RubyGems - datacom-net-ldap - Versions diffs - 0.5.0.datacom - Mend

datacom-net-ldap 0.5.0.datacom

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

checksums.yaml +7 -0
data/.autotest +11 -0
data/.rspec +2 -0
data/Contributors.rdoc +22 -0
data/Hacking.rdoc +68 -0
data/History.rdoc +198 -0
data/License.rdoc +29 -0
data/Manifest.txt +50 -0
data/README.rdoc +49 -0
data/Rakefile +74 -0
data/autotest/discover.rb +1 -0
data/lib/net-ldap.rb +2 -0
data/lib/net/ber.rb +320 -0
data/lib/net/ber/ber_parser.rb +168 -0
data/lib/net/ber/core_ext.rb +62 -0
data/lib/net/ber/core_ext/array.rb +96 -0
data/lib/net/ber/core_ext/bignum.rb +22 -0
data/lib/net/ber/core_ext/false_class.rb +10 -0
data/lib/net/ber/core_ext/fixnum.rb +66 -0
data/lib/net/ber/core_ext/string.rb +78 -0
data/lib/net/ber/core_ext/true_class.rb +12 -0
data/lib/net/ldap.rb +1646 -0
data/lib/net/ldap/dataset.rb +154 -0
data/lib/net/ldap/dn.rb +225 -0
data/lib/net/ldap/entry.rb +185 -0
data/lib/net/ldap/filter.rb +781 -0
data/lib/net/ldap/password.rb +37 -0
data/lib/net/ldap/pdu.rb +273 -0
data/lib/net/ldap/version.rb +5 -0
data/lib/net/snmp.rb +270 -0
data/net-ldap.gemspec +61 -0
data/spec/integration/ssl_ber_spec.rb +36 -0
data/spec/spec.opts +2 -0
data/spec/spec_helper.rb +5 -0
data/spec/unit/ber/ber_spec.rb +141 -0
data/spec/unit/ber/core_ext/string_spec.rb +51 -0
data/spec/unit/ldap/dn_spec.rb +80 -0
data/spec/unit/ldap/entry_spec.rb +51 -0
data/spec/unit/ldap/filter_spec.rb +115 -0
data/spec/unit/ldap_spec.rb +78 -0
data/test/common.rb +3 -0
data/test/test_entry.rb +59 -0
data/test/test_filter.rb +122 -0
data/test/test_ldap_connection.rb +24 -0
data/test/test_ldif.rb +79 -0
data/test/test_password.rb +17 -0
data/test/test_rename.rb +77 -0
data/test/test_snmp.rb +114 -0
data/test/testdata.ldif +101 -0
data/testserver/ldapserver.rb +210 -0
data/testserver/testdata.ldif +101 -0
metadata +213 -0

data/spec/unit/ldap_spec.rb ADDED

@@ -0,0 +1,78 @@
+require 'spec_helper'
+describe Net::LDAP::Connection do
+  describe "initialize" do
+    context "when host is not responding" do
+      before(:each) do
+        flexmock(TCPSocket).
+          should_receive(:new).and_raise(Errno::ECONNREFUSED)
+      end
+      it "should raise LdapError" do
+        lambda {
+          Net::LDAP::Connection.new(
+            :server => 'test.mocked.com',
+            :port   => 636)
+        }.should raise_error(Net::LDAP::LdapError)
+      end
+    end
+    context "when host is blocking the port" do
+      before(:each) do
+        flexmock(TCPSocket).
+          should_receive(:new).and_raise(SocketError)
+      end
+      it "should raise LdapError" do
+        lambda {
+          Net::LDAP::Connection.new(
+            :server => 'test.mocked.com',
+            :port   => 636)
+        }.should raise_error(Net::LDAP::LdapError)
+      end
+    end
+    context "on other exceptions" do
+      before(:each) do
+        flexmock(TCPSocket).
+          should_receive(:new).and_raise(NameError)
+      end
+      it "should rethrow the exception" do
+        lambda {
+          Net::LDAP::Connection.new(
+            :server => 'test.mocked.com',
+            :port   => 636)
+        }.should raise_error(NameError)
+      end
+    end
+  end
+  context "populate error messages" do
+    before do
+      @tcp_socket = flexmock(:connection)
+      @tcp_socket.should_receive(:write)
+      flexmock(TCPSocket).should_receive(:new).and_return(@tcp_socket)
+    end
+    subject { Net::LDAP::Connection.new(:server => 'test.mocked.com', :port => 636) }
+    it "should get back error messages if operation fails" do
+      ber = Net::BER::BerIdentifiedArray.new([53, "", "The provided password value was rejected by a password validator:  The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.  The minimum number of characters from that set that must be present in user passwords is 1"])
+      ber.ber_identifier = 7
+      @tcp_socket.should_receive(:read_ber).and_return([2, ber])
+      result = subject.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
+      result.should be_failure
+      result.error_message.should == "The provided password value was rejected by a password validator:  The provided password did not contain enough characters from the character set 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.  The minimum number of characters from that set that must be present in user passwords is 1"
+    end
+    it "shouldn't get back error messages if operation succeeds" do
+      ber = Net::BER::BerIdentifiedArray.new([0, "", ""])
+      ber.ber_identifier = 7
+      @tcp_socket.should_receive(:read_ber).and_return([2, ber])
+      result = subject.modify(:dn => "1", :operations => [[:replace, "mail", "something@sothsdkf.com"]])
+      result.should be_success
+      result.error_message.should == ""
+    end
+  end
+end

data/test/common.rb ADDED

@@ -0,0 +1,3 @@
+# Add 'lib' to load path.
+require 'test/unit'
+require 'net/ldap'

data/test/test_entry.rb ADDED

@@ -0,0 +1,59 @@
+require 'common'
+=begin
+class TestEntry < Test::Unit::TestCase
+Commented out until I can make it a spec.
+  context "An instance of Entry" do
+    setup do
+      @entry = Net::LDAP::Entry.new 'cn=Barbara,o=corp'
+    end
+    should "be initialized with the DN" do
+      assert_equal 'cn=Barbara,o=corp', @entry.dn
+    end
+    should 'return an empty array when accessing a nonexistent attribute (index lookup)' do
+      assert_equal [], @entry['sn']
+    end
+    should 'return an empty array when accessing a nonexistent attribute (method call)' do
+      assert_equal [], @entry.sn
+    end
+    should 'create an attribute on assignment (index lookup)' do
+      @entry['sn'] = 'Jensen'
+      assert_equal ['Jensen'], @entry['sn']
+    end
+    should 'create an attribute on assignment (method call)' do
+      @entry.sn = 'Jensen'
+      assert_equal ['Jensen'], @entry.sn
+    end
+    should 'have attributes accessible by index lookup' do
+      @entry['sn'] = 'Jensen'
+      assert_equal ['Jensen'], @entry['sn']
+    end
+    should 'have attributes accessible using a Symbol as the index' do
+      @entry[:sn] = 'Jensen'
+      assert_equal ['Jensen'], @entry[:sn]
+    end
+    should 'have attributes accessible by method call' do
+      @entry['sn'] = 'Jensen'
+      assert_equal ['Jensen'], @entry.sn
+    end
+    should 'ignore case of attribute names' do
+      @entry['sn'] = 'Jensen'
+      assert_equal ['Jensen'], @entry.sn
+      assert_equal ['Jensen'], @entry.Sn
+      assert_equal ['Jensen'], @entry.SN
+      assert_equal ['Jensen'], @entry['sn']
+      assert_equal ['Jensen'], @entry['Sn']
+      assert_equal ['Jensen'], @entry['SN']
+    end
+	end
+end
+=end

data/test/test_filter.rb ADDED

@@ -0,0 +1,122 @@
+require 'common'
+class TestFilter < Test::Unit::TestCase
+  Filter = Net::LDAP::Filter
+  def test_bug_7534_rfc2254
+    assert_equal("(cn=Tim Wizard)",
+                 Filter.from_rfc2254("(cn=Tim Wizard)").to_rfc2254)
+  end
+  def test_invalid_filter_string
+    assert_raises(Net::LDAP::LdapError) { Filter.from_rfc2254("") }
+  end
+  def test_invalid_filter
+    assert_raises(Net::LDAP::LdapError) {
+      # This test exists to prove that our constructor blocks unknown filter
+      # types. All filters must be constructed using helpers.
+      Filter.__send__(:new, :xx, nil, nil)
+    }
+  end
+  def test_to_s
+    assert_equal("(uid=george *)", Filter.eq("uid", "george *").to_s)
+  end
+  def test_convenience_filters
+    assert_equal("(uid=\\2A)", Filter.equals("uid", "*").to_s)
+    assert_equal("(uid=\\28*)", Filter.begins("uid", "(").to_s)
+    assert_equal("(uid=*\\29)", Filter.ends("uid", ")").to_s)
+    assert_equal("(uid=*\\5C*)", Filter.contains("uid", "\\").to_s)
+  end
+  def test_c2
+    assert_equal("(uid=george *)",
+                 Filter.from_rfc2254("uid=george *").to_rfc2254)
+    assert_equal("(uid:=george *)",
+                 Filter.from_rfc2254("uid:=george *").to_rfc2254)
+    assert_equal("(uid=george*)",
+                 Filter.from_rfc2254(" ( uid =  george*   ) ").to_rfc2254)
+    assert_equal("(!(uid=george*))",
+                 Filter.from_rfc2254("uid!=george*").to_rfc2254)
+    assert_equal("(uid<=george*)",
+                 Filter.from_rfc2254("uid <= george*").to_rfc2254)
+    assert_equal("(uid>=george*)",
+                 Filter.from_rfc2254("uid>=george*").to_rfc2254)
+    assert_equal("(&(uid=george*)(mail=*))",
+                 Filter.from_rfc2254("(& (uid=george* ) (mail=*))").to_rfc2254)
+    assert_equal("(|(uid=george*)(mail=*))",
+                 Filter.from_rfc2254("(| (uid=george* ) (mail=*))").to_rfc2254)
+    assert_equal("(!(mail=*))",
+                 Filter.from_rfc2254("(! (mail=*))").to_rfc2254)
+  end
+  def test_filter_with_single_clause
+    assert_equal("(cn=name)", Net::LDAP::Filter.construct("(&(cn=name))").to_s)
+  end
+  def test_filters_from_ber
+    [
+      Net::LDAP::Filter.eq("objectclass", "*"),
+      Net::LDAP::Filter.pres("objectclass"),
+      Net::LDAP::Filter.eq("objectclass", "ou"),
+      Net::LDAP::Filter.ge("uid", "500"),
+      Net::LDAP::Filter.le("uid", "500"),
+      (~ Net::LDAP::Filter.pres("objectclass")),
+      (Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou")),
+      (Net::LDAP::Filter.pres("objectclass") & Net::LDAP::Filter.pres("ou") & Net::LDAP::Filter.pres("sn")),
+      (Net::LDAP::Filter.pres("objectclass") | Net::LDAP::Filter.pres("ou") | Net::LDAP::Filter.pres("sn")),
+      Net::LDAP::Filter.eq("objectclass", "*aaa"),
+      Net::LDAP::Filter.eq("objectclass", "*aaa*bbb"),
+      Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc"),
+      Net::LDAP::Filter.eq("objectclass", "aaa*bbb"),
+      Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc"),
+      Net::LDAP::Filter.eq("objectclass", "abc*def*1111*22*g"),
+      Net::LDAP::Filter.eq("objectclass", "*aaa*"),
+      Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*"),
+      Net::LDAP::Filter.eq("objectclass", "*aaa*bbb*ccc*"),
+      Net::LDAP::Filter.eq("objectclass", "aaa*"),
+      Net::LDAP::Filter.eq("objectclass", "aaa*bbb*"),
+      Net::LDAP::Filter.eq("objectclass", "aaa*bbb*ccc*"),
+    ].each do |ber|
+      f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
+      assert(f == ber)
+      assert_equal(f.to_ber, ber.to_ber)
+    end
+  end
+  def test_ber_from_rfc2254_filter
+    [
+      Net::LDAP::Filter.construct("objectclass=*"),
+      Net::LDAP::Filter.construct("objectclass=ou"),
+      Net::LDAP::Filter.construct("uid >= 500"),
+      Net::LDAP::Filter.construct("uid <= 500"),
+      Net::LDAP::Filter.construct("(!(uid=*))"),
+      Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*))"),
+      Net::LDAP::Filter.construct("(&(uid=*)(objectclass=*)(sn=*))"),
+      Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*))"),
+      Net::LDAP::Filter.construct("(|(uid=*)(objectclass=*)(sn=*))"),
+      Net::LDAP::Filter.construct("objectclass=*aaa"),
+      Net::LDAP::Filter.construct("objectclass=*aaa*bbb"),
+      Net::LDAP::Filter.construct("objectclass=*aaa bbb"),
+      Net::LDAP::Filter.construct("objectclass=*aaa  bbb"),
+      Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc"),
+      Net::LDAP::Filter.construct("objectclass=aaa*bbb"),
+      Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc"),
+      Net::LDAP::Filter.construct("objectclass=abc*def*1111*22*g"),
+      Net::LDAP::Filter.construct("objectclass=*aaa*"),
+      Net::LDAP::Filter.construct("objectclass=*aaa*bbb*"),
+      Net::LDAP::Filter.construct("objectclass=*aaa*bbb*ccc*"),
+      Net::LDAP::Filter.construct("objectclass=aaa*"),
+      Net::LDAP::Filter.construct("objectclass=aaa*bbb*"),
+      Net::LDAP::Filter.construct("objectclass=aaa*bbb*ccc*"),
+    ].each do |ber|
+      f = Net::LDAP::Filter.parse_ber(ber.to_ber.read_ber(Net::LDAP::AsnSyntax))
+      assert(f == ber)
+      assert_equal(f.to_ber, ber.to_ber)
+    end
+  end
+end

data/test/test_ldap_connection.rb ADDED

@@ -0,0 +1,24 @@
+require 'common'
+class TestLDAP < Test::Unit::TestCase
+  def test_modify_ops_delete
+    args = { :operations => [ [ :delete, "mail" ] ] }
+    result = Net::LDAP::Connection.modify_ops(args[:operations])
+    expected = [ "0\r\n\x01\x010\b\x04\x04mail1\x00" ]
+    assert_equal(expected, result)
+  end
+  def test_modify_ops_add
+    args = { :operations => [ [ :add, "mail", "testuser@example.com" ] ] }
+    result = Net::LDAP::Connection.modify_ops(args[:operations])
+    expected = [ "0#\n\x01\x000\x1E\x04\x04mail1\x16\x04\x14testuser@example.com" ]
+    assert_equal(expected, result)
+  end
+  def test_modify_ops_replace
+    args = { :operations =>[ [ :replace, "mail", "testuser@example.com" ] ] }
+    result = Net::LDAP::Connection.modify_ops(args[:operations])
+    expected = [ "0#\n\x01\x020\x1E\x04\x04mail1\x16\x04\x14testuser@example.com" ]
+    assert_equal(expected, result)
+  end
+end

data/test/test_ldif.rb ADDED

@@ -0,0 +1,79 @@
+# $Id: testldif.rb 61 2006-04-18 20:55:55Z blackhedd $
+require 'common'
+require 'digest/sha1'
+require 'base64'
+class TestLdif < Test::Unit::TestCase
+  TestLdifFilename = "#{File.dirname(__FILE__)}/testdata.ldif"
+  def test_empty_ldif
+    ds = Net::LDAP::Dataset.read_ldif(StringIO.new)
+    assert_equal(true, ds.empty?)
+  end
+  def test_ldif_with_comments
+    str = ["# Hello from LDIF-land", "# This is an unterminated comment"]
+    io = StringIO.new(str[0] + "\r\n" + str[1])
+    ds = Net::LDAP::Dataset::read_ldif(io)
+    assert_equal(str, ds.comments)
+  end
+  def test_ldif_with_password
+    psw = "goldbricks"
+    hashed_psw = "{SHA}" + Base64::encode64(Digest::SHA1.digest(psw)).chomp
+    ldif_encoded = Base64::encode64(hashed_psw).chomp
+    ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: Goldbrick\r\nuserPassword:: #{ldif_encoded}\r\n\r\n"))
+    recovered_psw = ds["Goldbrick"][:userpassword].shift
+    assert_equal(hashed_psw, recovered_psw)
+  end
+  def test_ldif_with_continuation_lines
+    ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hijklmn\r\n\r\n"))
+    assert_equal(true, ds.has_key?("abcdefghijklmn"))
+  end
+  def test_ldif_with_continuation_lines_and_extra_whitespace
+    ds1 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n   hijklmn\r\n\r\n"))
+    assert_equal(true, ds1.has_key?("abcdefg  hijklmn"))
+    ds2 = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: abcdefg\r\n hij  klmn\r\n\r\n"))
+    assert_equal(true, ds2.has_key?("abcdefghij  klmn"))
+  end
+  def test_ldif_tab_is_not_continuation
+    ds = Net::LDAP::Dataset::read_ldif(StringIO.new("dn: key\r\n\tnotcontinued\r\n\r\n"))
+    assert_equal(true, ds.has_key?("key"))
+  end
+  # TODO, INADEQUATE. We need some more tests
+  # to verify the content.
+  def test_ldif
+    File.open(TestLdifFilename, "r") {|f|
+      ds = Net::LDAP::Dataset::read_ldif(f)
+      assert_equal(13, ds.length)
+    }
+  end
+  # Must test folded lines and base64-encoded lines as well as normal ones.
+  def test_to_ldif
+    data = File.open(TestLdifFilename, "rb") { |f| f.read }
+    io = StringIO.new(data)
+    # added .lines to turn to array because 1.9 doesn't have
+    # .grep on basic strings
+    entries = data.lines.grep(/^dn:\s*/) { $'.chomp }
+    dn_entries = entries.dup
+    ds = Net::LDAP::Dataset::read_ldif(io) { |type, value|
+      case type
+      when :dn
+        assert_equal(dn_entries.first, value)
+        dn_entries.shift
+      end
+    }
+    assert_equal(entries.size, ds.size)
+    assert_equal(entries.sort, ds.to_ldif.grep(/^dn:\s*/) { $'.chomp })
+  end
+end

data/test/test_password.rb ADDED

@@ -0,0 +1,17 @@
+# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
+require 'common'
+class TestPassword < Test::Unit::TestCase
+  def test_psw
+    assert_equal(
+	"{MD5}xq8jwrcfibi0sZdZYNkSng==",
+	Net::LDAP::Password.generate( :md5, "cashflow" ))
+    assert_equal(
+	"{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=",
+	Net::LDAP::Password.generate( :sha, "cashflow" ))
+  end
+end

data/test/test_rename.rb ADDED

@@ -0,0 +1,77 @@
+require 'common'
+# Commented out since it assumes you have a live LDAP server somewhere. This
+# will be migrated to the integration specs, as soon as they are ready.
+=begin
+class TestRename < Test::Unit::TestCase
+  HOST= '10.10.10.71'
+  PORT = 389
+  BASE = "o=test"
+  AUTH = { :method => :simple, :username => "cn=testadmin,#{BASE}", :password => 'password' }
+  BASIC_USER = "cn=jsmith,ou=sales,#{BASE}"
+  RENAMED_USER = "cn=jbrown,ou=sales,#{BASE}"
+  MOVED_USER = "cn=jsmith,ou=marketing,#{BASE}"
+  RENAMED_MOVED_USER = "cn=jjones,ou=marketing,#{BASE}"
+  def setup
+    # create the entries we're going to manipulate
+    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
+      if ldap.add(:dn => "ou=sales,#{BASE}", :attributes => { :ou => "sales", :objectclass => "organizationalUnit" })
+        puts "Add failed: #{ldap.get_operation_result.message} - code: #{ldap.get_operation_result.code}"
+      end
+      ldap.add(:dn => "ou=marketing,#{BASE}", :attributes => { :ou => "marketing", :objectclass => "organizationalUnit" })
+      ldap.add(:dn => BASIC_USER, :attributes => { :cn => "jsmith", :objectclass => "inetOrgPerson", :sn => "Smith" })
+    end
+  end
+  def test_rename_entry
+    dn = nil
+    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
+      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jbrown")
+      ldap.search(:base => RENAMED_USER) do |entry|
+        dn = entry.dn
+      end
+    end
+    assert_equal(RENAMED_USER, dn)
+  end
+  def test_move_entry
+    dn = nil
+    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
+      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jsmith", :new_superior => "ou=marketing,#{BASE}")
+      ldap.search(:base => MOVED_USER) do |entry|
+        dn = entry.dn
+      end
+    end
+    assert_equal(MOVED_USER, dn)
+  end
+  def test_move_and_rename_entry
+    dn = nil
+    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
+      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jjones", :new_superior => "ou=marketing,#{BASE}")
+      ldap.search(:base => RENAMED_MOVED_USER) do |entry|
+        dn = entry.dn
+      end
+    end
+    assert_equal(RENAMED_MOVED_USER, dn)
+  end
+  def teardown
+    # delete the entries
+    # note: this doesn't always completely clear up on eDirectory as objects get locked while
+    # the rename/move is being completed on the server and this prevents the delete from happening
+    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
+      ldap.delete(:dn => BASIC_USER)
+      ldap.delete(:dn => RENAMED_USER)
+      ldap.delete(:dn => MOVED_USER)
+      ldap.delete(:dn => RENAMED_MOVED_USER)
+      ldap.delete(:dn => "ou=sales,#{BASE}")
+      ldap.delete(:dn => "ou=marketing,#{BASE}")
+    end
+  end
+end
+=end