ldap_lookup 0.1.6 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 54e681b1bce31406239c47dabe8b8576f91d46a58a4135d2a79784ea1bae797c
-  data.tar.gz: ba9ad988d4aec0a991094a291e3e96baabcff1c6b6ffce053a76cab886fec10a
+  metadata.gz: 775477e51275859dcb210f1b996b14b10b9814bc7443df7a3fa9c63736460298
+  data.tar.gz: f1248f24d49b795c196a16f1b5edcaff1b4ab435127561fce5d24c320bd99630
 SHA512:
-  metadata.gz: 3fc6512631937a7c645ac3831c15accc99a3b45d84574e56ed9eaeacf205ecd32add060383e1b6718c8238845f8927517deefc7fef017df429c8f8c7c59760f5
-  data.tar.gz: b80445a8398c8030e4eb42907f3a796f4829c5bb958b7839f8c3df9a9a09725276f67a71a520eba2df61d398aeb6a66a676f142a1b2ccb825a75ec37345d9a71
+  metadata.gz: ba6cfe2623779bc3e73fde5258bf15bfc83fe0018d04ae8e7f052e95952f216e9a23c30a379bb3e4748453d60160f49c4a95636cda3966f39000714ecf479385
+  data.tar.gz: 84e07889f3a1b37d45c57fc690f62e878246c18b8da37c49a0ad5d65de5691ad2b160869c937af459fc02590297ec07474013fce30658f1a2870f8c0294ffbbb

data/.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    ldap_lookup (0.1.5)
+    ldap_lookup (0.1.7)
       net-ldap (~> 0.17.0)
 
 GEM

data/README.md

@@ -9,7 +9,7 @@ This module is to be used for anonymous lookup of user attributes in the MCommun
 
 Requirements:
 * Ruby at least 2.0.0
-* Gem 'net-ldap' ~> '0.16.1'
+* Gem 'net-ldap' ~> '0.17.0'
 > *The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has a Missing SSL Certificate Validation.*
 
 To try the module out:
@@ -63,6 +63,10 @@ end
 
 ### Methods available
 
+__uid_exist?:__ returns true if uid is in LDAP
+```
+LdapLookup.uid_exist?(uniqname)
+```
 __get_simple_name:__ returns the Display Name
 ```
 LdapLookup.get_simple_name(uniqname = nil)

data/ldap_lookup.gemspec

@@ -24,5 +24,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 2.2.26"
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.7.0"
-  spec.add_dependency 'net-ldap', '~> 0.17.0'
+  spec.add_dependency 'net-ldap', '~> 0.18.0'
 end

data/ldaptest.rb

@@ -56,6 +56,7 @@ class Ldaptest
     puts "2: set new group_uid"
     puts "+++++++++++++++++++++++++"
     puts "3: get users full name"
+    puts "33: check if uid exists"
     puts "4: get users department"
     puts "5: get users email"
     puts "55: get all groups a user is a member of"
@@ -65,11 +66,14 @@ class Ldaptest
     puts "+++++++++++++++++++++++++"
     puts "8: what time is it?"
     puts "0: exit"
+    puts ""
+    print "Enter a number: "
 
     case gets.chomp.to_i
     when 1 then result_box(reset_uid)
     when 2 then result_box(reset_group_uid)
     when 3 then result_box(LdapLookup.get_simple_name(@uid))
+    when 33 then result_box(LdapLookup.uid_exist?(@uid))
     when 4 then result_box(LdapLookup.get_dept(@uid))
     when 5 then result_box(LdapLookup.get_email(@uid))
     when 55 then result_box(LdapLookup.all_groups_for_user(@uid))
@@ -80,7 +84,7 @@ class Ldaptest
 throw(:done)
     else
       print "\e[2J\e[f"
-      puts "====> Please type 1,2,3,4,5,55,6,7,8 or 0 only"
+      puts "====> Please type 1,2,3,33,4,5,55,6,7,8 or 0 only"
       2.times { puts " " }
     end
   end

data/lib/ldap_lookup/version.rb

@@ -1,3 +1,3 @@
 module LdapLookup
-  VERSION = "0.1.6"
+  VERSION = "0.1.8"
 end

data/lib/ldap_lookup.rb

@@ -1,159 +1,155 @@
-require_relative "helpers/configuration"
+require_relative 'helpers/configuration'
+require 'net/ldap'
 
 module LdapLookup
-  require "net/ldap"
-
   extend Configuration
 
   define_setting :host
-  define_setting :port, "389"
+  define_setting :port, '389'
   define_setting :base
   define_setting :dept_attribute
   define_setting :group_attribute
 
-  # this was developed using guidence from this gist:
-  # https://gist.githubusercontent.com/jeffjohnson9046/7012167/raw/86587b9637ddc2ece7a42df774980fa9c0aac9b3/ruby-ldap-sample.rb
-
-  #######################################################################################################################
-  ## HELPER/UTILITY METHOD
-  ##   This method interprets the response/return code from an LDAP bind operation (bind, search, add, modify, rename,
-  ##   delete).  This method isn't necessarily complete, but it's a good starting point for handling the response codes
-  ##   from an LDAP bind operation.
-  ##
-  ##   Additional details for the get_operation_result method can be found here:
-  ##   http://net-ldap.rubyforge.org/Net/LDAP.html#method-i-get_operation_result
-  ########################################################################################################################
   def self.get_ldap_response(ldap)
-    msg = "Response Code: #{ldap.get_operation_result.code}, Message: #{ldap.get_operation_result.message}"
-    raise msg unless ldap.get_operation_result.code == 0
+    response = ldap.get_operation_result
+    raise "Response Code: #{response.code}, Message: #{response.message}" unless response.code.zero?
   end
 
-  #######################################################################################################################
-  # SET UP LDAP CONNECTION
-  # Setting up a connection to the LDAP server using .new() does not actually send any network traffic to the LDAP
-  # server.  When you call an operation on ldap (e.g. add or search), .bind is called implicitly.  *That's* when the
-  # connection is made to the LDAP server.  This means that each operation called on the ldap object will create its own
-  # network connection to the LDAP server.
-  #######################################################################################################################
   def self.ldap_connection
-    ldap = Net::LDAP.new host: host, # your LDAP host name or IP goes here,
-                         port: port, # your LDAP host port goes here,
-                         base: base, # the base of your AD tree goes here,
-                         auth: {
-                           :method => :anonymous,
-                         }
+    Net::LDAP.new(
+      host: host,
+      port: port,
+      base: base,
+      auth: { method: :anonymous }
+    )
   end
 
-  # GET THE DISPLAY NAME FOR A SINGLE USER
-  def self.get_simple_name(uniqname = nil)
+  def self.get_user_attribute(uniqname, attribute)
     ldap = ldap_connection
-    search_param = uniqname # the AD account goes here
-    result_attrs = ["displayName"] # Whatever you want to bring back in your result set goes here
-    # Build filter
-    search_filter = Net::LDAP::Filter.eq("uid", search_param)
-    # Execute search
-    ldap.search(filter: search_filter, attributes: result_attrs) { |item|
-      begin 
-        return item.displayName.first
-      rescue 
-        return "not available"
-      end
-    }
+    search_param = uniqname
+    result_attrs = [attribute]
+
+    search_filter = Net::LDAP::Filter.eq('uid', search_param)
+
+    ldap.search(filter: search_filter, attributes: result_attrs) do |item|
+      value = item[attribute]&.first
+      return value unless value.nil?
+    end
+
+    "No #{attribute} found for #{uniqname}"
+  ensure
     get_ldap_response(ldap)
   end
 
-  # GET THE PRIMARY DEPARTMENT FOR A SINGLE USER
-  def self.get_dept(uniqname = nil)
+  def self.get_nested_attribute(uniqname, nested_attribute)
     ldap = ldap_connection
-    search_param = uniqname # the AD account goes here
-    result_attrs = [dept_attribute] # Whatever you want to bring back in your result set goes here
-    # Build filter
-    search_filter = Net::LDAP::Filter.eq("uid", search_param)
-    # Execute search
-    ldap.search(filter: search_filter, attributes: result_attrs) { |item|
-      return dept_name = item.umichpostaladdressdata.first.split("}:{").first.split("=")[1] unless item.umichpostaladdressdata.first.nil?
-    }
+    search_param = uniqname
+    # Specify the full nested attribute path using dot notation
+    result_attrs = [nested_attribute.split('.').first]
+  
+    search_filter = Net::LDAP::Filter.eq('uid', search_param)
+  
+    ldap.search(filter: search_filter, attributes: result_attrs) do |item|
+      # Split the string into key-value pairs
+      if string1 = item[nested_attribute.split('.').first]&.first
+        key_value_pairs = string1.split('}:{')
+        # Find the key-value pair for addr1
+        target_pair = key_value_pairs.find { |pair| pair.include?("#{nested_attribute.split('.').last}=") } 
+        # Extract the target value
+        target_pair_value = target_pair.split('=').last
+        return target_pair_value unless target_pair_value.nil?
+      end
+    end
+    "No #{nested_attribute} found for #{uniqname}"
+
+  ensure
     get_ldap_response(ldap)
   end
 
-  # GET THE E-MAIL ADDRESS FOR A SINGLE USER
-  def self.get_email(uniqname = nil)
+  # method to check if a uid exist in LDAP
+  def self.uid_exist?(uniqname)
     ldap = ldap_connection
-    search_param = uniqname # the AD account goes here
-    result_attrs = ["mail"] # Whatever you want to bring back in your result set goes here
-    # Build filter
-    search_filter = Net::LDAP::Filter.eq("uid", search_param)
-    # Execute search
-    ldap.search(filter: search_filter, attributes: result_attrs) { |item|
-      return item.mail.first
-    }
+    search_param = uniqname
+
+    search_filter = Net::LDAP::Filter.eq('uid', search_param)
+
+    ldap.search(filter: search_filter) do |item|
+      return true if item['uid'].first == search_param
+    end
+
+    false
+  ensure
     get_ldap_response(ldap)
   end
 
-  # ---------------------------------------------------------------------------------------------------------------------
-  # Check if the UID is a member of an LDAP group. This function returns TRUE
-  # if uid passed in is a member of group_name passed in. Otherwise it will
-  # return false.
-  def self.is_member_of_group?(uid = nil, group_name = nil)
+  def self.get_simple_name(uniqname)
+    get_user_attribute(uniqname, 'displayname')
+  end
+
+  def self.get_email(uniqname)
+    get_user_attribute(uniqname, 'mail')
+  end
+
+  def self.get_dept(uniqname)
+    get_nested_attribute(uniqname, 'umichpostaladdressdata.addr1')
+  end
+
+  def self.is_member_of_group?(uid, group_name)
     ldap = ldap_connection
-    # GET THE MEMBERS OF AN E-MAIL DISTRIBUTION LIST
-    search_param = group_name # the name of the distribution list you're looking for goes here
-    result_attrs = ["member"]
-    # Build filter
-    search_filter = Net::LDAP::Filter.eq("cn", search_param)
-    group_filter = Net::LDAP::Filter.eq("objectClass", "group")
-    composite_filter = Net::LDAP::Filter.join(search_filter, group_filter)
-    # Execute search, extracting the AD account name from each member of the distribution list
-    ldap.search(filter: composite_filter, attributes: result_attrs) do |item|
-      if item.attribute_names.include?(:member)
-        item.member.each do |entry|
-          if entry.split(",").first.split("=")[1] == uid
-            return true
-          end
-        end
-      end
+    search_param = group_name
+    result_attrs = ['member']
+
+    search_filter = Net::LDAP::Filter.join(
+      Net::LDAP::Filter.eq('cn', search_param),
+      Net::LDAP::Filter.eq('objectClass', 'group')
+    )
+
+    ldap.search(filter: search_filter, attributes: result_attrs) do |item|
+      members = item['member']
+      return true if members&.any? { |entry| entry.split(',').first.split('=')[1] == uid }
     end
-    return false
+
+    false
+  ensure
     get_ldap_response(ldap)
   end
 
-  # ---------------------------------------------------------------------------------------------------------------------
-  # Get the Name email and members of an LDAP group as a hash
-  def self.get_email_distribution_list(group_name = nil)
+  def self.get_email_distribution_list(group_name)
     ldap = ldap_connection
     result_hash = {}
-    member_hash = {}
-    # GET THE MEMBERS OF AN E-MAIL DISTRIBUTION LIST
-    search_param = group_name # the name of the distribution list you're looking for goes here
-    result_attrs = ["cn", group_attribute, "member"]
-    # Build filter
-    search_filter = Net::LDAP::Filter.eq("cn", search_param)
-    group_filter = Net::LDAP::Filter.eq("objectClass", "group")
-    composite_filter = Net::LDAP::Filter.join(search_filter, group_filter)
-    # Execute search, extracting the AD account name from each member of the distribution list
-    ldap.search(filter: composite_filter, attributes: result_attrs) do |item|
-      result_hash["group_name"] = item.cn.first
-      result_hash["group_email"] = item.umichGroupEmail.first
-      individual_array = []
-      item.member.each do |individual|
-        individual_array.push(individual.split(",").first.split("=")[1])
-      end
-      result_hash["members"] = individual_array.sort
+
+    search_param = group_name
+    result_attrs = %w[cn umichGroupEmail member]
+
+    search_filter = Net::LDAP::Filter.join(
+      Net::LDAP::Filter.eq('cn', search_param),
+      Net::LDAP::Filter.eq('objectClass', 'group')
+    )
+
+    ldap.search(filter: search_filter, attributes: result_attrs) do |item|
+      result_hash['group_name'] = item['cn']&.first
+      result_hash['group_email'] = item['umichGroupEmail']&.first
+      members = item['member']&.map { |individual| individual.split(',').first.split('=')[1] }
+      result_hash['members'] = members&.sort || []
     end
-    return result_hash
+
+    result_hash
+  ensure
     get_ldap_response(ldap)
   end
 
-  # ---------------------------------------------------------------------------
-  #  Get the groups a user is a member of
-  def self.all_groups_for_user(uid = nil)
+  def self.all_groups_for_user(uid)
     ldap = ldap_connection
     result_array = []
-    result_attrs = ["dn"]
+
+    result_attrs = ['dn']
+
     ldap.search(filter: "member=uid=#{uid},ou=People,dc=umich,dc=edu", attributes: result_attrs) do |item|
-      item.each { |key, value| result_array << value.first.split("=")[1].split(",")[0] }
+      item.each { |key, value| result_array << value.first.split('=')[1].split(',')[0] }
     end
-    return result_array.sort
+
+    result_array.sort
+  ensure
     get_ldap_response(ldap)
   end
-end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ldap_lookup
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.8
 platform: ruby
 authors:
 - Rick Smoke
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-07-20 00:00:00.000000000 Z
+date: 2023-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.18.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.18.0
 description: This module is to be used for anonymous lookup of attributes in the MCommunity
   service provide at the University of Michigan. It can be easily modifed to use other
   LDAP server configurations.
@@ -75,6 +75,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
 - ".gitignore"
 - CODE_OF_CONDUCT.md
 - Gemfile
@@ -108,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.22
+rubygems_version: 3.4.16
 signing_key:
 specification_version: 4
 summary: For anonymous lookup of user LDAP attributes.