cratus 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: edca85708a85f952e904d928dbaa959fd9788289
-  data.tar.gz: fed75393016468b8451f926fee9836dde5b6b519
+  metadata.gz: 288c9ccd03e5e93a3568df29460e8c2ae5d65f0e
+  data.tar.gz: 2a7796b78a4fe9037b90558e21b7374444d28a99
 SHA512:
-  metadata.gz: 3640dd6ba0f250a6c02be3f8d07b092e0a7235e27b27a62839325b4db6eef546506d6607f7d22065f56b8527ac15d6703269f7b206cdecf6795bf378bc9d0d82
-  data.tar.gz: e4e42674b01a639246e984d13170671550705f75cd2b2af961b788729aeaa0d12e82e8a2aab705c844db8388df7158cb8aba2e068680ae794f15b98088473095
+  metadata.gz: 66cebb52b25cfb25ebcbfcdc66fc2ac1f0b219e28588dba6962b7c1dac3e08d4658c37ba57c09ba5ff49841e4d57f6272d05101315b005c5c5385ee4640851a8
+  data.tar.gz: f071f32fe719429bc04c24569e77b70a81a8f715f7d4140bae6a7c00256c0ab3c38e61d95058f5c13b740f95801ebef6fbad89ff0298c84ee073082d17a2e20b

data/bin/cratus

@@ -8,7 +8,7 @@ LDAP.connect
 
 # Read in arguments
 group_mapping_arg = ARGV[0]
-raise "Missing Group Mapping Argument!" unless group_mapping_arg
+raise 'Missing Group Mapping Argument!' unless group_mapping_arg
 group_mapping_file = File.expand_path(group_mapping_arg)
 raise "Invalid Group Mapping File #{group_mapping_file}" unless File.readable?(group_mapping_file)
 
@@ -21,7 +21,7 @@ User.all.sort.each do |user|
   key = user.username.to_s
   user_groups = user.member_of.map { |g| g.name.to_s }
 
-  @results[key] = {'groups' => {}}
+  @results[key] = { 'groups' => {} }
   user_groups.sort.each do |ugroup|
     group_perm_set = group_permissions[ugroup] ? group_permissions[ugroup].sort : []
     @results[key]['groups'][ugroup] = group_perm_set

data/bin/cratus-compare

@@ -10,7 +10,7 @@ input2 = ARGV[1]
 
 # Find our diff command and break if we don't have one
 diff_path = `which diff`.chomp
-raise "Missing diff command in PATH!" unless $?.success?
+raise 'Missing diff command in PATH!' unless $CHILD_STATUS.success?
 
 # The command we'll use later to see what has changed
 diff_cmd = "#{diff_path} -U 999999"
@@ -18,7 +18,7 @@ diff_cmd = "#{diff_path} -U 999999"
 ## Methods / Functions
 def validate_input(input)
   # Make sure the input is set
-  raise "Missing First Input!" unless input
+  raise 'Missing First Input!' unless input
   # Make sure the input is a valid file that we can read
   raise "Invalid Input File #{input}" unless File.readable?(input)
   # TODO: make sure the input file is valid YAML
@@ -26,11 +26,9 @@ end
 
 # Read in some input
 def read_input(input)
-  begin
-    YAML.load_file(input)
-  rescue => e
-    raise "Unable to open #{input}: #{e.message}"
-  end
+  YAML.load_file(input)
+rescue => e
+  raise "Unable to open #{input}: #{e.message}"
 end
 
 ## Execution
@@ -43,7 +41,7 @@ data2 = read_input(input2)
 if data1 == data2
   exit 0
 else
-  STDERR.puts "Looks like things have changed!"
+  STDERR.puts 'Looks like things have changed!'
 
   # Calculate what has actually changed
   additions_and_differences = (data2.to_a - data1.to_a)
@@ -62,7 +60,7 @@ else
 
   # Grab the old data for just our changed users and put it into a new hash
   oldhash = {}
-  results.each do |user,data|
+  results.each do |user, _data|
     oldhash[user] = data1[user] if data1.key?(user)
   end
   # Add things that were removed from the old data (removed users)
@@ -84,4 +82,3 @@ else
   newdata.unlink
   olddata.unlink
 end
-

data/lib/cratus/config.rb

@@ -1,56 +1,61 @@
-# A generic way of constructing a mergeable configuration
-class Cratus::Config < OpenStruct
-  # Construct a base config using the following order of precedence:
-  #   * environment variables
-  #   * YAML file
-  #   * defaults
-  def load
-    # First, apply the defaults
-    defaults = {
-      group_dn_attribute: :cn,
-      group_member_attribute: :member,
-      group_description_attribute: :description,
-      group_objectclass: :group,
-      group_basedn: 'ou=groups,dc=example,dc=com',
-      group_memberof_attribute: :memberOf,
-      user_dn_attribute: :samaccountname,
-      user_objectclass: :user,
-      user_basedn: 'ou=users,dc=example,dc=com',
-      user_department_attribute: :department,
-      user_lockout_attribute: :lockouttime,
-      user_mail_attribute: :mail,
-      user_displayname_attribute: :displayName,
-      user_memberof_attribute: :memberOf,
-      host: 'ldap.example.com',
-      port: 389,
-      basedn: 'dc=example,dc=com',
-      username: 'username',
-      password: 'p@assedWard!',
-    }
-    merge defaults
-
-    # Then apply the config file, if one exists
-    begin
-      apprc_dir = File.expand_path('~')
-      config_file = File.expand_path(File.join(apprc_dir, '.cratus.yml'))
-      merge YAML.load_file(config_file) if File.readable?(config_file)
-    rescue => e
-      puts "WARNING: Unable to read from #{config_file}"
+module Cratus
+  # A generic way of constructing a mergeable configuration
+  class Config < OpenStruct
+    # A Hash of the default configuration options
+    def defaults
+      {
+        group_dn_attribute: :cn,
+        group_member_attribute: :member,
+        group_description_attribute: :description,
+        group_objectclass: :group,
+        group_basedn: 'ou=groups,dc=example,dc=com',
+        group_memberof_attribute: :memberOf,
+        user_dn_attribute: :samaccountname,
+        user_objectclass: :user,
+        user_basedn: 'ou=users,dc=example,dc=com',
+        user_department_attribute: :department,
+        user_lockout_attribute: :lockouttime,
+        user_mail_attribute: :mail,
+        user_displayname_attribute: :displayName,
+        user_memberof_attribute: :memberOf,
+        host: 'ldap.example.com', port: 389,
+        basedn: 'dc=example,dc=com',
+        username: 'username',
+        password: 'p@assedWard!'
+      }
     end
 
-    # Finally, apply any environment variables specified
-    env_conf = {}
-    defaults.keys.each do |key|
-      cratus_key = "CRATUS_#{key}".upcase
-      env_conf[key] = ENV[cratus_key] if ENV.key?(cratus_key)
+    # Construct a base config using the following order of precedence:
+    #   * environment variables
+    #   * YAML file
+    #   * defaults
+    def load
+      # First, apply the defaults
+      merge defaults
+
+      # Then apply the config file, if one exists
+      begin
+        apprc_dir = File.expand_path('~')
+        config_file = File.expand_path(File.join(apprc_dir, '.cratus.yml'))
+        merge YAML.load_file(config_file) if File.readable?(config_file)
+      rescue => e
+        puts "WARNING: Unable to read from #{config_file}: #{e.message}"
+      end
+
+      # Finally, apply any environment variables specified
+      env_conf = {}
+      defaults.keys.each do |key|
+        cratus_key = "CRATUS_#{key}".upcase
+        env_conf[key] = ENV[cratus_key] if ENV.key?(cratus_key)
+      end
+      merge env_conf unless env_conf.empty?
     end
-    merge env_conf unless env_conf.empty?
-  end
 
-  def merge(data)
-    raise 'Invalid Config Data' unless data.is_a?(Hash)
-    data.each do |k, v|
-      self[k.to_sym] = v
+    def merge(data)
+      raise 'Invalid Config Data' unless data.is_a?(Hash)
+      data.each do |k, v|
+        self[k.to_sym] = v
+      end
     end
   end
 end

data/lib/cratus/group.rb

@@ -1,4 +1,5 @@
 module Cratus
+  # An LDAP Group representation
   class Group
     include Comparable
     attr_reader :name, :search_base
@@ -25,14 +26,14 @@ module Cratus
     def member_of
       memrof_attr = Cratus.config.group_memberof_attribute
 
-      # TODO make this work with more things...
+      # TODO: make this work with more things...
       unless @raw_ldap_data
         STDERR.puts "WARNING: Group '#{@name}' appears to be invalid or beyond the search scope!"
         return []
       end
 
       # TODO: move the search filter to a configurable param
-      raw_groups = @raw_ldap_data[memrof_attr].reject {|g| g.match /OU=Distribution Groups/ }
+      raw_groups = @raw_ldap_data[memrof_attr].reject { |g| g.match(/OU=Distribution Groups/) }
       initial_groups = raw_groups.map do |raw_group|
         Group.new(raw_group.match(/^#{Group.ldap_dn_attribute.to_s.upcase}=([^,]+),/)[1])
       end
@@ -40,7 +41,7 @@ module Cratus
       initial_groups.each do |group|
         all_the_groups.concat(group.member_of) # recursion!
       end
-      all_the_groups.uniq { |g| g.name }
+      all_the_groups.uniq(&:name)
     end
 
     # LDAP description attribute
@@ -52,7 +53,7 @@ module Cratus
     def self.all
       filter = "(#{ldap_dn_attribute}=*)"
       Cratus::LDAP.search(filter, basedn: ldap_search_base, attrs: ldap_dn_attribute).map do |entry|
-        self.new(entry[ldap_dn_attribute].last)
+        new(entry[ldap_dn_attribute].last)
       end
     end
 
@@ -84,10 +85,11 @@ module Cratus
     private
 
     # provides a Hash of member users and groups
+    #   rubocop:disable Metrics/AbcSize, Metrics/MethodLength
     def all_members
       # filters used to determine if each group member is a User or Group
-      group_filter = "(objectClass=#{Cratus.config.group_objectclass.to_s})"
-      user_filter  = "(objectClass=#{Cratus.config.user_objectclass.to_s})"
+      group_filter = "(objectClass=#{Cratus.config.group_objectclass})"
+      user_filter  = "(objectClass=#{Cratus.config.user_objectclass})"
 
       # The raw LDAP data (a list of DNs)
       raw_members = @raw_ldap_data[Cratus.config.group_member_attribute]
@@ -123,9 +125,9 @@ module Cratus
       end
 
       # deliver the results
-      results[:groups].uniq! { |g| g.name }
-      results[:users].uniq!  { |u| u.username }
-      return results
+      results[:groups].uniq!(&:name)
+      results[:users].uniq!(&:username)
+      results
     end
   end
 end

data/lib/cratus/ldap.rb

@@ -1,4 +1,5 @@
 module Cratus
+  # The LDAP swiss-army knife for cratus
   module LDAP
     # Define the LDAP connection
     # Note: does not actually connect (bind), just sets up the connection
@@ -14,16 +15,20 @@ module Cratus
         }
       }
       # TODO: make the validations do something useful
-      #validate_connection_options(options)
-      @@ldap_connection ||= Net::LDAP.new(options)
+      # validate_connection_options(options)
+      @ldap_connection ||= Net::LDAP.new(options)
     end
 
     # Actually connect (bind) to LDAP
     def self.connect
       connection
       validate_ldap_connection
-      @@ldap_connection.bind
-      @@ldap_bound = true
+      @ldap_connection.bind
+      @ldap_bound = true
+    end
+
+    def self.connected?
+      @ldap_bound.dup
     end
 
     # Perform an LDAP search
@@ -39,38 +44,35 @@ module Cratus
       scope = options.key?(:scope) ? options[:scope] : 'subtree'
 
       scope_class = case scope.to_s
-                    when 'subtree','recursive','whole_subtree'
+                    when 'subtree', 'recursive', 'whole_subtree'
                       Net::LDAP::SearchScope_WholeSubtree
-                    when 'single','single_level'
+                    when 'single', 'single_level'
                       Net::LDAP::SearchScope_SingleLevel
-                    when 'object','base_object'
+                    when 'object', 'base_object'
                       Net::LDAP::SearchScope_BaseObject
                     else
-                      fail "Invalid LDAP Scope!"
+                      raise 'Invalid LDAP Scope!'
                     end
 
-      results = @@ldap_connection.search(
-        base: options[:basedn],
-        filter: filter,
-        scope: scope_class,
-        attributes: [*attrs].map(&:to_s)
+      results = connection.search(
+        base: options[:basedn], filter: filter,
+        scope: scope_class, attributes: [*attrs].map(&:to_s)
       )
-      raise "Search Failed" if results.nil?
-      results.compact
+      results.nil? ? raise('Search Failed') : results.compact
     end
 
     # Validation Methods
 
     def self.validate_ldap_bound
-      raise "LDAP Not Connected" unless defined? @@ldap_bound
+      raise 'LDAP Not Connected' unless connected?
     end
 
     def self.validate_ldap_connection
-      raise "No LDAP Connection" unless defined? @@ldap_connection
+      raise 'No LDAP Connection' unless connection
     end
 
     def self.validate_search_options(options)
-      raise "Invalid Options" unless options.respond_to?(:key?)
+      raise 'Invalid Options' unless options.respond_to?(:key?)
 
       [:basedn].each do |key|
         raise "Missing Option: #{key}" unless options.key?(key)
@@ -78,7 +80,7 @@ module Cratus
     end
 
     def self.validate_connection_options(options)
-      raise "Invalid Options" unless options.respond_to?(:key?)
+      raise 'Invalid Options' unless options.respond_to?(:key?)
 
       [:host, :port, :basedn, :username, :password].each do |key|
         raise "Missing Option: #{key}" unless options.key?(key)

data/lib/cratus/user.rb

@@ -1,4 +1,5 @@
 module Cratus
+  # An LDAP User representation
   class User
     include Comparable
     attr_reader :username, :search_base
@@ -36,7 +37,7 @@ module Cratus
     def member_of
       memrof_attr = Cratus.config.user_memberof_attribute
       # TODO: move the search filter to a configurable param
-      raw_groups = @raw_ldap_data[memrof_attr].reject {|g| g.match /OU=Distribution Groups/ }
+      raw_groups = @raw_ldap_data[memrof_attr].reject { |g| g.match(/OU=Distribution Groups/) }
       initial_groups = raw_groups.map do |raw_group|
         Group.new(raw_group.match(/^#{Group.ldap_dn_attribute.to_s.upcase}=([^,]+),/)[1])
       end
@@ -44,10 +45,10 @@ module Cratus
       initial_groups.each do |group|
         all_the_groups.concat(group.member_of)
       end
-      all_the_groups.uniq { |g| g.name }
+      all_the_groups.uniq(&:name)
     end
 
-    alias_method :groups, :member_of
+    alias groups member_of
 
     def <=>(other)
       @username <=> other.username
@@ -61,7 +62,7 @@ module Cratus
         attrs: ldap_dn_attribute
       )
       raw_results.map do |entry|
-        self.new(entry[ldap_dn_attribute.to_sym].last)
+        new(entry[ldap_dn_attribute.to_sym].last)
       end
     end
 

data/lib/cratus/version.rb

@@ -1,8 +1,9 @@
+# The Cratus module
 module Cratus
   def self.version
     major = 0 # Breaking, incompatible releases
     minor = 2 # Compatible, but new features
-    patch = 1 # Fixes to existing features
+    patch = 2 # Fixes to existing features
     [major, minor, patch].map(&:to_s).join('.')
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cratus
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Jonathan Gnagy
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-11-08 00:00:00.000000000 Z
+date: 2016-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -39,6 +39,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -81,6 +95,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: travis
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: The Ruby tool for auditing and reporting on user permissions based on
   groups
 email: jgnagy@knuedge.com
@@ -99,10 +141,11 @@ files:
 - lib/cratus/ldap.rb
 - lib/cratus/user.rb
 - lib/cratus/version.rb
-homepage: 
+homepage: https://github.com/knuedge/cratus
 licenses:
 - MIT
-metadata: {}
+metadata:
+  yard.run: yri
 post_install_message: Thanks for installing Cratus!
 rdoc_options: []
 require_paths:
@@ -119,7 +162,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: Cratus queries LDAP for users and their memberships, then reports on it.