jruby-ldap 0.0.1

data/lib/ldap/mod.rb

@@ -0,0 +1,74 @@
+module LDAP
+  class << self
+    def mod(mod_type, attr, vals)
+      Mod.new(mod_type, attr, vals)
+    end
+
+    def hash2mods(mod_type, hash)
+      hash.map do |key, value|
+        mod(mod_type, key, value)
+      end
+    end
+  end
+
+  class Mod
+    BasicAttributes = javax.naming.directory.BasicAttributes
+    BasicAttribute = javax.naming.directory.BasicAttribute
+    ModificationItem = javax.naming.directory.ModificationItem
+    DirContext = javax.naming.directory.DirContext
+    class << self
+      def to_java_attributes(*attrs)
+        attrs.inject(BasicAttributes.new) do |res, attr|
+          res.put(attr.to_java_attribute)
+          res
+        end
+      end
+
+      def ruby_mod_to_java(mod_op)
+        case (mod_op&~LDAP::LDAP_MOD_BVALUES)
+          when LDAP::LDAP_MOD_ADD: DirContext::ADD_ATTRIBUTE
+          when LDAP::LDAP_MOD_REPLACE: DirContext::REPLACE_ATTRIBUTE
+          when LDAP::LDAP_MOD_DELETE: DirContext::REMOVE_ATTRIBUTE
+          else raise LDAP::Error, "can't handle operation #{mod_op}"
+        end
+      end
+      
+      def to_java_modification_items(*attrs)
+        attrs.map do |val|
+          ModificationItem.new(ruby_mod_to_java(val.mod_op), val.to_java_attribute)
+        end.to_java ModificationItem
+      end
+    end
+    
+    def initialize(mod_type, attr, vals)
+      @type, @attr, @vals = mod_type, attr, vals
+    end
+
+    def mod_op #should be mod_type
+      @type
+    end
+
+    def mod_type #should be attr
+      @attr
+    end
+
+    def mod_vals
+      @vals
+    end
+    
+    def to_java_attribute
+      v = BasicAttribute.new(self.mod_type)
+      binary = mod_op & LDAP::LDAP_MOD_BVALUES
+      if binary 
+        self.mod_vals.each do |val|
+          v.add(val.to_java_bytes)
+        end
+      else
+        self.mod_vals.each do |val|
+          v.add(val)
+        end
+      end
+      v
+    end
+  end
+end

data/lib/ldap/schema.rb

@@ -0,0 +1,131 @@
+# Manipulation of LDAP schema data.
+#
+#--
+# $Id: schema.rb,v 1.9 2006/02/08 23:15:17 ianmacd Exp $
+#++
+
+# The LDAP module encapsulates the various LDAP-related classes in their own
+# namespace.
+#
+module LDAP
+
+  # Retrieve and process information pertaining to LDAP schemas.
+  #
+  class Schema < Hash
+
+    def initialize(entry)
+      if( entry )
+	entry.each{|key,vals|
+	  self[key] = vals
+	}
+      end
+    end
+
+    # Return the list of values related to the schema component given in
+    # +key+. See LDAP::Conn#schema for common values of +key+.
+    #
+    def names(key)
+      self[key].collect{|val| val =~ /NAME\s+'([\w\d_-]+)'/; $1}
+    end
+
+    # Return the list of attributes in object class +oc+ that are of category
+    # +at+. +at+ may be the string *MUST*, *MAY* or *SUP*.
+    #
+    def attr(oc,at)
+      self['objectClasses'].each{|s|
+	if( s =~ /NAME\s+'#{oc}'/ )
+	  case s
+	  when /#{at}\s+\(([\w\d_-\s\$]+)\)/i
+	    return $1.split("$").collect{|attr| attr.strip}
+	  when /#{at}\s+([\w\d_-]+)/i
+	    return $1.split("$").collect{|attr| attr.strip}
+	  end
+	end
+      }
+      return nil
+    end
+
+    # Return the list of attributes that an entry with object class +oc+
+    # _must_ possess.
+    #
+    def must(oc)
+      attr(oc, "MUST")
+    end
+
+    # Return the list of attributes that an entry with object class +oc+
+    # _may_ possess.
+    #
+    def may(oc)
+      attr(oc, "MAY")
+    end
+
+    # Return the superior object class of object class +oc+.
+    #
+    def sup(oc)
+      attr(oc, "SUP")
+    end
+  end
+
+  class Conn
+
+    # Fetch the schema data for the connection.
+    #
+    # If +base+ is given, it gives the base DN for the search. +attrs+, if
+    # given, is an array of attributes that should be returned from the
+    # server. The default list is *objectClasses*, *attributeTypes*,
+    # *matchingRules*, *matchingRuleUse*, *dITStructureRules*,
+    # *dITContentRules*, *nameForms* and *ldapSyntaxes*.
+    #
+    # +sec+ and +usec+ can be used to specify a time-out for the search in
+    # seconds and microseconds, respectively.
+    # 
+    def schema(base = nil, attrs = nil, sec = 0, usec = 0)
+      attrs ||= [
+	'objectClasses',
+	'attributeTypes',
+	'matchingRules',
+	'matchingRuleUse',
+	'dITStructureRules',
+	'dITContentRules',
+	'nameForms',
+	'ldapSyntaxes',
+      ]
+      base ||= root_dse(['subschemaSubentry'], sec, usec)[0]['subschemaSubentry'][0]
+      base ||= 'cn=schema'
+      ent = search2(base, LDAP_SCOPE_BASE, '(objectClass=subschema)',
+		    attrs, false, sec, usec)
+      return Schema.new(ent[0])
+    end
+
+    # Fetch the root DSE (DSA-specific Entry) for the connection. DSA stands
+    # for Directory System Agent and simply refers to the LDAP server you are
+    # using.
+    #
+    # +attrs+, if given, is an array of attributes that should be returned
+    # from the server. The default list is *subschemaSubentry*,
+    # *namingContexts*, *monitorContext*, *altServer*, *supportedControl*,
+    # *supportedExtension*, *supportedFeatures*, *supportedSASLMechanisms*
+    # and *supportedLDAPVersion*.
+    #
+    # +sec+ and +usec+ can be used to specify a time-out for the search in
+    # seconds and microseconds, respectively.
+    #
+    def root_dse(attrs = nil, sec = 0, usec = 0)
+      attrs ||= [
+	'subschemaSubentry',
+	'namingContexts',
+	'monitorContext',
+	'altServer',
+	'supportedControl',
+	'supportedExtension',
+	'supportedFeatures',
+	'supportedSASLMechanisms',
+	'supportedLDAPVersion',
+      ]
+
+      entries = search2('', LDAP_SCOPE_BASE, '(objectClass=*)',
+			attrs, false, sec, usec)
+      return entries
+    end
+  end
+end

data/test/setup.rb

@@ -0,0 +1,51 @@
+
+require 'ldap'
+require './username_and_password'
+
+$LDAP_test_host = 'localhost'
+$LDAP_test_port = LDAP::LDAP_PORT
+
+def delete_tree(c, name)
+  c.search(name, LDAP::LDAP_SCOPE_ONELEVEL, "(objectClass=*)", ['dn']) do |v|
+    delete_tree c, v.get_dn
+  end rescue nil
+  c.delete(name)
+end
+
+
+c = LDAP::Conn.new($LDAP_test_host, $LDAP_test_port)
+c.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+c.bind($LDAP_test_username, $LDAP_test_password) do 
+  # just clean out and create our tree
+
+  delete_tree(c, 'o=ruby_ldap_test_tree') 
+  
+  c.add('o=ruby_ldap_test_tree', {'objectClass' => ['organization'], 'o' => ['ruby_ldap_test_tree']})
+  c.add('o=sub_tree, o=ruby_ldap_test_tree', {'objectClass' => ['organization'], 'o' => ['sub_tree']})
+end
+
+
+module Test::Unit::Assertions
+  def assert_exists_in_ldap dn, attrs = {}
+    found = 0
+    @conn.search(dn, LDAP::LDAP_SCOPE_BASE, "(objectClass=*)", attrs.keys) do |entry|
+      found += 1
+
+      assert_equal dn, entry.get_dn
+      assert_equal attrs.keys.sort, entry.get_attributes.sort unless attrs == { }
+      attrs.each do |k,v|
+        assert_equal v, entry[k]
+        assert_equal v, entry[k.downcase]
+        assert_equal v, entry[k.upcase]
+      end
+    end
+    
+    assert_equal 1,found
+  end
+
+  def assert_dont_exists_in_ldap dn
+    assert_raises(LDAP::ResultError) do 
+      @conn.search(dn, LDAP::LDAP_SCOPE_BASE, "(objectClass=*)", []) { }
+    end
+  end
+end

data/test/test_add.rb

@@ -0,0 +1,21 @@
+require 'test/unit'
+require 'setup'
+
+class TestAdd < Test::Unit::TestCase
+  def setup
+    @conn = LDAP::Conn.new($LDAP_test_host, $LDAP_test_port)
+    @conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    @conn.bind($LDAP_test_username, $LDAP_test_password)
+  end
+  
+  def teardown
+    @conn.unbind rescue nil
+  end
+
+  def test_simple_add
+    @conn.add("o=fox3,o=ruby_ldap_test_tree", {'o' => ["fox3"], 'objectClass' => ['organization']})
+    assert_exists_in_ldap "o=fox3,o=ruby_ldap_test_tree", {'o' => ["fox3"]}
+  ensure 
+    @conn.delete("o=fox3,o=ruby_ldap_test_tree") rescue nil
+  end
+end

data/test/test_connection.rb

@@ -0,0 +1,52 @@
+require 'test/unit'
+require 'setup'
+
+class TestConnection < Test::Unit::TestCase
+  def setup
+    @conn = LDAP::Conn.new($LDAP_test_host, $LDAP_test_port)
+    @conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    @conn.bind($LDAP_test_username, $LDAP_test_password)
+  end
+  
+  def teardown
+    @conn.unbind rescue nil
+  end
+
+  if defined?(JRUBY_VERSION)
+  def test_rebind
+    id = @conn.object_id
+
+    assert_nothing_raised do
+      @conn.unbind
+      @conn.bind
+    end
+
+    id2 = @conn.object_id
+    assert_equal( id, id2 )
+
+    assert_nothing_raised do
+      @conn.unbind
+      @conn.simple_bind
+    end
+
+    id2 = @conn.object_id
+    assert_equal( id, id2 )
+  end
+  end
+
+  def test_double_bind
+    assert_raises( LDAP::Error ) { @conn.bind }
+    assert_raises( LDAP::Error ) { @conn.simple_bind }
+  end
+
+  def test_double_unbind
+    assert_nothing_raised { @conn.unbind }
+    assert_raises( LDAP::InvalidDataError ) { @conn.unbind }
+  end
+
+  def test_bound?
+    assert( @conn.bound? )
+    @conn.unbind
+    assert( ! @conn.bound? )
+  end
+end

data/test/test_delete.rb

@@ -0,0 +1,21 @@
+require 'test/unit'
+require 'setup'
+
+class TestDelete < Test::Unit::TestCase
+  def setup
+    @conn = LDAP::Conn.new($LDAP_test_host, $LDAP_test_port)
+    @conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    @conn.bind($LDAP_test_username, $LDAP_test_password)
+  end
+  
+  def teardown
+    @conn.unbind rescue nil
+  end
+
+  def test_simple_delete
+    @conn.add("o=fox3,o=ruby_ldap_test_tree", {'o' => ["fox3"], 'objectClass' => ['organization']})
+    assert_exists_in_ldap "o=fox3,o=ruby_ldap_test_tree"
+    @conn.delete("o=fox3,o=ruby_ldap_test_tree")
+    assert_dont_exists_in_ldap "o=fox3,o=ruby_ldap_test_tree"
+  end
+end

data/test/test_search.rb

@@ -0,0 +1,87 @@
+require 'test/unit'
+require 'setup'
+
+class TestSearch < Test::Unit::TestCase
+  def setup
+    @conn = LDAP::Conn.new($LDAP_test_host, $LDAP_test_port)
+    @conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    @conn.bind($LDAP_test_username, $LDAP_test_password)
+  end
+  
+  def teardown
+    @conn.unbind rescue nil
+  end
+
+  def test_simple_base_search
+    found = 0
+    @conn.search('o=ruby_ldap_test_tree', LDAP::LDAP_SCOPE_BASE, "(objectClass=*)", []) do |v|
+      found += 1
+
+      assert_equal 'o=ruby_ldap_test_tree', v.get_dn
+      assert_equal ['o', 'objectClass'].sort, v.get_attributes.sort
+      assert_equal ['ruby_ldap_test_tree'], v['o']
+      assert_equal ['organization'], v['objectClass']
+      assert_equal ['organization'], v['OBJECTCLASS']
+    end
+    
+    assert_equal 1,found
+  end
+
+  def test_simple_one_level_search
+    found = 0
+    @conn.search('o=ruby_ldap_test_tree', LDAP::LDAP_SCOPE_ONELEVEL, "(objectClass=*)", []) do |v|
+      found += 1
+
+      assert_equal 'o=sub_tree,o=ruby_ldap_test_tree', v.get_dn
+      assert_equal ['o', 'objectClass'].sort, v.get_attributes.sort
+      assert_equal ['sub_tree'], v['o']
+      assert_equal ['organization'], v['objectClass']
+      assert_equal ['organization'], v['OBJECTCLASS']
+    end
+    
+    assert_equal 1,found
+  end
+
+  def test_simple_subtree_search
+    found = 0
+
+    @conn.search('o=ruby_ldap_test_tree', LDAP::LDAP_SCOPE_SUBTREE, "(objectClass=*)", []) do |v|
+      found += 1
+      if v.get_dn =~ /sub_tree/
+        assert_equal 'o=sub_tree,o=ruby_ldap_test_tree', v.get_dn
+        assert_equal ['o', 'objectClass'].sort, v.get_attributes.sort
+        assert_equal ['sub_tree'], v['o']
+        assert_equal ['organization'], v['objectClass']
+        assert_equal ['organization'], v['OBJECTCLASS']
+      else
+        assert_equal 'o=ruby_ldap_test_tree', v.get_dn
+        assert_equal ['o', 'objectClass'].sort, v.get_attributes.sort
+        assert_equal ['ruby_ldap_test_tree'], v['o']
+        assert_equal ['organization'], v['objectClass']
+        assert_equal ['organization'], v['OBJECTCLASS']
+      end
+    end
+    
+    assert_equal 2,found
+  end
+
+  def test_filter
+    found = 0
+
+    @conn.search('o=ruby_ldap_test_tree', LDAP::LDAP_SCOPE_SUBTREE, "(o=sub_tree)", []) do |v|
+      found += 1
+
+      assert_equal 'o=sub_tree,o=ruby_ldap_test_tree', v.get_dn
+      assert_equal ['o', 'objectClass'].sort, v.get_attributes.sort
+      assert_equal ['sub_tree'], v['o']
+      assert_equal ['organization'], v['objectClass']
+      assert_equal ['organization'], v['OBJECTCLASS']
+    end
+    
+    assert_equal 1,found
+  end
+
+  def test_attributes
+    assert_exists_in_ldap 'o=sub_tree,o=ruby_ldap_test_tree', {'objectClass' => ['organization'] }
+  end
+end

data/test/test_ssl.rb

@@ -0,0 +1,21 @@
+require 'test/unit'
+require 'setup'
+
+class TestSSLAdd# < Test::Unit::TestCase
+  def setup
+    @conn = LDAP::SSLConn.new($LDAP_test_host, LDAP::LDAPS_PORT)
+    @conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+    @conn.bind($LDAP_test_username, $LDAP_test_password)
+  end
+  
+  def teardown
+    @conn.unbind rescue nil
+  end
+
+  def test_simple_add
+    @conn.add("o=fox3,o=ruby_ldap_test_tree", {'o' => ["fox3"], 'objectClass' => ['organization']})
+    assert_exists_in_ldap "o=fox3,o=ruby_ldap_test_tree", {'o' => ["fox3"]}
+  ensure 
+    @conn.delete("o=fox3,o=ruby_ldap_test_tree") rescue nil
+  end
+end