ldap_tools 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7b5fc90c2fafaac8d5d87fd389a8204af330c578
4
- data.tar.gz: 7eb5aeecdc894c8d4a4a5be52cb4b999f879a44c
3
+ metadata.gz: c66ce79c9e09afacf1af7b98f025e5cb352a6504
4
+ data.tar.gz: 4c9859ca50e52d1ebae2c6b277a8c233fdc44059
5
5
  SHA512:
6
- metadata.gz: 236c0a9bce5ab074ac60bd38f75484f799da72408d5d7022bf1ac41c08bfccd3c1eeb76d1a3b300705f7a5ef4d22e1db6e40215b3ac7a21baff1ae89845595df
7
- data.tar.gz: 8c75b66f44ad0519abc760399f994179027cd65e1009976610b79ecb375575c07da321b76ef6df0c376a04c41c9f06d500231cddad67a7ed7b06007bd52aaf31
6
+ metadata.gz: 54b284a95ea1803e305b91ff0a17ee7100eb98584e02e5c6d80e477b11b5f4e19643b96b44d8cacfced68db4ce3462cbf3c7c361686cf3860107f8b4a2031565
7
+ data.tar.gz: 4ad9fb8fc7dc8d736568e0d5425f18b99cb25dfbdcb9972ca5b6fff21f3dec2bea6d0912506aba08c2e25cf2e2718ec9c7eeafa690878c216325d58b218a97e5
data/bin/ldaptools CHANGED
@@ -1,6 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  require 'tapjoy/ldap'
3
3
 
4
+ # @TODO: Remove this in favor of newer methods
4
5
  def commands(synopsis, object, sub_commands)
5
6
  Trollop::options do
6
7
  usage "#{object} [SUB_COMMAND] [options]"
@@ -10,14 +11,17 @@ def commands(synopsis, object, sub_commands)
10
11
  end
11
12
 
12
13
  SUB_COMMANDS = %w(user group key audit)
13
- commands('Tool to manage LDAP resources', '', SUB_COMMANDS)
14
+ Trollop::options do
15
+ usage '[SUB_COMMAND] [options]'
16
+ synopsis "\nTool to manage LDAP resources.\nAvailable subcommands are: #{SUB_COMMANDS}"
17
+ version "#{File.basename($PROGRAM_NAME)} #{Tapjoy::LDAP::VERSION} \u00A9 2015 Tapjoy, Inc."
18
+ stop_on SUB_COMMANDS
19
+ end
14
20
 
15
21
  cmd = ARGV.shift # get the subcommand
16
22
  case cmd
17
23
  when "user" # run commands associated with user object
18
- USER_SUB_COMMANDS = %w(create delete)
19
- commands('This object is used for user management', cmd, USER_SUB_COMMANDS)
20
- Tapjoy::LDAP::User.new
24
+ Tapjoy::LDAP::User.commands
21
25
  when 'group'
22
26
  GROUP_SUB_COMMANDS = %w(create delete add_user)
23
27
  commands('This object is used for group management', cmd, GROUP_SUB_COMMANDS)
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
@@ -1,6 +1,28 @@
1
1
  module Tapjoy
2
2
  module LDAP
3
3
  class Group
4
+ class << self
5
+ # Lookup GID for the given group
6
+ def lookup_id(groupname)
7
+ gidnumber = []
8
+
9
+ oc_filter = Net::LDAP::Filter.eq('objectclass', 'posixGroup')
10
+ cn_filter = Net::LDAP::Filter.eq('cn', groupname)
11
+ filter = Net::LDAP::Filter.join(oc_filter, cn_filter)
12
+
13
+ results = Tapjoy::LDAP::client.search(['gidNumber'], filter)
14
+
15
+ # Make sure we return one, and only one group
16
+ if results.size < 1
17
+ abort('Group not found')
18
+ elsif results.size > 1
19
+ abort('Multiple groups found. Please narrow your search.')
20
+ end
21
+
22
+ results.each { |result| gidnumber = result.gidnumber }
23
+ return gidnumber[0]
24
+ end
25
+ end
4
26
 
5
27
  attr_reader :groupname, :servers, :conn
6
28
 
@@ -22,6 +44,7 @@ module Tapjoy
22
44
  end
23
45
 
24
46
  # Lookup GID for the given group
47
+ # @TODO: Remove this in favor of class method
25
48
  def lookup_id(groupname)
26
49
  gidnumber = []
27
50
 
File without changes
File without changes
File without changes
File without changes
@@ -0,0 +1,83 @@
1
+ require 'digest'
2
+ require 'securerandom'
3
+ module Tapjoy
4
+ module LDAP
5
+ module User
6
+ class Create
7
+ def opts
8
+ @opts ||= Trollop::options do
9
+ # Set help message
10
+ usage 'user create [options]'
11
+ synopsis "\nThis command is for creating new LDAP users"
12
+
13
+ # Username is two arguments
14
+ # Trollop will accept more, but we will only parse two later
15
+ # TODO: support given names that include a space
16
+ opt :user, "Specify user's first and last name", type: :strings, required: true
17
+
18
+ # Groupname is a single string, for primary group setting
19
+ opt :group, 'Specify name of primary group', type: :string, required: true
20
+ opt :type, 'Specfy if this is a user or service account', type: :string, default: 'user'
21
+ end
22
+ end
23
+
24
+ def uidnumber
25
+ @uidnumber ||= Tapjoy::LDAP::client.get_max_id('user', opts[:type])
26
+ end
27
+
28
+ def gidnumber
29
+ @gidnumber ||= Tapjoy::LDAP::Group.lookup_id(opts[:group])
30
+ end
31
+
32
+ def create
33
+ # Check for errors
34
+ Trollop::die :user, 'argument count must be two' if opts[:user].size != 2
35
+ Trollop::die :type, "argument must be 'user' or 'service'" unless ['user', 'service'].include?opts[:type]
36
+
37
+
38
+ case opts[:type]
39
+ when 'user'
40
+ ou = 'People'
41
+ when 'service'
42
+ ou = Tapjoy::LDAP::client.service_ou
43
+ else
44
+ puts 'Unknown type'
45
+ end
46
+
47
+ dn = "uid=#{ username },ou=#{ou},#{ Tapjoy::LDAP::client.basedn }"
48
+ puts Tapjoy::LDAP::client.add(dn, ldap_attr)
49
+ end
50
+
51
+ private
52
+ def create_password
53
+ # Super-Salt: bad for blood pressure, good for secure passwords
54
+ # We can get away with this, since we're not planning on using passwords
55
+ salt = SecureRandom.base64(32)
56
+ password = SecureRandom.base64(64)
57
+ password = Digest::SHA1.base64digest(password + salt)
58
+ end
59
+
60
+ def username
61
+ @username ||= opts[:user].join('.').downcase
62
+ end
63
+
64
+ def ldap_attr
65
+ @ldap_attr ||= {
66
+ :uid => username,
67
+ :cn => "#{opts[:user].join}",
68
+ :objectclass => ['top','posixAccount','shadowAccount','inetOrgPerson',
69
+ 'organizationalPerson','person', 'ldapPublicKey'],
70
+ :sn => opts[:user][1],
71
+ :givenname => opts[:user][0],
72
+ :homedirectory => "/home/#{ username }",
73
+ :loginshell => '/bin/bash',
74
+ :mail => "#{username}@tapjoy.com".downcase,
75
+ :uidnumber => uidnumber,
76
+ :gidnumber => gidnumber,
77
+ :userpassword => '{SSHA}' + create_password
78
+ }
79
+ end
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,34 @@
1
+ module Tapjoy
2
+ module LDAP
3
+ module User
4
+ class Delete
5
+ def opts
6
+ @opts ||= Trollop::options do
7
+ # Set help message
8
+ usage "user delete [options]"
9
+
10
+ opt(:user, 'Specify username', :type => :string, :required => true)
11
+ opt(:force, 'Force delete')
12
+ end
13
+ end
14
+
15
+ def delete
16
+ prompt = '>'
17
+ dn = "uid=#{ opts[:user] },ou=People,#{ Tapjoy::LDAP::client.basedn }"
18
+ unless opts[:force]
19
+ puts "Confirm that you want to delete user: #{ opts[:user] }"
20
+ print prompt
21
+ confirm = STDIN.gets.chomp().downcase
22
+ unless confirm.eql?('y') || confirm.eql?('yes')
23
+ abort("Deletion of #{ opts[:user] } aborted")
24
+ end
25
+ end
26
+
27
+ puts Tapjoy::LDAP::client.delete(dn)
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
33
+ # def delete
34
+ # options = {}
@@ -1,114 +1,64 @@
1
- require 'digest'
2
- require 'securerandom'
1
+ require_relative 'user/create'
2
+ require_relative 'user/delete'
3
3
 
4
4
  module Tapjoy
5
5
  module LDAP
6
- class User
6
+ module User
7
+ class << self
8
+ SUB_COMMANDS = %w(create delete)
7
9
 
8
- # Instantiate class
9
- def initialize
10
- command = ARGV.shift
10
+ def commands
11
+ Trollop::options do
12
+ usage 'user [SUB_COMMAND] [options]'
13
+ synopsis "\nThis object is used for user management\nAvailable subcommands are: #{SUB_COMMANDS}"
11
14
 
12
- case command
13
- when 'create', 'delete'
14
- send(command)
15
- else
16
- raise Tapjoy::LDAP::InvalidArgument
17
- end
18
- end
19
-
20
- private
21
- # Create user in LDAP
22
- def create
23
- opts = Trollop::options do
24
- # Set help message
25
- usage "user create [options]"
26
-
27
- # Username is two arguments
28
- # Trollop will accept more, but we will only parse two later
29
- # TODO: support given names that include a space
30
- opt(:user, "Specify user's first and last name",
31
- :type => :strings, :required => true)
32
-
33
- # Groupname is a single string, for primary group setting
34
- opt(:group, 'Specify name of primary group', :type => :string, :required => true)
35
-
36
- opt(:type, 'Specfy if this is a user or service account',
37
- :type => :string, :default => 'user')
38
- end
39
-
40
- Trollop::die :user, 'argument count must be two' if opts[:user].size != 2
41
- Trollop::die :type, "argument must be 'user' or 'service'" unless ['user', 'service'].include?opts[:type]
42
-
43
- fname, lname = opts[:user]
44
-
45
- # format username
46
- username = "#{fname}.#{lname}"
47
- username = username.downcase
48
- group = Tapjoy::LDAP::Group.new
15
+ stop_on SUB_COMMANDS
16
+ end
49
17
 
50
- uidnumber = Tapjoy::LDAP::client.get_max_id('user', opts[:type])
51
- gidnumber = group.lookup_id(opts[:group])
18
+ cmd = ARGV.shift
52
19
 
53
- case opts[:type]
54
- when 'user'
55
- ou = 'People'
56
- when 'service'
57
- ou = Tapjoy::LDAP::client.service_ou
58
- else
59
- puts 'Unknown type'
20
+ case cmd
21
+ when 'create', 'delete'
22
+ send(cmd) # call method with respective name
23
+ else
24
+ raise Tapjoy::LDAP::InvalidArgument
25
+ end
60
26
  end
61
27
 
62
- # Super-Salt: bad for blood pressure, good for secure passwords
63
- # We can get away with this, since we're not planning on using passwords
64
- salt = SecureRandom.base64(32)
65
- password = SecureRandom.base64(64)
66
- password = Digest::SHA1.base64digest(password + salt)
67
- dn = "uid=#{ username },ou=People,#{ Tapjoy::LDAP::client.basedn }"
68
- ldap_attr = {
69
- :uid => username,
70
- :cn => "#{ fname } #{ lname }",
71
- :objectclass => ['top','posixAccount','shadowAccount','inetOrgPerson',
72
- 'organizationalPerson','person', 'ldapPublicKey'],
73
- :sn => lname,
74
- :givenname => fname,
75
- :homedirectory => "/home/#{ username }",
76
- :loginshell => '/bin/bash',
77
- :mail => "#{fname}.#{lname}@tapjoy.com".downcase,
78
- :uidnumber => uidnumber,
79
- :gidnumber => gidnumber,
80
- :userpassword => '{SSHA}' + password
81
- }
82
- puts Tapjoy::LDAP::client.add(dn, ldap_attr)
83
-
84
- end
85
-
86
- # Delete user from LDAP
87
- def delete
88
- options = {}
89
- prompt = '>'
90
-
91
- opts = Trollop::options do
92
- # Set help message
93
- usage "user delete [options]"
94
-
95
- opt(:user, 'Specify username', :type => :string, :required => true)
96
- opt(:force, 'Force delete')
28
+ def create
29
+ user = Tapjoy::LDAP::User::Create.new
30
+ user.create
97
31
  end
98
32
 
99
- dn = "uid=#{ opts[:user] },ou=People,#{ Tapjoy::LDAP::client.basedn }"
100
- unless opts[:force]
101
- puts "Confirm that you want to delete user: #{ opts[:user] }"
102
- print prompt
103
- confirm = STDIN.gets.chomp().downcase
104
- unless confirm.eql?('y') || confirm.eql?('yes')
105
- abort("Deletion of #{ opts[:user] } aborted")
106
- end
33
+ def delete
34
+ user = Tapjoy::LDAP::User::Delete.new
35
+ user.delete
107
36
  end
108
-
109
- puts Tapjoy::LDAP::client.delete(dn)
110
37
  end
111
-
112
38
  end
113
39
  end
114
40
  end
41
+ #
42
+ # # Instantiate class
43
+ # def initialize
44
+ # command = ARGV.shift
45
+ #
46
+ # case command
47
+ # when 'create', 'delete'
48
+ # send(command)
49
+ # else
50
+ # raise Tapjoy::LDAP::InvalidArgument
51
+ # end
52
+ # end
53
+ #
54
+ # private
55
+ # # Create user in LDAP
56
+
57
+ #
58
+ # # Delete user from LDAP
59
+
60
+ # end
61
+ #
62
+ # end
63
+ # end
64
+ # end
@@ -2,7 +2,7 @@ module Tapjoy
2
2
  module LDAP
3
3
  module Version
4
4
  MAJOR = 0
5
- MINOR = 2
5
+ MINOR = 3
6
6
  PATCH = 0
7
7
  end
8
8
 
data/lib/tapjoy/ldap.rb CHANGED
@@ -6,6 +6,7 @@ require_relative 'ldap/group'
6
6
  require_relative 'ldap/key'
7
7
  require_relative 'ldap/user'
8
8
  require_relative 'ldap/audit'
9
+ require_relative 'ldap/version'
9
10
 
10
11
  module Tapjoy
11
12
  module LDAP
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ldap_tools
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ali Tayarani
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-03 00:00:00.000000000 Z
11
+ date: 2015-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: trollop
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0.11'
41
+ - !ruby/object:Gem::Dependency
42
+ name: highline
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.0'
41
55
  description: A set of tools to make managing LDAP users, groups, and keys easier
42
56
  email: ali.tayarani@tapjoy.com
43
57
  executables:
@@ -48,10 +62,22 @@ files:
48
62
  - bin/ldaptools
49
63
  - lib/tapjoy/ldap.rb
50
64
  - lib/tapjoy/ldap/audit.rb
65
+ - lib/tapjoy/ldap/audit/by_group.rb
66
+ - lib/tapjoy/ldap/audit/by_user.rb
67
+ - lib/tapjoy/ldap/audit/raw.rb
51
68
  - lib/tapjoy/ldap/base.rb
52
69
  - lib/tapjoy/ldap/group.rb
70
+ - lib/tapjoy/ldap/group/add_user.rb
71
+ - lib/tapjoy/ldap/group/create.rb
72
+ - lib/tapjoy/ldap/group/delete.rb
53
73
  - lib/tapjoy/ldap/key.rb
74
+ - lib/tapjoy/ldap/key/add.rb
75
+ - lib/tapjoy/ldap/key/list.rb
76
+ - lib/tapjoy/ldap/key/remove.rb
77
+ - lib/tapjoy/ldap/key/show.rb
54
78
  - lib/tapjoy/ldap/user.rb
79
+ - lib/tapjoy/ldap/user/create.rb
80
+ - lib/tapjoy/ldap/user/delete.rb
55
81
  - lib/tapjoy/ldap/version.rb
56
82
  homepage: https://github.com/Tapjoy/ldap_tools
57
83
  licenses: