adap 0.1.3 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5902e0cff391896473b36f3c70291da1f649517ecb9086e0876d795602d961de
-  data.tar.gz: f4779fef13ca503c0a1529a6f128e11306202d0e822a4b77038e7738e75624f0
+  metadata.gz: 6062f55568a4d2f91e7ede91b7419827b7767033adcbf264d8d8cbd64e8533f2
+  data.tar.gz: 47ae89751e819d81ed42bcb13dcbd967221ba45cf62c9e0d7aa77bfcbff48c03
 SHA512:
-  metadata.gz: f70534ab1eb79938881066d121514c9f04f20fd9e9e8fed3852399fcf7d9d746ec678fcb883d878f12b91bc5e77036e62cca836412ea02e15715b37a2cf1b637
-  data.tar.gz: 17c77cb0d8748dd3eb0cc07903458bde6cdc66679513f411aedc590b91be2b27df4022853ea67bf77b514d2666e6ff1a6ca910f3548fed0d9958a1af51c962ce
+  metadata.gz: ce373202bef4eff421528e8de4dcc56d19960834c31573f9d8d04db3f070d86f31bcdd5892c6081edbd5733fc4ee9ca4087e04aa99132201f885e5f443d89543
+  data.tar.gz: f07477a60bced73b4a28e9d9b5e65f42043f781a92300bad8f5820d10d134bdbd6a19c390d00dc9b43f2b1ef07e289723331a648a4b6367d0036107fd27c61d3

data/.github/workflows/ruby.yml

@@ -0,0 +1,66 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    tags: ["v*"]
+    branches: [ "master", "develop" ]
+  pull_request:
+    branches: [ "master" ]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+
+    strategy:
+      fail-fast: false
+      matrix:
+        #os: [ubuntu-latest]
+        os: [ubuntu-24.04]
+        # Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
+        ruby: ['3.3']
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - name: Print variables that will be used
+      run: |
+        # You can list GitHub Actionses variables with a command below.
+        # $ grep -oP '\$\{\{.*?\}\}' .github/workflows/docker-image.yml | sort | uniq
+        echo env.dest_repository_name=${{ env.dest_repository_name }}
+        echo env.dest_repository_owner_name=${{ env.dest_repository_owner_name }}
+        echo github.event.repository.name=${{ github.event.repository.name }}
+        echo github.event.repository.owner.name=${{ github.event.repository.owner.name }}
+
+    - name: Check out ${{ github.event.repository.owner.name }}/${{ github.event.repository.name }}
+      uses: actions/checkout@v4
+      with:
+        path: ${{ github.event.repository.name }}
+
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+      uses: ruby/setup-ruby@v1
+      #uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
+      with:
+        ruby-version: ${{ matrix.ruby }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+
+    - name: Run tests
+      run: |
+        cd ${GITHUB_WORKSPACE}/${{ github.event.repository.name }}
+        bundle install --retry 3
+        bundle exec rake
+
+    - name: Push to rubygems.org
+      if: startsWith(github.ref, 'refs/tags/v')
+      run: |
+        echo "DEMO: Push to rubygems.org"
+

data/Gemfile

@@ -1,12 +1,17 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
-# Specify your gem's dependencies in adap.gemspec
-gemspec
+# gem "rails"
 
 gem "unix-crypt", "~> 1.3"
 
-gem "net-ldap", "~> 0.16.2"
+gem "net-ldap", "~> 0.19.0"
+
+gem "mocha", "~> 2.7"
+
+gem "rake", "~> 13.2"
 
-gem "mocha", "~> 1.10"
+gem "base64", "~> 0.2.0"
 
-gem "rake", "~> 13.0"
+gem "minitest", "~> 5.25"

data/Gemfile.lock

@@ -1,28 +1,26 @@
-PATH
-  remote: .
-  specs:
-    adap (0.0.16)
-
 GEM
   remote: https://rubygems.org/
   specs:
-    minitest (5.14.0)
-    mocha (1.11.2)
-    net-ldap (0.16.2)
-    rake (13.0.1)
-    unix-crypt (1.3.0)
+    base64 (0.2.0)
+    minitest (5.25.4)
+    mocha (2.7.1)
+      ruby2_keywords (>= 0.0.5)
+    net-ldap (0.19.0)
+    rake (13.2.1)
+    ruby2_keywords (0.0.5)
+    unix-crypt (1.3.1)
 
 PLATFORMS
   ruby
+  x86_64-linux
 
 DEPENDENCIES
-  adap!
-  bundler (~> 2.0)
-  minitest (~> 5.0)
-  mocha (~> 1.10)
-  net-ldap (~> 0.16.2)
-  rake (~> 13.0)
+  base64 (~> 0.2.0)
+  minitest (~> 5.25)
+  mocha (~> 2.7)
+  net-ldap (~> 0.19.0)
+  rake (~> 13.2)
   unix-crypt (~> 1.3)
 
 BUNDLED WITH
-   2.1.4
+   2.5.22

data/README.md

@@ -61,6 +61,8 @@ Attributes to be synched by default are like below.
 | givenName               | → | givenName                 |      |
 | description             | → | description               |      |
 | mail                    | → | mail                      |      |
+| businessCategory        | → | businessCategory          |      |
+| employeeType            | → | employeeType              |      |
 | employeeNumber          | → | employeeNumber            |      |
 | unixHomeDirectory       | → | homeDirectory             | Synched by different names of attributes between AD and LDAP |
 | -                       | → | userPassword              | Password of users also will be synched with some limitations |

data/lib/adap/adap.rb

@@ -19,14 +19,14 @@ class Adap
   def initialize(params)
     raise "Initialize Adap was failed. params must not be nil" if params == nil
 
-    [:ad_host, :ad_binddn, :ad_basedn, :ldap_host, :ldap_binddn, :ldap_basedn].each { |k|
-      raise 'Adap requires keys in params ":ad_host", ":ad_binddn", ":ad_basedn", ":ldap_host", ":ldap_binddn", ":ldap_basedn"' if !params.key?(k)
+    [:ad_host, :ad_binddn, :ad_user_basedn, :ad_group_basedn, :ldap_host, :ldap_binddn, :ldap_user_basedn, :ldap_group_basedn].each { |k|
+      raise 'Adap requires keys in params ":ad_host", ":ad_binddn", ":ad_user_basedn", ":ad_group_basedn", ":ldap_host", ":ldap_binddn", ":ldap_user_basedn", ":ldap_group_basedn"' if !params.key?(k)
     }
 
     # List of attributes for user in AD
-    @ad_user_required_attributes   = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :employeenumber, :businesscategory, :employeeType, :unixhomedirectory]
+    @ad_user_required_attributes   = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :employeenumber, :businesscategory, :employeetype, :unixhomedirectory]
     # List of attributes for user in LDAP
-    @ldap_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :employeenumber, :businesscategory, :employeeType, :homedirectory]
+    @ldap_user_required_attributes = [:cn, :sn, :uid, :uidnumber, :gidnumber, :displayname, :loginshell, :gecos, :givenname, :description, :mail, :employeenumber, :businesscategory, :employeetype, :homedirectory]
 
     # List of supported hash algorithms keys and string values to operate
     @supported_hash_algorithms_map = {
@@ -42,14 +42,15 @@ class Adap
     @ad_host                  = params[:ad_host]
     @ad_port                  = (params[:ad_port] ? params[:ad_port] : 389)
     @ad_binddn                = params[:ad_binddn]
-    @ad_basedn                = params[:ad_basedn]
+    @ad_user_basedn           = params[:ad_user_basedn]
+    @ad_group_basedn          = params[:ad_group_basedn]
     @ad_auth                  = (params.has_key?(:ad_password) ? { :method => :simple, :username => @ad_binddn, :password => params[:ad_password] } : nil)
     @ldap_host                = params[:ldap_host]
     @ldap_port                = (params[:ldap_port] ? params[:ldap_port] : 389)
     @ldap_binddn              = params[:ldap_binddn]
-    @ldap_suffix_ou           = (params[:ldap_suffix_ou] ? params[:ldap_suffix_ou] : "ou=Users")
     @ldap_basedn              = params[:ldap_basedn]
     @ldap_user_basedn         = params[:ldap_user_basedn]
+    @ldap_group_basedn        = params[:ldap_group_basedn]
     @ldap_auth                = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_binddn, :password => params[:ldap_password] } : nil )
 
     # A password-hash algorithm to sync to the LDAP.
@@ -99,12 +100,12 @@ class Adap
     Net::LDAP.new(:host => ldap_host, :port => ldap_port, :auth => ldap_auth)
   end
 
-  def get_ad_dn(username)
-    "CN=#{username},CN=Users,#{@ad_basedn}"
+  def get_ad_user_dn(username)
+    "CN=#{username},#{@ad_user_basedn}"
   end
 
-  def get_ldap_dn(username)
-    "uid=#{username},#{@ldap_suffix_ou},#{@ldap_basedn}"
+  def get_ldap_user_dn(username)
+    "uid=#{username},#{@ldap_user_basedn}"
   end
 
   def create_ldap_attributes(ad_entry)
@@ -159,13 +160,13 @@ class Adap
   end
 
   def sync_user(uid, password=nil)
-    ad_entry    = nil
-    ldap_entry  = nil
-    ad_dn       = get_ad_dn(uid)
-    ldap_dn     = get_ldap_dn(uid)
+    ad_entry        = nil
+    ldap_entry      = nil
+    ad_user_dn      = get_ad_user_dn(uid)
+    ldap_user_dn    = get_ldap_user_dn(uid)
 
     # dn: CN=user-name,CN=Users,DC=mysite,DC=example,DC=com
-    @ad_client.search(:base => ad_dn) do |entry|
+    @ad_client.search(:base => ad_user_dn) do |entry|
       ad_entry = entry
     end
     ret_code = @ad_client.get_operation_result.code
@@ -174,10 +175,10 @@ class Adap
     return {
       :code => ret_code,
       :operations => nil,
-      :message => "Failed to get a user #{ad_dn} from AD - " + @ad_client.get_operation_result.error_message
+      :message => "Failed to get a user #{ad_user_dn} from AD - " + @ad_client.get_operation_result.error_message
     } if ret_code != 0 && ret_code != 32
 
-    @ldap_client.search(:base => ldap_dn) do |entry|
+    @ldap_client.search(:base => ldap_user_dn) do |entry|
       ldap_entry = entry
     end
     ret_code = @ldap_client.get_operation_result.code
@@ -185,17 +186,17 @@ class Adap
     return {
       :code => ret_code,
       :operations => nil,
-      :message => "Failed to get a user #{ldap_dn} from LDAP - " + @ldap_client.get_operation_result.error_message
+      :message => "Failed to get a user #{ldap_user_dn} from LDAP - " + @ldap_client.get_operation_result.error_message
     } if ret_code != 0 && ret_code != 32
 
     ret = nil
     if !ad_entry.nil? and ldap_entry.nil? then
-      ret = add_user(ldap_dn, ad_entry, get_password_hash(uid, password))
+      ret = add_user(ldap_user_dn, ad_entry, get_password_hash(uid, password))
     elsif ad_entry.nil? and !ldap_entry.nil? then
-      ret = delete_user(ldap_dn)
+      ret = delete_user(ldap_user_dn)
     elsif !ad_entry.nil? and !ldap_entry.nil? then
       ret = modify_user(
-        ldap_dn,
+        ldap_user_dn,
         ad_entry,
         ldap_entry,
         ( password.nil? and (@unsupported_hash_algorithms_in_ad.include?(@password_hash_algorithm)) ) ? nil : get_password_hash(uid, password)
@@ -341,21 +342,28 @@ class Adap
     # Creating AD ldapsearch filter
 
     ad_filter = if primary_gid_number == nil then
+      # TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn}` is more accureate.
+      #Net::LDAP::Filter.construct(
+      #    "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(member=CN=#{uid},CN=Users,#{@ad_basedn}))")
+
       Net::LDAP::Filter.construct(
-          "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(member=CN=#{uid},CN=Users,#{@ad_basedn}))")
+          "(&(objectClass=group)(member=CN=#{uid},#{@ad_user_basedn}))")
     else
+      # TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn}` is more accureate.
+      #Net::LDAP::Filter.construct(
+      #    "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(|(member=CN=#{uid},CN=Users,#{@ad_basedn})(gidNumber=#{primary_gid_number})))")
+
       Net::LDAP::Filter.construct(
-          "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(|(member=CN=#{uid},CN=Users,#{@ad_basedn})(gidNumber=#{primary_gid_number})))")
+          "(&(objectClass=group)(|(member=CN=#{uid},#{@ad_user_basedn})(gidNumber=#{primary_gid_number})))")
     end
 
     # Get groups from AD
     # entry = {
     #   :gidnumber => xxx,
     # }
-    #
-    @ad_client.search(:base => @ad_basedn, :filter => ad_filter) do |entry|
-      ad_group_map[entry[:name].first] = {:gidnumber => entry[:gidnumber]}
-      #ad_group_map[entry[:name]] = nil
+    @ad_client.search(:base => @ad_group_basedn, :filter => ad_filter, :attributes => [:cn, :gidnumber]) do |entry|
+      ad_group_map[entry[:cn].first] = {:gidnumber => entry[:gidnumber]}
+      #ad_group_map[entry[:cn]] = nil
     end
     ret_code = @ad_client.get_operation_result.code
 
@@ -369,8 +377,8 @@ class Adap
     ldap_filter = Net::LDAP::Filter.construct("(memberUid=#{uid})")
 
     # Get groups from LDAP
-    @ldap_client.search(:base => "ou=Groups," + @ldap_basedn, :filter => ldap_filter) do |entry|
-      # gidnumber is not necessary for LDAP entry
+    @ldap_client.search(:base => @ldap_group_basedn, :filter => ldap_filter, :attributes => [:cn]) do |entry|
+      # Capture common name of groups. gidnumber is not necessary for LDAP entry
       ldap_group_map[entry[:cn].first] = nil
     end
     ret_code = @ldap_client.get_operation_result.code
@@ -408,7 +416,7 @@ class Adap
     operation_pool = {}
 
     ad_group_map.each_key do |key|
-      dn = "cn=#{key},ou=Groups,#{@ldap_basedn}"
+      dn = "cn=#{key},#{@ldap_group_basedn}"
       # Convert AD entries to LDAP entries to create operation to update LDAP data.
       operation_pool[dn] = {
         :cn => key,
@@ -418,7 +426,7 @@ class Adap
     end
 
     ldap_group_map.each_key do |key|
-      operation_pool["cn=#{key},ou=Groups,#{@ldap_basedn}"] = {
+      operation_pool["cn=#{key},#{@ldap_group_basedn}"] = {
         # :cn and :gidnumber are not necessary
         :operations => [[:delete, :memberuid, uid]]
       } if !ad_group_map.has_key?(key)

data/lib/adap/version.rb

@@ -1,3 +1,3 @@
 module ModAdap
-  VERSION = "0.1.3"
+  VERSION = "0.1.5"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: adap
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.5
 platform: ruby
 authors:
 - Tsutomu Nakamura
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-08-11 00:00:00.000000000 Z
+date: 2025-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -59,9 +59,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".circleci/config.yml"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
 - Gemfile.lock
 - README.md
@@ -95,7 +94,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: LDAP migration tool from AD to NT schema

data/.circleci/config.yml

@@ -1,16 +0,0 @@
-version: 2.1
-orbs:
-  ruby: circleci/ruby@0.1.2 
-
-jobs:
-  build:
-    docker:
-      - image: ruby:2.7
-    executor: ruby/default
-    steps:
-      - checkout
-      - run: bundle check || bundle install
-      - run:
-          command: bundle exec rake test
-          when: always
-

data/.travis.yml

@@ -1,7 +0,0 @@
----
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.6.5
-before_install: gem install bundler -v 2.0.2