adauth 1.2.1 → 2.0.0pre

data/lib/adauth/admin_connection.rb

@@ -1,26 +0,0 @@
-module Adauth
-    
-    # Uses the administrator login to create a Net::LDAP object that can query the whole domain
-    #
-    # Called as:
-    #    Adauth::AdminConnection.bind(username,password)
-    class AdminConnection
-        
-        # Uses the administrator login to create a Net::LDAP object that can query the whole domain
-        #
-        # Called as:
-        #    Adauth::AdminConnection.bind(username,password)
-        def self.bind
-            if Adauth.config.admin_user and Adauth.config.admin_password
-                conn = Adauth::Connection.bind(Adauth.config.admin_user, Adauth.config.admin_password)
-                if conn
-                    return conn
-                else
-                    raise "admin_user and admin_password do not result in a succesful login"
-                end
-            else
-                raise "Can not create Adauth::AdminConnection without admin_user and admin_password set in config"
-            end
-        end
-    end
-end

data/lib/adauth/group.rb

@@ -1,100 +0,0 @@
-module Adauth
-    
-    # Active Directory Group object
-    #
-    # Called as:
-    #    Adauth::Group.find(name)
-    #
-    # Returns an instance of Adauth::Group for the group specified in the find method
-    class Group
-        
-        # Single vales where the method maps directly to one Active Directory attribute
-        ATTR_SV = {
-            :name => :name,
-            :dn => :distinguishedname
-        }
-        
-        # Multi values were the method needs to return an array for values.
-        ATTR_MV = {
-            :ous => [ :distinguishedname,
-                           Proc.new {|g| g.sub(/.*?OU=(.*?),.*/, '\1')} ]
-        }
-        
-        # Finds the group specified
-        #
-        # Called as:
-        #    Adauth::Group.find(name)
-        #
-        # Returns an instance of Adauth::Group for the group specified in the find method
-        def self.find(name)
-            @conn = Adauth::AdminConnection.bind
-            if group = @conn.search(:filter => Net::LDAP::Filter.eq('name', name)).first
-                return self.new(group)
-            else
-                return nil
-            end
-        end
-        
-        # Returns the members of the group
-        #
-        # Called as:
-        #    Adauth::Group.members
-        #
-        # Returns an array of Adauth::Users for the group
-        def members
-            filters = Net::LDAP::Filter.eq("memberof","CN=#{name},#{dn}")
-            members_ldap = @conn.search(:filter => filters)
-            members = []
-            members_ldap.each do |member|
-                user = Adauth::User.create_from_login(member.samaccountname.first)
-                members.push(user)
-            end
-            return members
-        end
-        
-        private
-        
-        def initialize(entry)
-            @entry = entry
-            @conn = Adauth::AdminConnection.bind
-            self.class.class_eval do
-                generate_single_value_readers
-                generate_multi_value_readers
-            end
-        end
-
-        def self.generate_single_value_readers
-            ATTR_SV.merge(Adauth.config.ad_sv_group_attrs).each_pair do |k, v|
-                val, block = Array(v)
-                define_method(k) do
-                    if @entry.attribute_names.include?(val)
-                        if block.is_a?(Proc)
-                            return block[@entry.send(val).to_s]
-                        else
-                            return @entry.send(val).to_s
-                        end
-                    else
-                        return ''
-                    end
-                end
-            end
-        end
-
-        def self.generate_multi_value_readers
-            ATTR_MV.merge(Adauth.config.ad_mv_group_attrs).each_pair do |k, v|
-                val, block = Array(v)
-                define_method(k) do
-                    if @entry.attribute_names.include?(val)
-                        if block.is_a?(Proc)
-                            return @entry.send(val).collect(&block)
-                        else
-                            return @entry.send(val)
-                        end
-                    else
-                        return []
-                    end
-                end
-            end
-        end
-    end
-end

data/lib/adauth/helpers.rb

@@ -1,28 +0,0 @@
-module Adauth
-    
-    # Helper methods for rails
-    module Helpers
-        
-        # Creates a form_tag for the adauth form
-        #
-        # Sets the html id to "adauth_login" and the form destination to "/adauth"
-        def adauth_form
-        	form_tag '/adauth', :id => "adauth_login" do
-        	    yield.html_safe
-    	    end
-        end
-        
-        # Create the default form by calling `adauth_form` and passing a username and password input
-        def default_adauth_form
-            adauth_form do
-                "<p>#{label_tag :username}: 
-                #{text_field_tag :username}</p>
-                <p>#{label_tag :password}: 
-                #{password_field_tag :password}</p>
-                <p>#{submit_tag "Login!"}</p>"
-            end
-        end
-    end
-end
-
-ActionView::Base.send :include, Adauth::Helpers if defined? ActionView

data/lib/adauth/user.rb

@@ -1,114 +0,0 @@
-module Adauth
-    
-    # The class which links to Active Directory, based on http://metautonomo.us/2008/04/04/simplified-active-directory-authentication/
-    #
-    # Do no call Adauth::User.new, use Adauth::User.authenticate instead. For all of Adauth additional filtering use Adauth.authenticate.
-    class User
-        
-        # Single vales where the method maps directly to one Active Directory attribute
-        ATTR_SV = {
-              :login => :samaccountname,
-              :first_name => :givenname,
-              :last_name => :sn,
-              :email => :mail,
-              :name => :name
-        }
-        
-        # Multi values where the method needs to return an array for values.
-        ATTR_MV = {
-              :groups => [ :memberof,
-                           Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ],
-              :ous => [ :memberof,
-                           Proc.new {|g| g.scan(/OU=.*?,/).map { |e| e.sub!(/OU=/,'').sub(/,/,'') } } ]
-        }
-
-        # Authenticates a user against Active Directory and returns an instance of self
-        #
-        # Called as:
-        #    Adauth::User.authenticate("username", "password")
-        #
-        # Usage would by-pass Adauths group filtering.
-        def self.authenticate(login, pass)
-            return nil if login.empty? or pass.empty?
-            conn = Adauth::Connection.bind(login, pass)
-            if conn and user = conn.search(:filter => Net::LDAP::Filter.eq('sAMAccountName', login)).first
-                return self.new(user)
-            else
-                return nil
-            end
-        rescue Net::LDAP::LdapError => e
-            return nil
-        end
-
-        # Create a Adauth::User object from AD using just the username
-        #
-        # Called as:
-        #    Adauth::User.create_from_login(login)
-        #
-        # Allows you to create objects for users without using thier password.
-        def self.create_from_login(login)
-            conn = Adauth::AdminConnection.bind
-            user = conn.search(:filter => Net::LDAP::Filter.eq('sAMAccountName', login)).first
-            obj = self.new(user)
-            return obj
-        end
-
-        # Returns the full name of the user
-        #
-        # Combines the first_name and last_name attributes to create full_name
-        def full_name
-            self.first_name + ' ' + self.last_name
-        end
-
-        # Returns true if the user is a member of the passed group.
-        def member_of?(group)
-            self.groups.include?(group)
-        end
-
-        private
-
-        def initialize(entry)
-            @entry = entry
-            self.class.class_eval do
-                generate_single_value_readers
-                generate_multi_value_readers
-            end
-        end
-
-        def self.generate_single_value_readers
-            ATTR_SV.merge(Adauth.config.ad_sv_attrs).each_pair do |k, v|
-                val, block = Array(v)
-                define_method(k) do
-                    if @entry.attribute_names.include?(val)
-                        if block.is_a?(Proc)
-                            return block[@entry.send(val)]
-                        else
-                            return @entry.send(val).to_s
-                        end
-                    else
-                        return ''
-                    end
-                end
-            end
-        end
-
-        def self.generate_multi_value_readers
-            ATTR_MV.merge(Adauth.config.ad_mv_attrs).each_pair do |k, v|
-                val, block = Array(v)
-                define_method(k) do
-                    if @entry.attribute_names.include?(val)
-                        if block.is_a?(Proc)
-                            output = @entry.send(val).collect(&block) 
-                            output = output.first if output.first.is_a? Array
-                            return output
-                        else
-                            return @entry.send(val)
-                        end
-                    else
-                        return []
-                    end
-                end
-            end
-        end
-    end
-end

data/lib/adauth/user_model.rb

@@ -1,76 +0,0 @@
-module Adauth
-    
-    # Module desgined to be included in a ActiveRecord user model
-    module UserModel
-        
-        # Adds class methods to the ActiveRecord model when included
-        def self.included(base)
-            base.extend ClassMethods
-        end
-        
-        # Returns an array of groups for the user
-        #
-        # Called as:
-        #    UserInstance.groups
-        #
-        # The array is generated from the group_strings attribute which is set by the adauth update and create methods. This array will match the windows security groups the user is a member of.
-    	def groups
-    	   group_strings.split(", ") 
-	    end
-	    
-	    # Returns an array of groups for the user
-        #
-        # Called as:
-        #    UserInstance.ous
-        #
-        # The array is generated from the group_strings attribute which is set by the adauth update and create methods. This array will match the orginizational units the user is a member of.
-	    def ous
-	        ou_strings.split(", ")
-        end
-	    
-	    # Update the user record using an instance of Adauth::User
-	    #
-	    # Called as:
-	    #    UserInstance.update_from_adauth(AdauthUserInstance)
-	    #
-	    # This method is called on login and shouldn't need to be called at any other time
-	    def update_from_adauth(adauth_user)
-	        self.group_strings = adauth_user.groups.join(", ")
-	        self.name = adauth_user.name.gsub(/\"|\[|\]/, "")
-	        self.save
-        end
-	    
-	    # Class methods for the UserModel
-	    module ClassMethods
-	        
-	        # Used during the login process to return the users database record.
-	        #
-	        # Takes an instance of Adauth::User as an input
-	        #
-	        # Called as
-	        #     YourUserModel.return_and_create_with_adauth(AdauthUserInstance)
-	        #
-	        # If the user has no user record in the database one will be created. All the details on the record (new and old) will be updated to the lastest details from the AD server
-	        def return_and_create_with_adauth(adauth_user)
-                user = (find_by_login(adauth_user.login.gsub(/\"|\[|\]/, "")) || create_user_with_adauth(adauth_user))
-                user.update_from_adauth(adauth_user)
-                return user
-            end
-            
-            # Creates a user record from an instance of Adauth::User
-            #
-            # Called as:
-            #    YourUserModel.create_user_with_adauth(AdauthUserInstance)
-            #
-            # Takes the Adauth::User input and creates a user record with matching details
-            def create_user_with_adauth(adauth_user)
-        		create! do |user|
-        			user.login = adauth_user.login.gsub(/\"|\[|\]/, "")
-        			user.group_strings = adauth_user.groups.join(", ")
-        			user.ou_strings = adauth_user.ous.join(", ")
-        			user.name = adauth_user.name.gsub(/\"|\[|\]/, "")
-        		end
-        	end 
-        end
-    end
-end

data/lib/generators/adauth/all/USAGE

@@ -1,5 +0,0 @@
-Description:
-  Runs all the adauth generators with defaults.
-
-Example:
-  rails g adauth:all

data/lib/generators/adauth/all/all_generator.rb

@@ -1,18 +0,0 @@
-module Adauth
-    module Generators
-        
-        # Runs all of Adauths Generators
-        class AllGenerator < Rails::Generators::Base
-            
-            # Calls all of Adauth Generators
-            #
-            # Called by running
-            #    rails g adauth:all
-            def all_generators
-                generate "adauth:config"
-                generate "adauth:user_model"
-                generate "adauth:sessions"
-            end
-        end
-    end
-end

data/lib/generators/adauth/user_model/USAGE

@@ -1,14 +0,0 @@
-Description:
-  Default for MODEL_NAME is user
-  Default for MIGRATION_NAME is "create_(plural of MODEL_NAME)"
-  Creates a model for storing Adauth users which inherits from Adauth::UserModel
-
-Example:
-  adauth:user_model
-    Will result in app/model/user.rb and a migration called create_users
-
-  adauth:user_model employee
-    Will result in app/model/employee.rb and a migration called create_employees
-
-  adauth:user_model employee add_adauth_to_employees
-    Will result in app/model/employee.rb and a migration called add_adauth_to_employees

data/lib/generators/adauth/user_model/templates/model.rb.erb

@@ -1,3 +0,0 @@
-class <%= model_name.camelize %> < ActiveRecord::Base
-    include Adauth::UserModel
-end

data/lib/generators/adauth/user_model/user_model_generator.rb

@@ -1,32 +0,0 @@
-module Adauth
-    module Generators
-        
-        # Creates a user model with migration
-        class UserModelGenerator < Rails::Generators::Base
-            source_root File.expand_path('../templates', __FILE__)
-            argument :model_name, :type => :string, :default => "user"
-            argument :migration_name, :type => :string, :default => false
-            
-            # Creates a user model with migration
-            #
-            # Called as:
-            #    rails g adauth:user_model
-            #
-            # Has 2 optional parameters, model_name which defaults to "user" and migration_name which defaults to "create_users"
-            def generate_user_model
-                template "model.rb.erb", "app/models/#{file_name}.rb"
-                generate "migration", "#{migration_name_for_array}", "login:string", "group_strings:string", "name:string", "ou_strings:string"
-            end
-            
-            private
-            
-            def file_name
-               model_name.underscore
-            end
-            
-            def migration_name_for_array
-                migration_name || "create_#{model_name.pluralize}"
-            end
-        end
-    end
-end

data/spec/adauth_group_spec.rb

@@ -1,51 +0,0 @@
-require 'lib/adauth'
-require 'yaml'
-
-describe Adauth::Group do
-    before :each do
-        @yaml = YAML::load(File.open('spec/test_data.yml'))
-        Adauth.configure do |c|
-            c.domain = @yaml["domain"]["domain"]
-            c.server = @yaml["domain"]["server"]
-            c.port = @yaml["domain"]["port"]
-            c.base = @yaml["domain"]["base"]
-            c.admin_user = @yaml["domain"]["admin_user"]
-            c.admin_password = @yaml["domain"]["admin_password"]
-        end
-    end
-    
-    it "should return an instance of Adauth::Group if the group exists" do
-        group = Adauth::Group.find(@yaml["user"]["group"])
-        group.should be_a Adauth::Group
-        group.name.should eq(@yaml["user"]["group"])
-    end 
-    
-    it "should return nil for a group that doesn't exist" do
-        Adauth::Group.find(@yaml["user"]["group"][0..2]).should be_nil
-    end
-    
-    it "should return an array from group.members" do
-        group = Adauth::Group.find(@yaml["user"]["group"])
-        group.members.should be_a Array
-        group.members.count.should_not eq(0)
-    end
-    
-    it "should return an array of adauth::users from group.members" do
-        group = Adauth::Group.find(@yaml["user"]["group"])
-        group.members.each do |member|
-            member.should be_a Adauth::User
-        end
-    end
-    
-    it "should only return users in this groups" do
-        group = Adauth::Group.find(@yaml["user"]["group"])
-        group.members.each do |member|
-            member.groups.include?(@yaml["user"]["group"]).should be_true
-        end
-    end
-    
-    it "should return an array of ous" do
-        group = Adauth::Group.find(@yaml["user"]["group"])
-        group.ous.should be_a Array
-    end
-end