module ActiveLdap
 
     # Add available attributes to the methods
     def methods(inherited_too=true)
-      ensure_apply_object_class
-      target_names = @attribute_names.keys + @attribute_aliases.keys
+      target_names = entry_attribute.all_names
       target_names -= ['objectClass', Inflector.underscore('objectClass')]
       super + target_names.uniq.collect do |x|
         [x, "#{x}=", "#{x}?", "#{x}_before_type_cast"]
@@ -639,10 +691,12 @@ module ActiveLdap
 
     alias_method :respond_to_without_attributes?, :respond_to?
     def respond_to?(name, include_priv=false)
-      have_attribute?(name.to_s) or
-        (/(?:=|\?|_before_type_cast)$/ =~ name.to_s and
-         have_attribute?($PREMATCH)) or
-        super
+      return true if super
+
+      name = name.to_s
+      return true if have_attribute?(name)
+      return false if /(?:=|\?|_before_type_cast)$/ !~ name
+      have_attribute?($PREMATCH)
     end
 
     # Updates a given attribute and saves immediately
@@ -677,7 +731,7 @@ module ActiveLdap
     # Do not let URL/form hackers supply the keys.
     def attributes=(new_attributes)
       return if new_attributes.nil?
-      _schema = nil
+      _schema = _local_entry_attribute = nil
       targets = remove_attributes_protected_from_mass_assignment(new_attributes)
       targets.each do |key, value|
         setter = "#{key}="
@@ -685,14 +739,15 @@ module ActiveLdap
           _schema ||= schema
           attribute = _schema.attribute(key)
           next if attribute.id.nil?
-          define_attribute_methods(attribute)
+          _local_entry_attribute ||= local_entry_attribute
+          _local_entry_attribute.register(attribute)
         end
         send(setter, value)
       end
     end
 
     def to_ldif
-      super(dn, normalize_data(@data))
+      super(dn, @data)
     end
 
     def to_xml(options={})
@@ -735,7 +790,7 @@ module ActiveLdap
 
       @ldap_data.update(attributes)
       classes, attributes = extract_object_class(attributes)
-      apply_object_class(classes)
+      self.classes = classes
       self.attributes = attributes
       @new_entry = false
       self
@@ -759,11 +814,9 @@ module ActiveLdap
       end
     end
 
-    def bind(config_or_password={}, &block)
+    def bind(config_or_password={}, config_or_ignore=nil, &block)
       if config_or_password.is_a?(String)
-        config = {:password => config_or_password}
-      elsif config_or_password.respond_to?(:call)
-        config = {:password_block => config_or_password}
+        config = (config_or_ignore || {}).merge(:password => config_or_password)
       else
         config = config_or_password
       end
@@ -776,7 +829,7 @@ module ActiveLdap
         @connection = nil
         connection.connect
         @connection = connection
-        @schema = nil
+        clear_connection_based_cache
         clear_association_cache
       rescue ActiveLdap::Error
         remove_connection
@@ -786,6 +839,17 @@ module ActiveLdap
       true
     end
 
+    def clear_connection_based_cache
+      @schema = nil
+      @local_entry_attribute = nil
+      clear_object_class_based_cache
+    end
+
+    def clear_object_class_based_cache
+      @entry_attribute = nil
+      @real_names = {}
+    end
+
     def schema
       @schema ||= super
     end
@@ -797,6 +861,7 @@ module ActiveLdap
 
     undef_method :base=
     def base=(object_local_base)
+      @dn = nil
       @base = object_local_base
     end
 
@@ -824,42 +889,50 @@ module ActiveLdap
     end
 
     private
+    def attribute_name_resolvable_without_connection?
+      @entry_attribute and @local_entry_attribute
+    end
+
+    def entry_attribute
+      @entry_attribute ||= connection.entry_attribute(@data["objectClass"] || [])
+    end
+
+    def local_entry_attribute
+      @local_entry_attribute ||= connection.entry_attribute([])
+    end
+
     def abbreviate_instance_variables
       @abbreviating ||= nil
       connection, @connection = @connection, nil
       schema, @schema = @schema, nil
-      attribute_schemata, @attribute_schemata = @attribute_schemata, nil
-      must, may = @must, @may
-      object_classes = @object_classes
+      entry_attribute, @entry_attribute = @entry_attribute, nil
+      local_entry_attribute, @local_entry_attribute = @local_entry_attribute, nil
+      real_names, @real_names = @real_names, nil
       unless @abbreviating
         @abbreviating = true
-        @must, @may = @must.collect(&:name), @may.collect(&:name)
-        @object_classes = @object_classes.collect(&:name)
       end
       yield
     ensure
       @connection = connection
       @schema = schema
-      @attribute_schemata = attribute_schemata
-      @must = must
-      @may = may
-      @object_classes = object_classes
+      @entry_attribute = entry_attribute
+      @local_entry_attribute = local_entry_attribute
+      @real_names = real_names
       @abbreviating = false
     end
 
     def extract_object_class(attributes)
       classes = []
-      attrs = attributes.stringify_keys.reject do |key, value|
-        if key == 'objectClass' or
-            key.underscore == 'object_class' or
-            key.downcase == 'objectclass'
-          classes |= [value].flatten
-          true
+      attrs = {}
+      attributes.each do |key, value|
+        key = key.to_s
+        if /\Aobject_?class\z/i =~ key
+          classes.concat(value.to_a)
         else
-          false
+          attrs[key] = value
         end
       end
-      [classes, attrs]
+      [classes, attributes]
     end
 
     def init_base
@@ -868,11 +941,12 @@ module ActiveLdap
 
     def initialize_by_ldap_data(dn, attributes)
       init_base
+      @dn = dn
       @new_entry = false
       @dn_is_base = false
       @ldap_data = attributes
       classes, attributes = extract_object_class(attributes)
-      apply_object_class(classes)
+      self.classes = classes
       self.dn = dn
       self.attributes = attributes
       yield self if block_given?
@@ -893,32 +967,22 @@ module ActiveLdap
 
     def to_real_attribute_name(name, allow_normalized_name=false)
       return name if name.nil?
-      ensure_apply_object_class
-      name = name.to_s
-      real_name = @attribute_names[name]
-      real_name ||= @attribute_aliases[Inflector.underscore(name)]
-      if real_name
-        real_name
-      elsif allow_normalized_name
-        @normalized_attribute_names[normalize_attribute_name(name)]
+      if allow_normalized_name
+        entry_attribute.normalize(name, allow_normalized_name) ||
+          local_entry_attribute.normalize(name, allow_normalized_name)
       else
-        nil
+        @real_names[name] ||=
+          entry_attribute.normalize(name, false) ||
+          local_entry_attribute.normalize(name, false)
       end
     end
 
-    def ensure_apply_object_class
-      current_object_class = @data['objectClass']
-      return if current_object_class.nil? or current_object_class == @last_oc
-      apply_object_class(current_object_class)
-    end
-
     # enforce_type
     #
     # enforce_type applies your changes without attempting to write to LDAP.
     # This means that if you set userCertificate to somebinary value, it will
     # wrap it up correctly.
     def enforce_type(key, value)
-      ensure_apply_object_class
       # Enforce attribute value formatting
       normalize_attribute(key, value)[1]
     end
@@ -927,60 +991,12 @@ module ActiveLdap
       @mutex = Mutex.new
       @data = {} # where the r/w entry data is stored
       @ldap_data = {} # original ldap entry data
-      @attribute_schemata = {}
-      @attribute_names = {} # list of valid method calls for attributes used
-                            # for dereferencing
-      @normalized_attribute_names = {} # list of normalized attribute name
-      @attribute_aliases = {} # aliases of @attribute_names
-      @last_oc = false # for use in other methods for "caching"
       @dn_attribute = nil
       @base = nil
       @scope = nil
+      @dn = nil
       @connection ||= nil
-    end
-
-    # apply_object_class
-    #
-    # objectClass= special case for updating appropriately
-    # This updates the objectClass entry in @data. It also
-    # updating all required and allowed attributes while
-    # removing defined attributes that are no longer valid
-    # given the new objectclasses.
-    def apply_object_class(val)
-      new_oc = val
-      new_oc = [val] if new_oc.class != Array
-      new_oc = new_oc.uniq
-      return new_oc if @last_oc == new_oc
-
-      # Store for caching purposes
-      @last_oc = new_oc.dup
-
-      # Set the actual objectClass data
-      define_attribute_methods(schema.attribute('objectClass'))
-      replace_class(*new_oc)
-
-      # Build |data| from schema
-      # clear attribute name mapping first
-      @attribute_schemata = {}
-      @attribute_names = {}
-      @normalized_attribute_names = {}
-      @attribute_aliases = {}
-      @must = []
-      @may = []
-      @object_classes = []
-      new_oc.each do |objc|
-        # get all attributes for the class
-        object_class = schema.object_class(objc)
-        @object_classes << object_class
-        @must.concat(object_class.must)
-        @may.concat(object_class.may)
-      end
-      @must.uniq!
-      @may.uniq!
-      (@must + @may).each do |attr|
-        # Update attr_method with appropriate
-        define_attribute_methods(attr)
-      end
+      clear_connection_based_cache
     end
 
     # get_attribute
@@ -999,7 +1015,11 @@ module ActiveLdap
         value.each do |option, val|
           result[option] = type_cast(attribute, val)
         end
-        result
+        if result.size == 1 and result.has_key?("binary")
+          result["binary"]
+        else
+          result
+        end
       when Array
         value.collect do |val|
           type_cast(attribute, val)
@@ -1013,11 +1033,7 @@ module ActiveLdap
       name = to_real_attribute_name(name)
 
       value = @data[name] || []
-      if force_array
-        [name, value.dup]
-      else
-        [name, array_of(value.dup, false)]
-      end
+      [name, array_of(value, force_array)]
     end
 
     def get_attribute_as_query(name, force_array=false)
@@ -1042,35 +1058,25 @@ module ActiveLdap
       attr, value = update_dn(attr, value) if attr == dn_attribute
       raise UnknownAttribute.new(name) if attr.nil?
 
-      case value
-      when nil, ""
-        value = []
-      when Array
-        value = value.collect {|c| c.blank? ? [] : c}.flatten
-      when String
-        value = [value]
-      when Numeric
-        value = [value.to_s]
-      end
-
-      @data[attr] = enforce_type(attr, value)
+      @data[attr] = value
     end
 
     def update_dn(attr, value)
+      @dn = nil
       @dn_is_base = false
-      return [attr, value] if value.blank?
+      return [attr, nil] if value.blank?
 
-      new_dn_attribute, new_value, base = split_dn_value(value)
+      new_dn_attribute, new_value, bases = split_dn_value(value)
       if new_dn_attribute.nil? and new_value.nil?
         @dn_is_base = true
         @base = nil
-        attr, value = DN.parse(base).rdns[0].to_a[0]
+        attr, value = bases[0].to_a[0]
         @dn_attribute = attr
       else
         new_dn_attribute = to_real_attribute_name(new_dn_attribute)
         if new_dn_attribute
           value = new_value
-          @base = base
+          @base = bases.empty? ? nil : DN.new(*bases).to_s
           if dn_attribute != new_dn_attribute
             @dn_attribute = attr = new_dn_attribute
           end
@@ -1082,13 +1088,14 @@ module ActiveLdap
     def split_dn_value(value)
       dn_value = relative_dn_value = nil
       begin
-        dn_value = DN.parse(value)
+        dn_value = value if value.is_a?(DN)
+        dn_value ||= DN.parse(value)
       rescue DistinguishedNameInvalid
         dn_value = DN.parse("#{dn_attribute}=#{value}")
       end
 
       begin
-        relative_dn_value = dn_value - DN.parse(base_of_class)
+        relative_dn_value = dn_value - self.class.parsed_base
         if relative_dn_value.rdns.empty?
           val = []
           bases = dn_value.rdns
@@ -1100,23 +1107,25 @@ module ActiveLdap
       end
 
       dn_attribute_name, dn_attribute_value = val.to_a[0]
-      [dn_attribute_name, dn_attribute_value,
-       bases.empty? ? nil : DN.new(*bases).to_s]
+      [dn_attribute_name, dn_attribute_value, bases]
     end
 
-    # define_attribute_methods
-    #
-    # Make a method entry for _every_ alias of a valid attribute and map it
-    # onto the first attribute passed in.
-    def define_attribute_methods(attribute)
-      real_name = attribute.name
-      return if @attribute_schemata.has_key?(real_name)
-      @attribute_schemata[real_name] = attribute
-      ([real_name] + attribute.aliases).each do |name|
-        @attribute_names[name] = real_name
-        @attribute_aliases[Inflector.underscore(name)] = real_name
-        @normalized_attribute_names[normalize_attribute_name(name)] = real_name
+    def compute_dn(escape_dn_value=false)
+      return base if @dn_is_base
+
+      dn_value = id
+      if dn_value.nil?
+        raise DistinguishedNameNotSetError.new,
+                _("%s's DN attribute (%s) isn't set") % [self, dn_attribute]
       end
+      dn_value = DN.escape_value(dn_value) if escape_dn_value
+      _base = base
+      _base = nil if _base.empty?
+      ["#{dn_attribute}=#{dn_value}", _base].compact.join(",")
+    end
+
+    def escaped_dn
+      compute_dn(true)
     end
 
     # array_of
@@ -1127,7 +1136,7 @@ module ActiveLdap
       case value
       when Array
         if to_a or value.size > 1
-          value.collect {|v| array_of(v, to_a)}
+          value.collect {|v| array_of(v, false)}.compact
         else
           if value.empty?
             nil
@@ -1144,7 +1153,7 @@ module ActiveLdap
           result
         end
       else
-        to_a ? [value.to_s] : value.to_s
+        to_a ? [value] : value
       end
     end
 
@@ -1158,7 +1167,7 @@ module ActiveLdap
         real_name ||= key
         next if _schema.attribute(real_name).id.nil?
         result[real_name] ||= []
-        result[real_name].concat(values)
+        result[real_name].concat(enforce_type(real_name, values))
       end
       result
     end
@@ -1205,14 +1214,14 @@ module ActiveLdap
       dn_value = data[dn_attr]
 
       attributes = []
-      attributes.push([:add, dn_attr, dn_value])
+      attributes.push([dn_attr, dn_value])
 
       oc_value = data['objectClass']
-      attributes.push([:add, 'objectClass', oc_value])
+      attributes.push(['objectClass', oc_value])
       data.each do |key, value|
         next if value.empty? or key == 'objectClass' or key == dn_attr
 
-        attributes.push([:add, key, value])
+        attributes.push([key, value])
       end
 
       attributes
@@ -1256,7 +1265,7 @@ module ActiveLdap
     def create
       prepare_data_for_saving do |data, ldap_data|
         attributes = collect_all_attributes(data)
-        add_entry(dn, attributes)
+        add_entry(escaped_dn, attributes)
         @new_entry = false
         true
       end
@@ -1265,7 +1274,7 @@ module ActiveLdap
     def update
       prepare_data_for_saving do |data, ldap_data|
         attributes = collect_modified_attributes(ldap_data, data)
-        modify_entry(dn, attributes)
+        modify_entry(escaped_dn, attributes)
         true
       end
     end