activeldap 5.2.3 → 6.0.3

data/lib/active_ldap/base.rb

@@ -851,6 +851,8 @@ module ActiveLdap
 
       _schema = _local_entry_attribute = nil
       targets = sanitize_for_mass_assignment(new_attributes)
+      have_dn = false
+      dn_value = nil
       targets.each do |key, value|
         setter = "#{key}="
         unless respond_to?(setter)
@@ -860,8 +862,15 @@ module ActiveLdap
           _local_entry_attribute ||= local_entry_attribute
           _local_entry_attribute.register(attribute)
         end
-        send(setter, value)
+        case setter
+        when "dn=", "id="
+          have_dn = true
+          dn_value = value
+        else
+          send(setter, value)
+        end
       end
+      self.dn = dn_value if have_dn
     end
 
     def to_ldif_record
@@ -1281,6 +1290,7 @@ module ActiveLdap
     end
 
     def compute_base
+      ensure_update_dn
       base_of_class = self.class.base
       if @base_value.nil?
         base_of_class

data/lib/active_ldap/configuration.rb

@@ -48,6 +48,15 @@ module ActiveLdap
     DEFAULT_CONFIG[:retry_on_timeout] = true
     DEFAULT_CONFIG[:follow_referrals] = true
 
+    # 500 is the default size limit value of OpenLDAP 2.4:
+    #   https://openldap.org/doc/admin24/limits.html#Global%20Limits
+    #
+    # We may change this when we find LDAP server that its the default
+    # size limit is smaller than 500.
+    DEFAULT_CONFIG[:page_size] = 500
+    # Whether using paged results if available.
+    DEFAULT_CONFIG[:use_paged_results] = true
+
     DEFAULT_CONFIG[:logger] = nil
 
     module ClassMethods
@@ -103,8 +112,22 @@ module ActiveLdap
         end
       end
 
+      def parent_configuration(target)
+        if target.is_a?(Base)
+          target = target.class
+        else
+          target = target.superclass
+        end
+        while target <= Base
+          config = defined_configurations[target.active_connection_key]
+          return config if config
+          target = target.superclass
+        end
+        default_configuration
+      end
+
       def merge_configuration(user_configuration, target=self)
-        configuration = default_configuration
+        configuration = parent_configuration(target).dup
         prepare_configuration(user_configuration).each do |key, value|
           case key
           when :base

data/lib/active_ldap/connection.rb

@@ -165,11 +165,11 @@ module ActiveLdap
         connection.schema
       end
 
-      private
       def active_connection_key(k=self)
         k.name.blank? ? k.object_id : k.name
       end
 
+      private
       def determine_active_connection_name
         key = active_connection_key
         if active_connections[key] or configuration(key)

data/lib/active_ldap/human_readable.rb

@@ -17,11 +17,12 @@ module ActiveLdap
         if attribute_or_name.is_a?(Schema::Attribute)
           name = attribute_or_name.name
         else
-          attribute = schema.attribute(attribute_or_name.to_s)
+          attribute_name = attribute_or_name.to_s
+          attribute = schema.attribute(attribute_name)
           return nil if attribute.id.nil?
-          if attribute.name == attribute_or_name or
-              attribute.aliases.include?(attribute_or_name.to_s)
-            name = attribute_or_name
+          if attribute.name == attribute_name or
+              attribute.aliases.include?(attribute_name)
+            name = attribute_name
           else
             return nil
           end

data/lib/active_ldap/operations.rb

@@ -22,9 +22,23 @@ module ActiveLdap
     end
 
     module Common
-      VALID_SEARCH_OPTIONS = [:attribute, :value, :filter, :prefix,
-                              :classes, :scope, :limit, :attributes,
-                              :sort_by, :order, :connection, :base, :offset]
+      VALID_SEARCH_OPTIONS = [
+        :attribute,
+        :value,
+        :filter,
+        :prefix,
+        :classes,
+        :scope,
+        :limit,
+        :attributes,
+        :sort_by,
+        :order,
+        :connection,
+        :base,
+        :offset,
+        :use_paged_results,
+        :page_size,
+      ]
 
       def search(options={}, &block)
         validate_search_options(options)
@@ -62,6 +76,8 @@ module ActiveLdap
           :attributes => requested_attributes,
           :sort_by => options[:sort_by] || sort_by,
           :order => options[:order] || order,
+          :use_paged_results => options[:use_paged_results],
+          :page_size => options[:page_size],
         }
         options[:connection] ||= connection
         values = []
@@ -96,10 +112,11 @@ module ActiveLdap
         }
 
         attribute = attr || ensure_search_attribute
+        escaped_value = DN.escape_value(value)
         options_for_non_leaf = {
           :attribute => attr,
           :value => value,
-          :prefix => ["#{attribute}=#{value}", prefix].compact.join(","),
+          :prefix => ["#{attribute}=#{escaped_value}", prefix].compact.join(","),
           :limit => 1,
           :scope => :base,
         }

data/lib/active_ldap/persistence.rb

@@ -81,9 +81,10 @@ module ActiveLdap
       end
     end
 
-    def reload
+    def reload(options={})
       clear_association_cache
-      _, attributes = search(:value => id).find do |_dn, _attributes|
+      search_options = options.merge(value: id)
+      _, attributes = search(search_options).find do |_dn, _attributes|
         dn == _dn
       end
       if attributes.nil?

data/lib/active_ldap/validations.rb

@@ -53,15 +53,23 @@ module ActiveLdap
       errors.empty? && output
     end
 
-    def save(*)
-      valid? ? super : false
+    def save(**options)
+      perform_validations(options) ? super : false
     end
 
-    def save!(*)
-      valid? ? super : raise(EntryInvalid.new(self))
+    def save!(**options)
+      perform_validations(options) ? super : raise(EntryInvalid.new(self))
     end
 
     private
+    def perform_validations(options)
+      if options[:validate] == false
+        true
+      else
+        valid?(options[:context])
+      end
+    end
+
     def format_validation_message(format, parameters)
       format % parameters
     end

data/lib/active_ldap/version.rb

@@ -1,3 +1,3 @@
 module ActiveLdap
-  VERSION = "5.2.3"
+  VERSION = "6.0.3"
 end

data/test/add-phonetic-attribute-options-to-slapd.ldif

@@ -1,6 +1,6 @@
 # Your LDAP server needs to accept 'phonetic' attribute option for test.
 # This is a LDIF file for OpenLDAP to do the configuration.
-# You can use this file by the following command linne on Debian GNU/Linux
+# You can use this file by the following command line on Debian GNU/Linux
 # or Ubuntu:
 #   % sudo -H ldapmodify -Y EXTERNAL -H ldapi:/// -f test/add-phonetic-attribute-options-to-slapd.ldif
 version: 1

data/test/al-test-utils.rb

@@ -23,6 +23,7 @@ module AlTestUtils
       include TemporaryEntry
       include CommandSupport
       include MockLogger
+      include Omittable
     end
   end
 
@@ -39,7 +40,13 @@ module AlTestUtils
       @top_dir = File.expand_path(File.join(@base_dir, ".."))
       @example_dir = File.join(@top_dir, "examples")
       @fixtures_dir = File.join(@base_dir, "fixtures")
-      @config_file = File.join(@base_dir, "config.yaml")
+      current_config_file = File.expand_path("config.yaml")
+      test_config_file = File.join(@base_dir, "config.yaml")
+      if File.exist?(current_config_file)
+        @config_file = current_config_file
+      else
+        @config_file = test_config_file
+      end
       ActiveLdap::Base.configurations = read_config
     end
 
@@ -175,6 +182,7 @@ module AlTestUtils
       populate_ou
       populate_user_class
       populate_group_class
+      populate_group_of_urls_class
       populate_associations
     end
 
@@ -208,7 +216,7 @@ module AlTestUtils
     end
 
     def populate_ou
-      %w(Users Groups).each do |name|
+      %w(Users Groups GroupOfURLsSet).each do |name|
         make_ou(name)
       end
     end
@@ -239,6 +247,14 @@ module AlTestUtils
       assign_class_name(@group_class, "Group")
     end
 
+    def populate_group_of_urls_class
+      @group_of_urls_class = Class.new(ActiveLdap::Base)
+      @group_of_urls_class.ldap_mapping :prefix => "ou=GroupOfURLsSet",
+                                        :scope => :sub,
+                                        :classes => ["groupOfURLs"]
+      assign_class_name(@group_of_urls_class, "GroupOfURLs")
+    end
+
     def populate_associations
       @user_class.belongs_to :groups, :many => "memberUid"
       @user_class.belongs_to :primary_group,
@@ -273,41 +289,70 @@ module AlTestUtils
       super
       @user_index = 0
       @group_index = 0
+      @group_of_urls_index = 0
+      @temporary_uids = []
+    end
+
+    def teardown
+      @temporary_uids.each do |uid|
+        delete_temporary_user(uid)
+      end
+      super
+    end
+
+    def delete_temporary_user(uid)
+      return unless @user_class.exists?(uid)
+      @user_class.search(:value => uid) do |dn, attribute|
+        @user_class.remove_connection(dn)
+        @user_class.delete(dn)
+      end
+    end
+
+    def build_temporary_user(config={})
+      uid = config[:uid] || "temp-user#{@user_index}"
+      password = config[:password] || "password#{@user_index}"
+      uid_number = config[:uid_number] || default_uid
+      gid_number = config[:gid_number] || default_gid
+      home_directory = config[:home_directory] || "/nonexistent"
+      see_also = config[:see_also]
+      user = nil
+      _wrap_assertion do
+        assert(!@user_class.exists?(uid))
+        assert_raise(ActiveLdap::EntryNotFound) do
+          @user_class.find(uid).dn
+        end
+        user = @user_class.new(uid)
+        assert(user.new_entry?)
+        user.cn = user.uid
+        user.sn = user.uid
+        user.uid_number = uid_number
+        user.gid_number = gid_number
+        user.home_directory = home_directory
+        user.user_password = ActiveLdap::UserPassword.ssha(password)
+        user.see_also = see_also
+        unless config[:simple]
+          user.add_class('shadowAccount', 'inetOrgPerson',
+                         'organizationalPerson')
+          user.user_certificate = certificate
+          user.jpeg_photo = jpeg_photo
+        end
+        user.save
+        assert(!user.new_entry?)
+      end
+      [@user_class.find(user.uid), password]
     end
 
     def make_temporary_user(config={})
       @user_index += 1
-      uid = config[:uid] || "temp-user#{@user_index}"
-      ensure_delete_user(uid) do
-        password = config[:password] || "password#{@user_index}"
-        uid_number = config[:uid_number] || default_uid
-        gid_number = config[:gid_number] || default_gid
-        home_directory = config[:home_directory] || "/nonexistent"
-        see_also = config[:see_also]
-        _wrap_assertion do
-          assert(!@user_class.exists?(uid))
-          assert_raise(ActiveLdap::EntryNotFound) do
-            @user_class.find(uid).dn
-          end
-          user = @user_class.new(uid)
-          assert(user.new_entry?)
-          user.cn = user.uid
-          user.sn = user.uid
-          user.uid_number = uid_number
-          user.gid_number = gid_number
-          user.home_directory = home_directory
-          user.user_password = ActiveLdap::UserPassword.ssha(password)
-          user.see_also = see_also
-          unless config[:simple]
-            user.add_class('shadowAccount', 'inetOrgPerson',
-                           'organizationalPerson')
-            user.user_certificate = certificate
-            user.jpeg_photo = jpeg_photo
-          end
-          user.save
-          assert(!user.new_entry?)
-          yield(@user_class.find(user.uid), password)
+      config = config.merge(uid: config[:uid] || "temp-user#{@user_index}")
+      uid = config[:uid]
+      @temporary_uids << uid
+      if block_given?
+        ensure_delete_user(uid) do
+          yield(*build_temporary_user(config))
         end
+      else
+        build_temporary_user(config)
       end
     end
 
@@ -331,15 +376,30 @@ module AlTestUtils
       end
     end
 
+    def make_temporary_group_of_urls(config={})
+      @group_of_urls_index += 1
+      cn = config[:cn] || "temp-group-of-urls-#{@group_of_urls_index}"
+      ensure_delete_group_of_urls(cn) do
+        _wrap_assertion do
+          assert(!@group_of_urls_class.exists?(cn))
+          assert_raise(ActiveLdap::EntryNotFound) do
+            @group_of_urls_class.find(cn)
+          end
+          group_of_urls = @group_of_urls_class.new(cn)
+          assert(group_of_urls.new_entry?)
+          group_of_urls.member_url = config[:member_url]
+          assert(group_of_urls.save!)
+          assert(!group_of_urls.new_entry?)
+          yield(@group_of_urls_class.find(group_of_urls.cn))
+        end
+      end
+    end
+
     def ensure_delete_user(uid)
       yield(uid)
     ensure
-      if @user_class.exists?(uid)
-        @user_class.search(:value => uid) do |dn, attribute|
-          @user_class.remove_connection(dn)
-          @user_class.delete(dn)
-        end
-      end
+      delete_temporary_user(uid)
+      @temporary_uids.delete(uid)
     end
 
     def ensure_delete_group(cn)
@@ -348,6 +408,12 @@ module AlTestUtils
       @group_class.delete(cn) if @group_class.exists?(cn)
     end
 
+    def ensure_delete_group_of_urls(cn)
+      yield(cn)
+    ensure
+      @group_of_urls_class.delete(cn) if @group_of_urls_class.exists?(cn)
+    end
+
     def default_uid
       "10000#{@user_index}"
     end
@@ -373,6 +439,10 @@ module AlTestUtils
     end
 
     def run_command(*args, &block)
+      if RUBY_VERSION >= "2.7"
+        omit("Need to fix an optional arguments warning in net-ldap: " +
+            "ruby-ldap/ruby-net-ldap/pull/342")
+      end
       file = Tempfile.new("al-command-support")
       file.open
       file.puts(ActiveLdap::Base.configurations["test"].to_yaml)
@@ -425,4 +495,21 @@ module AlTestUtils
       ActiveLdap::Base.logger = original_logger
     end
   end
+
+  module Omittable
+    def omit_if_jruby(message=nil)
+      return unless RUBY_PLATFORM == "java"
+      omit(message || "This test is not for JRuby")
+    end
+
+    def omit_unless_jruby(message=nil)
+      return if RUBY_PLATFORM == "java"
+      omit(message || "This test is only for JRuby")
+    end
+
+    def omit_if_ldap(message=nil)
+      return if current_configuration[:adapter] == "ldap"
+      omit(message || "This test is not for ruby-ldap")
+    end
+  end
 end

data/test/enable-dynamic-groups.ldif

@@ -0,0 +1,22 @@
+# Your LDAP server needs to support dynamic list for test.
+# This is a LDIF file for OpenLDAP to do the configuration.
+# You can use this file by the following command line on Debian GNU/Linux
+# or Ubuntu:
+#
+#   % sudo -H ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/dyngroup.ldif
+#   % sudo -H ldapmodify -Y EXTERNAL -H ldapi:/// -f test/enable-dynamic-groups.ldif
+version: 1
+
+# Enable dynlist module
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: dynlist
+
+# Set up dynlist overlay
+dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcOverlayConfig
+objectClass: olcDynamicList
+olcOverlay: dynlist
+olcDlAttrSet: groupOfURLs memberURL member