dm-ldap-adapter 0.3.5 → 0.4.0.alpha2
Sign up to get free protection for your applications and to get access to all the features.
- data/.project +11 -0
- data/.yardoc +0 -0
- data/Manifest.txt +5 -2
- data/README-example.markdown +0 -1
- data/README.txt +15 -15
- data/Rakefile +4 -3
- data/env.sh +2 -0
- data/example/identity_map.rb +10 -10
- data/example/posix.rb +9 -9
- data/ldap-commands.txt +3 -0
- data/lib/adapters/ldap_adapter.rb +155 -118
- data/lib/adapters/noop_transaction.rb +16 -0
- data/lib/dummy_ldap_resource.rb +6 -6
- data/lib/ldap/array.rb +96 -12
- data/lib/ldap/conditions_2_filter.rb +95 -0
- data/lib/ldap/digest.rb +3 -3
- data/lib/ldap/net_ldap_facade.rb +28 -110
- data/lib/ldap/ruby_ldap_facade.rb +31 -116
- data/lib/ldap/version.rb +1 -1
- data/lib/ldap_resource.rb +113 -26
- data/spec/assiociations_ldap_adapter_spec.rb +129 -130
- data/spec/authentication_ldap_adapter_spec.rb +1 -6
- data/spec/ldap_adapter_spec.rb +164 -177
- data/spec/multi_repository_spec.rb +41 -5
- data/spec/multi_value_attributes_spec.rb +64 -31
- data/spec/sorting_spec.rb +16 -15
- data/spec/spec_helper.rb +34 -20
- metadata +67 -27
- data/lib/adapters/memory_adapter.rb +0 -79
- data/lib/adapters/simple_adapter.rb +0 -198
data/.project
ADDED
data/.yardoc
ADDED
Binary file
|
data/Manifest.txt
CHANGED
@@ -1,17 +1,20 @@
|
|
1
|
+
.project
|
2
|
+
.yardoc
|
1
3
|
History.txt
|
2
4
|
MIT-LICENSE
|
3
5
|
Manifest.txt
|
4
6
|
README-example.markdown
|
5
7
|
README.txt
|
6
8
|
Rakefile
|
9
|
+
env.sh
|
7
10
|
example/identity_map.rb
|
8
11
|
example/posix.rb
|
9
12
|
ldap-commands.txt
|
10
13
|
lib/adapters/ldap_adapter.rb
|
11
|
-
lib/adapters/
|
12
|
-
lib/adapters/simple_adapter.rb
|
14
|
+
lib/adapters/noop_transaction.rb
|
13
15
|
lib/dummy_ldap_resource.rb
|
14
16
|
lib/ldap/array.rb
|
17
|
+
lib/ldap/conditions_2_filter.rb
|
15
18
|
lib/ldap/digest.rb
|
16
19
|
lib/ldap/net_ldap_facade.rb
|
17
20
|
lib/ldap/ruby_ldap_facade.rb
|
data/README-example.markdown
CHANGED
data/README.txt
CHANGED
@@ -4,7 +4,7 @@
|
|
4
4
|
|
5
5
|
*Git*: [http://github.com/mkristian/dm-ldap-adapter]
|
6
6
|
|
7
|
-
*Author*: Kristian Meier
|
7
|
+
*Author*: Kristian Meier
|
8
8
|
|
9
9
|
*Copyright*: 2008-2009
|
10
10
|
|
@@ -21,14 +21,14 @@ the ldap library which does the actual ldap protocol stuff is [http://rubyforge.
|
|
21
21
|
DataMapper.setup(:ldap, {
|
22
22
|
:adapter => 'ldap',
|
23
23
|
:facade => :ruby_ldap,
|
24
|
-
|
24
|
+
.... })
|
25
25
|
|
26
26
|
or
|
27
27
|
|
28
28
|
DataMapper.setup(:ldap, {
|
29
29
|
:adapter => 'ldap',
|
30
30
|
:facade => :net_ldap,
|
31
|
-
|
31
|
+
.... })
|
32
32
|
|
33
33
|
=== setup DataMapper
|
34
34
|
|
@@ -40,7 +40,7 @@ or
|
|
40
40
|
:facade => :ruby_ldap,
|
41
41
|
:bind_name => "cn=admin,dc=example,dc=com",
|
42
42
|
:password => "behappy"
|
43
|
-
|
43
|
+
})
|
44
44
|
|
45
45
|
=== examples
|
46
46
|
|
@@ -92,8 +92,8 @@ this uses the underlying bind of a ldap connection. so on any model where you ha
|
|
92
92
|
|
93
93
|
=== queries
|
94
94
|
|
95
|
-
conditions in ldap depend on the attributes definition in the ldap schema. here is the list of what is working with that ldap adapter side and the usual AND between the conditions:
|
96
|
-
|
95
|
+
conditions in ldap depend on the attributes definition in the ldap schema. here is the list of what is working with that ldap adapter side and the usual AND between the conditions:
|
96
|
+
|
97
97
|
* :eql
|
98
98
|
* :not
|
99
99
|
* :like
|
@@ -123,14 +123,14 @@ or-conditions can be done with :conditions option but only of the form "<propert
|
|
123
123
|
most probably you have to work with ldap as one repository and a database as a second repository. for me it worked best to define the `default_repository` for each model in the model itself:
|
124
124
|
|
125
125
|
class User
|
126
|
-
. . .
|
126
|
+
. . .
|
127
127
|
def self.default_repository_name
|
128
128
|
:ldap
|
129
129
|
end
|
130
130
|
end
|
131
131
|
|
132
132
|
class Config
|
133
|
-
. . .
|
133
|
+
. . .
|
134
134
|
def self.default_repository_name
|
135
135
|
:db
|
136
136
|
end
|
@@ -139,13 +139,13 @@ most probably you have to work with ldap as one repository and a database as a s
|
|
139
139
|
if you want to benefit from the advantages of the identidy maps you need to wrap your actions for *merb* see http://www.datamapper.org/doku.php?id=docs:identity_map or for *rails* put an `around_filter` inside application.rb
|
140
140
|
|
141
141
|
around_filter :repositories
|
142
|
-
|
142
|
+
|
143
143
|
def repositories
|
144
144
|
DataMapper.repository(:ldap) do
|
145
145
|
DataMapper.repository(:db) do
|
146
146
|
yield
|
147
|
-
end
|
148
|
-
end
|
147
|
+
end
|
148
|
+
end
|
149
149
|
end
|
150
150
|
|
151
151
|
and to let the ldap resources use the ldap respository it is best to bind it to that repository like this
|
@@ -156,7 +156,7 @@ and to let the ldap resources use the ldap respository it is best to bind it to
|
|
156
156
|
:ldap
|
157
157
|
end
|
158
158
|
end
|
159
|
-
|
159
|
+
|
160
160
|
=== transactions
|
161
161
|
|
162
162
|
the adapter offers a noop transaction, i.e. you can wrap everything into a transaction but the ldap part has no functionality.
|
@@ -168,7 +168,7 @@ the adapter offers a noop transaction, i.e. you can wrap everything into a trans
|
|
168
168
|
staying with posix example there the groups has a memberuid attribute BUT unlike with relational databases it can have multiple values. to achieve a relationship with these values the underlying adapter needs to know that this specific attribute needs to be handled differently. for this `multivalue_field` comes into play. the ldap adapter clones the model and places the each memberuid in its own clone.
|
169
169
|
|
170
170
|
class GroupUser
|
171
|
-
include DataMapper::Resource
|
171
|
+
include DataMapper::Resource
|
172
172
|
property :memberuid, String, :key => true
|
173
173
|
property :gidnumber, Integer, :key => true
|
174
174
|
dn_prefix { |group_user| "cn=#{group_user.group.name}" }
|
@@ -176,9 +176,9 @@ staying with posix example there the groups has a memberuid attribute BUT unlike
|
|
176
176
|
ldap_properties do |group_user|
|
177
177
|
{:cn=>"#{group_user.group.name}", :objectclass => "posixGroup"}
|
178
178
|
end
|
179
|
-
|
179
|
+
|
180
180
|
multivalue_field :memberuid
|
181
|
-
|
181
|
+
|
182
182
|
end
|
183
183
|
|
184
184
|
=== ldap attributes with many values
|
data/Rakefile
CHANGED
@@ -9,10 +9,11 @@ require 'spec/rake/spectask'
|
|
9
9
|
require 'pathname'
|
10
10
|
|
11
11
|
Hoe.spec('dm-ldap-adapter') do |p|
|
12
|
+
p.version = "0.4.0.alpha2"
|
12
13
|
p.description = "ldap adapter for datamapper which uses either net-ldap or ruby-ldap"
|
13
14
|
p.developer('mkristian', 'm.kristian@web.de')
|
14
15
|
p.url = "http://dm-ldap-adapter.rubyforge.org"
|
15
|
-
p.extra_deps = [['ruby-net-ldap', '=0.0.4'],['slf4r', '>=0'], ['dm-core', '
|
16
|
+
p.extra_deps = [['ruby-net-ldap', '=0.0.4'],['slf4r', '>=0'], ['dm-core', '~>1.0.0']]
|
16
17
|
p.remote_rdoc_dir = '' # Release to root
|
17
18
|
end
|
18
19
|
|
@@ -30,8 +31,8 @@ Spec::Rake::SpecTask.new(:spec) do |t|
|
|
30
31
|
t.spec_files = Pathname.glob('./spec/**/*_spec.rb')
|
31
32
|
end
|
32
33
|
|
33
|
-
require 'yard'
|
34
|
+
#require 'yard'
|
34
35
|
|
35
|
-
YARD::Rake::YardocTask.new
|
36
|
+
#YARD::Rake::YardocTask.new
|
36
37
|
|
37
38
|
# vim: syntax=Ruby
|
data/env.sh
ADDED
data/example/identity_map.rb
CHANGED
@@ -3,11 +3,11 @@ require 'example/posix.rb'
|
|
3
3
|
USER_REPO = :default
|
4
4
|
|
5
5
|
class User
|
6
|
-
|
6
|
+
|
7
7
|
def self.ddefault_repository_name
|
8
8
|
USER_REPO
|
9
9
|
end
|
10
|
-
|
10
|
+
|
11
11
|
def self.repository_name
|
12
12
|
USER_REPO
|
13
13
|
end
|
@@ -19,11 +19,11 @@ class User
|
|
19
19
|
end
|
20
20
|
|
21
21
|
class GroupUser
|
22
|
-
|
22
|
+
|
23
23
|
def self.ddefault_repository_name
|
24
24
|
USER_REPO
|
25
25
|
end
|
26
|
-
|
26
|
+
|
27
27
|
def self.repository_name
|
28
28
|
USER_REPO
|
29
29
|
end
|
@@ -31,11 +31,11 @@ class GroupUser
|
|
31
31
|
end
|
32
32
|
|
33
33
|
class Group
|
34
|
-
|
34
|
+
|
35
35
|
def self.ddefault_repository_name
|
36
36
|
USER_REPO
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
def self.repository_name
|
40
40
|
USER_REPO
|
41
41
|
end
|
@@ -60,13 +60,13 @@ DataMapper.repository(USER_REPO) do |repository|
|
|
60
60
|
root.groups << admin
|
61
61
|
|
62
62
|
p DataMapper.repository(USER_REPO).identity_map(User)
|
63
|
-
|
63
|
+
|
64
64
|
p DataMapper.repository(USER_REPO).identity_map(Group)
|
65
|
-
|
65
|
+
|
66
66
|
p root.authenticate('none')
|
67
|
-
|
67
|
+
|
68
68
|
p root.groups
|
69
|
-
|
69
|
+
|
70
70
|
(1..10).each {Item.create}
|
71
71
|
|
72
72
|
p DataMapper.repository(DATA_REPO).identity_map(Item)
|
data/example/posix.rb
CHANGED
@@ -31,7 +31,7 @@ unless dummy
|
|
31
31
|
:port => '389',
|
32
32
|
:base => ENV['LDAP_BASE'] || "dc=example,dc=com",
|
33
33
|
:bind_name => "cn=admin," + (ENV['LDAP_BASE'] || "dc=example,dc=com"),
|
34
|
-
:password => ENV['LDAP_PWD'] || "behappy"
|
34
|
+
:password => ENV['LDAP_PWD'] || "behappy"
|
35
35
|
})
|
36
36
|
else
|
37
37
|
require 'dummy_ldap_resource'
|
@@ -101,11 +101,11 @@ class Group
|
|
101
101
|
include Slf4r::Logger
|
102
102
|
property :id, Serial, :field => "gidnumber"
|
103
103
|
property :name, String, :field => "cn"
|
104
|
-
|
104
|
+
|
105
105
|
dn_prefix { |group| "cn=#{group.name}" }
|
106
|
-
|
106
|
+
|
107
107
|
treebase "ou=groups"
|
108
|
-
|
108
|
+
|
109
109
|
ldap_properties {{ :objectclass => "posixGroup"}}
|
110
110
|
|
111
111
|
def users
|
@@ -131,17 +131,17 @@ class Group
|
|
131
131
|
users
|
132
132
|
end
|
133
133
|
end
|
134
|
-
|
134
|
+
|
135
135
|
class GroupUser
|
136
136
|
include DataMapper::Resource
|
137
137
|
include Slf4r::Logger
|
138
|
-
|
138
|
+
|
139
139
|
dn_prefix { |group_user| "cn=#{group_user.group.name}" }
|
140
|
-
|
140
|
+
|
141
141
|
treebase "ou=groups"
|
142
|
-
|
142
|
+
|
143
143
|
multivalue_field :memberuid
|
144
|
-
|
144
|
+
|
145
145
|
ldap_properties do |group_user|
|
146
146
|
{:cn=>"#{group_user.group.name}", :objectclass => "posixGroup"}
|
147
147
|
end
|
data/ldap-commands.txt
CHANGED
@@ -12,3 +12,6 @@ ldapsearch -x -w behappy -c -D "cn=admin,dc=example,dc=com" -b 'ou=groups,dc=exa
|
|
12
12
|
|
13
13
|
# printout delete commands for all people
|
14
14
|
ldapsearch -x -w behappy -c -D "cn=admin,dc=example,dc=com" -b 'ou=people,dc=example,dc=com' "uid=*" | grep ^uid: | sed -e "s/^.....//" -e 's/$/,ou=people,dc=example,dc=com"/' -e 's/^/-x -w behappy -c -D "cn=admin,dc=example,dc=com" "uid=/' | xargs -L 1 echo ldapdelete
|
15
|
+
|
16
|
+
# all groups
|
17
|
+
ldapsearch -x -w behappy -c -D "cn=admin,dc=example,dc=com" -b 'ou=groups,dc=example,dc=com' "cn=*" | grep ^cn: | sed -e "s/^....//" -e 's/$/,ou=groups,dc=example,dc=com"/' -e 's/^/-x -w behappy -c -D "cn=admin,dc=example,dc=com" "cn=/' | xargs -L 1 echo ldapdelete
|