activesambaldap 0.0.2 → 0.0.3

data/lib/active_samba_ldap/group.rb

@@ -1,182 +1,17 @@
-require 'English'
-
+require 'active_samba_ldap/base'
 require 'active_samba_ldap/entry'
+require 'active_samba_ldap/samba_entry'
+require 'active_samba_ldap/group_entry'
+require 'active_samba_ldap/samba_group_entry'
 
 module ActiveSambaLdap
   class Group < Base
     include Reloadable
 
     include Entry
+    include SambaEntry
 
-    class << self
-      def ldap_mapping(options={})
-        options = default_options.merge(options)
-        super(extract_ldap_mapping_options(options))
-        init_associations(options)
-      end
-
-      def find_by_name_or_gid_number(key)
-        group = nil
-        begin
-          gid_number = Integer(key)
-          group = find_by_gid_number(gid_number)
-          raise GidNumberDoesNotExist.new(gid_number) if group.nil?
-        rescue ArgumentError
-          raise GroupDoesNotExist.new(key) unless exists?(key)
-          group = find(key)
-        end
-        group
-      end
-
-      def find_by_gid_number(number)
-        attribute = "gidNumber"
-        value = Integer(number).to_s
-        find(:first, :filter => "(#{attribute}=#{value})")
-      end
-
-      private
-      def default_options
-        {
-          :dn_attribute => "cn",
-          :prefix => configuration[:groups_suffix],
-          :classes => default_classes,
-
-          :members_wrap => "memberUid",
-          :users_class => default_user_class,
-          :computers_class => default_computer_class,
-
-          :primary_members_foreign_key => "gidNumber",
-          :primary_members_primary_key => "gidNumber",
-          :primary_users_class => default_user_class,
-          :primary_computers_class => default_computer_class,
-        }
-      end
-
-      def default_classes
-        ["top", "posixGroup"]
-      end
-
-      def default_user_class
-        "User"
-      end
-
-      def default_computer_class
-        "Computer"
-      end
-
-      def init_associations(options)
-        association_options = {}
-        options.each do |key, value|
-          case key.to_s
-          when /^((?:primary_)?(?:(?:user|computer|member)s))_/
-            association_options[$1] ||= {}
-            association_options[$1][$POSTMATCH.to_sym] = value
-          end
-        end
-
-        members_opts = association_options["members"] || {}
-        user_members_opts = association_options["users"] || {}
-        computer_members_opts = association_options["computers"] || {}
-        has_many :users, members_opts.merge(user_members_opts)
-        has_many :computers, members_opts.merge(computer_members_opts)
-
-        primary_members_opts = association_options["primary_members"] || {}
-        primary_user_members_opts =
-          association_options["primary_users"] || {}
-        primary_computer_members_opts =
-          association_options["primary_computers"] || {}
-        has_many :primary_users,
-                 primary_members_opts.merge(primary_user_members_opts)
-        has_many :primary_computers,
-                 primary_members_opts.merge(primary_computer_members_opts)
-      end
-
-      def prepare_create_options(group, options)
-        prepare_create_options_for_number(:gid_number, group, options)
-      end
-    end
-
-    def fill_default_values(options={})
-      gid_number = options[:gid_number]
-      change_gid_number(gid_number) if gid_number
-      self.description ||= options[:description] || cn
-    end
-
-    def members
-      users.to_ary + computers.to_ary
-    end
-
-    def reload_members
-      users.reload
-      computers.reload
-    end
-
-    def primary_members
-      primary_users.to_ary + primary_computers.to_ary
-    end
-
-    def reload_primary_members
-      primary_users.reload
-      primary_computers.reload
-    end
-
-    def change_gid_number(gid, allow_non_unique=false)
-      check_unique_gid_number(gid) unless allow_non_unique
-      self.gid_number = gid.to_s
-    end
-
-    def destroy(options={})
-      if options[:remove_members]
-        if options[:force_change_primary_members]
-          change_primary_members(options)
-        end
-        reload_primary_members
-        unless primary_members.empty?
-          not_destroyed_members = primary_members.collect {|x| x.uid}
-          raise PrimaryGroupCanNotBeDestroyed.new(cn, not_destroyed_members)
-        end
-        self.users = []
-        self.computers = []
-      end
-      super()
-    end
-
-    private
-    def ensure_uid(member_or_uid)
-      if member_or_uid.is_a?(String)
-        member_or_uid
-      else
-        member_or_uid.uid
-      end
-    end
-
-    def check_unique_gid_number(gid_number)
-      ActiveSambaLdap::Base.restart_nscd do
-        if self.class.find_by_gid_number(Integer(gid_number))
-          raise GidNumberAlreadyExists.new(gid_number)
-        end
-      end
-    end
-
-    def change_primary_members(options={})
-      name = cn
-
-      pr_members = primary_members
-      cannot_removed_members = []
-      pr_members.each do |member|
-        if (member.groups.collect {|group| group.cn} - [name]).empty?
-          cannot_removed_members << member.uid
-        end
-      end
-      unless cannot_removed_members.empty?
-        raise CanNotChangePrimaryGroup.new(name, cannot_removed_members)
-      end
-
-      pr_members.each do |member|
-        new_group = member.groups.find {|gr| gr.cn != name}
-        member.primary_group = new_group
-        member.save!
-      end
-    end
+    include GroupEntry
+    include SambaGroupEntry
   end
 end

data/lib/active_samba_ldap/group_entry.rb

@@ -0,0 +1,188 @@
+require 'English'
+
+require 'active_samba_ldap/entry'
+
+module ActiveSambaLdap
+  module GroupEntry
+    def self.included(base)
+      super
+      base.extend(ClassMethods)
+    end
+
+    module ClassMethods
+      def ldap_mapping(options={})
+        options = default_options.merge(options)
+        super(extract_ldap_mapping_options(options))
+        init_associations(options)
+      end
+
+      def find_by_name_or_gid_number(key)
+        group = nil
+        begin
+          gid_number = Integer(key)
+          group = find_by_gid_number(gid_number)
+          raise GidNumberDoesNotExist.new(gid_number) if group.nil?
+        rescue ArgumentError
+          raise GroupDoesNotExist.new(key) unless exists?(key)
+          group = find(key)
+        end
+        group
+      end
+
+      def find_by_gid_number(number)
+        attribute = "gidNumber"
+        value = Integer(number).to_s
+        find(:first, :filter => "(#{attribute}=#{value})")
+      end
+
+      private
+      def default_options
+        {
+          :dn_attribute => "cn",
+          :prefix => configuration[:groups_suffix],
+          :classes => default_classes,
+          :recommended_classes => default_recommended_classes,
+
+          :members_wrap => "memberUid",
+          :users_class => default_user_class,
+          :computers_class => default_computer_class,
+
+          :primary_members_foreign_key => "gidNumber",
+          :primary_members_primary_key => "gidNumber",
+          :primary_users_class => default_user_class,
+          :primary_computers_class => default_computer_class,
+        }
+      end
+
+      def default_classes
+        ["top", "posixGroup"]
+      end
+
+      def default_recommended_classes
+        []
+      end
+
+      def default_user_class
+        "User"
+      end
+
+      def default_computer_class
+        "Computer"
+      end
+
+      def init_associations(options)
+        association_options = {}
+        options.each do |key, value|
+          case key.to_s
+          when /^((?:primary_)?(?:(?:user|computer|member)s))_/
+            association_options[$1] ||= {}
+            association_options[$1][$POSTMATCH.to_sym] = value
+          end
+        end
+
+        members_opts = association_options["members"] || {}
+        user_members_opts = association_options["users"] || {}
+        computer_members_opts = association_options["computers"] || {}
+        has_many :users, members_opts.merge(user_members_opts)
+        has_many :computers, members_opts.merge(computer_members_opts)
+
+        primary_members_opts = association_options["primary_members"] || {}
+        primary_user_members_opts =
+          association_options["primary_users"] || {}
+        primary_computer_members_opts =
+          association_options["primary_computers"] || {}
+        has_many :primary_users,
+                 primary_members_opts.merge(primary_user_members_opts)
+        has_many :primary_computers,
+                 primary_members_opts.merge(primary_computer_members_opts)
+      end
+
+      def prepare_create_options(group, options)
+        prepare_create_options_for_number(:gid_number, group, options)
+      end
+    end
+
+    def fill_default_values(options={})
+      gid_number = options[:gid_number]
+      change_gid_number(gid_number) if gid_number
+      self.description ||= options[:description] || cn
+    end
+
+    def members
+      users.to_ary + computers.to_ary
+    end
+
+    def reload_members
+      users.reload
+      computers.reload
+    end
+
+    def primary_members
+      primary_users.to_ary + primary_computers.to_ary
+    end
+
+    def reload_primary_members
+      primary_users.reload
+      primary_computers.reload
+    end
+
+    def change_gid_number(gid, allow_non_unique=false)
+      check_unique_gid_number(gid) unless allow_non_unique
+      self.gid_number = gid.to_s
+    end
+
+    def destroy(options={})
+      if options[:remove_members]
+        if options[:force_change_primary_members]
+          change_primary_members(options)
+        end
+        reload_primary_members
+        unless primary_members.empty?
+          not_destroyed_members = primary_members.collect {|x| x.uid}
+          raise PrimaryGroupCanNotBeDestroyed.new(cn, not_destroyed_members)
+        end
+        self.users = []
+        self.computers = []
+      end
+      super()
+    end
+
+    private
+    def ensure_uid(member_or_uid)
+      if member_or_uid.is_a?(String)
+        member_or_uid
+      else
+        member_or_uid.uid
+      end
+    end
+
+    def check_unique_gid_number(gid_number)
+      ActiveSambaLdap::Base.restart_nscd do
+        if self.class.find_by_gid_number(Integer(gid_number))
+          raise GidNumberAlreadyExists.new(gid_number)
+        end
+      end
+    end
+
+    def change_primary_members(options={})
+      name = cn
+
+      pr_members = primary_members
+      cannot_removed_members = []
+      pr_members.each do |member|
+        if (member.groups.collect {|group| group.cn} - [name]).empty?
+          cannot_removed_members << member.uid
+        end
+      end
+      unless cannot_removed_members.empty?
+        raise CanNotChangePrimaryGroup.new(name, cannot_removed_members)
+      end
+
+      pr_members.each do |member|
+        new_group = member.groups.find {|gr| gr.cn != name}
+        member.primary_group = new_group
+        member.save!
+      end
+    end
+  end
+end

data/lib/active_samba_ldap/populate.rb

@@ -37,9 +37,9 @@ module ActiveSambaLdap
         end
 
         def init_classes
-          @options[:user_class] = user_class = Class.new(SambaUser)
-          @options[:group_class] = group_class = Class.new(SambaGroup)
-          @options[:computer_class] = computer_class = Class.new(SambaComputer)
+          @options[:user_class] = user_class = Class.new(User)
+          @options[:group_class] = group_class = Class.new(Group)
+          @options[:computer_class] = computer_class = Class.new(Computer)
           @options[:idmap_class] = idmap_class = Class.new(Idmap)
           @options[:unix_id_pool_class] = id_pool_class = Class.new(UnixIdPool)
 
@@ -112,7 +112,10 @@ module ActiveSambaLdap
             next if container_class.exists?(value, :prefix => suffix)
             container = container_class.new(value)
             yield(container) if block_given?
-            container.save!
+            begin
+              container.save!
+            rescue ActiveLdap::OperationNotPermitted
+            end
             entries << container
           end
           entries

data/lib/active_samba_ldap/{samba_account.rb → samba_account_entry.rb}

@@ -1,5 +1,5 @@
 module ActiveSambaLdap
-  module SambaAccount
+  module SambaAccountEntry
     def self.included(base)
       super
       base.extend(ClassMethods)
@@ -24,10 +24,15 @@ module ActiveSambaLdap
       end
     end
 
-    FAR_FUTURE_TIME = Time.parse("2050/01/01").to_i.to_s
+    # FAR_FUTURE_TIME = Time.parse("2050/01/01").to_i.to_s
+    FAR_FUTURE_TIME = Time.parse("2038/01/19").to_i.to_s
     ACCOUNT_FLAGS_RE = /\A\[([NDHTUMWSLXI ]+)\]\z/
 
     module ClassMethods
+      def samba_object_class
+        "sambaSamAccount"
+      end
+
       def uid2rid(uid)
         uid = Integer(uid)
         if WELL_KNOWN_RIDS.include?(uid)
@@ -51,8 +56,8 @@ module ActiveSambaLdap
       end
 
       private
-      def default_classes
-        super + ["sambaSamAccount"]
+      def default_recommended_classes
+        super + [samba_object_class]
       end
 
       def primary_group_options(options)
@@ -61,8 +66,10 @@ module ActiveSambaLdap
 
       module PrimaryGroupProxy
         def replace(entry)
-          super
-          if @target
+          result = super
+          return result unless @owner.samba_available?
+
+          if @target and @target.samba_available?
             if @target.samba_sid.to_s.empty?
               raise GroupDoesNotHaveSambaSID.new(@target.gid_number)
             end
@@ -70,13 +77,15 @@ module ActiveSambaLdap
           else
             @owner.samba_primary_group_sid = nil
           end
-          entry
+
+          result
         end
       end
     end
 
     def fill_default_values(options={})
-      super
+      result = super
+      return result unless samba_available?
 
       self.samba_logon_time ||= "0"
       self.samba_logoff_time ||= FAR_FUTURE_TIME
@@ -116,45 +125,55 @@ module ActiveSambaLdap
     end
 
     def change_uid_number(uid, allow_non_unique=false)
-      super
+      result = super
+      return result unless samba_available?
+
       rid = self.class.uid2rid(uid_number.to_s)
       change_sid(rid, allow_non_unique)
     end
 
     def change_uid_number_by_rid(rid, allow_non_unique=false)
+      assert_samba_available
       change_uid_number(self.class.rid2uid(rid), allow_non_unique)
     end
 
     def change_sid(rid, allow_non_unique=false)
+      assert_samba_available
       sid = "#{self.class.configuration[:sid]}-#{rid}"
       # check_unique_sid_number(sid) unless allow_non_unique
       self.samba_sid = sid
     end
 
     def rid
+      assert_samba_available
       Integer(samba_sid.split(/-/).last)
     end
 
     def change_samba_password(password)
+      assert_samba_available
       self.samba_lm_password = Samba::Encrypt.lm_hash(password)
       self.samba_nt_password = Samba::Encrypt.ntlm_hash(password)
       self.samba_pwd_last_set = Time.now.to_i.to_s
     end
 
     def enable_password_change
+      assert_samba_available
       self.samba_pwd_can_change = "0"
     end
 
     def disable_password_change
+      assert_samba_available
       self.samba_pwd_can_change = FAR_FUTURE_TIME
     end
 
     def can_change_password?
+      assert_samba_available
       samba_pwd_can_change.nil? or
         Time.at(samba_pwd_can_change.to_i) <= Time.now
     end
 
     def enable_forcing_password_change
+      assert_samba_available
       self.samba_pwd_must_change = "0"
       if /X/ =~ samba_acct_flags.to_s
         self.samba_acct_flags = samba_acct_flags.sub(/X/, '')
@@ -165,22 +184,26 @@ module ActiveSambaLdap
     end
 
     def disable_forcing_password_change
+      assert_samba_available
       self.samba_pwd_must_change = FAR_FUTURE_TIME
     end
 
     def must_change_password?
+      assert_samba_available
       !(/X/ =~ samba_acct_flags.to_s or
         samba_pwd_must_change.nil? or
         Time.at(samba_pwd_must_change.to_i) > Time.now)
     end
 
     def enable
+      assert_samba_available
       if /D/ =~ samba_acct_flags.to_s
         self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
       end
     end
 
     def disable
+      assert_samba_available
       flags = ""
       if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
         flags = $1
@@ -190,10 +213,12 @@ module ActiveSambaLdap
     end
 
     def enabled?
+      assert_samba_available
       !disabled?
     end
 
     def disabled?
+      assert_samba_available
       (/D/ =~ samba_acct_flags.to_s) ? true : false
     end
   end

data/lib/active_samba_ldap/samba_entry.rb

@@ -0,0 +1,26 @@
+module ActiveSambaLdap
+  module SambaEntry
+    def samba_available?
+      classes.include?(samba_object_class)
+    end
+
+    def remove_samba_availability
+      remove_class(samba_object_class)
+    end
+
+    def ensure_samba_available
+      add_class(samba_object_class)
+    end
+
+    def samba_object_class
+      self.class.samba_object_class
+    end
+
+    private
+    def assert_samba_available
+      unless samba_available?
+        raise NotSambaAavialableError.new(self)
+      end
+    end
+  end
+end

data/lib/active_samba_ldap/{samba_group.rb → samba_group_entry.rb}

@@ -1,8 +1,13 @@
-require 'active_samba_ldap/group'
+require 'active_samba_ldap/samba_entry'
 
 module ActiveSambaLdap
-  class SambaGroup < Group
-    include Reloadable
+  module SambaGroupEntry
+    include SambaEntry
+
+    def self.included(base)
+      super
+      base.extend(ClassMethods)
+    end
 
     # from librpc/ndr/security.h in Samba
     SID_BUILTIN = "S-1-5-32"
@@ -52,7 +57,11 @@ module ActiveSambaLdap
       "builtin" => 5,
     }
 
-    class << self
+    module ClassMethods
+      def samba_object_class
+        "sambaGroupMapping"
+      end
+
       def gid2rid(gid)
         gid = Integer(gid)
         if WELL_KNOWN_RIDS.include?(gid)
@@ -76,28 +85,33 @@ module ActiveSambaLdap
       end
 
       private
-      def default_classes
-        super + ["sambaGroupMapping"]
+      def default_recommended_classes
+        super + [samba_object_class]
       end
     end
 
     def fill_default_values(options={})
-      change_type(options[:group_type] || "domain") unless samba_group_type
-      self.display_name ||= options[:display_name] || cn
+      if samba_available?
+        change_type(options[:group_type] || "domain") unless samba_group_type
+        self.display_name ||= options[:display_name] || cn
+      end
       super
     end
 
     def change_gid_number(gid, allow_non_unique=false)
-      super
+      result = super
+      return result unless samba_available?
       rid = self.class.gid2rid(gid_number.to_s)
       change_sid(rid, allow_non_unique)
     end
 
     def change_gid_number_by_rid(rid, allow_non_unique=false)
+      assert_samba_available
       change_gid_number(self.class.rid2gid(rid), allow_non_unique)
     end
 
     def change_sid(rid, allow_non_unique=false)
+      assert_samba_available
       if (LOCAL_ADMINS_RID..LOCAL_REPLICATORS_RID).include?(rid.to_i)
         sid = "#{SID_BUILTIN}-#{rid}"
       else
@@ -108,15 +122,17 @@ module ActiveSambaLdap
     end
 
     def rid
+      assert_samba_available
       Integer(samba_sid.split(/-/).last)
     end
 
     def change_type(type)
+      assert_samba_available
       normalized_type = type.to_s.downcase
       if TYPES.has_key?(normalized_type)
         type = TYPES[normalized_type]
       elsif TYPES.values.include?(type.to_i)
-	# pass
+        # pass
       else
         raise ArgumentError, "invalid type: #{type}"
       end