ldap_groups_lookup 0.6.1 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -0
- data/lib/ldap_groups_lookup/configuration.rb +4 -0
- data/lib/ldap_groups_lookup/search.rb +3 -1
- data/lib/ldap_groups_lookup/version.rb +1 -1
- data/spec/fixtures/ldap_groups_lookup.yml.example +3 -1
- data/spec/lib/ldap_groups_lookup_spec.rb +27 -4
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 93b710e0c55641a70229aef31de0eb3bcbac110ee8ea7f34e4aea784cd605c74
|
|
4
|
+
data.tar.gz: eaa38276bd60526a24ce3979e757cb1423985b71bc05647017ce04a13566ac46
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5041fe650a03a4a70732df646a1b86e61c28c1c5e366f6254dc156edc6e6a46afb35e315bd7985e90c4097ffb280f1b617e5fe0ea8641d2ff300222e8ec6feb3
|
|
7
|
+
data.tar.gz: aee6357c288d1b069a274c7aa413ac8a26170a177d1b269b2ea0d871f4f6c1e77d5a375994a45eadc28159f1e126cc62504db747e5e45cc679a1245835da8707
|
|
@@ -57,7 +57,9 @@ module LDAPGroupsLookup
|
|
|
57
57
|
next if seen.include? g
|
|
58
58
|
seen << g
|
|
59
59
|
member_groups = members.collect do |mg|
|
|
60
|
-
dn_to_cn(mg) if
|
|
60
|
+
dn_to_cn(mg) if member_whitelist.empty? || member_whitelist.any? do |fil|
|
|
61
|
+
mg.include? fil
|
|
62
|
+
end
|
|
61
63
|
end
|
|
62
64
|
member_groups.compact!
|
|
63
65
|
return true if walk_ldap_members(member_groups, dn, seen)
|
|
@@ -216,16 +216,39 @@ RSpec.describe LDAPGroupsLookup do
|
|
|
216
216
|
end
|
|
217
217
|
end
|
|
218
218
|
context 'when searching for a group that user is a nested member of' do
|
|
219
|
-
|
|
219
|
+
before do
|
|
220
220
|
expect(@service).to receive(:search).with(
|
|
221
221
|
hash_including(filter: Net::LDAP::Filter.equals('cn', 'Top-Group'))).and_return([@top_group])
|
|
222
|
-
|
|
222
|
+
allow(@service).to receive(:search).with(
|
|
223
223
|
hash_including(filter: Net::LDAP::Filter.equals('cn', 'Nested-Group'),
|
|
224
224
|
attributes: ['member;range=0-*'])).and_return([@nested_group_page_1])
|
|
225
|
-
|
|
225
|
+
allow(@service).to receive(:search).with(
|
|
226
226
|
hash_including(filter: Net::LDAP::Filter.equals('cn', 'Nested-Group'),
|
|
227
227
|
attributes: ['member;range=1-*'])).and_return([@nested_group_page_2])
|
|
228
|
-
|
|
228
|
+
end
|
|
229
|
+
context 'when the group is whitelisted' do
|
|
230
|
+
before do
|
|
231
|
+
allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return(['OU=Groups'])
|
|
232
|
+
end
|
|
233
|
+
it 'should return true' do
|
|
234
|
+
expect(user.member_of_ldap_group?('Top-Group')).to eq(true)
|
|
235
|
+
end
|
|
236
|
+
end
|
|
237
|
+
context 'when the whitelist is empty' do
|
|
238
|
+
before do
|
|
239
|
+
allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return([])
|
|
240
|
+
end
|
|
241
|
+
it 'should return true (whitelisting is disabled)' do
|
|
242
|
+
expect(user.member_of_ldap_group?('Top-Group')).to eq(true)
|
|
243
|
+
end
|
|
244
|
+
end
|
|
245
|
+
context 'when the group is not whitelisted' do
|
|
246
|
+
before do
|
|
247
|
+
allow(LDAPGroupsLookup).to receive(:member_whitelist).and_return(['OU=Not-A-Match'])
|
|
248
|
+
end
|
|
249
|
+
it 'should return false' do
|
|
250
|
+
expect(user.member_of_ldap_group?('Top-Group')).to eq(false)
|
|
251
|
+
end
|
|
229
252
|
end
|
|
230
253
|
end
|
|
231
254
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ldap_groups_lookup
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Ploshay
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2020-02-10 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: net-ldap
|