github-ldap 1.3.2 → 1.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3542310f0a25d44a8fde3c868d6f7df9849797ba
-  data.tar.gz: 98e8bebff1f17dd194d7d959343e6f6e553ba370
+  metadata.gz: f417737b5a49cba30ca466e8ef2a361894d4069a
+  data.tar.gz: fad20f08e322deb3b0a3303f4a5b9b2c0fce1469
 SHA512:
-  metadata.gz: cc19ef4ef3c90ec0e2d7c380d9897c09037f141965627871ea726245a4dbdeaaeba2aa9b7ac562567917e47155d99590d062aeb9f889efba267bf89a468e7eec
-  data.tar.gz: 568dffb94c106bbf4ea15ebd11cc02f4188f3236b320af1dec3ca9364442b02515fb1bc2aeff4c618bfb94b3903eb4ea71381784940de9e612af85cf53e8f8c3
+  metadata.gz: 7fed87fe08383e0a6a264e99396aa8a7e9ed22d85dd5bdba0f100f9b558c5ac548718d1e7825cc01022329a877f0471138bab7eca2679d5f6c602ba9fb7bba1b
+  data.tar.gz: ee4bf4726436769b4109d052b2d5071e1f1ef26029ee3ab5b29ee020d60dcfdfff867ef11a8b4f624ec271ac60f46f153007f6dbe8220825e1aff8f380327a42

data/github-ldap.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |spec|
   spec.name          = "github-ldap"
-  spec.version       = "1.3.2"
+  spec.version       = "1.3.3"
   spec.authors       = ["David Calavera"]
   spec.email         = ["david.calavera@gmail.com"]
   spec.description   = %q{Ldap authentication for humans}

data/lib/github/ldap.rb

@@ -112,7 +112,7 @@ module GitHub
     def load_group(group_entry)
       if @virtual_attributes.enabled?
         VirtualGroup.new(self, group_entry)
-      elsif PosixGroup.valid?(group_entry)
+      elsif posix_support_enabled? && PosixGroup.valid?(group_entry)
         PosixGroup.new(self, group_entry)
       else
         Group.new(self, group_entry)

data/lib/github/ldap/group.rb

@@ -72,9 +72,12 @@ module GitHub
       # Internal - Check if an object class includes the member names
       # Use `&` rathen than `include?` because both are arrays.
       #
+      # NOTE: object classes are downcased by default in Net::LDAP, so this
+      # will fail to match correctly unless we also downcase our group classes.
+      #
       # Returns true if the object class includes one of the group class names.
       def group?(object_class)
-        !(GROUP_CLASS_NAMES & object_class).empty?
+        !(GROUP_CLASS_NAMES.map(&:downcase) & object_class.map(&:downcase)).empty?
       end
 
       # Internal - Generate a hash with all the group DNs for caching purposes.

data/test/domain_test.rb

@@ -158,6 +158,13 @@ class GitHubLdapDomainNestedGroupsTest < GitHub::Ldap::Test
     assert @domain.is_member?(user, %w(enterprise-ops)),
       "Expected `enterprise-ops` to include the member `#{user.dn}`"
   end
+
+  def test_membership_in_deeply_nested_subgroups
+    assert user = @ldap.domain('uid=user1.1.1.1,ou=users,dc=github,dc=com').bind
+
+    assert @domain.is_member?(user, %w(group1)),
+      "Expected `group1` to include the member `#{user.dn}` via deep recursion"
+  end
 end
 
 class GitHubLdapPosixGroupsWithRecursionFallbackTest < GitHub::Ldap::Test

data/test/fixtures/github-with-subgroups.ldif

@@ -43,6 +43,29 @@ objectClass: groupOfNames
 member: uid=calavera,ou=users,dc=github,dc=com
 member: uid=rubiojr,ou=users,dc=github,dc=com
 
+dn: cn=group1,ou=groups,dc=github,dc=com
+cn: group1
+objectClass: groupOfNames
+member: uid=user1,ou=users,dc=github,dc=com
+member: cn=group1.1,ou=groups,dc=github,dc=com
+
+dn: cn=group1.1,ou=groups,dc=github,dc=com
+cn: group1
+objectClass: groupOfNames
+member: uid=user1.1,ou=users,dc=github,dc=com
+member: cn=group1.1.1,ou=groups,dc=github,dc=com
+
+dn: cn=group1.1.1,ou=groups,dc=github,dc=com
+cn: group1
+objectClass: groupOfNames
+member: uid=user1.1.1,ou=users,dc=github,dc=com
+member: cn=group1.1.1.1,ou=groups,dc=github,dc=com
+
+dn: cn=group1.1.1.1,ou=groups,dc=github,dc=com
+cn: group1
+objectClass: groupOfNames
+member: uid=user1.1.1.1,ou=users,dc=github,dc=com
+
 # Users
 
 dn: ou=users,dc=github,dc=com
@@ -89,3 +112,35 @@ uid: mtodd
 userPassword: passworD1
 mail: mtodd@github.com
 objectClass: inetOrgPerson
+
+dn: uid=user1,ou=users,dc=github,dc=com
+uid: user1
+sn: user1
+cn: user1
+userPassword: passworD1
+mail: user1@github.com
+objectClass: inetOrgPerson
+
+dn: uid=user1.1,ou=users,dc=github,dc=com
+uid: user1.1
+sn: user1.1
+cn: user1.1
+userPassword: passworD1
+mail: user1.1@github.com
+objectClass: inetOrgPerson
+
+dn: uid=user1.1.1,ou=users,dc=github,dc=com
+uid: user1.1.1
+sn: user1.1.1
+cn: user1.1.1
+userPassword: passworD1
+mail: user1.1.1@github.com
+objectClass: inetOrgPerson
+
+dn: uid=user1.1.1.1,ou=users,dc=github,dc=com
+uid: user1.1.1.1
+sn: user1.1.1.1
+cn: user1.1.1.1
+userPassword: passworD1
+mail: user1.1.1.1@github.com
+objectClass: inetOrgPerson

data/test/group_test.rb

@@ -14,6 +14,12 @@ class GitHubLdapGroupTest < GitHub::Ldap::Test
     @group = @ldap.group("cn=enterprise,ou=groups,dc=github,dc=com")
   end
 
+  def test_group?
+    object_classes = %w(groupOfNames)
+    assert @group.group?(object_classes)
+    assert @group.group?(object_classes.map(&:downcase))
+  end
+
   def test_subgroups
     assert_equal 3, @group.subgroups.size
   end
@@ -24,7 +30,7 @@ class GitHubLdapGroupTest < GitHub::Ldap::Test
 
   def test_all_domain_groups
     groups = groups_domain.all_groups
-    assert_equal 4, groups.size
+    assert_equal 8, groups.size
   end
 
   def test_filter_domain_groups

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: github-ldap
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.3.3
 platform: ruby
 authors:
 - David Calavera
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-20 00:00:00.000000000 Z
+date: 2014-08-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ldap