ldap_tools 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7b5fc90c2fafaac8d5d87fd389a8204af330c578
-  data.tar.gz: 7eb5aeecdc894c8d4a4a5be52cb4b999f879a44c
+  metadata.gz: c66ce79c9e09afacf1af7b98f025e5cb352a6504
+  data.tar.gz: 4c9859ca50e52d1ebae2c6b277a8c233fdc44059
 SHA512:
-  metadata.gz: 236c0a9bce5ab074ac60bd38f75484f799da72408d5d7022bf1ac41c08bfccd3c1eeb76d1a3b300705f7a5ef4d22e1db6e40215b3ac7a21baff1ae89845595df
-  data.tar.gz: 8c75b66f44ad0519abc760399f994179027cd65e1009976610b79ecb375575c07da321b76ef6df0c376a04c41c9f06d500231cddad67a7ed7b06007bd52aaf31
+  metadata.gz: 54b284a95ea1803e305b91ff0a17ee7100eb98584e02e5c6d80e477b11b5f4e19643b96b44d8cacfced68db4ce3462cbf3c7c361686cf3860107f8b4a2031565
+  data.tar.gz: 4ad9fb8fc7dc8d736568e0d5425f18b99cb25dfbdcb9972ca5b6fff21f3dec2bea6d0912506aba08c2e25cf2e2718ec9c7eeafa690878c216325d58b218a97e5

data/bin/ldaptools

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 require 'tapjoy/ldap'
 
+# @TODO: Remove this in favor of newer methods
 def commands(synopsis, object, sub_commands)
   Trollop::options do
     usage "#{object} [SUB_COMMAND] [options]"
@@ -10,14 +11,17 @@ def commands(synopsis, object, sub_commands)
 end
 
 SUB_COMMANDS = %w(user group key audit)
-commands('Tool to manage LDAP resources', '', SUB_COMMANDS)
+Trollop::options do
+  usage '[SUB_COMMAND] [options]'
+  synopsis "\nTool to manage LDAP resources.\nAvailable subcommands are: #{SUB_COMMANDS}"
+  version "#{File.basename($PROGRAM_NAME)} #{Tapjoy::LDAP::VERSION} \u00A9 2015 Tapjoy, Inc."
+  stop_on SUB_COMMANDS
+end
 
 cmd = ARGV.shift # get the subcommand
 case cmd
 when "user"  # run commands associated with user object
-  USER_SUB_COMMANDS = %w(create delete)
-  commands('This object is used for user management', cmd, USER_SUB_COMMANDS)
-  Tapjoy::LDAP::User.new
+  Tapjoy::LDAP::User.commands
 when 'group'
   GROUP_SUB_COMMANDS = %w(create delete add_user)
   commands('This object is used for group management', cmd, GROUP_SUB_COMMANDS)

data/lib/tapjoy/ldap/group.rb

@@ -1,6 +1,28 @@
 module Tapjoy
   module LDAP
     class Group
+      class << self
+        # Lookup GID for the given group
+        def lookup_id(groupname)
+          gidnumber = []
+
+          oc_filter = Net::LDAP::Filter.eq('objectclass', 'posixGroup')
+          cn_filter = Net::LDAP::Filter.eq('cn', groupname)
+          filter    = Net::LDAP::Filter.join(oc_filter, cn_filter)
+
+          results = Tapjoy::LDAP::client.search(['gidNumber'], filter)
+
+          # Make sure we return one, and only one group
+          if results.size < 1
+            abort('Group not found')
+          elsif results.size > 1
+            abort('Multiple groups found. Please narrow your search.')
+          end
+
+          results.each { |result| gidnumber = result.gidnumber }
+          return gidnumber[0]
+        end
+      end
 
       attr_reader :groupname, :servers, :conn
 
@@ -22,6 +44,7 @@ module Tapjoy
       end
 
       # Lookup GID for the given group
+      # @TODO: Remove this in favor of class method
       def lookup_id(groupname)
         gidnumber = []
 

data/lib/tapjoy/ldap/user/create.rb

@@ -0,0 +1,83 @@
+require 'digest'
+require 'securerandom'
+module Tapjoy
+  module LDAP
+    module User
+      class Create
+        def opts
+          @opts ||= Trollop::options do
+            # Set help message
+            usage 'user create [options]'
+            synopsis "\nThis command is for creating new LDAP users"
+
+            # Username is two arguments
+            # Trollop will accept more, but we will only parse two later
+            # TODO: support given names that include a space
+            opt :user, "Specify user's first and last name", type: :strings, required: true
+
+            # Groupname is a single string, for primary group setting
+            opt :group, 'Specify name of primary group', type: :string, required: true
+            opt :type, 'Specfy if this is a user or service account', type: :string, default: 'user'
+          end
+        end
+
+        def uidnumber
+          @uidnumber ||= Tapjoy::LDAP::client.get_max_id('user', opts[:type])
+        end
+
+        def gidnumber
+          @gidnumber ||= Tapjoy::LDAP::Group.lookup_id(opts[:group])
+        end
+        
+        def create
+          # Check for errors
+          Trollop::die :user, 'argument count must be two' if opts[:user].size != 2
+          Trollop::die :type, "argument must be 'user' or 'service'" unless ['user', 'service'].include?opts[:type]
+
+
+          case opts[:type]
+          when 'user'
+            ou = 'People'
+          when 'service'
+            ou = Tapjoy::LDAP::client.service_ou
+          else
+            puts 'Unknown type'
+          end
+
+          dn = "uid=#{ username },ou=#{ou},#{ Tapjoy::LDAP::client.basedn }"
+          puts Tapjoy::LDAP::client.add(dn, ldap_attr)
+        end
+
+        private
+        def create_password
+          # Super-Salt: bad for blood pressure, good for secure passwords
+          # We can get away with this, since we're not planning on using passwords
+          salt = SecureRandom.base64(32)
+          password = SecureRandom.base64(64)
+          password = Digest::SHA1.base64digest(password + salt)
+        end
+
+        def username
+          @username ||= opts[:user].join('.').downcase
+        end
+
+        def ldap_attr
+          @ldap_attr ||= {
+            :uid           => username,
+            :cn            => "#{opts[:user].join}",
+            :objectclass   => ['top','posixAccount','shadowAccount','inetOrgPerson',
+                               'organizationalPerson','person', 'ldapPublicKey'],
+            :sn            => opts[:user][1],
+            :givenname     => opts[:user][0],
+            :homedirectory => "/home/#{ username }",
+            :loginshell    => '/bin/bash',
+            :mail          => "#{username}@tapjoy.com".downcase,
+            :uidnumber     => uidnumber,
+            :gidnumber     => gidnumber,
+            :userpassword  => '{SSHA}' + create_password
+          }
+        end
+      end
+    end
+  end
+end

data/lib/tapjoy/ldap/user/delete.rb

@@ -0,0 +1,34 @@
+module Tapjoy
+  module LDAP
+    module User
+      class Delete
+        def opts
+          @opts ||= Trollop::options do
+            # Set help message
+            usage "user delete [options]"
+
+            opt(:user, 'Specify username', :type => :string, :required => true)
+            opt(:force, 'Force delete')
+          end
+        end
+
+        def delete
+          prompt = '>'
+          dn = "uid=#{ opts[:user] },ou=People,#{ Tapjoy::LDAP::client.basedn }"
+          unless opts[:force]
+            puts "Confirm that you want to delete user: #{ opts[:user] }"
+            print prompt
+            confirm = STDIN.gets.chomp().downcase
+            unless confirm.eql?('y') || confirm.eql?('yes')
+              abort("Deletion of #{ opts[:user] } aborted")
+            end
+          end
+
+          puts Tapjoy::LDAP::client.delete(dn)
+        end
+      end
+    end
+  end
+end
+#       def delete
+#         options = {}

data/lib/tapjoy/ldap/user.rb

@@ -1,114 +1,64 @@
-require 'digest'
-require 'securerandom'
+require_relative 'user/create'
+require_relative 'user/delete'
 
 module Tapjoy
   module LDAP
-    class User
+    module User
+      class << self
+        SUB_COMMANDS = %w(create delete)
 
-      # Instantiate class
-      def initialize
-        command = ARGV.shift
+        def commands
+          Trollop::options do
+            usage 'user [SUB_COMMAND] [options]'
+            synopsis "\nThis object is used for user management\nAvailable subcommands are: #{SUB_COMMANDS}"
 
-        case command
-        when 'create', 'delete'
-          send(command)
-        else
-          raise Tapjoy::LDAP::InvalidArgument
-        end
-      end
-
-      private
-      # Create user in LDAP
-      def create
-        opts = Trollop::options do
-          # Set help message
-          usage "user create [options]"
-
-          # Username is two arguments
-          # Trollop will accept more, but we will only parse two later
-          # TODO: support given names that include a space
-          opt(:user, "Specify user's first and last name",
-              :type => :strings, :required => true)
-
-          # Groupname is a single string, for primary group setting
-          opt(:group, 'Specify name of primary group', :type => :string, :required => true)
-
-          opt(:type, 'Specfy if this is a user or service account',
-              :type => :string, :default => 'user')
-        end
-
-        Trollop::die :user, 'argument count must be two' if opts[:user].size != 2
-        Trollop::die :type, "argument must be 'user' or 'service'" unless ['user', 'service'].include?opts[:type]
-
-        fname, lname = opts[:user]
-
-        # format username
-        username = "#{fname}.#{lname}"
-        username = username.downcase
-        group = Tapjoy::LDAP::Group.new
+            stop_on SUB_COMMANDS
+          end
 
-        uidnumber = Tapjoy::LDAP::client.get_max_id('user', opts[:type])
-        gidnumber = group.lookup_id(opts[:group])
+          cmd = ARGV.shift
 
-        case opts[:type]
-        when 'user'
-          ou = 'People'
-        when 'service'
-          ou = Tapjoy::LDAP::client.service_ou
-        else
-          puts 'Unknown type'
+          case cmd
+          when 'create', 'delete'
+            send(cmd) # call method with respective name
+          else
+            raise Tapjoy::LDAP::InvalidArgument
+          end
         end
 
-        # Super-Salt: bad for blood pressure, good for secure passwords
-        # We can get away with this, since we're not planning on using passwords
-        salt = SecureRandom.base64(32)
-        password = SecureRandom.base64(64)
-        password = Digest::SHA1.base64digest(password + salt)
-        dn = "uid=#{ username },ou=People,#{ Tapjoy::LDAP::client.basedn }"
-        ldap_attr = {
-          :uid           => username,
-          :cn            => "#{ fname } #{ lname }",
-          :objectclass   => ['top','posixAccount','shadowAccount','inetOrgPerson',
-                             'organizationalPerson','person', 'ldapPublicKey'],
-          :sn            => lname,
-          :givenname     => fname,
-          :homedirectory => "/home/#{ username }",
-          :loginshell    => '/bin/bash',
-          :mail          => "#{fname}.#{lname}@tapjoy.com".downcase,
-          :uidnumber     => uidnumber,
-          :gidnumber     => gidnumber,
-          :userpassword  => '{SSHA}' + password
-        }
-        puts Tapjoy::LDAP::client.add(dn, ldap_attr)
-
-      end
-
-      # Delete user from LDAP
-      def delete
-        options = {}
-        prompt = '>'
-
-        opts = Trollop::options do
-          # Set help message
-          usage "user delete [options]"
-
-          opt(:user, 'Specify username', :type => :string, :required => true)
-          opt(:force, 'Force delete')
+        def create
+          user = Tapjoy::LDAP::User::Create.new
+          user.create
         end
 
-        dn = "uid=#{ opts[:user] },ou=People,#{ Tapjoy::LDAP::client.basedn }"
-        unless opts[:force]
-          puts "Confirm that you want to delete user: #{ opts[:user] }"
-          print prompt
-          confirm = STDIN.gets.chomp().downcase
-          unless confirm.eql?('y') || confirm.eql?('yes')
-            abort("Deletion of #{ opts[:user] } aborted")
-          end
+        def delete
+          user = Tapjoy::LDAP::User::Delete.new
+          user.delete
         end
-
-        puts Tapjoy::LDAP::client.delete(dn)
       end
-
     end
   end
 end
+#
+#       # Instantiate class
+#       def initialize
+#         command = ARGV.shift
+#
+#         case command
+#         when 'create', 'delete'
+#           send(command)
+#         else
+#           raise Tapjoy::LDAP::InvalidArgument
+#         end
+#       end
+#
+#       private
+#       # Create user in LDAP
+
+#
+#       # Delete user from LDAP
+
+#       end
+#
+#     end
+#   end
+# end

data/lib/tapjoy/ldap/version.rb

@@ -2,7 +2,7 @@ module Tapjoy
   module LDAP
     module Version
       MAJOR = 0
-      MINOR = 2
+      MINOR = 3
       PATCH = 0
     end
 

data/lib/tapjoy/ldap.rb

@@ -6,6 +6,7 @@ require_relative 'ldap/group'
 require_relative 'ldap/key'
 require_relative 'ldap/user'
 require_relative 'ldap/audit'
+require_relative 'ldap/version'
 
 module Tapjoy
   module LDAP

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ldap_tools
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Ali Tayarani
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-03 00:00:00.000000000 Z
+date: 2015-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: trollop
@@ -38,6 +38,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: '0.11'
+- !ruby/object:Gem::Dependency
+  name: highline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 description: A set of tools to make managing LDAP users, groups, and keys easier
 email: ali.tayarani@tapjoy.com
 executables:
@@ -48,10 +62,22 @@ files:
 - bin/ldaptools
 - lib/tapjoy/ldap.rb
 - lib/tapjoy/ldap/audit.rb
+- lib/tapjoy/ldap/audit/by_group.rb
+- lib/tapjoy/ldap/audit/by_user.rb
+- lib/tapjoy/ldap/audit/raw.rb
 - lib/tapjoy/ldap/base.rb
 - lib/tapjoy/ldap/group.rb
+- lib/tapjoy/ldap/group/add_user.rb
+- lib/tapjoy/ldap/group/create.rb
+- lib/tapjoy/ldap/group/delete.rb
 - lib/tapjoy/ldap/key.rb
+- lib/tapjoy/ldap/key/add.rb
+- lib/tapjoy/ldap/key/list.rb
+- lib/tapjoy/ldap/key/remove.rb
+- lib/tapjoy/ldap/key/show.rb
 - lib/tapjoy/ldap/user.rb
+- lib/tapjoy/ldap/user/create.rb
+- lib/tapjoy/ldap/user/delete.rb
 - lib/tapjoy/ldap/version.rb
 homepage: https://github.com/Tapjoy/ldap_tools
 licenses: