dm-ldap-adapter 0.4.3-java

data/lib/adapters/noop_transaction.rb

@@ -0,0 +1,35 @@
+require "dm-core"
+
+module Ldap
+  class NoopTransaction
+    
+    def close ; end
+    def begin ; end
+    def prepare ; end
+    def commit ; end
+    def rollback ; end
+    def rollback_prepared ; end
+    
+  end
+end
+
+module DataMapper
+  module Adapters
+    class LdapAdapter
+      def transaction_primitive
+        ::Ldap::NoopTransaction.new
+      end
+      def push_transaction(transaction)
+        @transaction = transaction
+      end
+
+      def pop_transaction
+        @transaction
+      end
+      
+      def current_transaction
+        @transaction
+      end
+    end
+  end
+end

data/lib/dm-ldap-adapter.rb

@@ -0,0 +1 @@
+require 'adapter/ldap-adapter'

data/lib/dummy_ldap_resource.rb

@@ -0,0 +1,60 @@
+require 'slf4r/logger'
+require 'ldap/digest'
+
+# dummy implementation which turns the extra ldap configuration noops
+module DataMapper
+  module Resource
+
+    module ClassMethods
+
+      include ::Slf4r::Logger
+
+      def ldap_properties(resource = nil, &block)
+        if block
+          @ldap_properties = block
+        elsif resource.instance_of? Hash
+          @ldap_properties = resource
+          logger.debug { "ldap_properties=#{@ldap_properties.inspect}" }
+        elsif resource
+          logger.debug { "ldap_properties=#{@ldap_properties.call(resource).inspect}" }
+        else
+          logger.debug { "ldap_properties=#{@ldap_properties.inspect}" }
+        end
+      end
+
+      def treebase(resource = nil, &block)
+        if block
+          @treebase = block
+        elsif resource.instance_of? String
+          @treebase = resource
+          logger.debug { "treebase=#{@treebase.inspect}" }
+        elsif resource
+          logger.debug { "treebase=#{@treebase.call(resource).inspect}" }
+        else
+          logger.debug { "treebase=#{@treebase}" }
+        end
+      end
+
+      def dn_prefix(resource = nil, &block)
+        if block
+          @dn_prefix = block
+        elsif resource.instance_of? Hash
+          @dn_prefix = resource
+          logger.debug { "dn_prefix=#{@dn_prefix.inspect}" }
+        elsif resource
+          logger.debug { "dn_prefix=#{@dn_prefix.call(resource).inspect}" }
+        else
+          logger.debug { "dn_prefix=#{dn_prefix}" }
+        end
+      end
+
+      def multivalue_field(field = nil)
+        logger.debug { "multivalue_field = #{field}" } if field
+      end
+    end
+
+    def authenticate(password)
+      raise "NotImplemented"
+    end
+  end
+end

data/lib/ldap/array.rb

@@ -0,0 +1,122 @@
+require 'dm-core'
+module Ldap
+  class Array < ::Array
+
+    def initialize(resource, property,  *args)
+      setup(resource, property)
+      super(args)
+    end
+
+    def setup(resource, property)
+      @resource = resource
+      @property = property
+      self
+    end
+
+    alias :push! :push
+
+    def []=(k, v)
+      ar = [self].flatten
+      ar[k] = v
+      @resource.send("#{@property.name}=".to_sym, ar)
+      super
+    end
+
+    def <<(element)
+      push(element)
+    end
+
+    def push(element)
+      ar = [self].flatten
+      ar.push(element)
+      @resource.send("#{@property.name}=".to_sym, ar)
+      super
+    end
+
+   alias :delete! :delete
+
+    def delete(element)
+      ar = [self].flatten
+      ar.delete(element)
+      @resource.send(:"#{@property.name}=", ar)
+      super
+    end
+  end
+
+  class LdapArray < ::DataMapper::Property::Text 
+    
+    default Proc.new { |r,p| Ldap::Array.new(r,p) }
+
+    def custom?
+      true
+    end
+
+    def primitive?(value)
+      super || value.kind_of?(::Array)
+    end
+
+    def load(value)
+      result = case value
+               when ::String then value[1, value.size-2].split('","').to_a.freeze
+               when ::Array then value.freeze
+               else
+                 []
+               end
+    end
+
+    def dump(value)
+      result = case value
+               when LdapArray then '"' + value.join('","') + '"'
+               when ::Array then '"' + value.join('","') + '"'
+               when ::String then '"' + value.to_s + '"'
+               else
+                 nil
+               end
+    end
+
+    # keep the *args so it works for both DM-1.1.x and DM-1.0.x
+    def initialize(_model = nil, _name = nil, options = {}, *args)
+      super
+
+      add_writer(model,name) unless options[:writer] == :private || options[:accessor] == :private
+      add_reader(model,name) unless options[:reader] == :private || options[:accessor] == :private        
+    end
+
+    private
+
+    def add_reader(model, name)
+      #Creates instance method for reader
+      model.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{name}
+         attr_data = attribute_get(:#{name})
+
+         case attr_data
+         when Ldap::Array
+           attr_data.setup(self, properties[:#{name}])
+         else
+           new_ldap_array = Ldap::Array.new(self, properties[:#{name}])
+           new_ldap_array.replace(attr_data || [])
+         end
+        end
+      RUBY
+    end
+
+    def add_writer(model, name)
+      #Creates instance method for writer
+      model.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{name}=(input)
+          data = case input
+          when Ldap::Array
+            input.setup(self, properties[:#{name}])
+          else
+            new_ldap_array = Ldap::Array.new(self, properties[:#{name}])
+            new_ldap_array.replace(input || [])
+          end
+
+          attribute_set(:#{name}, data)
+        end
+      RUBY
+    end
+
+  end
+end

data/lib/ldap/conditions_2_filter.rb

@@ -0,0 +1,95 @@
+require 'net/ldap'
+
+module Ldap
+  class Conditions2Filter
+
+    @@logger = ::Slf4r::LoggerFacade.new(::Ldap::Conditions2Filter)
+
+    # @param Array of conditions for the search
+    # @return Array of Hashes with a name/values pair for each attribute
+    def self.convert(conditions)
+      @@logger.debug { "conditions #{conditions.inspect}" }
+      filters = []
+      conditions.each do |cond|
+        c = cond[2]
+        case cond[0]
+        when :or_operator
+          f = nil
+          cond[1].each do |cc|
+            ff = case cc[0]
+                 when :eql
+                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s )
+                 when :gte
+                   Net::LDAP::Filter.ge( cc[1].to_s, cc[2].to_s )
+                 when :lte
+                   Net::LDAP::Filter.le( cc[1].to_s, cc[2].to_s )
+                 when :like
+                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+                 else
+                   logger.error(cc[0].to_s + " needs coding")
+                 end
+            if f
+              f = f | ff
+            else
+              f = ff
+            end
+          end
+        when :eql
+          if c.nil?
+            f = ~ Net::LDAP::Filter.pres( cond[1].to_s )
+          elsif c.respond_to? :each
+            f = nil
+            c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+            #elsif c.class == Range
+            #  p c
+            #  f = Net::LDAP::Filter.ge( cond[1].to_s, c.begin.to_s ) & Net::LDAP::Filter.le( cond[1].to_s, c.end.to_s )
+          else
+            f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+          end
+        when :gte
+          f = Net::LDAP::Filter.ge( cond[1].to_s, c.to_s )
+        when :lte
+          f = Net::LDAP::Filter.le( cond[1].to_s, c.to_s )
+        when :not
+            if c.nil?
+              f = Net::LDAP::Filter.pres( cond[1].to_s )
+            elsif c.respond_to? :each
+              f = nil
+              c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+              f = ~ f
+            else
+              f = ~ Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+            end
+        when :like
+          f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+        else
+          logger.error(cond[0].to_s + " needs coding")
+        end
+        filters << f if f
+      end
+
+      filter = nil
+      filters.each do |f|
+        if filter.nil?
+          filter = f
+        else
+          filter = filter & f
+        end
+      end
+      @@logger.debug { "search filter: (#{filter.to_s})" }
+      filter
+    end
+  end
+end

data/lib/ldap/digest.rb

@@ -0,0 +1,30 @@
+begin
+  require 'sha1'
+rescue LoadError
+  # ruby1.9.x
+  require 'digest/sha1'
+  SHA1 = Digest::SHA1
+end
+
+require 'base64'
+module Ldap
+  class Digest
+    # method from openldap faq which produces the userPassword attribute
+    # for the ldap
+    # @param secret String the password
+    # @param salt String the salt for the password digester
+    # @return the encoded password/salt
+    def self.ssha(secret, salt)
+      (salt.empty? ? "{SHA}": "{SSHA}") +
+        Base64.encode64(::Digest::SHA1.digest(secret + salt) + salt).gsub(/\n/, '')
+    end
+
+    # method from openldap faq which produces the userPassword attribute
+    # for the ldap
+    # @param secret String the password
+    # @return the encoded password
+    def self.sha(secret)
+      ssha(secret, "")
+    end
+  end
+end

data/lib/ldap/net_ldap_facade.rb

@@ -0,0 +1,161 @@
+require 'net/ldap'
+require 'ldap/conditions_2_filter'
+
+module Ldap
+  class NetLdapFacade
+
+    # @param config Hash for the ldap connection
+    def self.open(config)
+      Net::LDAP.open( config ) do |ldap|
+        yield ldap
+      end
+    end
+
+    include ::Slf4r::Logger
+
+    # @param config Hash for the ldap connection
+    def initialize(config)
+      if config.is_a? Hash
+        @ldap = Net::LDAP.new( config )
+      else
+        @ldap = config
+      end
+    end
+
+    def retrieve_next_id(treebase, key_field)
+      base = "#{treebase},#{@ldap.base}"
+      id_sym = key_field.downcase.to_sym
+      max = 0
+      @ldap.search( :base => base,
+                    :attributes => [key_field],
+                    :return_result => false ) do |entry|
+        n = entry[id_sym].first.to_i
+        max = n if max < n
+      end
+      max + 1
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param key_field field which carries the integer unique id of the entity
+    # @param props Hash of the ldap attributes of the new ldap object
+    # @return nil in case of an error or the new id of the created object
+    def create_object(dn_prefix, treebase, key_field, props, silence = false)
+      base = "#{treebase},#{@ldap.base}"
+      if @ldap.add( :dn => dn(dn_prefix, treebase),
+                    :attributes => props) || @ldap.get_operation_result.code.to_s == "0"
+        props[key_field.to_sym]
+      else
+        unless silence
+          msg = ldap_error("create",
+                             dn(dn_prefix, treebase)) + "\n\t#{props.inspect}"
+          # TODO maybe raise always an error
+          if @ldap.get_operation_result.code.to_s == "68"
+            raise ::DataMapper::PersistenceError.new(msg)
+          else
+            logger.warn(msg)
+          end
+        end
+        nil
+      end
+    end
+
+    # @param treebase the treebase of the search
+    # @param key_fields Array of fields which carries the integer unique id(s) of the entity
+    # @param Array of conditions for the search
+    # @return Array of Hashes with a name/values pair for each attribute
+    def read_objects(treebase, key_fields, conditions, field_names, order_field = nil)
+      result = []
+      filter = Conditions2Filter.convert(conditions)
+      @ldap.search( :base => "#{treebase},#{@ldap.base}",
+                    :attributes => field_names,
+                    :filter => filter ) do |res|
+        mapp = to_map(field_names, res)
+
+        #puts map[key_field.to_sym]
+        # TODO maybe make filter which removes this unless
+        # TODO move this into the ldap_Adapter to make it more general, so that
+        # all field with Integer gets converted, etc
+        result << mapp if key_fields.detect do |key_field|
+          mapp.keys.detect {|k| k.to_s.downcase == key_field.downcase }
+        end
+      end
+      result
+    end
+
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param actions the add/replace/delete actions on the attributes
+    # @return nil in case of an error or true
+    def update_object(dn_prefix, treebase, actions)
+      if @ldap.modify( :dn => dn(dn_prefix, treebase),
+                       :operations => actions ) || @ldap.get_operation_result.code.to_s == "0"
+        true
+      else
+        logger.warn(ldap_error("update",
+                               dn(dn_prefix, treebase) + "\n\t#{actions.inspect}"))
+        nil
+      end
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return nil in case of an error or true
+    def delete_object(dn_prefix, treebase)
+      if @ldap.delete( :dn => dn(dn_prefix, treebase) )
+        true
+      else
+        logger.warn(ldap_error("delete",
+                               dn(dn_prefix, treebase)))
+
+        nil
+      end
+    end
+
+
+    # @param dn String for identifying the ldap object
+    # @param password String to be used for authenticate to the dn
+    def authenticate(dn, password)
+      Net::LDAP.new( { :host => @ldap.host,
+                       :port => @ldap.port,
+                       :auth => {
+                         :method => :simple,
+                         :username => dn,
+                         :password => password
+                       },
+                       :base => @ldap.base
+                     } ).bind
+    end
+
+    # helper to concat the dn from the various parts
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return the complete dn String
+    def dn(dn_prefix, treebase)
+      "#{dn_prefix},#{treebase},#{@ldap.base}"
+    end
+
+    private
+
+    # helper to extract the Hash from the ldap search result
+    # @param Entry from the ldap_search
+    # @return Hash with name/value pairs of the entry
+    def to_map(field_names, entry)
+      fields = {:dn => :dn}
+      field_names.each { |f| fields[f.downcase.to_sym] = f.to_sym }
+      def entry.map
+        @myhash
+      end
+      result = {}
+      entry.map.each do |k,v|
+        result[fields[k]] = v
+      end
+      result
+    end
+    
+    def ldap_error(method, dn)
+      "#{method} error: (#{@ldap.get_operation_result.code}) #{@ldap.get_operation_result.message}\n\tDN: #{dn}"
+    end
+  end
+end