dm-ldap-adapter 0.3.5 → 0.4.0.alpha2

data/lib/ldap/conditions_2_filter.rb

@@ -0,0 +1,95 @@
+require 'net/ldap'
+
+module Ldap
+  class Conditions2Filter
+
+    @@logger = ::Slf4r::LoggerFacade.new(::Ldap::Conditions2Filter)
+
+    # @param Array of conditions for the search
+    # @return Array of Hashes with a name/values pair for each attribute
+    def self.convert(conditions)
+      @@logger.debug { "conditions #{conditions.inspect}" }
+      filters = []
+      conditions.each do |cond|
+        c = cond[2]
+        case cond[0]
+        when :or_operator
+          f = nil
+          cond[1].each do |cc|
+            ff = case cc[0]
+                 when :eql
+                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s )
+                 when :gte
+                   Net::LDAP::Filter.ge( cc[1].to_s, cc[2].to_s )
+                 when :lte
+                   Net::LDAP::Filter.le( cc[1].to_s, cc[2].to_s )
+                 when :like
+                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+                 else
+                   logger.error(cc[0].to_s + " needs coding")
+                 end
+            if f
+              f = f | ff
+            else
+              f = ff
+            end
+          end
+        when :eql
+          if c.nil?
+            f = ~ Net::LDAP::Filter.pres( cond[1].to_s )
+          elsif c.respond_to? :each
+            f = nil
+            c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+            #elsif c.class == Range
+            #  p c
+            #  f = Net::LDAP::Filter.ge( cond[1].to_s, c.begin.to_s ) & Net::LDAP::Filter.le( cond[1].to_s, c.end.to_s )
+          else
+            f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+          end
+        when :gte
+          f = Net::LDAP::Filter.ge( cond[1].to_s, c.to_s )
+        when :lte
+          f = Net::LDAP::Filter.le( cond[1].to_s, c.to_s )
+        when :not
+            if c.nil?
+              f = Net::LDAP::Filter.pres( cond[1].to_s )
+            elsif c.respond_to? :each
+              f = nil
+              c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+              f = ~ f
+            else
+              f = ~ Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+            end
+        when :like
+          f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+        else
+          logger.error(cond[0].to_s + " needs coding")
+        end
+        filters << f if f
+      end
+
+      filter = nil
+      filters.each do |f|
+        if filter.nil?
+          filter = f
+        else
+          filter = filter & f
+        end
+      end
+      @@logger.debug { "search filter: (#{filter.to_s})" }
+      filter
+    end
+  end
+end

data/lib/ldap/digest.rb

@@ -6,9 +6,9 @@ module Ldap
     # @param salt String the salt for the password digester
     # @return the encoded password/salt
     def self.ssha(secret, salt)
-      require 'sha1' 
-      require 'base64' 
-      (salt.empty? ? "{SHA}": "{SSHA}") +  
+      require 'sha1'
+      require 'base64'
+      (salt.empty? ? "{SHA}": "{SSHA}") +
         Base64.encode64(::Digest::SHA1.digest(secret + salt) + salt).gsub(/\n/, '')
     end
 

data/lib/ldap/net_ldap_facade.rb

@@ -1,15 +1,16 @@
 require 'net/ldap'
+require 'ldap/conditions_2_filter'
 
 module Ldap
   class NetLdapFacade
-    
+
     # @param config Hash for the ldap connection
     def self.open(config)
       Net::LDAP.open( config ) do |ldap|
         yield ldap
       end
     end
-    
+
     include ::Slf4r::Logger
 
     # @param config Hash for the ldap connection
@@ -25,8 +26,8 @@ module Ldap
       base = "#{treebase},#{@ldap.base}"
       id_sym = key_field.downcase.to_sym
       max = 0
-      @ldap.search( :base => base, 
-                    :attributes => [key_field], 
+      @ldap.search( :base => base,
+                    :attributes => [key_field],
                     :return_result => false ) do |entry|
         n = entry[id_sym].first.to_i
         max = n if max < n
@@ -41,12 +42,12 @@ module Ldap
     # @return nil in case of an error or the new id of the created object
     def create_object(dn_prefix, treebase, key_field, props, silence = false)
       base = "#{treebase},#{@ldap.base}"
-      if @ldap.add( :dn => dn(dn_prefix, treebase), 
-                    :attributes => props) and @ldap.get_operation_result.code.to_s == "0"
+      if @ldap.add( :dn => dn(dn_prefix, treebase),
+                    :attributes => props) || @ldap.get_operation_result.code.to_s == "0"
         props[key_field.downcase.to_sym]
       else
         unless silence
-          msg = ldap_error("create", 
+          msg = ldap_error("create",
                              dn(dn_prefix, treebase)) + "\n\t#{props.inspect}"
           # TODO maybe raise always an error
           if @ldap.get_operation_result.code.to_s == "68"
@@ -64,102 +65,19 @@ module Ldap
     # @param Array of conditions for the search
     # @return Array of Hashes with a name/values pair for each attribute
     def read_objects(treebase, key_fields, conditions, field_names, order_field = nil)
-      filters = []
-      conditions.each do |cond|
-        c = cond[2]
-        case cond[0]
-        when :or_operator
-          f = nil
-          cond[1].each do |cc|
-            ff = case cc[0]
-                 when :eql
-                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s )
-                 when :gte
-                   Net::LDAP::Filter.ge( cc[1].to_s, cc[2].to_s )
-                 when :lte
-                   Net::LDAP::Filter.le( cc[1].to_s, cc[2].to_s )
-                 when :like
-                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
-                 else
-                   logger.error(cc[0].to_s + " needs coding")
-                 end
-            if f
-              f = f | ff
-            else
-              f = ff
-            end
-          end
-        when :eql
-          if c.nil?
-            f = ~ Net::LDAP::Filter.pres( cond[1].to_s )
-          elsif c.class == Array
-            f = nil
-            c.each do |cc|
-              if f
-                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              else
-                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              end
-            end
-            #elsif c.class == Range
-            #  p c
-            #  f = Net::LDAP::Filter.ge( cond[1].to_s, c.begin.to_s ) & Net::LDAP::Filter.le( cond[1].to_s, c.end.to_s )
-          else
-            f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
-          end
-        when :gte
-          f = Net::LDAP::Filter.ge( cond[1].to_s, c.to_s )
-        when :lte
-          f = Net::LDAP::Filter.le( cond[1].to_s, c.to_s )
-        when :not
-            if c.nil?
-              f = Net::LDAP::Filter.pres( cond[1].to_s )
-            elsif c.class == Array
-              f = nil
-              c.each do |cc|
-              if f
-                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              else
-                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              end
-            end
-              f = ~ f
-            else
-              f = ~ Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
-            end
-        when :like
-          f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
-        else
-          logger.error(cond[0].to_s + " needs coding")
-        end
-        filters << f if f
-      end
-      
-      filter = nil
-      filters.each do |f|
-        if filter.nil?
-          filter = f
-        else
-          filter = filter & f
-        end
-      end
-      logger.debug { "search filter: (#{filter.to_s})" }
       result = []
+      filter = Conditions2Filter.convert(conditions)
       @ldap.search( :base => "#{treebase},#{@ldap.base}",
                     :attributes => field_names,
                     :filter => filter ) do |res|
-        map = to_map(res) 
+        map = to_map(res)
         #puts map[key_field.to_sym]
         # TODO maybe make filter which removes this unless
         # TODO move this into the ldap_Adapter to make it more general, so that
         # all field with Integer gets converted, etc
-        result << map if key_fields.select do |key_field|
-          if map.member? key_field.to_sym
-            # convert field to integer
-            map[key_field.to_sym] = [map[key_field.to_sym].collect { |k| k.to_i != 0 ? k.to_s : k }].flatten
-            true
-          end
-        end.size > 0 # i.e. there was at least one key_field in the map
+        result << map if key_fields.detect do |key_field|
+          map.member? key_field.to_sym
+        end
       end
       result
     end
@@ -170,11 +88,11 @@ module Ldap
     # @param actions the add/replace/delete actions on the attributes
     # @return nil in case of an error or true
     def update_object(dn_prefix, treebase, actions)
-      if @ldap.modify( :dn => dn(dn_prefix, treebase), 
-                       :operations => actions )
+      if @ldap.modify( :dn => dn(dn_prefix, treebase),
+                       :operations => actions ) || @ldap.get_operation_result.code.to_s == "0"
         true
       else
-        logger.warn(ldap_error("update", 
+        logger.warn(ldap_error("update",
                                dn(dn_prefix, treebase) + "\n\t#{actions.inspect}"))
         nil
       end
@@ -187,24 +105,24 @@ module Ldap
       if @ldap.delete( :dn => dn(dn_prefix, treebase) )
         true
       else
-        logger.warn(ldap_error("delete", 
+        logger.warn(ldap_error("delete",
                                dn(dn_prefix, treebase)))
-        
+
         nil
       end
     end
 
-    
+
     # @param dn String for identifying the ldap object
     # @param password String to be used for authenticate to the dn
     def authenticate(dn, password)
-      Net::LDAP.new( { :host => @ldap.host, 
-                       :port => @ldap.port, 
-                       :auth => { 
-                         :method => :simple, 
-                         :username => dn, 
-                         :password => password 
-                       }, 
+      Net::LDAP.new( { :host => @ldap.host,
+                       :port => @ldap.port,
+                       :auth => {
+                         :method => :simple,
+                         :username => dn,
+                         :password => password
+                       },
                        :base => @ldap.base
                      } ).bind
     end
@@ -218,7 +136,7 @@ module Ldap
     end
 
     private
-    
+
     # helper to extract the Hash from the ldap search result
     # @param Entry from the ldap_search
     # @return Hash with name/value pairs of the entry
@@ -228,7 +146,7 @@ module Ldap
       end
       entry.map
     end
-    
+
     def ldap_error(method, dn)
       "#{method} error: (#{@ldap.get_operation_result.code}) #{@ldap.get_operation_result.message}\n\tDN: #{dn}"
     end

data/lib/ldap/ruby_ldap_facade.rb

@@ -1,6 +1,6 @@
 require 'ldap'
-require 'net/ldap'
 require 'slf4r'
+require 'ldap/conditions_2_filter'
 
 module Ldap
   class Connection < LDAP::Conn
@@ -14,11 +14,11 @@ module Ldap
       @host = config[:host]
       set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
     end
-    
+
   end
 
   class RubyLdapFacade
-    
+
     # @param config Hash for the ldap connection
     def self.open(config)
       ldap2 = Connection.new(config)
@@ -26,7 +26,7 @@ module Ldap
         yield ldap
       end
     end
-    
+
     include ::Slf4r::Logger
 
     # @param config Hash for the ldap connection
@@ -41,9 +41,9 @@ module Ldap
 
     def retrieve_next_id(treebase, key_field)
       max = 0
-      @ldap2.search("#{treebase},#{@ldap2.base}", 
-                    LDAP::LDAP_SCOPE_SUBTREE, 
-                    "(objectclass=*)", 
+      @ldap2.search("#{treebase},#{@ldap2.base}",
+                    LDAP::LDAP_SCOPE_SUBTREE,
+                    "(objectclass=*)",
                      [key_field]) do |entry|
         n = (entry.vals(key_field) || [0]).first.to_i
         max = n if max < n
@@ -59,14 +59,14 @@ module Ldap
     def create_object(dn_prefix, treebase, key_field, props, silence = false)
       base = "#{treebase},#{@ldap2.base}"
       mods = props.collect do |k,v|
-        LDAP.mod(LDAP::LDAP_MOD_ADD, k.to_s, v.is_a?(Array) ? v : [v.to_s] )
+        LDAP.mod(LDAP::LDAP_MOD_ADD, k.to_s, v.is_a?(::Array) ? v : [v.to_s] )
       end
       if @ldap2.add( dn(dn_prefix, treebase), mods)
 #                    :attributes => props) and @ldap.get_operation_result.code.to_s == "0"
         props[key_field.downcase.to_sym]
       else
         unless silence
-          msg = ldap_error("create", 
+          msg = ldap_error("create",
                              dn(dn_prefix, treebase)) + "\n\t#{props.inspect}"
           # TODO maybe raise always an error
           if @ldap2.get_operation_result.code.to_s == "68"
@@ -83,109 +83,24 @@ module Ldap
     # @param key_fields Array of fields which carries the integer unique id(s) of the entity
     # @param Array of conditions for the search
     # @return Array of Hashes with a name/values pair for each attribute
-    def read_objects(treebase, key_fields, conditions, field_names, order_field = '')
-      filters = []
-      conditions.each do |cond|
-        c = cond[2]
-        case cond[0]
-        when :or_operator
-          f = nil
-          cond[1].each do |cc|
-            ff = case cc[0]
-                 when :eql
-                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s )
-                 when :gte
-                   Net::LDAP::Filter.ge( cc[1].to_s, cc[2].to_s )
-                 when :lte
-                   Net::LDAP::Filter.le( cc[1].to_s, cc[2].to_s )
-                 when :like
-                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
-                 else
-                   logger.error(cc[0].to_s + " needs coding")
-                 end
-            if f
-              f = f | ff
-            else
-              f = ff
-            end
-          end
-        when :eql
-          if c.nil?
-            f = ~ Net::LDAP::Filter.pres( cond[1].to_s )
-          elsif c.class == Array
-            f = nil
-            c.each do |cc|
-              if f
-                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              else
-                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              end
-            end
-            #elsif c.class == Range
-            #  p c
-            #  f = Net::LDAP::Filter.ge( cond[1].to_s, c.begin.to_s ) & Net::LDAP::Filter.le( cond[1].to_s, c.end.to_s )
-          else
-            f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
-          end
-        when :gte
-          f = Net::LDAP::Filter.ge( cond[1].to_s, c.to_s )
-        when :lte
-          f = Net::LDAP::Filter.le( cond[1].to_s, c.to_s )
-        when :not
-            if c.nil?
-              f = Net::LDAP::Filter.pres( cond[1].to_s )
-            elsif c.class == Array
-              f = nil
-              c.each do |cc|
-              if f
-                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              else
-                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
-              end
-            end
-              f = ~ f
-            else
-              f = ~ Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
-            end
-        when :like
-          f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
-        else
-          logger.error(cond[0].to_s + " needs coding")
-        end
-        filters << f if f
-      end
-
-      filter = nil
-      filters.each do |f|
-        if filter.nil?
-          filter = f
-        else
-          filter = filter & f
-        end
-      end
-      logger.debug { "search filter: (#{filter.to_s})" }
+    def read_objects(treebase, key_fields, conditions, field_names, order_field = '')      
+      filter = Conditions2Filter.convert(conditions)
       result = []
       begin
-      @ldap2.search("#{treebase},#{@ldap2.base}", 
-                    LDAP::LDAP_SCOPE_SUBTREE, 
-                    filter.to_s == "" ? "(objectclass=*)" : filter.to_s.gsub(/\(\(/, "(").gsub(/\)\)/, ")"), 
+      @ldap2.search("#{treebase},#{@ldap2.base}",
+                    LDAP::LDAP_SCOPE_SUBTREE,
+                    filter.to_s == "" ? "(objectclass=*)" : filter.to_s.gsub(/\(\(/, "(").gsub(/\)\)/, ")"),
                     field_names, false, 0, 0, order_field) do |res|
 
-        map = to_map(res) 
+        map = to_map(res)
         #puts map[key_field.to_sym]
         # TODO maybe make filter which removes this unless
         # TODO move this into the ldap_Adapter to make it more general, so that
         # all field with Integer gets converted, etc
-        result << map if key_fields.select do |key_field|
-          if map.member? key_field.to_sym
-            # convert field to integer
-            map[key_field.to_sym] = [map[key_field.to_sym].collect { |k| k.to_i != 0 ? k.to_s : k }].flatten
-            true
+        result << map if key_fields.detect do |key_field|
+            map.member? key_field.to_sym
           end
-        end.size > 0 # i.e. there was at least one key_field in the map
         end
-      rescue RuntimeError => e
-        raise e unless e.message == "no result returned by search"
       end
       result
     end
@@ -207,11 +122,11 @@ module Ldap
               end
         LDAP.mod(mod_op, act[1].to_s, act[2] == [] ? [] : [act[2].to_s])
       end
-      if @ldap2.modify( dn(dn_prefix, treebase), 
+      if @ldap2.modify( dn(dn_prefix, treebase),
                        mods )
         true
       else
-        logger.warn(ldap_error("update", 
+        logger.warn(ldap_error("update",
                                dn(dn_prefix, treebase) + "\n\t#{actions.inspect}"))
         nil
       end
@@ -224,24 +139,24 @@ module Ldap
       if @ldap2.delete( dn(dn_prefix, treebase) )
         true
       else
-        logger.warn(ldap_error("delete", 
+        logger.warn(ldap_error("delete",
                                dn(dn_prefix, treebase)))
-        
+
         nil
       end
     end
 
-    
+
     # @param dn String for identifying the ldap object
     # @param password String to be used for authenticate to the dn
     def authenticate(dn, password)
-      Net::LDAP.new( { :host => @ldap2.host, 
-                       :port => @ldap2.port, 
-                       :auth => { 
-                         :method => :simple, 
-                         :username => dn, 
-                         :password => password 
-                       }, 
+      Net::LDAP.new( { :host => @ldap2.host,
+                       :port => @ldap2.port,
+                       :auth => {
+                         :method => :simple,
+                         :username => dn,
+                         :password => password
+                       },
                        :base => @ldap2.base
                      } ).bind
     end
@@ -255,7 +170,7 @@ module Ldap
     end
 
     private
-    
+
     # helper to extract the Hash from the ldap search result
     # @param Entry from the ldap_search
     # @return Hash with name/value pairs of the entry
@@ -266,7 +181,7 @@ module Ldap
       end
       map
     end
-    
+
     def ldap_error(method, dn)
       "#{method} error: (#{@ldap2.get_operation_result.code}) #{@ldap2.get_operation_result.message}\n\tDN: #{dn}"
     end

data/lib/ldap/version.rb

@@ -1,3 +1,3 @@
 module Ldap
-  VERSION = '0.3.5'.freeze
+  VERSION = '0.4.0.alpha1'.freeze
 end