ldap_query 0.0.1

data/lib/ldap_query/ldap_query.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+# Used to initialize and container the LdapQuery modules
+module LdapQuery
+  attr_accessor :ldap, :config
+
+  EMPTY_ARRAY = [].freeze
+  EMPTY_HASH = {}.freeze
+
+  @config = {}
+
+  # Reconfigure the LdapQuery credential configuration
+  #
+  # @param config_hash [Hash]
+  # @return [Class <LdapQuery::Config>]
+  def self.configure(config_hash = {})
+    raise(ConfigError, 'a valid configuration hash must be passed.') unless config_hash.is_a?(Hash)
+
+    # if new a new config_hash hash been passed, create a new Config instance
+    @config = LdapQuery::Config.new(config_hash) unless config_hash.empty?
+    @config
+  end
+end

data/lib/ldap_query/query.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+require 'net-ldap'
+
+module LdapQuery
+  # Used to build LDAP filters and query the host based on the configuration passed
+  class Query
+    REQUIRED_QUERY_ATTRS = %i[attr val].freeze
+    FILTER_METHODS = %i[cn displayname memberof object_class mail samaccountname person].freeze
+
+    # Establish LDAP connection, apply filters, and return results
+    #
+    # @param credentials [Hash]
+    # @opts attr [String] The attribute field in ldap that you want to query again
+    # @opts val [String] the value you want to query ldap with
+    # @opts limit [Integer] the number of entries to limit the query to
+    # @opts wildcard [Boolean] used to determine if the filter should be wildcard match
+    def self.perform(credentials, attr: nil, val: nil, limit: 20, wildcard: false)
+      raise(AttributeError, 'a valid attribute name and value are required in order to make an ldap query.') if attr.nil? || val.nil?
+
+      config = LdapQuery::Config.new(credentials)
+      filter = attach_filter({ attr: attr, val: val }, wildcard: wildcard)
+      ldap = ldap_connection(config.hash)
+      entries = ldap.search(filter: filter, size: ensure_limit_set(limit))
+      entries.nil? ? EMPTY_ARRAY : sort_by_displayname(entries)
+    end
+
+    # Used to associate and LDAP filter to the connection based on the attr and value supplied
+    #
+    # @param query [Hash<{attr: attr, val: :val}]
+    # @attr wildcard [Boolean] used to determine if the filter should be wildcard match
+    def self.attach_filter(query, wildcard: false)
+      if FILTER_METHODS.include?(query[:attr].to_sym)
+        # Add the filter for the specific
+        LdapQuery::Filter.public_send(query[:attr], query[:val], wildcard: wildcard)
+      else
+        LdapQuery::Filter.other(query[:attr], query[:val], wildcard: wildcard)
+      end
+    end
+
+    # Establish an ldap connection with the supplied credentials
+    #
+    # @param credemntials [Hash]
+    # @return [Net::LDAP]
+    def self.ldap_connection(credentials)
+      LdapQuery::Connection.new(credentials).link
+    end
+
+    ########################################
+    # Sorters
+    ########################################
+    # Sort results by their displayanmes
+    # @param [Hash,Struct, Interface<Net::Ldap>]
+    # @return [Hash]
+    def self.sort_by_displayname(entries = [])
+      return EMPTY_ARRAY if entries.blank?
+
+      # the begin/rescue is in place because some service accounts are missing the displayname and causes issues when sorting
+      # => if they are missing this attribute they should be sorted last ie: the 'zzzzzzzzzzzz' value
+      entries.sort_by do |entry|
+        entry.respond_to?(:displayname) ? entry&.displayname.first.downcase : 'zzzzzzzzzzz'
+      end
+    end
+
+    def self.ensure_limit_set(limit = 20)
+      return limit if limit.is_a?(Integer) && limit.positive?
+
+      20
+    end
+  end
+end

data/lib/ldap_query/rails_credentials.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module LdapQuery
+  # If used with a rails application, this allows the the script to pull ldap credentials from Rails.application.credentials
+  class RailsCredentials
+    attr_accessor :credentials
+
+    # Used to grab the applications encrypted credentials with the ldap key
+    #
+    # @return [Hash]
+    def self.credentials
+      return EMPTY_HASH unless rails?
+
+      @_credentials ||= Rails.application.credentials[:ldap]
+    rescue
+      # In case an older rails application is used were `Rails.application.credentials` isn't defined
+      raise(CredentialsError, 'Rails.application.credentials could not be found')
+    end
+
+    # Used to verify `Rails.application` exists within the codebase
+    #
+    # @return [Boolean]
+    def self.rails?
+      (defined?(Rails) && Rails.respond_to?(:application))
+    end
+  end
+end

data/lib/ldap_query/railtie.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module LdapQuery
+  # Inject the specified helpers into the rails application helpers and controllers for ease of use
+  class Railtie < Rails::Railtie
+    initializer 'ldap.configure_rails_initialization' do |app|
+      app.config.to_prepare do
+        # Allow the LDAP gem to be acessible by default from helpers, controllers, and models
+
+        # Add the LdapQuery helpers to the rails applications controllers
+        if defined?(ApplicationController)
+          ApplicationController.include(LdapQuery::LdapHelper)
+        elsif defined?(ActionController::Base)
+          ActionController::Base.include(LdapQuery::LdapHelper)
+        end
+        # Add the LdapQuery helpers to the rails applications helpers
+        ApplicationHelper.include(LdapQuery::LdapHelper) if defined?(ApplicationHelper)
+
+        # Allow the LdapQuery helpers to be used in ActiveRecord/Models
+        if defined?(ApplicationRecord)
+          ApplicationRecord.include(LdapQuery::LdapHelper)
+        elsif defined?(ActiveRecord::Base)
+          ActiveRecord::Base.include(LdapQuery::LdapHelper)
+        end
+      end
+    end
+  end
+end

data/lib/ldap_query/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module LdapQuery
+  VERSION = '0.0.1'
+end

data/spec/ldap_lookup/authenticate_spec.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::Authenticate do
+  describe '' do
+    it { expect { described_class.new({}) }.to raise_error(LdapQuery::ConnectionError) }
+  end
+end

data/spec/ldap_lookup/config_spec.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::Config do
+
+  describe 'without valid hash' do
+    it { expect { described_class.new }.to raise_error(ArgumentError) }
+    it { expect { described_class.new({}) }.to raise_error(ArgumentError) }
+    it { expect { described_class.new(123) }.to raise_error(ArgumentError) }
+  end
+
+  describe 'should convert specific keys/values to symbols' do
+    subject(:config) { config = described_class.new({ david: 'friends', 'base' => '123', username: 'foo', password: 'bar', method: 'simple', host: 'company.tld' }) }
+
+    it { expect(config.method).to eq(:simple) }
+  end
+
+  describe 'required keys missing' do
+    it 'should raise with ' do
+      expect { described_class.new({ port: 123, david: 'friends' }) }.to raise_error(LdapQuery::ConfigError, 'required config values ([:base, :username, :password, :host, :port]) can not be nil')
+    end
+  end
+end

data/spec/ldap_lookup/connection_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::Connection do
+  describe 'without credentials' do
+    it { expect { described_class.new({}) }.to raise_error(LdapQuery::CredentialsError) }
+    it { expect { described_class.new({ username: 'foobar', password: 'password' })}.to raise_error(LdapQuery::CredentialsError) }
+  end
+
+  describe 'valid connection' do
+    let(:ldap_conn) { described_class.new({ port: 369, base: 'dc=company,dc=tld', host: 'company.tld', auth: { username: 'foobar', password: 'password' } }) }
+    it { expect(ldap_conn.link.class.name).to eq('Net::LDAP')}
+  end
+end

data/spec/ldap_lookup/filter_spec.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::Filter do
+  describe 'should return filter string' do
+    it { expect(described_class.cn('fooBar').to_s).to eq('(cn=fooBar)') }
+    it { expect(described_class.person('fooBar').to_s).to eq('(&(cn=fooBar)(objectClass=person))') }
+    it { expect{ described_class.person }.to raise_error(ArgumentError) }
+
+    it { expect(described_class.other('someAttr', 'fooBar').to_s).to eq('(someAttr=fooBar)')}
+  end
+
+
+  describe 'clean_str' do
+    it { expect(described_class.cn('    bob jones').to_s).to eq('(cn=bob jones)') }
+    it { expect(described_class.cn('    bob jones', wildcard: true).to_s).to eq('(cn=*bob*jones*)') }
+
+    # using custome attr && value
+    it { expect(described_class.other(:attr, 'misc').to_s).to eq('(attr=misc)') }
+    it { expect(described_class.other(:attr, 'misc', wildcard: true).to_s).to eq('(attr=*misc*)') }
+  end
+end

data/spec/ldap_lookup/query_spec.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::Query do
+  describe 'attaching a filter' do
+    it { expect(described_class.attach_filter({ attr: 'cn', val: 'bob' }).to_s).to eq('(cn=bob)') }
+    it { expect(described_class.attach_filter({ attr: 'stevey', val: 'bob' }).to_s).to eq('(stevey=bob)') }
+  end
+
+  describe 'ensure_limit_set' do
+    it { expect(described_class.ensure_limit_set).to eq(20) }
+    it { expect(described_class.ensure_limit_set(-10)).to eq(20) }
+    it { expect(described_class.ensure_limit_set(0)).to eq(20) }
+    it { expect(described_class.ensure_limit_set(2)).to eq(2) }
+    it { expect(described_class.ensure_limit_set('a')).to eq(20) }
+  end
+end

data/spec/ldap_lookup/rails_credentials_spec.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe LdapQuery::RailsCredentials do
+  describe 'without rails' do
+    it { expect(described_class.credentials).to eq({}) }
+    it { expect(described_class.rails?).to be_falsey }
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+Dir[File.expand_path(File.join(File.dirname(__FILE__), 'support', '**', '*.rb'))].each { |f| require f }
+
+require 'ldap_query'
+
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause
+# this file to always be loaded, without a need to explicitly require it in any
+# files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, consider making
+# a separate helper file that requires the additional dependencies and performs
+# the additional setup, and require it from the spec files that actually need
+# it.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    #     be_bigger_than(2).and_smaller_than(4).description
+    #     # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #     # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+
+  # This option will default to `:apply_to_host_groups` in RSpec 4 (and will
+  # have no way to turn it off -- the option exists only for backwards
+  # compatibility in RSpec 3). It causes shared context metadata to be
+  # inherited by the metadata hash of host groups and examples, rather than
+  # triggering implicit auto-inclusion in groups with matching metadata.
+  config.shared_context_metadata_behavior = :apply_to_host_groups
+
+# The settings below are suggested to provide a good initial experience
+# with RSpec, but feel free to customize to your heart's content.
+=begin
+  # This allows you to limit a spec run to individual examples or groups
+  # you care about by tagging them with `:focus` metadata. When nothing
+  # is tagged with `:focus`, all examples get run. RSpec also provides
+  # aliases for `it`, `describe`, and `context` that include `:focus`
+  # metadata: `fit`, `fdescribe` and `fcontext`, respectively.
+  config.filter_run_when_matching :focus
+
+  # Allows RSpec to persist some state between runs in order to support
+  # the `--only-failures` and `--next-failure` CLI options. We recommend
+  # you configure your source control system to ignore this file.
+  config.example_status_persistence_file_path = "spec/examples.txt"
+
+  # Limits the available syntax to the non-monkey patched syntax that is
+  # recommended. For more details, see:
+  #   - http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/
+  #   - http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+  #   - http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/#zero-monkey-patching-mode
+  config.disable_monkey_patching!
+
+  # This setting enables warnings. It's recommended, but in some cases may
+  # be too noisy due to issues in dependencies.
+  config.warnings = true
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = "doc"
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+=end
+end

data/spec/support/simplecov.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'simplecov'
+
+SimpleCov.start if defined?(SimpleCov)

metadata

@@ -0,0 +1,158 @@
+--- !ruby/object:Gem::Specification
+name: ldap_query
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Brandon Hicks
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2021-03-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: net-ldap
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.17'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.17'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '13'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+description: Easily generate LDAP connections and queries without having to learn
+  how to build an LDAP connection with ruby.
+email:
+- tarellel@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".fasterer"
+- ".gitignore"
+- ".rubocop.yml"
+- ".simplecov"
+- ".yardopts"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- Guardfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- ldap_query.gemspec
+- lib/ldap_query.rb
+- lib/ldap_query/authenticate.rb
+- lib/ldap_query/config.rb
+- lib/ldap_query/connection.rb
+- lib/ldap_query/error.rb
+- lib/ldap_query/filter.rb
+- lib/ldap_query/ldap_helper.rb
+- lib/ldap_query/ldap_query.rb
+- lib/ldap_query/query.rb
+- lib/ldap_query/rails_credentials.rb
+- lib/ldap_query/railtie.rb
+- lib/ldap_query/version.rb
+- spec/ldap_lookup/authenticate_spec.rb
+- spec/ldap_lookup/config_spec.rb
+- spec/ldap_lookup/connection_spec.rb
+- spec/ldap_lookup/filter_spec.rb
+- spec/ldap_lookup/query_spec.rb
+- spec/ldap_lookup/rails_credentials_spec.rb
+- spec/spec_helper.rb
+- spec/support/simplecov.rb
+homepage: https://github.com/tarellel/ldap_query
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/tarellel/ldap_query
+  source_code_uri: https://github.com/tarellel/ldap_query
+  changelog_uri: https://github.com/tarellel/ldap_query/blob/master/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.4.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.11
+signing_key:
+specification_version: 4
+summary: To easily connect and query ldap
+test_files: []