ldap_fluff 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of ldap_fluff might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/lib/ldap_fluff/active_directory.rb +10 -15
- data/lib/ldap_fluff/ad_member_service.rb +8 -8
- data/lib/ldap_fluff/config.rb +84 -11
- data/lib/ldap_fluff/freeipa.rb +9 -11
- data/lib/ldap_fluff/freeipa_member_service.rb +4 -3
- data/lib/ldap_fluff/ldap_fluff.rb +1 -4
- data/lib/ldap_fluff/posix.rb +8 -9
- data/lib/ldap_fluff/posix_member_service.rb +7 -11
- data/lib/ldap_fluff.rb +8 -8
- data/test/ad_member_services_test.rb +26 -18
- data/test/ad_test.rb +32 -29
- data/test/config_test.rb +2 -2
- data/test/ipa_member_services_test.rb +16 -9
- data/test/ipa_test.rb +28 -25
- data/test/ldap_test.rb +16 -15
- data/test/lib/ldap_test_helper.rb +2 -2
- data/test/posix_member_services_test.rb +2 -2
- data/test/posix_test.rb +25 -27
- metadata +53 -33
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 9025796dd4a1f338793d0f813f3c75fbd2f23391
|
4
|
+
data.tar.gz: 44db9035ffacf95dd8012bab889db8bb28b0a148
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 574443464695fe4e9ec619673be621a9c1470dc63347a381df512331fd3f987fd679414155db1954a4d8d054ba390609b4bee23b4e5d5b83afa5d8f4c98a6f46
|
7
|
+
data.tar.gz: 02c1b51bf08d46532da8301eb068a86e2539b1124fd353eef60d047cf35eff202afd9b1263c8ffe7c4dfb9b1941869fe985e6e57a69c109b115d0f38bb85e4e1
|
@@ -1,13 +1,12 @@
|
|
1
1
|
class LdapFluff::ActiveDirectory
|
2
2
|
attr_accessor :ldap, :member_service
|
3
3
|
|
4
|
-
def initialize(config={})
|
5
|
-
@ldap = Net::LDAP.new
|
4
|
+
def initialize(config = {})
|
5
|
+
@ldap = Net::LDAP.new(:host => config.host,
|
6
6
|
:base => config.base_dn,
|
7
7
|
:port => config.port,
|
8
|
-
:encryption => config.encryption
|
9
|
-
@group_base = config.group_base
|
10
|
-
@group_base ||= config.base_dn
|
8
|
+
:encryption => config.encryption)
|
9
|
+
@group_base = config.group_base || config.base_dn
|
11
10
|
@ad_domain = config.ad_domain
|
12
11
|
@bind_user = config.service_user
|
13
12
|
@bind_pass = config.service_pass
|
@@ -16,8 +15,8 @@ class LdapFluff::ActiveDirectory
|
|
16
15
|
@member_service = MemberService.new(@ldap, @group_base)
|
17
16
|
end
|
18
17
|
|
19
|
-
def bind?(uid=nil, password=nil)
|
20
|
-
@ldap.auth
|
18
|
+
def bind?(uid = nil, password = nil)
|
19
|
+
@ldap.auth("#{uid}@#{@ad_domain}", password)
|
21
20
|
@ldap.bind
|
22
21
|
end
|
23
22
|
|
@@ -41,18 +40,14 @@ class LdapFluff::ActiveDirectory
|
|
41
40
|
end
|
42
41
|
|
43
42
|
# active directory stores group membership on a users model
|
44
|
-
# TODO query by group individually not like this
|
43
|
+
# TODO: query by group individually not like this
|
45
44
|
def is_in_groups(uid, gids = [], all = false)
|
46
45
|
service_bind
|
47
46
|
return true if gids == []
|
48
47
|
begin
|
49
48
|
groups = @member_service.find_user_groups(uid)
|
50
49
|
intersection = gids & groups
|
51
|
-
|
52
|
-
return intersection == gids
|
53
|
-
else
|
54
|
-
return intersection.size > 0
|
55
|
-
end
|
50
|
+
return (all ? intersection == gids : intersection.size > 0)
|
56
51
|
rescue MemberService::UIDNotFoundException
|
57
52
|
return false
|
58
53
|
end
|
@@ -61,7 +56,7 @@ class LdapFluff::ActiveDirectory
|
|
61
56
|
def user_exists?(uid)
|
62
57
|
begin
|
63
58
|
service_bind
|
64
|
-
|
59
|
+
@member_service.find_user(uid)
|
65
60
|
rescue MemberService::UIDNotFoundException
|
66
61
|
return false
|
67
62
|
end
|
@@ -71,7 +66,7 @@ class LdapFluff::ActiveDirectory
|
|
71
66
|
def group_exists?(gid)
|
72
67
|
begin
|
73
68
|
service_bind
|
74
|
-
|
69
|
+
@member_service.find_group(gid)
|
75
70
|
rescue MemberService::GIDNotFoundException
|
76
71
|
return false
|
77
72
|
end
|
@@ -19,20 +19,20 @@ class LdapFluff::ActiveDirectory::MemberService
|
|
19
19
|
|
20
20
|
def find_user(uid)
|
21
21
|
data = @ldap.search(:filter => name_filter(uid))
|
22
|
-
raise UIDNotFoundException if (data
|
22
|
+
raise UIDNotFoundException if (data.nil? || data.empty?)
|
23
23
|
data
|
24
24
|
end
|
25
25
|
|
26
26
|
def find_group(gid)
|
27
27
|
data = @ldap.search(:filter => group_filter(gid), :base => @group_base)
|
28
|
-
raise GIDNotFoundException if (data
|
28
|
+
raise GIDNotFoundException if (data.nil? || data.empty?)
|
29
29
|
data
|
30
30
|
end
|
31
31
|
|
32
32
|
# return the :memberof attrs + parents, recursively
|
33
33
|
def _groups_from_ldap_data(payload)
|
34
34
|
data = []
|
35
|
-
if payload
|
35
|
+
if !payload.nil?
|
36
36
|
first_level = _group_names_from_cn(payload[:memberof])
|
37
37
|
total_groups = _walk_group_ancestry(first_level)
|
38
38
|
data = (first_level + total_groups).uniq
|
@@ -41,15 +41,15 @@ class LdapFluff::ActiveDirectory::MemberService
|
|
41
41
|
end
|
42
42
|
|
43
43
|
# recursively loop over the parent list
|
44
|
-
def _walk_group_ancestry(gids=[])
|
44
|
+
def _walk_group_ancestry(gids = [])
|
45
45
|
set = []
|
46
46
|
gids.each do |g|
|
47
47
|
filter = group_filter(g) & class_filter
|
48
48
|
search = @ldap.search(:filter => filter, :base => @group_base)
|
49
|
-
if search
|
49
|
+
if !search.nil? && !search.first.nil?
|
50
50
|
group = search.first
|
51
|
-
set
|
52
|
-
set
|
51
|
+
set += _group_names_from_cn(group[:memberof])
|
52
|
+
set += _walk_group_ancestry(set)
|
53
53
|
end
|
54
54
|
end
|
55
55
|
set
|
@@ -77,7 +77,7 @@ class LdapFluff::ActiveDirectory::MemberService
|
|
77
77
|
# I think we would normally want to just do the collect at the end,
|
78
78
|
# but we need the individual names for recursive queries
|
79
79
|
def _group_names_from_cn(grouplist)
|
80
|
-
p =
|
80
|
+
p = proc { |g| g.sub(/.*?CN=(.*?),.*/, '\1') }
|
81
81
|
grouplist.collect(&p)
|
82
82
|
end
|
83
83
|
|
data/lib/ldap_fluff/config.rb
CHANGED
@@ -1,17 +1,90 @@
|
|
1
1
|
require 'yaml'
|
2
|
+
require 'active_support/core_ext/hash'
|
2
3
|
|
3
4
|
class LdapFluff
|
5
|
+
class ConfigError < StandardError
|
6
|
+
end
|
7
|
+
|
4
8
|
class Config
|
5
|
-
ATTRIBUTES = [
|
6
|
-
|
7
|
-
ATTRIBUTES.each { |attr| attr_reader attr }
|
9
|
+
ATTRIBUTES = %w[host port encryption base_dn group_base server_type ad_domain service_user
|
10
|
+
service_pass anon_queries]
|
11
|
+
ATTRIBUTES.each { |attr| attr_reader attr.to_sym }
|
12
|
+
|
13
|
+
DEFAULT_CONFIG = { 'port' => 389,
|
14
|
+
'encryption' => nil,
|
15
|
+
'base_dn' => 'dc=company,dc=com',
|
16
|
+
'group_base' => 'dc=company,dc=com',
|
17
|
+
'server_type' => :free_ipa,
|
18
|
+
'ad_domain' => nil,
|
19
|
+
'anon_queries' => false }
|
20
|
+
|
21
|
+
def initialize(config)
|
22
|
+
raise ArgumentError unless config.respond_to?(:to_hash)
|
23
|
+
config = validate(convert(config))
|
8
24
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
ATTRIBUTES.each { |attr| instance_variable_set :"@#{attr}", options[attr.to_s] }
|
13
|
-
@encryption = @encryption.to_sym if @encryption
|
14
|
-
@server_type = @server_type.to_sym if @server_type
|
25
|
+
ATTRIBUTES.each do |attr|
|
26
|
+
instance_variable_set(:"@#{attr}", config[attr])
|
27
|
+
end
|
15
28
|
end
|
16
|
-
|
17
|
-
|
29
|
+
|
30
|
+
private
|
31
|
+
|
32
|
+
# @param [#to_hash] config
|
33
|
+
def convert(config)
|
34
|
+
config.to_hash.with_indifferent_access.tap do |conf|
|
35
|
+
%w[encryption server_type].each do |key|
|
36
|
+
conf[key] = conf[key].to_sym if conf[key]
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def missing_keys?(config)
|
42
|
+
missing_keys = ATTRIBUTES - config.keys
|
43
|
+
raise ConfigError, "missing configuration for keys: #{missing_keys.join(',')}" unless missing_keys.empty?
|
44
|
+
end
|
45
|
+
|
46
|
+
def unknown_keys?(config)
|
47
|
+
unknown_keys = config.keys - ATTRIBUTES
|
48
|
+
raise ConfigError, "unknown configuration keys: #{unknown_keys.join(',')}" unless unknown_keys.empty?
|
49
|
+
end
|
50
|
+
|
51
|
+
def all_required_keys?(config)
|
52
|
+
%w[host port base_dn group_base server_type].all? do |key|
|
53
|
+
raise ConfigError, "config key #{key} has to be set, it was nil" if config[key].nil?
|
54
|
+
end
|
55
|
+
|
56
|
+
%w[service_user service_pass].all? do |key|
|
57
|
+
if !config['anon_queries'] && config['server_type'] != :posix && config[key].nil?
|
58
|
+
raise ConfigError, "config key #{key} has to be set, it was nil"
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
def anon_queries_set?(config)
|
64
|
+
unless [false, true].include?(config['anon_queries'])
|
65
|
+
raise ConfigError, "config key anon_queries has to be true or false but was #{config['anon_queries']}"
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def correct_server_type?(config)
|
70
|
+
unless [:posix, :active_directory, :free_ipa].include?(config['server_type'])
|
71
|
+
raise ConfigError, 'config key server_type has to be :active_directory, :posix, :free_ipa ' +
|
72
|
+
"but was #{config['server_type']}"
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
def validate(config)
|
77
|
+
config = DEFAULT_CONFIG.merge(config)
|
78
|
+
|
79
|
+
correct_server_type?(config)
|
80
|
+
missing_keys?(config)
|
81
|
+
unknown_keys?(config)
|
82
|
+
all_required_keys?(config)
|
83
|
+
anon_queries_set?(config)
|
84
|
+
|
85
|
+
config
|
86
|
+
end
|
87
|
+
|
88
|
+
end # Config
|
89
|
+
|
90
|
+
end # LdapFluff
|
data/lib/ldap_fluff/freeipa.rb
CHANGED
@@ -2,13 +2,12 @@ class LdapFluff::FreeIPA
|
|
2
2
|
|
3
3
|
attr_accessor :ldap, :member_service
|
4
4
|
|
5
|
-
def initialize(config={})
|
6
|
-
@ldap = Net::LDAP.new
|
5
|
+
def initialize(config = {})
|
6
|
+
@ldap = Net::LDAP.new(:host => config.host,
|
7
7
|
:base => config.base_dn,
|
8
8
|
:port => config.port,
|
9
|
-
:encryption => config.encryption
|
10
|
-
@group_base = config.group_base
|
11
|
-
@group_base ||= config.base_dn
|
9
|
+
:encryption => config.encryption)
|
10
|
+
@group_base = config.group_base || config.base_dn
|
12
11
|
@base = config.base_dn
|
13
12
|
@bind_user = config.service_user
|
14
13
|
@bind_pass = config.service_pass
|
@@ -17,8 +16,8 @@ class LdapFluff::FreeIPA
|
|
17
16
|
@member_service = MemberService.new(@ldap, @group_base)
|
18
17
|
end
|
19
18
|
|
20
|
-
def bind?(uid=nil, password=nil)
|
21
|
-
@ldap.auth
|
19
|
+
def bind?(uid = nil, password = nil)
|
20
|
+
@ldap.auth("uid=#{uid},cn=users,cn=accounts,#{@base}", password)
|
22
21
|
@ldap.bind
|
23
22
|
end
|
24
23
|
|
@@ -48,7 +47,7 @@ class LdapFluff::FreeIPA
|
|
48
47
|
#
|
49
48
|
# returns true if owner is in ALL of the groups if all=true, otherwise
|
50
49
|
# returns true if owner is in ANY of the groups
|
51
|
-
def is_in_groups(uid, gids = [], all=true)
|
50
|
+
def is_in_groups(uid, gids = [], all = true)
|
52
51
|
service_bind
|
53
52
|
groups = @member_service.find_user_groups(uid)
|
54
53
|
if all
|
@@ -61,7 +60,7 @@ class LdapFluff::FreeIPA
|
|
61
60
|
def user_exists?(uid)
|
62
61
|
begin
|
63
62
|
service_bind
|
64
|
-
|
63
|
+
@member_service.find_user(uid)
|
65
64
|
rescue MemberService::UIDNotFoundException
|
66
65
|
return false
|
67
66
|
end
|
@@ -71,7 +70,7 @@ class LdapFluff::FreeIPA
|
|
71
70
|
def group_exists?(gid)
|
72
71
|
begin
|
73
72
|
service_bind
|
74
|
-
|
73
|
+
@member_service.find_group(gid)
|
75
74
|
rescue MemberService::GIDNotFoundException
|
76
75
|
return false
|
77
76
|
end
|
@@ -82,4 +81,3 @@ class LdapFluff::FreeIPA
|
|
82
81
|
end
|
83
82
|
|
84
83
|
end
|
85
|
-
|
@@ -22,13 +22,13 @@ class LdapFluff::FreeIPA::MemberService
|
|
22
22
|
|
23
23
|
def find_user(uid)
|
24
24
|
user = @ldap.search(:filter => name_filter(uid))
|
25
|
-
raise UIDNotFoundException if (user
|
25
|
+
raise UIDNotFoundException if (user.nil? || user.empty?)
|
26
26
|
user
|
27
27
|
end
|
28
28
|
|
29
29
|
def find_group(gid)
|
30
30
|
group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
|
31
|
-
raise GIDNotFoundException if (group
|
31
|
+
raise GIDNotFoundException if (group.nil? || group.empty?)
|
32
32
|
group
|
33
33
|
end
|
34
34
|
|
@@ -41,7 +41,7 @@ class LdapFluff::FreeIPA::MemberService
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def _group_names_from_cn(grouplist)
|
44
|
-
p =
|
44
|
+
p = proc { |g| g.sub(/.*?cn=(.*?),.*/, '\1') }
|
45
45
|
grouplist.collect(&p)
|
46
46
|
end
|
47
47
|
|
@@ -53,5 +53,6 @@ class LdapFluff::FreeIPA::MemberService
|
|
53
53
|
|
54
54
|
class InsufficientQueryPrivilegesException < StandardError
|
55
55
|
end
|
56
|
+
|
56
57
|
end
|
57
58
|
|
@@ -2,9 +2,6 @@ require 'rubygems'
|
|
2
2
|
require 'net/ldap'
|
3
3
|
|
4
4
|
class LdapFluff
|
5
|
-
class ConfigError < StandardError
|
6
|
-
end
|
7
|
-
|
8
5
|
attr_accessor :ldap
|
9
6
|
|
10
7
|
def initialize(config = {})
|
@@ -17,7 +14,7 @@ class LdapFluff
|
|
17
14
|
when :free_ipa
|
18
15
|
@ldap = FreeIPA.new(config)
|
19
16
|
else
|
20
|
-
raise
|
17
|
+
raise 'unknown server_type'
|
21
18
|
end
|
22
19
|
end
|
23
20
|
|
data/lib/ldap_fluff/posix.rb
CHANGED
@@ -2,19 +2,18 @@ class LdapFluff::Posix
|
|
2
2
|
|
3
3
|
attr_accessor :ldap, :member_service
|
4
4
|
|
5
|
-
def initialize(config={})
|
6
|
-
@ldap = Net::LDAP.new
|
5
|
+
def initialize(config = {})
|
6
|
+
@ldap = Net::LDAP.new(:host => config.host,
|
7
7
|
:base => config.base_dn,
|
8
8
|
:port => config.port,
|
9
|
-
:encryption => config.encryption
|
9
|
+
:encryption => config.encryption)
|
10
10
|
@group_base = config.group_base || config.base
|
11
11
|
@base = config.base_dn
|
12
12
|
@member_service = MemberService.new(@ldap, @group_base)
|
13
13
|
end
|
14
14
|
|
15
|
-
def bind?(uid=nil, password=nil)
|
16
|
-
@ldap.
|
17
|
-
@ldap.bind
|
15
|
+
def bind?(uid = nil, password = nil)
|
16
|
+
@ldap.bind_as(:filter => "(uid=#{uid})", :password => password)
|
18
17
|
end
|
19
18
|
|
20
19
|
def groups_for_uid(uid)
|
@@ -28,13 +27,13 @@ class LdapFluff::Posix
|
|
28
27
|
#
|
29
28
|
# returns true if owner is in ALL of the groups if all=true, otherwise
|
30
29
|
# returns true if owner is in ANY of the groups
|
31
|
-
def is_in_groups(uid, gids = [], all=true)
|
30
|
+
def is_in_groups(uid, gids = [], all = true)
|
32
31
|
(gids.empty? || @member_service.times_in_groups(uid, gids, all) > 0)
|
33
32
|
end
|
34
33
|
|
35
34
|
def user_exists?(uid)
|
36
35
|
begin
|
37
|
-
|
36
|
+
@member_service.find_user(uid)
|
38
37
|
rescue MemberService::UIDNotFoundException
|
39
38
|
return false
|
40
39
|
end
|
@@ -43,7 +42,7 @@ class LdapFluff::Posix
|
|
43
42
|
|
44
43
|
def group_exists?(gid)
|
45
44
|
begin
|
46
|
-
|
45
|
+
@member_service.find_group(gid)
|
47
46
|
rescue MemberService::GIDNotFoundException
|
48
47
|
return false
|
49
48
|
end
|
@@ -22,18 +22,17 @@ class LdapFluff::Posix::MemberService
|
|
22
22
|
|
23
23
|
def find_user(uid)
|
24
24
|
user = @ldap.search(:filter => name_filter(uid), :base => @group_base)
|
25
|
-
raise UIDNotFoundException if (user
|
25
|
+
raise UIDNotFoundException if (user.nil? || user.empty?)
|
26
26
|
user
|
27
27
|
end
|
28
28
|
|
29
29
|
def find_group(gid)
|
30
30
|
group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
|
31
|
-
raise GIDNotFoundException if (group
|
31
|
+
raise GIDNotFoundException if (group.nil? || group.empty?)
|
32
32
|
group
|
33
33
|
end
|
34
34
|
|
35
35
|
def times_in_groups(uid, gids, all)
|
36
|
-
matches = 0
|
37
36
|
filters = []
|
38
37
|
gids.each do |cn|
|
39
38
|
filters << group_filter(cn)
|
@@ -52,15 +51,11 @@ class LdapFluff::Posix::MemberService
|
|
52
51
|
end
|
53
52
|
|
54
53
|
# AND or OR all of the filters together
|
55
|
-
def merge_filters(filters = [], all=false)
|
56
|
-
if filters
|
54
|
+
def merge_filters(filters = [], all = false)
|
55
|
+
if !filters.nil? && filters.size >= 1
|
57
56
|
filter = filters[0]
|
58
|
-
filters[1..filters.size-1].each do |gfilter|
|
59
|
-
|
60
|
-
filter = filter & gfilter
|
61
|
-
else
|
62
|
-
filter = filter | gfilter
|
63
|
-
end
|
57
|
+
filters[1..(filters.size - 1)].each do |gfilter|
|
58
|
+
filter = (all ? filter & gfilter : filter | gfilter)
|
64
59
|
end
|
65
60
|
return filter
|
66
61
|
end
|
@@ -71,4 +66,5 @@ class LdapFluff::Posix::MemberService
|
|
71
66
|
|
72
67
|
class GIDNotFoundException < StandardError
|
73
68
|
end
|
69
|
+
|
74
70
|
end
|
data/lib/ldap_fluff.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
1
|
+
require 'ldap_fluff/config'
|
2
|
+
require 'ldap_fluff/ldap_fluff'
|
3
|
+
require 'ldap_fluff/active_directory'
|
4
|
+
require 'ldap_fluff/ad_member_service'
|
5
|
+
require 'ldap_fluff/posix'
|
6
|
+
require 'ldap_fluff/posix_member_service'
|
7
|
+
require 'ldap_fluff/freeipa'
|
8
|
+
require 'ldap_fluff/freeipa_member_service'
|
@@ -1,6 +1,6 @@
|
|
1
|
-
|
1
|
+
require 'lib/ldap_test_helper'
|
2
2
|
|
3
|
-
class TestADMemberService < MiniTest::
|
3
|
+
class TestADMemberService < MiniTest::Test
|
4
4
|
include LdapTestHelper
|
5
5
|
|
6
6
|
def setup
|
@@ -21,9 +21,9 @@ class TestADMemberService < MiniTest::Unit::TestCase
|
|
21
21
|
|
22
22
|
def nest_deep(n)
|
23
23
|
# add all the expects
|
24
|
-
|
24
|
+
1.upto(n - 1) do |i|
|
25
25
|
gfilter_bros = group_filter("bros#{i}") & group_class_filter
|
26
|
-
@ldap.expect(:search, ad_parent_payload(i+1), [:filter => gfilter_bros, :base => @config.group_base])
|
26
|
+
@ldap.expect(:search, ad_parent_payload(i + 1), [:filter => gfilter_bros, :base => @config.group_base])
|
27
27
|
end
|
28
28
|
# terminate or we loop FOREVER
|
29
29
|
@ldap.expect(:search, [], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
|
@@ -31,14 +31,14 @@ class TestADMemberService < MiniTest::Unit::TestCase
|
|
31
31
|
|
32
32
|
def double_nested(n)
|
33
33
|
# add all the expects
|
34
|
-
|
34
|
+
1.upto(n - 1) do |i|
|
35
35
|
gfilter_bros = group_filter("bros#{i}") & group_class_filter
|
36
|
-
@ldap.expect(:search, ad_double_payload(i+1), [:filter => gfilter_bros, :base => @config.group_base])
|
36
|
+
@ldap.expect(:search, ad_double_payload(i + 1), [:filter => gfilter_bros, :base => @config.group_base])
|
37
37
|
end
|
38
38
|
# terminate or we loop FOREVER
|
39
39
|
@ldap.expect(:search, [], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
|
40
|
-
(n-1).downto(1) do |
|
41
|
-
gfilter_bros = group_filter("broskies#{
|
40
|
+
(n - 1).downto(1) do |j|
|
41
|
+
gfilter_bros = group_filter("broskies#{j + 1}") & group_class_filter
|
42
42
|
@ldap.expect(:search, [], [:filter => gfilter_bros, :base => @config.group_base])
|
43
43
|
end
|
44
44
|
end
|
@@ -48,14 +48,16 @@ class TestADMemberService < MiniTest::Unit::TestCase
|
|
48
48
|
gfilter_bros = group_filter('bros1') & group_class_filter
|
49
49
|
@ldap.expect(:search, [], [:filter => gfilter_bros, :base => @config.group_base])
|
50
50
|
@adms.ldap = @ldap
|
51
|
-
assert_equal
|
51
|
+
assert_equal(%w(group bros1), @adms.find_user_groups("john"))
|
52
52
|
@ldap.verify
|
53
53
|
end
|
54
54
|
|
55
55
|
def test_missing_user
|
56
56
|
@ldap.expect(:search, nil, [:filter => ad_name_filter("john")])
|
57
57
|
@adms.ldap = @ldap
|
58
|
-
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException)
|
58
|
+
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException) do
|
59
|
+
@adms.find_user_groups("john").data
|
60
|
+
end
|
59
61
|
@ldap.verify
|
60
62
|
end
|
61
63
|
|
@@ -63,7 +65,7 @@ class TestADMemberService < MiniTest::Unit::TestCase
|
|
63
65
|
basic_user
|
64
66
|
nest_deep(25)
|
65
67
|
@adms.ldap = @ldap
|
66
|
-
assert_equal
|
68
|
+
assert_equal(26, @adms.find_user_groups('john').size)
|
67
69
|
@ldap.verify
|
68
70
|
end
|
69
71
|
|
@@ -71,43 +73,49 @@ class TestADMemberService < MiniTest::Unit::TestCase
|
|
71
73
|
basic_user
|
72
74
|
double_nested(5)
|
73
75
|
@adms.ldap = @ldap
|
74
|
-
assert_equal
|
76
|
+
assert_equal(10, @adms.find_user_groups('john').size)
|
75
77
|
@ldap.verify
|
76
78
|
end
|
77
79
|
|
78
80
|
def test_nil_payload
|
79
|
-
assert_equal
|
81
|
+
assert_equal([], @adms._groups_from_ldap_data(nil))
|
80
82
|
end
|
81
83
|
|
82
84
|
def test_empty_user
|
83
85
|
@ldap.expect(:search, [], [:filter => ad_name_filter("john")])
|
84
86
|
@adms.ldap = @ldap
|
85
|
-
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException)
|
87
|
+
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException) do
|
88
|
+
@adms.find_user_groups("john").data
|
89
|
+
end
|
86
90
|
@ldap.verify
|
87
91
|
end
|
88
92
|
|
89
93
|
def test_find_good_user
|
90
94
|
basic_user
|
91
95
|
@adms.ldap = @ldap
|
92
|
-
assert_equal
|
96
|
+
assert_equal(ad_user_payload, @adms.find_user('john'))
|
93
97
|
end
|
94
98
|
|
95
99
|
def test_find_missing_user
|
96
100
|
@ldap.expect(:search, nil, [:filter => ad_name_filter("john")])
|
97
101
|
@adms.ldap = @ldap
|
98
|
-
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException)
|
102
|
+
assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException) do
|
103
|
+
@adms.find_user('john')
|
104
|
+
end
|
99
105
|
end
|
100
106
|
|
101
107
|
def test_find_good_group
|
102
108
|
basic_group
|
103
109
|
@adms.ldap = @ldap
|
104
|
-
assert_equal
|
110
|
+
assert_equal(ad_group_payload, @adms.find_group('broze'))
|
105
111
|
end
|
106
112
|
|
107
113
|
def test_find_missing_group
|
108
114
|
@ldap.expect(:search, nil, [:filter => ad_group_filter("broze"), :base => @config.group_base])
|
109
115
|
@adms.ldap = @ldap
|
110
|
-
assert_raises(LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException)
|
116
|
+
assert_raises(LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException) do
|
117
|
+
@adms.find_group('broze')
|
118
|
+
end
|
111
119
|
end
|
112
120
|
|
113
121
|
end
|