ldap_fluff 0.1.7 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of ldap_fluff might be problematic. Click here for more details.

Files changed (19) hide show
  1. data/lib/ldap_fluff/active_directory.rb +10 -10
  2. data/lib/ldap_fluff/ad_member_service.rb +8 -8
  3. data/lib/ldap_fluff/config.rb +9 -43
  4. data/lib/ldap_fluff/freeipa.rb +9 -9
  5. data/lib/ldap_fluff/freeipa_member_service.rb +4 -4
  6. data/lib/ldap_fluff/ldap_fluff.rb +13 -14
  7. data/lib/ldap_fluff/posix.rb +7 -8
  8. data/lib/ldap_fluff/posix_member_service.rb +5 -5
  9. data/test/ad_member_services_test.rb +5 -5
  10. data/test/ad_test.rb +11 -11
  11. data/test/config_test.rb +8 -16
  12. data/test/ipa_member_services_test.rb +3 -3
  13. data/test/ipa_test.rb +11 -11
  14. data/test/ldap_test.rb +6 -6
  15. data/test/lib/ldap_test_helper.rb +24 -20
  16. data/test/posix_member_services_test.rb +11 -36
  17. data/test/posix_test.rb +3 -3
  18. metadata +41 -19
  19. data/etc/ldap_fluff.yml +0 -11
data/lib/ldap_fluff/active_directory.rb CHANGED
@@ -2,18 +2,18 @@ class LdapFluff::ActiveDirectory
2
2
  attr_accessor :ldap, :member_service
3
3
 
4
4
  def initialize(config={})
5
- @ldap = Net::LDAP.new :host => config.host,
6
- :base => config.base_dn,
7
- :port => config.port,
8
- :encryption => config.encryption
5
+ @ldap = Net::LDAP.new :host => config.host,
6
+ :base => config.base_dn,
7
+ :port => config.port,
8
+ :encryption => config.encryption
9
9
  @group_base = config.group_base
10
10
  @group_base ||= config.base_dn
11
- @ad_domain = config.ad_domain
12
- @bind_user = config.service_user
13
- @bind_pass = config.service_pass
14
- @anon = config.anon_queries
11
+ @ad_domain = config.ad_domain
12
+ @bind_user = config.service_user
13
+ @bind_pass = config.service_pass
14
+ @anon = config.anon_queries
15
15
 
16
- @member_service = MemberService.new(@ldap,@group_base)
16
+ @member_service = MemberService.new(@ldap, @group_base)
17
17
  end
18
18
 
19
19
  def bind?(uid=nil, password=nil)
@@ -46,7 +46,7 @@ class LdapFluff::ActiveDirectory
46
46
  service_bind
47
47
  return true if gids == []
48
48
  begin
49
- groups = @member_service.find_user_groups(uid)
49
+ groups = @member_service.find_user_groups(uid)
50
50
  intersection = gids & groups
51
51
  if all
52
52
  return intersection == gids
data/lib/ldap_fluff/ad_member_service.rb CHANGED
@@ -5,8 +5,8 @@ class LdapFluff::ActiveDirectory::MemberService
5
5
 
6
6
  attr_accessor :ldap
7
7
 
8
- def initialize(ldap,group_base)
9
- @ldap = ldap
8
+ def initialize(ldap, group_base)
9
+ @ldap = ldap
10
10
  @group_base = group_base
11
11
  end
12
12
 
@@ -33,9 +33,9 @@ class LdapFluff::ActiveDirectory::MemberService
33
33
  def _groups_from_ldap_data(payload)
34
34
  data = []
35
35
  if payload != nil
36
- first_level = _group_names_from_cn(payload[:memberof])
36
+ first_level = _group_names_from_cn(payload[:memberof])
37
37
  total_groups = _walk_group_ancestry(first_level)
38
- data = (first_level + total_groups).uniq
38
+ data = (first_level + total_groups).uniq
39
39
  end
40
40
  data
41
41
  end
@@ -48,8 +48,8 @@ class LdapFluff::ActiveDirectory::MemberService
48
48
  search = @ldap.search(:filter => filter, :base => @group_base)
49
49
  if search != nil && search.first != nil
50
50
  group = search.first
51
- set += _group_names_from_cn(group[:memberof])
52
- set += _walk_group_ancestry(set)
51
+ set += _group_names_from_cn(group[:memberof])
52
+ set += _walk_group_ancestry(set)
53
53
  end
54
54
  end
55
55
  set
@@ -60,11 +60,11 @@ class LdapFluff::ActiveDirectory::MemberService
60
60
  end
61
61
 
62
62
  def class_filter
63
- Net::LDAP::Filter.eq("objectclass","group")
63
+ Net::LDAP::Filter.eq("objectclass", "group")
64
64
  end
65
65
 
66
66
  def name_filter(uid)
67
- Net::LDAP::Filter.eq("samaccountname",uid)
67
+ Net::LDAP::Filter.eq("samaccountname", uid)
68
68
  end
69
69
 
70
70
  # extract the group names from the LDAP style response,
data/lib/ldap_fluff/config.rb CHANGED
@@ -1,51 +1,17 @@
1
- require 'singleton'
2
1
  require 'yaml'
3
2
 
4
3
  class LdapFluff
5
- ####################################################################
6
- # Module constants
7
- ####################################################################
8
- CONFIG = "/etc/ldap_fluff.yml"
9
- ####################################################################
10
- # Module class definitions
11
- ####################################################################
12
4
  class Config
13
- include Singleton
14
- attr_accessor :host,
15
- :port,
16
- :encryption,
17
- :base_dn,
18
- :group_base,
19
- :server_type,
20
- :ad_domain,
21
- :service_user,
22
- :service_pass,
23
- :anon_queries
5
+ ATTRIBUTES = [:host, :port, :encryption, :base_dn, :group_base, :server_type, :ad_domain, :service_user,
6
+ :service_pass, :anon_queries]
7
+ ATTRIBUTES.each { |attr| attr_reader attr }
24
8
 
25
- def initialize
26
- begin
27
- config = YAML.load_file(LdapFluff::CONFIG)
28
- @host = config["host"]
29
- @port = config["port"]
30
- if config["encryption"].respond_to? :to_sym
31
- @encryption = config["encryption"].to_sym
32
- else
33
- @encryption = nil
34
- end
35
- @base_dn = config["base_dn"]
36
- @group_base = config["group_base"]
37
- @ad_domain = config["ad_domain"]
38
- @service_user = config["service_user"]
39
- @service_pass = config["service_pass"]
40
- @anon_queries = config["anon_queries"]
41
- @server_type = config["server_type"]
42
- rescue Errno::ENOENT
43
- $stderr.puts("The #{LdapFluff::CONFIG} config file you specified was not found")
44
- exit
45
- rescue Errno::EACCES
46
- $stderr.puts("The #{LdapFluff::CONFIG} config file you specified is not readable")
47
- exit
48
- end
9
+ def initialize(options)
10
+ raise ArgumentError unless options.kind_of? Hash
11
+ options = options.inject({}) { |hash, (k, v)| hash.update k.to_s => v }
12
+ ATTRIBUTES.each { |attr| instance_variable_set :"@#{attr}", options[attr.to_s] }
13
+ @encryption = @encryption.to_sym if @encryption
14
+ @server_type = @server_type.to_sym if @server_type
49
15
  end
50
16
  end
51
17
  end
data/lib/ldap_fluff/freeipa.rb CHANGED
@@ -3,18 +3,18 @@ class LdapFluff::FreeIPA
3
3
  attr_accessor :ldap, :member_service
4
4
 
5
5
  def initialize(config={})
6
- @ldap = Net::LDAP.new :host => config.host,
7
- :base => config.base_dn,
8
- :port => config.port,
9
- :encryption => config.encryption
6
+ @ldap = Net::LDAP.new :host => config.host,
7
+ :base => config.base_dn,
8
+ :port => config.port,
9
+ :encryption => config.encryption
10
10
  @group_base = config.group_base
11
11
  @group_base ||= config.base_dn
12
- @base = config.base_dn
13
- @bind_user = config.service_user
14
- @bind_pass = config.service_pass
15
- @anon = config.anon_queries
12
+ @base = config.base_dn
13
+ @bind_user = config.service_user
14
+ @bind_pass = config.service_pass
15
+ @anon = config.anon_queries
16
16
 
17
- @member_service = MemberService.new(@ldap,@group_base)
17
+ @member_service = MemberService.new(@ldap, @group_base)
18
18
  end
19
19
 
20
20
  def bind?(uid=nil, password=nil)
data/lib/ldap_fluff/freeipa_member_service.rb CHANGED
@@ -5,8 +5,8 @@ class LdapFluff::FreeIPA::MemberService
5
5
 
6
6
  attr_accessor :ldap
7
7
 
8
- def initialize(ldap,group_base)
9
- @ldap = ldap
8
+ def initialize(ldap, group_base)
9
+ @ldap = ldap
10
10
  @group_base = group_base
11
11
  end
12
12
 
@@ -33,11 +33,11 @@ class LdapFluff::FreeIPA::MemberService
33
33
  end
34
34
 
35
35
  def name_filter(uid)
36
- Net::LDAP::Filter.eq("uid",uid)
36
+ Net::LDAP::Filter.eq("uid", uid)
37
37
  end
38
38
 
39
39
  def group_filter(gid)
40
- Net::LDAP::Filter.eq("cn",gid)
40
+ Net::LDAP::Filter.eq("cn", gid)
41
41
  end
42
42
 
43
43
  def _group_names_from_cn(grouplist)
data/lib/ldap_fluff/ldap_fluff.rb CHANGED
@@ -2,23 +2,22 @@ require 'rubygems'
2
2
  require 'net/ldap'
3
3
 
4
4
  class LdapFluff
5
- class ConfigError < StandardError; end
5
+ class ConfigError < StandardError
6
+ end
6
7
 
7
8
  attr_accessor :ldap
8
9
 
9
- def initialize(config=nil)
10
- config ||= LdapFluff::Config.instance
11
- type = config.server_type
12
- if type.respond_to? :to_sym
13
- if type.to_sym == :posix
14
- @ldap = Posix.new(config)
15
- elsif type.to_sym == :active_directory
16
- @ldap = ActiveDirectory.new(config)
17
- elsif type.to_sym == :free_ipa
18
- @ldap = FreeIPA.new(config)
19
- else
20
- raise ConfigError, "Unsupported connection type. Supported types = :active_directory, :posix, :free_ipa"
21
- end
10
+ def initialize(config = {})
11
+ config = LdapFluff::Config.new(config)
12
+ case config.server_type
13
+ when :posix
14
+ @ldap = Posix.new(config)
15
+ when :active_directory
16
+ @ldap = ActiveDirectory.new(config)
17
+ when :free_ipa
18
+ @ldap = FreeIPA.new(config)
19
+ else
20
+ raise ConfigError, "Unsupported connection type #{config.server_type.inspect}. Supported types = :active_directory, :posix, :free_ipa"
22
21
  end
23
22
  end
24
23
 
data/lib/ldap_fluff/posix.rb CHANGED
@@ -3,14 +3,13 @@ class LdapFluff::Posix
3
3
  attr_accessor :ldap, :member_service
4
4
 
5
5
  def initialize(config={})
6
- @ldap = Net::LDAP.new :host => config.host,
7
- :base => config.base_dn,
8
- :port => config.port,
9
- :encryption => config.encryption
10
- @group_base = config.group_base
11
- @group_base ||= config.base
12
- @base = config.base_dn
13
- @member_service = MemberService.new(@ldap,@group_base)
6
+ @ldap = Net::LDAP.new :host => config.host,
7
+ :base => config.base_dn,
8
+ :port => config.port,
9
+ :encryption => config.encryption
10
+ @group_base = config.group_base || config.base
11
+ @base = config.base_dn
12
+ @member_service = MemberService.new(@ldap, @group_base)
14
13
  end
15
14
 
16
15
  def bind?(uid=nil, password=nil)
data/lib/ldap_fluff/posix_member_service.rb CHANGED
@@ -5,8 +5,8 @@ class LdapFluff::Posix::MemberService
5
5
 
6
6
  attr_accessor :ldap
7
7
 
8
- def initialize(ldap,group_base)
9
- @ldap = ldap
8
+ def initialize(ldap, group_base)
9
+ @ldap = ldap
10
10
  @group_base = group_base
11
11
  end
12
12
 
@@ -38,13 +38,13 @@ class LdapFluff::Posix::MemberService
38
38
  gids.each do |cn|
39
39
  filters << group_filter(cn)
40
40
  end
41
- group_filters = merge_filters(filters,all)
42
- filter = name_filter(uid) & group_filters
41
+ group_filters = merge_filters(filters, all)
42
+ filter = name_filter(uid) & group_filters
43
43
  @ldap.search(:base => @group_base, :filter => filter).size
44
44
  end
45
45
 
46
46
  def name_filter(uid)
47
- Net::LDAP::Filter.eq("memberUid",uid)
47
+ Net::LDAP::Filter.eq("memberUid", uid)
48
48
  end
49
49
 
50
50
  def group_filter(cn)
data/test/ad_member_services_test.rb CHANGED
@@ -5,8 +5,8 @@ class TestADMemberService < MiniTest::Unit::TestCase
5
5
 
6
6
  def setup
7
7
  config
8
- @ldap = MiniTest::Mock.new
9
- @adms = LdapFluff::ActiveDirectory::MemberService.new(@ldap,@config.group_base)
8
+ @ldap = MiniTest::Mock.new
9
+ @adms = LdapFluff::ActiveDirectory::MemberService.new(@ldap, @config.group_base)
10
10
  @gfilter = group_filter('group') & group_class_filter
11
11
  end
12
12
 
@@ -26,7 +26,7 @@ class TestADMemberService < MiniTest::Unit::TestCase
26
26
  @ldap.expect(:search, ad_parent_payload(i+1), [:filter => gfilter_bros, :base => @config.group_base])
27
27
  end
28
28
  # terminate or we loop FOREVER
29
- @ldap.expect(:search,[], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
29
+ @ldap.expect(:search, [], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
30
30
  end
31
31
 
32
32
  def double_nested(n)
@@ -36,10 +36,10 @@ class TestADMemberService < MiniTest::Unit::TestCase
36
36
  @ldap.expect(:search, ad_double_payload(i+1), [:filter => gfilter_bros, :base => @config.group_base])
37
37
  end
38
38
  # terminate or we loop FOREVER
39
- @ldap.expect(:search,[], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
39
+ @ldap.expect(:search, [], [:filter => group_filter("bros#{n}") & group_class_filter, :base => @config.group_base])
40
40
  (n-1).downto(1) do |i|
41
41
  gfilter_bros = group_filter("broskies#{i+1}") & group_class_filter
42
- @ldap.expect(:search,[], [:filter => gfilter_bros, :base => @config.group_base])
42
+ @ldap.expect(:search, [], [:filter => gfilter_bros, :base => @config.group_base])
43
43
  end
44
44
  end
45
45
 
data/test/ad_test.rb CHANGED
@@ -5,13 +5,13 @@ class TestAD < MiniTest::Unit::TestCase
5
5
 
6
6
  def setup
7
7
  config
8
- @ad = LdapFluff::ActiveDirectory.new(@config)
8
+ @ad = LdapFluff::ActiveDirectory.new(@config)
9
9
  @ldap = MiniTest::Mock.new
10
10
  end
11
11
 
12
12
  # default setup for service bind users
13
13
  def service_bind
14
- @ldap.expect(:auth, nil, ["service@internet.com","pass"])
14
+ @ldap.expect(:auth, nil, ["service@internet.com", "pass"])
15
15
  @ldap.expect(:bind, true)
16
16
  @ad.ldap = @ldap
17
17
  end
@@ -24,12 +24,12 @@ class TestAD < MiniTest::Unit::TestCase
24
24
 
25
25
  def bigtime_user
26
26
  @md = MiniTest::Mock.new
27
- @md.expect(:find_user_groups, ['bros','broskies'], ["john"])
27
+ @md.expect(:find_user_groups, ['bros', 'broskies'], ["john"])
28
28
  @ad.member_service = @md
29
29
  end
30
30
 
31
31
  def test_good_bind
32
- @ldap.expect(:auth, nil, ["internet@internet.com","password"])
32
+ @ldap.expect(:auth, nil, ["internet@internet.com", "password"])
33
33
  @ldap.expect(:bind, true)
34
34
  @ad.ldap = @ldap
35
35
  assert_equal @ad.bind?("internet", "password"), true
@@ -37,7 +37,7 @@ class TestAD < MiniTest::Unit::TestCase
37
37
  end
38
38
 
39
39
  def test_bad_bind
40
- @ldap.expect(:auth, nil, ["internet@internet.com","password"])
40
+ @ldap.expect(:auth, nil, ["internet@internet.com", "password"])
41
41
  @ldap.expect(:bind, false)
42
42
  @ad.ldap = @ldap
43
43
  assert_equal @ad.bind?("internet", "password"), false
@@ -62,7 +62,7 @@ class TestAD < MiniTest::Unit::TestCase
62
62
  end
63
63
 
64
64
  def test_bad_service_user
65
- @ldap.expect(:auth, nil, ["service@internet.com","pass"])
65
+ @ldap.expect(:auth, nil, ["service@internet.com", "pass"])
66
66
  @ldap.expect(:bind, false)
67
67
  @ad.ldap = @ldap
68
68
  assert_raises(LdapFluff::ActiveDirectory::UnauthenticatedActiveDirectoryException) { @ad.groups_for_uid('john') }
@@ -71,31 +71,31 @@ class TestAD < MiniTest::Unit::TestCase
71
71
  def test_is_in_groups
72
72
  service_bind
73
73
  basic_user
74
- assert_equal @ad.is_in_groups("john",["bros"],false), true
74
+ assert_equal @ad.is_in_groups("john", ["bros"], false), true
75
75
  end
76
76
 
77
77
  def test_is_some_groups
78
78
  service_bind
79
79
  basic_user
80
- assert_equal @ad.is_in_groups("john",["bros","buds"],false), true
80
+ assert_equal @ad.is_in_groups("john", ["bros", "buds"], false), true
81
81
  end
82
82
 
83
83
  def test_isnt_in_all_groups
84
84
  service_bind
85
85
  basic_user
86
- assert_equal @ad.is_in_groups("john",["bros","buds"],true), false
86
+ assert_equal @ad.is_in_groups("john", ["bros", "buds"], true), false
87
87
  end
88
88
 
89
89
  def test_isnt_in_groups
90
90
  service_bind
91
91
  basic_user
92
- assert_equal @ad.is_in_groups("john", ["broskies"],false), false
92
+ assert_equal @ad.is_in_groups("john", ["broskies"], false), false
93
93
  end
94
94
 
95
95
  def test_group_subset
96
96
  service_bind
97
97
  bigtime_user
98
- assert_equal @ad.is_in_groups("john", ["broskies"],true), true
98
+ assert_equal @ad.is_in_groups("john", ["broskies"], true), true
99
99
  end
100
100
 
101
101
  def test_user_exists
data/test/config_test.rb CHANGED
@@ -3,31 +3,23 @@ require_relative './lib/ldap_test_helper'
3
3
  class ConfigTest < MiniTest::Unit::TestCase
4
4
  include LdapTestHelper
5
5
 
6
- def setup
7
- config
8
- end
9
-
10
6
  def test_unsupported_type
11
- @config.server_type = "inactive_directory"
12
- assert_raises(LdapFluff::ConfigError) { LdapFluff.new(@config) }
7
+ assert_raises(LdapFluff::ConfigError) { LdapFluff.new(config_hash.update :server_type => 'inactive_directory') }
13
8
  end
14
9
 
15
10
  def test_load_posix
16
- @config.server_type = "posix"
17
- l = LdapFluff.new(@config)
18
- assert_instance_of LdapFluff::Posix, l.ldap
11
+ ldap = LdapFluff.new(config_hash.update :server_type => 'posix')
12
+ assert_instance_of LdapFluff::Posix, ldap.ldap
19
13
  end
20
14
 
21
15
  def test_load_ad
22
- @config.server_type = "active_directory"
23
- l = LdapFluff.new(@config)
24
- assert_instance_of LdapFluff::ActiveDirectory, l.ldap
16
+ ldap = LdapFluff.new(config_hash.update :server_type => 'active_directory')
17
+ assert_instance_of LdapFluff::ActiveDirectory, ldap.ldap
25
18
  end
26
19
 
27
- def test_load_ad
28
- @config.server_type = "free_ipa"
29
- l = LdapFluff.new(@config)
30
- assert_instance_of LdapFluff::FreeIPA, l.ldap
20
+ def test_load_free_ipa
21
+ ldap = LdapFluff.new(config_hash.update :server_type => 'free_ipa')
22
+ assert_instance_of LdapFluff::FreeIPA, ldap.ldap
31
23
  end
32
24
 
33
25
  end
data/test/ipa_member_services_test.rb CHANGED
@@ -5,8 +5,8 @@ class TestIPAMemberService < MiniTest::Unit::TestCase
5
5
 
6
6
  def setup
7
7
  config
8
- @ldap = MiniTest::Mock.new
9
- @ipams = LdapFluff::FreeIPA::MemberService.new(@ldap,@config.group_base)
8
+ @ldap = MiniTest::Mock.new
9
+ @ipams = LdapFluff::FreeIPA::MemberService.new(@ldap, @config.group_base)
10
10
  end
11
11
 
12
12
  def basic_user
@@ -32,7 +32,7 @@ class TestIPAMemberService < MiniTest::Unit::TestCase
32
32
  end
33
33
 
34
34
  def test_no_groups
35
- @ldap.expect(:search, ['',{:memberof=>[]}], [:filter => ipa_name_filter("john")])
35
+ @ldap.expect(:search, ['', { :memberof => [] }], [:filter => ipa_name_filter("john")])
36
36
  @ipams.ldap = @ldap
37
37
  assert_equal [], @ipams.find_user_groups('john')
38
38
  @ldap.verify
data/test/ipa_test.rb CHANGED
@@ -5,13 +5,13 @@ class TestIPA < MiniTest::Unit::TestCase
5
5
 
6
6
  def setup
7
7
  config
8
- @ipa = LdapFluff::FreeIPA.new(@config)
8
+ @ipa = LdapFluff::FreeIPA.new(@config)
9
9
  @ldap = MiniTest::Mock.new
10
10
  end
11
11
 
12
12
  # default setup for service bind users
13
13
  def service_bind
14
- @ldap.expect(:auth, nil, [ipa_user_bind('service'),"pass"])
14
+ @ldap.expect(:auth, nil, [ipa_user_bind('service'), "pass"])
15
15
  @ldap.expect(:bind, true)
16
16
  @ipa.ldap = @ldap
17
17
  end
@@ -24,12 +24,12 @@ class TestIPA < MiniTest::Unit::TestCase
24
24
 
25
25
  def bigtime_user
26
26
  @md = MiniTest::Mock.new
27
- @md.expect(:find_user_groups, ['bros','broskies'], ["john"])
27
+ @md.expect(:find_user_groups, ['bros', 'broskies'], ["john"])
28
28
  @ipa.member_service = @md
29
29
  end
30
30
 
31
31
  def test_good_bind
32
- @ldap.expect(:auth, nil, [ipa_user_bind('internet'),"password"])
32
+ @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
33
33
  @ldap.expect(:bind, true)
34
34
  @ipa.ldap = @ldap
35
35
  assert_equal @ipa.bind?("internet", "password"), true
@@ -37,7 +37,7 @@ class TestIPA < MiniTest::Unit::TestCase
37
37
  end
38
38
 
39
39
  def test_bad_bind
40
- @ldap.expect(:auth, nil, [ipa_user_bind('internet'),"password"])
40
+ @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
41
41
  @ldap.expect(:bind, false)
42
42
  @ipa.ldap = @ldap
43
43
  assert_equal @ipa.bind?("internet", "password"), false
@@ -62,7 +62,7 @@ class TestIPA < MiniTest::Unit::TestCase
62
62
  end
63
63
 
64
64
  def test_bad_service_user
65
- @ldap.expect(:auth, nil, [ipa_user_bind('service'),"pass"])
65
+ @ldap.expect(:auth, nil, [ipa_user_bind('service'), "pass"])
66
66
  @ldap.expect(:bind, false)
67
67
  @ipa.ldap = @ldap
68
68
  assert_raises(LdapFluff::FreeIPA::UnauthenticatedFreeIPAException) { @ipa.groups_for_uid('john') }
@@ -71,31 +71,31 @@ class TestIPA < MiniTest::Unit::TestCase
71
71
  def test_is_in_groups
72
72
  service_bind
73
73
  basic_user
74
- assert_equal @ipa.is_in_groups("john",["bros"],false), true
74
+ assert_equal @ipa.is_in_groups("john", ["bros"], false), true
75
75
  end
76
76
 
77
77
  def test_is_some_groups
78
78
  service_bind
79
79
  basic_user
80
- assert_equal @ipa.is_in_groups("john",["bros","buds"],false), true
80
+ assert_equal @ipa.is_in_groups("john", ["bros", "buds"], false), true
81
81
  end
82
82
 
83
83
  def test_isnt_in_all_groups
84
84
  service_bind
85
85
  basic_user
86
- assert_equal @ipa.is_in_groups("john",["bros","buds"],true), false
86
+ assert_equal @ipa.is_in_groups("john", ["bros", "buds"], true), false
87
87
  end
88
88
 
89
89
  def test_isnt_in_groups
90
90
  service_bind
91
91
  basic_user
92
- assert_equal @ipa.is_in_groups("john", ["broskies"],false), false
92
+ assert_equal @ipa.is_in_groups("john", ["broskies"], false), false
93
93
  end
94
94
 
95
95
  def test_group_subset
96
96
  service_bind
97
97
  bigtime_user
98
- assert_equal @ipa.is_in_groups('john',["broskies"],true), true
98
+ assert_equal @ipa.is_in_groups('john', ["broskies"], true), true
99
99
  end
100
100
 
101
101
  def test_user_exists
data/test/ldap_test.rb CHANGED
@@ -5,14 +5,14 @@ class TestLDAP < MiniTest::Unit::TestCase
5
5
 
6
6
  def setup
7
7
  config
8
- @ldap = MiniTest::Mock.new
9
- @fluff = LdapFluff.new(@config)
8
+ @ldap = MiniTest::Mock.new
9
+ @fluff = LdapFluff.new(config_hash)
10
10
  end
11
11
 
12
12
  def test_bind
13
- @ldap.expect(:bind?, true, ['john','password'])
13
+ @ldap.expect(:bind?, true, ['john', 'password'])
14
14
  @fluff.ldap = @ldap
15
- assert_equal @fluff.authenticate?("john","password"), true
15
+ assert_equal @fluff.authenticate?("john", "password"), true
16
16
  @ldap.verify
17
17
  end
18
18
 
@@ -24,9 +24,9 @@ class TestLDAP < MiniTest::Unit::TestCase
24
24
  end
25
25
 
26
26
  def test_group_membership
27
- @ldap.expect(:is_in_groups, false, ['john',['broskies','girlfriends'],true])
27
+ @ldap.expect(:is_in_groups, false, ['john', ['broskies', 'girlfriends'], true])
28
28
  @fluff.ldap = @ldap
29
- assert_equal @fluff.is_in_groups?('john',['broskies','girlfriends']), false
29
+ assert_equal @fluff.is_in_groups?('john', ['broskies', 'girlfriends']), false
30
30
  @ldap.verify
31
31
  end
32
32
 
data/test/lib/ldap_test_helper.rb CHANGED
@@ -6,33 +6,37 @@ require 'minitest/autorun'
6
6
  module LdapTestHelper
7
7
  attr_accessor :group_base, :class_filter, :user
8
8
 
9
+ def config_hash
10
+ { :host => "internet.com",
11
+ :port => "387",
12
+ :encryption => :start_tls,
13
+ :base_dn => "dc=internet,dc=com",
14
+ :group_base => "ou=group,dc=internet,dc=com",
15
+ :service_user => "service",
16
+ :service_pass => "pass",
17
+ :ad_domain => "internet.com",
18
+ :server_type => :free_ipa
19
+ }
20
+ end
21
+
9
22
  def config
10
- @config = OpenStruct.new(
11
- :host => "internet.com",
12
- :port => "387",
13
- :encryption => :start_tls,
14
- :base_dn => "dc=internet,dc=com",
15
- :group_base => "ou=group,dc=internet,dc=com",
16
- :service_user => "service",
17
- :service_pass => "pass",
18
- :ad_domain => "internet.com"
19
- )
23
+ @config ||= OpenStruct.new config_hash
20
24
  end
21
25
 
22
26
  def ad_name_filter(name)
23
- Net::LDAP::Filter.eq("samaccountname",name)
27
+ Net::LDAP::Filter.eq("samaccountname", name)
24
28
  end
25
29
 
26
30
  def ad_group_filter(name)
27
- Net::LDAP::Filter.eq("cn",name)
31
+ Net::LDAP::Filter.eq("cn", name)
28
32
  end
29
33
 
30
34
  def ipa_name_filter(name)
31
- Net::LDAP::Filter.eq("uid",name)
35
+ Net::LDAP::Filter.eq("uid", name)
32
36
  end
33
37
 
34
38
  def ipa_group_filter(name)
35
- Net::LDAP::Filter.eq("cn",name)
39
+ Net::LDAP::Filter.eq("cn", name)
36
40
  end
37
41
 
38
42
  def group_filter(g)
@@ -40,7 +44,7 @@ module LdapTestHelper
40
44
  end
41
45
 
42
46
  def group_class_filter
43
- Net::LDAP::Filter.eq("objectclass","group")
47
+ Net::LDAP::Filter.eq("objectclass", "group")
44
48
  end
45
49
 
46
50
  def ipa_user_bind(uid)
@@ -52,7 +56,7 @@ module LdapTestHelper
52
56
  end
53
57
 
54
58
  def ad_group_payload
55
- [{:cn => "broze", :memberof => ["CN=group,dc=internet,dc=com"] }]
59
+ [{ :cn => "broze", :memberof => ["CN=group,dc=internet,dc=com"] }]
56
60
  end
57
61
 
58
62
  def ad_parent_payload(num)
@@ -64,18 +68,18 @@ module LdapTestHelper
64
68
  end
65
69
 
66
70
  def posix_user_payload
67
- [{:cn => ["bros"]}]
71
+ [{ :cn => ["bros"] }]
68
72
  end
69
73
 
70
74
  def posix_group_payload
71
- [{:cn => ["broze"]}]
75
+ [{ :cn => ["broze"] }]
72
76
  end
73
77
 
74
78
  def ipa_user_payload
75
- [{:cn => 'john'},{:memberof => ['cn=group,dc=internet,dc=com','cn=bros,dc=internet,dc=com']}]
79
+ [{ :cn => 'john' }, { :memberof => ['cn=group,dc=internet,dc=com', 'cn=bros,dc=internet,dc=com'] }]
76
80
  end
77
81
 
78
82
  def ipa_group_payload
79
- [{:cn => 'group'},{:memberof => ['cn=group,dc=internet,dc=com','cn=bros,dc=internet,dc=com']}]
83
+ [{ :cn => 'group' }, { :memberof => ['cn=group,dc=internet,dc=com', 'cn=bros,dc=internet,dc=com'] }]
80
84
  end
81
85
  end
data/test/posix_member_services_test.rb CHANGED
@@ -6,18 +6,13 @@ class TestPosixMemberService < MiniTest::Unit::TestCase
6
6
  def setup
7
7
  config
8
8
  @ldap = MiniTest::Mock.new
9
- @ms = LdapFluff::Posix::MemberService.new(@ldap, @config.group_base)
9
+ @ms = LdapFluff::Posix::MemberService.new(@ldap, @config.group_base)
10
10
  end
11
11
 
12
12
  def test_find_user
13
13
  user = posix_user_payload
14
- @ldap.expect(:search,
15
- user,
16
- [
17
- :filter => @ms.name_filter('john'),
18
- :base =>config.group_base
19
- ]
20
- )
14
+ @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
15
+ :base => config.group_base])
21
16
  @ms.ldap = @ldap
22
17
  assert_equal ['bros'], @ms.find_user_groups('john')
23
18
  @ldap.verify
@@ -25,26 +20,16 @@ class TestPosixMemberService < MiniTest::Unit::TestCase
25
20
 
26
21
  def test_user_exists
27
22
  user = posix_user_payload
28
- @ldap.expect(:search,
29
- user,
30
- [
31
- :filter => @ms.name_filter('john'),
32
- :base =>config.group_base
33
- ]
34
- )
23
+ @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
24
+ :base => config.group_base])
35
25
  @ms.ldap = @ldap
36
26
  assert @ms.find_user('john')
37
27
  @ldap.verify
38
28
  end
39
29
 
40
30
  def test_user_doesnt_exists
41
- @ldap.expect(:search,
42
- nil,
43
- [
44
- :filter => @ms.name_filter('john'),
45
- :base =>config.group_base
46
- ]
47
- )
31
+ @ldap.expect(:search, nil, [:filter => @ms.name_filter('john'),
32
+ :base => config.group_base])
48
33
  @ms.ldap = @ldap
49
34
  assert_raises(LdapFluff::Posix::MemberService::UIDNotFoundException) { @ms.find_user('john') }
50
35
  @ldap.verify
@@ -52,26 +37,16 @@ class TestPosixMemberService < MiniTest::Unit::TestCase
52
37
 
53
38
  def test_group_exists
54
39
  group = posix_group_payload
55
- @ldap.expect(:search,
56
- group,
57
- [
58
- :filter => @ms.group_filter('broze'),
59
- :base =>config.group_base
60
- ]
61
- )
40
+ @ldap.expect(:search, group, [:filter => @ms.group_filter('broze'),
41
+ :base => config.group_base])
62
42
  @ms.ldap = @ldap
63
43
  assert @ms.find_group('broze')
64
44
  @ldap.verify
65
45
  end
66
46
 
67
47
  def test_group_doesnt_exists
68
- @ldap.expect(:search,
69
- nil,
70
- [
71
- :filter => @ms.group_filter('broze'),
72
- :base =>config.group_base
73
- ]
74
- )
48
+ @ldap.expect(:search, nil, [:filter => @ms.group_filter('broze'),
49
+ :base => config.group_base])
75
50
  @ms.ldap = @ldap
76
51
  assert_raises(LdapFluff::Posix::MemberService::GIDNotFoundException) { @ms.find_group('broze') }
77
52
  @ldap.verify
data/test/posix_test.rb CHANGED
@@ -6,7 +6,7 @@ class TestPosix < MiniTest::Unit::TestCase
6
6
  def setup
7
7
  config
8
8
  @posix = LdapFluff::Posix.new(@config)
9
- @ldap = MiniTest::Mock.new
9
+ @ldap = MiniTest::Mock.new
10
10
  end
11
11
 
12
12
  def basic_user
@@ -49,14 +49,14 @@ class TestPosix < MiniTest::Unit::TestCase
49
49
  end
50
50
 
51
51
  def test_good_bind
52
- @ldap.expect(:auth, nil, ["uid=internet,dc=internet,dc=com","password"])
52
+ @ldap.expect(:auth, nil, ["uid=internet,dc=internet,dc=com", "password"])
53
53
  @ldap.expect(:bind, true)
54
54
  @posix.ldap = @ldap
55
55
  assert_equal @posix.bind?("internet", "password"), true
56
56
  end
57
57
 
58
58
  def test_bad_bind
59
- @ldap.expect(:auth, nil, ["uid=internet,dc=internet,dc=com","password"])
59
+ @ldap.expect(:auth, nil, ["uid=internet,dc=internet,dc=com", "password"])
60
60
  @ldap.expect(:bind, false)
61
61
  @posix.ldap = @ldap
62
62
  assert_equal @posix.bind?("internet", "password"), false
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldap_fluff
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.2.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-11 00:00:00.000000000 Z
12
+ date: 2013-05-30 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: net-ldap
@@ -18,9 +18,25 @@ dependencies:
18
18
  requirements:
19
19
  - - ! '>='
20
20
  - !ruby/object:Gem::Version
21
- version: '0'
21
+ version: 0.3.1
22
22
  type: :runtime
23
23
  prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ! '>='
28
+ - !ruby/object:Gem::Version
29
+ version: 0.3.1
30
+ - !ruby/object:Gem::Dependency
31
+ name: rake
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ type: :development
39
+ prerelease: false
24
40
  version_requirements: !ruby/object:Gem::Requirement
25
41
  none: false
26
42
  requirements:
@@ -43,35 +59,31 @@ dependencies:
43
59
  - - ! '>='
44
60
  - !ruby/object:Gem::Version
45
61
  version: '0'
46
- description: ! 'Simple library for binding & group querying on top of various ldap
47
- implementations
48
-
49
- '
62
+ description: Simple library for binding & group querying on top of various ldap implementations
50
63
  email: jomara@redhat.com
51
64
  executables: []
52
65
  extensions: []
53
66
  extra_rdoc_files: []
54
67
  files:
55
- - etc/ldap_fluff.yml
56
68
  - lib/ldap_fluff.rb
57
- - lib/ldap_fluff/active_directory.rb
58
- - lib/ldap_fluff/ad_member_service.rb
59
- - lib/ldap_fluff/config.rb
60
69
  - lib/ldap_fluff/freeipa.rb
61
70
  - lib/ldap_fluff/freeipa_member_service.rb
62
71
  - lib/ldap_fluff/ldap_fluff.rb
63
- - lib/ldap_fluff/posix.rb
72
+ - lib/ldap_fluff/active_directory.rb
64
73
  - lib/ldap_fluff/posix_member_service.rb
74
+ - lib/ldap_fluff/config.rb
75
+ - lib/ldap_fluff/posix.rb
76
+ - lib/ldap_fluff/ad_member_service.rb
65
77
  - test/ad_member_services_test.rb
66
- - test/ad_test.rb
67
78
  - test/config_test.rb
68
- - test/ipa_member_services_test.rb
69
- - test/ipa_test.rb
70
79
  - test/ldap_test.rb
71
- - test/lib/ldap_test_helper.rb
72
80
  - test/posix_member_services_test.rb
81
+ - test/ad_test.rb
82
+ - test/ipa_test.rb
83
+ - test/ipa_member_services_test.rb
84
+ - test/lib/ldap_test_helper.rb
73
85
  - test/posix_test.rb
74
- homepage: http://www.redhat.com
86
+ homepage: https://github.com/Katello/ldap_fluff
75
87
  licenses: []
76
88
  post_install_message:
77
89
  rdoc_options: []
@@ -91,8 +103,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
91
103
  version: '0'
92
104
  requirements: []
93
105
  rubyforge_project:
94
- rubygems_version: 1.8.25
106
+ rubygems_version: 1.8.23
95
107
  signing_key:
96
108
  specification_version: 3
97
109
  summary: LDAP Querying tools for Active Directory, FreeIPA and Posix-style
98
- test_files: []
110
+ test_files:
111
+ - test/ad_member_services_test.rb
112
+ - test/config_test.rb
113
+ - test/ldap_test.rb
114
+ - test/posix_member_services_test.rb
115
+ - test/ad_test.rb
116
+ - test/ipa_test.rb
117
+ - test/ipa_member_services_test.rb
118
+ - test/lib/ldap_test_helper.rb
119
+ - test/posix_test.rb
120
+ has_rdoc: true
data/etc/ldap_fluff.yml DELETED
@@ -1,11 +0,0 @@
1
- ---
2
- host: ## ip address or hostname
3
- port: ## ip address or hostname
4
- encryption: ## blank or :start_tls
5
- base_dn: ## baseDN for ldap auth, eg dc=redhat,dc=com
6
- group_base: ##baseDN for your ldap groups, eg ou=Groups,dc=redhat,dc=com
7
- server_type: ## type of server. default == posix. :active_directory, :posix, :free_ipa
8
- ad_domain: ## domain for your users if using active directory, eg redhat.com
9
- service_user: ## service account for authenticating ldap calls in active directory or ipa
10
- service_pass: ## service password for authenticating ldap calls in active directory or ipa
11
- anon_queries: ## allow anonymous queries for AD or FreeIPA