adap 0.0.13 → 0.0.15
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/adap/adap.rb +62 -20
- data/lib/adap/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2d6b9c74a5d53a24227c3753f17a5ae0cd6013dd462384eeaa264a36026e4c2f
|
4
|
+
data.tar.gz: 62080295b2ebfaac3831693a162300f9cea86066f614f6a5327b6f4149c6dfa5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4dd9414e4ca4340024de4bcf337f495c706fe3c482ac2eafcca491ca6a1445a248c36256a506cc16b4487594e3ecba5f7465a1be0571a70a3ccef9d6bee95f4e
|
7
|
+
data.tar.gz: e469a2cca56ea3c20eb4a25ff211d76d8a1f7daaed9f1b06e766fd840102e69125d92a667774fc6c0849d905179a62a89e6cac8769ed219a01a5cc208372a84d
|
data/lib/adap/adap.rb
CHANGED
@@ -2,12 +2,6 @@ require 'net-ldap'
|
|
2
2
|
|
3
3
|
class Adap
|
4
4
|
|
5
|
-
# :unixhomedirectory and :homedirectory are the attributes that has same meaning between AD and LDAP.
|
6
|
-
USER_REQUIRED_ATTRIBUTES = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :unixhomedirectory, :homedirectory]
|
7
|
-
#USER_REQUIRED_ATTRIBUTES = ['cn', 'sn', 'uid', 'uidNumber', 'gidNumber', 'homeDirectory', 'loginShell', 'gecos', 'givenName']
|
8
|
-
GROUP_OF_USER_REQUIRED_ATTRIBUTES = [:objectclass, :gidnumber, :cn, :description, :memberuid]
|
9
|
-
|
10
|
-
#
|
11
5
|
# params {
|
12
6
|
# :ad_host required IP or hostname of AD.
|
13
7
|
# :ad_port optional (default:389) Port of AD host.
|
@@ -24,11 +18,16 @@ class Adap
|
|
24
18
|
#
|
25
19
|
def initialize(params)
|
26
20
|
raise "Initialize Adap was failed. params must not be nil" if params == nil
|
27
|
-
|
21
|
+
|
28
22
|
[:ad_host, :ad_binddn, :ad_basedn, :ldap_host, :ldap_binddn, :ldap_basedn].each { |k|
|
29
23
|
raise 'Adap requires keys in params ":ad_host", ":ad_binddn", ":ad_basedn", ":ldap_host", ":ldap_binddn", ":ldap_basedn"' if !params.key?(k)
|
30
24
|
}
|
31
25
|
|
26
|
+
# List of attributes for user in AD
|
27
|
+
@ad_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :unixhomedirectory]
|
28
|
+
# List of attributes for user in LDAP
|
29
|
+
@ldap_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :homedirectory]
|
30
|
+
|
32
31
|
@ad_host = params[:ad_host]
|
33
32
|
@ad_port = (params[:ad_port] ? params[:ad_port] : 389)
|
34
33
|
@ad_binddn = params[:ad_binddn]
|
@@ -40,12 +39,37 @@ class Adap
|
|
40
39
|
@ldap_basedn = params[:ldap_basedn]
|
41
40
|
@ldap_user_basedn = params[:ldap_user_basedn]
|
42
41
|
@ldap_auth = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_binddn, :password => params[:ldap_password] } : nil )
|
42
|
+
# This attribute converted in generally ... :'msds-phoneticdisplayname' -> :'displayname;lang-ja;phonetic'
|
43
43
|
@password_hash_algorithm = (params[:password_hash_algorithm] ? params[:password_hash_algorithm] : 'virtualCryptSHA512')
|
44
44
|
|
45
|
+
# Phonetics are listed in https://lists.samba.org/archive/samba/2017-March/207308.html
|
46
|
+
@map_ad_msds_phonetics = {}
|
47
|
+
@map_ldap_msds_phonetics = {}
|
48
|
+
if params[:map_msds_phonetics] != nil
|
49
|
+
p = params[:map_msds_phonetics]
|
50
|
+
# msDS-PhoneticCompanyName => companyName;lang-ja;phonetic
|
51
|
+
create_map_phonetics(p, :'msds-phoneticcompanyname') if p[:'msds-phoneticcompanyname'] != nil
|
52
|
+
# msDS-PhoneticDepartment => department;lang-ja;phonetic
|
53
|
+
create_map_phonetics(p, :'msds-phoneticdepartment') if p[:'msds-phoneticdepartment'] != nil
|
54
|
+
# msDS-PhoneticFirstName => firstname;lang-ja;phonetic
|
55
|
+
create_map_phonetics(p, :'msds-phoneticfirstname') if p[:'msds-phoneticfirstname'] != nil
|
56
|
+
# msDS-PhoneticLastName => lastname;lang-ja;phonetic
|
57
|
+
create_map_phonetics(p, :'msds-phoneticlastname') if p[:'msds-phoneticlastname'] != nil
|
58
|
+
# msDS-PhoneticDisplayName => displayname;lang-ja;phonetic
|
59
|
+
create_map_phonetics(p, :'msds-phoneticdisplayname') if p[:'msds-phoneticdisplayname'] != nil
|
60
|
+
end
|
61
|
+
|
45
62
|
@ad_client = Adap::get_ad_client_instance(@ad_host, @ad_port, @ad_auth)
|
46
63
|
@ldap_client = Adap::get_ldap_client_instance(@ldap_host, @ldap_port, @ldap_auth)
|
47
64
|
end
|
48
65
|
|
66
|
+
private def create_map_phonetics(p, ad_phonetics)
|
67
|
+
@map_ad_msds_phonetics[ad_phonetics] = p[ad_phonetics]
|
68
|
+
@map_ldap_msds_phonetics[p[ad_phonetics]] = ad_phonetics
|
69
|
+
@ad_user_required_attributes.push(ad_phonetics)
|
70
|
+
@ldap_user_required_attributes.push(p[ad_phonetics])
|
71
|
+
end
|
72
|
+
|
49
73
|
def self.get_ad_client_instance(ad_host, ad_port, ad_auth)
|
50
74
|
Net::LDAP.new(:host => ad_host, :port => ad_port, :auth => ad_auth)
|
51
75
|
end
|
@@ -62,20 +86,24 @@ class Adap
|
|
62
86
|
"uid=#{username},ou=Users,#{@ldap_basedn}"
|
63
87
|
end
|
64
88
|
|
65
|
-
def create_ldap_attributes(
|
89
|
+
def create_ldap_attributes(ad_entry)
|
66
90
|
attributes = {
|
67
91
|
:objectclass => ["top", "person", "organizationalPerson", "inetOrgPerson", "posixAccount", "shadowAccount"]
|
68
92
|
}
|
69
93
|
|
70
|
-
|
94
|
+
ad_entry.each do |attribute, values|
|
71
95
|
# Change string to lower case symbols to compare each attributes correctly
|
72
|
-
|
96
|
+
sym_attribute = attribute.downcase.to_sym
|
73
97
|
|
74
|
-
if
|
75
|
-
if
|
98
|
+
if @ad_user_required_attributes.include?(sym_attribute) then
|
99
|
+
if sym_attribute == :unixhomedirectory then
|
76
100
|
attributes[:homedirectory] = values
|
101
|
+
elsif @map_ad_msds_phonetics.has_key?(sym_attribute) && ad_entry[attribute].length != 0
|
102
|
+
# entry always returns an array that length 0 if the attribute does not existed.
|
103
|
+
# So no need to check whether the ad_entry[attribute] is nil or not.
|
104
|
+
attributes[@map_ad_msds_phonetics[sym_attribute]] = values
|
77
105
|
else
|
78
|
-
attributes[
|
106
|
+
attributes[sym_attribute] = values
|
79
107
|
end
|
80
108
|
end
|
81
109
|
end
|
@@ -210,21 +238,35 @@ class Adap
|
|
210
238
|
|
211
239
|
ad_entry.each do |key, value|
|
212
240
|
ad_key_sym = key.downcase.to_sym
|
213
|
-
ldap_key
|
241
|
+
ldap_key = if ad_key_sym == :unixhomedirectory
|
242
|
+
:homedirectory
|
243
|
+
elsif @map_ad_msds_phonetics.has_key?(ad_key_sym)
|
244
|
+
@map_ad_msds_phonetics[ad_key_sym]
|
245
|
+
else
|
246
|
+
ad_key_sym
|
247
|
+
end
|
214
248
|
ldap_key_sym = ldap_key.downcase.to_sym
|
215
249
|
|
216
|
-
|
217
|
-
|
250
|
+
# TODO: Can @ad_user_required_attributes.include? be put more early line?
|
251
|
+
if @ad_user_required_attributes.include?(ad_key_sym) && value != ldap_entry[ldap_key]
|
252
|
+
#next if value == ldap_entry[ldap_key]
|
218
253
|
operations.push((ldap_entry[ldap_key] != nil ? [:replace, ldap_key_sym, value] : [:add, ldap_key_sym, value]))
|
219
254
|
end
|
220
255
|
end
|
221
256
|
|
222
257
|
ldap_entry.each do |key, value|
|
223
258
|
ldap_key_sym = key.downcase.to_sym
|
224
|
-
ad_key = (ldap_key_sym != :homedirectory ? ldap_key_sym : :unixhomedirectory)
|
225
|
-
|
226
|
-
|
227
|
-
|
259
|
+
#ad_key = (ldap_key_sym != :homedirectory ? ldap_key_sym : :unixhomedirectory)
|
260
|
+
ad_key = if ldap_key_sym == :homedirectory
|
261
|
+
:unixhomedirectory
|
262
|
+
elsif @map_ldap_msds_phonetics.has_key?(ldap_key_sym)
|
263
|
+
@map_ldap_msds_phonetics[ldap_key_sym]
|
264
|
+
else
|
265
|
+
ldap_key_sym
|
266
|
+
end
|
267
|
+
|
268
|
+
if @ldap_user_required_attributes.include?(ldap_key_sym) && ad_entry[ad_key] == nil
|
269
|
+
operations.push([:delete, ldap_key_sym, nil])
|
228
270
|
end
|
229
271
|
end
|
230
272
|
|
data/lib/adap/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: adap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.15
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tsutomu Nakamura
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-02-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|