adauth 2.0.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cffe1ba97471be1224d557a5df97bd0e16e5eb59
-  data.tar.gz: d080e1a4e3a065c57da6c7281c60c79e0fe82f07
+  metadata.gz: 48e8b82dd827473a19acccdc250b66bcdf00e44a
+  data.tar.gz: af6839234b1405eecbb6551dcf91acecc6d76c2b
 SHA512:
-  metadata.gz: 12b8d3a9a46735f4528a890272db9c52434883bbc922f46f243957e87fb6acdf1e7f4abf42d70ca0bed4af8ad2ade0947b5918496af5fbca9e89495e8acab224
-  data.tar.gz: 94ec81bf3fb570be993eb87d51de4543ff11c91de5742e30ef26a7f7acefef8aca2866d76fdde8f87750eb71ffccf7e53f2c05acef3e381959b067d95e0db6a3
+  metadata.gz: 0fc542e5a2f1392253738852897817726bdb2b1bfb697dc82fe287a775729cd75131b85f1135727a3d7e9e869fe4b3131829417c828bd625ff0e09303f45b41b
+  data.tar.gz: 1a08d5744964257fd2284f7c52de1fd853f5c3783f1c182d0e77b5c6821a32f82f793fd48beb0ba753de391228c8cbbadbe3c3e3ece4e07e7ad7d854b66152c0

data/Gemfile.lock

@@ -1,13 +1,15 @@
 PATH
   remote: .
   specs:
-    adauth (2.0.0)
+    adauth (2.0.1)
+      expects (~> 0.0.2)
       net-ldap
 
 GEM
   remote: https://rubygems.org/
   specs:
     diff-lcs (1.1.3)
+    expects (0.0.2)
     multi_json (1.7.7)
     net-ldap (0.3.1)
     rake (0.9.2.2)

data/Readme.md

@@ -70,4 +70,11 @@ You can interact with the logger through `Adauth.logger` and set a new one using
 
 ## Developing
 
-Before you can run the tests you will need to write a yml file with your domain settings in and place it at _spec/test_data.yml_, there is an example of this file in the spec folder.
+Before you can run the tests you will need to write a yml file with your domain settings in and place it at _spec/test_data.yml_, there is an example of this file in the spec folder.
+
+When you fork Adauth please:
+
+1. Create your feature branch (`git checkout -b my-new-feature`)
+2. Commit your changes (`git commit -am 'Add some feature'`)
+3. Push to the branch (`git push origin my-new-feature`)
+4. Create new Pull Request

data/adauth.gemspec

@@ -11,12 +11,14 @@ Gem::Specification.new do |s|
     s.homepage = "http://adauth.arcath.net"
     s.summary = "Provides Active Directory authentication for Rails"
     s.description = "A full featured library for working with Microsofts Active Directory in Ruby."
+    s.license = 'MIT'
     
     s.add_development_dependency "rake"
     s.add_development_dependency "rspec"
     s.add_development_dependency "simplecov"
     s.add_development_dependency "yard"
     s.add_dependency "net-ldap"
+    s.add_dependency "expects", "~> 0.0.2"
     
     s.files         = `git ls-files`.split("\n")
     s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")   

data/lib/adauth.rb

@@ -1,4 +1,5 @@
 # Requires
+require 'expects'
 require 'logger'
 require 'net/ldap'
 require 'timeout'
@@ -57,7 +58,8 @@ module Adauth
             :encryption => @config.encryption,
             :allow_fallback => @config.allow_fallback,
             :username => user, 
-            :password => password 
+            :password => password,
+            :anonymous_bind => @config.anonymous_bind 
         }
     end
     

data/lib/adauth/ad_object.rb

@@ -15,6 +15,8 @@ module Adauth
     #
     # Provides all the common functions for Active Directory.
     class AdObject
+        include Expects
+      
         # Returns all objects which have the ObjectClass of the inherited class
         def self.all
             Adauth.logger.info(self.class.inspect) { "Searching for all objects matching filter \"#{self::ObjectFilter}\"" }
@@ -54,6 +56,7 @@ module Adauth
         
         # Creates a new instance of the object and sets @ldap_object to the passed Net::LDAP entity        
         def initialize(ldap_object)
+            expects ldap_object, Net::LDAP::Entry
             @ldap_object = ldap_object
         end
         
@@ -152,6 +155,11 @@ module Adauth
           return false
         end
         
+        # Delete the object
+        def delete
+          Adauth.connection.delete(dn: @ldap_object.dn)
+        end
+        
         private
         
         def convert_to_objects(array)

data/lib/adauth/ad_objects/group.rb

@@ -20,15 +20,24 @@ module Adauth
                     :cn_members => [ :member,
                         Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ],
                     :memberof => :member
-                    #:cn_groups => [ :memberof,
-                    #    Proc.new {|g| g.sub(/.*?CN=(.*?),.*/, '\1')} ]
                 }
             
             # Object Net::LDAP filter
             #
             # Used to restrict searches' to just this object
             ObjectFilter = Net::LDAP::Filter.eq("objectClass", "group")
-                
+            
+            # Create a new Group
+            def self.new_group(name, parent)
+              expects parent, [Adauth::AdObjects::OU, Adauth::AdObjects::Folder]
+              attributes = {
+                cn: name,
+                objectclass: ["top", "group"]
+              }
+              Adauth.connection.add(dn: "CN=#{name},#{parent.ldap_object.dn}", attributes: attributes )
+              return Adauth::AdObjects::Group.where('name', name).first
+            end
+            
             # Returns all the objects which are members of this group
             def members
                 Adauth.logger.info(self.class.inspect) { "Getting group members for #{self.name}" }

data/lib/adauth/ad_objects/user.rb

@@ -48,6 +48,18 @@ module Adauth
               modify([[:replace, :unicodePwd, password]])
             end
             
+            # Add the user to the supplied group
+            def add_to_group(group)
+              expects group, Adauth::AdObjects::Group
+              group.modify([[:add, :member, @ldap_object.dn]])
+            end
+            
+            # Remove the user from the supplied group
+            def remove_from_group(group)
+              expects group, Adauth::AdObjects::Group
+              group.modify([[:delete, :member, @ldap_object.dn]])
+            end
+            
             private
             
             def microsoft_encode_password(password)

data/lib/adauth/config.rb

@@ -4,7 +4,8 @@ module Adauth
     # Sets the defaults an create and generates guess values.
     class Config
         attr_accessor   :domain, :port, :base, :server, :encryption, :query_user, :query_password, :allow_fallback,
-                        :allowed_groups, :denied_groups, :allowed_ous, :denied_ous, :contains_nested_groups
+                        :allowed_groups, :denied_groups, :allowed_ous, :denied_ous, :contains_nested_groups,
+                        :anonymous_bind
         
         def initialize
             @port = 389
@@ -14,6 +15,7 @@ module Adauth
             @denied_ous = []
             @allow_fallback = false
             @contains_nested_groups = false
+            @anonymous_bind = false
         end
         
         # Guesses the Server and Base string

data/lib/adauth/connection.rb

@@ -3,7 +3,10 @@ module Adauth
     #
     # Handles errors and configures the connection.
     class Connection
+        include Expects
+      
         def initialize(config)
+            expects config, Hash
             @config = config
         end
         
@@ -19,7 +22,9 @@ module Adauth
             if @config[:encryption]
                conn.encryption @config[:encryption]
             end
-
+            
+            raise "Anonymous Bind is disabled" if @config[:password] == "" && !(@config[:anonymous_bind])
+            
             conn.auth "#{@config[:username]}@#{@config[:domain]}", @config[:password]
             
             begin

data/lib/adauth/version.rb

@@ -1,4 +1,4 @@
 module Adauth
     # Adauths Version Number
-    Version = '2.0.1'
+    Version = '2.0.2'
 end

data/rspec_results.txt

@@ -1,10 +1,10 @@
-...................*...............
+....................*..................
 
 Pending:
   Adauth::AdObjects::User should allow you to reset the password
     # Insecure connection, unable to test change password
-    # ./spec/adauth_ad_object_user_spec.rb:49
+    # ./spec/adauth_ad_object_user_spec.rb:54
 
-Finished in 12.3 seconds
-35 examples, 0 failures, 1 pending
-Coverage report generated for RSpec to /Users/arcath/Code/Gems/Adauth/coverage. 472 / 489 LOC (96.52%) covered.
+Finished in 28.72 seconds
+39 examples, 0 failures, 1 pending
+Coverage report generated for RSpec to /Users/arcath/Code/Gems/Adauth/coverage. 534 / 551 LOC (96.91%) covered.

data/spec/adauth_ad_object_group_spec.rb

@@ -5,6 +5,10 @@ describe Adauth::AdObjects::Group do
       Adauth::AdObjects::Group.where('name', 'Domain Admins').first
     end
     
+    let(:test_ou) do
+      Adauth::AdObjects::OU.where('name', test_data("domain", "testable_ou")).first
+    end
+    
     it "should have a name" do
         default_config
         domain_admins.name.should eq "Domain Admins"
@@ -13,11 +17,19 @@ describe Adauth::AdObjects::Group do
     it "should have a members list" do
         default_config
         domain_admins.members.should be_a Array
-        domain_admins.members.first.name.should be_a String
+        domain_admins.members.last.name.should be_a String
     end
     
     it "should be a member of" do
         default_config
         domain_admins.groups.should be_a Array
     end
+    
+    it "should let you create and destroy a group" do
+      default_config
+      new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
+      new_group.should be_a Adauth::AdObjects::Group
+      new_group.delete
+      Adauth::AdObjects::Group.where('name', "Adauth Test Group").count.should eq 0
+    end
 end

data/spec/adauth_ad_object_user_spec.rb

@@ -5,6 +5,10 @@ describe Adauth::AdObjects::User do
       Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
     end
     
+    let(:test_ou) do
+      Adauth::AdObjects::OU.where('name', test_data("domain", "testable_ou")).first
+    end
+    
     it "should find administrator" do
         default_config
         user.login.should eq test_data("domain", "breakable_user")
@@ -13,6 +17,7 @@ describe Adauth::AdObjects::User do
     it "should authenticate a user" do
         default_config
         Adauth::AdObjects::User.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password")).should be_true
+        lambda { Adauth::AdObjects::User.authenticate(test_data("domain", "query_user"), "does not work") }.should raise_exception
     end
     
     it "should find groups" do
@@ -60,4 +65,25 @@ describe Adauth::AdObjects::User do
         pending("Insecure connection, unable to test change password")
       end
     end
+    
+    it "should be able to add a user to a group" do
+      default_config
+      new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
+      user.add_to_group new_group
+      rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
+      rq_user.member_of?("Adauth Test Group").should be_true
+      new_group.delete
+    end
+    
+    it "should be able to remove a user from a group" do
+      default_config
+      new_group = Adauth::AdObjects::Group.new_group("Adauth Test Group", test_ou)
+      user.add_to_group new_group
+      rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
+      rq_user.member_of?("Adauth Test Group").should be_true
+      rq_user.remove_from_group new_group
+      rq_user = Adauth::AdObjects::User.where('sAMAccountName', test_data("domain", "breakable_user")).first
+      rq_user.member_of?("Adauth Test Group").should be_false
+      new_group.delete
+    end
 end

data/spec/adauth_issue_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe "issue #37" do
+  it "should not happen" do
+    default_config
+    ldap_user = Adauth.authenticate("administrator", "foo")
+    ldap_user.should be_false
+    ldap_user = Adauth.authenticate(test_data("domain", "breakable_user"), "")
+    ldap_user.should be_false
+    ldap_user = Adauth.authenticate(test_data("domain", "query_user"), test_data("domain", "query_password"))
+    ldap_user.should be_a Adauth::AdObjects::User
+  end
+end

data/spec/test_data.example.yml

@@ -8,4 +8,5 @@ domain:
   query_user: User.Name
   query_password: Password
   breakable_user: User.Name
-  breakable_password: Password
+  breakable_password: Password
+  testable_ou: Your OU

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: adauth
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.2
 platform: ruby
 authors:
 - Adam "Arcath" Laycock
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-14 00:00:00.000000000 Z
+date: 2013-08-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -80,6 +80,20 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: expects
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.2
 description: A full featured library for working with Microsofts Active Directory
   in Ruby.
 email:
@@ -128,12 +142,14 @@ files:
 - spec/adauth_authenticate_spec.rb
 - spec/adauth_config_spec.rb
 - spec/adauth_connection_spec.rb
+- spec/adauth_issue_spec.rb
 - spec/adauth_rails_model_bridge_spec.rb
 - spec/adauth_spec.rb
 - spec/spec_helper.rb
 - spec/test_data.example.yml
 homepage: http://adauth.arcath.net
-licenses: []
+licenses:
+- MIT
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -165,6 +181,7 @@ test_files:
 - spec/adauth_authenticate_spec.rb
 - spec/adauth_config_spec.rb
 - spec/adauth_connection_spec.rb
+- spec/adauth_issue_spec.rb
 - spec/adauth_rails_model_bridge_spec.rb
 - spec/adauth_spec.rb
 - spec/spec_helper.rb