adap 0.1.11 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README_FOR_DEVELOPER.md +0 -3
- data/lib/adap/adap.rb +23 -24
- data/lib/adap/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c62c8b840a9a9edf3ee7c00ee5cdc2e3de3cb88bc65ae1460b6905bbc96a8157
|
4
|
+
data.tar.gz: 618edc59aaf5609604e7dbe506fc72837c6947129c8a8f10d16caa6ab6ce1a4b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dc72a01e77c6b0f3041478efa1deab153b794e933370fca14d0547a005470f0ba340e6a593c51fab5f2c07ab33a5cd4558a4ac5621157486a243de968205e299
|
7
|
+
data.tar.gz: 3473d75cb8d5d007c53ac799866bce4bc96df2b22ebe71e6ed11f4977a1e152ab80db4ff8b9e3cff8672954c78fb5b1b852d772b5dae710cb6c7d67e4afb8065
|
data/README_FOR_DEVELOPER.md
CHANGED
@@ -28,15 +28,12 @@ $ gh workflow run
|
|
28
28
|
? otp (required) // <- Input the OTP code
|
29
29
|
```
|
30
30
|
|
31
|
-
|
32
|
-
|
33
31
|
```
|
34
32
|
$ gh run list --workflow=release.yml
|
35
33
|
STATUS TITLE WORKFLOW BRANCH EVENT ID ELAPSED AGE
|
36
34
|
* Ruby Ruby master workflow_dispatch 12673039585 10s less than a minute ago
|
37
35
|
```
|
38
36
|
|
39
|
-
|
40
37
|
## For release (non-interactively)
|
41
38
|
You can also trigger the release workflow non-interactively.
|
42
39
|
|
data/lib/adap/adap.rb
CHANGED
@@ -19,8 +19,8 @@ class Adap
|
|
19
19
|
def initialize(params)
|
20
20
|
raise "Initialize Adap was failed. params must not be nil" if params == nil
|
21
21
|
|
22
|
-
[:ad_host, :
|
23
|
-
raise 'Adap requires keys in params ":ad_host", ":
|
22
|
+
[:ad_host, :ad_bind_dn, :ad_user_base_dn, :ad_group_base_dn, :ldap_host, :ldap_bind_dn, :ldap_user_base_dn, :ldap_group_base_dn].each { |k|
|
23
|
+
raise 'Adap requires keys in params ":ad_host", ":ad_bind_dn", ":ad_user_base_dn", ":ad_group_base_dn", ":ldap_host", ":ldap_bind_dn", ":ldap_user_base_dn", ":ldap_group_base_dn"' if !params.key?(k)
|
24
24
|
}
|
25
25
|
|
26
26
|
# List of attributes for user in AD
|
@@ -41,17 +41,16 @@ class Adap
|
|
41
41
|
|
42
42
|
@ad_host = params[:ad_host]
|
43
43
|
@ad_port = (params[:ad_port] ? params[:ad_port] : 389)
|
44
|
-
@
|
45
|
-
@
|
46
|
-
@
|
47
|
-
@ad_auth = (params.has_key?(:ad_password) ? { :method => :simple, :username => @
|
44
|
+
@ad_bind_dn = params[:ad_bind_dn]
|
45
|
+
@ad_user_base_dn = params[:ad_user_base_dn]
|
46
|
+
@ad_group_base_dn = params[:ad_group_base_dn]
|
47
|
+
@ad_auth = (params.has_key?(:ad_password) ? { :method => :simple, :username => @ad_bind_dn, :password => params[:ad_password] } : nil)
|
48
48
|
@ldap_host = params[:ldap_host]
|
49
49
|
@ldap_port = (params[:ldap_port] ? params[:ldap_port] : 389)
|
50
|
-
@
|
51
|
-
@
|
52
|
-
@
|
53
|
-
@
|
54
|
-
@ldap_auth = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_binddn, :password => params[:ldap_password] } : nil )
|
50
|
+
@ldap_bind_dn = params[:ldap_bind_dn]
|
51
|
+
@ldap_user_base_dn = params[:ldap_user_base_dn]
|
52
|
+
@ldap_group_base_dn = params[:ldap_group_base_dn]
|
53
|
+
@ldap_auth = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_bind_dn, :password => params[:ldap_password] } : nil )
|
55
54
|
|
56
55
|
# A password-hash algorithm to sync to the LDAP.
|
57
56
|
# Popular LDAP products like Open LDAP usually supports md5({MD5}), sha1({SHA}) and ssha({SSHA}) algorithms.
|
@@ -101,11 +100,11 @@ class Adap
|
|
101
100
|
end
|
102
101
|
|
103
102
|
def get_ad_user_dn(username)
|
104
|
-
"CN=#{username},#{@
|
103
|
+
"CN=#{username},#{@ad_user_base_dn}"
|
105
104
|
end
|
106
105
|
|
107
106
|
def get_ldap_user_dn(username)
|
108
|
-
"uid=#{username},#{@
|
107
|
+
"uid=#{username},#{@ldap_user_base_dn}"
|
109
108
|
end
|
110
109
|
|
111
110
|
def create_ldap_attributes(ad_entry)
|
@@ -342,26 +341,26 @@ class Adap
|
|
342
341
|
# Creating AD ldapsearch filter
|
343
342
|
|
344
343
|
ad_filter = if primary_gid_number == nil then
|
345
|
-
# TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@
|
344
|
+
# TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_base_dn}` is more accureate.
|
346
345
|
#Net::LDAP::Filter.construct(
|
347
|
-
# "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@
|
346
|
+
# "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_base_dn})(member=CN=#{uid},CN=Users,#{@ad_base_dn}))")
|
348
347
|
|
349
348
|
Net::LDAP::Filter.construct(
|
350
|
-
"(&(objectClass=group)(member=CN=#{uid},#{@
|
349
|
+
"(&(objectClass=group)(member=CN=#{uid},#{@ad_user_base_dn}))")
|
351
350
|
else
|
352
|
-
# TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@
|
351
|
+
# TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_base_dn}` is more accureate.
|
353
352
|
#Net::LDAP::Filter.construct(
|
354
|
-
# "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@
|
353
|
+
# "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_base_dn})(|(member=CN=#{uid},CN=Users,#{@ad_base_dn})(gidNumber=#{primary_gid_number})))")
|
355
354
|
|
356
355
|
Net::LDAP::Filter.construct(
|
357
|
-
"(&(objectClass=group)(|(member=CN=#{uid},#{@
|
356
|
+
"(&(objectClass=group)(|(member=CN=#{uid},#{@ad_user_base_dn})(gidNumber=#{primary_gid_number})))")
|
358
357
|
end
|
359
358
|
|
360
359
|
# Get groups from AD
|
361
360
|
# entry = {
|
362
361
|
# :gidnumber => xxx,
|
363
362
|
# }
|
364
|
-
@ad_client.search(:base => @
|
363
|
+
@ad_client.search(:base => @ad_group_base_dn, :filter => ad_filter, :attributes => [:cn, :gidnumber]) do |entry|
|
365
364
|
ad_group_map[entry[:cn].first] = {:gidnumber => entry[:gidnumber]}
|
366
365
|
#ad_group_map[entry[:cn]] = nil
|
367
366
|
end
|
@@ -377,7 +376,7 @@ class Adap
|
|
377
376
|
ldap_filter = Net::LDAP::Filter.construct("(memberUid=#{uid})")
|
378
377
|
|
379
378
|
# Get groups from LDAP
|
380
|
-
@ldap_client.search(:base => @
|
379
|
+
@ldap_client.search(:base => @ldap_group_base_dn, :filter => ldap_filter, :attributes => [:cn]) do |entry|
|
381
380
|
# Capture common name of groups. gidnumber is not necessary for LDAP entry
|
382
381
|
ldap_group_map[entry[:cn].first] = nil
|
383
382
|
end
|
@@ -416,7 +415,7 @@ class Adap
|
|
416
415
|
operation_pool = {}
|
417
416
|
|
418
417
|
ad_group_map.each_key do |key|
|
419
|
-
dn = "cn=#{key},#{@
|
418
|
+
dn = "cn=#{key},#{@ldap_group_base_dn}"
|
420
419
|
# Convert AD entries to LDAP entries to create operation to update LDAP data.
|
421
420
|
operation_pool[dn] = {
|
422
421
|
:cn => key,
|
@@ -426,7 +425,7 @@ class Adap
|
|
426
425
|
end
|
427
426
|
|
428
427
|
ldap_group_map.each_key do |key|
|
429
|
-
operation_pool["cn=#{key},#{@
|
428
|
+
operation_pool["cn=#{key},#{@ldap_group_base_dn}"] = {
|
430
429
|
# :cn and :gidnumber are not necessary
|
431
430
|
:operations => [[:delete, :memberuid, uid]]
|
432
431
|
} if !ad_group_map.has_key?(key)
|
@@ -555,7 +554,7 @@ class Adap
|
|
555
554
|
return nil if uid ==nil
|
556
555
|
primary_gid = nil
|
557
556
|
|
558
|
-
@ad_client.search(:base => "CN=#{uid},CN=Users,#{@
|
557
|
+
@ad_client.search(:base => "CN=#{uid},CN=Users,#{@ad_base_dn}") do |entry|
|
559
558
|
primary_gid = entry[:gidnumber].first
|
560
559
|
end
|
561
560
|
|
data/lib/adap/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: adap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 0.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tsutomu Nakamura
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2025-01-
|
11
|
+
date: 2025-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|