ldap_lookup 0.1.7 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 174f93602c6a5158d0f3cce5d846eff7d2718eae02dc41eab13c843afadf86c8
4
- data.tar.gz: 3d3de4dd9b981317460607a807b1a1fc0ceb38aa89dbe18fcd97e6aedab8c661
3
+ metadata.gz: 775477e51275859dcb210f1b996b14b10b9814bc7443df7a3fa9c63736460298
4
+ data.tar.gz: f1248f24d49b795c196a16f1b5edcaff1b4ab435127561fce5d24c320bd99630
5
5
  SHA512:
6
- metadata.gz: 8f483e5246550e3aad01cb1185878b44fd7420cdb90d1b7c9126b5067e19fb6b812bbe4f448aa7144b09a8b1bd1fb998c25b281cb98d3b782745b107b8615ea6
7
- data.tar.gz: e19cad4c0c17d93c30cfcbd7e1be5f43bbffe49a0e50bcf836938285994866c93a5dbcbeeac03f3c745d50caac996f1521616227a1f3ddcbe0854556cc72f073
6
+ metadata.gz: ba6cfe2623779bc3e73fde5258bf15bfc83fe0018d04ae8e7f052e95952f216e9a23c30a379bb3e4748453d60160f49c4a95636cda3966f39000714ecf479385
7
+ data.tar.gz: 84e07889f3a1b37d45c57fc690f62e878246c18b8da37c49a0ad5d65de5691ad2b160869c937af459fc02590297ec07474013fce30658f1a2870f8c0294ffbbb
data/README.md CHANGED
@@ -9,7 +9,7 @@ This module is to be used for anonymous lookup of user attributes in the MCommun
9
9
 
10
10
  Requirements:
11
11
  * Ruby at least 2.0.0
12
- * Gem 'net-ldap' ~> '0.16.1'
12
+ * Gem 'net-ldap' ~> '0.17.0'
13
13
  > *The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has a Missing SSL Certificate Validation.*
14
14
 
15
15
  To try the module out:
@@ -63,6 +63,10 @@ end
63
63
 
64
64
  ### Methods available
65
65
 
66
+ __uid_exist?:__ returns true if uid is in LDAP
67
+ ```
68
+ LdapLookup.uid_exist?(uniqname)
69
+ ```
66
70
  __get_simple_name:__ returns the Display Name
67
71
  ```
68
72
  LdapLookup.get_simple_name(uniqname = nil)
data/ldap_lookup.gemspec CHANGED
@@ -24,5 +24,5 @@ Gem::Specification.new do |spec|
24
24
  spec.add_development_dependency "bundler", "~> 2.2.26"
25
25
  spec.add_development_dependency "rake", "~> 13.0"
26
26
  spec.add_development_dependency "rspec", "~> 3.7.0"
27
- spec.add_dependency 'net-ldap', '~> 0.17.0'
27
+ spec.add_dependency 'net-ldap', '~> 0.18.0'
28
28
  end
data/ldaptest.rb CHANGED
@@ -56,6 +56,7 @@ class Ldaptest
56
56
  puts "2: set new group_uid"
57
57
  puts "+++++++++++++++++++++++++"
58
58
  puts "3: get users full name"
59
+ puts "33: check if uid exists"
59
60
  puts "4: get users department"
60
61
  puts "5: get users email"
61
62
  puts "55: get all groups a user is a member of"
@@ -65,11 +66,14 @@ class Ldaptest
65
66
  puts "+++++++++++++++++++++++++"
66
67
  puts "8: what time is it?"
67
68
  puts "0: exit"
69
+ puts ""
70
+ print "Enter a number: "
68
71
 
69
72
  case gets.chomp.to_i
70
73
  when 1 then result_box(reset_uid)
71
74
  when 2 then result_box(reset_group_uid)
72
75
  when 3 then result_box(LdapLookup.get_simple_name(@uid))
76
+ when 33 then result_box(LdapLookup.uid_exist?(@uid))
73
77
  when 4 then result_box(LdapLookup.get_dept(@uid))
74
78
  when 5 then result_box(LdapLookup.get_email(@uid))
75
79
  when 55 then result_box(LdapLookup.all_groups_for_user(@uid))
@@ -80,7 +84,7 @@ class Ldaptest
80
84
  throw(:done)
81
85
  else
82
86
  print "\e[2J\e[f"
83
- puts "====> Please type 1,2,3,4,5,55,6,7,8 or 0 only"
87
+ puts "====> Please type 1,2,3,33,4,5,55,6,7,8 or 0 only"
84
88
  2.times { puts " " }
85
89
  end
86
90
  end
@@ -1,3 +1,3 @@
1
1
  module LdapLookup
2
- VERSION = "0.1.7"
2
+ VERSION = "0.1.8"
3
3
  end
data/lib/ldap_lookup.rb CHANGED
@@ -1,158 +1,155 @@
1
- require_relative "helpers/configuration"
1
+ require_relative 'helpers/configuration'
2
+ require 'net/ldap'
2
3
 
3
4
  module LdapLookup
4
- require "net/ldap"
5
-
6
5
  extend Configuration
7
6
 
8
7
  define_setting :host
9
- define_setting :port, "389"
8
+ define_setting :port, '389'
10
9
  define_setting :base
11
10
  define_setting :dept_attribute
12
11
  define_setting :group_attribute
13
12
 
14
- # this was developed using guidence from this gist:
15
- # https://gist.githubusercontent.com/jeffjohnson9046/7012167/raw/86587b9637ddc2ece7a42df774980fa9c0aac9b3/ruby-ldap-sample.rb
16
-
17
- #######################################################################################################################
18
- ## HELPER/UTILITY METHOD
19
- ## This method interprets the response/return code from an LDAP bind operation (bind, search, add, modify, rename,
20
- ## delete). This method isn't necessarily complete, but it's a good starting point for handling the response codes
21
- ## from an LDAP bind operation.
22
- ##
23
- ## Additional details for the get_operation_result method can be found here:
24
- ## http://net-ldap.rubyforge.org/Net/LDAP.html#method-i-get_operation_result
25
- ########################################################################################################################
26
13
  def self.get_ldap_response(ldap)
27
- msg = "Response Code: #{ldap.get_operation_result.code}, Message: #{ldap.get_operation_result.message}"
28
- raise msg unless ldap.get_operation_result.code == 0
14
+ response = ldap.get_operation_result
15
+ raise "Response Code: #{response.code}, Message: #{response.message}" unless response.code.zero?
29
16
  end
30
17
 
31
- #######################################################################################################################
32
- # SET UP LDAP CONNECTION
33
- # Setting up a connection to the LDAP server using .new() does not actually send any network traffic to the LDAP
34
- # server. When you call an operation on ldap (e.g. add or search), .bind is called implicitly. *That's* when the
35
- # connection is made to the LDAP server. This means that each operation called on the ldap object will create its own
36
- # network connection to the LDAP server.
37
- #######################################################################################################################
38
18
  def self.ldap_connection
39
- ldap = Net::LDAP.new host: host, # your LDAP host name or IP goes here,
40
- port: port, # your LDAP host port goes here,
41
- base: base, # the base of your AD tree goes here,
42
- auth: {
43
- :method => :anonymous,
44
- }
19
+ Net::LDAP.new(
20
+ host: host,
21
+ port: port,
22
+ base: base,
23
+ auth: { method: :anonymous }
24
+ )
45
25
  end
46
26
 
47
- # GET THE DISPLAY NAME FOR A SINGLE USER
48
- def self.get_simple_name(uniqname = nil)
27
+ def self.get_user_attribute(uniqname, attribute)
49
28
  ldap = ldap_connection
50
- search_param = uniqname # the AD account goes here
51
- result_attrs = ["displayName"] # Whatever you want to bring back in your result set goes here
52
- # Build filter
53
- search_filter = Net::LDAP::Filter.eq("uid", search_param)
54
- # Execute search
55
- result = ldap.search(filter: search_filter, attributes: result_attrs)
56
- if result.length != 0
57
- return result.first.displayname.first
58
- else
59
- return "No such user"
60
- end
29
+ search_param = uniqname
30
+ result_attrs = [attribute]
31
+
32
+ search_filter = Net::LDAP::Filter.eq('uid', search_param)
33
+
34
+ ldap.search(filter: search_filter, attributes: result_attrs) do |item|
35
+ value = item[attribute]&.first
36
+ return value unless value.nil?
37
+ end
38
+
39
+ "No #{attribute} found for #{uniqname}"
40
+ ensure
61
41
  get_ldap_response(ldap)
62
42
  end
63
43
 
64
- # GET THE PRIMARY DEPARTMENT FOR A SINGLE USER
65
- def self.get_dept(uniqname = nil)
44
+ def self.get_nested_attribute(uniqname, nested_attribute)
66
45
  ldap = ldap_connection
67
- search_param = uniqname # the AD account goes here
68
- result_attrs = [dept_attribute] # Whatever you want to bring back in your result set goes here
69
- # Build filter
70
- search_filter = Net::LDAP::Filter.eq("uid", search_param)
71
- # Execute search
72
- ldap.search(filter: search_filter, attributes: result_attrs) { |item|
73
- return dept_name = item.umichpostaladdressdata.first.split("}:{").first.split("=")[1] unless item.umichpostaladdressdata.first.nil?
74
- }
46
+ search_param = uniqname
47
+ # Specify the full nested attribute path using dot notation
48
+ result_attrs = [nested_attribute.split('.').first]
49
+
50
+ search_filter = Net::LDAP::Filter.eq('uid', search_param)
51
+
52
+ ldap.search(filter: search_filter, attributes: result_attrs) do |item|
53
+ # Split the string into key-value pairs
54
+ if string1 = item[nested_attribute.split('.').first]&.first
55
+ key_value_pairs = string1.split('}:{')
56
+ # Find the key-value pair for addr1
57
+ target_pair = key_value_pairs.find { |pair| pair.include?("#{nested_attribute.split('.').last}=") }
58
+ # Extract the target value
59
+ target_pair_value = target_pair.split('=').last
60
+ return target_pair_value unless target_pair_value.nil?
61
+ end
62
+ end
63
+ "No #{nested_attribute} found for #{uniqname}"
64
+
65
+ ensure
75
66
  get_ldap_response(ldap)
76
67
  end
77
68
 
78
- # GET THE E-MAIL ADDRESS FOR A SINGLE USER
79
- def self.get_email(uniqname = nil)
69
+ # method to check if a uid exist in LDAP
70
+ def self.uid_exist?(uniqname)
80
71
  ldap = ldap_connection
81
- search_param = uniqname # the AD account goes here
82
- result_attrs = ["mail"] # Whatever you want to bring back in your result set goes here
83
- # Build filter
84
- search_filter = Net::LDAP::Filter.eq("uid", search_param)
85
- # Execute search
86
- ldap.search(filter: search_filter, attributes: result_attrs) { |item|
87
- return item.mail.first
88
- }
72
+ search_param = uniqname
73
+
74
+ search_filter = Net::LDAP::Filter.eq('uid', search_param)
75
+
76
+ ldap.search(filter: search_filter) do |item|
77
+ return true if item['uid'].first == search_param
78
+ end
79
+
80
+ false
81
+ ensure
89
82
  get_ldap_response(ldap)
90
83
  end
91
84
 
92
- # ---------------------------------------------------------------------------------------------------------------------
93
- # Check if the UID is a member of an LDAP group. This function returns TRUE
94
- # if uid passed in is a member of group_name passed in. Otherwise it will
95
- # return false.
96
- def self.is_member_of_group?(uid = nil, group_name = nil)
85
+ def self.get_simple_name(uniqname)
86
+ get_user_attribute(uniqname, 'displayname')
87
+ end
88
+
89
+ def self.get_email(uniqname)
90
+ get_user_attribute(uniqname, 'mail')
91
+ end
92
+
93
+ def self.get_dept(uniqname)
94
+ get_nested_attribute(uniqname, 'umichpostaladdressdata.addr1')
95
+ end
96
+
97
+ def self.is_member_of_group?(uid, group_name)
97
98
  ldap = ldap_connection
98
- # GET THE MEMBERS OF AN E-MAIL DISTRIBUTION LIST
99
- search_param = group_name # the name of the distribution list you're looking for goes here
100
- result_attrs = ["member"]
101
- # Build filter
102
- search_filter = Net::LDAP::Filter.eq("cn", search_param)
103
- group_filter = Net::LDAP::Filter.eq("objectClass", "group")
104
- composite_filter = Net::LDAP::Filter.join(search_filter, group_filter)
105
- # Execute search, extracting the AD account name from each member of the distribution list
106
- ldap.search(filter: composite_filter, attributes: result_attrs) do |item|
107
- if item.attribute_names.include?(:member)
108
- item.member.each do |entry|
109
- if entry.split(",").first.split("=")[1] == uid
110
- return true
111
- end
112
- end
113
- end
99
+ search_param = group_name
100
+ result_attrs = ['member']
101
+
102
+ search_filter = Net::LDAP::Filter.join(
103
+ Net::LDAP::Filter.eq('cn', search_param),
104
+ Net::LDAP::Filter.eq('objectClass', 'group')
105
+ )
106
+
107
+ ldap.search(filter: search_filter, attributes: result_attrs) do |item|
108
+ members = item['member']
109
+ return true if members&.any? { |entry| entry.split(',').first.split('=')[1] == uid }
114
110
  end
115
- return false
111
+
112
+ false
113
+ ensure
116
114
  get_ldap_response(ldap)
117
115
  end
118
116
 
119
- # ---------------------------------------------------------------------------------------------------------------------
120
- # Get the Name email and members of an LDAP group as a hash
121
- def self.get_email_distribution_list(group_name = nil)
117
+ def self.get_email_distribution_list(group_name)
122
118
  ldap = ldap_connection
123
119
  result_hash = {}
124
- member_hash = {}
125
- # GET THE MEMBERS OF AN E-MAIL DISTRIBUTION LIST
126
- search_param = group_name # the name of the distribution list you're looking for goes here
127
- result_attrs = ["cn", group_attribute, "member"]
128
- # Build filter
129
- search_filter = Net::LDAP::Filter.eq("cn", search_param)
130
- group_filter = Net::LDAP::Filter.eq("objectClass", "group")
131
- composite_filter = Net::LDAP::Filter.join(search_filter, group_filter)
132
- # Execute search, extracting the AD account name from each member of the distribution list
133
- ldap.search(filter: composite_filter, attributes: result_attrs) do |item|
134
- result_hash["group_name"] = item.cn.first
135
- result_hash["group_email"] = item.umichGroupEmail.first
136
- individual_array = []
137
- item.member.each do |individual|
138
- individual_array.push(individual.split(",").first.split("=")[1])
139
- end
140
- result_hash["members"] = individual_array.sort
120
+
121
+ search_param = group_name
122
+ result_attrs = %w[cn umichGroupEmail member]
123
+
124
+ search_filter = Net::LDAP::Filter.join(
125
+ Net::LDAP::Filter.eq('cn', search_param),
126
+ Net::LDAP::Filter.eq('objectClass', 'group')
127
+ )
128
+
129
+ ldap.search(filter: search_filter, attributes: result_attrs) do |item|
130
+ result_hash['group_name'] = item['cn']&.first
131
+ result_hash['group_email'] = item['umichGroupEmail']&.first
132
+ members = item['member']&.map { |individual| individual.split(',').first.split('=')[1] }
133
+ result_hash['members'] = members&.sort || []
141
134
  end
142
- return result_hash
135
+
136
+ result_hash
137
+ ensure
143
138
  get_ldap_response(ldap)
144
139
  end
145
140
 
146
- # ---------------------------------------------------------------------------
147
- # Get the groups a user is a member of
148
- def self.all_groups_for_user(uid = nil)
141
+ def self.all_groups_for_user(uid)
149
142
  ldap = ldap_connection
150
143
  result_array = []
151
- result_attrs = ["dn"]
144
+
145
+ result_attrs = ['dn']
146
+
152
147
  ldap.search(filter: "member=uid=#{uid},ou=People,dc=umich,dc=edu", attributes: result_attrs) do |item|
153
- item.each { |key, value| result_array << value.first.split("=")[1].split(",")[0] }
148
+ item.each { |key, value| result_array << value.first.split('=')[1].split(',')[0] }
154
149
  end
155
- return result_array.sort
150
+
151
+ result_array.sort
152
+ ensure
156
153
  get_ldap_response(ldap)
157
154
  end
158
- end
155
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldap_lookup
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.7
4
+ version: 0.1.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rick Smoke
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-04-11 00:00:00.000000000 Z
11
+ date: 2023-09-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 0.17.0
61
+ version: 0.18.0
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 0.17.0
68
+ version: 0.18.0
69
69
  description: This module is to be used for anonymous lookup of attributes in the MCommunity
70
70
  service provide at the University of Michigan. It can be easily modifed to use other
71
71
  LDAP server configurations.
@@ -76,8 +76,6 @@ extensions: []
76
76
  extra_rdoc_files: []
77
77
  files:
78
78
  - ".github/dependabot.yml"
79
- - ".github/workflows/codeql.yml"
80
- - ".github/workflows/gem-push.yml"
81
79
  - ".gitignore"
82
80
  - CODE_OF_CONDUCT.md
83
81
  - Gemfile
@@ -111,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
111
109
  - !ruby/object:Gem::Version
112
110
  version: '0'
113
111
  requirements: []
114
- rubygems_version: 3.2.22
112
+ rubygems_version: 3.4.16
115
113
  signing_key:
116
114
  specification_version: 4
117
115
  summary: For anonymous lookup of user LDAP attributes.
@@ -1,76 +0,0 @@
1
- # For most projects, this workflow file will not need changing; you simply need
2
- # to commit it to your repository.
3
- #
4
- # You may wish to alter this file to override the set of languages analyzed,
5
- # or to provide custom queries or build logic.
6
- #
7
- # ******** NOTE ********
8
- # We have attempted to detect the languages in your repository. Please check
9
- # the `language` matrix defined below to confirm you have the correct set of
10
- # supported CodeQL languages.
11
- #
12
- name: "CodeQL"
13
-
14
- on:
15
- push:
16
- branches: [ "master" ]
17
- pull_request:
18
- # The branches below must be a subset of the branches above
19
- branches: [ "master" ]
20
- schedule:
21
- - cron: '24 23 * * 2'
22
-
23
- jobs:
24
- analyze:
25
- name: Analyze
26
- runs-on: ubuntu-latest
27
- permissions:
28
- actions: read
29
- contents: read
30
- security-events: write
31
-
32
- strategy:
33
- fail-fast: false
34
- matrix:
35
- language: [ 'ruby' ]
36
- # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37
- # Use only 'java' to analyze code written in Java, Kotlin or both
38
- # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
39
- # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
40
-
41
- steps:
42
- - name: Checkout repository
43
- uses: actions/checkout@v3
44
-
45
- # Initializes the CodeQL tools for scanning.
46
- - name: Initialize CodeQL
47
- uses: github/codeql-action/init@v2
48
- with:
49
- languages: ${{ matrix.language }}
50
- # If you wish to specify custom queries, you can do so here or in a config file.
51
- # By default, queries listed here will override any specified in a config file.
52
- # Prefix the list here with "+" to use these queries and those in the config file.
53
-
54
- # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
55
- # queries: security-extended,security-and-quality
56
-
57
-
58
- # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
59
- # If this step fails, then you should remove it and run the build manually (see below)
60
- - name: Autobuild
61
- uses: github/codeql-action/autobuild@v2
62
-
63
- # ℹ️ Command-line programs to run using the OS shell.
64
- # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
65
-
66
- # If the Autobuild fails above, remove it and uncomment the following three lines.
67
- # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
68
-
69
- # - run: |
70
- # echo "Run, Build Application using script"
71
- # ./location_of_script_within_repo/buildscript.sh
72
-
73
- - name: Perform CodeQL Analysis
74
- uses: github/codeql-action/analyze@v2
75
- with:
76
- category: "/language:${{matrix.language}}"
@@ -1,45 +0,0 @@
1
- name: Ruby Gem
2
-
3
- on:
4
- push:
5
- branches: [ "master" ]
6
- pull_request:
7
- branches: [ "master" ]
8
-
9
- jobs:
10
- build:
11
- name: Build + Publish
12
- runs-on: ubuntu-latest
13
- permissions:
14
- contents: read
15
- packages: write
16
-
17
- steps:
18
- - uses: actions/checkout@v3
19
- - name: Set up Ruby 2.6
20
- uses: actions/setup-ruby@v1
21
- with:
22
- ruby-version: 2.6.x
23
-
24
- - name: Publish to GPR
25
- run: |
26
- mkdir -p $HOME/.gem
27
- touch $HOME/.gem/credentials
28
- chmod 0600 $HOME/.gem/credentials
29
- printf -- "---\n:github: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
30
- gem build *.gemspec
31
- gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} *.gem
32
- env:
33
- GEM_HOST_API_KEY: "Bearer ${{secrets.GITHUB_TOKEN}}"
34
- OWNER: ${{ github.repository_owner }}
35
-
36
- - name: Publish to RubyGems
37
- run: |
38
- mkdir -p $HOME/.gem
39
- touch $HOME/.gem/credentials
40
- chmod 0600 $HOME/.gem/credentials
41
- printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
42
- gem build *.gemspec
43
- gem push *.gem
44
- env:
45
- GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"