ldap_fluff 0.5.0 → 0.6.0

data/lib/ldap_fluff/posix_member_service.rb

@@ -2,7 +2,6 @@ require 'net/ldap'
 
 # handles the naughty bits of posix ldap
 class LdapFluff::Posix::MemberService < LdapFluff::GenericMemberService
-
   def initialize(ldap, config)
     @attr_login = (config.attr_login || 'memberuid')
     super
@@ -41,7 +40,7 @@ class LdapFluff::Posix::MemberService < LdapFluff::GenericMemberService
       filters[1..(filters.size - 1)].each do |gfilter|
         filter = (all ? filter & gfilter : filter | gfilter)
       end
-      return filter
+      filter
     end
   end
 
@@ -50,5 +49,4 @@ class LdapFluff::Posix::MemberService < LdapFluff::GenericMemberService
 
   class GIDNotFoundException < LdapFluff::Error
   end
-
 end

data/lib/ldap_fluff/posix_netgroup_member_service.rb

@@ -2,7 +2,6 @@ require 'net/ldap'
 
 # handles the naughty bits of posix ldap
 class LdapFluff::Posix::NetgroupMemberService < LdapFluff::Posix::MemberService
-
   # return list of group CNs for a user
   def find_user_groups(uid)
     groups = []
@@ -12,5 +11,4 @@ class LdapFluff::Posix::NetgroupMemberService < LdapFluff::Posix::MemberService
     end
     groups
   end
-
 end

data/test/ad_member_services_test.rb

@@ -11,6 +11,7 @@ class TestADMemberService < MiniTest::Test
 
   def basic_user
     @ldap.expect(:search, ad_user_payload, [:filter => ad_name_filter("john")])
+    @ldap.expect(:search, [{ :domainfunctionality => ['5'] }], [:base => "", :scope => 0, :attributes => ['domainFunctionality']])
     @ldap.expect(:search, ad_parent_payload(1), [:base => ad_group_dn, :scope => 0, :attributes => ['memberof']])
   end
 
@@ -20,7 +21,7 @@ class TestADMemberService < MiniTest::Test
 
   def nest_deep(n)
     # add all the expects
-    1.upto(n-1) do |i|
+    1.upto(n - 1) do |i|
       @ldap.expect(:search, ad_parent_payload(i + 1), [:base => ad_group_dn("bros#{i}"), :scope => 0, :attributes => ['memberof']])
     end
     # terminate or we loop FOREVER
@@ -39,11 +40,19 @@ class TestADMemberService < MiniTest::Test
     end
   end
 
+  def transitive_user
+    ad_transitive_payload = [{ 'msds-memberoftransitive' => [ad_group_dn("bros#1"), ad_group_dn("bros#2"), ad_group_dn("bros#3"), ad_group_dn("bros#4"), ad_group_dn("bros#5")] }]
+
+    @ldap.expect(:search, ad_user_payload('john'), [:filter => ad_name_filter("john")])
+    @ldap.expect(:search, [{ :domainfunctionality => ['6'] }], [:base => "", :scope => 0, :attributes => ['domainFunctionality']])
+    @ldap.expect(:search, ad_transitive_payload, [:base => ad_user_dn("john"), :scope => 0, :attributes => ['msds-memberOfTransitive']])
+  end
+
   def test_find_user
     basic_user
     @ldap.expect(:search, [], [:base => ad_group_dn('bros1'), :scope => 0, :attributes => ['memberof']])
     @adms.ldap = @ldap
-    assert_equal(%w(group bros1), @adms.find_user_groups("john"))
+    assert_equal(%w[group bros1], @adms.find_user_groups("john"))
     @ldap.verify
   end
 
@@ -53,7 +62,7 @@ class TestADMemberService < MiniTest::Test
     # now make 'bros1' be memberof 'group' again
     @ldap.expect(:search, ad_user_payload, [:base => ad_group_dn('bros1'), :scope => 0, :attributes => ['memberof']])
     @adms.ldap = @ldap
-    assert_equal(%w(group bros1), @adms.find_user_groups("john"))
+    assert_equal(%w[group bros1], @adms.find_user_groups("john"))
     @ldap.verify
   end
 
@@ -82,6 +91,13 @@ class TestADMemberService < MiniTest::Test
     @ldap.verify
   end
 
+  def test_transitive_groups
+    transitive_user
+    @adms.ldap = @ldap
+    assert_equal(5, @adms.find_user_groups('john').size)
+    @ldap.verify
+  end
+
   def test_nil_payload
     assert_equal([], @adms._groups_from_ldap_data(nil))
   end
@@ -160,5 +176,4 @@ class TestADMemberService < MiniTest::Test
     entry = Net::LDAP::Entry.new('Example User')
     assert_nil(@adms.get_login_from_entry(entry))
   end
-
 end

data/test/ad_test.rb

@@ -5,12 +5,12 @@ class TestAD < MiniTest::Test
 
   def setup
     super
-    @ad   = LdapFluff::ActiveDirectory.new(@config)
+    @ad = LdapFluff::ActiveDirectory.new(@config)
   end
 
   # default setup for service bind users
   def service_bind
-    @ldap.expect(:auth, nil, %w(service pass))
+    @ldap.expect(:auth, nil, %w[service pass])
     super
   end
 
@@ -37,7 +37,7 @@ class TestAD < MiniTest::Test
     @md = MiniTest::Mock.new
     user_result = MiniTest::Mock.new
     user_result.expect(:dn, ad_user_dn('Internet User'))
-    @md.expect(:find_user, [user_result], %w(internet))
+    @md.expect(:find_user, [user_result], %w[internet])
     @ad.member_service = @md
     service_bind
     @ldap.expect(:auth, nil, [ad_user_dn('Internet User'), "password"])
@@ -47,7 +47,7 @@ class TestAD < MiniTest::Test
   end
 
   def test_bad_bind
-    @ldap.expect(:auth, nil, %w(EXAMPLE\\internet password))
+    @ldap.expect(:auth, nil, %w[EXAMPLE\\internet password])
     @ldap.expect(:bind, false)
     @ad.ldap = @ldap
     assert_equal(@ad.bind?("EXAMPLE\\internet", "password"), false)
@@ -57,14 +57,14 @@ class TestAD < MiniTest::Test
   def test_groups
     service_bind
     basic_user
-    assert_equal(@ad.groups_for_uid('john'), %w(bros))
+    assert_equal(@ad.groups_for_uid('john'), %w[bros])
   end
 
   def test_bad_user
     service_bind
     md = MiniTest::Mock.new
-    md.expect(:find_user_groups, nil, %w(john))
-    def md.find_user_groups(*args)
+    md.expect(:find_user_groups, nil, %w[john])
+    def md.find_user_groups(*_args)
       raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
     end
     @ad.member_service = md
@@ -72,7 +72,7 @@ class TestAD < MiniTest::Test
   end
 
   def test_bad_service_user
-    @ldap.expect(:auth, nil, %w(service pass))
+    @ldap.expect(:auth, nil, %w[service pass])
     @ldap.expect(:bind, false)
     @ad.ldap = @ldap
     assert_raises(LdapFluff::ActiveDirectory::UnauthenticatedException) do
@@ -83,39 +83,39 @@ class TestAD < MiniTest::Test
   def test_is_in_groups
     service_bind
     basic_user
-    assert_equal(@ad.is_in_groups("john", %w(bros), false), true)
+    assert_equal(@ad.is_in_groups("john", %w[bros], false), true)
   end
 
   def test_is_some_groups
     service_bind
     basic_user
-    assert_equal(@ad.is_in_groups("john", %w(bros buds), false), true)
+    assert_equal(@ad.is_in_groups("john", %w[bros buds], false), true)
   end
 
   def test_isnt_in_all_groups
     service_bind
     basic_user
-    assert_equal(@ad.is_in_groups("john", %w(bros buds), true), false)
+    assert_equal(@ad.is_in_groups("john", %w[bros buds], true), false)
   end
 
   def test_isnt_in_groups
     service_bind
     basic_user
-    assert_equal(@ad.is_in_groups("john", %w(broskies), false), false)
+    assert_equal(@ad.is_in_groups("john", %w[broskies], false), false)
   end
 
   def test_group_subset
     service_bind
     bigtime_user
-    assert_equal(@ad.is_in_groups("john", %w(broskies), true), true)
+    assert_equal(@ad.is_in_groups("john", %w[broskies], true), true)
   end
 
   def test_subgroups_in_groups_are_ignored
-    group        = Net::LDAP::Entry.new('foremaners')
+    group = Net::LDAP::Entry.new('foremaners')
     md = MiniTest::Mock.new
     2.times { md.expect(:find_group, [group], ['foremaners']) }
     2.times { service_bind }
-    def md.find_by_dn(dn)
+    def md.find_by_dn(_dn)
       raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
     end
     @ad.member_service = md
@@ -125,7 +125,7 @@ class TestAD < MiniTest::Test
 
   def test_user_exists
     md = MiniTest::Mock.new
-    md.expect(:find_user, 'notnilluser', %w(john))
+    md.expect(:find_user, 'notnilluser', %w[john])
     @ad.member_service = md
     service_bind
     assert(@ad.user_exists?('john'))
@@ -133,8 +133,8 @@ class TestAD < MiniTest::Test
 
   def test_missing_user
     md = MiniTest::Mock.new
-    md.expect(:find_user, nil, %w(john))
-    def md.find_user(uid)
+    md.expect(:find_user, nil, %w[john])
+    def md.find_user(_uid)
       raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
     end
     @ad.member_service = md
@@ -144,7 +144,7 @@ class TestAD < MiniTest::Test
 
   def test_group_exists
     md = MiniTest::Mock.new
-    md.expect(:find_group, 'notnillgroup', %w(broskies))
+    md.expect(:find_group, 'notnillgroup', %w[broskies])
     @ad.member_service = md
     service_bind
     assert(@ad.group_exists?('broskies'))
@@ -152,8 +152,8 @@ class TestAD < MiniTest::Test
 
   def test_missing_group
     md = MiniTest::Mock.new
-    md.expect(:find_group, nil, %w(broskies))
-    def md.find_group(uid)
+    md.expect(:find_group, nil, %w[broskies])
+    def md.find_group(_uid)
       raise LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException
     end
     @ad.member_service = md
@@ -194,7 +194,7 @@ class TestAD < MiniTest::Test
     nested_group[:cn] = ['katellers']
     nested_group[:objectclass] = ['organizationalunit']
     nested_group[:memberof] = ['CN=foremaners,DC=corp,DC=windows,DC=com']
-    nested_user[:objectclass]  = ['person']
+    nested_user[:objectclass] = ['person']
 
     md = MiniTest::Mock.new
     2.times { md.expect(:find_group, [group], ['foremaners']) }
@@ -208,5 +208,4 @@ class TestAD < MiniTest::Test
     assert_equal @ad.users_for_gid('foremaners'), ['testuser']
     md.verify
   end
-
 end

data/test/config_test.rb

@@ -4,27 +4,27 @@ class ConfigTest < MiniTest::Test
   include LdapTestHelper
 
   def test_unsupported_type
-    assert_raises(LdapFluff::Config::ConfigError) { LdapFluff.new(config_hash.update :server_type => 'inactive_directory') }
+    assert_raises(LdapFluff::Config::ConfigError) { LdapFluff.new(config_hash.update(:server_type => 'inactive_directory')) }
   end
 
   def test_load_posix
-    ldap = LdapFluff.new(config_hash.update :server_type => 'posix')
+    ldap = LdapFluff.new(config_hash.update(:server_type => 'posix'))
     assert_instance_of LdapFluff::Posix, ldap.ldap
   end
 
   def test_load_ad
-    ldap = LdapFluff.new(config_hash.update :server_type => 'active_directory')
+    ldap = LdapFluff.new(config_hash.update(:server_type => 'active_directory'))
     assert_instance_of LdapFluff::ActiveDirectory, ldap.ldap
   end
 
   def test_load_free_ipa
-    ldap = LdapFluff.new(config_hash.update :server_type => 'free_ipa')
+    ldap = LdapFluff.new(config_hash.update(:server_type => 'free_ipa'))
     assert_instance_of LdapFluff::FreeIPA, ldap.ldap
   end
 
   def test_instrumentation_service
     is = Object.new
-    net_ldap = LdapFluff.new(config_hash.update :instrumentation_service => is).ldap.ldap
+    net_ldap = LdapFluff.new(config_hash.update(:instrumentation_service => is)).ldap.ldap
     assert_equal is, net_ldap.send(:instrumentation_service)
   end
 end

data/test/ipa_member_services_test.rb

@@ -19,7 +19,7 @@ class TestIPAMemberService < MiniTest::Test
   def test_find_user
     basic_user
     @ipams.ldap = @ldap
-    assert_equal(%w(group bros), @ipams.find_user_groups("john"))
+    assert_equal(%w[group bros], @ipams.find_user_groups("john"))
     @ldap.verify
   end
 
@@ -35,7 +35,7 @@ class TestIPAMemberService < MiniTest::Test
   def test_no_groups
     entry = Net::LDAP::Entry.new
     entry['memberof'] = []
-    @ldap.expect(:search, [ Net::LDAP::Entry.new, entry ], [:filter => ipa_name_filter("john")])
+    @ldap.expect(:search, [Net::LDAP::Entry.new, entry], [:filter => ipa_name_filter("john")])
     @ipams.ldap = @ldap
     assert_equal([], @ipams.find_user_groups('john'))
     @ldap.verify
@@ -68,5 +68,4 @@ class TestIPAMemberService < MiniTest::Test
       @ipams.find_group('broze')
     end
   end
-
 end

data/test/ipa_netgroup_member_services_test.rb

@@ -64,5 +64,4 @@ class TestIPANetgroupMemberService < MiniTest::Test
       @ipams.find_group('broze')
     end
   end
-
 end

data/test/ipa_test.rb

@@ -19,7 +19,7 @@ class TestIPA < MiniTest::Test
     @md = MiniTest::Mock.new
     user_result = MiniTest::Mock.new
     user_result.expect(:dn, ipa_user_bind('internet'))
-    @md.expect(:find_user, [user_result], %w(internet))
+    @md.expect(:find_user, [user_result], %w[internet])
     @ipa.member_service = @md
     service_bind
     @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
@@ -48,14 +48,14 @@ class TestIPA < MiniTest::Test
   def test_groups
     service_bind
     basic_user
-    assert_equal(@ipa.groups_for_uid('john'), %w(bros))
+    assert_equal(@ipa.groups_for_uid('john'), %w[bros])
   end
 
   def test_bad_user
     service_bind
     @md = MiniTest::Mock.new
-    @md.expect(:find_user_groups, nil, %w(john))
-    def @md.find_user_groups(*args)
+    @md.expect(:find_user_groups, nil, %w[john])
+    def @md.find_user_groups(*_args)
       raise LdapFluff::FreeIPA::MemberService::UIDNotFoundException
     end
     @ipa.member_service = @md
@@ -74,42 +74,42 @@ class TestIPA < MiniTest::Test
   def test_is_in_groups
     service_bind
     basic_user
-    assert_equal(@ipa.is_in_groups("john", %w(bros), false), true)
+    assert_equal(@ipa.is_in_groups("john", %w[bros], false), true)
   end
 
   def test_is_some_groups
     service_bind
     basic_user
-    assert_equal(@ipa.is_in_groups("john", %w(bros buds), false), true)
+    assert_equal(@ipa.is_in_groups("john", %w[bros buds], false), true)
   end
 
   def test_is_in_all_groupss
     service_bind
     bigtime_user
-    assert_equal(true, @ipa.is_in_groups("john", %w(broskies bros), true))
+    assert_equal(true, @ipa.is_in_groups("john", %w[broskies bros], true))
   end
 
   def test_isnt_in_all_groups
     service_bind
     basic_user
-    assert_equal(@ipa.is_in_groups("john", %w(bros buds), true), false)
+    assert_equal(@ipa.is_in_groups("john", %w[bros buds], true), false)
   end
 
   def test_isnt_in_groups
     service_bind
     basic_user
-    assert_equal(@ipa.is_in_groups("john", %w(broskies), false), false)
+    assert_equal(@ipa.is_in_groups("john", %w[broskies], false), false)
   end
 
   def test_group_subset
     service_bind
     bigtime_user
-    assert_equal(@ipa.is_in_groups('john', %w(broskies), true), true)
+    assert_equal(@ipa.is_in_groups('john', %w[broskies], true), true)
   end
 
   def test_user_exists
     @md = MiniTest::Mock.new
-    @md.expect(:find_user, 'notnilluser', %w(john))
+    @md.expect(:find_user, 'notnilluser', %w[john])
     @ipa.member_service = @md
     service_bind
     assert(@ipa.user_exists?('john'))
@@ -117,8 +117,8 @@ class TestIPA < MiniTest::Test
 
   def test_missing_user
     @md = MiniTest::Mock.new
-    @md.expect(:find_user, nil, %w(john))
-    def @md.find_user(uid)
+    @md.expect(:find_user, nil, %w[john])
+    def @md.find_user(_uid)
       raise LdapFluff::FreeIPA::MemberService::UIDNotFoundException
     end
     @ipa.member_service = @md
@@ -128,7 +128,7 @@ class TestIPA < MiniTest::Test
 
   def test_group_exists
     @md = MiniTest::Mock.new
-    @md.expect(:find_group, 'notnillgroup', %w(broskies))
+    @md.expect(:find_group, 'notnillgroup', %w[broskies])
     @ipa.member_service = @md
     service_bind
     assert(@ipa.group_exists?('broskies'))
@@ -136,8 +136,8 @@ class TestIPA < MiniTest::Test
 
   def test_missing_group
     @md = MiniTest::Mock.new
-    @md.expect(:find_group, nil, %w(broskies))
-    def @md.find_group(uid)
+    @md.expect(:find_group, nil, %w[broskies])
+    def @md.find_group(_uid)
       raise LdapFluff::FreeIPA::MemberService::GIDNotFoundException
     end
     @ipa.member_service = @md
@@ -162,6 +162,4 @@ class TestIPA < MiniTest::Test
     assert_equal @ipa.users_for_gid('foremaners'), ['testuser']
     md.verify
   end
-
 end
-

data/test/ldap_test.rb

@@ -9,42 +9,42 @@ class TestLDAP < MiniTest::Test
   end
 
   def test_bind
-    @ldap.expect(:bind?, true, %w(john password))
+    @ldap.expect(:bind?, true, %w[john password])
     @fluff.ldap = @ldap
     assert_equal(@fluff.authenticate?("john", "password"), true)
     @ldap.verify
   end
 
   def test_groups
-    @ldap.expect(:groups_for_uid, %w(bros), %w(john))
+    @ldap.expect(:groups_for_uid, %w[bros], %w[john])
     @fluff.ldap = @ldap
-    assert_equal(@fluff.group_list('john'), %w(bros))
+    assert_equal(@fluff.group_list('john'), %w[bros])
     @ldap.verify
   end
 
   def test_group_membership
-    @ldap.expect(:is_in_groups, false, ['john', %w(broskies girlfriends), true])
+    @ldap.expect(:is_in_groups, false, ['john', %w[broskies girlfriends], true])
     @fluff.ldap = @ldap
-    assert_equal(@fluff.is_in_groups?('john', %w(broskies girlfriends)), false)
+    assert_equal(@fluff.is_in_groups?('john', %w[broskies girlfriends]), false)
     @ldap.verify
   end
 
   def test_valid_user
-    @ldap.expect(:user_exists?, true, %w(john))
+    @ldap.expect(:user_exists?, true, %w[john])
     @fluff.ldap = @ldap
     assert(@fluff.valid_user?('john'))
     @ldap.verify
   end
 
   def test_valid_group
-    @ldap.expect(:group_exists?, true, %w(broskies))
+    @ldap.expect(:group_exists?, true, %w[broskies])
     @fluff.ldap = @ldap
     assert(@fluff.valid_group?('broskies'))
     @ldap.verify
   end
 
   def test_invalid_group
-    @ldap.expect(:group_exists?, false, %w(broskerinos))
+    @ldap.expect(:group_exists?, false, %w[broskerinos])
     @fluff.ldap = @ldap
     refute(@fluff.valid_group?('broskerinos'))
     @ldap.verify
@@ -56,7 +56,4 @@ class TestLDAP < MiniTest::Test
     refute(@fluff.valid_user?('johnny rotten'))
     @ldap.verify
   end
-
 end
-
-