github-ldap 1.6.0 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e3c051d99422a820839d27fcc09ca5d06018df60
|
4
|
+
data.tar.gz: 296977c9678d88bf38af56b8fee0f78efd41cc81
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 05fbc6dcef6451fd9076b7055df46fbddcfac1ef04d31c3dab3485c23302caaa53ca9ee477d47f269666a8cc7cae5ed6e4a26e1312bd25df62d4ba2a67cf71b8
|
7
|
+
data.tar.gz: bfb3e6b09a2b95c582ed1ce94c4b15b1cdf98cceb27fe1dcb5b193c1e7a91bbe1a5397cf32061190fea5c3f6cb3c6d3ffadb0c602c38e8143470ff12b031a35c
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,11 @@
|
|
1
1
|
# CHANGELOG
|
2
2
|
|
3
|
+
## v1.7.0
|
4
|
+
|
5
|
+
* Accept `:depth` option for Recursive membership validator strategy instance [#73](https://github.com/github/github-ldap/pull/73)
|
6
|
+
* Deprecate `depth` argument to `Recursive` membership validator `perform` method
|
7
|
+
* Bump net-ldap dependency to 0.10.0 at minimum [#72](https://github.com/github/github-ldap/pull/72)
|
8
|
+
|
3
9
|
## v1.6.0
|
4
10
|
|
5
11
|
* Expose `GitHub::Ldap::Group.group?` for testing if entry is a group [#67](https://github.com/github/github-ldap/pull/67)
|
data/github-ldap.gemspec
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |spec|
|
4
4
|
spec.name = "github-ldap"
|
5
|
-
spec.version = "1.
|
5
|
+
spec.version = "1.7.0"
|
6
6
|
spec.authors = ["David Calavera", "Matt Todd"]
|
7
7
|
spec.email = ["david.calavera@gmail.com", "chiology@gmail.com"]
|
8
8
|
spec.description = %q{LDAP authentication for humans}
|
@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
|
|
15
15
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
16
16
|
spec.require_paths = ["lib"]
|
17
17
|
|
18
|
-
spec.add_dependency 'net-ldap', '~> 0.
|
18
|
+
spec.add_dependency 'net-ldap', '~> 0.10.0'
|
19
19
|
|
20
20
|
spec.add_development_dependency "bundler", "~> 1.3"
|
21
21
|
spec.add_development_dependency 'ladle'
|
@@ -13,9 +13,11 @@ module GitHub
|
|
13
13
|
#
|
14
14
|
# - ldap: GitHub::Ldap object
|
15
15
|
# - groups: Array of Net::LDAP::Entry group objects
|
16
|
-
|
17
|
-
|
18
|
-
@
|
16
|
+
# - options: Hash of options
|
17
|
+
def initialize(ldap, groups, options = {})
|
18
|
+
@ldap = ldap
|
19
|
+
@groups = groups
|
20
|
+
@options = options
|
19
21
|
end
|
20
22
|
|
21
23
|
# Abstract: Performs the membership validation check.
|
@@ -21,7 +21,31 @@ module GitHub
|
|
21
21
|
DEFAULT_MAX_DEPTH = 9
|
22
22
|
ATTRS = %w(dn cn)
|
23
23
|
|
24
|
-
|
24
|
+
# Internal: The maximum depth to search for membership.
|
25
|
+
attr_reader :depth
|
26
|
+
|
27
|
+
# Public: Instantiate new search strategy.
|
28
|
+
#
|
29
|
+
# - ldap: GitHub::Ldap object
|
30
|
+
# - groups: Array of Net::LDAP::Entry group objects
|
31
|
+
# - options: Hash of options
|
32
|
+
# depth: Integer limit of recursion
|
33
|
+
#
|
34
|
+
# NOTE: This overrides default behavior to configure `depth`.
|
35
|
+
def initialize(ldap, groups, options = {})
|
36
|
+
super
|
37
|
+
@depth = options[:depth] || DEFAULT_MAX_DEPTH
|
38
|
+
end
|
39
|
+
|
40
|
+
def perform(entry, depth_override = nil)
|
41
|
+
if depth_override
|
42
|
+
warn "DEPRECATION WARNING: Calling Recursive#perform with a second argument is deprecated."
|
43
|
+
warn "Usage:"
|
44
|
+
warn " strategy = GitHub::Ldap::MembershipValidators::Recursive.new \\"
|
45
|
+
warn " ldap, depth: 5"
|
46
|
+
warn " strategy#perform(entry)"
|
47
|
+
end
|
48
|
+
|
25
49
|
# short circuit validation if there are no groups to check against
|
26
50
|
return true if groups.empty?
|
27
51
|
|
@@ -36,7 +60,7 @@ module GitHub
|
|
36
60
|
next if membership.empty?
|
37
61
|
|
38
62
|
# recurse to at most `depth`
|
39
|
-
depth.times do |n|
|
63
|
+
(depth_override || depth).times do |n|
|
40
64
|
# find groups whose members include membership groups
|
41
65
|
membership = domain.search(filter: membership_filter(membership), attributes: ATTRS)
|
42
66
|
|
@@ -8,9 +8,9 @@ class GitHubLdapRecursiveMembershipValidatorsTest < GitHub::Ldap::Test
|
|
8
8
|
@validator = GitHub::Ldap::MembershipValidators::Recursive
|
9
9
|
end
|
10
10
|
|
11
|
-
def make_validator(groups)
|
11
|
+
def make_validator(groups, options = {})
|
12
12
|
groups = @domain.groups(groups)
|
13
|
-
@validator.new(@ldap, groups)
|
13
|
+
@validator.new(@ldap, groups, options)
|
14
14
|
end
|
15
15
|
|
16
16
|
def test_validates_user_in_group
|
@@ -34,8 +34,8 @@ class GitHubLdapRecursiveMembershipValidatorsTest < GitHub::Ldap::Test
|
|
34
34
|
end
|
35
35
|
|
36
36
|
def test_does_not_validate_user_in_great_granchild_group_with_depth
|
37
|
-
validator = make_validator(%w(n-depth-nested-group3))
|
38
|
-
refute validator.perform(@entry
|
37
|
+
validator = make_validator(%w(n-depth-nested-group3), depth: 2)
|
38
|
+
refute validator.perform(@entry)
|
39
39
|
end
|
40
40
|
|
41
41
|
def test_does_not_validate_user_not_in_group
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: github-ldap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Calavera
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-12-
|
12
|
+
date: 2014-12-11 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: net-ldap
|
@@ -17,14 +17,14 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - "~>"
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version: 0.
|
20
|
+
version: 0.10.0
|
21
21
|
type: :runtime
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
25
|
- - "~>"
|
26
26
|
- !ruby/object:Gem::Version
|
27
|
-
version: 0.
|
27
|
+
version: 0.10.0
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
29
|
name: bundler
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|