dm-ldap-adapter 0.4.2 → 0.4.3

data/History.txt

@@ -1,3 +1,10 @@
+version 0.4.3
+=============
+
+* test several environments: ruby-1.8.7/1.9.2, jruby-1.5.6/1.6.2 (1.8 and 1.9 where possible), DM-1.0.x/1.1.x, net-ldap and ruby-ldap gem as backend. run the specs against all possible combinations.
+
+* improvements with LdapArray properties
+
 version 0.4.2
 =============
 

data/README-bundler.md

@@ -0,0 +1,34 @@
+# no Gemfile.lock on git #
+
+there are two references for different DM versions
+
+* ~> 1.1.0
+
+* ~> 1.0.0
+
+with a simple symbolic link you can switch between these two profiles.
+
+`$ ln -s Gemfile.lock.1.1.0 Gemfile.lock`
+
+for that reason Gemfile.lock in not on github, so the script run-all.sh
+
+# run specs #
+
+`$ bundle exec spec spec`
+
+or for some jruby versions (which needs jruby and ruby-maven gem)
+
+`$ rmvn test`
+`$ rmvn test --Djruby.versions=1.5.6,1.6.2 -Djruby.18and19
+
+# build gem
+
+for the ruby platform
+
+`$ gem build dm-ldap-adapter.gemspec`
+
+or for java platform (needs jruby and ruby-maven gem)
+
+`$ rmvn package`
+
+gem will be inside target/dm-ldap-adapter directory.

data/{README.txt → README.md}

@@ -1,20 +1,32 @@
-= dm-ldap-adapter
+# dm-ldap-adapter
 
-*Homepage*:  [http://dm-ldap-adapter.rubyforge.org]
+*Homepage*: [http://github.com/mkristian/dm-ldap-adapter](http://github.com/mkristian/dm-ldap-adapter)
 
-*Git*:       [http://github.com/mkristian/dm-ldap-adapter]
+*Git*: [git://github.com/mkristian/dm-ldap-adapter.git](git://github.com/mkristian/dm-ldap-adapter.git)
 
 *Author*:    Kristian Meier
 
 *Copyright*: 2008-2009
 
-== DESCRIPTION:
+## Note on Patches/Pull Requests
 
-=== usecase
+* Fork the project.
+
+* Make your feature addition or bug fix.
+
+* Add tests for it. This is important so I don't break it in a future version unintentionally.
+
+* Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+
+* Send me a pull request.
+
+## DESCRIPTION:
+
+### usecase
 
 the usecase for that implementation was using an ldap server for user authentication and authorization. the ldap server is configured to have posixAccounts and posixGroups. on the datamapper side these accounts/groups are modeled with many-to-many relationship. further more the model classes should be in such a way that they can be used with another repository as well, i.e. they carry some ldap related configuration but this is only relevant for the ldap-adapter.
 
-=== low level ldap library
+### low level ldap library
 
 the ldap library which does the actual ldap protocol stuff is [http://rubyforge.org/projects/net-ldap] which is the default. the other ldap library is [http://rubyforge.org/projects/ruby-ldap]. just add a facade parameter when setting up DataMapper
 
@@ -30,7 +42,7 @@ or
                    :facade => :net_ldap,
      .... })
 
-=== setup DataMapper
+### setup DataMapper
 
     DataMapper.setup(:ldap, {
                    :adapter  => 'ldap',
@@ -42,19 +54,19 @@ or
                    :password => "behappy"
      })
 
-=== examples
+### examples
 
 see 'example/posix.rb' for user/group setup works with default installation of openldap on ubuntu (just change your password as needed in the code)
 
-== FEATURES/PROBLEMS:
+## FEATURES/PROBLEMS:
 
 * the net-ldap has some issues with not closing the connections when an exception/error got raised, with limit the search result to 126 entries which gets fixed by making consecutives searches and collect the result.
 
 * error from the ldap server are only logged and do not raise any exceptions (to be changed in next release) with one exception: when creating a new ldap entry a duplicated entry will raise DataMapper::PersistenceError
 
-== SYNOPSIS:
+## SYNOPSIS:
 
-=== distinguished name (DN) of a model
+### distinguished name (DN) of a model
 
 there are three parts which makes the DN of a model, the base from the ldap conncetion, the `treebase` of the model and `dn_prefix` of an instance.
 
@@ -69,7 +81,7 @@ with a base `dc=example,dc=com` we get a DN like the user 'admin'
 
     uid=admin,ou=people,dc=example,dc=com
 
-=== ldap entities are bigger than the model
+### ldap entities are bigger than the model
 
 for example the ldap posixGroup has more attributes than the model class, it needs the `objectclass` attribute set to `posixGroup`.
 
@@ -84,11 +96,11 @@ for example the ldap posixGroup has more attributes than the model class, it nee
 
 so with the help of the `ldap_properties` you can define a block which returns an hash with extra attributes. with such block you can make some calculations if needed, i.e. :homedirectory => "/home/#{login}" for the posixAccount.
 
-=== authentication
+### authentication
 
 this uses the underlying bind of a ldap connection. so on any model where you have the `dn_prefix` and the `treebase` configured, you can call the method `authenticate(password)`. this will forward the request to the ldap server.
 
-=== queries
+### queries
 
 conditions in ldap depend on the attributes definition in the ldap schema. here is the list of what is working with that ldap adapter side and the usual AND between the conditions:
 
@@ -110,13 +122,13 @@ and
 
 gives the same result when *all* names are `NULL` !!!
 
-=== OR conditions
+### OR conditions
 
 or-conditions can be done with :conditions option but only of the form "<property_name> <comparator> <value> [or <property_name> <comparator> <value>]*" where the comparator is one of "=", "like". it can be also combined with extra ANDs like this example
 
     Contact.all(:name.like => "A%", :conditions => ["phone like '+49%' or mobile like '+49%'"])
 
-=== multiple repositories
+### multiple repositories
 
 most probably you have to work with ldap as one repository and a database as a second repository. for me it worked best to define the `default_repository` for each model in the model itself:
 
@@ -155,13 +167,13 @@ and to let the ldap resources use the ldap respository it is best to bind it to
     end
   end
 
-=== transactions
+### transactions
 
 the adapter offers a noop transaction, i.e. you can wrap everything into a transaction but the ldap part has no functionality.
 
 *note*: the ldap protocol does not know transactions
 
-=== many-to-many associations
+### many-to-many associations
 
 staying with posix example there the groups has a memberuid attribute BUT unlike with relational databases it can have multiple values. to achieve a relationship with these values the underlying adapter needs to know that this specific attribute needs to be handled differently. for this `multivalue_field` comes into play. the ldap adapter clones the model and places the each memberuid in its own clone.
 
@@ -179,7 +191,7 @@ staying with posix example there the groups has a memberuid attribute BUT unlike
 
     end
 
-=== ldap attributes with many values
+### ldap attributes with many values
 
 let's say your LDAP has multiple email values for a users then you can define your resource class like that using the type *LdapArray* for such multivalue fields
 
@@ -197,7 +209,7 @@ let's say your LDAP has multiple email values for a users then you can define yo
       end
     end
 
-== REQUIREMENTS:
+## REQUIREMENTS:
 
 * slf4r the logging facade
 * net-ldap pure ruby ldap library
@@ -205,11 +217,11 @@ let's say your LDAP has multiple email values for a users then you can define yo
 * logging (optional) if logging via logging is desired
 * log4r (optional) if logging via log4r is desired
 
-== INSTALL:
+## INSTALL:
 
 * sudo gem install dm-ldap-adapter
 
-== LICENSE:
+## LICENSE:
 
 (The MIT License)
 

data/example/posix.rb

@@ -15,14 +15,10 @@ $LOAD_PATH << Pathname(__FILE__).dirname.parent.expand_path + 'lib'
 # logger.level = :debug
 # logger.info "initialized logger . . ."
 
-dummy = true  #uncomment this to use dummy, i.e. a database instead of ldap
-dummy = false # uncomment this to use ldap
+dummy = false # uncomment this to use ldap, dummy = false uses the database
 unless dummy
   require 'ldap_resource'
 
-  # comment this out if you want to use "net/ldap"
-  require 'ldap/ruby_ldap_facade'
-
   require 'adapters/ldap_adapter'
 
   DataMapper.setup(:default, {

data/lib/adapters/ldap_adapter.rb

@@ -82,8 +82,10 @@ module DataMapper
     end
 
     def sort_records_case_insensitive(records)
+      #Return unsorted records unless we have order defined
+      return records unless order
       sort_order = order.map { |direction| [ direction.target, direction.operator == :asc ] }
-
+      
       records.sort_by do |record|
         sort_order.map do |(property, ascending)|
           SortCaseInsensitive.new(record_value(record, property), ascending)
@@ -171,9 +173,7 @@ module DataMapper
 
       def create(resources)
         resources.select do |resource|
-
           create_resource(resource)
-
         end.size # just return the number of create resources
       end
 
@@ -306,6 +306,7 @@ module DataMapper
       # @see AbstractAdapter#read
       def read(query)
         result = []
+        #get data values out of the query
         resources = read_resources(query)
         resources.each do |resource|
           map = {}
@@ -325,8 +326,10 @@ module DataMapper
       end
 
       def read_resources(query)
-        order_by = query.order.first.target.field
-        order_by_sym = order_by.to_sym
+        query_order = query.order.first.target.field if query.order
+        #Use empty string as default for order in query
+        order_by = query_order || ''
+
         field_names = query.fields.collect {|f| f.field }
         result = ldap.read_objects(query.model.treebase,
                                    query.model.key.collect { |k| k.field },

data/lib/dm-ldap-adapter.rb

@@ -0,0 +1 @@
+require 'adapter/ldap-adapter'

data/lib/ldap/array.rb

@@ -74,32 +74,49 @@ module Ldap
                end
     end
 
-    def initialize(*args)
+    # keep the *args so it works for both DM-1.1.x and DM-1.0.x
+    def initialize(_model = nil, _name = nil, options = {}, *args)
       super
+
+      add_writer(model,name) unless options[:writer] == :private || options[:accessor] == :private
+      add_reader(model,name) unless options[:reader] == :private || options[:accessor] == :private        
+    end
+
+    private
+
+    def add_reader(model, name)
+      #Creates instance method for reader
       model.class_eval <<-RUBY, __FILE__, __LINE__ + 1
-        def #{name.to_s}=(v)
-          case v
-          when Ldap::Array
-            v.setup(self, properties[:#{name}])
-          else
-            vv = Ldap::Array.new(self, properties[:#{name}])
-            vv.replace(v || [])
-            v = vv
-          end
-          attribute_set(:#{name}, v)
+        def #{name}
+         attr_data = attribute_get(:#{name})
+
+         case attr_data
+         when Ldap::Array
+           attr_data.setup(self, properties[:#{name}])
+         else
+           new_ldap_array = Ldap::Array.new(self, properties[:#{name}])
+           new_ldap_array.replace(attr_data || [])
+         end
         end
+      RUBY
+    end
 
-        def #{name.to_s}
-          v = attribute_get(:#{name})
-          case v
+    def add_writer(model, name)
+      #Creates instance method for writer
+      model.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{name}=(input)
+          data = case input
           when Ldap::Array
-            v.setup(self, properties[:#{name}])
+            input.setup(self, properties[:#{name}])
           else
-            vv = Ldap::Array.new(self, properties[:#{name}])
-            vv.replace(v || [])
+            new_ldap_array = Ldap::Array.new(self, properties[:#{name}])
+            new_ldap_array.replace(input || [])
           end
+
+          attribute_set(:#{name}, data)
         end
       RUBY
     end
+
   end
 end

data/lib/ldap/digest.rb

@@ -1,4 +1,11 @@
-require 'sha1'
+begin
+  require 'sha1'
+rescue LoadError
+  # ruby1.9.x
+  require 'digest/sha1'
+  SHA1 = Digest::SHA1
+end
+
 require 'base64'
 module Ldap
   class Digest

data/lib/ldap/ruby_ldap_facade.rb

@@ -83,12 +83,18 @@ module Ldap
     # @param Array of conditions for the search
     # @return Array of Hashes with a name/values pair for each attribute
     def read_objects(treebase, key_fields, conditions, field_names, order_field = '')      
-      filter = Conditions2Filter.convert(conditions)
+      
+      if !conditions.nil? and conditions.size > 0
+        filter = Conditions2Filter.convert(conditions).to_s
+      else
+        filter = "(objectclass=*)"
+      end
+
       result = []
       begin
       @ldap2.search("#{treebase},#{@ldap2.base}",
                     LDAP::LDAP_SCOPE_SUBTREE,
-                    filter.to_s == "" ? "(objectclass=*)" : filter.to_s.gsub(/\(\(/, "(").gsub(/\)\)/, ")"),
+                    filter,
                     field_names, false, 0, 0, order_field) do |res|
         mapp = to_map(field_names, res)
         # TODO maybe make filter which removes this unless
@@ -148,15 +154,21 @@ module Ldap
     # @param dn String for identifying the ldap object
     # @param password String to be used for authenticate to the dn
     def authenticate(dn, password)
-      Net::LDAP.new( { :host => @ldap2.host,
-                       :port => @ldap2.port,
-                       :auth => {
-                         :method => :simple,
-                         :username => dn,
-                         :password => password
-                       },
-                       :base => @ldap2.base
-                     } ).bind
+      bound = false
+      ldap_con = LDAP::Conn.new(@ldap2.host, @ldap2.port)
+      ldap_con.set_option( LDAP::LDAP_OPT_PROTOCOL_VERSION, 3 )
+      begin
+        ldap_con.bind(dn, password, LDAP::LDAP_AUTH_SIMPLE) do
+          bound = true
+        end
+      rescue LDAP::ResultError => msg
+        if msg.to_s =~ /Invalid\ credentials/i
+          logger.info("Invalid Credentials: #{dn}")
+        else 
+          logger.warn "Authentication Error: #{msg.to_s}"
+        end
+      end
+      bound
     end
 
     # helper to concat the dn from the various parts

data/lib/ldap/transactions.rb

@@ -0,0 +1,2 @@
+require 'dm-transactions'
+require 'adapters/noop_transaction'

data/lib/ldap/unboundid_ldap_facade.rb

@@ -0,0 +1,188 @@
+require 'ldap'
+require 'slf4r'
+require 'ldap/conditions_2_filter'
+
+module Ldap
+  # class Connection < LDAP::Conn
+
+  #   attr_reader :base, :host, :port
+
+  #   def initialize(config)
+  #     super(config[:host], config[:port])
+  #     @base = config[:base]
+  #     @port = config[:port]
+  #     @host = config[:host]
+  #     set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+  #   end
+
+  # end
+
+  class RubyLdapFacade
+
+    # @param config Hash for the ldap connection
+    def self.open(config)
+      ldap3 = com.unboundid.ldap.sdk.LDAPConnection.new(config[:host], config[:port], config[:base] + "." + config[:auth][:username], config[:auth][:password])
+      
+      yield ldap
+    end
+
+    include ::Slf4r::Logger
+
+    # @param config Hash for the ldap connection
+    def initialize(config)
+      if config.is_a? Hash
+        @ldap2 = Connection.new(config)
+        @ldap2.bind(config[:auth][:username], config[:auth][:password])
+      else
+        @ldap2 = config
+      end
+    end
+
+    def retrieve_next_id(treebase, key_field)
+      max = 0
+      @ldap2.search("#{treebase},#{@ldap2.base}",
+                    LDAP::LDAP_SCOPE_SUBTREE,
+                    "(objectclass=*)",
+                     [key_field]) do |entry|
+        n = (entry.vals(key_field) || [0]).first.to_i
+        max = n if max < n
+      end
+      max + 1
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param key_field field which carries the integer unique id of the entity
+    # @param props Hash of the ldap attributes of the new ldap object
+    # @return nil in case of an error or the new id of the created object
+    def create_object(dn_prefix, treebase, key_field, props, silence = false)
+      base = "#{treebase},#{@ldap2.base}"
+      mods = props.collect do |k,v|
+        LDAP.mod(LDAP::LDAP_MOD_ADD, k.to_s, v.is_a?(::Array) ? v : [v.to_s] )
+      end
+      if @ldap2.add( dn(dn_prefix, treebase), mods)
+#                    :attributes => props) and @ldap.get_operation_result.code.to_s == "0"
+        props[key_field.downcase.to_sym]
+      else
+        unless silence
+          msg = ldap_error("create",
+                             dn(dn_prefix, treebase)) + "\n\t#{props.inspect}"
+          # TODO maybe raise always an error
+          if @ldap2.get_operation_result.code.to_s == "68"
+            raise ::DataMapper::PersistenceError.new(msg)
+          else
+            logger.warn(msg)
+          end
+        end
+        nil
+      end
+    end
+
+    # @param treebase the treebase of the search
+    # @param key_fields Array of fields which carries the integer unique id(s) of the entity
+    # @param Array of conditions for the search
+    # @return Array of Hashes with a name/values pair for each attribute
+    def read_objects(treebase, key_fields, conditions, field_names, order_field = '')      
+      filter = Conditions2Filter.convert(conditions)
+      result = []
+      begin
+      @ldap2.search("#{treebase},#{@ldap2.base}",
+                    LDAP::LDAP_SCOPE_SUBTREE,
+                    filter.to_s == "" ? "(objectclass=*)" : filter.to_s.gsub(/\(\(/, "(").gsub(/\)\)/, ")"),
+                    field_names, false, 0, 0, order_field) do |res|
+
+        map = to_map(res)
+        #puts map[key_field.to_sym]
+        # TODO maybe make filter which removes this unless
+        # TODO move this into the ldap_Adapter to make it more general, so that
+        # all field with Integer gets converted, etc
+        result << map if key_fields.detect do |key_field|
+            map.member? key_field.to_sym
+          end
+        end
+      end
+      result
+    end
+
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param actions the add/replace/delete actions on the attributes
+    # @return nil in case of an error or true
+    def update_object(dn_prefix, treebase, actions)
+      mods = actions.collect do |act|
+        mod_op = case act[0]
+              when :add
+                LDAP::LDAP_MOD_ADD
+              when :replace
+                LDAP::LDAP_MOD_REPLACE
+              when :delete
+                LDAP::LDAP_MOD_DELETE
+              end
+        LDAP.mod(mod_op, act[1].to_s, act[2] == [] ? [] : [act[2].to_s])
+      end
+      if @ldap2.modify( dn(dn_prefix, treebase),
+                       mods )
+        true
+      else
+        logger.warn(ldap_error("update",
+                               dn(dn_prefix, treebase) + "\n\t#{actions.inspect}"))
+        nil
+      end
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return nil in case of an error or true
+    def delete_object(dn_prefix, treebase)
+      if @ldap2.delete( dn(dn_prefix, treebase) )
+        true
+      else
+        logger.warn(ldap_error("delete",
+                               dn(dn_prefix, treebase)))
+
+        nil
+      end
+    end
+
+
+    # @param dn String for identifying the ldap object
+    # @param password String to be used for authenticate to the dn
+    def authenticate(dn, password)
+      Net::LDAP.new( { :host => @ldap2.host,
+                       :port => @ldap2.port,
+                       :auth => {
+                         :method => :simple,
+                         :username => dn,
+                         :password => password
+                       },
+                       :base => @ldap2.base
+                     } ).bind
+    end
+
+    # helper to concat the dn from the various parts
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return the complete dn String
+    def dn(dn_prefix, treebase)
+      "#{dn_prefix},#{treebase},#{@ldap2.base}"
+    end
+
+    private
+
+    # helper to extract the Hash from the ldap search result
+    # @param Entry from the ldap_search
+    # @return Hash with name/value pairs of the entry
+    def to_map(entry)
+      map = {}
+      LDAP::entry2hash(entry).each do |k,v|
+        map[k.downcase.to_sym] = v
+      end
+      map
+    end
+
+    def ldap_error(method, dn)
+      "#{method} error: (#{@ldap2.get_operation_result.code}) #{@ldap2.get_operation_result.message}\n\tDN: #{dn}"
+    end
+  end
+end

data/lib/ldap_resource.rb

@@ -12,7 +12,8 @@ module DataMapper
         discriminator   = properties(repository_name).discriminator
         no_reload       = !query.reload?
         
-        field_map = fields.map { |property| [ property, property.field ] }.to_hash
+        field_map = {}
+        fields.each { |property| field_map[property] = property.field }
         
         records.map do |record|
           identity_map = nil

data/spec/assiociations_ldap_adapter_spec.rb

@@ -4,18 +4,42 @@ require 'spec_helper'
 describe DataMapper::Adapters::LdapAdapter do
 
   before do
-
     DataMapper.repository(:ldap) do
       User.all(:login.like => "b%").destroy!
       Group.all(:name.like => "test_%").destroy!
-      @user1 = User.create(:login => "black", :name => 'Black', :age => 0)
-      @user2 = User.create(:login => "brown", :name => 'Brown', :age => 25)
-      @user3 = User.create(:login => "blue", :name => 'Blue',  :age => nil)
+      
+      #First we create some items.
+      user1 = User.create(:login => "black", :name => 'Black', :age => 0)
+      user2 = User.create(:login => "brown", :name => 'Brown', :age => 25)
+      user3 = User.create(:login => "blue", :name => 'Blue',  :age => nil)
 
-      @group1 = Group.create(:name => "test_root_group")
-      @group2 = Group.create(:name => "test_admin_group")
+      group1 = Group.create(:name => "test_root_group")
+      group2 = Group.create(:name => "test_admin_group")
+      
+      #Then we retrive the items we created earlier and use them for tests.
+      @user1 = User.get!(user1.id)
+      @user2 = User.get!(user2.id)
+      @user3 = User.get!(user3.id)
+      
+      @group1 = Group.get!(group1.id)
+      @group2 = Group.get!(group2.id)      
+    end
+  end
+  
+  after(:all) do
+    DataMapper.repository(:ldap) do
+      User.all(:login.like => "b%").destroy!
+      Group.all(:name.like => "test_%").destroy!
     end
   end
+  
+  it 'should have valid testing data' do
+    @user1.should be_a_kind_of(User)
+    @user2.should be_a_kind_of(User)
+    @user3.should be_a_kind_of(User)
+    @group1.should be_a_kind_of(Group)
+    @group2.should be_a_kind_of(Group)
+  end
 
   it 'should successfully save an object' do
     DataMapper.repository(:ldap) do
@@ -129,12 +153,16 @@ describe DataMapper::Adapters::LdapAdapter do
 
   it 'should be able to delete a user from a group' do
     DataMapper.repository(:ldap) do
-      size = GroupUser.all.size
-      @user1 = User.get!(@user1.id)
+      size_before = GroupUser.all.size
+
       @user1.groups << @group1
+      GroupUser.all.size.should == size_before+1
+  
       @user1.groups << @group2
+      GroupUser.all.size.should == size_before+2
+
       @user2.groups << @group1
-      GroupUser.all.size.should == size + 3
+      GroupUser.all.size.should == size_before+3
     end
     DataMapper.repository(:ldap) do
       @user1 = User.get!(@user1.id)

data/spec/contact.rb

@@ -0,0 +1,58 @@
+class Contact
+	include DataMapper::Resource
+
+	def self.auto_upgrade!(args = nil)
+		DataMapper.logger.warn("Skipping #{self.name}.auto_upgrade!")
+	end
+
+	def self.default_repository_name
+		:ldap
+	end
+
+	def self.repository_name
+		:ldap
+	end
+	
+	property :id,						Serial, :field => 'uid'
+	property :cn,						String, :required => true
+	property :salutation,					String, :lazy => [:view]
+	property :title,					String, :lazy => [:view]
+	property :givenname,					String
+	property :sn,						String, :required => true
+	property :o,						String
+	property :postaladdress,				String, :lazy => [:view]
+	property :postalcode,					String, :lazy => [:view]
+	property :l,						String
+	property :st,						String, :lazy => [:view]
+	property :c,						String, :lazy => [:view]
+	property :telephonenumber,				String
+	property :facsimiletelephonenumber,			String, :lazy => [:view]
+	property :pager,					String, :lazy => [:view]
+	property :jpegphoto,					LdapArray, :lazy => true
+	property :mobile,					String, :lazy => [:view]
+	property :anniversary,					String, :lazy => [:view]
+	property :mail,						LdapArray
+	property :labeleduri,					LdapArray, :lazy => [:view]
+	property :marker,					LdapArray, :lazy => [:view]
+	property :description,					LdapArray, :lazy => [:view]
+
+	dn_prefix do |u|
+		"uid=#{u.id}"
+	end
+
+	ldap_properties do |u|
+          properties = { :objectclass => ['inetOrgPerson']}#, "posixAccount", "shadowAccount"]}#'contactPerson'] }
+		properties
+	end
+
+	treebase 'ou=people'
+
+	before :save, :fix_object
+
+private
+
+	def fix_object
+		self.cn = "#{self.givenname} #{self.sn}".strip
+	end
+
+end

data/spec/ldap_array_spec.rb

@@ -0,0 +1,119 @@
+$LOAD_PATH << Pathname(__FILE__).dirname.parent.expand_path + 'lib'
+
+require 'ldap/array'
+require 'dm-migrations'
+require 'dm-sqlite-adapter'
+
+class A
+  
+  include DataMapper::Resource
+
+  property :id, Serial
+  property :list,         ::Ldap::LdapArray,    :accessor => :public
+  property :hidden_list,  ::Ldap::LdapArray,    :accessor => :private
+  property :write_list,   ::Ldap::LdapArray,    :reader => :private, :writer => :public
+  property :read_list,    ::Ldap::LdapArray,    :reader => :public, :writer => :private
+end
+
+require 'fileutils'
+FileUtils.mkdir_p("target")
+DataMapper.setup(:default, 'sqlite3:target/test.sqlite3')
+DataMapper.finalize
+DataMapper.auto_migrate!(:default)
+
+describe Ldap::LdapArray do
+  before { @resource = A.new }
+
+  it 'should create new with array' do
+    @resource.list = ["1", "2"]
+    @resource.dirty?.should be_true
+    @resource.save
+    resource = A.first(:id => @resource.id)
+    resource.list.should == ["1", "2"]
+    resource.list.class.should == Ldap::Array
+  end
+
+  it 'should have empty array on new resource' do
+    @resource.list << "1"
+    @resource.dirty?.should be_true
+    @resource.save
+    resource = A.first(:id => @resource.id)
+    resource.list.should == ["1"]
+    resource.list.class.should == Ldap::Array
+  end
+
+  it 'should save after adding an element' do
+    @resource.list = ["1", "2"]
+    @resource.save
+    @resource.list << "4"
+    @resource.save
+    resource = A.first(:id => @resource.id)
+    resource.list.should == ["1", "2", "4"]
+    resource.list.class.should == Ldap::Array
+  end
+
+  it 'should save after changing an element' do
+    @resource.list = ["1", "2"]
+    @resource.save
+    @resource.list[1] = "4"
+    @resource.save
+    resource = A.first(:id => @resource.id)
+    resource.list.should == ["1", "4"]
+    resource.list.class.should == Ldap::Array
+  end
+
+  it 'should save after deleting element from list' do
+    @resource.list = ["1", "2"]
+    @resource.save
+    @resource.list.delete("1")
+    @resource.save
+    resource = A.first(:id => @resource.id)
+    resource.list.should == ["2"]
+    resource.list.class.should == Ldap::Array
+  end
+  
+  context 'when :accessor property is set to :private' do 
+    it 'should not create a write accessor' do
+      @resource.should_not respond_to(:hidden_list=)
+    end
+
+    it 'should not create a reade accessor' do
+      @resource.should_not respond_to(:hidden_list)
+    end  
+  end
+
+  context 'when :accessor property is set to :public' do 
+    it 'should create a write accessor' do
+      @resource.should respond_to(:list=)
+    end
+
+    it 'should create a reade accessor' do
+      @resource.should respond_to(:list)
+    end  
+  end
+  
+  context 'when :writer property is set to :public' do
+    it 'should create a write accessor' do
+      @resource.should respond_to(:write_list=)
+    end
+  end
+
+  context 'when :writer property is set to :private' do
+    it 'should not create a write accessor' do
+      @resource.should_not respond_to(:read_list=)
+    end
+  end
+
+  context 'when :reader property is set to :public' do
+    it 'should create a read accessor' do
+      @resource.should respond_to(:read_list)
+    end
+  end
+
+  context 'when :reader property is set to :private' do
+    it 'should not create a read accessor' do
+      @resource.should_not respond_to(:write_list)
+    end
+  end
+
+end

data/spec/multi_value_attributes_spec.rb

@@ -151,7 +151,6 @@ describe DataMapper.repository(:ldap).adapter.class do
     end
 
     it 'should be able to use multilines with LdapArray' do
-      pending "not working for net-ldap" if DataMapper.repository(:ldap).adapter.ldap.class.to_s == 'Ldap::NetLdapFacade'
       DataMapper.repository(:ldap) do
         @contact.mail = ["email1\nmail2\nmail2\nmail4", "email1"]
         @contact.save

data/spec/spec_helper.rb

@@ -1,7 +1,7 @@
 require 'rubygems'
 
 require 'slf4r/ruby_logger'
-Slf4r::LoggerFacade4RubyLogger.level = :info
+Slf4r::LoggerFacade4RubyLogger.level = :warn
 
 require 'dm-sqlite-adapter'
 require 'dm-migrations'
@@ -26,6 +26,8 @@ DataMapper.setup(:ldap, {
                    :password => "behappy"
 })
 
+puts "using facade #{(ENV['FACADE'] || :net_ldap).to_sym}"
+
 module DataMapper
   module Resource
     class State
@@ -55,25 +57,30 @@ class User
   has n, :group_users
 
   def groups
-    groups = GroupUser.all(:user_id => id).collect{ |gu| gu.group }
+    groups = GroupUser.all(:user_id => login).collect{ |gu| gu.group }
+
     def groups.user=(user)
       @user = user
     end
+
     groups.user = self
+
     def groups.<<(group)
       unless member? group
-        GroupUser.create(:user_id => @user.id, :group_id => group.id)
+        GroupUser.create(:user_id => @user.login, :group_id => group.id)
         super
       end
       self
     end
+
     def groups.delete(group)
-      gu = GroupUser.first(:user_id => @user.id, :group_id => group.id)
+      gu = GroupUser.first(:user_id => @user.login, :group_id => group.id)
       if gu
         gu.destroy
         super
       end
     end
+
     groups
   end
 
@@ -90,7 +97,8 @@ class User
   end
 
   def password=(password)
-    attribute_set(:hashed_password, Ldap::Digest.ssha(password, "--#{Time.now}--#{login}--")) if password
+    salt = "--#{Time.now}--#{login}--"
+    attribute_set(:hashed_password, Ldap::Digest.ssha(password, salt)) if password
   end
 end
 
@@ -133,7 +141,7 @@ class GroupUser
     {:cn=>"#{group_user.group.name}",  :objectclass => "posixGroup"}
   end
 
-  property :user_id, Integer, :key => true, :field => "memberUid"
+  property :user_id, String, :key => true, :field => "memberUid"
   property :group_id, Integer, :key => true, :field => "gidNumber"
 
   def group

metadata

@@ -1,37 +1,38 @@
 --- !ruby/object:Gem::Specification 
 name: dm-ldap-adapter
 version: !ruby/object:Gem::Version 
-  hash: 11
-  prerelease: false
+  hash: 9
+  prerelease: 
   segments: 
   - 0
   - 4
-  - 2
-  version: 0.4.2
+  - 3
+  version: 0.4.3
 platform: ruby
 authors: 
 - mkristian
+- xertres
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2011-02-08 00:00:00 +05:30
+date: 2011-06-06 00:00:00 +05:30
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  name: ruby-net-ldap
+  name: net-ldap
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - "="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 23
+        hash: 19
         segments: 
         - 0
-        - 0
-        - 4
-        version: 0.0.4
+        - 2
+        - 2
+        version: 0.2.2
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -40,12 +41,14 @@ dependencies:
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 3
+        hash: 11
         segments: 
         - 0
-        version: "0"
+        - 4
+        - 2
+        version: 0.4.2
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
@@ -56,74 +59,134 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 23
+        hash: 15
         segments: 
         - 1
         - 0
-        - 0
-        version: 1.0.0
+        version: "1.0"
   type: :runtime
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
-  name: hoe
+  name: dm-transactions
   prerelease: false
   requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
-        hash: 47
+        hash: 15
+        segments: 
+        - 1
+        - 0
+        version: "1.0"
+  type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: dm-sqlite-adapter
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 15
+        segments: 
+        - 1
+        - 0
+        version: "1.0"
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: dm-migrations
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 15
+        segments: 
+        - 1
+        - 0
+        version: "1.0"
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 23
         segments: 
         - 2
-        - 8
+        - 6
         - 0
-        version: 2.8.0
+        version: 2.6.0
   type: :development
-  version_requirements: *id004
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: ruby-ldap
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 45
+        segments: 
+        - 0
+        - 9
+        - 11
+        version: 0.9.11
+  type: :development
+  version_requirements: *id008
 description: ldap adapter for datamapper which uses either net-ldap or ruby-ldap
 email: 
 - m.kristian@web.de
+- ""
 executables: []
 
 extensions: []
 
 extra_rdoc_files: 
 - History.txt
-- Manifest.txt
-- README.txt
+- README.md
 - ldap-commands.txt
 files: 
-- .project
-- .yardoc
 - History.txt
 - MIT-LICENSE
-- Manifest.txt
-- README-example.markdown
-- README.txt
-- Rakefile
-- example/posix.rb
 - ldap-commands.txt
+- README.md
+- README-example.md
+- README-bundler.md
 - lib/adapters/ldap_adapter.rb
 - lib/adapters/noop_transaction.rb
+- lib/dm-ldap-adapter.rb
+- lib/ldap_resource.rb
 - lib/dummy_ldap_resource.rb
-- lib/ldap/array.rb
-- lib/ldap/conditions_2_filter.rb
+- lib/ldap/version.rb
+- lib/ldap/unboundid_ldap_facade.rb
+- lib/ldap/transactions.rb
+- lib/ldap/ruby_ldap_facade.rb
 - lib/ldap/digest.rb
 - lib/ldap/net_ldap_facade.rb
-- lib/ldap/ruby_ldap_facade.rb
-- lib/ldap/version.rb
-- lib/ldap_resource.rb
-- spec/assiociations_ldap_adapter_spec.rb
-- spec/authentication_ldap_adapter_spec.rb
-- spec/ldap_adapter_spec.rb
-- spec/multi_repository_spec.rb
+- lib/ldap/conditions_2_filter.rb
+- lib/ldap/array.rb
 - spec/multi_value_attributes_spec.rb
 - spec/sorting_spec.rb
-- spec/spec.opts
+- spec/multi_repository_spec.rb
+- spec/contact.rb
 - spec/spec_helper.rb
-- test.ldif
+- spec/ldap_adapter_spec.rb
+- spec/authentication_ldap_adapter_spec.rb
+- spec/assiociations_ldap_adapter_spec.rb
+- spec/ldap_array_spec.rb
+- example/posix.rb
 has_rdoc: true
-homepage: http://dm-ldap-adapter.rubyforge.org
+homepage: http://github.com/mkristian/dm-ldap-adapter
 licenses: []
 
 post_install_message: 
@@ -152,8 +215,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: "0"
 requirements: []
 
-rubyforge_project: dm-ldap-adapter
-rubygems_version: 1.3.7
+rubyforge_project: 
+rubygems_version: 1.5.3
 signing_key: 
 specification_version: 3
 summary: ""

data/.project

@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<projectDescription>
-	<name>dm-ldap-adapter</name>
-	<comment></comment>
-	<projects>
-	</projects>
-	<buildSpec>
-	</buildSpec>
-	<natures>
-	</natures>
-</projectDescription>

data/Manifest.txt

@@ -1,29 +0,0 @@
-.project
-.yardoc
-History.txt
-MIT-LICENSE
-Manifest.txt
-README-example.markdown
-README.txt
-Rakefile
-example/posix.rb
-ldap-commands.txt
-lib/adapters/ldap_adapter.rb
-lib/adapters/noop_transaction.rb
-lib/dummy_ldap_resource.rb
-lib/ldap/array.rb
-lib/ldap/conditions_2_filter.rb
-lib/ldap/digest.rb
-lib/ldap/net_ldap_facade.rb
-lib/ldap/ruby_ldap_facade.rb
-lib/ldap/version.rb
-lib/ldap_resource.rb
-spec/assiociations_ldap_adapter_spec.rb
-spec/authentication_ldap_adapter_spec.rb
-spec/ldap_adapter_spec.rb
-spec/multi_repository_spec.rb
-spec/multi_value_attributes_spec.rb
-spec/sorting_spec.rb
-spec/spec.opts
-spec/spec_helper.rb
-test.ldif

data/Rakefile

@@ -1,38 +0,0 @@
-# -*- ruby -*-
-
-require 'rubygems'
-require 'hoe'
-require './lib/ldap/version.rb'
-
-require 'spec'
-require 'spec/rake/spectask'
-require 'pathname'
-
-Hoe.spec('dm-ldap-adapter') do |p|
-  p.version = "0.4.2"
-  p.description = "ldap adapter for datamapper which uses either net-ldap or ruby-ldap"
-  p.developer('mkristian', 'm.kristian@web.de')
-  p.url = "http://dm-ldap-adapter.rubyforge.org"
-  p.extra_deps = [['ruby-net-ldap', '=0.0.4'],['slf4r', '>=0'], ['dm-core', '~>1.0.0']]
-  p.remote_rdoc_dir = '' # Release to root
-end
-
-desc 'Install the package as a gem.'
-task :install => [:clean, :package] do
-  gem = Dir['pkg/*.gem'].first
-  sh "gem install --local #{gem} --no-ri --no-rdoc"
-end
-
-desc 'Run specifications'
-Spec::Rake::SpecTask.new(:spec) do |t|
-  if File.exists?('spec/spec.opts')
-    t.spec_opts << '--options' << 'spec/spec.opts'
-  end
-  t.spec_files = Pathname.glob('./spec/**/*_spec.rb')
-end
-
-#require 'yard'
-
-#YARD::Rake::YardocTask.new
-
-# vim: syntax=Ruby

data/spec/spec.opts

@@ -1,2 +0,0 @@
---colour
---loadby random

data/test.ldif

@@ -1,46 +0,0 @@
-dn: ou=people,dc=example,dc=com
-objectClass: organizationalUnit
-ou: people
-
-dn: ou=groups,dc=example,dc=com
-objectClass: organizationalUnit
-ou: groups
-
-dn: uid=kristian,ou=people,dc=example,dc=com
-objectClass: inetOrgPerson
-objectClass: posixAccount
-uid: kristian
-sn: Meier
-givenName: Kristian
-cn: Kristian Meier
-uidNumber: 1000
-gidNumber: 10000
-userPassword: {SSHA}/o6oa2GOphls/lzOFCwVkw9ARWEEiw+x
-mail: m.kristian@web.de
-loginShell: /bin/false
-homeDirectory: 
-
-dn: cn=manager,ou=groups,dc=example,dc=com
-objectClass: posixGroup
-cn: manager
-gidNumber: 10000
-
-dn: cn=admin,ou=groups,dc=example,dc=com
-objectClass: posixGroup
-cn: admin
-gidNumber: 10001
-memberUid: kristian
-
-dn: uid=bill,ou=people,dc=example,dc=com
-objectClass: inetOrgPerson
-objectClass: posixAccount
-uid: bill
-sn: bill
-givenName: bill
-cn: bill
-uidNumber: 1001
-gidNumber: 10000
-userPassword: {SSHA}/o6oa2GOphls/lzOFCwVkw9ARWEEiw+x
-mail: bill@web.de
-loginShell: /bin/false
-homeDirectory: /root