adap 0.1.4 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9689b192170a4cc2976d36fad77d1e67a89a25090bbcf82eadec964e45ac6b60
-  data.tar.gz: 3d834f3d62e8a641cceb49f353d898cbdde4edaac3550f01aeebf9bdd2239383
+  metadata.gz: 15cf0c457f1119adc8d5393c23791bf7033be7bc9c1afd8f1b157989cd1786b7
+  data.tar.gz: e39ccd38e93cb38d63a17368b9e481cb56977996a3cf401d100175b093fa667b
 SHA512:
-  metadata.gz: bb859c3aca6dd3c262233c2760de8ed11e8efef924e71aeb1a61bbea48766037853fd2ec490345925864a5bdb2927749fec8d399e1a550bcc0364d125ddc19ab
-  data.tar.gz: d7b266e66cb56c92666eb4d65766c2ce80cf312f99a9da8de4e404ad1df1eceaae31ed0822db5c0fa64b1216f2d33613156a1eb4f29e60dd426a3f9b644f9070
+  metadata.gz: 7fc03fd6077f6f0b4961c5f5ca6e4b5ce97259463859c8f4d71ee5e087cf403f74c290677f2f5138a47395b533ed3fede89f1976b5010e0149f4ccabe9824174
+  data.tar.gz: 8a9195e6f81ae28dc7aa70b2d8ce51635f36fc89e087fc4cfdbd1e2b37e7f6e823cee40ee5dffd6e9277f4cf2881b38bb687bf88e37a9033c4df287401745a3b

data/.github/workflows/release.yml

@@ -0,0 +1,51 @@
+
+
+name: Ruby
+
+on:
+  workflow_dispatch:    # Allows you to run this workflow manually from the Actions tab or GitHub CLI(gh workflow run)
+    inputs:
+      otp:
+        description: "One-time password for RubyGems.org"
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    strategy:
+      matrix:
+        os: [ubuntu-24.04]
+        ruby: ['3.3']
+
+    runs-on: ${{ matrix.os }}
+    env:
+      GEM_HOST_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}
+      GEM_HOST_OTP_CODE: ${{ github.event.inputs.rubygems-otp-code }}
+    steps:
+      - name: Check out ${{ github.event.repository.owner.name }}/${{ github.event.repository.name }}
+        uses: actions/checkout@v4
+        with:
+          path: ${{ github.event.repository.name }}
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+
+      - name: Run tests
+        run: |
+          cd ${GITHUB_WORKSPACE}/${{ github.event.repository.name }}
+          bundle install --retry 3
+          bundle exec rake
+
+      - name: Push to rubygems.org
+        if: startsWith(github.ref, 'refs/tags/v')
+        run: |
+          echo "Pushing to rubygems.org. You need update the version in lib/adap/version.rb before pushing it."
+          echo "Detected version is \"$(grep VERSION lib/adap/version.rb)\""
+          cd ${GITHUB_WORKSPACE}/${{ github.event.repository.name }}
+          bundle exec rake release
+

data/.github/workflows/ruby.yml

@@ -0,0 +1,69 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    tags: ["v*"]
+    branches: [ "master", "develop" ]
+  pull_request:
+    branches: [ "master" ]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+
+    strategy:
+      fail-fast: false
+      matrix:
+        #os: [ubuntu-latest]
+        os: [ubuntu-24.04]
+        # Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
+        ruby: ['3.3']
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - name: Print variables that will be used
+      run: |
+        # You can list GitHub Actionses variables with a command below.
+        # $ grep -oP '\$\{\{.*?\}\}' .github/workflows/docker-image.yml | sort | uniq
+        echo env.dest_repository_name=${{ env.dest_repository_name }}
+        echo env.dest_repository_owner_name=${{ env.dest_repository_owner_name }}
+        echo github.event.repository.name=${{ github.event.repository.name }}
+        echo github.event.repository.owner.name=${{ github.event.repository.owner.name }}
+
+    - name: Check out ${{ github.event.repository.owner.name }}/${{ github.event.repository.name }}
+      uses: actions/checkout@v4
+      with:
+        path: ${{ github.event.repository.name }}
+
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+      uses: ruby/setup-ruby@v1
+      #uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
+      with:
+        ruby-version: ${{ matrix.ruby }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+
+    - name: Run tests
+      run: |
+        cd ${GITHUB_WORKSPACE}/${{ github.event.repository.name }}
+        bundle install --retry 3
+        bundle exec rake
+
+    - name: Push to rubygems.org
+      if: startsWith(github.ref, 'refs/tags/v')
+      run: |
+        echo "Pushing to rubygems.org. You need update the version in lib/adap/version.rb before pushing it."
+        echo "Detected version is \"$(grep VERSION lib/adap/version.rb)\""
+        cd ${GITHUB_WORKSPACE}/${{ github.event.repository.name }}
+        bundle exec rake release
+

data/Gemfile

@@ -1,12 +1,17 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
-# Specify your gem's dependencies in adap.gemspec
-gemspec
+# gem "rails"
 
 gem "unix-crypt", "~> 1.3"
 
-gem "net-ldap", "~> 0.16.2"
+gem "net-ldap", "~> 0.19.0"
+
+gem "mocha", "~> 2.7"
+
+gem "rake", "~> 13.2"
 
-gem "mocha", "~> 1.10"
+gem "base64", "~> 0.2.0"
 
-gem "rake", "~> 13.0"
+gem "minitest", "~> 5.25"

data/Gemfile.lock

@@ -1,26 +1,26 @@
-PATH
-  remote: .
-  specs:
-    adap (0.1.3)
-
 GEM
   remote: https://rubygems.org/
   specs:
-    minitest (5.14.0)
-    mocha (1.11.2)
-    net-ldap (0.16.2)
-    unix-crypt (1.3.0)
+    base64 (0.2.0)
+    minitest (5.25.4)
+    mocha (2.7.1)
+      ruby2_keywords (>= 0.0.5)
+    net-ldap (0.19.0)
+    rake (13.2.1)
+    ruby2_keywords (0.0.5)
+    unix-crypt (1.3.1)
 
 PLATFORMS
   ruby
+  x86_64-linux
 
 DEPENDENCIES
-  adap!
-  bundler (~> 2.0)
-  minitest (~> 5.0)
-  mocha (~> 1.10)
-  net-ldap (~> 0.16.2)
+  base64 (~> 0.2.0)
+  minitest (~> 5.25)
+  mocha (~> 2.7)
+  net-ldap (~> 0.19.0)
+  rake (~> 13.2)
   unix-crypt (~> 1.3)
 
 BUNDLED WITH
-   2.2.23
+   2.5.22

data/README.md

@@ -209,10 +209,6 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
-## Build
-
-gem build adap.gemspec
-
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/TsutomuNakamura/adap.

data/lib/adap/adap.rb

@@ -19,8 +19,8 @@ class Adap
   def initialize(params)
     raise "Initialize Adap was failed. params must not be nil" if params == nil
 
-    [:ad_host, :ad_binddn, :ad_basedn, :ldap_host, :ldap_binddn, :ldap_basedn].each { |k|
-      raise 'Adap requires keys in params ":ad_host", ":ad_binddn", ":ad_basedn", ":ldap_host", ":ldap_binddn", ":ldap_basedn"' if !params.key?(k)
+    [:ad_host, :ad_binddn, :ad_user_basedn, :ad_group_basedn, :ldap_host, :ldap_binddn, :ldap_user_basedn, :ldap_group_basedn].each { |k|
+      raise 'Adap requires keys in params ":ad_host", ":ad_binddn", ":ad_user_basedn", ":ad_group_basedn", ":ldap_host", ":ldap_binddn", ":ldap_user_basedn", ":ldap_group_basedn"' if !params.key?(k)
     }
 
     # List of attributes for user in AD
@@ -42,14 +42,15 @@ class Adap
     @ad_host                  = params[:ad_host]
     @ad_port                  = (params[:ad_port] ? params[:ad_port] : 389)
     @ad_binddn                = params[:ad_binddn]
-    @ad_basedn                = params[:ad_basedn]
+    @ad_user_basedn           = params[:ad_user_basedn]
+    @ad_group_basedn          = params[:ad_group_basedn]
     @ad_auth                  = (params.has_key?(:ad_password) ? { :method => :simple, :username => @ad_binddn, :password => params[:ad_password] } : nil)
     @ldap_host                = params[:ldap_host]
     @ldap_port                = (params[:ldap_port] ? params[:ldap_port] : 389)
     @ldap_binddn              = params[:ldap_binddn]
-    @ldap_suffix_ou           = (params[:ldap_suffix_ou] ? params[:ldap_suffix_ou] : "ou=Users")
     @ldap_basedn              = params[:ldap_basedn]
     @ldap_user_basedn         = params[:ldap_user_basedn]
+    @ldap_group_basedn        = params[:ldap_group_basedn]
     @ldap_auth                = (params.has_key?(:ldap_password) ? { :method => :simple, :username => @ldap_binddn, :password => params[:ldap_password] } : nil )
 
     # A password-hash algorithm to sync to the LDAP.
@@ -99,12 +100,12 @@ class Adap
     Net::LDAP.new(:host => ldap_host, :port => ldap_port, :auth => ldap_auth)
   end
 
-  def get_ad_dn(username)
-    "CN=#{username},CN=Users,#{@ad_basedn}"
+  def get_ad_user_dn(username)
+    "CN=#{username},#{@ad_user_basedn}"
   end
 
-  def get_ldap_dn(username)
-    "uid=#{username},#{@ldap_suffix_ou},#{@ldap_basedn}"
+  def get_ldap_user_dn(username)
+    "uid=#{username},#{@ldap_user_basedn}"
   end
 
   def create_ldap_attributes(ad_entry)
@@ -159,13 +160,13 @@ class Adap
   end
 
   def sync_user(uid, password=nil)
-    ad_entry    = nil
-    ldap_entry  = nil
-    ad_dn       = get_ad_dn(uid)
-    ldap_dn     = get_ldap_dn(uid)
+    ad_entry        = nil
+    ldap_entry      = nil
+    ad_user_dn      = get_ad_user_dn(uid)
+    ldap_user_dn    = get_ldap_user_dn(uid)
 
     # dn: CN=user-name,CN=Users,DC=mysite,DC=example,DC=com
-    @ad_client.search(:base => ad_dn) do |entry|
+    @ad_client.search(:base => ad_user_dn) do |entry|
       ad_entry = entry
     end
     ret_code = @ad_client.get_operation_result.code
@@ -174,10 +175,10 @@ class Adap
     return {
       :code => ret_code,
       :operations => nil,
-      :message => "Failed to get a user #{ad_dn} from AD - " + @ad_client.get_operation_result.error_message
+      :message => "Failed to get a user #{ad_user_dn} from AD - " + @ad_client.get_operation_result.error_message
     } if ret_code != 0 && ret_code != 32
 
-    @ldap_client.search(:base => ldap_dn) do |entry|
+    @ldap_client.search(:base => ldap_user_dn) do |entry|
       ldap_entry = entry
     end
     ret_code = @ldap_client.get_operation_result.code
@@ -185,17 +186,17 @@ class Adap
     return {
       :code => ret_code,
       :operations => nil,
-      :message => "Failed to get a user #{ldap_dn} from LDAP - " + @ldap_client.get_operation_result.error_message
+      :message => "Failed to get a user #{ldap_user_dn} from LDAP - " + @ldap_client.get_operation_result.error_message
     } if ret_code != 0 && ret_code != 32
 
     ret = nil
     if !ad_entry.nil? and ldap_entry.nil? then
-      ret = add_user(ldap_dn, ad_entry, get_password_hash(uid, password))
+      ret = add_user(ldap_user_dn, ad_entry, get_password_hash(uid, password))
     elsif ad_entry.nil? and !ldap_entry.nil? then
-      ret = delete_user(ldap_dn)
+      ret = delete_user(ldap_user_dn)
     elsif !ad_entry.nil? and !ldap_entry.nil? then
       ret = modify_user(
-        ldap_dn,
+        ldap_user_dn,
         ad_entry,
         ldap_entry,
         ( password.nil? and (@unsupported_hash_algorithms_in_ad.include?(@password_hash_algorithm)) ) ? nil : get_password_hash(uid, password)
@@ -341,21 +342,28 @@ class Adap
     # Creating AD ldapsearch filter
 
     ad_filter = if primary_gid_number == nil then
+      # TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn}` is more accureate.
+      #Net::LDAP::Filter.construct(
+      #    "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(member=CN=#{uid},CN=Users,#{@ad_basedn}))")
+
       Net::LDAP::Filter.construct(
-          "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(member=CN=#{uid},CN=Users,#{@ad_basedn}))")
+          "(&(objectClass=group)(member=CN=#{uid},#{@ad_user_basedn}))")
     else
+      # TODO: Searching with filter `objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn}` is more accureate.
+      #Net::LDAP::Filter.construct(
+      #    "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(|(member=CN=#{uid},CN=Users,#{@ad_basedn})(gidNumber=#{primary_gid_number})))")
+
       Net::LDAP::Filter.construct(
-          "(&(objectCategory=CN=Group,CN=Schema,CN=Configuration,#{@ad_basedn})(|(member=CN=#{uid},CN=Users,#{@ad_basedn})(gidNumber=#{primary_gid_number})))")
+          "(&(objectClass=group)(|(member=CN=#{uid},#{@ad_user_basedn})(gidNumber=#{primary_gid_number})))")
     end
 
     # Get groups from AD
     # entry = {
     #   :gidnumber => xxx,
     # }
-    #
-    @ad_client.search(:base => @ad_basedn, :filter => ad_filter) do |entry|
-      ad_group_map[entry[:name].first] = {:gidnumber => entry[:gidnumber]}
-      #ad_group_map[entry[:name]] = nil
+    @ad_client.search(:base => @ad_group_basedn, :filter => ad_filter, :attributes => [:cn, :gidnumber]) do |entry|
+      ad_group_map[entry[:cn].first] = {:gidnumber => entry[:gidnumber]}
+      #ad_group_map[entry[:cn]] = nil
     end
     ret_code = @ad_client.get_operation_result.code
 
@@ -369,8 +377,8 @@ class Adap
     ldap_filter = Net::LDAP::Filter.construct("(memberUid=#{uid})")
 
     # Get groups from LDAP
-    @ldap_client.search(:base => "ou=Groups," + @ldap_basedn, :filter => ldap_filter) do |entry|
-      # gidnumber is not necessary for LDAP entry
+    @ldap_client.search(:base => @ldap_group_basedn, :filter => ldap_filter, :attributes => [:cn]) do |entry|
+      # Capture common name of groups. gidnumber is not necessary for LDAP entry
       ldap_group_map[entry[:cn].first] = nil
     end
     ret_code = @ldap_client.get_operation_result.code
@@ -408,7 +416,7 @@ class Adap
     operation_pool = {}
 
     ad_group_map.each_key do |key|
-      dn = "cn=#{key},ou=Groups,#{@ldap_basedn}"
+      dn = "cn=#{key},#{@ldap_group_basedn}"
       # Convert AD entries to LDAP entries to create operation to update LDAP data.
       operation_pool[dn] = {
         :cn => key,
@@ -418,7 +426,7 @@ class Adap
     end
 
     ldap_group_map.each_key do |key|
-      operation_pool["cn=#{key},ou=Groups,#{@ldap_basedn}"] = {
+      operation_pool["cn=#{key},#{@ldap_group_basedn}"] = {
         # :cn and :gidnumber are not necessary
         :operations => [[:delete, :memberuid, uid]]
       } if !ad_group_map.has_key?(key)

data/lib/adap/version.rb

@@ -1,3 +1,3 @@
 module ModAdap
-  VERSION = "0.1.4"
+  VERSION = "0.1.8"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: adap
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.8
 platform: ruby
 authors:
 - Tsutomu Nakamura
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-07-14 00:00:00.000000000 Z
+date: 2025-01-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -59,7 +59,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".circleci/config.yml"
+- ".github/workflows/release.yml"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - Gemfile
 - Gemfile.lock
@@ -79,7 +80,7 @@ homepage: https://github.com/TsutomuNakamura/adap
 licenses: []
 metadata:
   homepage_uri: https://github.com/TsutomuNakamura/adap
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -94,8 +95,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.5.22
+signing_key:
 specification_version: 4
 summary: LDAP migration tool from AD to NT schema
 test_files: []

data/.circleci/config.yml

@@ -1,16 +0,0 @@
-version: 2.1
-orbs:
-  ruby: circleci/ruby@0.1.2 
-
-jobs:
-  build:
-    docker:
-      - image: ruby:2.7
-    executor: ruby/default
-    steps:
-      - checkout
-      - run: bundle check || bundle install
-      - run:
-          command: bundle exec rake test
-          when: always
-