dm-ldap-adapter 0.3.1 → 0.3.2

data/History.txt

@@ -1,3 +1,19 @@
+version 0.3.2
+=============
+
+* lazy property are not loaded from ldap anymore
+
+* new facade which uses ruby-ldap, since it has better support for ldap protocol and is about 30% faster with search queries
+
+version 0.3.1
+=============
+
+* fixed LdapArray bug in collections
+
+* default of LdapArray is now a new object for each resource instance
+
+* allow Serial to be used in dn_prefix
+
 version 0.3.0
 =============
 

data/Manifest.txt

@@ -1,6 +1,7 @@
 History.txt
 MIT-LICENSE
 Manifest.txt
+Manifest.txt-
 README-example.markdown
 README.txt
 Rakefile
@@ -13,9 +14,12 @@ lib/adapters/simple_adapter.rb
 lib/dummy_ldap_resource.rb
 lib/ldap/array.rb
 lib/ldap/digest.rb
-lib/ldap/ldap_facade.rb
+lib/ldap/net_ldap_facade.rb
+lib/ldap/ruby_ldap_facade.rb
 lib/ldap/version.rb
 lib/ldap_resource.rb
+net-ldap.txt
+ruby-ldap.txt
 spec/assiociations_ldap_adapter_spec.rb
 spec/authentication_ldap_adapter_spec.rb
 spec/ldap_adapter_spec.rb

data/Manifest.txt-

@@ -0,0 +1,27 @@
+History.txt
+MIT-LICENSE
+Manifest.txt
+README-example.markdown
+README.txt
+Rakefile
+example/identity_map.rb
+example/posix.rb
+ldap-commands.txt
+lib/adapters/ldap_adapter.rb
+lib/adapters/memory_adapter.rb
+lib/adapters/simple_adapter.rb
+lib/dummy_ldap_resource.rb
+lib/ldap/array.rb
+lib/ldap/digest.rb
+lib/ldap/ldap_facade.rb
+lib/ldap/version.rb
+lib/ldap_resource.rb
+spec/assiociations_ldap_adapter_spec.rb
+spec/authentication_ldap_adapter_spec.rb
+spec/ldap_adapter_spec.rb
+spec/multi_repository_spec.rb
+spec/multi_value_attributes_spec.rb
+spec/spec.opts
+spec/spec_helper.rb
+test.db
+test.ldif

data/README.txt

@@ -88,7 +88,17 @@ and
 
 gives the same result when *all* names are `NULL` !!!
 
-OR conditions can be done with :conditions option but only of the form "<property_name> <comparator> <value> [or <property_name> <comparator> <value>]*" where the comparator is one of "=", "like"
+=== OR conditions
+
+or-conditions can be done with :conditions option but only of the form "<property_name> <comparator> <value> [or <property_name> <comparator> <value>]*" where the comparator is one of "=", "like". it can be also combined with extra ANDs like this example
+
+    Contact.all(:name.like => "A%", :conditions => ["phone like '+49%' or mobile like '+49%'"])
+
+=== using the ruby-ldap gem
+
+just require the right facade before require the adapter:
+
+    require 'ldap/ruby_ldap_facade'
 
 === multiple repositories
 

data/example/posix.rb

@@ -19,6 +19,10 @@ dummy = true  #uncomment this to use dummy, i.e. a database instead of ldap
 dummy = false # uncomment this to use ldap
 unless dummy
   require 'ldap_resource'
+
+  # comment this out if you want to use "net/ldap"
+  require 'ldap/ruby_ldap_facade'
+
   require 'adapters/ldap_adapter'
 
   DataMapper.setup(:default, {

data/lib/adapters/ldap_adapter.rb

@@ -1,6 +1,6 @@
 require 'adapters/simple_adapter'
 # load the ldap facade only if NOT loaded before
-require 'ldap/ldap_facade' unless Object.const_defined?('Ldap') and Ldap.const_defined?('LdapFacade')
+require 'ldap/net_ldap_facade' unless Object.const_defined?('Ldap') and Ldap.const_defined?('LdapFacade')
 
 module Ldap
 
@@ -131,10 +131,15 @@ module DataMapper
                                    key_properties(resource).field)
         resource_dup.send("#{key_properties(resource).name}=".to_sym, id)
         props[key_properties(resource).field.to_sym] = "#{id}"
-        key_value = ldap.create_object(resource.model.dn_prefix(resource_dup),
-                                       resource.model.treebase, 
-                                       key_properties(resource).field, 
-                                       props, resource.model.multivalue_field)
+        key_value = begin
+                      ldap.create_object(resource.model.dn_prefix(resource_dup),
+                                         resource.model.treebase,
+                                         key_properties(resource).field,
+                                         props, resource.model.multivalue_field)
+                    rescue => e
+                      raise e unless resource.model.multivalue_field
+                      # TODO something with creating these multivalue objects
+                    end
         logger.debug { "resource #{resource.inspect} key value: #{key_value.inspect}" + ", multivalue_field: " + resource.model.multivalue_field.to_s }
         if key_value and !key.nil?
           key.set!(resource, key_value.to_i) 
@@ -225,9 +230,11 @@ module DataMapper
       #   the found resource or nil
       # @see SimpleAdapter#read_resource
       def read_resource(query)  
+        field_names = query.fields.collect {|f| f.field }
         result = ldap.read_objects(query.model.treebase, 
                                    query.model.key.collect { |k| k.field}, 
-                                   to_ldap_conditions(query))
+                                   to_ldap_conditions(query),
+                                   field_names)
         if query.model.multivalue_field
           resource = result.detect do |item|
             # run over all values of the multivalue field
@@ -265,14 +272,16 @@ module DataMapper
       #   the array of found resources
       # @see SimpleAdapter#read_resources
       def read_resources(query)     
+        field_names = query.fields.collect {|f| f.field }
         result = ldap.read_objects(query.model.treebase, 
                                    query.model.key.collect { |k| k.field }, 
-                                   to_ldap_conditions(query))
+                                   to_ldap_conditions(query),
+                                   field_names)
         if query.model.multivalue_field
           props_result = []
           result.each do |props|
             # run over all values of the multivalue field
-            props[query.model.multivalue_field].each do |value|
+            (props[query.model.multivalue_field] || []).each do |value|
               values =  query.fields.collect do |f|
                 if query.model.multivalue_field == f.field.to_sym 
                   value

data/lib/ldap/{ldap_facade.rb → net_ldap_facade.rb}

@@ -63,7 +63,7 @@ module Ldap
     # @param key_fields Array of fields which carries the integer unique id(s) of the entity
     # @param Array of conditions for the search
     # @return Array of Hashes with a name/values pair for each attribute
-    def read_objects(treebase, key_fields, conditions)
+    def read_objects(treebase, key_fields, conditions, field_names)
       filters = []
       conditions.each do |cond|
         c = cond[2]
@@ -146,6 +146,7 @@ module Ldap
       logger.debug { "search filter: (#{filter.to_s})" }
       result = []
       @ldap.search( :base => "#{treebase},#{@ldap.base}",
+                    :attributes => field_names,
                     :filter => filter ) do |res|
         map = to_map(res) 
         #puts map[key_field.to_sym]

data/lib/ldap/ruby_ldap_facade.rb

@@ -0,0 +1,274 @@
+require 'ldap'
+require 'net/ldap'
+require 'slf4r'
+
+module Ldap
+  class Connection < LDAP::Conn
+
+    attr_reader :base, :host, :port
+
+    def initialize(config)
+      super(config[:host], config[:port])
+      @base = config[:base]
+      @port = config[:port]
+      @host = config[:host]
+      set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    end
+    
+  end
+
+  class LdapFacade
+    
+    # @param config Hash for the ldap connection
+    def self.open(config)
+      ldap2 = Connection.new(config)
+      ldap2.bind(config[:auth][:username], config[:auth][:password]) do |ldap|
+        yield ldap
+      end
+    end
+    
+    include ::Slf4r::Logger
+
+    # @param config Hash for the ldap connection
+    def initialize(config)
+      if config.is_a? Hash
+        @ldap2 = Connection.new(config)
+        @ldap2.bind(config[:auth][:username], config[:auth][:password])
+      else
+        @ldap2 = config
+      end
+    end
+
+    def retrieve_next_id(treebase, key_field)
+      max = 0
+      @ldap2.search("#{treebase},#{@ldap2.base}", 
+                    LDAP::LDAP_SCOPE_SUBTREE, 
+                    "(objectclass=*)", 
+                     [key_field]) do |entry|
+        n = (entry.vals(key_field) || [0]).first.to_i
+        max = n if max < n
+      end
+      max + 1
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param key_field field which carries the integer unique id of the entity
+    # @param props Hash of the ldap attributes of the new ldap object
+    # @return nil in case of an error or the new id of the created object
+    def create_object(dn_prefix, treebase, key_field, props, silence = false)
+      base = "#{treebase},#{@ldap2.base}"
+      mods = props.collect do |k,v|
+        LDAP.mod(LDAP::LDAP_MOD_ADD, k.to_s, v.is_a?(Array) ? v : [v.to_s] )
+      end
+      if @ldap2.add( dn(dn_prefix, treebase), mods)
+#                    :attributes => props) and @ldap.get_operation_result.code.to_s == "0"
+        props[key_field.downcase.to_sym]
+      else
+        unless silence
+          msg = ldap_error("create", 
+                             dn(dn_prefix, treebase)) + "\n\t#{props.inspect}"
+          # TODO maybe raise always an error
+          if @ldap2.get_operation_result.code.to_s == "68"
+            raise ::DataMapper::PersistenceError.new(msg)
+          else
+            logger.warn(msg)
+          end
+        end
+        nil
+      end
+    end
+
+    # @param treebase the treebase of the search
+    # @param key_fields Array of fields which carries the integer unique id(s) of the entity
+    # @param Array of conditions for the search
+    # @return Array of Hashes with a name/values pair for each attribute
+    def read_objects(treebase, key_fields, conditions, field_names)
+      filters = []
+      conditions.each do |cond|
+        c = cond[2]
+        case cond[0]
+        when :or_operator
+          f = nil
+          cond[1].each do |cc|
+            ff = case cc[0]
+                 when :eql
+                   Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s )
+                 when :gte
+                   f = Net::LDAP::Filter.ge( cc[1].to_s, cc[2].to_s )
+                 when :lte
+                   f = Net::LDAP::Filter.le( cc[1].to_s, cc[2].to_s )
+                 when :like
+                   f = Net::LDAP::Filter.eq( cc[1].to_s, cc[2].to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+                 else
+                   logger.error(cc[0].to_s + " needs coding")
+                 end
+            if f
+              f = f | ff
+            else
+              f = ff
+            end
+          end
+        when :eql
+          if c.nil?
+            f = ~ Net::LDAP::Filter.pres( cond[1].to_s )
+          elsif c.class == Array
+            f = nil
+            c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+            #elsif c.class == Range
+            #  p c
+            #  f = Net::LDAP::Filter.ge( cond[1].to_s, c.begin.to_s ) & Net::LDAP::Filter.le( cond[1].to_s, c.end.to_s )
+          else
+            f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+          end
+        when :gte
+          f = Net::LDAP::Filter.ge( cond[1].to_s, c.to_s )
+        when :lte
+          f = Net::LDAP::Filter.le( cond[1].to_s, c.to_s )
+        when :not
+            if c.nil?
+              f = Net::LDAP::Filter.pres( cond[1].to_s )
+            elsif c.class == Array
+              f = nil
+              c.each do |cc|
+              if f
+                f = f | Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              else
+                f = Net::LDAP::Filter.eq( cond[1].to_s, cc.to_s )
+              end
+            end
+              f = ~ f
+            else
+              f = ~ Net::LDAP::Filter.eq( cond[1].to_s, c.to_s )
+            end
+        when :like
+          f = Net::LDAP::Filter.eq( cond[1].to_s, c.to_s.gsub(/%/, "*").gsub(/_/, "*").gsub(/\*\*/, "*") )
+        else
+          logger.error(cond[0].to_s + " needs coding")
+        end
+        filters << f if f
+      end
+      
+      filter = nil
+      filters.each do |f|
+        if filter.nil?
+          filter = f
+        else
+          filter = filter & f
+        end
+      end
+      logger.debug { "search filter: (#{filter.to_s})" }
+      result = []
+      begin
+      @ldap2.search("#{treebase},#{@ldap2.base}", 
+                    LDAP::LDAP_SCOPE_SUBTREE, 
+                    filter.to_s == "" ? "(objectclass=*)" : filter.to_s.gsub(/\(\(/, "(").gsub(/\)\)/, ")"), 
+                    field_names) do |res|
+
+        map = to_map(res) 
+        #puts map[key_field.to_sym]
+        # TODO maybe make filter which removes this unless
+        # TODO move this into the ldap_Adapter to make it more general, so that
+        # all field with Integer gets converted, etc
+        result << map if key_fields.select do |key_field|
+          if map.member? key_field.to_sym
+            # convert field to integer
+            map[key_field.to_sym] = [map[key_field.to_sym].collect { |k| k.to_i != 0 ? k.to_s : k }].flatten
+            true
+          end
+        end.size > 0 # i.e. there was at least one key_field in the map
+        end
+      rescue RuntimeError => e
+        raise e unless e.message == "no result returned by search"
+      end
+      result
+    end
+
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @param actions the add/replace/delete actions on the attributes
+    # @return nil in case of an error or true
+    def update_object(dn_prefix, treebase, actions)
+      mods = actions.collect do |act|
+        mod_op = case act[0]
+              when :add
+                LDAP::LDAP_MOD_ADD
+              when :replace
+                LDAP::LDAP_MOD_REPLACE
+              when :delete
+                LDAP::LDAP_MOD_DELETE
+              end
+        LDAP.mod(mod_op, act[1].to_s, act[2] == [] ? [] : [act[2].to_s])
+      end
+      if @ldap2.modify( dn(dn_prefix, treebase), 
+                       mods )
+        true
+      else
+        logger.warn(ldap_error("update", 
+                               dn(dn_prefix, treebase) + "\n\t#{actions.inspect}"))
+        nil
+      end
+    end
+
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return nil in case of an error or true
+    def delete_object(dn_prefix, treebase)
+      if @ldap2.delete( dn(dn_prefix, treebase) )
+        true
+      else
+        logger.warn(ldap_error("delete", 
+                               dn(dn_prefix, treebase)))
+        
+        nil
+      end
+    end
+
+    
+    # @param dn String for identifying the ldap object
+    # @param password String to be used for authenticate to the dn
+    def authenticate(dn, password)
+      Net::LDAP.new( { :host => @ldap2.host, 
+                       :port => @ldap2.port, 
+                       :auth => { 
+                         :method => :simple, 
+                         :username => dn, 
+                         :password => password 
+                       }, 
+                       :base => @ldap2.base
+                     } ).bind
+    end
+
+    # helper to concat the dn from the various parts
+    # @param dn_prefix String the prefix of the dn
+    # @param treebase the treebase of the dn or any search
+    # @return the complete dn String
+    def dn(dn_prefix, treebase)
+      "#{dn_prefix},#{treebase},#{@ldap2.base}"
+    end
+
+    private
+    
+    # helper to extract the Hash from the ldap search result
+    # @param Entry from the ldap_search
+    # @return Hash with name/value pairs of the entry
+    def to_map(entry)
+      map = {}
+      LDAP::entry2hash(entry).each do |k,v|
+        map[k.downcase.to_sym] = v
+      end
+      map
+    end
+    
+    def ldap_error(method, dn)
+      "#{method} error: (#{@ldap2.get_operation_result.code}) #{@ldap2.get_operation_result.message}\n\tDN: #{dn}"
+    end
+  end
+end

data/lib/ldap/version.rb

@@ -1,3 +1,3 @@
 module Ldap
-  VERSION = '0.3.1'
+  VERSION = '0.3.2'
 end

data/net-ldap.txt

@@ -0,0 +1,11 @@
+6.225829
+6.410389
+6.462378
+6.227339
+6.324937
+6.55648
+6.331228
+6.729877
+6.416464
+6.99718
+0

data/ruby-ldap.txt

@@ -0,0 +1,11 @@
+4.534209
+4.659179
+4.688091
+4.721425
+4.495823
+4.260121
+4.656991
+4.024788
+4.444355
+4.283845
+0

data/spec/multi_value_attributes_spec.rb

@@ -6,7 +6,7 @@ class Contact
 
   property :id,        Serial, :field => "uidnumber"
   property :login,     String, :field => "uid", :unique_index => true
-  property :hashed_password,  String, :field => "userpassword", :access => :private
+  property :hashed_password,  String, :field => "userpassword", :access => :private, :lazy => true
   property :name,      String, :field => "cn"
   property :mail,      LdapArray
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: dm-ldap-adapter
 version: !ruby/object:Gem::Version 
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors: 
 - mkristian
@@ -64,10 +64,13 @@ extra_rdoc_files:
 - Manifest.txt
 - README.txt
 - ldap-commands.txt
+- net-ldap.txt
+- ruby-ldap.txt
 files: 
 - History.txt
 - MIT-LICENSE
 - Manifest.txt
+- Manifest.txt-
 - README-example.markdown
 - README.txt
 - Rakefile
@@ -80,9 +83,12 @@ files:
 - lib/dummy_ldap_resource.rb
 - lib/ldap/array.rb
 - lib/ldap/digest.rb
-- lib/ldap/ldap_facade.rb
+- lib/ldap/net_ldap_facade.rb
+- lib/ldap/ruby_ldap_facade.rb
 - lib/ldap/version.rb
 - lib/ldap_resource.rb
+- net-ldap.txt
+- ruby-ldap.txt
 - spec/assiociations_ldap_adapter_spec.rb
 - spec/authentication_ldap_adapter_spec.rb
 - spec/ldap_adapter_spec.rb