adauth 2.0.1 → 2.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: cffe1ba97471be1224d557a5df97bd0e16e5eb59
4
- data.tar.gz: d080e1a4e3a065c57da6c7281c60c79e0fe82f07
3
+ metadata.gz: 48e8b82dd827473a19acccdc250b66bcdf00e44a
4
+ data.tar.gz: af6839234b1405eecbb6551dcf91acecc6d76c2b
5
5
  SHA512:
6
- metadata.gz: 12b8d3a9a46735f4528a890272db9c52434883bbc922f46f243957e87fb6acdf1e7f4abf42d70ca0bed4af8ad2ade0947b5918496af5fbca9e89495e8acab224
7
- data.tar.gz: 94ec81bf3fb570be993eb87d51de4543ff11c91de5742e30ef26a7f7acefef8aca2866d76fdde8f87750eb71ffccf7e53f2c05acef3e381959b067d95e0db6a3
6
+ metadata.gz: 0fc542e5a2f1392253738852897817726bdb2b1bfb697dc82fe287a775729cd75131b85f1135727a3d7e9e869fe4b3131829417c828bd625ff0e09303f45b41b
7
+ data.tar.gz: 1a08d5744964257fd2284f7c52de1fd853f5c3783f1c182d0e77b5c6821a32f82f793fd48beb0ba753de391228c8cbbadbe3c3e3ece4e07e7ad7d854b66152c0
@@ -1,13 +1,15 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- adauth (2.0.0)
4
+ adauth (2.0.1)
5
+ expects (~> 0.0.2)
5
6
  net-ldap
6
7
 
7
8
  GEM
8
9
  remote: https://rubygems.org/
9
10
  specs:
10
11
  diff-lcs (1.1.3)
12
+ expects (0.0.2)
11
13
  multi_json (1.7.7)
12
14
  net-ldap (0.3.1)
13
15
  rake (0.9.2.2)
data/Readme.md CHANGED
@@ -70,4 +70,11 @@ You can interact with the logger through `Adauth.logger` and set a new one using
70
70
 
71
71
  ## Developing
72
72
 
73
- Before you can run the tests you will need to write a yml file with your domain settings in and place it at _spec/test_data.yml_, there is an example of this file in the spec folder.
73
+ Before you can run the tests you will need to write a yml file with your domain settings in and place it at _spec/test_data.yml_, there is an example of this file in the spec folder.
74
+
75
+ When you fork Adauth please:
76
+
77
+ 1. Create your feature branch (`git checkout -b my-new-feature`)
78
+ 2. Commit your changes (`git commit -am 'Add some feature'`)
79
+ 3. Push to the branch (`git push origin my-new-feature`)
80
+ 4. Create new Pull Request
@@ -11,12 +11,14 @@ Gem::Specification.new do |s|
11
11
  s.homepage = "http://adauth.arcath.net"
12
12
  s.summary = "Provides Active Directory authentication for Rails"
13
13
  s.description = "A full featured library for working with Microsofts Active Directory in Ruby."
14
+ s.license = 'MIT'
14
15
 
15
16
  s.add_development_dependency "rake"
16
17
  s.add_development_dependency "rspec"
17
18
  s.add_development_dependency "simplecov"
18
19
  s.add_development_dependency "yard"
19
20
  s.add_dependency "net-ldap"
21
+ s.add_dependency "expects", "~> 0.0.2"
20
22
 
21
23
  s.files = `git ls-files`.split("\n")
22
24
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
@@ -1,4 +1,5 @@
1
1
  # Requires
2
+ require 'expects'
2
3
  require 'logger'
3
4
  require 'net/ldap'
4
5
  require 'timeout'
@@ -57,7 +58,8 @@ module Adauth
57
58
  :encryption => @config.encryption,
58
59
  :allow_fallback => @config.allow_fallback,
59
60
  :username => user,
60
- :password => password
61
+ :password => password,
62
+ :anonymous_bind => @config.anonymous_bind
61
63
  }
62
64
  end
63
65
 
@@ -15,6 +15,8 @@ module Adauth
15
15
  #
16
16
  # Provides all the common functions for Active Directory.
17
17
  class AdObject
18
+ include Expects
19
+
18
20
  # Returns all objects which have the ObjectClass of the inherited class
19
21
  def self.all
20
22
  Adauth.logger.info(self.class.inspect) { "Searching for all objects matching filter \"#{self::ObjectFilter}\"" }
@@ -54,6 +56,7 @@ module Adauth
54
56
 
55
57
  # Creates a new instance of the object and sets @ldap_object to the passed Net::LDAP entity
56
58
  def initialize(ldap_object)
59
+ expects ldap_object, Net::LDAP::Entry
57
60
  @ldap_object = ldap_object
58
61
  end
59
62
 
@@ -152,6 +155,11 @@ module Adauth
152
155
  return false
153
156
  end
154
157
 
158
+ # Delete the object
159
+ def delete
160
+ Adauth.connection.delete(dn: @ldap_object.dn)
161
+ end
162
+
155
163
  private
156
164
 
157
165
  def convert_to_objects(array)
@@ -20,15 +20,24 @@ module Adauth
20
20
  :cn_members => [ :member,
21
21
  Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ],
22
22
  :memberof => :member
23
- #:cn_groups => [ :memberof,
24
- # Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ]
25
23
  }
26
24
 
27
25
  # Object Net::LDAP filter
28
26
  #
29
27
  # Used to restrict searches' to just this object
30
28
  ObjectFilter = Net::LDAP::Filter.eq("objectClass", "group")
31
-
29
+
30
+ # Create a new Group
31
+ def self.new_group(name, parent)
32
+ expects parent, [Adauth::AdObjects::OU, Adauth::AdObjects::Folder]
33
+ attributes = {
34
+ cn: name,
35
+ objectclass: ["top", "group"]
36
+ }
37
+ Adauth.connection.add(dn: "CN=#{name},#{parent.ldap_object.dn}", attributes: attributes )
38
+ return Adauth::AdObjects::Group.where('name', name).first
39
+ end
40
+
32
41
  # Returns all the objects which are members of this group
33
42
  def members
34
43
  Adauth.logger.info(self.class.inspect) { "Getting group members for #{self.name}" }
@@ -48,6 +48,18 @@ module Adauth
48
48
  modify([[:replace, :unicodePwd, password]])
49
49
  end
50
50
 
51
+ # Add the user to the supplied group
52
+ def add_to_group(group)
53
+ expects group, Adauth::AdObjects::Group
54
+ group.modify([[:add, :member, @ldap_object.dn]])
55
+ end
56
+
57
+ # Remove the user from the supplied group
58
+ def remove_from_group(group)
59
+ expects group, Adauth::AdObjects::Group
60
+ group.modify([[:delete, :member, @ldap_object.dn]])
61
+ end
62
+
51
63
  private
52
64
 
53
65
  def microsoft_encode_password(password)
@@ -4,7 +4,8 @@ module Adauth
4
4
  # Sets the defaults an create and generates guess values.
5
5
  class Config
6
6
  attr_accessor :domain, :port, :base, :server, :encryption, :query_user, :query_password, :allow_fallback,
7
- :allowed_groups, :denied_groups, :allowed_ous, :denied_ous, :contains_nested_groups
7
+ :allowed_groups, :denied_groups, :allowed_ous, :denied_ous, :contains_nested_groups,
8
+ :anonymous_bind
8
9
 
9
10
  def initialize
10
11
  @port = 389
@@ -14,6 +15,7 @@ module Adauth
14
15
  @denied_ous = []
15
16
  @allow_fallback = false
16
17
  @contains_nested_groups = false
18
+ @anonymous_bind = false
17
19
  end
18
20
 
19
21
  # Guesses the Server and Base string
@@ -3,7 +3,10 @@ module Adauth
3
3
  #
4
4
  # Handles errors and configures the connection.
5
5
  class Connection
6
+ include Expects
7
+
6
8
  def initialize(config)
9
+ expects config, Hash
7
10
  @config = config
8
11
  end
9
12
 
@@ -19,7 +22,9 @@ module Adauth
19
22
  if @config[:encryption]
20
23
  conn.encryption @config[:encryption]
21
24
  end
22
-
25
+
26
+ raise "Anonymous Bind is disabled" if @config[:password] == "" && !(@config[:anonymous_bind])
27
+
23
28
  conn.auth "#{@config[:username]}@#{@config[:domain]}", @config[:password]
24
29
 
25
30
  begin
@@ -1,4 +1,4 @@
1
1
  module Adauth
2
2
  # Adauths Version Number
3
- Version = '2.0.1'
3
+ Version = '2.0.2'
4
4
  end
@@ -1,10 +1,10 @@
1
- ...................*...............
1
+ ....................*..................
2
2
 
3
3
  Pending:
4
4
  Adauth::AdObjects::User should allow you to reset the password
5
5
  # Insecure connection, unable to test change password
6
- # ./spec/adauth_ad_object_user_spec.rb:49
6
+ # ./spec/adauth_ad_object_user_spec.rb:54
7
7
 
8
- Finished in 12.3 seconds
9
- 35 examples, 0 failures, 1 pending
10
- Coverage report generated for RSpec to /Users/arcath/Code/Gems/Adauth/coverage. 472 / 489 LOC (96.52%) covered.
8
+ Finished in 28.72 seconds
9
+ 39 examples, 0 failures, 1 pending
10
+ Coverage report generated for RSpec to /Users/arcath/Code/Gems/Adauth/coverage. 534 / 551 LOC (96.91%) covered.
@@ -5,6 +5,10 @@ describe Adauth::AdObjects::Group do
5
5
  Adauth::AdObjects::Group.where('name', 'Domain Admins').first
6
6
  end
7
7
 
8
+ let(:test_ou) do
9
+ Adauth::AdObjects::OU.where('name', test_data("domain", "testable_ou")).first
10
+ end
11
+
8
12
  it "should have a name" do
9
13
  default_config
10
14
  domain_admins.name.should eq "Domain Admins"
@@ -13,11 +17,19 @@ describe Adauth::AdObjects::Group do
13
17
  it "should have a members list" do
14
18
  default_config
15
19
  domain_admins.members.should be_a Array
16
- domain_admins.members.first.name.should be_a String
20
+ domain_admins.members.last.name.should be_a String
17
21
  end
18
22
 
19
23
  it "should be a member of" do
20
24
  default_config
21
25
  domain_admins.groups.should be_a Array
22
26
  end
27
+
28
+ it "should let you create and destroy a group" do
29
+ default_config
30
+ new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
31
+ new_group.should be_a Adauth::AdObjects::Group
32
+ new_group.delete
33
+ Adauth::AdObjects::Group.where('name', "Adauth Test Group").count.should eq 0
34
+ end
23
35
  end
@@ -5,6 +5,10 @@ describe Adauth::AdObjects::User do
5
5
  Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
6
6
  end
7
7
 
8
+ let(:test_ou) do
9
+ Adauth::AdObjects::OU.where('name', test_data("domain", "testable_ou")).first
10
+ end
11
+
8
12
  it "should find administrator" do
9
13
  default_config
10
14
  user.login.should eq test_data("domain", "breakable_user")
@@ -13,6 +17,7 @@ describe Adauth::AdObjects::User do
13
17
  it "should authenticate a user" do
14
18
  default_config
15
19
  Adauth::AdObjects::User.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_true
20
+ lambda { Adauth::AdObjects::User.authenticate(test_data("domain", "query_user"), "does not work") }.should raise_exception
16
21
  end
17
22
 
18
23
  it "should find groups" do
@@ -60,4 +65,25 @@ describe Adauth::AdObjects::User do
60
65
  pending("Insecure connection, unable to test change password")
61
66
  end
62
67
  end
68
+
69
+ it "should be able to add a user to a group" do
70
+ default_config
71
+ new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
72
+ user.add_to_group new_group
73
+ rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
74
+ rq_user.member_of?("Adauth Test Group").should be_true
75
+ new_group.delete
76
+ end
77
+
78
+ it "should be able to remove a user from a group" do
79
+ default_config
80
+ new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
81
+ user.add_to_group new_group
82
+ rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
83
+ rq_user.member_of?("Adauth Test Group").should be_true
84
+ rq_user.remove_from_group new_group
85
+ rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
86
+ rq_user.member_of?("Adauth Test Group").should be_false
87
+ new_group.delete
88
+ end
63
89
  end
@@ -0,0 +1,13 @@
1
+ require 'spec_helper'
2
+
3
+ describe "issue #37" do
4
+ it "should not happen" do
5
+ default_config
6
+ ldap_user = Adauth.authenticate("administrator", "foo")
7
+ ldap_user.should be_false
8
+ ldap_user = Adauth.authenticate(test_data("domain", "breakable_user"), "")
9
+ ldap_user.should be_false
10
+ ldap_user = Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password"))
11
+ ldap_user.should be_a Adauth::AdObjects::User
12
+ end
13
+ end
@@ -8,4 +8,5 @@ domain:
8
8
  query_user: User.Name
9
9
  query_password: Password
10
10
  breakable_user: User.Name
11
- breakable_password: Password
11
+ breakable_password: Password
12
+ testable_ou: Your OU
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: adauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam "Arcath" Laycock
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-07-14 00:00:00.000000000 Z
11
+ date: 2013-08-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -80,6 +80,20 @@ dependencies:
80
80
  - - '>='
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: expects
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ~>
88
+ - !ruby/object:Gem::Version
89
+ version: 0.0.2
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ~>
95
+ - !ruby/object:Gem::Version
96
+ version: 0.0.2
83
97
  description: A full featured library for working with Microsofts Active Directory
84
98
  in Ruby.
85
99
  email:
@@ -128,12 +142,14 @@ files:
128
142
  - spec/adauth_authenticate_spec.rb
129
143
  - spec/adauth_config_spec.rb
130
144
  - spec/adauth_connection_spec.rb
145
+ - spec/adauth_issue_spec.rb
131
146
  - spec/adauth_rails_model_bridge_spec.rb
132
147
  - spec/adauth_spec.rb
133
148
  - spec/spec_helper.rb
134
149
  - spec/test_data.example.yml
135
150
  homepage: http://adauth.arcath.net
136
- licenses: []
151
+ licenses:
152
+ - MIT
137
153
  metadata: {}
138
154
  post_install_message:
139
155
  rdoc_options: []
@@ -165,6 +181,7 @@ test_files:
165
181
  - spec/adauth_authenticate_spec.rb
166
182
  - spec/adauth_config_spec.rb
167
183
  - spec/adauth_connection_spec.rb
184
+ - spec/adauth_issue_spec.rb
168
185
  - spec/adauth_rails_model_bridge_spec.rb
169
186
  - spec/adauth_spec.rb
170
187
  - spec/spec_helper.rb