ldap_fluff 0.1.4 → 0.1.7

data/lib/ldap_fluff/active_directory.rb

@@ -58,6 +58,26 @@ class LdapFluff::ActiveDirectory
     end
   end
 
+  def user_exists?(uid)
+    begin
+      service_bind
+      user = @member_service.find_user(uid)
+    rescue MemberService::UIDNotFoundException
+      return false
+    end
+    return true
+  end
+
+  def group_exists?(gid)
+    begin
+      service_bind
+      group = @member_service.find_group(gid)
+    rescue MemberService::GIDNotFoundException
+      return false
+    end
+    return true
+  end
+
   class UnauthenticatedActiveDirectoryException < StandardError
   end
 end

data/lib/ldap_fluff/ad_member_service.rb

@@ -13,9 +13,20 @@ class LdapFluff::ActiveDirectory::MemberService
   # get a list [] of ldap groups for a given user
   # in active directory, this means a recursive lookup
   def find_user_groups(uid)
+    data = find_user(uid)
+    _groups_from_ldap_data(data.first)
+  end
+
+  def find_user(uid)
     data = @ldap.search(:filter => name_filter(uid))
     raise UIDNotFoundException if (data == nil || data.empty?)
-    _groups_from_ldap_data(data.first)
+    data
+  end
+
+  def find_group(gid)
+    data = @ldap.search(:filter => group_filter(gid), :base => @group_base)
+    raise GIDNotFoundException if (data == nil || data.empty?)
+    data
   end
 
   # return the :memberof attrs + parents, recursively
@@ -72,4 +83,7 @@ class LdapFluff::ActiveDirectory::MemberService
 
   class UIDNotFoundException < StandardError
   end
+
+  class GIDNotFoundException < StandardError
+  end
 end

data/lib/ldap_fluff/freeipa.rb

@@ -58,6 +58,26 @@ class LdapFluff::FreeIPA
     end
   end
 
+  def user_exists?(uid)
+    begin
+      service_bind
+      user = @member_service.find_user(uid)
+    rescue MemberService::UIDNotFoundException
+      return false
+    end
+    return true
+  end
+
+  def group_exists?(gid)
+    begin
+      service_bind
+      group = @member_service.find_group(gid)
+    rescue MemberService::GIDNotFoundException
+      return false
+    end
+    return true
+  end
+
   class UnauthenticatedFreeIPAException < StandardError
   end
 

data/lib/ldap_fluff/freeipa_member_service.rb

@@ -13,18 +13,33 @@ class LdapFluff::FreeIPA::MemberService
   # return an ldap user with groups attached
   # note : this method is not particularly fast for large ldap systems
   def find_user_groups(uid)
-    user = @ldap.search(:filter => name_filter(uid))
-    raise UIDNotFoundException if (user == nil || user.empty?)
+    user = find_user(uid)
     # if group data is missing, they aren't querying with a user
     # with enough privileges
     raise InsufficientQueryPrivilegesException if user.size <= 1
     _group_names_from_cn(user[1][:memberof])
   end
 
+  def find_user(uid)
+    user = @ldap.search(:filter => name_filter(uid))
+    raise UIDNotFoundException if (user == nil || user.empty?)
+    user
+  end
+
+  def find_group(gid)
+    group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
+    raise GIDNotFoundException if (group == nil || group.empty?)
+    group
+  end
+
   def name_filter(uid)
     Net::LDAP::Filter.eq("uid",uid)
   end
 
+  def group_filter(gid)
+    Net::LDAP::Filter.eq("cn",gid)
+  end
+
   def _group_names_from_cn(grouplist)
     p = Proc.new { |g| g.sub(/.*?cn=(.*?),.*/, '\1') }
     grouplist.collect(&p)
@@ -33,6 +48,9 @@ class LdapFluff::FreeIPA::MemberService
   class UIDNotFoundException < StandardError
   end
 
+  class GIDNotFoundException < StandardError
+  end
+
   class InsufficientQueryPrivilegesException < StandardError
   end
 end

data/lib/ldap_fluff/ldap_fluff.rb

@@ -1,3 +1,4 @@
+require 'rubygems'
 require 'net/ldap'
 
 class LdapFluff
@@ -43,4 +44,14 @@ class LdapFluff
     @ldap.is_in_groups(uid, grouplist, true)
   end
 
+  # return true if uid exists
+  def valid_user?(uid)
+    @ldap.user_exists? uid
+  end
+
+  # return true if group exists
+  def valid_group?(gid)
+    @ldap.group_exists? gid
+  end
+
 end

data/lib/ldap_fluff/posix.rb

@@ -33,4 +33,22 @@ class LdapFluff::Posix
     (gids.empty? || @member_service.times_in_groups(uid, gids, all) > 0)
   end
 
+  def user_exists?(uid)
+    begin
+      user = @member_service.find_user(uid)
+    rescue MemberService::UIDNotFoundException
+      return false
+    end
+    return true
+  end
+
+  def group_exists?(gid)
+    begin
+      group = @member_service.find_group(gid)
+    rescue MemberService::GIDNotFoundException
+      return false
+    end
+    return true
+  end
+
 end

data/lib/ldap_fluff/posix_member_service.rb

@@ -14,12 +14,24 @@ class LdapFluff::Posix::MemberService
   # note : this method is not particularly fast for large ldap systems
   def find_user_groups(uid)
     groups = []
-    @ldap.search(:filter => name_filter(uid), :base => @group_base).each do |entry|
+    find_user(uid).each do |entry|
       groups << entry[:cn][0]
     end
     groups
   end
 
+  def find_user(uid)
+    user = @ldap.search(:filter => name_filter(uid), :base => @group_base)
+    raise UIDNotFoundException if (user == nil || user.empty?)
+    user
+  end
+
+  def find_group(gid)
+    group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
+    raise GIDNotFoundException if (group == nil || group.empty?)
+    group
+  end
+
   def times_in_groups(uid, gids, all)
     matches = 0
     filters = []
@@ -53,4 +65,10 @@ class LdapFluff::Posix::MemberService
       return filter
     end
   end
+
+  class UIDNotFoundException < StandardError
+  end
+
+  class GIDNotFoundException < StandardError
+  end
 end

data/lib/ldap_fluff.rb

@@ -1,8 +1,8 @@
-require 'ldap_fluff/config'
-require 'ldap_fluff/ldap_fluff'
-require 'ldap_fluff/active_directory'
-require 'ldap_fluff/ad_member_service'
-require 'ldap_fluff/posix'
-require 'ldap_fluff/posix_member_service'
-require 'ldap_fluff/freeipa'
-require 'ldap_fluff/freeipa_member_service'
+require_relative 'ldap_fluff/config'
+require_relative 'ldap_fluff/ldap_fluff'
+require_relative 'ldap_fluff/active_directory'
+require_relative 'ldap_fluff/ad_member_service'
+require_relative 'ldap_fluff/posix'
+require_relative 'ldap_fluff/posix_member_service'
+require_relative 'ldap_fluff/freeipa'
+require_relative 'ldap_fluff/freeipa_member_service'

data/test/ad_member_services_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestADMemberService < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -15,6 +15,10 @@ class TestADMemberService < MiniTest::Unit::TestCase
     @ldap.expect(:search, ad_parent_payload(1), [:filter => @gfilter, :base => @config.group_base])
   end
 
+  def basic_group
+    @ldap.expect(:search, ad_group_payload, [:filter => ad_group_filter("broze"), :base => @config.group_base])
+  end
+
   def nest_deep(n)
     # add all the expects
     for i in 1..(n-1)
@@ -82,4 +86,28 @@ class TestADMemberService < MiniTest::Unit::TestCase
     @ldap.verify
   end
 
+  def test_find_good_user
+    basic_user
+    @adms.ldap = @ldap
+    assert_equal ad_user_payload, @adms.find_user('john')
+  end
+
+  def test_find_missing_user
+    @ldap.expect(:search, nil, [:filter => ad_name_filter("john")])
+    @adms.ldap = @ldap
+    assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException) { @adms.find_user('john') }
+  end
+
+  def test_find_good_group
+    basic_group
+    @adms.ldap = @ldap
+    assert_equal ad_group_payload, @adms.find_group('broze')
+  end
+
+  def test_find_missing_group
+    @ldap.expect(:search, nil, [:filter => ad_group_filter("broze"), :base => @config.group_base])
+    @adms.ldap = @ldap
+    assert_raises(LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException) { @adms.find_group('broze') }
+  end
+
 end

data/test/ad_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestAD < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -97,4 +97,42 @@ class TestAD < MiniTest::Unit::TestCase
     bigtime_user
     assert_equal @ad.is_in_groups("john", ["broskies"],true), true
   end
+
+  def test_user_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, 'notnilluser', ["john"])
+    @ad.member_service = @md
+    service_bind
+    assert @ad.user_exists?('john')
+  end
+
+  def test_missing_user
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, nil, ['john'])
+    def @md.find_user uid
+      raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
+    end
+    @ad.member_service = @md
+    service_bind
+    assert !@ad.user_exists?('john')
+  end
+
+  def test_group_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, 'notnillgroup', ["broskies"])
+    @ad.member_service = @md
+    service_bind
+    assert @ad.group_exists?('broskies')
+  end
+
+  def test_missing_group
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, nil, ['broskies'])
+    def @md.find_group uid
+      raise LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException
+    end
+    @ad.member_service = @md
+    service_bind
+    assert !@ad.group_exists?('broskies')
+  end
 end

data/test/config_test.rb

@@ -1,5 +1,4 @@
-require 'minitest/autorun'
-require 'ldap_fluff'
+require_relative './lib/ldap_test_helper'
 
 class ConfigTest < MiniTest::Unit::TestCase
   include LdapTestHelper

data/test/ipa_member_services_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestIPAMemberService < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -13,6 +13,10 @@ class TestIPAMemberService < MiniTest::Unit::TestCase
     @ldap.expect(:search, ipa_user_payload, [:filter => ipa_name_filter("john")])
   end
 
+  def basic_group
+    @ldap.expect(:search, ipa_group_payload, [:filter => ipa_group_filter("broze"), :base => @config.group_base])
+  end
+
   def test_find_user
     basic_user
     @ipams.ldap = @ldap
@@ -33,4 +37,28 @@ class TestIPAMemberService < MiniTest::Unit::TestCase
     assert_equal [], @ipams.find_user_groups('john')
     @ldap.verify
   end
+
+  def test_find_good_user
+    basic_user
+    @ipams.ldap = @ldap
+    assert_equal ipa_user_payload, @ipams.find_user('john')
+  end
+
+  def test_find_missing_user
+    @ldap.expect(:search, nil, [:filter => ipa_name_filter("john")])
+    @ipams.ldap = @ldap
+    assert_raises(LdapFluff::FreeIPA::MemberService::UIDNotFoundException) { @ipams.find_user('john') }
+  end
+
+  def test_find_good_group
+    basic_group
+    @ipams.ldap = @ldap
+    assert_equal ipa_group_payload, @ipams.find_group('broze')
+  end
+
+  def test_find_missing_group
+    @ldap.expect(:search, nil, [:filter => ipa_group_filter("broze"), :base => @config.group_base])
+    @ipams.ldap = @ldap
+    assert_raises(LdapFluff::FreeIPA::MemberService::GIDNotFoundException) { @ipams.find_group('broze') }
+  end
 end

data/test/ipa_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestIPA < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -97,5 +97,43 @@ class TestIPA < MiniTest::Unit::TestCase
     bigtime_user
     assert_equal @ipa.is_in_groups('john',["broskies"],true), true
   end
+
+  def test_user_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, 'notnilluser', ["john"])
+    @ipa.member_service = @md
+    service_bind
+    assert @ipa.user_exists?('john')
+  end
+
+  def test_missing_user
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, nil, ['john'])
+    def @md.find_user uid
+      raise LdapFluff::FreeIPA::MemberService::UIDNotFoundException
+    end
+    @ipa.member_service = @md
+    service_bind
+    assert !@ipa.user_exists?('john')
+  end
+
+  def test_group_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, 'notnillgroup', ["broskies"])
+    @ipa.member_service = @md
+    service_bind
+    assert @ipa.group_exists?('broskies')
+  end
+
+  def test_missing_group
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, nil, ['broskies'])
+    def @md.find_group uid
+      raise LdapFluff::FreeIPA::MemberService::GIDNotFoundException
+    end
+    @ipa.member_service = @md
+    service_bind
+    assert !@ipa.group_exists?('broskies')
+  end
 end
 

data/test/ldap_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestLDAP < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -29,6 +29,34 @@ class TestLDAP < MiniTest::Unit::TestCase
     assert_equal @fluff.is_in_groups?('john',['broskies','girlfriends']), false
     @ldap.verify
   end
+
+  def test_valid_user
+    @ldap.expect(:user_exists?, true, ['john'])
+    @fluff.ldap = @ldap
+    assert @fluff.valid_user? 'john'
+    @ldap.verify
+  end
+
+  def test_valid_group
+    @ldap.expect(:group_exists?, true, ['broskies'])
+    @fluff.ldap = @ldap
+    assert @fluff.valid_group? 'broskies'
+    @ldap.verify
+  end
+
+  def test_invalid_group
+    @ldap.expect(:group_exists?, false, ['broskerinos'])
+    @fluff.ldap = @ldap
+    assert !@fluff.valid_group?('broskerinos')
+    @ldap.verify
+  end
+
+  def test_invalid_user
+    @ldap.expect(:user_exists?, false, ['johnny rotten'])
+    @fluff.ldap = @ldap
+    assert !@fluff.valid_user?('johnny rotten')
+    @ldap.verify
+  end
 end
 
 

data/test/lib/ldap_test_helper.rb

@@ -1,5 +1,7 @@
-require 'net/ldap'
+require_relative '../../lib/ldap_fluff'
 require 'ostruct'
+require 'net/ldap'
+require 'minitest/autorun'
 
 module LdapTestHelper
   attr_accessor :group_base, :class_filter, :user
@@ -21,10 +23,18 @@ module LdapTestHelper
     Net::LDAP::Filter.eq("samaccountname",name)
   end
 
+  def ad_group_filter(name)
+    Net::LDAP::Filter.eq("cn",name)
+  end
+
   def ipa_name_filter(name)
     Net::LDAP::Filter.eq("uid",name)
   end
 
+  def ipa_group_filter(name)
+    Net::LDAP::Filter.eq("cn",name)
+  end
+
   def group_filter(g)
     Net::LDAP::Filter.eq("cn", g)
   end
@@ -41,6 +51,10 @@ module LdapTestHelper
     [{ :memberof => ["CN=group,dc=internet,dc=com"] }]
   end
 
+  def ad_group_payload
+    [{:cn => "broze",  :memberof => ["CN=group,dc=internet,dc=com"] }]
+  end
+
   def ad_parent_payload(num)
     [{ :memberof => ["CN=bros#{num},dc=internet,dc=com"] }]
   end
@@ -53,7 +67,15 @@ module LdapTestHelper
     [{:cn => ["bros"]}]
   end
 
+  def posix_group_payload
+    [{:cn => ["broze"]}]
+  end
+
   def ipa_user_payload
-    [{:cn => 'user'},{:memberof => ['cn=group,dc=internet,dc=com','cn=bros,dc=internet,dc=com']}]
+    [{:cn => 'john'},{:memberof => ['cn=group,dc=internet,dc=com','cn=bros,dc=internet,dc=com']}]
+  end
+
+  def ipa_group_payload
+    [{:cn => 'group'},{:memberof => ['cn=group,dc=internet,dc=com','cn=bros,dc=internet,dc=com']}]
   end
 end

data/test/posix_member_services_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestPosixMemberService < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -22,4 +22,58 @@ class TestPosixMemberService < MiniTest::Unit::TestCase
     assert_equal ['bros'], @ms.find_user_groups('john')
     @ldap.verify
   end
+
+  def test_user_exists
+    user = posix_user_payload
+    @ldap.expect(:search,
+                 user,
+                 [
+                   :filter => @ms.name_filter('john'),
+                  :base =>config.group_base
+                 ]
+                )
+    @ms.ldap = @ldap
+    assert @ms.find_user('john')
+    @ldap.verify
+  end
+
+  def test_user_doesnt_exists
+    @ldap.expect(:search,
+                 nil,
+                 [
+                   :filter => @ms.name_filter('john'),
+                  :base =>config.group_base
+                 ]
+                )
+    @ms.ldap = @ldap
+    assert_raises(LdapFluff::Posix::MemberService::UIDNotFoundException) { @ms.find_user('john') }
+    @ldap.verify
+  end
+
+  def test_group_exists
+    group = posix_group_payload
+    @ldap.expect(:search,
+                 group,
+                 [
+                   :filter => @ms.group_filter('broze'),
+                  :base =>config.group_base
+                 ]
+                )
+    @ms.ldap = @ldap
+    assert @ms.find_group('broze')
+    @ldap.verify
+  end
+
+  def test_group_doesnt_exists
+    @ldap.expect(:search,
+                 nil,
+                 [
+                   :filter => @ms.group_filter('broze'),
+                  :base =>config.group_base
+                 ]
+                )
+    @ms.ldap = @ldap
+    assert_raises(LdapFluff::Posix::MemberService::GIDNotFoundException) { @ms.find_group('broze') }
+    @ldap.verify
+  end
 end

data/test/posix_test.rb

@@ -1,4 +1,4 @@
-require 'minitest/autorun'
+require_relative './lib/ldap_test_helper'
 
 class TestPosix < MiniTest::Unit::TestCase
   include LdapTestHelper
@@ -61,4 +61,38 @@ class TestPosix < MiniTest::Unit::TestCase
     @posix.ldap = @ldap
     assert_equal @posix.bind?("internet", "password"), false
   end
+
+  def test_user_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, 'notnilluser', ["john"])
+    @posix.member_service = @md
+    assert @posix.user_exists?('john')
+  end
+
+  def test_missing_user
+    @md = MiniTest::Mock.new
+    @md.expect(:find_user, nil, ['john'])
+    def @md.find_user uid
+      raise LdapFluff::Posix::MemberService::UIDNotFoundException
+    end
+    @posix.member_service = @md
+    assert !@posix.user_exists?('john')
+  end
+
+  def test_group_exists
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, 'notnillgroup', ["broskies"])
+    @posix.member_service = @md
+    assert @posix.group_exists?('broskies')
+  end
+
+  def test_missing_group
+    @md = MiniTest::Mock.new
+    @md.expect(:find_group, nil, ['broskies'])
+    def @md.find_group uid
+      raise LdapFluff::Posix::MemberService::GIDNotFoundException
+    end
+    @posix.member_service = @md
+    assert !@posix.group_exists?('broskies')
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ldap_fluff
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.7
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-02 00:00:00.000000000 Z
+date: 2013-04-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ldap