RubyGems - activesambaldap - Versions diffs - 0.0.7 → 0.0.8 - Mend

activesambaldap 0.0.7 → 0.0.8

Files changed (101) hide show

data/NEWS.en +10 -1
data/NEWS.ja +10 -1
data/README.en +10 -3
data/README.ja +10 -3
data/Rakefile +3 -4
data/data/locale/ja/LC_MESSAGES/active-samba-ldap.mo +0 -0
data/example/asl-admin/README +243 -0
data/example/asl-admin/Rakefile +10 -0
data/example/asl-admin/app/controllers/application_controller.rb +10 -0
data/example/asl-admin/app/controllers/samba_controller.rb +12 -0
data/example/asl-admin/app/helpers/application_helper.rb +3 -0
data/example/asl-admin/app/helpers/samba_helper.rb +2 -0
data/example/asl-admin/app/models/computer.rb +3 -0
data/example/asl-admin/app/models/dc.rb +3 -0
data/example/asl-admin/app/models/group.rb +3 -0
data/example/asl-admin/app/models/idmap.rb +3 -0
data/example/asl-admin/app/models/ou.rb +3 -0
data/example/asl-admin/app/models/unix_id_pool.rb +3 -0
data/example/asl-admin/app/models/user.rb +3 -0
data/example/asl-admin/app/views/samba/index.html.erb +17 -0
data/example/asl-admin/app/views/samba/populate.html.erb +15 -0
data/example/asl-admin/app/views/samba/purge.html.erb +10 -0
data/example/asl-admin/config/boot.rb +110 -0
data/example/asl-admin/config/database.yml +22 -0
data/example/asl-admin/config/environment.rb +48 -0
data/example/asl-admin/config/environments/development.rb +17 -0
data/example/asl-admin/config/environments/production.rb +28 -0
data/example/asl-admin/config/environments/test.rb +28 -0
data/example/asl-admin/config/initializers/backtrace_silencers.rb +7 -0
data/example/asl-admin/config/initializers/inflections.rb +10 -0
data/example/asl-admin/config/initializers/mime_types.rb +5 -0
data/example/asl-admin/config/initializers/new_rails_defaults.rb +19 -0
data/example/asl-admin/config/initializers/session_store.rb +15 -0
data/example/asl-admin/config/ldap.yml.sample +24 -0
data/example/asl-admin/config/locales/en.yml +5 -0
data/example/asl-admin/config/routes.rb +43 -0
data/example/asl-admin/log/test.log +5 -0
data/example/asl-admin/public/404.html +30 -0
data/example/asl-admin/public/422.html +30 -0
data/example/asl-admin/public/500.html +30 -0
data/example/asl-admin/public/favicon.ico +0 -0
data/example/asl-admin/public/images/rails.png +0 -0
data/example/asl-admin/public/index.html +275 -0
data/example/asl-admin/public/javascripts/application.js +2 -0
data/example/asl-admin/public/javascripts/controls.js +963 -0
data/example/asl-admin/public/javascripts/dragdrop.js +973 -0
data/example/asl-admin/public/javascripts/effects.js +1128 -0
data/example/asl-admin/public/javascripts/prototype.js +4320 -0
data/example/asl-admin/public/robots.txt +5 -0
data/example/asl-admin/script/about +4 -0
data/example/asl-admin/script/console +3 -0
data/example/asl-admin/script/dbconsole +3 -0
data/example/asl-admin/script/destroy +3 -0
data/example/asl-admin/script/generate +3 -0
data/example/asl-admin/script/performance/benchmarker +3 -0
data/example/asl-admin/script/performance/profiler +3 -0
data/example/asl-admin/script/plugin +3 -0
data/example/asl-admin/script/runner +3 -0
data/example/asl-admin/script/server +3 -0
data/example/asl-admin/test/performance/browsing_test.rb +9 -0
data/example/asl-admin/test/test_helper.rb +38 -0
data/lib/active_samba_ldap.rb +1 -1
data/lib/active_samba_ldap/account_entry.rb +17 -9
data/lib/active_samba_ldap/active_directory.rb +66 -0
data/lib/active_samba_ldap/base.rb +8 -0
data/lib/active_samba_ldap/computer.rb +1 -0
data/lib/active_samba_ldap/configuration.rb +32 -4
data/lib/active_samba_ldap/entry.rb +48 -0
data/lib/active_samba_ldap/group_entry.rb +8 -8
data/lib/active_samba_ldap/populate.rb +1 -0
data/lib/active_samba_ldap/samba_account_entry.rb +31 -14
data/lib/active_samba_ldap/samba_computer_account_entry.rb +18 -0
data/lib/active_samba_ldap/samba_entry.rb +6 -5
data/lib/active_samba_ldap/samba_group_entry.rb +22 -13
data/lib/active_samba_ldap/version.rb +1 -1
data/po/active-samba-ldap.pot +463 -0
data/po/ja/active-samba-ldap.po +15 -11
data/rails/init.rb +1 -18
data/rails_generators/scaffold_active_samba_ldap/scaffold_active_samba_ldap_generator.rb +4 -3
data/rails_generators/scaffold_active_samba_ldap/templates/computer.rb +1 -1
data/rails_generators/scaffold_active_samba_ldap/templates/group.rb +1 -1
data/rails_generators/scaffold_active_samba_ldap/templates/{samba_index.rhtml → samba_index.html.erb} +0 -0
data/rails_generators/scaffold_active_samba_ldap/templates/{samba_populate.rhtml → samba_populate.html.erb} +0 -0
data/rails_generators/scaffold_active_samba_ldap/templates/{samba_purge.rhtml → samba_purge.html.erb} +0 -0
data/rails_generators/scaffold_active_samba_ldap/templates/user.rb +1 -1
data/test-unit/History.txt +1 -1
data/test-unit/README.txt +1 -1
data/test-unit/lib/test/unit/assertions.rb +1 -1
data/test-unit/lib/test/unit/autorunner.rb +19 -4
data/test-unit/lib/test/unit/collector/load.rb +3 -1
data/test-unit/lib/test/unit/color-scheme.rb +5 -1
data/test-unit/lib/test/unit/error.rb +7 -5
data/test-unit/lib/test/unit/runner/tap.rb +8 -0
data/test-unit/lib/test/unit/ui/console/testrunner.rb +63 -8
data/test-unit/lib/test/unit/ui/tap/testrunner.rb +92 -0
data/test-unit/test/collector/test-load.rb +1 -5
data/test-unit/test/test-color-scheme.rb +4 -0
data/test/command.rb +8 -3
data/test/run-test.rb +4 -1
data/test/test_asl_useradd.rb +2 -2
metadata +81 -20

data/example/asl-admin/public/robots.txt ADDED Viewed

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/example/asl-admin/script/about ADDED Viewed

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+$LOAD_PATH.unshift "#{RAILTIES_PATH}/builtin/rails_info"
+require 'commands/about'

data/example/asl-admin/script/console ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/console'

data/example/asl-admin/script/dbconsole ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/dbconsole'

data/example/asl-admin/script/destroy ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/destroy'

data/example/asl-admin/script/generate ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/generate'

data/example/asl-admin/script/performance/benchmarker ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../../config/boot'
+require 'commands/performance/benchmarker'

data/example/asl-admin/script/performance/profiler ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../../config/boot'
+require 'commands/performance/profiler'

data/example/asl-admin/script/plugin ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/plugin'

data/example/asl-admin/script/runner ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/runner'

data/example/asl-admin/script/server ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require File.dirname(__FILE__) + '/../config/boot'
+require 'commands/server'

data/example/asl-admin/test/performance/browsing_test.rb ADDED Viewed

@@ -0,0 +1,9 @@
+require 'test_helper'
+require 'performance_test_help'
+# Profiling results for each test method are written to tmp/performance.
+class BrowsingTest < ActionController::PerformanceTest
+  def test_homepage
+    get '/'
+  end
+end

data/example/asl-admin/test/test_helper.rb ADDED Viewed

@@ -0,0 +1,38 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path(File.dirname(__FILE__) + "/../config/environment")
+require 'test_help'
+class ActiveSupport::TestCase
+  # Transactional fixtures accelerate your tests by wrapping each test method
+  # in a transaction that's rolled back on completion.  This ensures that the
+  # test database remains unchanged so your fixtures don't have to be reloaded
+  # between every test method.  Fewer database queries means faster tests.
+  #
+  # Read Mike Clark's excellent walkthrough at
+  #   http://clarkware.com/cgi/blosxom/2005/10/24#Rails10FastTesting
+  #
+  # Every Active Record database supports transactions except MyISAM tables
+  # in MySQL.  Turn off transactional fixtures in this case; however, if you
+  # don't care one way or the other, switching from MyISAM to InnoDB tables
+  # is recommended.
+  #
+  # The only drawback to using transactional fixtures is when you actually
+  # need to test transactions.  Since your test is bracketed by a transaction,
+  # any transactions started in your code will be automatically rolled back.
+  self.use_transactional_fixtures = true
+  # Instantiated fixtures are slow, but give you @david where otherwise you
+  # would need people(:david).  If you don't want to migrate your existing
+  # test cases which use the @david style and don't mind the speed hit (each
+  # instantiated fixtures translates to a database query per test method),
+  # then set this back to true.
+  self.use_instantiated_fixtures  = false
+  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherit this setting
+  fixtures :all
+  # Add more helper methods to be used by all tests here...
+end

data/lib/active_samba_ldap.rb CHANGED Viewed

@@ -8,7 +8,7 @@ require_gem_if_need = Proc.new do |library_name, gem_name, *options|
   end
 end
-required_active_ldap_version = ">= 1.1.0"
+required_active_ldap_version = ">= 1.2.0"
 require_gem_if_need.call("active_ldap", "activeldap",
                          required_active_ldap_version)

data/lib/active_samba_ldap/account_entry.rb CHANGED Viewed

@@ -28,10 +28,18 @@ module ActiveSambaLdap
         find(:first, :filter => "(#{attribute}=#{value})")
       end
+      def unix_object_classes
+        if samba4?
+          samba_object_classes
+        else
+          ["inetOrgPerson", "posixAccount"]
+        end
+      end
       private
       def default_options
         {
-          :dn_attribute => "uid",
+          :dn_attribute => default_dn_attribute,
           :ldap_scope => :sub,
           :primary_group_class => default_group_class,
           :primary_group_foreign_key => "gidNumber",
@@ -44,16 +52,16 @@ module ActiveSambaLdap
         }
       end
-      def default_group_class
-        "Group"
-      end
-      def default_classes
-        ["top", "inetOrgPerson", "posixAccount"]
+      def default_dn_attribute
+        if samba4?
+          "cn"
+        else
+          "uid"
+        end
       end
-      def default_recommended_classes
-        []
+      def default_group_class
+        "Group"
       end
       def primary_group_options(options)

data/lib/active_samba_ldap/active_directory.rb ADDED Viewed

@@ -0,0 +1,66 @@
+module ActiveSambaLdap
+  module ActiveDirectory
+    module UserAccountControl
+      # http://support.microsoft.com/kb/305144/ja
+      SCRIPT = 0x0001
+      ACCOUNTDISABLE = 0x0002
+      ACCOUNT_DISABLE = ACCOUNTDISABLE
+      HOMEDIR_REQUIRED = 0x0008
+      HOME_DIRECTORY_REQUIRED = HOMEDIR_REQUIRED
+      LOCKOUT = 0x0010
+      PASSWD_NOTREQD = 0x0020
+      PASSWORD_NOT_REQUIRED = PASSWD_NOTREQD
+      # To modify this property, see
+      # http://msdn.microsoft.com/en-us/library/aa746398(VS.85).aspx
+      PASSWD_CANT_CHANGE = 0x0040
+      PASSWORD_CANT_CHANGE = PASSWD_CANT_CHANGE
+      ENCRYPTED_TEXT_PWD_ALLOWED = 0x0080
+      ENCRYPTED_TEXT_PASSWORD_ALLOWED = ENCRYPTED_TEXT_PWD_ALLOWED
+      TEMP_DUPLICATE_ACCOUNT = 0x0100
+      NORMAL_ACCOUNT = 0x0200
+      INTERDOMAIN_TRUST_ACCOUNT = 0x0800
+      WORKSTATION_TRUST_ACCOUNT = 0x1000
+      SERVER_TRUST_ACCOUNT = 0x2000
+      DONT_EXPIRE_PASSWORD = 0x10000
+      MNS_LOGON_ACCOUNT = 0x20000
+      SMARTCARD_REQUIRED = 0x40000
+      SMART_CARD_REQUIRED = SMARTCARD_REQUIRED
+      TRUSTED_FOR_DELEGATION = 0x80000
+      NOT_DELEGATED = 0x100000
+      USE_DES_KEY_ONLY = 0x200000
+      DONT_REQ_PREAUTH = 0x400000
+      DONT_REQUIRE_PREAUTH = DONT_REQ_PREAUTH
+      PASSWORD_EXPIRED = 0x800000
+      TRUSTED_TO_AUTH_FOR_DELEGATION = 0x1000000
+    end
+    module GroupType
+      GLOBAL_GROUP = 0x2
+      DOMAIN_LOCAL_GROUP = 0x4
+      UNIVERSAL_GROUP = 0x8
+      SECURITY_ENABLED = 0x80000000
+      module_function
+      def resolve(name, security_enabled=true)
+        type = 0
+        case name.to_s
+        when "global"
+          type = GLOBAL_GROUP
+        when /\Adomain[-_]local\z/
+          type = DOMAIN_LOCAL_GROUP
+        when "universal"
+          type = UNIVERSAL_GROUP
+        else
+          # TODO: I18N
+          raise ArgumentError, "unknown group type: #{name.inspect}: " +
+                               "available: [:global, :domain_local, :universal]"
+        end
+        type |= SECURITY_ENABLED if security_enabled
+        [type].pack("L").unpack("l")[0]
+      end
+    end
+  end
+end

data/lib/active_samba_ldap/base.rb CHANGED Viewed

@@ -112,6 +112,14 @@ module ActiveSambaLdap
     end
   end
+  class NotUnixAavialableError < Error
+    attr_reader :object
+    def initialize(object)
+      @object = object
+      super(_("%s is not UNIX available") % [object.inspect])
+    end
+  end
   class Base < ActiveLdap::Base
     include Reloadable

data/lib/active_samba_ldap/computer.rb CHANGED Viewed

@@ -15,6 +15,7 @@ module ActiveSambaLdap
     include AccountEntry
     include ComputerAccountEntry
     include SambaAccountEntry
+    include SambaComputerAccountEntry
     private
     def default_account_flags

data/lib/active_samba_ldap/configuration.rb CHANGED Viewed

@@ -99,7 +99,9 @@ module ActiveSambaLdap
                        skeleton_directory
                        default_user_gid default_computer_gid
-                       default_max_password_age)
+                       default_max_password_age
+                       samba4)
         class << self
           def required_variables
@@ -206,16 +208,33 @@ module ActiveSambaLdap
         end
         def users_suffix
-          retrieve_value_from_smb_conf(/ldap\s+user\s+suffix/i) || "ou=Users"
+          suffix = retrieve_value_from_smb_conf(/ldap\s+user\s+suffix/i)
+          return suffix if suffix
+          if self[:samba4]
+            "cn=Users"
+          else
+            "ou=Users"
+          end
         end
         def groups_suffix
-          retrieve_value_from_smb_conf(/ldap\s+group\s+suffix/i) || "ou=Groups"
+          suffix = retrieve_value_from_smb_conf(/ldap\s+group\s+suffix/i)
+          return suffix if suffix
+          if self[:samba4]
+            "cn=Users"
+          else
+            "ou=Groups"
+          end
         end
         def computers_suffix
-          retrieve_value_from_smb_conf(/ldap\s+machine\s+suffix/i) ||
+          suffix = retrieve_value_from_smb_conf(/ldap\s+machine\s+suffix/i)
+          return suffix if suffix
+          if self[:samba4]
+            "cn=Computers"
+          else
             "ou=Computers"
+          end
         end
         def idmap_suffix
@@ -301,6 +320,15 @@ module ActiveSambaLdap
           type.to_s.downcase.to_sym
         end
+        def samba4
+          smb_conf = self[:smb_conf]
+          if smb_conf and /^\s*server\s*role\s*=/ =~ File.read(smb_conf)
+            true
+          else
+            false
+          end
+        end
         AVAILABLE_HASH_TYPES = [:crypt, :md5, :smd5, :sha, :ssha]
         def validate_password_hash_type(type)
           unless AVAILABLE_HASH_TYPES.include?(type)

data/lib/active_samba_ldap/entry.rb CHANGED Viewed

@@ -28,7 +28,27 @@ module ActiveSambaLdap
         entry
       end
+      def samba4?
+        configuration[:samba4]
+      end
       private
+      def default_classes
+        if samba4?
+          samba_object_classes
+        else
+          unix_object_classes
+        end
+      end
+      def default_recommended_classes
+        if samba4?
+          []
+        else
+          samba_object_classes
+        end
+      end
       def ensure_ou(dn)
         return if dn.nil?
         dn_value, ou = dn.split(/,/, 2)
@@ -77,5 +97,33 @@ module ActiveSambaLdap
         pool
       end
     end
+    def samba4?
+      self.class.samba4?
+    end
+    def unix_available?
+      (unix_object_classes - classes).empty?
+    end
+    def remove_unix_availability
+      remove_class(*unix_object_classes)
+    end
+    def ensure_unix_availability
+      add_class(*unix_object_classes)
+    end
+    def unix_object_classes
+      self.class.unix_object_classes
+    end
+    private
+    def assert_unix_available
+      return unless samba4?
+      unless unix_available?
+        raise NotUnixAavialableError.new(self)
+      end
+    end
   end
 end

data/lib/active_samba_ldap/group_entry.rb CHANGED Viewed

@@ -33,6 +33,14 @@ module ActiveSambaLdap
         find(:first, :filter => ["gidNumber", Integer(number)])
       end
+      def unix_object_classes
+        if samba4?
+          samba_object_classes
+        else
+          ["posixGroup"]
+        end
+      end
       private
       def default_options
         {
@@ -52,14 +60,6 @@ module ActiveSambaLdap
         }
       end
-      def default_classes
-        ["top", "posixGroup"]
-      end
-      def default_recommended_classes
-        []
-      end
       def default_user_class
         "User"
       end

data/lib/active_samba_ldap/populate.rb CHANGED Viewed

@@ -95,6 +95,7 @@ module ActiveSambaLdap
         end
         def ensure_container_base(dn, target_name, klass, ignore_base=false)
+          dn = dn.to_s if dn.is_a?(ActiveLdap::DN)
           entries = []
           suffixes = []
           dn.split(/,/).reverse_each do |suffix|

data/lib/active_samba_ldap/samba_account_entry.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require 'active_samba_ldap/active_directory'
 module ActiveSambaLdap
   module SambaAccountEntry
     def self.included(base)
@@ -29,8 +31,12 @@ module ActiveSambaLdap
     ACCOUNT_FLAGS_RE = /\A\[([NDHTUMWSLXI ]+)\]\z/
     module ClassMethods
-      def samba_object_class
-        "sambaSamAccount"
+      def samba_object_classes
+        if samba4?
+          ["person", "organizationalPerson", "user"]
+        else
+          ["sambaSamAccount"]
+        end
       end
       def uid2rid(uid)
@@ -56,10 +62,6 @@ module ActiveSambaLdap
       end
       private
-      def default_recommended_classes
-        super + [samba_object_class]
-      end
       def primary_group_options(options)
         super.merge(:extend => PrimaryGroupProxy)
       end
@@ -197,19 +199,29 @@ module ActiveSambaLdap
     def enable
       assert_samba_available
-      if /D/ =~ samba_acct_flags.to_s
-        self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
+      if samba4?
+        self.user_account_control -=
+          ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE
+      else
+        if /D/ =~ samba_acct_flags.to_s
+          self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
+        end
       end
     end
     def disable
       assert_samba_available
-      flags = ""
-      if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
-        flags = $1
-        return if /D/ =~ flags
+      if samba4?
+        self.user_account_control +=
+          ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE
+      else
+        flags = ""
+        if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
+          flags = $1
+          return if /D/ =~ flags
+        end
+        self.samba_acct_flags = "[D#{flags}]"
       end
-      self.samba_acct_flags = "[D#{flags}]"
     end
     def enabled?
@@ -219,7 +231,12 @@ module ActiveSambaLdap
     def disabled?
       assert_samba_available
-      (/D/ =~ samba_acct_flags.to_s) ? true : false
+      if samba4?
+        not (user_account_control &
+             ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE).zero?
+      else
+        (/D/ =~ samba_acct_flags.to_s) ? true : false
+      end
     end
   end
 end