ldap_fluff 0.6.0 → 0.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8c3b572c980fa3c48ede92f936858eb045cf54f6b507e6c7767de0751f85d9cc
4
- data.tar.gz: 9280821c5a7ecc20c2300421d9a5947820de407da3480143b08c6ec146675dcb
3
+ metadata.gz: c6a3d7c2ebc986e4ff3738e42f1539a93611fedff9eb399a6fc606f14f11a40a
4
+ data.tar.gz: 9d53b1528ff20d5c44d547b3fc6dec041d3aa6bb6e915d8d7e96186fc77ec04d
5
5
  SHA512:
6
- metadata.gz: 4d74d42c9156af61cc485d6e8c1a99d1945aa97157659e627323f60e5b09807ea2c860fd10c62e9ce209d393200a5b57ef20205e8fc66eecf7762af7be56ee22
7
- data.tar.gz: 1228b0a8730546ec3e38658bb3a86166bc10cb2af607a8d6e3ee77e3dd8c9ee465c0bbd2383ff1d8f5cdeed3053fd6a649dbdc8b145ccb29e47321ec7ef3e973
6
+ metadata.gz: 85a888d7da528bfe2f4f2dfe4dea9793c5adf9812fe054c3467eba3873b9fa838dde18a44844a888beea02bf178b0f2b71b4de3c1d79444e4bf513c2c9c185af
7
+ data.tar.gz: 19076c83f5ef10f0e334f430d9393b2f4bb855bedc1e2a601ccd9e59ead89600957f3469508caee8fb6b04e5a255fad3f17eae068fa41fb732fbc25bfc3eb2c2
@@ -26,7 +26,7 @@ class LdapFluff::ActiveDirectory::MemberService < LdapFluff::GenericMemberServic
26
26
 
27
27
  # return the domain functionality level, default to 0
28
28
  def _get_domain_func_level
29
- return @domain_functionality unless @domain_functionality.nil?
29
+ return @domain_functionality if defined?(@domain_functionality)
30
30
 
31
31
  @domain_functionality = 0
32
32
 
@@ -57,7 +57,7 @@ class LdapFluff::ActiveDirectory::MemberService < LdapFluff::GenericMemberServic
57
57
  next unless !search.nil? && !search.first.nil?
58
58
  groups = search.first[:memberof] - known_groups
59
59
  known_groups += groups
60
- next_level, new_known_groups = _walk_group_ancestry(groups, known_groups)
60
+ next_level, _new_known_groups = _walk_group_ancestry(groups, known_groups)
61
61
  set += next_level
62
62
  set += groups
63
63
  known_groups += next_level
@@ -65,8 +65,8 @@ class LdapFluff::Config
65
65
  end
66
66
 
67
67
  def correct_server_type?(config)
68
- unless %i[posix active_directory free_ipa].include?(config['server_type'])
69
- raise ConfigError, 'config key server_type has to be :active_directory, :posix, :free_ipa ' +
68
+ unless %i[posix active_directory free_ipa netiq].include?(config['server_type'])
69
+ raise ConfigError, 'config key server_type has to be :active_directory, :posix, :free_ipa, :netiq ' +
70
70
  "but was #{config['server_type']}"
71
71
  end
72
72
  end
@@ -13,6 +13,8 @@ class LdapFluff
13
13
  @ldap = ActiveDirectory.new(config)
14
14
  when :free_ipa
15
15
  @ldap = FreeIPA.new(config)
16
+ when :netiq
17
+ @ldap = NetIQ.new(config)
16
18
  else
17
19
  raise 'unknown server_type'
18
20
  end
@@ -0,0 +1,6 @@
1
+ class LdapFluff::NetIQ < LdapFluff::Posix
2
+ def create_member_service(config)
3
+ service_bind
4
+ super(config)
5
+ end
6
+ end
@@ -0,0 +1,43 @@
1
+ require 'net/ldap'
2
+
3
+ # handles the naughty bits of posix ldap
4
+ class LdapFluff::NetIQ::MemberService < LdapFluff::Posix::MemberService
5
+ def initialize(ldap, config)
6
+ super
7
+ # set default after super, because Posix' initialize would overwrite it otherwise
8
+ @attr_login = (config.attr_login || 'uid')
9
+ end
10
+
11
+ def find_by_dn(search_dn)
12
+ entry, base = search_dn.split(/(?<!\\),/, 2)
13
+ _entry_attr, entry_value = entry.split('=', 2)
14
+ entry_value = entry_value.gsub('\,', ',')
15
+ user = @ldap.search(:filter => name_filter(entry_value, 'workforceid'), :base => base)
16
+ raise self.class::UIDNotFoundException if (user.nil? || user.empty?)
17
+ user
18
+ end
19
+
20
+ def get_logins(userlist)
21
+ userlist.map do |current_user|
22
+ find_by_dn(current_user&.downcase)[0][@attr_login][0]
23
+ end
24
+ end
25
+
26
+ # return an ldap user with groups attached
27
+ # note : this method is not particularly fast for large ldap systems
28
+ def find_user_groups(uid)
29
+ filter = Net::LDAP::Filter.eq('memberuid', uid)
30
+ begin
31
+ user = find_user(uid)[0][:dn][0]
32
+ filter |= Net::LDAP::Filter.eq('member', user)
33
+ rescue UIDNotFoundException
34
+ # do nothing
35
+ end
36
+
37
+ @ldap.search(
38
+ :filter => filter,
39
+ :base => @group_base,
40
+ :attributes => ['cn']
41
+ ).map { |entry| entry[:cn][0] }
42
+ end
43
+ end
@@ -16,32 +16,10 @@ class LdapFluff::Posix::MemberService < LdapFluff::GenericMemberService
16
16
  # return an ldap user with groups attached
17
17
  # note : this method is not particularly fast for large ldap systems
18
18
  def find_user_groups(uid)
19
- groups = []
20
- @ldap.search(:filter => Net::LDAP::Filter.eq('memberuid', uid), :base => @group_base).each do |entry|
21
- groups << entry[:cn][0]
22
- end
23
- groups
24
- end
25
-
26
- def times_in_groups(uid, gids, all)
27
- filters = []
28
- gids.each do |cn|
29
- filters << group_filter(cn)
30
- end
31
- group_filters = merge_filters(filters, all)
32
- filter = name_filter(uid) & group_filters
33
- @ldap.search(:base => @group_base, :filter => filter).size
34
- end
35
-
36
- # AND or OR all of the filters together
37
- def merge_filters(filters = [], all = false)
38
- if !filters.nil? && filters.size >= 1
39
- filter = filters[0]
40
- filters[1..(filters.size - 1)].each do |gfilter|
41
- filter = (all ? filter & gfilter : filter | gfilter)
42
- end
43
- filter
44
- end
19
+ @ldap.search(
20
+ :filter => Net::LDAP::Filter.eq('memberuid', uid),
21
+ :base => @group_base, :attributes => ["cn"]
22
+ ).map { |entry| entry[:cn][0] }
45
23
  end
46
24
 
47
25
  class UIDNotFoundException < LdapFluff::Error
data/lib/ldap_fluff.rb CHANGED
@@ -11,3 +11,5 @@ require 'ldap_fluff/posix_netgroup_member_service'
11
11
  require 'ldap_fluff/freeipa'
12
12
  require 'ldap_fluff/freeipa_member_service'
13
13
  require 'ldap_fluff/freeipa_netgroup_member_service'
14
+ require 'ldap_fluff/netiq'
15
+ require 'ldap_fluff/netiq_member_service'
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestADMemberService < MiniTest::Test
3
+ class TestADMemberService < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
data/test/ad_test.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestAD < MiniTest::Test
3
+ class TestAD < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -34,8 +34,8 @@ class TestAD < MiniTest::Test
34
34
 
35
35
  def test_good_bind_with_account_name
36
36
  # looks up the account name's full DN via the service account
37
- @md = MiniTest::Mock.new
38
- user_result = MiniTest::Mock.new
37
+ @md = Minitest::Mock.new
38
+ user_result = Minitest::Mock.new
39
39
  user_result.expect(:dn, ad_user_dn('Internet User'))
40
40
  @md.expect(:find_user, [user_result], %w[internet])
41
41
  @ad.member_service = @md
@@ -62,7 +62,7 @@ class TestAD < MiniTest::Test
62
62
 
63
63
  def test_bad_user
64
64
  service_bind
65
- md = MiniTest::Mock.new
65
+ md = Minitest::Mock.new
66
66
  md.expect(:find_user_groups, nil, %w[john])
67
67
  def md.find_user_groups(*_args)
68
68
  raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
@@ -112,7 +112,7 @@ class TestAD < MiniTest::Test
112
112
 
113
113
  def test_subgroups_in_groups_are_ignored
114
114
  group = Net::LDAP::Entry.new('foremaners')
115
- md = MiniTest::Mock.new
115
+ md = Minitest::Mock.new
116
116
  2.times { md.expect(:find_group, [group], ['foremaners']) }
117
117
  2.times { service_bind }
118
118
  def md.find_by_dn(_dn)
@@ -124,7 +124,7 @@ class TestAD < MiniTest::Test
124
124
  end
125
125
 
126
126
  def test_user_exists
127
- md = MiniTest::Mock.new
127
+ md = Minitest::Mock.new
128
128
  md.expect(:find_user, 'notnilluser', %w[john])
129
129
  @ad.member_service = md
130
130
  service_bind
@@ -132,7 +132,7 @@ class TestAD < MiniTest::Test
132
132
  end
133
133
 
134
134
  def test_missing_user
135
- md = MiniTest::Mock.new
135
+ md = Minitest::Mock.new
136
136
  md.expect(:find_user, nil, %w[john])
137
137
  def md.find_user(_uid)
138
138
  raise LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException
@@ -143,7 +143,7 @@ class TestAD < MiniTest::Test
143
143
  end
144
144
 
145
145
  def test_group_exists
146
- md = MiniTest::Mock.new
146
+ md = Minitest::Mock.new
147
147
  md.expect(:find_group, 'notnillgroup', %w[broskies])
148
148
  @ad.member_service = md
149
149
  service_bind
@@ -151,7 +151,7 @@ class TestAD < MiniTest::Test
151
151
  end
152
152
 
153
153
  def test_missing_group
154
- md = MiniTest::Mock.new
154
+ md = Minitest::Mock.new
155
155
  md.expect(:find_group, nil, %w[broskies])
156
156
  def md.find_group(_uid)
157
157
  raise LdapFluff::ActiveDirectory::MemberService::GIDNotFoundException
@@ -172,7 +172,7 @@ class TestAD < MiniTest::Test
172
172
  nested_group[:objectclass] = ['organizationalunit']
173
173
  nested_user[:objectclass] = ['person']
174
174
 
175
- md = MiniTest::Mock.new
175
+ md = Minitest::Mock.new
176
176
  2.times { md.expect(:find_group, [group], ['foremaners']) }
177
177
  2.times { md.expect(:find_group, [nested_group], ['katellers']) }
178
178
  2.times { service_bind }
@@ -196,7 +196,7 @@ class TestAD < MiniTest::Test
196
196
  nested_group[:memberof] = ['CN=foremaners,DC=corp,DC=windows,DC=com']
197
197
  nested_user[:objectclass] = ['person']
198
198
 
199
- md = MiniTest::Mock.new
199
+ md = Minitest::Mock.new
200
200
  2.times { md.expect(:find_group, [group], ['foremaners']) }
201
201
  2.times { md.expect(:find_group, [nested_group], ['katellers']) }
202
202
  2.times { service_bind }
data/test/config_test.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class ConfigTest < MiniTest::Test
3
+ class ConfigTest < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def test_unsupported_type
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestIPAMemberService < MiniTest::Test
3
+ class TestIPAMemberService < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestIPANetgroupMemberService < MiniTest::Test
3
+ class TestIPANetgroupMemberService < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
data/test/ipa_test.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestIPA < MiniTest::Test
3
+ class TestIPA < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -16,8 +16,8 @@ class TestIPA < MiniTest::Test
16
16
 
17
17
  def test_good_bind
18
18
  # looks up the uid's full DN via the service account
19
- @md = MiniTest::Mock.new
20
- user_result = MiniTest::Mock.new
19
+ @md = Minitest::Mock.new
20
+ user_result = Minitest::Mock.new
21
21
  user_result.expect(:dn, ipa_user_bind('internet'))
22
22
  @md.expect(:find_user, [user_result], %w[internet])
23
23
  @ipa.member_service = @md
@@ -53,7 +53,7 @@ class TestIPA < MiniTest::Test
53
53
 
54
54
  def test_bad_user
55
55
  service_bind
56
- @md = MiniTest::Mock.new
56
+ @md = Minitest::Mock.new
57
57
  @md.expect(:find_user_groups, nil, %w[john])
58
58
  def @md.find_user_groups(*_args)
59
59
  raise LdapFluff::FreeIPA::MemberService::UIDNotFoundException
@@ -108,7 +108,7 @@ class TestIPA < MiniTest::Test
108
108
  end
109
109
 
110
110
  def test_user_exists
111
- @md = MiniTest::Mock.new
111
+ @md = Minitest::Mock.new
112
112
  @md.expect(:find_user, 'notnilluser', %w[john])
113
113
  @ipa.member_service = @md
114
114
  service_bind
@@ -116,7 +116,7 @@ class TestIPA < MiniTest::Test
116
116
  end
117
117
 
118
118
  def test_missing_user
119
- @md = MiniTest::Mock.new
119
+ @md = Minitest::Mock.new
120
120
  @md.expect(:find_user, nil, %w[john])
121
121
  def @md.find_user(_uid)
122
122
  raise LdapFluff::FreeIPA::MemberService::UIDNotFoundException
@@ -127,7 +127,7 @@ class TestIPA < MiniTest::Test
127
127
  end
128
128
 
129
129
  def test_group_exists
130
- @md = MiniTest::Mock.new
130
+ @md = Minitest::Mock.new
131
131
  @md.expect(:find_group, 'notnillgroup', %w[broskies])
132
132
  @ipa.member_service = @md
133
133
  service_bind
@@ -135,7 +135,7 @@ class TestIPA < MiniTest::Test
135
135
  end
136
136
 
137
137
  def test_missing_group
138
- @md = MiniTest::Mock.new
138
+ @md = Minitest::Mock.new
139
139
  @md.expect(:find_group, nil, %w[broskies])
140
140
  def @md.find_group(_uid)
141
141
  raise LdapFluff::FreeIPA::MemberService::GIDNotFoundException
@@ -151,7 +151,7 @@ class TestIPA < MiniTest::Test
151
151
  nested_group = Net::LDAP::Entry.new('gid=katellers,cn=Groups,cn=accounts,dc=localdomain')
152
152
  nested_group[:member] = ['uid=testuser,cn=users,cn=accounts,dc=localdomain']
153
153
 
154
- md = MiniTest::Mock.new
154
+ md = Minitest::Mock.new
155
155
  2.times { md.expect(:find_group, [group], ['foremaners']) }
156
156
  2.times { md.expect(:find_group, [nested_group], ['katellers']) }
157
157
  2.times { service_bind }
data/test/ldap_test.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestLDAP < MiniTest::Test
3
+ class TestLDAP < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -21,7 +21,7 @@ module LdapTestHelper
21
21
 
22
22
  def setup
23
23
  config
24
- @ldap = MiniTest::Mock.new
24
+ @ldap = Minitest::Mock.new
25
25
  end
26
26
 
27
27
  def config
@@ -38,13 +38,13 @@ module LdapTestHelper
38
38
  end
39
39
 
40
40
  def basic_user
41
- @md = MiniTest::Mock.new
41
+ @md = Minitest::Mock.new
42
42
  @md.expect(:find_user_groups, %w[bros], %w[john])
43
43
  get_test_instance_variable.member_service = @md
44
44
  end
45
45
 
46
46
  def bigtime_user
47
- @md = MiniTest::Mock.new
47
+ @md = Minitest::Mock.new
48
48
  @md.expect(:find_user_groups, %w[bros broskies], %w[john])
49
49
  get_test_instance_variable.member_service = @md
50
50
  end
@@ -105,6 +105,21 @@ module LdapTestHelper
105
105
  [{ :memberof => [ad_group_dn("bros#{num}"), ad_group_dn("broskies#{num}")] }]
106
106
  end
107
107
 
108
+ def netiq_user_payload
109
+ [{ :uid => ["john"],
110
+ # necessary, because Net::LDAP::Entry would allow both
111
+ 'uid' => ["john"],
112
+ :dn => ["cn=42,ou=usr,o=employee"],
113
+ :workeforceid => ["42"] }]
114
+ end
115
+
116
+ def netiq_group_payload
117
+ [{ :cn => ["broze"],
118
+ :dn => ["cn=broze,ou=mygroup,ou=apps,o=global"],
119
+ :member => ["cn=42,ou=usr,o=employee"],
120
+ :workforceid => ["21"] }]
121
+ end
122
+
108
123
  def posix_user_payload
109
124
  [{ :cn => ["john"] }]
110
125
  end
@@ -0,0 +1,81 @@
1
+ require 'lib/ldap_test_helper'
2
+
3
+ class TestNetIQMemberService < Minitest::Test
4
+ include LdapTestHelper
5
+
6
+ def setup
7
+ super
8
+ @ms = LdapFluff::NetIQ::MemberService.new(@ldap, @config)
9
+ end
10
+
11
+ def test_find_user
12
+ user = netiq_user_payload
13
+ @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
14
+ :base => config.base_dn])
15
+ @ms.ldap = @ldap
16
+ assert_equal netiq_user_payload, @ms.find_user('john')
17
+ @ldap.verify
18
+ end
19
+
20
+ def test_find_user_groups
21
+ user = netiq_group_payload
22
+ @ldap.expect(:search, netiq_user_payload, [:filter => @ms.name_filter('john'), :base => config.base_dn])
23
+ @ldap.expect(:search, user, [:filter => Net::LDAP::Filter.eq('memberuid', 'john') |
24
+ Net::LDAP::Filter.eq('member', 'cn=42,ou=usr,o=employee'),
25
+ :base => config.group_base, :attributes => ['cn']])
26
+ @ms.ldap = @ldap
27
+ assert_equal ['broze'], @ms.find_user_groups('john')
28
+ @ldap.verify
29
+ end
30
+
31
+ def test_find_no_groups
32
+ @ldap.expect(:search, [], [:filter => @ms.name_filter('john'), :base => config.base_dn])
33
+ @ldap.expect(:search, [], [:filter => Net::LDAP::Filter.eq('memberuid', 'john'),
34
+ :base => config.group_base, :attributes => ['cn']])
35
+ @ms.ldap = @ldap
36
+ assert_equal [], @ms.find_user_groups('john')
37
+ @ldap.verify
38
+ end
39
+
40
+ def test_user_exists
41
+ user = netiq_user_payload
42
+ @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
43
+ :base => config.base_dn])
44
+ @ms.ldap = @ldap
45
+ assert @ms.find_user('john')
46
+ @ldap.verify
47
+ end
48
+
49
+ def test_user_doesnt_exists
50
+ @ldap.expect(:search, nil, [:filter => @ms.name_filter('john'),
51
+ :base => config.base_dn])
52
+ @ms.ldap = @ldap
53
+ assert_raises(LdapFluff::NetIQ::MemberService::UIDNotFoundException) { @ms.find_user('john') }
54
+ @ldap.verify
55
+ end
56
+
57
+ def test_group_exists
58
+ group = netiq_group_payload
59
+ @ldap.expect(:search, group, [:filter => @ms.group_filter('broze'),
60
+ :base => config.group_base])
61
+ @ms.ldap = @ldap
62
+ assert @ms.find_group('broze')
63
+ @ldap.verify
64
+ end
65
+
66
+ def test_group_doesnt_exists
67
+ @ldap.expect(:search, nil, [:filter => @ms.group_filter('broze'),
68
+ :base => config.group_base])
69
+ @ms.ldap = @ldap
70
+ assert_raises(LdapFluff::NetIQ::MemberService::GIDNotFoundException) { @ms.find_group('broze') }
71
+ @ldap.verify
72
+ end
73
+
74
+ def test_get_logins
75
+ @ldap.expect(:search, netiq_user_payload,
76
+ [:filter => @ms.name_filter('42', "workforceid"),
77
+ :base => 'ou=usr,o=employee'])
78
+
79
+ assert_equal ['john'], @ms.get_logins(['cn=42,ou=usr,o=employee'])
80
+ end
81
+ end
@@ -0,0 +1,145 @@
1
+ require 'lib/ldap_test_helper'
2
+
3
+ class TestNetIQ < Minitest::Test
4
+ include LdapTestHelper
5
+
6
+ def setup
7
+ super
8
+ @ldap.expect(:bind, true)
9
+ @ldap.expect(:auth, nil, %w[service pass])
10
+ Net::LDAP.stub :new, @ldap do
11
+ @netiq = LdapFluff::NetIQ.new(@config)
12
+ end
13
+ end
14
+
15
+ def service_bind
16
+ @ldap.expect(:auth, nil, %w[service pass])
17
+ super
18
+ end
19
+
20
+ def test_groups
21
+ service_bind
22
+ basic_user
23
+ assert_equal(@netiq.groups_for_uid("john"), %w[bros])
24
+ end
25
+
26
+ def test_missing_user
27
+ md = Minitest::Mock.new
28
+ md.expect(:find_user_groups, [], %w[john])
29
+ @netiq.member_service = md
30
+ @ldap.expect(:bind, true)
31
+ @ldap.expect(:auth, nil, %w[service pass])
32
+ assert_equal([], @netiq.groups_for_uid('john'))
33
+ end
34
+
35
+ def test_isnt_in_groups
36
+ service_bind
37
+ basic_user
38
+ assert_equal(@netiq.is_in_groups('john', %w[broskies], true), false)
39
+ end
40
+
41
+ def test_is_in_groups
42
+ service_bind
43
+ basic_user
44
+ assert_equal(@netiq.is_in_groups('john', %w[bros], true), true)
45
+ end
46
+
47
+ def test_is_in_no_groups
48
+ service_bind
49
+ basic_user
50
+ assert_equal(@netiq.is_in_groups('john', [], true), true)
51
+ end
52
+
53
+ def test_good_bind
54
+ # looks up the uid's full DN via the service account
55
+ @md = Minitest::Mock.new
56
+ user_result = Minitest::Mock.new
57
+ user_result.expect(:dn, 'uid=internet,dn=example')
58
+ @md.expect(:find_user, [user_result], %w[internet])
59
+ @netiq.member_service = @md
60
+ service_bind
61
+ @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
62
+ @ldap.expect(:bind, true)
63
+ @netiq.ldap = @ldap
64
+ assert_equal(@netiq.bind?("internet", "password"), true)
65
+ end
66
+
67
+ def test_good_bind_with_dn
68
+ # no expectation on the service account
69
+ @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
70
+ @ldap.expect(:bind, true)
71
+ @netiq.ldap = @ldap
72
+ assert_equal(@netiq.bind?("uid=internet,dn=example", "password"), true)
73
+ end
74
+
75
+ def test_bad_bind
76
+ @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
77
+ @ldap.expect(:bind, false)
78
+ @netiq.ldap = @ldap
79
+ assert_equal(@netiq.bind?("uid=internet,dn=example", "password"), false)
80
+ end
81
+
82
+ def test_user_exists
83
+ service_bind
84
+ md = Minitest::Mock.new
85
+ md.expect(:find_user, 'notnilluser', %w[john])
86
+ @netiq.member_service = md
87
+ assert(@netiq.user_exists?('john'))
88
+ end
89
+
90
+ def test_user_not_exists
91
+ service_bind
92
+ md = Minitest::Mock.new
93
+ md.expect(:find_user, nil, %w[john])
94
+ def md.find_user(_uid)
95
+ raise LdapFluff::NetIQ::MemberService::UIDNotFoundException
96
+ end
97
+ @netiq.member_service = md
98
+ refute(@netiq.user_exists?('john'))
99
+ end
100
+
101
+ def test_group_exists
102
+ service_bind
103
+ md = Minitest::Mock.new
104
+ md.expect(:find_group, 'notnillgroup', %w[broskies])
105
+ @netiq.member_service = md
106
+ assert(@netiq.group_exists?('broskies'))
107
+ end
108
+
109
+ def test_missing_group
110
+ service_bind
111
+ md = Minitest::Mock.new
112
+ md.expect(:find_group, nil, %w[broskies])
113
+ def md.find_group(_uid)
114
+ raise LdapFluff::NetIQ::MemberService::GIDNotFoundException
115
+ end
116
+ @netiq.member_service = md
117
+ refute(@netiq.group_exists?('broskies'))
118
+ end
119
+
120
+ def test_find_users_in_nested_groups
121
+ service_bind
122
+ group = Net::LDAP::Entry.new('CN=foremaners,DC=example,DC=com')
123
+ group[:memberuid] = ['katellers']
124
+ nested_group = Net::LDAP::Entry.new('CN=katellers,CN=foremaners,DC=example,DC=com')
125
+ nested_group[:memberuid] = ['testuser']
126
+
127
+ @ldap.expect(:search,
128
+ [nested_group],
129
+ [{ :base => group.dn,
130
+ :filter => Net::LDAP::Filter.eq('objectClass', 'posixGroup') |
131
+ Net::LDAP::Filter.eq('objectClass', 'organizationalunit') |
132
+ Net::LDAP::Filter.eq('objectClass', 'groupOfUniqueNames') |
133
+ Net::LDAP::Filter.eq('objectClass', 'groupOfNames') }])
134
+ @netiq.ldap = @ldap
135
+
136
+ md = Minitest::Mock.new
137
+ 2.times { md.expect(:find_group, [group], ['foremaners']) }
138
+ @netiq.member_service = md
139
+
140
+ assert_equal @netiq.users_for_gid('foremaners'), ['testuser']
141
+
142
+ md.verify
143
+ @ldap.verify
144
+ end
145
+ end
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestPosixMemberService < MiniTest::Test
3
+ class TestPosixMemberService < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -20,7 +20,8 @@ class TestPosixMemberService < MiniTest::Test
20
20
  def test_find_user_groups
21
21
  user = posix_group_payload
22
22
  @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
23
- :base => config.group_base])
23
+ :base => config.group_base,
24
+ :attributes => ["cn"]])
24
25
  @ms.ldap = @ldap
25
26
  assert_equal ['broze'], @ms.find_user_groups('john')
26
27
  @ldap.verify
@@ -28,7 +29,8 @@ class TestPosixMemberService < MiniTest::Test
28
29
 
29
30
  def test_find_no_groups
30
31
  @ldap.expect(:search, [], [:filter => @ms.name_filter("john"),
31
- :base => config.group_base])
32
+ :base => config.group_base,
33
+ :attributes => ["cn"]])
32
34
  @ms.ldap = @ldap
33
35
  assert_equal [], @ms.find_user_groups('john')
34
36
  @ldap.verify
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestPosixNetgroupMemberService < MiniTest::Test
3
+ class TestPosixNetgroupMemberService < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
data/test/posix_test.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  require 'lib/ldap_test_helper'
2
2
 
3
- class TestPosix < MiniTest::Test
3
+ class TestPosix < Minitest::Test
4
4
  include LdapTestHelper
5
5
 
6
6
  def setup
@@ -19,8 +19,9 @@ class TestPosix < MiniTest::Test
19
19
  assert_equal(@posix.groups_for_uid("john"), %w[bros])
20
20
  end
21
21
 
22
- def test_missing_user
23
- md = MiniTest::Mock.new
22
+ def test_groups_missing_user
23
+ service_bind
24
+ md = Minitest::Mock.new
24
25
  md.expect(:find_user_groups, [], %w[john])
25
26
  @posix.member_service = md
26
27
  assert_equal([], @posix.groups_for_uid('john'))
@@ -46,8 +47,8 @@ class TestPosix < MiniTest::Test
46
47
 
47
48
  def test_good_bind
48
49
  # looks up the uid's full DN via the service account
49
- @md = MiniTest::Mock.new
50
- user_result = MiniTest::Mock.new
50
+ @md = Minitest::Mock.new
51
+ user_result = Minitest::Mock.new
51
52
  user_result.expect(:dn, 'uid=internet,dn=example')
52
53
  @md.expect(:find_user, [user_result], %w[internet])
53
54
  @posix.member_service = @md
@@ -75,7 +76,7 @@ class TestPosix < MiniTest::Test
75
76
 
76
77
  def test_user_exists
77
78
  service_bind
78
- md = MiniTest::Mock.new
79
+ md = Minitest::Mock.new
79
80
  md.expect(:find_user, 'notnilluser', %w[john])
80
81
  @posix.member_service = md
81
82
  assert(@posix.user_exists?('john'))
@@ -83,7 +84,7 @@ class TestPosix < MiniTest::Test
83
84
 
84
85
  def test_missing_user
85
86
  service_bind
86
- md = MiniTest::Mock.new
87
+ md = Minitest::Mock.new
87
88
  md.expect(:find_user, nil, %w[john])
88
89
  def md.find_user(_uid)
89
90
  raise LdapFluff::Posix::MemberService::UIDNotFoundException
@@ -94,7 +95,7 @@ class TestPosix < MiniTest::Test
94
95
 
95
96
  def test_group_exists
96
97
  service_bind
97
- md = MiniTest::Mock.new
98
+ md = Minitest::Mock.new
98
99
  md.expect(:find_group, 'notnillgroup', %w[broskies])
99
100
  @posix.member_service = md
100
101
  assert(@posix.group_exists?('broskies'))
@@ -102,7 +103,7 @@ class TestPosix < MiniTest::Test
102
103
 
103
104
  def test_missing_group
104
105
  service_bind
105
- md = MiniTest::Mock.new
106
+ md = Minitest::Mock.new
106
107
  md.expect(:find_group, nil, %w[broskies])
107
108
  def md.find_group(_uid)
108
109
  raise LdapFluff::Posix::MemberService::GIDNotFoundException
@@ -127,7 +128,7 @@ class TestPosix < MiniTest::Test
127
128
  Net::LDAP::Filter.eq('objectClass', 'groupOfNames')}])
128
129
  @posix.ldap = @ldap
129
130
 
130
- md = MiniTest::Mock.new
131
+ md = Minitest::Mock.new
131
132
  2.times { md.expect(:find_group, [group], ['foremaners']) }
132
133
  @posix.member_service = md
133
134
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldap_fluff
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0
4
+ version: 0.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jordan O'Mara
@@ -10,10 +10,10 @@ authors:
10
10
  - Adam Price
11
11
  - Marek Hulan
12
12
  - Dominic Cleal
13
- autorequire:
13
+ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2021-06-25 00:00:00.000000000 Z
16
+ date: 2024-10-18 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: activesupport
@@ -21,14 +21,20 @@ dependencies:
21
21
  requirements:
22
22
  - - ">="
23
23
  - !ruby/object:Gem::Version
24
- version: '0'
24
+ version: '5'
25
+ - - "<"
26
+ - !ruby/object:Gem::Version
27
+ version: '8'
25
28
  type: :runtime
26
29
  prerelease: false
27
30
  version_requirements: !ruby/object:Gem::Requirement
28
31
  requirements:
29
32
  - - ">="
30
33
  - !ruby/object:Gem::Version
31
- version: '0'
34
+ version: '5'
35
+ - - "<"
36
+ - !ruby/object:Gem::Version
37
+ version: '8'
32
38
  - !ruby/object:Gem::Dependency
33
39
  name: net-ldap
34
40
  requirement: !ruby/object:Gem::Requirement
@@ -36,6 +42,9 @@ dependencies:
36
42
  - - ">="
37
43
  - !ruby/object:Gem::Version
38
44
  version: '0.11'
45
+ - - "<"
46
+ - !ruby/object:Gem::Version
47
+ version: '1'
39
48
  type: :runtime
40
49
  prerelease: false
41
50
  version_requirements: !ruby/object:Gem::Requirement
@@ -43,34 +52,37 @@ dependencies:
43
52
  - - ">="
44
53
  - !ruby/object:Gem::Version
45
54
  version: '0.11'
55
+ - - "<"
56
+ - !ruby/object:Gem::Version
57
+ version: '1'
46
58
  - !ruby/object:Gem::Dependency
47
59
  name: minitest
48
60
  requirement: !ruby/object:Gem::Requirement
49
61
  requirements:
50
- - - ">="
62
+ - - "~>"
51
63
  - !ruby/object:Gem::Version
52
- version: '0'
64
+ version: '5.0'
53
65
  type: :development
54
66
  prerelease: false
55
67
  version_requirements: !ruby/object:Gem::Requirement
56
68
  requirements:
57
- - - ">="
69
+ - - "~>"
58
70
  - !ruby/object:Gem::Version
59
- version: '0'
71
+ version: '5.0'
60
72
  - !ruby/object:Gem::Dependency
61
73
  name: rake
62
74
  requirement: !ruby/object:Gem::Requirement
63
75
  requirements:
64
- - - ">="
76
+ - - "~>"
65
77
  - !ruby/object:Gem::Version
66
- version: '0'
78
+ version: '13.1'
67
79
  type: :development
68
80
  prerelease: false
69
81
  version_requirements: !ruby/object:Gem::Requirement
70
82
  requirements:
71
- - - ">="
83
+ - - "~>"
72
84
  - !ruby/object:Gem::Version
73
- version: '0'
85
+ version: '13.1'
74
86
  description: Simple library for binding & group querying on top of various LDAP implementations
75
87
  email:
76
88
  - jomara@redhat.com
@@ -98,6 +110,8 @@ files:
98
110
  - lib/ldap_fluff/generic.rb
99
111
  - lib/ldap_fluff/generic_member_service.rb
100
112
  - lib/ldap_fluff/ldap_fluff.rb
113
+ - lib/ldap_fluff/netiq.rb
114
+ - lib/ldap_fluff/netiq_member_service.rb
101
115
  - lib/ldap_fluff/posix.rb
102
116
  - lib/ldap_fluff/posix_member_service.rb
103
117
  - lib/ldap_fluff/posix_netgroup_member_service.rb
@@ -109,14 +123,16 @@ files:
109
123
  - test/ipa_test.rb
110
124
  - test/ldap_test.rb
111
125
  - test/lib/ldap_test_helper.rb
126
+ - test/netiq_member_services_test.rb
127
+ - test/netiq_test.rb
112
128
  - test/posix_member_services_test.rb
113
129
  - test/posix_netgroup_member_services_test.rb
114
130
  - test/posix_test.rb
115
131
  homepage: https://github.com/theforeman/ldap_fluff
116
132
  licenses:
117
- - GPLv2
133
+ - GPL-2.0-only
118
134
  metadata: {}
119
- post_install_message:
135
+ post_install_message:
120
136
  rdoc_options: []
121
137
  require_paths:
122
138
  - lib
@@ -124,26 +140,31 @@ required_ruby_version: !ruby/object:Gem::Requirement
124
140
  requirements:
125
141
  - - ">="
126
142
  - !ruby/object:Gem::Version
127
- version: 2.4.0
143
+ version: '2.7'
144
+ - - "<"
145
+ - !ruby/object:Gem::Version
146
+ version: '4'
128
147
  required_rubygems_version: !ruby/object:Gem::Requirement
129
148
  requirements:
130
149
  - - ">="
131
150
  - !ruby/object:Gem::Version
132
151
  version: '0'
133
152
  requirements: []
134
- rubygems_version: 3.1.4
135
- signing_key:
153
+ rubygems_version: 3.3.27
154
+ signing_key:
136
155
  specification_version: 4
137
156
  summary: LDAP querying tools for Active Directory, FreeIPA and POSIX-style
138
157
  test_files:
139
- - test/lib/ldap_test_helper.rb
158
+ - test/ad_member_services_test.rb
140
159
  - test/ad_test.rb
141
160
  - test/config_test.rb
142
161
  - test/ipa_member_services_test.rb
143
162
  - test/ipa_netgroup_member_services_test.rb
144
163
  - test/ipa_test.rb
145
164
  - test/ldap_test.rb
165
+ - test/lib/ldap_test_helper.rb
166
+ - test/netiq_member_services_test.rb
167
+ - test/netiq_test.rb
146
168
  - test/posix_member_services_test.rb
147
169
  - test/posix_netgroup_member_services_test.rb
148
170
  - test/posix_test.rb
149
- - test/ad_member_services_test.rb