hydra-ldap 0.0.3

data/.gitignore

@@ -0,0 +1,20 @@
+*.gem
+*.rbc
+.bundle
+.config
+coverage
+InstalledFiles
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+
+# YARD artifacts
+.yardoc
+_yardoc
+doc/
+
+*.swp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in hydra-ldap.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 TODO: Write your name
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# Hydra::LDAP
+
+A gem for managing ldap groups used with hydra
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'hydra-ldap'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install hydra-ldap
+
+## Usage
+
+Create the config file (config/ldap.yml) by running:
+
+<pre>rails generate hydra-ldap</pre>
+
+
+<pre>Hydra::LDAP.create_group(group_code, description, owner, users)</pre>
+<pre>Hydra::LDAP.groups_for_user(user_id)</pre>
+<pre>Hydra::LDAP.groups_owned_by_user(user_id)</pre>
+<pre>Hydra::LDAP.delete_group(group_code)</pre>
+<pre>Hydra::LDAP.add_users_to_group(group_code, users)</pre>
+<pre>Hydra::LDAP.remove_users_from_group(group_code, users)</pre>
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,12 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new do |t|
+end
+

data/config/hydra-ldap.yml

@@ -0,0 +1,9 @@
+test:  
+  host: ldap.example.com
+  port: 389
+  username: cn=Manager,dc=example,dc=com
+  password: <%= ENV['LDAP_PASSWORD'] %>
+  group_base: ou=groups,dc=example,dc=com
+  base: ou=people,dc=example,dc=com
+  uid: uid
+

data/hydra-ldap.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/hydra/ldap/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Justin Coyne"]
+  gem.email         = ["justin.coyne@yourmediashelf.com"]
+  gem.description   = %q{A gem for managing groups with ldap}
+  gem.summary       = %q{Create, Read and Update LDAP groups}
+  gem.homepage      = "https://github.com/projecthydra/hydra-ldap"
+
+  gem.add_dependency('net-ldap')
+
+  gem.add_development_dependency('rake')
+  gem.add_development_dependency('rspec')
+  
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "hydra-ldap"
+  gem.require_paths = ["lib"]
+  gem.version       = Hydra::LDAP::VERSION
+end

data/lib/generators/hydra-ldap/config_generator.rb

@@ -0,0 +1,7 @@
+class ConfigGenerator < Rails::Generators::Base
+  source_root File.expand_path('../templates', __FILE__)
+  
+  def create_config_file
+    copy_file "hydra-ldap.yml", "config/hydra-ldap.yml"
+  end
+end

data/lib/generators/hydra-ldap/templates/hydra-ldap.yml

@@ -0,0 +1,26 @@
+development:  
+  host: dirapps.aset.psu.edu
+  port: 389
+  # username: cn=admin,dc=example,dc=com
+  # password: simple77
+  group_base: dc=psu,dc=edu
+  # base: dc=example,dc=com
+  # uid: uid
+test:  
+  host: dirapps.aset.psu.edu
+  port: 389
+  username: cn=admin,dc=example,dc=com
+  password: simple77
+  group_base: dc=psu,dc=edu
+  base: dc=example,dc=com
+  uid: uid
+production:  
+  host: dirapps.aset.psu.edu
+  port: 389
+  username: cn=admin,dc=example,dc=com
+  password: <%= ENV['LDAP_PASSWORD'] %>
+  group_base: dc=psu,dc=edu
+  base: dc=northwestern,dc=edu
+  uid: uid
+
+

data/lib/hydra-ldap.rb

@@ -0,0 +1,134 @@
+require "hydra/ldap/version"
+require "net/ldap"
+require 'active_support/core_ext/object/blank'
+require 'active_support/core_ext/hash/indifferent_access'
+require 'yaml'
+
+module Hydra
+  module LDAP
+
+    # Your code goes here...
+    class NoUsersError < StandardError; end
+    class MissingOwnerError < StandardError; end
+    class GroupNotFound < StandardError; end
+
+    def self.connection
+      @ldap_conn ||= Net::LDAP.new(ldap_connection_config) 
+    end
+
+    def self.ldap_connection_config
+      return @ldap_connection_config if @ldap_connection_config
+      @ldap_connection_config = {}
+      yml = ldap_config
+      @ldap_connection_config[:host] = yml[:host]
+      @ldap_connection_config[:port] = yml[:port]
+      if yml[:username] && yml[:password]
+        @ldap_connection_config[:auth]={:method=>:simple}
+        @ldap_connection_config[:auth][:username] = yml[:username]
+        @ldap_connection_config[:auth][:password] = yml[:password]
+      end
+      @ldap_connection_config
+    end
+
+    def self.ldap_config
+      root = defined?(Rails) ? Rails.root : '.'
+      env = defined?(Rails) ?  Rails.env : 'test'
+      @ldap_config ||= YAML::load(ERB.new(IO.read(File.join(root, 'config', 'hydra-ldap.yml'))).result)[env].with_indifferent_access
+    end
+
+    def self.group_base
+      ldap_config[:group_base]
+    end
+
+    def self.treebase
+      ldap_config[:base]
+    end
+
+    def self.dn(code)
+      dn = "cn=#{code},#{group_base}"
+    end
+
+    def self.create_group(code, description, owner, users)
+      raise NoUsersError, "Unable to persist a group without users" unless users.present?
+      raise MissingOwnerError, "Unable to persist a group without owner" unless owner
+      attributes = {
+        :cn => code,
+        :objectclass => "groupofnames",
+        :description => description,
+        :member=>users.map {|u| "uid=#{u}"},
+        :owner=>"uid=#{owner}"
+      }
+      connection.add(:dn=>dn(code), :attributes=>attributes)
+    end
+
+    def self.delete_group(code)
+      Hydra::LDAP.connection.delete(:dn=>dn(code))
+    end
+
+    # same as
+    # ldapsearch -h ec2-107-20-53-121.compute-1.amazonaws.com -p 389 -x -b dc=example,dc=com -D "cn=admin,dc=example,dc=com" -W "(&(objectClass=groupofnames)(member=uid=vanessa))" cn
+    def self.groups_for_user(uid)
+      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(member=uid=#{uid}))"), :attributes=>['cn'])
+      result.map{|r| r[:cn].first}
+    end
+
+    def self.groups_owned_by_user(uid)
+      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(owner=uid=#{uid}))"), :attributes=>['cn'])
+      result.map{|r| r[:cn].first}
+    end
+    def self.title_of_group(group_code)
+      result = find_group(group_code)
+      result[:description].first
+    end
+
+    def self.users_for_group(group_code)
+      result = find_group(group_code)
+      result[:member].map { |v| v.sub(/^uid=/, '') }
+    end
+
+    def self.owner_for_group(group_code)
+      result = find_group(group_code)
+      result[:owner].first.sub(/^uid=/, '')
+    end
+
+    def self.add_users_to_group(group_code, users)
+      invalidate_cache(group_code)
+      ops = []
+      users.each do |u|
+        ops << [:add, :member, "uid=#{u}"]
+      end
+      connection.modify(:dn=>dn(group_code), :operations=>ops)
+    end
+
+    def self.remove_users_from_group(group_code, users)
+      invalidate_cache(group_code)
+      ops = []
+      users.each do |u|
+        ops << [:delete, :member, "uid=#{u}"]
+      end
+      connection.modify(:dn=>dn(group_code), :operations=>ops)
+    end
+
+    def self.invalidate_cache(group_code)
+      @cache ||= {}
+      @cache[group_code] = nil
+    end
+    
+    def self.find_group(group_code)
+      @cache ||= {}
+      return @cache[group_code] if @cache[group_code]
+      result = Hydra::LDAP.connection.search(:base=>group_base, :filter=> Net::LDAP::Filter.construct("(&(objectClass=groupofnames)(cn=#{group_code}))"), :attributes=>['member', 'owner', 'description'])
+      val = {}
+      raise GroupNotFound, "Can't find group '#{group_code}' in ldap" unless result.first
+      result.first.each do |k, v|
+        val[k] = v
+      end
+      #puts "Val is: #{val}"
+      @cache[group_code] = val
+    end
+
+  end
+end
+
+require 'hydra/ldap/engine' if defined?(Rails)
+

data/lib/hydra/ldap/engine.rb

@@ -0,0 +1,7 @@
+module Hydra
+  module LDAP
+    class Engine < Rails::Engine
+    end
+  end
+end
+

data/lib/hydra/ldap/version.rb

@@ -0,0 +1,5 @@
+module Hydra
+  module LDAP
+    VERSION = "0.0.3"
+  end
+end

data/spec/integration/ldap_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+describe 'Ldap service' do 
+  before do
+    # If this line isn't true, there was a problem creating (probably already exists.
+    Hydra::LDAP.create_group('justin1', 'Test Group', 'quentin', ['kacey', 'larry', 'ursula']).should be_true
+  end
+  after do
+    Hydra::LDAP.delete_group('justin1').should be_true
+  end
+  it "should have description, users, owners of a group" do
+    Hydra::LDAP.title_of_group('justin1').should == 'Test Group'
+    Hydra::LDAP.users_for_group('justin1').should == ['kacey', 'larry', 'ursula']
+    Hydra::LDAP.owner_for_group('justin1').should == 'quentin'
+  end
+
+  describe "#groups_owned_by_user" do
+    before do
+      Hydra::LDAP.create_group('justin2', 'Test Group', 'quentin', ['kacey', 'larry']).should be_true
+      Hydra::LDAP.create_group('justin3', 'Test Group', 'theresa', ['kacey', 'larry']).should be_true
+    end
+    after do
+      Hydra::LDAP.delete_group('justin2').should be_true
+      Hydra::LDAP.delete_group('justin3').should be_true
+    end
+    it "should return the list" do
+      Hydra::LDAP.groups_owned_by_user('quentin').should == ['justin1', 'justin2']
+    end
+  end
+  describe "#adding_members" do
+    it "should have users and owners of a group" do
+      Hydra::LDAP.add_users_to_group('justin1', ['theresa', 'penelope']).should be_true
+      Hydra::LDAP.users_for_group('justin1').should == ['kacey', 'larry', 'ursula', 'theresa', 'penelope']
+    end
+  end
+  describe "#removing_members" do
+    it "should remove users from the group" do
+      Hydra::LDAP.remove_users_from_group('justin1', ['kacey', 'larry']).should be_true
+      Hydra::LDAP.users_for_group('justin1').should == ['ursula']
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,9 @@
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+
+require 'rspec/autorun'
+require 'hydra-ldap'
+RSpec.configure do |config|
+
+end
+

metadata

@@ -0,0 +1,109 @@
+--- !ruby/object:Gem::Specification
+name: hydra-ldap
+version: !ruby/object:Gem::Version
+  version: 0.0.3
+  prerelease: 
+platform: ruby
+authors:
+- Justin Coyne
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-06-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: net-ldap
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A gem for managing groups with ldap
+email:
+- justin.coyne@yourmediashelf.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- config/hydra-ldap.yml
+- hydra-ldap.gemspec
+- lib/generators/hydra-ldap/config_generator.rb
+- lib/generators/hydra-ldap/templates/hydra-ldap.yml
+- lib/hydra-ldap.rb
+- lib/hydra/ldap/engine.rb
+- lib/hydra/ldap/version.rb
+- spec/integration/ldap_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/projecthydra/hydra-ldap
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Create, Read and Update LDAP groups
+test_files:
+- spec/integration/ldap_spec.rb
+- spec/spec_helper.rb