ldap_groups_lookup 0.6.1 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +2 -0
  3. data/lib/ldap_groups_lookup/configuration.rb +4 -0
  4. data/lib/ldap_groups_lookup/search.rb +3 -1
  5. data/lib/ldap_groups_lookup/version.rb +1 -1
  6. data/spec/fixtures/ldap_groups_lookup.yml.example +3 -1
  7. data/spec/lib/ldap_groups_lookup_spec.rb +27 -4
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89497393dbd1cb8187e740a5867c0758a6a47eb79ae4719bf2e09ba0952011ac
4
- data.tar.gz: e9e7db4530168f315c7b7463beeb395d94aa49411fc2a7d92cba6152136600ce
3
+ metadata.gz: 93b710e0c55641a70229aef31de0eb3bcbac110ee8ea7f34e4aea784cd605c74
4
+ data.tar.gz: eaa38276bd60526a24ce3979e757cb1423985b71bc05647017ce04a13566ac46
5
5
  SHA512:
6
- metadata.gz: be721599c153b22b93fc7769377610619d24d74973e3316f7ebd427341a1c5830cc71d45df67cb78671773347c865999b65e18e2cf349759e005d42c84b5b337
7
- data.tar.gz: f5f4aa7a0d10008ee984cc495076fb669b6113bf8ac52012f8c6806f7b14cb8c1ac12bd340a98a1585168be8cb2101d29da1aa6aef154d04d8222e6f3e8c9f11
6
+ metadata.gz: 5041fe650a03a4a70732df646a1b86e61c28c1c5e366f6254dc156edc6e6a46afb35e315bd7985e90c4097ffb280f1b617e5fe0ea8641d2ff300222e8ec6feb3
7
+ data.tar.gz: aee6357c288d1b069a274c7aa413ac8a26170a177d1b269b2ea0d871f4f6c1e77d5a375994a45eadc28159f1e126cc62504db747e5e45cc679a1245835da8707
data/.travis.yml CHANGED
@@ -3,3 +3,5 @@ rvm:
3
3
  - 2.3
4
4
  - 2.4
5
5
  - 2.5
6
+ - 2.6
7
+ - 2.7
data/lib/ldap_groups_lookup/configuration.rb CHANGED
@@ -45,6 +45,10 @@ module LDAPGroupsLookup
45
45
  config[:tree]
46
46
  end
47
47
 
48
+ def member_whitelist
49
+ config[:member_whitelist].to_a
50
+ end
51
+
48
52
  private
49
53
 
50
54
  def configure(value)
data/lib/ldap_groups_lookup/search.rb CHANGED
@@ -57,7 +57,9 @@ module LDAPGroupsLookup
57
57
  next if seen.include? g
58
58
  seen << g
59
59
  member_groups = members.collect do |mg|
60
- dn_to_cn(mg) if (mg.include?('OU=Groups') || mg.include?('OU=Applications'))
60
+ dn_to_cn(mg) if member_whitelist.empty? || member_whitelist.any? do |fil|
61
+ mg.include? fil
62
+ end
61
63
  end
62
64
  member_groups.compact!
63
65
  return true if walk_ldap_members(member_groups, dn, seen)
data/lib/ldap_groups_lookup/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # Gem version release tracking
2
2
  module LDAPGroupsLookup
3
3
  # Define release version
4
- VERSION = '0.6.1'.freeze
4
+ VERSION = '0.7.0'.freeze
5
5
  end
data/spec/fixtures/ldap_groups_lookup.yml.example CHANGED
@@ -6,4 +6,6 @@
6
6
  :password: changeme
7
7
  :tree: dc=ads,dc=example,dc=net
8
8
  :account_ou: ou=Accounts
9
- :group_ou: ou=Groups
9
+ :group_ou: ou=Groups
10
+ :member_whitelist:
11
+ - OU=Groups
data/spec/lib/ldap_groups_lookup_spec.rb CHANGED
@@ -216,16 +216,39 @@ RSpec.describe LDAPGroupsLookup do
216
216
  end
217
217
  end
218
218
  context 'when searching for a group that user is a nested member of' do
219
- it 'should return true' do
219
+ before do
220
220
  expect(@service).to receive(:search).with(
221
221
  hash_including(filter: Net::LDAP::Filter.equals('cn', 'Top-Group'))).and_return([@top_group])
222
- expect(@service).to receive(:search).with(
222
+ allow(@service).to receive(:search).with(
223
223
  hash_including(filter: Net::LDAP::Filter.equals('cn', 'Nested-Group'),
224
224
  attributes: ['member;range=0-*'])).and_return([@nested_group_page_1])
225
- expect(@service).to receive(:search).with(
225
+ allow(@service).to receive(:search).with(
226
226
  hash_including(filter: Net::LDAP::Filter.equals('cn', 'Nested-Group'),
227
227
  attributes: ['member;range=1-*'])).and_return([@nested_group_page_2])
228
- expect(user.member_of_ldap_group?('Top-Group')).to eq(true)
228
+ end
229
+ context 'when the group is whitelisted' do
230
+ before do
231
+ allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return(['OU=Groups'])
232
+ end
233
+ it 'should return true' do
234
+ expect(user.member_of_ldap_group?('Top-Group')).to eq(true)
235
+ end
236
+ end
237
+ context 'when the whitelist is empty' do
238
+ before do
239
+ allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return([])
240
+ end
241
+ it 'should return true (whitelisting is disabled)' do
242
+ expect(user.member_of_ldap_group?('Top-Group')).to eq(true)
243
+ end
244
+ end
245
+ context 'when the group is not whitelisted' do
246
+ before do
247
+ allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return(['OU=Not-A-Match'])
248
+ end
249
+ it 'should return false' do
250
+ expect(user.member_of_ldap_group?('Top-Group')).to eq(false)
251
+ end
229
252
  end
230
253
  end
231
254
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldap_groups_lookup
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.1
4
+ version: 0.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Ploshay
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2019-06-27 00:00:00.000000000 Z
13
+ date: 2020-02-10 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: net-ldap