ku-ldap 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ku-ldap.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Copenhagen University
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,88 @@
+# KU::LDAP
+
+A client for the Copenhagen University LDAP service.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'ku-ldap'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install ku-ldap
+
+## Usage
+
+### Users
+
+Find a user by ID:
+
+    KU::LDAP.user 'abc123'
+    
+Search for users with an attribute matching a given string:
+
+    KU::LDAP.users :givenname, 'foo'
+    
+The matcher is an optional argument (default `:contains`):
+
+    KU::LDAP.users :givenname, 'oo', :ends
+    
+Available matchers:
+
+    :begins, :contains, :ends, :eq
+    
+Find and authenticate a user by ID and password:
+
+    KU::LDAP.authenticate_user 'abc123', 'password'
+    
+User metadata:
+
+    user = KU::LDAP.user 'abc123'
+    user.id
+    user.first_name
+    user.last_name
+    user.full_name
+    user.title
+    user.primary_institution
+    user.department
+    user.email
+    user.group_name
+    
+### Groups
+
+Find a group by name:
+
+    KU::LDAP.group 'foo'
+    
+Search for groups with an attribute containing a given string:
+
+    KU::LDAP.groups :description, 'foo'
+    
+Or, with an alternate matcher:
+
+    KU::LDAP.groups :description, 'foo', :begins
+    
+Group metadata:
+
+    group = KU::LDAP.group 'foo'
+    group.id
+    group.description
+    group.primary_institution
+    group.members
+    
+Group membership:
+
+    group.member? 'abc123'
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/ku-ldap.gemspec

@@ -0,0 +1,19 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/ku/ldap/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["jamiehodge"]
+  gem.email         = ["jamiehodge@me.com"]
+  gem.description   = %q{A client for the Copenhagen University LDAP service.}
+  gem.summary       = %q{A client for the Copenhagen University LDAP service.}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "ku-ldap"
+  gem.require_paths = ["lib"]
+  gem.version       = KU::LDAP::VERSION
+  
+  gem.add_dependency 'net-ldap'
+end

data/lib/ku/ldap.rb

@@ -0,0 +1,45 @@
+require 'net/ldap'
+
+require_relative 'ldap/directory'
+require_relative 'ldap/entry'
+require_relative 'ldap/version'
+
+module KU
+  module LDAP
+    extend self
+    
+    HOST = ENV['KU_LDAP_HOST']
+    PORT = ENV['KU_LDAP_PORT']
+    
+    def user id, user_class=Entry::User
+      user_class.first directory, id
+    end
+    
+    def users attribute, value, matcher=:contains, user_class=Entry::User
+      user_class.search directory, attribute.to_sym, value, matcher
+    end
+    
+    def authenticate_user id, password, user_class=Entry::User
+      user_class.authenticate directory, id, password
+    end
+    
+    def group id, group_class=Entry::Group
+      group_class.first directory, id
+    end
+    
+    def groups attribute, value, matcher=:contains, group_class=Entry::Group
+      group_class.search directory, attribute.to_sym, value, matcher
+    end
+    
+    private
+    
+    def directory
+      Directory.new service
+    end
+    
+    def service
+      Net::LDAP.new(host: HOST, port: PORT, encryption: :start_tls)
+    end
+  end
+end
+

data/lib/ku/ldap/directory.rb

@@ -0,0 +1,31 @@
+module KU
+  module LDAP
+    class Directory
+  
+      def initialize service
+        @service = service
+        @service.authenticate *credentials if credentials
+      end
+  
+      def first base, filter
+        search(base, filter).first if @service.bind
+      end
+  
+      def search base, filter
+        @service.search(base: base, filter: filter)
+      end
+  
+      def authenticate base, filter, password
+        @service.bind_as(base: base, filter: filter, password: password)
+      end
+      
+      private
+      
+      def credentials
+        return unless ENV['KU_LDAP_USERNAME'] && ENV['KU_LDAP_PASSWORD']
+        [ENV['KU_LDAP_USERNAME'], ENV['KU_LDAP_PASSWORD']]
+      end
+    end
+  end
+end
+

data/lib/ku/ldap/entry.rb

@@ -0,0 +1,2 @@
+require_relative 'entry/user'
+require_relative 'entry/group'

data/lib/ku/ldap/entry/base.rb

@@ -0,0 +1,42 @@
+require_relative '../filter'
+
+module KU
+  module LDAP
+    module Entry
+      class Base
+        
+        BASE = ENV['KU_LDAP_BASE'] || 'dc=sc,dc=ku,dc=dk'
+        
+        def self.first directory, id, filter=Filter.new
+          entry = directory.first base, filter.eq(identifier, id)
+          new entry if entry
+        end
+  
+        def self.search directory, attribute, value, matcher, filter=Filter.new
+          filt = filter.send matcher.to_sym, attribute, value
+          Array(directory.search(base, filt)).map {|entry| new entry}
+        end
+  
+        def initialize entry
+          @entry = entry || Hash.new([])
+        end
+  
+        private
+      
+        def self.base
+          BASE
+        end
+  
+        def self.identifier
+          :dn
+        end
+  
+        def [] attribute
+          @entry[attribute].first
+        end
+      end
+    end
+  end
+end
+
+

data/lib/ku/ldap/entry/group.rb

@@ -0,0 +1,38 @@
+require_relative 'base'
+
+module KU
+  module LDAP
+    module Entry
+      class Group < Base
+        
+        def id
+          self[:cn]
+        end
+        
+        def description
+          self[:description]
+        end
+        
+        def members
+          @entry[:memberuid]
+        end
+        
+        def member? id
+          members.include? id
+        end
+        
+        private
+  
+        def self.base
+          ['ou=group', super].join(',')
+        end
+  
+        def self.identifier
+          :cn
+        end
+      end
+    end
+  end
+end
+
+

data/lib/ku/ldap/entry/user.rb

@@ -0,0 +1,62 @@
+require_relative 'base'
+require_relative 'group'
+
+module KU
+  module LDAP
+    module Entry
+      class User < Base
+        
+        def self.authenticate directory, id, password
+          entry = Array(directory.authenticate(base, KU::LDAP::Filter.new.eq(identifier, id), password)).first
+          new entry if entry
+        end
+  
+        def id
+          self[:uid]
+        end
+  
+        def first_name
+          self[:givenname]
+        end
+  
+        def last_name
+          self[:sn]
+        end
+  
+        def full_name
+          self[:displayname]
+        end
+  
+        def title
+          self[:title]
+        end
+  
+        def primary_institution
+          self[:o]
+        end
+  
+        def department
+          self[:departmentnumber]
+        end
+  
+        def email
+          self[:mail]
+        end
+        
+        def group_name
+          self[:employeetype]
+        end
+  
+        private
+  
+        def self.base
+          ['ou=people', super].join(',')
+        end
+  
+        def self.identifier
+          :uid
+        end
+      end
+    end
+  end
+end

data/lib/ku/ldap/filter.rb

@@ -0,0 +1,17 @@
+require 'forwardable'
+
+module KU
+  module LDAP
+    class Filter
+      extend Forwardable
+      def_delegators :@helper, :begins, :contains, :ends, :eq
+  
+      def initialize helper=Net::LDAP::Filter
+        @helper = helper
+      end
+    end
+  end
+end
+
+
+

data/lib/ku/ldap/version.rb

@@ -0,0 +1,5 @@
+module KU
+  module LDAP
+    VERSION = "0.0.1"
+  end
+end

data/spec/ku/ldap/directory_spec.rb

@@ -0,0 +1,95 @@
+require_relative '../../spec_helper'
+require_relative '../../../lib/ku/ldap/directory'
+
+describe KU::LDAP::Directory do
+  
+  subject       {KU::LDAP::Directory.new service}
+  let(:service) {MiniTest::Mock.new}
+
+  describe '#first' do
+    
+    before do
+      service.expect :search, [:foo], [{base: 'base', filter: 'filter'}]
+      @result = subject.first 'base', 'filter'
+    end
+    
+    it 'must delegate to service' do
+      service.verify
+    end
+    
+    it 'must return first result' do
+      @result.must_equal :foo
+    end
+  end
+  
+  describe '#search' do
+    
+    before do
+      service.expect :search, [:foo], [{base: 'base', filter: 'filter'}]
+      @result = subject.search 'base', 'filter'
+    end
+    
+    it 'must delegate to service' do
+      service.verify
+    end
+    
+    it 'must return an array of results' do
+      @result.must_be_instance_of Array
+      @result.first.must_equal :foo
+    end
+  end
+  
+  describe '#authenticate' do
+    
+    describe 'valid' do
+      
+      before do
+        service.expect :bind_as, [:foo], [{base: 'base', filter: 'filter', password: 'password'}]
+        @result = subject.authenticate 'base', 'filter', 'password'
+      end
+      
+      it 'must return an array of results' do
+        @result.must_be_instance_of Array
+        @result.first.must_equal :foo
+      end
+    end
+    
+    describe 'invalid' do
+      
+      before do
+        service.expect :bind_as, nil, [{base: 'base', filter: 'filter', password: 'password'}]
+        @result = subject.authenticate 'base', 'filter', 'password'
+      end
+      
+      it 'must return nil' do
+        @result.must_be_instance_of NilClass
+      end
+    end
+  end
+  
+  describe 'service authentication' do
+    
+    describe 'without credentials' do
+      
+      it 'wont authenticate' do
+        subject
+      end
+    end
+    
+    describe 'with credentials' do
+      
+      before do
+        ENV['KU_LDAP_USERNAME'] = ENV['KU_LDAP_PASSWORD'] = 'foo'
+      end
+      
+      after do
+        ENV['KU_LDAP_USERNAME'] = ENV['KU_LDAP_PASSWORD'] = nil
+      end
+      
+      it 'must authenticate' do
+        service.expect :authenticate, true, [String, String]
+        subject
+      end
+    end
+  end
+end

data/spec/ku/ldap/entry/base_spec.rb

@@ -0,0 +1,52 @@
+require_relative '../../../spec_helper'
+require_relative '../../../../lib/ku/ldap/entry/base'
+
+describe KU::LDAP::Entry::Base do
+  
+  subject         {KU::LDAP::Entry::Base}
+  let(:directory) {MiniTest::Mock.new}
+  let(:filter)    {MiniTest::Mock.new}
+  
+  describe '::first' do
+    
+    before do
+      directory.expect :first, {}, [KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :eq, '', [Symbol, String]
+      @result = subject.first directory, 'abc123', filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return a new instance' do
+      @result.must_be_instance_of subject
+    end
+  end
+  
+  describe '::search' do
+    
+    before do
+      directory.expect :search, [{},{}], [KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :send, '', [:contains, Symbol, String] 
+      @result = subject.search directory, :attr, 'value', :contains, filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return an array of instances' do
+      @result.must_be_instance_of Array
+      @result.each {|r| r.must_be_instance_of subject}
+    end
+  end
+end

data/spec/ku/ldap/entry/group_spec.rb

@@ -0,0 +1,90 @@
+require_relative '../../../spec_helper'
+require_relative '../../../../lib/ku/ldap/entry/group'
+
+describe KU::LDAP::Entry::Group do
+  
+  subject         {KU::LDAP::Entry::Group}
+  let(:directory) {MiniTest::Mock.new}
+  let(:filter)    {MiniTest::Mock.new}
+  
+  describe '::first' do
+    
+    before do
+      directory.expect :first, {}, ['ou=group,' + KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :eq, '', [:cn, String]
+      @result = subject.first directory, 'abc123', filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return a new instance' do
+      @result.must_be_instance_of subject
+    end
+  end
+  
+  describe '::search' do
+    
+    before do
+      directory.expect :search, [{},{}], ['ou=group,' + KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :send, '', [:contains, :attr, String] 
+      @result = subject.search directory, :attr, 'value', :contains, filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return an array of instances' do
+      @result.must_be_instance_of Array
+      @result.each {|r| r.must_be_instance_of subject}
+    end
+  end
+  
+  describe 'attributes' do
+    
+    let(:attributes) do
+      attrs = Hash.new {|hash,key| hash[key] = []}
+      attrs[:cn] << 'id'
+      attrs[:description] << 'description'
+      attrs[:o] << 'primary_institution'
+      attrs[:memberuid] << 'abc123'
+      attrs
+    end
+    
+    before do
+      @user = subject.send :new, attributes
+    end
+    
+    %w(id description primary_institution).each do |attribute|
+      it "must return #{attribute}" do
+        @user.send(attribute.to_sym).must_equal attribute
+      end
+    end
+    
+    it 'must return array of member ids' do
+      @user.members.must_be_instance_of Array
+      @user.members.first.must_equal 'abc123'
+    end
+    
+    describe '#member?' do
+      
+      it 'must confirm membership' do
+        assert @user.member? 'abc123'
+      end
+      
+      it 'wont confirm non-membership' do
+        refute @user.member? 'def456'
+      end
+    end
+  end
+end

data/spec/ku/ldap/entry/user_spec.rb

@@ -0,0 +1,79 @@
+require_relative '../../../spec_helper'
+require_relative '../../../../lib/ku/ldap/entry/user'
+
+describe KU::LDAP::Entry::User do
+  
+  subject         {KU::LDAP::Entry::User}
+  let(:directory) {MiniTest::Mock.new}
+  let(:filter)    {MiniTest::Mock.new}
+  
+  describe '::first' do
+    
+    before do
+      directory.expect :first, {}, ['ou=people,' + KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :eq, '', [:uid, String]
+      @result = subject.first directory, 'abc123', filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return a new instance' do
+      @result.must_be_instance_of subject
+    end
+  end
+  
+  describe '::search' do
+    
+    before do
+      directory.expect :search, [{},{}], ['ou=people,' + KU::LDAP::Entry::Base::BASE, String]
+      filter.expect :send, '', [:contains, :attr, String] 
+      @result = subject.search directory, :attr, 'value', :contains, filter
+    end
+    
+    it 'must delegate to directory' do
+      directory.verify
+    end
+    
+    it 'must delegate to filter' do
+      filter.verify
+    end
+    
+    it 'must return an array of instances' do
+      @result.must_be_instance_of Array
+      @result.each {|r| r.must_be_instance_of subject}
+    end
+  end
+  
+  describe 'attributes' do
+    
+    let(:attributes) do
+      attrs = Hash.new {|hash,key| hash[key] = []}
+      attrs[:uid] << 'id'
+      attrs[:givenname] << 'first_name'
+      attrs[:sn] << 'last_name'
+      attrs[:displayname] << 'full_name'
+      attrs[:title] << 'title'
+      attrs[:o] << 'primary_institution'
+      attrs[:departmentnumber] << 'department'
+      attrs[:mail] << 'email'
+      attrs[:employeetype] << 'group_name'
+      attrs
+    end
+    
+    before do
+      @user = subject.send :new, attributes
+    end
+    
+    %w(id first_name last_name full_name title primary_institution department email group_name).each do |attribute|
+      it "must return #{attribute}" do
+        @user.send(attribute.to_sym).must_equal attribute
+      end
+    end
+  end
+end

data/spec/ku/ldap_spec.rb

@@ -0,0 +1,107 @@
+require_relative '../spec_helper'
+require_relative '../../lib/ku/ldap'
+
+describe KU::LDAP do
+  
+  subject {
+    Module.new do
+      extend KU::LDAP
+      
+      def self.service
+        Object.new
+      end
+    end
+  }
+    
+  describe '#user' do
+    
+    let(:user_class) {MiniTest::Mock.new}
+    
+    before do
+      user_class.expect :first, Object.new, [KU::LDAP::Directory, String]
+      @result = subject.user 'abc123', user_class
+    end
+    
+    it 'delegates to user class' do
+      user_class.verify
+    end
+    
+    it 'must return instance of user class' do
+      @result.must_be_instance_of Object
+    end
+  end
+  
+  describe '#authenticate' do
+    
+    let(:user_class) {MiniTest::Mock.new}
+    
+    before do
+      user_class.expect :authenticate, Object.new, [KU::LDAP::Directory, String, String]
+      @result = subject.authenticate_user 'abc123', 'password', user_class
+    end
+    
+    it 'delegates to user class' do
+      user_class.verify
+    end
+    
+    it 'must return instance of user class' do
+      @result.must_be_instance_of Object
+    end
+  end
+  
+  describe '#users' do
+    
+    let(:user_class) {MiniTest::Mock.new}
+    
+    before do
+      user_class.expect :search, [Object.new], [KU::LDAP::Directory, Symbol, String, Symbol]
+      @result = subject.users :attribute, 'value', :contains, user_class
+    end
+    
+    it 'delegates to user class' do
+      user_class.verify
+    end
+    
+    it 'must return an array of instance of user class' do
+      @result.must_be_instance_of Array
+      @result.first.must_be_instance_of Object
+    end
+  end
+  
+  describe '#group' do
+    
+    let(:group_class) {MiniTest::Mock.new}
+    
+    before do
+      group_class.expect :first, Object.new, [KU::LDAP::Directory, String]
+      @result = subject.group 'abc123', group_class
+    end
+    
+    it 'delegates to group class' do
+      group_class.verify
+    end
+    
+    it 'must return instance of group class' do
+      @result.must_be_instance_of Object
+    end
+  end
+  
+  describe '#groups' do
+    
+    let(:group_class) {MiniTest::Mock.new}
+    
+    before do
+      group_class.expect :search, [Object.new], [KU::LDAP::Directory, Symbol, String, Symbol]
+      @result = subject.groups :attribute, 'value', :contains, group_class
+    end
+    
+    it 'delegates to group class' do
+      group_class.verify
+    end
+    
+    it 'must return an array of instance of group class' do
+      @result.must_be_instance_of Array
+      @result.first.must_be_instance_of Object
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1 @@
+require 'minitest/autorun'

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification
+name: ku-ldap
+version: !ruby/object:Gem::Version
+  prerelease: 
+  version: 0.0.1
+platform: ruby
+authors:
+- jamiehodge
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-11-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  prerelease: false
+  type: :runtime
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+    none: false
+  name: net-ldap
+description: A client for the Copenhagen University LDAP service.
+email:
+- jamiehodge@me.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- ku-ldap.gemspec
+- lib/ku/ldap.rb
+- lib/ku/ldap/directory.rb
+- lib/ku/ldap/entry.rb
+- lib/ku/ldap/entry/base.rb
+- lib/ku/ldap/entry/group.rb
+- lib/ku/ldap/entry/user.rb
+- lib/ku/ldap/filter.rb
+- lib/ku/ldap/version.rb
+- spec/ku/ldap/directory_spec.rb
+- spec/ku/ldap/entry/base_spec.rb
+- spec/ku/ldap/entry/group_spec.rb
+- spec/ku/ldap/entry/user_spec.rb
+- spec/ku/ldap_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+  none: false
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: A client for the Copenhagen University LDAP service.
+test_files:
+- spec/ku/ldap/directory_spec.rb
+- spec/ku/ldap/entry/base_spec.rb
+- spec/ku/ldap/entry/group_spec.rb
+- spec/ku/ldap/entry/user_spec.rb
+- spec/ku/ldap_spec.rb
+- spec/spec_helper.rb