ldap_fluff 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 37c4eced1c338a71de90a9bfd06ad6fcf77f2680
-  data.tar.gz: 073cb1a0c739a9a1fc49ff9d32defbd202956504
+  metadata.gz: e2c324b59a41c9c84c20302097ac61466fe94db5
+  data.tar.gz: a38ca5f778bbd5ca11fd008bd022d119afdb5c7c
 SHA512:
-  metadata.gz: 3169fd42b66606a9f94761fbec81689d60891d1b6eb7e70a1225fe1305b79342da68422d5a910d838ce8317ece64ecd17787f1617f6d1c602ca64d4597318eb2
-  data.tar.gz: cae46d73863511bf0f69b99f0bc839728e89b500cfa6338a6de3fedf5c3fc902d1678f42f2eff378df50dd19de11fc15c9fa43b7d8de47afb82034ffd8525b66
+  metadata.gz: cf3d45867bf6feffabb0843d723ad45cfd2f3eef2068d2b9fee100b5bb25e10d1f12c71f9f5c12953235d654a4a432c564c92d0673e3235b3a27071e528d44b1
+  data.tar.gz: 8678e45d973ef170e4cdeb6d104fe1c9092c9af9449c477eb694f5b496e79dac974cbd128e02c672fd942018a43404b1e46e1d15bb219f82cb9505f568d518ca

data/lib/ldap_fluff/active_directory.rb

@@ -1,24 +1,15 @@
 class LdapFluff::ActiveDirectory < LdapFluff::Generic
 
-  def initialize(config = {})
-    @bind_user  = config.service_user
-    @bind_pass  = config.service_pass
-    @anon       = config.anon_queries
-    super
-  end
-
-  def bind?(uid = nil, password = nil)
+  def bind?(uid = nil, password = nil, opts = {})
+    unless uid.include?(',') || uid.include?('\\') || opts[:search] == false
+      service_bind
+      user = @member_service.find_user(uid)
+      uid = user.first.dn if user && user.first
+    end
     @ldap.auth(uid, password)
     @ldap.bind
   end
 
-  # returns the list of groups to which a user belongs
-  # this query is simpler in active directory
-  def groups_for_uid(uid)
-    service_bind
-    super
-  end
-
   # active directory stores group membership on a users model
   # TODO: query by group individually not like this
   def is_in_groups(uid, gids = [], all = false)
@@ -33,31 +24,19 @@ class LdapFluff::ActiveDirectory < LdapFluff::Generic
     end
   end
 
-  def user_exists?(uid)
-    service_bind
-    super
-  end
-
-  def group_exists?(gid)
-    service_bind
-    super
-  end
-
   private
 
   def users_from_search_results(search, method)
     users = []
 
     search.send(method).each do |member|
-      cn    = member.downcase.split(',')[0].split('=')[1]
-      entry = @member_service.find_user(cn).first
-
+      entry = @member_service.find_by_dn(member).first
       objectclasses = entry.objectclass.map(&:downcase)
 
       if (%w(organizationalperson person) & objectclasses).present?
-        users << @member_service.get_logins([member])
+        users << @member_service.get_login_from_entry(entry)
       elsif (%w(organizationalunit group) & objectclasses).present?
-        users << users_for_gid(cn)
+        users << users_for_gid(entry.cn.first)
       end
     end
 

data/lib/ldap_fluff/config.rb

@@ -49,7 +49,7 @@ class LdapFluff::Config
     end
 
     %w[service_user service_pass].all? do |key|
-      if !config['anon_queries'] && config['server_type'] != :posix && config[key].nil?
+      if !config['anon_queries'] && config[key].nil?
         raise ConfigError, "config key #{key} has to be set, it was nil"
       end
     end

data/lib/ldap_fluff/freeipa.rb

@@ -1,22 +1,20 @@
 class LdapFluff::FreeIPA < LdapFluff::Generic
 
-  def initialize(config = {})
-    @base       = config.base_dn
-    @bind_user  = config.service_user
-    @bind_pass  = config.service_pass
-    @anon       = config.anon_queries
-    super
-  end
-
-  def bind?(uid = nil, password = nil)
-    @ldap.auth("uid=#{uid},cn=users,cn=accounts,#{@base}", password)
+  def bind?(uid = nil, password = nil, opts = {})
+    unless uid.include?(',')
+      unless opts[:search] == false
+        service_bind
+        user = @member_service.find_user(uid)
+      end
+      uid = user && user.first ? user.first.dn : "uid=#{uid},cn=users,cn=accounts,#{@base}"
+    end
+    @ldap.auth(uid, password)
     @ldap.bind
   end
 
   def groups_for_uid(uid)
     begin
-    service_bind
-    super
+      super
     rescue MemberService::InsufficientQueryPrivilegesException
       raise UnauthenticatedException, "Insufficient Privileges to query groups data"
     end
@@ -39,16 +37,6 @@ class LdapFluff::FreeIPA < LdapFluff::Generic
     end
   end
 
-  def user_exists?(uid)
-    service_bind
-    super
-  end
-
-  def group_exists?(gid)
-    service_bind
-    super
-  end
-
   private
 
   def users_from_search_results(search, method)

data/lib/ldap_fluff/generic.rb

@@ -6,12 +6,17 @@ class LdapFluff::Generic
                           :base       => config.base_dn,
                           :port       => config.port,
                           :encryption => config.encryption)
+    @bind_user  = config.service_user
+    @bind_pass  = config.service_pass
+    @anon       = config.anon_queries
     @attr_login = config.attr_login
+    @base       = config.base_dn
     @group_base = (config.group_base.empty? ? config.base_dn : config.group_base)
     @member_service = self.class::MemberService.new(@ldap, config)
   end
 
   def user_exists?(uid)
+    service_bind
     @member_service.find_user(uid)
     true
   rescue self.class::MemberService::UIDNotFoundException
@@ -19,6 +24,7 @@ class LdapFluff::Generic
   end
 
   def group_exists?(gid)
+    service_bind
     @member_service.find_group(gid)
     true
   rescue self.class::MemberService::GIDNotFoundException
@@ -26,6 +32,7 @@ class LdapFluff::Generic
   end
 
   def groups_for_uid(uid)
+    service_bind
     @member_service.find_user_groups(uid)
   rescue self.class::MemberService::UIDNotFoundException
     return []
@@ -35,8 +42,8 @@ class LdapFluff::Generic
     return [] unless group_exists?(gid)
     search = @member_service.find_group(gid).last
 
-    method = [:member, :ismemberof,
-              :memberof, :memberuid].find { |m| search.respond_to? m } or
+    method = [:member, :ismemberof, :memberof,
+              :memberuid, :uniquemember].find { |m| search.respond_to? m } or
              raise 'Group does not have any members'
 
     users_from_search_results(search, method)
@@ -48,7 +55,7 @@ class LdapFluff::Generic
   end
 
   def service_bind
-    unless @anon || bind?(@bind_user, @bind_pass)
+    unless @anon || bind?(@bind_user, @bind_pass, :search => false)
       raise UnauthenticatedException,
             "Could not bind to #{class_name} user #{@bind_user}"
     end

data/lib/ldap_fluff/generic_member_service.rb

@@ -6,6 +6,7 @@ class LdapFluff::GenericMemberService
 
   def initialize(ldap, config)
     @ldap       = ldap
+    @base       = config.base_dn
     @group_base = (config.group_base.empty? ? config.base_dn : config.group_base)
     begin
       @search_filter = Net::LDAP::Filter.construct(config.search_filter) unless (config.search_filter.nil? || config.search_filter.empty?)
@@ -20,14 +21,22 @@ class LdapFluff::GenericMemberService
     user
   end
 
+  def find_by_dn(dn)
+    entry, base = dn.split(',', 2)
+    entry_attr, entry_value = entry.split('=', 2)
+    user = @ldap.search(:filter => name_filter(entry_value, entry_attr), :base => base)
+    raise self.class::UIDNotFoundException if (user.nil? || user.empty?)
+    user
+  end
+
   def find_group(gid)
     group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
     raise self.class::GIDNotFoundException if (group.nil? || group.empty?)
     group
   end
 
-  def name_filter(uid)
-    filter = Net::LDAP::Filter.eq(@attr_login, uid)
+  def name_filter(uid, attr = @attr_login)
+    filter = Net::LDAP::Filter.eq(attr, uid)
 
     if @search_filter.nil?
       filter
@@ -59,4 +68,11 @@ class LdapFluff::GenericMemberService
     end.compact.flatten
   end
 
+  def get_login_from_entry(entry)
+    [@attr_login, 'uid', 'cn'].each do |attribute|
+      return entry.send(attribute) if entry.respond_to? attribute
+    end
+    nil
+  end
+
 end

data/lib/ldap_fluff/posix.rb

@@ -1,12 +1,13 @@
 class LdapFluff::Posix < LdapFluff::Generic
 
-  def initialize(config = {})
-    @base           = config.base_dn
-    super
-  end
-
-  def bind?(uid = nil, password = nil)
-    @ldap.bind_as(:filter => "(uid=#{uid})", :password => password)
+  def bind?(uid = nil, password = nil, opts = {})
+    unless uid.include?(',') || opts[:search] == false
+      service_bind
+      user = @member_service.find_user(uid)
+      uid = user.first.dn if user && user.first
+    end
+    @ldap.auth(uid, password)
+    @ldap.bind
   end
 
   # returns whether a user is a member of ALL or ANY particular groups
@@ -17,6 +18,7 @@ class LdapFluff::Posix < LdapFluff::Generic
   # returns true if owner is in ALL of the groups if all=true, otherwise
   # returns true if owner is in ANY of the groups
   def is_in_groups(uid, gids = [], all = true)
+    service_bind
     (gids.empty? || @member_service.times_in_groups(uid, gids, all) > 0)
   end
 
@@ -29,7 +31,8 @@ class LdapFluff::Posix < LdapFluff::Generic
 
     groups = @ldap.search(:base   => search.dn,
                           :filter => Net::LDAP::Filter.eq('objectClass','posixGroup') |
-                                     Net::LDAP::Filter.eq('objectClass', 'organizationalunit'))
+                                     Net::LDAP::Filter.eq('objectClass', 'organizationalunit') |
+                                     Net::LDAP::Filter.eq('objectClass', 'groupOfUniqueNames'))
 
     members = groups.map { |group| group.send(method) }.flatten.uniq
 

data/lib/ldap_fluff/posix_member_service.rb

@@ -9,7 +9,7 @@ class LdapFluff::Posix::MemberService < LdapFluff::GenericMemberService
   end
 
   def find_user(uid)
-    user = @ldap.search(:filter => name_filter(uid), :base => @group_base)
+    user = @ldap.search(:filter => name_filter(uid), :base => @base)
     raise UIDNotFoundException if (user.nil? || user.empty?)
     user
   end

data/test/ad_member_services_test.rb

@@ -117,4 +117,31 @@ class TestADMemberService < MiniTest::Test
     end
   end
 
+  def test_find_by_dn
+    @ldap.expect(:search, [:result], [:filter => Net::LDAP::Filter.eq('cn', 'Foo Bar'), :base => 'dc=example,dc=com'])
+    @adms.ldap = @ldap
+    assert_equal([:result], @adms.find_by_dn('cn=Foo Bar,dc=example,dc=com'))
+    @ldap.verify
+  end
+
+  def test_find_by_dn_missing_entry
+    @ldap.expect(:search, nil, [:filter => Net::LDAP::Filter.eq('cn', 'Foo Bar'), :base => 'dc=example,dc=com'])
+    @adms.ldap = @ldap
+    assert_raises(LdapFluff::ActiveDirectory::MemberService::UIDNotFoundException) do
+      @adms.find_by_dn('cn=Foo Bar,dc=example,dc=com')
+    end
+    @ldap.verify
+  end
+
+  def test_get_login_from_entry
+    entry = Net::LDAP::Entry.new('Example User')
+    entry['sAMAccountName'] = 'example'
+    assert_equal(['example'], @adms.get_login_from_entry(entry))
+  end
+
+  def test_get_login_from_entry_missing_attr
+    entry = Net::LDAP::Entry.new('Example User')
+    assert_nil(@adms.get_login_from_entry(entry))
+  end
+
 end

data/test/ad_test.rb

@@ -15,16 +15,42 @@ class TestAD < MiniTest::Test
   end
 
   def test_good_bind
+    # no expectation on the service account
+    @ldap.expect(:auth, nil, ['EXAMPLE\\internet', "password"])
+    @ldap.expect(:bind, true)
+    @ad.ldap = @ldap
+    assert_equal(@ad.bind?('EXAMPLE\\internet', 'password'), true)
+    @ldap.verify
+  end
+
+  def test_good_bind_with_dn
+    # no expectation on the service account
+    @ldap.expect(:auth, nil, [ad_user_bind('Internet User'), "password"])
+    @ldap.expect(:bind, true)
+    @ad.ldap = @ldap
+    assert_equal(@ad.bind?(ad_user_bind('Internet User'), 'password'), true)
+    @ldap.verify
+  end
+
+  def test_good_bind_with_account_name
+    # looks up the account name's full DN via the service account
+    @md = MiniTest::Mock.new
+    user_result = MiniTest::Mock.new
+    user_result.expect(:dn, ad_user_bind('Internet User'))
+    @md.expect(:find_user, [user_result], %w(internet))
+    @ad.member_service = @md
     service_bind
-    assert_equal(@ad.bind?('service', 'pass'), true)
+    @ldap.expect(:auth, nil, [ad_user_bind('Internet User'), "password"])
+    @ldap.expect(:bind, true)
+    assert_equal(@ad.bind?('internet', 'password'), true)
     @ldap.verify
   end
 
   def test_bad_bind
-    @ldap.expect(:auth, nil, %w(internet password))
+    @ldap.expect(:auth, nil, %w(EXAMPLE\\internet password))
     @ldap.expect(:bind, false)
     @ad.ldap = @ldap
-    assert_equal(@ad.bind?("internet", "password"), false)
+    assert_equal(@ad.bind?("EXAMPLE\\internet", "password"), false)
     @ldap.verify
   end
 
@@ -128,7 +154,8 @@ class TestAD < MiniTest::Test
     nested_user  = Net::LDAP::Entry.new('testuser')
 
     group[:member]        = ['CN=katellers,DC=corp,DC=windows,DC=com']
-    nested_group[:member] = ['CN=testuser,CN=Users,DC=corp,DC=windows,DC=com']
+    nested_group[:cn]     = ['katellers']
+    nested_group[:member] = ['CN=Test User,CN=Users,DC=corp,DC=windows,DC=com']
     nested_group[:objectclass] = ['organizationalunit']
     nested_user[:objectclass]  = ['person']
 
@@ -137,11 +164,12 @@ class TestAD < MiniTest::Test
     2.times { md.expect(:find_group, [nested_group], ['katellers']) }
     2.times { service_bind }
 
-    md.expect(:find_user,  [nested_group], ['katellers'])
-    md.expect(:find_user,  [nested_user],  ['testuser'])
-    md.expect(:get_logins, 'testuser', [nested_group.member])
+    md.expect(:find_by_dn, [nested_group], ['CN=katellers,DC=corp,DC=windows,DC=com'])
+    md.expect(:find_by_dn, [nested_user],  ['CN=Test User,CN=Users,DC=corp,DC=windows,DC=com'])
+    md.expect(:get_login_from_entry, 'testuser', [nested_user])
     @ad.member_service = md
     assert_equal @ad.users_for_gid('foremaners'), ['testuser']
+    md.verify
   end
 
 end

data/test/ipa_test.rb

@@ -15,8 +15,25 @@ class TestIPA < MiniTest::Test
   end
 
   def test_good_bind
+    # looks up the uid's full DN via the service account
+    @md = MiniTest::Mock.new
+    user_result = MiniTest::Mock.new
+    user_result.expect(:dn, ipa_user_bind('internet'))
+    @md.expect(:find_user, [user_result], %w(internet))
+    @ipa.member_service = @md
     service_bind
-    assert_equal(@ipa.bind?('service', 'pass'), true)
+    @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
+    @ldap.expect(:bind, true)
+    assert_equal(@ipa.bind?('internet', 'password'), true)
+    @ldap.verify
+  end
+
+  def test_good_bind_with_dn
+    # no expectation on the service account
+    @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
+    @ldap.expect(:bind, true)
+    @ipa.ldap = @ldap
+    assert_equal(@ipa.bind?(ipa_user_bind('internet'), 'password'), true)
     @ldap.verify
   end
 
@@ -24,7 +41,7 @@ class TestIPA < MiniTest::Test
     @ldap.expect(:auth, nil, [ipa_user_bind('internet'), "password"])
     @ldap.expect(:bind, false)
     @ipa.ldap = @ldap
-    assert_equal(@ipa.bind?("internet", "password"), false)
+    assert_equal(@ipa.bind?(ipa_user_bind("internet"), "password"), false)
     @ldap.verify
   end
 

data/test/lib/ldap_test_helper.rb

@@ -74,6 +74,10 @@ module LdapTestHelper
     "uid=#{uid},cn=users,cn=accounts,#{@config.base_dn}"
   end
 
+  def ad_user_bind(name)
+    "CN=#{name},CN=Users,#{@config.base_dn}"
+  end
+
   def ad_user_payload
     [{ :memberof => ["cn=group,dc=internet,dc=com"] }]
   end

data/test/posix_member_services_test.rb

@@ -11,7 +11,7 @@ class TestPosixMemberService < MiniTest::Test
   def test_find_user
     user = posix_user_payload
     @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
-                                 :base   => config.group_base])
+                                 :base   => config.base_dn])
     @ms.ldap = @ldap
     assert_equal posix_user_payload, @ms.find_user('john')
     @ldap.verify
@@ -28,7 +28,7 @@ class TestPosixMemberService < MiniTest::Test
   def test_user_exists
     user = posix_user_payload
     @ldap.expect(:search, user, [:filter => @ms.name_filter('john'),
-                                 :base   => config.group_base])
+                                 :base   => config.base_dn])
     @ms.ldap = @ldap
     assert @ms.find_user('john')
     @ldap.verify
@@ -36,7 +36,7 @@ class TestPosixMemberService < MiniTest::Test
 
   def test_user_doesnt_exists
     @ldap.expect(:search, nil, [:filter => @ms.name_filter('john'),
-                                :base   => config.group_base])
+                                :base   => config.base_dn])
     @ms.ldap = @ldap
     assert_raises(LdapFluff::Posix::MemberService::UIDNotFoundException) { @ms.find_user('john') }
     @ldap.verify

data/test/posix_test.rb

@@ -8,7 +8,13 @@ class TestPosix < MiniTest::Test
     @posix = LdapFluff::Posix.new(@config)
   end
 
+  def service_bind
+    @ldap.expect(:auth, nil, %w[service pass])
+    super
+  end
+
   def test_groups
+    service_bind
     basic_user
     assert_equal(@posix.groups_for_uid("john"), %w(bros))
   end
@@ -21,6 +27,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_isnt_in_groups
+    service_bind
     basic_user
     md = MiniTest::Mock.new
     md.expect(:times_in_groups, 0, ['john', %w(bros), true])
@@ -29,6 +36,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_is_in_groups
+    service_bind
     basic_user
     md = MiniTest::Mock.new
     md.expect(:times_in_groups, 1, ['john', %w(bros), true])
@@ -37,23 +45,42 @@ class TestPosix < MiniTest::Test
   end
 
   def test_is_in_no_groups
+    service_bind
     basic_user
     assert_equal(@posix.is_in_groups('john', [], true), true)
   end
 
   def test_good_bind
-    @ldap.expect(:bind_as, true, [:filter => "(uid=internet)", :password => "password"])
+    # looks up the uid's full DN via the service account
+    @md = MiniTest::Mock.new
+    user_result = MiniTest::Mock.new
+    user_result.expect(:dn, 'uid=internet,dn=example')
+    @md.expect(:find_user, [user_result], %w(internet))
+    @posix.member_service = @md
+    service_bind
+    @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
+    @ldap.expect(:bind, true)
     @posix.ldap = @ldap
     assert_equal(@posix.bind?("internet", "password"), true)
   end
 
+  def test_good_bind_with_dn
+    # no expectation on the service account
+    @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
+    @ldap.expect(:bind, true)
+    @posix.ldap = @ldap
+    assert_equal(@posix.bind?("uid=internet,dn=example", "password"), true)
+  end
+
   def test_bad_bind
-    @ldap.expect(:bind_as, false, [:filter => "(uid=internet)", :password => "password"])
+    @ldap.expect(:auth, nil, %w[uid=internet,dn=example password])
+    @ldap.expect(:bind, false)
     @posix.ldap = @ldap
-    assert_equal(@posix.bind?("internet", "password"), false)
+    assert_equal(@posix.bind?("uid=internet,dn=example", "password"), false)
   end
 
   def test_user_exists
+    service_bind
     md = MiniTest::Mock.new
     md.expect(:find_user, 'notnilluser', %w(john))
     @posix.member_service = md
@@ -61,6 +88,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_missing_user
+    service_bind
     md = MiniTest::Mock.new
     md.expect(:find_user, nil, %w(john))
     def md.find_user(uid)
@@ -71,6 +99,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_group_exists
+    service_bind
     md = MiniTest::Mock.new
     md.expect(:find_group, 'notnillgroup', %w(broskies))
     @posix.member_service = md
@@ -78,6 +107,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_missing_group
+    service_bind
     md = MiniTest::Mock.new
     md.expect(:find_group, nil, %w(broskies))
     def md.find_group(uid)
@@ -88,6 +118,7 @@ class TestPosix < MiniTest::Test
   end
 
   def test_find_users_in_nested_groups
+    service_bind
     group = Net::LDAP::Entry.new('CN=foremaners,DC=example,DC=com')
     group[:memberuid] = ['katellers']
     nested_group = Net::LDAP::Entry.new('CN=katellers,CN=foremaners,DC=example,DC=com')
@@ -97,7 +128,8 @@ class TestPosix < MiniTest::Test
                  [nested_group],
                  [{ :base   => group.dn,
                     :filter => Net::LDAP::Filter.eq('objectClass','posixGroup') |
-                               Net::LDAP::Filter.eq('objectClass', 'organizationalunit')}])
+                               Net::LDAP::Filter.eq('objectClass', 'organizationalunit') |
+                               Net::LDAP::Filter.eq('objectClass', 'groupOfUniqueNames')}])
     @posix.ldap = @ldap
 
     md = MiniTest::Mock.new

metadata

@@ -1,87 +1,82 @@
 --- !ruby/object:Gem::Specification
 name: ldap_fluff
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
-- "'Jordan"
-- OMara'
-- "'Daniel"
-- Lobato'
-- "'Petr"
-- Chalupa',
-- "'Adam"
-- Price'
-- "'Marek"
-- Hulan'
+- Jordan O'Mara
+- Daniel Lobato
+- Petr Chalupa
+- Adam Price
+- Marek Hulan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-07-29 00:00:00.000000000 Z
+date: 2014-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ldap
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: 0.3.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: 0.3.1
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: Simple library for binding & group querying on top of various ldap implementations
+description: Simple library for binding & group querying on top of various LDAP implementations
 email:
-- "'jomara@redhat.com'"
-- "'elobatocs@gmail.com'"
-- "'pchalupa@redhat.com'"
-- "'komidore64@gmail.com'"
-- "'mhulan@redhat.com'"
+- jomara@redhat.com
+- elobatocs@gmail.com
+- pchalupa@redhat.com
+- komidore64@gmail.com
+- mhulan@redhat.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -107,7 +102,7 @@ files:
 - test/lib/ldap_test_helper.rb
 - test/posix_member_services_test.rb
 - test/posix_test.rb
-homepage: https://github.com/Katello/ldap_fluff
+homepage: https://github.com/theforeman/ldap_fluff
 licenses:
 - GPLv2
 metadata: {}
@@ -117,12 +112,12 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
@@ -130,15 +125,14 @@ rubyforge_project:
 rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
-summary: LDAP Querying tools for Active Directory, FreeIPA and Posix-style
+summary: LDAP querying tools for Active Directory, FreeIPA and POSIX-style
 test_files:
-- test/posix_test.rb
+- test/ipa_member_services_test.rb
 - test/posix_member_services_test.rb
-- test/ad_member_services_test.rb
-- test/ipa_test.rb
 - test/ad_test.rb
-- test/config_test.rb
+- test/ipa_test.rb
 - test/ldap_test.rb
 - test/lib/ldap_test_helper.rb
-- test/ipa_member_services_test.rb
-has_rdoc: true
+- test/posix_test.rb
+- test/ad_member_services_test.rb
+- test/config_test.rb