hydra-ldap 0.0.3 → 0.0.4

data/.gitignore

@@ -18,3 +18,5 @@ _yardoc
 doc/
 
 *.swp
+Gemfile.lock
+.rvmrc

data/README.md

@@ -22,13 +22,59 @@ Create the config file (config/ldap.yml) by running:
 
 <pre>rails generate hydra-ldap</pre>
 
+Made the filters, attributes and result parsing all parameters as frequently as possible, to try and make this
+usable to many LDAP directory set ups.
 
-<pre>Hydra::LDAP.create_group(group_code, description, owner, users)</pre>
-<pre>Hydra::LDAP.groups_for_user(user_id)</pre>
-<pre>Hydra::LDAP.groups_owned_by_user(user_id)</pre>
-<pre>Hydra::LDAP.delete_group(group_code)</pre>
-<pre>Hydra::LDAP.add_users_to_group(group_code, users)</pre>
-<pre>Hydra::LDAP.remove_users_from_group(group_code, users)</pre>
+It might be helpful to look at the hydra-ldap-example.ldif, config/hydra-ldap.yml and spec/integration/ldap_spec.rb to see what type of configuration the tests are running for comparison purposes.
+
+The attributes here would change based on LDAP configuration.  
+<pre>
+attrs = {
+  :cn => 'Test'
+  :objectclass => 'groupofnames'
+  :description => 'my test group contains users, and owners'
+  :owner => 'uid=abc123'
+  :member => ['john', 'jane', 'fido']
+  }
+Hydra::LDAP.create_group(group_code, attributes{})
+</pre>
+
+Examples of how to customize the results being returned, print out the cn attribute for 
+the groups owned by this user (hoping these are helpful for NU).
+<pre>
+filter = Net::LDAP::Filter.construct("(owner=uid=quentin,ou=people,dc=example,dc=org)")
+Hydra::LDAP.groups_owned_by_user(filter, ['owner', 'cn']){ |result| result.map{ |r| puts r[:cn].first } }
+</pre>
+
+<pre>
+uid = 'uid'
+filter=Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(member=uid=#{uid}))")
+attributes = ['cn']
+Hydra::LDAP.groups_for_user(filter, attributes){ |result| result.map { |r| r[:cn].first }}
+</pre>
+
+<pre>
+filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+attributes = ['default attribute is description']
+Hydra::LDAP.title_of_group(group_code, filter, attributes){ |result| result.first[:description].first }
+</pre>
+
+<pre>
+filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+Hydra::LDAP.users_for_group(group_code, filter, ['member']){ |result| result.first[:uniquemember].map{ |r| r.sub(/^uid=/, '') }}
+</pre>
+
+<pre>
+filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+Hydra::LDAP.owner_for_group(group_code, filter, ['owner']) { |result| result.first[:owner].map{ |r| r.sub(/^uid=/, '') }}
+</pre>
+
+These are all pretty similar to previous calls, if not the same signatures.
+<pre>Hydra::LDAP.delete_group(group_code).should be_true</pre>
+
+
+<pre>Hydra::LDAP.add_users_to_group(group_code, ['bruce', 'beth'])</pre>
+<pre>Hydra::LDAP.remove_users_from_group(group_code, ['bruce'])</pre>
 
 ## Contributing
 

data/config/hydra-ldap.yml

@@ -1,9 +1,16 @@
 test:  
-  host: ldap.example.com
-  port: 389
-  username: cn=Manager,dc=example,dc=com
-  password: <%= ENV['LDAP_PASSWORD'] %>
-  group_base: ou=groups,dc=example,dc=com
-  base: ou=people,dc=example,dc=com
+  host: localhost 
+  port: 3897
+  group_base: ou=groups,dc=example,dc=org 
+  base: ou=people,dc=example,dc=org 
   uid: uid
 
+development:  
+  host: localhost 
+  port: 3897
+  group_base: ou=groups,dc=example,dc=org 
+  base: ou=people,dc=example,dc=org 
+  uid: uid
+  group_member: uniquemember  # attribute name in a group to identify a member
+  group_owner: owner          # attribute name to identify group owner
+

data/hydra-ldap-example.ldif

@@ -0,0 +1,362 @@
+version: 1
+
+dn: ou=people,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: people
+
+dn: ou=groups,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: groups
+
+
+dn: uid=aa729,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Alexandra Adams
+sn: Adams
+givenName: Alexandra
+mail: alexandra@example.org
+uid: aa729
+# Password is "smada"
+userpassword: {SHA}pGlmZX1VOEdHHb30HZezeVNFxGM=
+
+dn: uid=bb459,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Belle Baldwin
+sn: Baldwin
+givenName: Belle
+mail: belle@example.org
+uid: bb459
+# Password is "niwdlab"
+userpassword: {SHA}LRif2N+5TDSaO/rdkH2HHF8fF74=
+
+dn: uid=cc414,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Claire Carpenter
+sn: Carpenter
+givenName: Claire
+mail: claire@example.org
+uid: cc414
+# Password is "retneprac"
+userpassword: {SHA}UL/iS+2R7GhwbhXOWoTHd4/qoMA=
+
+dn: uid=dd945,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Dorothy Dawson
+sn: Dawson
+givenName: Dorothy
+mail: dorothy@example.org
+uid: dd945
+# Password is "noswad"
+userpassword: {SHA}D0UlcTfbCddFLwih04ig4DEilAc=
+
+dn: uid=ee855,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Elizabeth Emerson
+sn: Emerson
+givenName: Elizabeth
+mail: elizabeth@example.org
+uid: ee855
+# Password is "nosreme"
+userpassword: {SHA}pheE9wd/iTps6f8bJjM6AePjwrU=
+
+dn: uid=ff531,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Freya Fuller
+sn: Fuller
+givenName: Freya
+mail: freya@example.org
+uid: ff531
+# Password is "relluf"
+userpassword: {SHA}HLU2WZjFf/PF0Pp4qSDzoB3x+bs=
+
+dn: uid=gg855,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Grace Gonzales
+sn: Gonzales
+givenName: Grace
+mail: grace@example.org
+uid: gg855
+# Password is "selaznog"
+userpassword: {SHA}zT4oO9pFXIj+ISIc60bvM8A5+UQ=
+
+dn: uid=hh153,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Hilda Hatfield
+sn: Hatfield
+givenName: Hilda
+mail: hilda@example.org
+uid: hh153
+# Password is "dleiftah"
+userpassword: {SHA}PTDJLPy4kwa7VZ/sGLyCPzZ7d3o=
+
+dn: uid=ii711,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Iona Ingram
+sn: Ingram
+givenName: Iona
+mail: iona@example.org
+uid: ii711
+# Password is "margni"
+userpassword: {SHA}L7qElLblWuLNFPrFku60uCuCr7Q=
+
+dn: uid=jj243,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Josephine Jackson
+sn: Jackson
+givenName: Josephine
+mail: josephine@example.org
+uid: jj243
+# Password is "noskcaj"
+userpassword: {SHA}ElqdCxdbvRNqXBgdUdkCmGZlQmk=
+
+dn: uid=kk891,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Kelly Kline
+sn: Kline
+givenName: Kelly
+mail: kelly@example.org
+uid: kk891
+# Password is "enilk"
+userpassword: {SHA}WlNzQqBB/QoEKh3LRcLZHgnCGNw=
+
+dn: uid=ll819,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Leah Lawrence
+sn: Lawrence
+givenName: Leah
+mail: leah@example.org
+uid: ll819
+# Password is "ecnerwal"
+userpassword: {SHA}CzyyPOSrIxgFCm24nSv2FA8wihQ=
+
+dn: uid=mm405,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Mona Maddox
+sn: Maddox
+givenName: Mona
+mail: mona@example.org
+uid: mm405
+# Password is "xoddam"
+userpassword: {SHA}WiCnxkOb4kpy16ON7ZC6mD/iqII=
+
+dn: uid=nn297,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Noel Nash
+sn: Nash
+givenName: Noel
+mail: noel@example.org
+uid: nn297
+# Password is "hsan"
+userpassword: {SHA}1zOsG076wDkikQbnK5vAMM1BM/o=
+
+dn: uid=oo981,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Ophelia Osborn
+sn: Osborn
+givenName: Ophelia
+mail: ophelia@example.org
+uid: oo981
+# Password is "nrobso"
+userpassword: {SHA}w8mQw0kEa1UiWzMsNclD/LWzlgs=
+
+dn: uid=pp468,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Penelope Patel
+sn: Patel
+givenName: Penelope
+mail: penelope@example.org
+uid: pp468
+# Password is "letap"
+userpassword: {SHA}p7jaVoRIV9o8gDPbN10sEhXaYHk=
+
+dn: uid=qq612,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Quin Queen
+sn: Queen
+givenName: Quin
+mail: quin@example.org
+uid: qq612
+# Password is "neeuq"
+userpassword: {SHA}v9ibNIx42giCH4tQnwUHJy6LeJg=
+
+dn: uid=rr477,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Ruth Rowland
+sn: Rowland
+givenName: Ruth
+mail: ruth@example.org
+uid: rr477
+# Password is "dnalwor"
+userpassword: {SHA}S3eMb2C/ctXzbFnlgcH7ZQ/fozU=
+
+dn: uid=ss198,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Serena Solomon
+sn: Solomon
+givenName: Serena
+mail: serena@example.org
+uid: ss198
+# Password is "nomolos"
+userpassword: {SHA}EizIKlU79Kz1Y2WIV4deIh0MSA8=
+
+dn: uid=tt882,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Talia Torres
+sn: Torres
+givenName: Talia
+mail: talia@example.org
+uid: tt882
+# Password is "serrot"
+userpassword: {SHA}yO0DcSZ4fTMcx3sTHnAPQGvMkwg=
+
+dn: uid=uu972,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Ursula Underwood
+sn: Underwood
+givenName: Ursula
+mail: ursula@example.org
+uid: uu972
+# Password is "doowrednu"
+userpassword: {SHA}GQWGu8IvIEFU1PP34qGi5DyDF/c=
+
+dn: uid=vv180,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Vera Vickers
+sn: Vickers
+givenName: Vera
+mail: vera@example.org
+uid: vv180
+# Password is "srekciv"
+userpassword: {SHA}3UrzY38O4R1GLK6ccSSfL4D0efQ=
+
+dn: uid=ww369,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Wendy Wise
+sn: Wise
+givenName: Wendy
+mail: wendy@example.org
+uid: ww369
+# Password is "esiw"
+userpassword: {SHA}8gU4KSqUeeLRPov2tmXZXgOZw78=
+
+dn: uid=xx396,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Xara Xiong
+sn: Xiong
+givenName: Xara
+mail: xara@example.org
+uid: xx396
+# Password is "gnoix"
+userpassword: {SHA}Yc2En2R/sbdjlEOitkLlkwY4jAY=
+
+dn: uid=yy423,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Yvette Yates
+sn: Yates
+givenName: Yvette
+mail: yvette@example.org
+uid: yy423
+# Password is "setay"
+userpassword: {SHA}iKBhwF+Mbbct6mlmy6AvodIek3E=
+
+dn: uid=zz882,ou=people,dc=example,dc=org
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+cn: Zana Zimmerman
+sn: Zimmerman
+givenName: Zana
+mail: zana@example.org
+uid: zz882
+# Password is "namremmiz"
+userpassword: {SHA}KlsWojnknRWCHXGoBOTlEZxxrG8=
+
+#dn: cn=group1,ou=people,dc=example,dc=org
+dn: cn=group1,ou=groups,dc=example,dc=org
+objectClass: top
+objectclass: groupOfuniqueNames
+cn: Group1
+description: Test Group1
+owner: uid=xx396,ou=people,dc=example,dc=org
+uniqueMember: uid=zz882,ou=people,dc=example,dc=org
+uniqueMember: uid=yy423,ou=people,dc=example,dc=org
+uniqueMember: uid=ww369,ou=people,dc=example,dc=org
+

data/hydra-ldap.gemspec

@@ -9,10 +9,11 @@ Gem::Specification.new do |gem|
   gem.homepage      = "https://github.com/projecthydra/hydra-ldap"
 
   gem.add_dependency('net-ldap')
+  gem.add_dependency('rails')
 
   gem.add_development_dependency('rake')
   gem.add_development_dependency('rspec')
-  
+  gem.add_development_dependency('ladle')
 
   gem.files         = `git ls-files`.split($\)
   gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }

data/lib/hydra-ldap.rb

@@ -3,17 +3,16 @@ require "net/ldap"
 require 'active_support/core_ext/object/blank'
 require 'active_support/core_ext/hash/indifferent_access'
 require 'yaml'
+require 'rails'
 
 module Hydra
   module LDAP
-
-    # Your code goes here...
     class NoUsersError < StandardError; end
     class MissingOwnerError < StandardError; end
     class GroupNotFound < StandardError; end
 
     def self.connection
-      @ldap_conn ||= Net::LDAP.new(ldap_connection_config) 
+      @ldap_conn ||= Net::LDAP.new(ldap_connection_config)
     end
 
     def self.ldap_connection_config
@@ -31,8 +30,8 @@ module Hydra
     end
 
     def self.ldap_config
-      root = defined?(Rails) ? Rails.root : '.'
-      env = defined?(Rails) ?  Rails.env : 'test'
+      root = Rails.root || '.'
+      env = Rails.env || 'test'
       @ldap_config ||= YAML::load(ERB.new(IO.read(File.join(root, 'config', 'hydra-ldap.yml'))).result)[env].with_indifferent_access
     end
 
@@ -48,54 +47,73 @@ module Hydra
       dn = "cn=#{code},#{group_base}"
     end
 
-    def self.create_group(code, description, owner, users)
-      raise NoUsersError, "Unable to persist a group without users" unless users.present?
-      raise MissingOwnerError, "Unable to persist a group without owner" unless owner
-      attributes = {
-        :cn => code,
-        :objectclass => "groupofnames",
-        :description => description,
-        :member=>users.map {|u| "uid=#{u}"},
-        :owner=>"uid=#{owner}"
-      }
+    #def self.create_group(code, description, owner, users)
+    # dn => dn(code)
+    # attributes = {
+    #  :cn => code,
+    #  :objectclass => "groupofnames",
+    #  :description => description,
+    #  :member=>users.map {|u| "uid=#{u}"},
+    #  :owner=>"uid=#{owner}"
+    # }
+    def self.create_group(code, attributes)
+      raise NoUsersError, "Unable to persist a group without users" unless attributes[:uniquemember] 
+      raise MissingOwnerError, "Unable to persist a group without owner" unless attributes[:owner] 
       connection.add(:dn=>dn(code), :attributes=>attributes)
     end
 
     def self.delete_group(code)
-      Hydra::LDAP.connection.delete(:dn=>dn(code))
+      connection.delete(:dn=>dn(code))
     end
 
     # same as
     # ldapsearch -h ec2-107-20-53-121.compute-1.amazonaws.com -p 389 -x -b dc=example,dc=com -D "cn=admin,dc=example,dc=com" -W "(&(objectClass=groupofnames)(member=uid=vanessa))" cn
-    def self.groups_for_user(uid)
-      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(member=uid=#{uid}))"), :attributes=>['cn'])
-      result.map{|r| r[:cn].first}
-    end
-
-    def self.groups_owned_by_user(uid)
-      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(owner=uid=#{uid}))"), :attributes=>['cn'])
-      result.map{|r| r[:cn].first}
-    end
-    def self.title_of_group(group_code)
-      result = find_group(group_code)
-      result[:description].first
+    # Northwestern passes attributes=['cn']
+    # PSU filter=Net::LDAP::Filter.eq('uid', uid)
+    # NW filter=Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(member=uid=#{uid}))"))
+    def self.groups_for_user(filter, attributes=['psMemberOf'], &block)
+      result = connection.search(:base=>group_base, :filter => filter, :attributes => attributes)
+      block.call(result) if block_given?
+    end
+
+    # NW - return result.map{|r| r[:cn].first}
+    def self.groups_owned_by_user(filter, attributes=['cn'], &block)
+      result = connection.search(:base=>group_base, :filter=> filter, :attributes=>attributes)
+      block.call(result) if block_given?
+    end
+
+    # result[:description].first
+    def self.title_of_group(group_code, filter, attributes=['description'], &block)
+      if block_given?
+        find_group(group_code, filter, attributes, &block)
+      else 
+        find_group(group_code, filter, attributes)
+      end
     end
 
-    def self.users_for_group(group_code)
-      result = find_group(group_code)
-      result[:member].map { |v| v.sub(/^uid=/, '') }
+    # result[:member].map { |v| v.sub(/^uid=/, '') }
+    def self.users_for_group(group_code, filter, attributes=['member'], &block)
+      if block_given?
+        find_group(group_code, filter, attributes, &block)
+      else  
+        find_group(group_code, filter, attributes)
+      end
     end
 
-    def self.owner_for_group(group_code)
-      result = find_group(group_code)
-      result[:owner].first.sub(/^uid=/, '')
+    # result[:owner].first.sub(/^uid=/, '')
+    def self.owner_for_group(group_code, filter, attributes=['owner'], &block)
+      if block_given?
+        find_group(group_code, filter, attributes, &block)
+      else  
+        find_group(group_code, filter, attributes)
+      end
     end
 
     def self.add_users_to_group(group_code, users)
       invalidate_cache(group_code)
       ops = []
       users.each do |u|
-        ops << [:add, :member, "uid=#{u}"]
+        ops << [:add, ldap_config[:group_member], "uid=#{u}"]
       end
       connection.modify(:dn=>dn(group_code), :operations=>ops)
     end
@@ -104,7 +122,7 @@ module Hydra
       invalidate_cache(group_code)
       ops = []
       users.each do |u|
-        ops << [:delete, :member, "uid=#{u}"]
+        ops << [:delete, ldap_config[:group_member], "uid=#{u}"]
       end
       connection.modify(:dn=>dn(group_code), :operations=>ops)
     end
@@ -113,18 +131,41 @@ module Hydra
       @cache ||= {}
       @cache[group_code] = nil
     end
-    
-    def self.find_group(group_code)
+
+    # NW result = connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(cn=#{group_code}))"), :attributes=>['member', 'owner', 'description'])
+    # result.first.each do |k, v|
+    #  val[k] = v
+    # end
+    def self.find_group(group_code, filter, attributes, &block)
       @cache ||= {}
-      return @cache[group_code] if @cache[group_code]
-      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(cn=#{group_code}))"), :attributes=>['member', 'owner', 'description'])
-      val = {}
+      return @cache[[group_code, filter, attributes]] if @cache[[group_code, filter, attributes]]
+      result = connection.search(:base=>group_base, :filter=> filter, :attributes=>attributes)
       raise GroupNotFound, "Can't find group '#{group_code}' in ldap" unless result.first
-      result.first.each do |k, v|
-        val[k] = v
-      end
-      #puts "Val is: #{val}"
-      @cache[group_code] = val
+      @cache[[group_code, filter, attributes]] = result
+      block.call(result) if block_given?
+    end
+
+    def self.get_user(filter, attribute=[])
+      result = connection.search(:base=>treebase, :filter => filter, :attributes => attribute)
+      return result
+    end
+
+    # hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq('uid', uid))
+    def self.does_user_exist?(filter)
+      hits = connection.search(:base=>treebase, :filter=>filter)
+      return !hits.empty?
+    end
+
+    # hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq('uid', uid))
+    def self.is_user_unique?(filter)
+      hits = connection.search(:base=>treebase, :filter=>filter)
+      return hits.count == 1
+    end
+
+    # hits = connection.search(:base=>group_base, :filter=>Net::LDAP::Filter.eq('cn', cn))
+    def self.does_group_exist?(filter)
+      hits = connection.search(:base=>group_base, :filter=>filter)
+      return hits.count == 1
     end
 
   end

data/lib/hydra/ldap/version.rb

@@ -1,5 +1,5 @@
 module Hydra
   module LDAP
-    VERSION = "0.0.3"
+    VERSION = "0.0.4"
   end
 end

data/spec/integration/ldap_spec.rb

@@ -1,42 +1,101 @@
 require 'spec_helper'
 
-describe 'Ldap service' do 
-  before do
-    # If this line isn't true, there was a problem creating (probably already exists.
-    Hydra::LDAP.create_group('justin1', 'Test Group', 'quentin', ['kacey', 'larry', 'ursula']).should be_true
+describe 'Ldap service' do
+  before(:all) do
+    tmpdir = ENV['TMPDIR'] || ENV['TEMPDIR'] || '/tmp'
+    @ldap_server = Ladle::Server.new(:port => 3897,
+                                     :domain => "dc=example,dc=org",
+                                     :allow_anonymous => true,
+                                     :verbose => false,
+                                     :ldif => 'hydra-ldap-example.ldif',
+                                     :tmpdir => tmpdir
+                                     ).start
   end
-  after do
-    Hydra::LDAP.delete_group('justin1').should be_true
+
+  after(:all) do
+    @ldap_server.stop if @ldap_server
   end
-  it "should have description, users, owners of a group" do
-    Hydra::LDAP.title_of_group('justin1').should == 'Test Group'
-    Hydra::LDAP.users_for_group('justin1').should == ['kacey', 'larry', 'ursula']
-    Hydra::LDAP.owner_for_group('justin1').should == 'quentin'
+
+  describe  "Querying for users and attribute values" do
+    it "should return true dd945 exists" do
+      filter = Net::LDAP::Filter.eq('uid', 'dd945')
+      Hydra::LDAP.does_user_exist?(filter).should be_true
+    end
+
+    it "should return false abc123 does not exist" do
+      filter = Net::LDAP::Filter.eq('uid', 'abc123')
+      Hydra::LDAP.does_user_exist?(filter).should_not be_true
+    end
+
+    it "should return true dd945 is unique user" do
+      filter = Net::LDAP::Filter.eq('uid', 'dd945')
+      Hydra::LDAP.is_user_unique?(filter).should be_true
+    end
+
+    it "should return user values for dd945" do
+      filter = Net::LDAP::Filter.eq('uid', 'dd945')
+      Hydra::LDAP.get_user(filter, ['givenName']).first[:givenname] == 'Dorothy'
+    end
   end
 
-  describe "#groups_owned_by_user" do
+  describe "Query groups for group info" do
+    it "should find a group and map the result" do
+      group_code = 'Group1'
+      filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+      Hydra::LDAP.find_group(group_code, filter, ['cn']){ |result| result.first[:cn].first }.downcase.should == 'group1'
+    end
+
+    it "should have description, users, owners of a group" do
+      group_code = 'Group1'
+      filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+
+      Hydra::LDAP.title_of_group(group_code, filter){ |result| result.first[:description].first }.should == 'Test Group1'
+      Hydra::LDAP.users_for_group(group_code, filter, ['uniquemember']){ |result| result.first[:uniquemember].map{ |r| r.sub(/^uid=/, '').sub(/,ou=people,dc=example,dc=org/, '') }}.should == ['zz882', 'yy423', 'ww369']
+      Hydra::LDAP.owner_for_group(group_code, filter, ['owner']) { |result| result.first[:owner].map{ |r| r.sub(/^uid=/, '').sub(/,ou=people,dc=example,dc=org/, '') }}.should == ['xx396']
+    end
+  end
+
+  describe "Managing Groups" do
     before do
-      Hydra::LDAP.create_group('justin2', 'Test Group', 'quentin', ['kacey', 'larry']).should be_true
-      Hydra::LDAP.create_group('justin3', 'Test Group', 'theresa', ['kacey', 'larry']).should be_true
+      attrs = {
+        :cn => 'PulpFiction',
+        :objectclass => 'groupofuniquenames',
+        :description => 'Pulp Fiction is a movie by quentin',
+        :owner => 'uid=quentin,ou=people,dc=example,dc=org',
+        :uniquemember => ['uid=samuel', 'uid=uma', 'uid=john']
+      }
+      Hydra::LDAP.create_group('PulpFiction', attrs).should be_true
     end
+
     after do
-      Hydra::LDAP.delete_group('justin2').should be_true
-      Hydra::LDAP.delete_group('justin3').should be_true
+      Hydra::LDAP.delete_group('PulpFiction').should be_true
     end
-    it "should return the list" do
-      Hydra::LDAP.groups_owned_by_user('quentin').should == ['justin1', 'justin2']
+
+    it "should return a list of groups owned by quentin" do
+      attrs = {
+        :cn => 'TR',
+        :objectclass => 'groupofuniquenames',
+        :description => 'True Romance is another movie by Q',
+        :owner => 'uid=quentin,ou=people,dc=example,dc=org',
+        :uniquemember => ['uid=christian', 'uid=patricia', 'uid=dennis']
+      }
+      Hydra::LDAP.create_group('TrueRomance', attrs).should be_true
+      filter = Net::LDAP::Filter.construct("(owner=uid=quentin,ou=people,dc=example,dc=org)")
+
+      Hydra::LDAP.groups_owned_by_user(filter, ['owner', 'cn']){ |result| result.map{ |r| r[:cn].first } }.should == ['PulpFiction', 'TrueRomance']
+
+      Hydra::LDAP.delete_group('TrueRomance').should be_true
     end
-  end
-  describe "#adding_members" do
-    it "should have users and owners of a group" do
-      Hydra::LDAP.add_users_to_group('justin1', ['theresa', 'penelope']).should be_true
-      Hydra::LDAP.users_for_group('justin1').should == ['kacey', 'larry', 'ursula', 'theresa', 'penelope']
+
+    it "should add users to a group" do
+      Hydra::LDAP.add_users_to_group('PulpFiction', ['bruce', 'ving']).should be_true
     end
-  end
-  describe "#removing_members" do
+
     it "should remove users from the group" do
-      Hydra::LDAP.remove_users_from_group('justin1', ['kacey', 'larry']).should be_true
-      Hydra::LDAP.users_for_group('justin1').should == ['ursula']
+      Hydra::LDAP.remove_users_from_group('PulpFiction', ['uma', 'john']).should be_true
+      group_code = 'PulpFiction'
+      filter = Net::LDAP::Filter.construct("(cn=#{group_code})")
+      Hydra::LDAP.users_for_group(group_code, filter, ['uniquemember']){ |result| result.first[:uniquemember].map{ |r| r.sub(/^uid=/, '').sub(/,ou=people,dc=example,dc=org/, '') }}.should == ['samuel']
     end
   end
 end

data/spec/spec_helper.rb

@@ -3,6 +3,8 @@ $LOAD_PATH.unshift(File.dirname(__FILE__))
 
 require 'rspec/autorun'
 require 'hydra-ldap'
+require 'ladle'
+
 RSpec.configure do |config|
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hydra-ldap
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-06-14 00:00:00.000000000 Z
+date: 2012-08-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ldap
@@ -27,6 +27,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -59,6 +75,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: ladle
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A gem for managing groups with ldap
 email:
 - justin.coyne@yourmediashelf.com
@@ -72,6 +104,7 @@ files:
 - README.md
 - Rakefile
 - config/hydra-ldap.yml
+- hydra-ldap-example.ldif
 - hydra-ldap.gemspec
 - lib/generators/hydra-ldap/config_generator.rb
 - lib/generators/hydra-ldap/templates/hydra-ldap.yml
@@ -100,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: Create, Read and Update LDAP groups