adauth 2.0.3 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/adauth/ad_object.rb +6 -4
  3. data/lib/adauth/ad_objects/group.rb +5 -1
  4. data/lib/adauth/authenticate.rb +8 -4
  5. data/lib/adauth/rails/model_bridge.rb +7 -4
  6. data/lib/adauth/version.rb +2 -2
  7. data/spec/adauth_authenticate_spec.rb +24 -6
  8. data/spec/adauth_issue_spec.rb +1 -1
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1a01855a1bb516984482d2cbdaa7020445431786
4
- data.tar.gz: 077068256ee217f616c28322931be7500e8fb967
3
+ metadata.gz: ba854aa4c49708e90a10761e4eeeb50387995ca6
4
+ data.tar.gz: 8bdd4ba583b83515ee07b200d1c69a88a3bf051b
5
5
  SHA512:
6
- metadata.gz: 6e9fd1e2c0af98fff7ce34b6bfe0300490a718c5408d4d7da9f49f84d709070c4ec1163a9fa4ebc90f579295ffa10b7068ba819f3822d4d39241561790af6db5
7
- data.tar.gz: 120341150092ad1327e8cac8a20ba4c321215c504c2964265920cd33762a4670b87bbeaf9b66c86cce5c99f6ce5827673531f4aaaa91d7f2a2d743fad48838cc
6
+ metadata.gz: 2a038027f3d791f37a11d77ce726b9184521af0ca81206973944709a64d95843702a04d9174465c729c40910adcee434a6ce4ba86e2176899a14999bfa89e1ec
7
+ data.tar.gz: 64b9becd466aee82b0c50f5a6ca813bfb58343ba643307145ce7a7369f20e7b220d3903a9aa9f8b394d8c7b5f54e55aa7b65d4b74c19a81950a9205a61f8dfdc
data/lib/adauth/ad_object.rb CHANGED
@@ -108,9 +108,11 @@ module Adauth
108
108
  @cn_groups_nested = cn_groups
109
109
  cn_groups.each do |group|
110
110
  ado = Adauth::AdObjects::Group.where('name', group).first
111
- groups = convert_to_objects ado.cn_groups
112
- groups.each do |g|
113
- @cn_groups_nested.push g if !(@cn_groups_nested.include?(g))
111
+ if ado
112
+ groups = convert_to_objects ado.cn_groups
113
+ groups.each do |g|
114
+ @cn_groups_nested.push g if !(@cn_groups_nested.include?(g))
115
+ end
114
116
  end
115
117
  end
116
118
  return @cn_groups_nested
@@ -199,4 +201,4 @@ module Adauth
199
201
  end
200
202
  end
201
203
  end
202
- end
204
+ end
data/lib/adauth/ad_objects/group.rb CHANGED
@@ -48,7 +48,11 @@ module Adauth
48
48
  end
49
49
 
50
50
  def cn_groups
51
- memberof.split(/.*?CN=(.*?),.*/)
51
+ if memberof.nil?
52
+ []
53
+ else
54
+ memberof.split(/.*?CN=(.*?),.*/)
55
+ end
52
56
  end
53
57
  end
54
58
  end
data/lib/adauth/authenticate.rb CHANGED
@@ -20,14 +20,18 @@ module Adauth
20
20
  return false
21
21
  end
22
22
  end
23
-
23
+
24
24
  # Check if the user is allowed to login
25
25
  def self.allowed_to_login(user)
26
- (allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested) && allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous))
26
+ if (@config.allowed_groups.empty? && @config.allowed_ous.empty?) && (@config.denied_groups.empty? && @config.denied_ous.empty?)
27
+ return true
28
+ else
29
+ return (allowed_from_arrays(@config.allowed_groups, @config.denied_groups, user.cn_groups_nested) && allowed_from_arrays(@config.allowed_ous, @config.denied_ous, user.dn_ous))
30
+ end
27
31
  end
28
-
32
+
29
33
  private
30
-
34
+
31
35
  def self.allowed_from_arrays(allowed, denied, test)
32
36
  return true if allowed.empty? && denied.empty?
33
37
  return true if !((allowed & test).empty?)
data/lib/adauth/rails/model_bridge.rb CHANGED
@@ -20,7 +20,7 @@ module Adauth
20
20
  #
21
21
  # AdauthSearchField = [:login, :name]
22
22
  #
23
- # This will cause RailsModel.find_by_name(AdauthObject.login)
23
+ # This will cause RailsModel.where(:name => AdauthObject.login).first_or_initialize
24
24
  #
25
25
  # The Order is [adauth_field, rails_field]
26
26
  module ModelBridge
@@ -50,10 +50,13 @@ module Adauth
50
50
 
51
51
  # Used to create the RailsModel if it doesn't exist and update it if it does
52
52
  def return_and_create_from_adauth(adauth_model)
53
- find_method = "find_by_#{self::AdauthSearchField.last}".to_sym
54
- rails_model = (self.send(find_method, adauth_model.send(self::AdauthSearchField.first)) || create_from_adauth(adauth_model))
53
+ adauth_field = self::AdauthSearchField.first
54
+ adauth_search_value = adauth_model.send(adauth_field)
55
+ rails_search_field = self::AdauthSearchField.second
56
+ # Model#where({}).first_or_initialize is also compatible with Mongoid (3.1.0+)
57
+ rails_model = self.send(:where, { rails_search_field => adauth_search_value }).first_or_initialize
55
58
  rails_model.update_from_adauth(adauth_model)
56
- return rails_model
59
+ rails_model
57
60
  end
58
61
  end
59
62
  end
data/lib/adauth/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module Adauth
2
2
  # Adauths Version Number
3
- Version = '2.0.3'
4
- end
3
+ Version = '2.0.5'
4
+ end
data/spec/adauth_authenticate_spec.rb CHANGED
@@ -5,12 +5,17 @@ describe Adauth, "#authenticate" do
5
5
  default_config
6
6
  Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_a Adauth::AdObjects::User
7
7
  end
8
-
8
+
9
9
  it "should return false for failed authentication" do
10
10
  default_config
11
11
  Adauth.authenticate(test_data("domain", "query_user"), "foo").should be_false
12
12
  end
13
-
13
+
14
+ it "should return false for a user that does not exist" do
15
+ default_config
16
+ Adauth.authenticate("foo", "bar").should be_false
17
+ end
18
+
14
19
  it "should allow the user if allowed groups are used" do
15
20
  Adauth.configure do |c|
16
21
  c.domain = test_data("domain", "domain")
@@ -23,7 +28,7 @@ describe Adauth, "#authenticate" do
23
28
  end
24
29
  Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_a Adauth::AdObjects::User
25
30
  end
26
-
31
+
27
32
  it "should allow the user if allowed ous are used" do
28
33
  Adauth.configure do |c|
29
34
  c.domain = test_data("domain", "domain")
@@ -36,7 +41,20 @@ describe Adauth, "#authenticate" do
36
41
  end
37
42
  Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_a Adauth::AdObjects::User
38
43
  end
39
-
44
+
45
+ it "should reject a user not in an allowed ou" do
46
+ Adauth.configure do |c|
47
+ c.domain = test_data("domain", "domain")
48
+ c.port = test_data("domain", "port")
49
+ c.base = test_data("domain", "base")
50
+ c.server = test_data("domain", "server")
51
+ c.query_user = test_data("domain", "query_user")
52
+ c.query_password = test_data("domain", "query_password")
53
+ c.allowed_ous = ["Users2"]
54
+ end
55
+ Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_false
56
+ end
57
+
40
58
  it "should reject a user if denied group is used" do
41
59
  Adauth.configure do |c|
42
60
  c.domain = test_data("domain", "domain")
@@ -49,7 +67,7 @@ describe Adauth, "#authenticate" do
49
67
  end
50
68
  Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_false
51
69
  end
52
-
70
+
53
71
  it "should reject a user if denied ous is used" do
54
72
  Adauth.configure do |c|
55
73
  c.domain = test_data("domain", "domain")
@@ -62,4 +80,4 @@ describe Adauth, "#authenticate" do
62
80
  end
63
81
  Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_false
64
82
  end
65
- end
83
+ end
data/spec/adauth_issue_spec.rb CHANGED
@@ -10,4 +10,4 @@ describe "issue #37" do
10
10
  ldap_user = Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password"))
11
11
  ldap_user.should be_a Adauth::AdObjects::User
12
12
  end
13
- end
13
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: adauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.3
4
+ version: 2.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam "Arcath" Laycock
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-09-05 00:00:00.000000000 Z
11
+ date: 2014-03-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake