powerhome-activeldap 3.2.3

data/lib/active_ldap/associations.rb

@@ -0,0 +1,205 @@
+require 'active_ldap/association/belongs_to'
+require 'active_ldap/association/belongs_to_many'
+require 'active_ldap/association/has_many'
+require 'active_ldap/association/has_many_wrap'
+
+module ActiveLdap
+  # Associations
+  #
+  # Associations provides the class methods needed for
+  # the extension classes to create methods using
+  # belongs_to and has_many
+  module Associations
+    def self.append_features(base)
+      super
+      base.extend(ClassMethods)
+      base.class_attribute(:associations)
+      base.associations ||= []
+    end
+
+    module ClassMethods
+      def set_associated_class(name, klass)
+        @associated_classes ||= {}
+        @associated_classes[name.to_s] = klass
+      end
+
+      def associated_class(name)
+        @associated_classes[name.to_s]
+      end
+
+      # belongs_to
+      #
+      # This defines a method for an extension class map its DN key
+      # attribute value on to multiple items which reference it by
+      # |:foreign_key| in the other LDAP entry covered by class
+      # |:class_name|.
+      #
+      # Example:
+      #  belongs_to :groups, :class_name => "Group",
+      #             :many => "memberUid" # Group#memberUid
+      #             # :primary_key => "uid" # User#uid
+      #             ## deprecated since 1.1.0. Use :primary_key instead.
+      #             ## :foreign_key => "uid" # User#uid
+      #             # dn attribute value is used by default
+      #  belongs_to :primary_group, :class_name => "Group",
+      #             :foreign_key => "gidNumber", # User#gidNumber
+      #             :primary_key => "gidNumber"  # Group#gidNumber
+      #
+      def belongs_to(association_id, options={})
+        validate_belongs_to_options(options)
+        klass = options[:class]
+        klass ||= (options[:class_name] || association_id.to_s).classify
+        foreign_key = options[:foreign_key]
+        primary_key = options[:primary_key]
+        many = options[:many]
+        set_associated_class(association_id, klass)
+
+        opts = {
+          :association_id => association_id,
+          :foreign_key_name => foreign_key,
+          :primary_key_name => primary_key,
+          :many => many,
+          :extend => options[:extend],
+        }
+        if opts[:many]
+          association_class = Association::BelongsToMany
+          foreign_key_name = opts[:foreign_key_name]
+          if foreign_key_name
+            message = _(":foreign_key belongs_to(:many) option is " \
+                        "deprecated since 1.1.0. Use :primary_key instead.")
+            ActiveSupport::Deprecation.warn(message)
+            opts[:primary_key_name] ||= foreign_key_name
+          end
+          opts[:primary_key_name] ||= dn_attribute
+        else
+          association_class = Association::BelongsTo
+          opts[:foreign_key_name] ||= "#{association_id}_id"
+
+          before_save(<<-EOC)
+            if defined?(@#{association_id})
+              association = @#{association_id}
+              if association and association.updated?
+                self[association.__send__(:primary_key)] =
+                  association[#{opts[:foreign_key_name].dump}]
+              end
+            end
+          EOC
+        end
+
+        association_accessor(association_id) do |target|
+          association_class.new(target, opts)
+        end
+      end
+
+
+      # has_many
+      #
+      # This defines a method for an extension class expand an 
+      # existing multi-element attribute into ActiveLdap objects.
+      # This discards any calls which result in entries that
+      # don't exist in LDAP!
+      #
+      # Example:
+      #   has_many :primary_members, :class_name => "User",
+      #            :primary_key => "gidNumber", # Group#gidNumber
+      #            :foreign_key => "gidNumber"  # User#gidNumber
+      #            ## deprecated since 1.1.0. Those options
+      #            ## are inverted.
+      #            # :primary_key => "gidNumber", # User#gidNumber
+      #            # :foreign_key => "gidNumber"  # Group#gidNumber
+      #   has_many :members, :class_name => "User",
+      #            :wrap => "memberUid" # Group#memberUid
+      def has_many(association_id, options = {})
+        validate_has_many_options(options)
+        klass = options[:class]
+        klass ||= (options[:class_name] || association_id.to_s).classify
+        foreign_key = options[:foreign_key]
+        primary_key = options[:primary_key]
+        set_associated_class(association_id, klass)
+
+        opts = {
+          :association_id => association_id,
+          :foreign_key_name => foreign_key,
+          :primary_key_name => primary_key,
+          :wrap => options[:wrap],
+          :extend => options[:extend],
+        }
+        if opts[:wrap]
+          association_class = Association::HasManyWrap
+        else
+          association_class = Association::HasMany
+          primary_key_name = opts[:primary_key_name]
+          foreign_key_name = opts[:foreign_key_name]
+          if primary_key_name != foreign_key_name and
+              primary_key_name != "dn" and
+              !new.have_attribute?(primary_key_name)
+            message = _(":primary_key and :foreign_key has_many options are " \
+                        "inverted their mean since 1.1.0. Please invert them.")
+            ActiveSupport::Deprecation.warn(message)
+            opts[:foreign_key_name] = primary_key_name
+            opts[:primary_key_name] = foreign_key_name
+          end
+        end
+
+        association_accessor(association_id) do |target|
+          association_class.new(target, opts)
+        end
+      end
+
+      private
+      def association_accessor(name, &make_association)
+        define_method("__make_#{name}") do
+          make_association.call(self)
+        end
+        associations << name
+        association_reader(name, &make_association)
+        association_writer(name, &make_association)
+      end
+
+      def association_reader(name, &make_association)
+        class_eval(<<-EOM, __FILE__, __LINE__ + 1)
+          def #{name}
+            @#{name} ||= __make_#{name}
+          end
+        EOM
+      end
+
+      def association_writer(name, &make_association)
+        class_eval(<<-EOM, __FILE__, __LINE__ + 1)
+          def #{name}=(new_value)
+            association = defined?(@#{name}) ? @#{name} : nil
+            association ||= __make_#{name}
+            association.replace(new_value)
+            @#{name} = new_value.nil? ? nil : association
+            @#{name}
+          end
+        EOM
+      end
+
+      VALID_BELONGS_TO_OPTIONS = [:class, :class_name,
+                                  :foreign_key, :primary_key, :many,
+                                  :extend]
+      def validate_belongs_to_options(options)
+        options.assert_valid_keys(VALID_BELONGS_TO_OPTIONS)
+      end
+
+      VALID_HAS_MANY_OPTIONS = [:class, :class_name,
+                                :foreign_key, :primary_key, :wrap,
+                                :extend]
+      def validate_has_many_options(options)
+        options.assert_valid_keys(VALID_HAS_MANY_OPTIONS)
+      end
+    end
+
+    def clear_association_cache
+      return if new_record?
+      (self.class.associations || []).each do |association|
+        instance_variable_set("@#{association}", nil)
+      end
+    end
+  end
+
+  module Association
+    autoload :Children, 'active_ldap/association/children'
+  end
+end

data/lib/active_ldap/attribute_methods.rb

@@ -0,0 +1,23 @@
+module ActiveLdap
+  module AttributeMethods
+    extend ActiveSupport::Concern
+    include ActiveModel::AttributeMethods
+
+    def methods(singleton_methods = true)
+      target_names = entry_attribute.all_names
+      target_names -= ['objectClass', 'objectClass'.underscore]
+      super + target_names.uniq.collect do |attr|
+        self.class.attribute_method_matchers.collect do |matcher|
+          :"#{matcher.prefix}#{attr}#{matcher.suffix}"
+        end
+      end.flatten
+    end
+
+    protected
+
+    # overiding ActiveModel::AttributeMethods
+    def attribute_method?(method_name)
+      have_attribute?(method_name, ['objectClass'])
+    end
+  end
+end

data/lib/active_ldap/attribute_methods/before_type_cast.rb

@@ -0,0 +1,24 @@
+module ActiveLdap
+  module AttributeMethods
+    module BeforeTypeCast
+      extend ActiveSupport::Concern
+
+      included do
+        attribute_method_suffix '_before_type_cast'
+      end
+
+    protected
+      def attribute_before_type_cast(attr)
+        get_attribute_before_type_cast(attr)[1]
+      end
+
+      def get_attribute_before_type_cast(name, force_array=false)
+        name = to_real_attribute_name(name)
+
+        value = @data[name]
+        value = [] if value.nil?
+        [name, array_of(value, force_array)]
+      end
+    end
+  end
+end

data/lib/active_ldap/attribute_methods/dirty.rb

@@ -0,0 +1,43 @@
+#
+module ActiveLdap
+  module AttributeMethods
+    module Dirty
+      extend ActiveSupport::Concern
+      include ActiveModel::Dirty
+
+      # Attempts to +save+ the record and clears changed attributes if successful.
+      def save(*) #:nodoc:
+        succeeded = super
+        if succeeded
+          @previously_changed = changes
+          @changed_attributes.clear
+        end
+        succeeded
+      end
+
+      # Attempts to <tt>save!</tt> the record and clears changed attributes if successful.
+      def save!(*) #:nodoc:
+        super.tap do
+          @previously_changed = changes
+          @changed_attributes.clear
+        end
+      end
+
+      # <tt>reload</tt> the record and clears changed attributes.
+      def reload(*) #:nodoc:
+        super.tap do
+          @previously_changed.clear
+          @changed_attributes.clear
+        end
+      end
+
+    protected
+      def set_attribute(name, value)
+        if name and name != "objectClass"
+          attribute_will_change!(name) unless value == get_attribute(name)
+        end
+        super
+      end
+    end
+  end
+end

data/lib/active_ldap/attribute_methods/query.rb

@@ -0,0 +1,31 @@
+#
+module ActiveLdap
+  module AttributeMethods
+    module Query
+      extend ActiveSupport::Concern
+
+      included do
+        attribute_method_suffix '?'
+      end
+
+    protected
+      def get_attribute_as_query(name, force_array=false)
+        name, value = get_attribute_before_type_cast(name, force_array)
+        if force_array
+          value.collect {|x| !false_value?(x)}
+        else
+          !false_value?(value)
+        end
+      end
+
+      def false_value?(value)
+        value.nil? or value == false or value == [] or
+          value == "false" or value == "FALSE" or value == ""
+      end
+
+      def attribute?(attr)
+        return get_attribute_as_query(attr)
+      end
+    end
+  end
+end

data/lib/active_ldap/attribute_methods/read.rb

@@ -0,0 +1,44 @@
+module ActiveLdap
+  module AttributeMethods
+    module Read
+      extend ActiveSupport::Concern
+
+    protected
+      def attribute(attr, *args)
+        return get_attribute(attr, args.first)
+      end
+
+      # get_attribute
+      #
+      # Return the value of the attribute called by method_missing?
+      def get_attribute(name, force_array=false)
+        name, value = get_attribute_before_type_cast(name, force_array)
+        return value if name.nil?
+        attribute = schema.attribute(name)
+        type_cast(attribute, value)
+      end
+
+      def type_cast(attribute, value)
+        case value
+        when Hash
+          result = {}
+          value.each do |option, val|
+            result[option] = type_cast(attribute, val)
+          end
+          if result.size == 1 and result.has_key?("binary")
+            result["binary"]
+          else
+            result
+          end
+        when Array
+          value.collect do |val|
+            type_cast(attribute, val)
+          end
+        else
+          attribute.type_cast(value)
+        end
+      end
+
+    end
+  end
+end

data/lib/active_ldap/attribute_methods/write.rb

@@ -0,0 +1,38 @@
+module ActiveLdap
+  module AttributeMethods
+    module Write
+      extend ActiveSupport::Concern
+
+      included do
+        attribute_method_suffix '='
+      end
+
+    protected
+      def attribute=(attr, *args)
+        return set_attribute(attr, args.first)
+      end
+
+      # set_attribute
+      #
+      # Set the value of the attribute called by method_missing?
+      def set_attribute(name, value)
+        real_name = to_real_attribute_name(name)
+        _dn_attribute = nil
+        valid_dn_attribute = true
+        begin
+          _dn_attribute = dn_attribute
+        rescue DistinguishedNameInvalid
+          valid_dn_attribute = false
+        end
+        if valid_dn_attribute and real_name == _dn_attribute
+          real_name, value = register_new_dn_attribute(real_name, value)
+        end
+        raise UnknownAttribute.new(name) if real_name.nil?
+
+        @data[real_name] = value
+        @simplified_data = nil
+      end
+
+    end
+  end
+end

data/lib/active_ldap/attributes.rb

@@ -0,0 +1,176 @@
+module ActiveLdap
+  module Attributes
+    def self.included(base)
+      base.class_eval do
+        extend(ClassMethods)
+        extend(Normalizable)
+        include(Normalizable)
+      end
+    end
+
+    module ClassMethods
+      def blank_value?(value)
+        case value
+        when Hash
+          value.values.all? {|val| blank_value?(val)}
+        when Array
+          value.all? {|val| blank_value?(val)}
+        when String
+          /\A\s*\z/ =~ value
+        when nil
+          true
+        else
+          value.blank?
+        end
+      end
+
+      def remove_blank_value(value)
+        case value
+        when Hash
+          result = {}
+          value.each do |k, v|
+            v = remove_blank_value(v)
+            next if v.nil?
+            result[k] = v
+          end
+          result = nil if result.blank?
+          result
+        when Array
+          result = []
+          value.each do |v|
+            v = remove_blank_value(v)
+            next if v.nil?
+            result << v
+          end
+          result = nil if result.blank?
+          result
+        when String
+          if /\A\s*\z/ =~ value
+            nil
+          else
+            value
+          end
+        else
+          value
+        end
+      end
+    end
+
+    module Normalizable
+      def normalize_attribute_name(name)
+        name.to_s.downcase
+      end
+
+      # Enforce typing:
+      # Hashes are for subtypes
+      # Arrays are for multiple entries
+      def normalize_attribute(name, value)
+        if name.nil?
+          raise RuntimeError, _('The first argument, name, must not be nil. ' \
+                                'Please report this as a bug!')
+        end
+
+        name = normalize_attribute_name(name)
+        [name, schema.attribute(name).normalize_value(value)]
+      end
+
+      def unnormalize_attributes(attributes)
+        result = {}
+        attributes.each do |name, values|
+          unnormalize_attribute(name, values, result)
+        end
+        result
+      end
+
+      def unnormalize_attribute(name, values, result={})
+        if values.empty?
+          result[name] = []
+        else
+          values.each do |value|
+            if value.is_a?(Hash)
+              suffix, real_value = unnormalize_attribute_options(value)
+              new_name = name + suffix
+              unnormalize_attribute(new_name, real_value, result)
+            else
+              result[name] ||= []
+              if value.is_a?(DN)
+                result[name] << value.to_s
+              else
+                result[name] << value.dup
+              end
+            end
+          end
+        end
+        result
+      end
+
+      # normalize_attribute_options
+      #
+      # Makes the Hashized value from the full attribute name
+      # e.g. userCertificate;binary => "some_bin"
+      #      becomes userCertificate => {"binary" => "some_bin"}
+      def normalize_attribute_options(attr, value)
+        return [attr, value] unless attr.match(/;/)
+
+        ret_attr, *options = attr.split(/;/)
+        [ret_attr,
+         [options.reverse.inject(value) {|result, option| {option => result}}]]
+      end
+
+      # unnormalize_attribute_options
+      #
+      # Unnormalizes all of the subtypes from a given set of nested hashes
+      # and returns the attribute suffix and the final true value
+      def unnormalize_attribute_options(value)
+        options = ''
+        ret_val = value
+        if value.class == Hash
+          options = ';' + value.keys[0]
+          ret_val = value[value.keys[0]]
+          if ret_val.class == Hash
+            sub_options, ret_val = unnormalize_attribute_options(ret_val)
+            options += sub_options
+          end
+        end
+        ret_val = [ret_val] unless ret_val.class == Array
+        [options, ret_val]
+      end
+    end
+
+    private
+    def sanitize_for_mass_assignment(attributes, role=nil)
+      role ||= :default
+      authorizer = mass_assignment_authorizer(role)
+      black_list_p =
+        authorizer.is_a?(ActiveModel::MassAssignmentSecurity::BlackList)
+
+      always_needless_attributes = {}
+      needless_attributes = {}
+
+      _dn_attribute = nil
+      begin
+        _dn_attribute = dn_attribute_with_fallback
+      rescue DistinguishedNameInvalid
+      end
+      [_dn_attribute, 'objectClass'].compact.each do |name|
+        always_needless_attributes[to_real_attribute_name(name)] = true
+      end
+      authorizer.each do |name|
+        needless_attributes[to_real_attribute_name(name)] = black_list_p
+      end
+
+      sanitized_attributes = attributes.collect do |key, value|
+        key = _dn_attribute if ["id", "dn"].include?(key.to_s)
+        [to_real_attribute_name(key) || key, value]
+      end
+      sanitized_attributes = sanitized_attributes.reject do |key, value|
+        always_needless_attributes[key] or needless_attributes[key]
+      end
+      sanitized_attributes
+    end
+
+    def normalize_attribute_name(name)
+      self.class.normalize_attribute_name(name)
+    end
+  end
+end