RubyGems - powerhome-activeldap - Versions diffs - 3.2.3 - Mend

powerhome-activeldap 3.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (145) hide show

checksums.yaml +7 -0
data/.yardopts +6 -0
data/COPYING +340 -0
data/Gemfile +12 -0
data/LICENSE +59 -0
data/README.textile +140 -0
data/TODO +32 -0
data/benchmark/README.md +64 -0
data/benchmark/bench-backend.rb +247 -0
data/benchmark/bench-instantiate.rb +98 -0
data/benchmark/config.yaml.sample +5 -0
data/doc/text/development.textile +54 -0
data/doc/text/news.textile +811 -0
data/doc/text/rails.textile +144 -0
data/doc/text/tutorial.textile +1010 -0
data/examples/config.yaml.example +5 -0
data/examples/example.der +0 -0
data/examples/example.jpg +0 -0
data/examples/groupadd +41 -0
data/examples/groupdel +35 -0
data/examples/groupls +49 -0
data/examples/groupmod +42 -0
data/examples/lpasswd +55 -0
data/examples/objects/group.rb +13 -0
data/examples/objects/ou.rb +4 -0
data/examples/objects/user.rb +20 -0
data/examples/ouadd +38 -0
data/examples/useradd +45 -0
data/examples/useradd-binary +53 -0
data/examples/userdel +34 -0
data/examples/userls +50 -0
data/examples/usermod +42 -0
data/examples/usermod-binary-add +50 -0
data/examples/usermod-binary-add-time +54 -0
data/examples/usermod-binary-del +48 -0
data/examples/usermod-lang-add +43 -0
data/lib/active_ldap.rb +85 -0
data/lib/active_ldap/action_controller/ldap_benchmarking.rb +55 -0
data/lib/active_ldap/acts/tree.rb +78 -0
data/lib/active_ldap/adapter/base.rb +707 -0
data/lib/active_ldap/adapter/jndi.rb +184 -0
data/lib/active_ldap/adapter/jndi_connection.rb +185 -0
data/lib/active_ldap/adapter/ldap.rb +290 -0
data/lib/active_ldap/adapter/ldap_ext.rb +105 -0
data/lib/active_ldap/adapter/net_ldap.rb +309 -0
data/lib/active_ldap/adapter/net_ldap_ext.rb +23 -0
data/lib/active_ldap/association/belongs_to.rb +47 -0
data/lib/active_ldap/association/belongs_to_many.rb +58 -0
data/lib/active_ldap/association/children.rb +21 -0
data/lib/active_ldap/association/collection.rb +105 -0
data/lib/active_ldap/association/has_many.rb +31 -0
data/lib/active_ldap/association/has_many_utils.rb +44 -0
data/lib/active_ldap/association/has_many_wrap.rb +75 -0
data/lib/active_ldap/association/proxy.rb +107 -0
data/lib/active_ldap/associations.rb +205 -0
data/lib/active_ldap/attribute_methods.rb +23 -0
data/lib/active_ldap/attribute_methods/before_type_cast.rb +24 -0
data/lib/active_ldap/attribute_methods/dirty.rb +43 -0
data/lib/active_ldap/attribute_methods/query.rb +31 -0
data/lib/active_ldap/attribute_methods/read.rb +44 -0
data/lib/active_ldap/attribute_methods/write.rb +38 -0
data/lib/active_ldap/attributes.rb +176 -0
data/lib/active_ldap/base.rb +1410 -0
data/lib/active_ldap/callbacks.rb +71 -0
data/lib/active_ldap/command.rb +49 -0
data/lib/active_ldap/compatible.rb +44 -0
data/lib/active_ldap/configuration.rb +147 -0
data/lib/active_ldap/connection.rb +299 -0
data/lib/active_ldap/distinguished_name.rb +291 -0
data/lib/active_ldap/entry_attribute.rb +78 -0
data/lib/active_ldap/escape.rb +12 -0
data/lib/active_ldap/get_text.rb +20 -0
data/lib/active_ldap/get_text/parser.rb +161 -0
data/lib/active_ldap/helper.rb +92 -0
data/lib/active_ldap/human_readable.rb +133 -0
data/lib/active_ldap/ldap_error.rb +74 -0
data/lib/active_ldap/ldif.rb +930 -0
data/lib/active_ldap/log_subscriber.rb +50 -0
data/lib/active_ldap/object_class.rb +95 -0
data/lib/active_ldap/operations.rb +624 -0
data/lib/active_ldap/persistence.rb +100 -0
data/lib/active_ldap/populate.rb +53 -0
data/lib/active_ldap/railtie.rb +43 -0
data/lib/active_ldap/railties/controller_runtime.rb +48 -0
data/lib/active_ldap/schema.rb +701 -0
data/lib/active_ldap/schema/syntaxes.rb +422 -0
data/lib/active_ldap/timeout.rb +75 -0
data/lib/active_ldap/timeout_stub.rb +17 -0
data/lib/active_ldap/user_password.rb +99 -0
data/lib/active_ldap/validations.rb +200 -0
data/lib/active_ldap/version.rb +3 -0
data/lib/active_ldap/xml.rb +139 -0
data/lib/rails/generators/active_ldap/model/USAGE +18 -0
data/lib/rails/generators/active_ldap/model/model_generator.rb +47 -0
data/lib/rails/generators/active_ldap/model/templates/model_active_ldap.rb +3 -0
data/lib/rails/generators/active_ldap/scaffold/scaffold_generator.rb +14 -0
data/lib/rails/generators/active_ldap/scaffold/templates/ldap.yml +19 -0
data/po/en/active-ldap.po +4029 -0
data/po/ja/active-ldap.po +4060 -0
data/test/add-phonetic-attribute-options-to-slapd.ldif +10 -0
data/test/al-test-utils.rb +428 -0
data/test/command.rb +111 -0
data/test/config.yaml.sample +6 -0
data/test/fixtures/lower_case_object_class_schema.rb +802 -0
data/test/run-test.rb +34 -0
data/test/test_acts_as_tree.rb +60 -0
data/test/test_adapter.rb +121 -0
data/test/test_associations.rb +701 -0
data/test/test_attributes.rb +117 -0
data/test/test_base.rb +1214 -0
data/test/test_base_per_instance.rb +61 -0
data/test/test_bind.rb +62 -0
data/test/test_callback.rb +31 -0
data/test/test_configuration.rb +40 -0
data/test/test_connection.rb +82 -0
data/test/test_connection_per_class.rb +112 -0
data/test/test_connection_per_dn.rb +112 -0
data/test/test_dirty.rb +98 -0
data/test/test_dn.rb +172 -0
data/test/test_find.rb +176 -0
data/test/test_groupadd.rb +50 -0
data/test/test_groupdel.rb +46 -0
data/test/test_groupls.rb +107 -0
data/test/test_groupmod.rb +51 -0
data/test/test_ldif.rb +1890 -0
data/test/test_load.rb +133 -0
data/test/test_lpasswd.rb +75 -0
data/test/test_object_class.rb +74 -0
data/test/test_persistence.rb +131 -0
data/test/test_reflection.rb +175 -0
data/test/test_schema.rb +559 -0
data/test/test_syntax.rb +444 -0
data/test/test_user.rb +217 -0
data/test/test_user_password.rb +108 -0
data/test/test_useradd-binary.rb +62 -0
data/test/test_useradd.rb +57 -0
data/test/test_userdel.rb +48 -0
data/test/test_userls.rb +91 -0
data/test/test_usermod-binary-add-time.rb +65 -0
data/test/test_usermod-binary-add.rb +64 -0
data/test/test_usermod-binary-del.rb +66 -0
data/test/test_usermod-lang-add.rb +59 -0
data/test/test_usermod.rb +58 -0
data/test/test_validation.rb +274 -0
metadata +379 -0

data/lib/active_ldap/timeout_stub.rb ADDED

@@ -0,0 +1,17 @@
+require 'timeout'
+module Timeout
+  # STUB
+  def Timeout.alarm(sec, exception=Timeout::Error, &block)
+    timeout(sec, exception, &block)
+  end
+end # Timeout
+if __FILE__ == $0
+  require 'time'
+  Timeout.alarm(2) do
+    loop do
+      p Time.now
+    end
+  end
+end

data/lib/active_ldap/user_password.rb ADDED

@@ -0,0 +1,99 @@
+require 'English'
+require 'base64'
+require 'digest/md5'
+require 'digest/sha1'
+module ActiveLdap
+  module UserPassword
+    module_function
+    def valid?(password, hashed_password)
+      unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password
+        # Plain text password
+        return hashed_password == password
+      end
+      type = $1
+      hashed_password_without_type = $POSTMATCH
+      normalized_type = type.downcase
+      unless respond_to?(normalized_type)
+        raise ArgumentError, _("Unknown Hash type: %s") % type
+      end
+      salt_extractor = "extract_salt_for_#{normalized_type}"
+      if respond_to?(salt_extractor)
+        salt = send(salt_extractor, hashed_password_without_type)
+        if salt.nil?
+          raise ArgumentError,
+            _("Can't extract salt from hashed password: %s") % hashed_password
+        end
+        generated_password = send(normalized_type, password, salt)
+      else
+        generated_password = send(normalized_type, password)
+      end
+      hashed_password == generated_password
+    end
+    def crypt(password, salt=nil)
+      salt ||= "$1$#{Salt.generate(8)}"
+      "{CRYPT}#{password.crypt(salt)}"
+    end
+    def extract_salt_for_crypt(crypted_password)
+      if /^\$1\$/ =~ crypted_password
+        $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$"
+      else
+        crypted_password[0, 2]
+      end
+    end
+    def md5(password)
+      "{MD5}#{[Digest::MD5.digest(password)].pack('m').chomp}"
+    end
+    def smd5(password, salt=nil)
+      if salt and salt.size < 4
+        raise ArgumentError, _("salt size must be >= 4: %s") % salt.inspect
+      end
+      salt ||= Salt.generate(4)
+      md5_hash_with_salt = "#{Digest::MD5.digest(password + salt)}#{salt}"
+      "{SMD5}#{[md5_hash_with_salt].pack('m').chomp}"
+    end
+    def extract_salt_for_smd5(smd5ed_password)
+      extract_salt_at_pos(smd5ed_password, 16)
+    end
+    def sha(password)
+      "{SHA}#{[Digest::SHA1.digest(password)].pack('m').chomp}"
+    end
+    def ssha(password, salt=nil)
+      if salt and salt.size < 4
+        raise ArgumentError, _("salt size must be >= 4: %s") % salt.inspect
+      end
+      salt ||= Salt.generate(4)
+      sha1_hash_with_salt = "#{Digest::SHA1.digest(password + salt)}#{salt}"
+      "{SSHA}#{[sha1_hash_with_salt].pack('m').chomp}"
+    end
+    def extract_salt_for_ssha(sshaed_password)
+      extract_salt_at_pos(sshaed_password, 20)
+    end
+    def extract_salt_at_pos(hashed_password, position)
+      salt = Base64.decode64(hashed_password)[position..-1]
+      salt == '' ? nil : salt
+    end
+    module Salt
+      CHARS = ['.', '/'] + ['0'..'9', 'A'..'Z', 'a'..'z'].collect do |x|
+        x.to_a
+      end.flatten
+      module_function
+      def generate(length)
+        salt = ""
+        length.times {salt << CHARS[rand(CHARS.length)]}
+        salt
+      end
+    end
+  end
+end

data/lib/active_ldap/validations.rb ADDED

@@ -0,0 +1,200 @@
+module ActiveLdap
+  module Validations
+    extend ActiveSupport::Concern
+    include ActiveModel::Validations
+    included do
+      alias_method :new_record?, :new_entry?
+      class << self
+        unless method_defined?(:human_attribute_name_with_gettext)
+          def human_attribute_name_with_gettext(attribute_key_name, options={})
+            logger.warn("options was ignored.") unless options.empty?
+            s_("#{self}|#{attribute_key_name.to_s.humanize}")
+          end
+        end
+      end
+      class_local_attr_accessor true, :validation_skip_attributes
+      remove_method :validation_skip_attributes
+      self.validation_skip_attributes = []
+      validate :validate_duplicated_dn_creation, :on => :create
+      validate :validate_duplicated_dn_rename, :on => :update
+      validate :validate_dn
+      validate :validate_excluded_classes
+      validate :validate_required_ldap_values
+      validate :validate_ldap_values
+    end
+    def validation_skip_attributes
+      @validation_skip_attributes ||= []
+    end
+    def validation_skip_attributes=(attributes)
+      @validation_skip_attributes = attributes
+    end
+    def valid?(context = nil)
+      context ||= (new_entry? ? :create : :update)
+      output = super(context)
+      errors.empty? && output
+    end
+    def save(*)
+      valid? ? super : false
+    end
+    def save!(*)
+      valid? ? super : raise(EntryInvalid.new(self))
+    end
+    private
+    def format_validation_message(format, parameters)
+      format % parameters
+    end
+    def validate_duplicated_dn_creation
+      _dn = nil
+      begin
+        _dn = dn
+      rescue DistinguishedNameInvalid, DistinguishedNameNotSetError
+        return
+      end
+      if _dn and exist?
+        format = _("is duplicated: %s")
+        message = format_validation_message(format, _dn)
+        errors.add("distinguishedName", message)
+      end
+    end
+    def validate_duplicated_dn_rename
+      _dn_attribute = dn_attribute_with_fallback
+      original_dn_value = @ldap_data[_dn_attribute]
+      current_dn_value = @data[_dn_attribute]
+      return if original_dn_value == current_dn_value
+      return if original_dn_value == [current_dn_value]
+      _dn = nil
+      begin
+        _dn = dn
+      rescue DistinguishedNameInvalid, DistinguishedNameNotSetError
+        return
+      end
+      if _dn and exist?
+        format = _("is duplicated: %s")
+        message = format_validation_message(format, _dn)
+        errors.add("distinguishedName", message)
+      end
+    end
+    def validate_dn
+      dn
+    rescue DistinguishedNameInvalid
+      format = _("is invalid: %s")
+      message = format_validation_message(format, $!.message)
+      errors.add("distinguishedName", message)
+    rescue DistinguishedNameNotSetError
+      format = _("isn't set: %s")
+      message = format_validation_message(format, $!.message)
+      errors.add("distinguishedName", message)
+    end
+    def validate_excluded_classes
+      excluded_classes = self.class.excluded_classes
+      return if excluded_classes.empty?
+      _schema = schema
+      _classes = classes.collect do |name|
+        _schema.object_class(name)
+      end
+      unexpected_classes = excluded_classes.inject([]) do |classes, name|
+        excluded_class = _schema.object_class(name)
+        if _classes.include?(excluded_class)
+          classes << excluded_class
+        end
+        classes
+      end
+      return if unexpected_classes.empty?
+      names = unexpected_classes.collect do |object_class|
+        self.class.human_object_class_name(object_class)
+      end
+      format = n_("has excluded value: %s",
+                  "has excluded values: %s",
+                  names.size)
+      message = format_validation_message(format, names.join(", "))
+      errors.add("objectClass", message)
+    end
+    # validate_required_ldap_values
+    #
+    # Basic validation:
+    # - Verify that every 'MUST' specified in the schema has a value defined
+    def validate_required_ldap_values
+      _schema = nil
+      @validation_skip_attributes ||= []
+      _validation_skip_attributes =
+        @validation_skip_attributes +
+        (self.class.validation_skip_attributes || [])
+      # Make sure all MUST attributes have a value
+      entry_attribute.object_classes.each do |object_class|
+        object_class.must.each do |required_attribute|
+          # Normalize to ensure we catch schema problems
+          # needed?
+          real_name = to_real_attribute_name(required_attribute.name, true)
+          raise UnknownAttribute.new(required_attribute) if real_name.nil?
+          next if required_attribute.read_only?
+          next if _validation_skip_attributes.include?(real_name)
+          value = @data[real_name] || []
+          next unless self.class.blank_value?(value)
+          _schema ||= schema
+          aliases = required_attribute.aliases.collect do |name|
+            self.class.human_attribute_name(name)
+          end
+          args = [self.class.human_object_class_name(object_class)]
+          if aliases.empty?
+            format = _("is required attribute by objectClass '%s'")
+          else
+            format = _("is required attribute by objectClass " \
+                       "'%s': aliases: %s")
+            args << aliases.join(', ')
+          end
+          message = format_validation_message(format, args)
+          errors.add(real_name, message)
+        end
+      end
+    end
+    def validate_ldap_values
+      entry_attribute.schemata.each do |name, attribute|
+        value = self[name]
+        next if self.class.blank_value?(value)
+        validate_ldap_value(attribute, name, value)
+      end
+    end
+    def validate_ldap_value(attribute, name, value)
+      failed_reason, option = attribute.validate(value)
+      return if failed_reason.nil?
+      if attribute.binary?
+        inspected_value = _("<binary-value>")
+      else
+        inspected_value = self.class.human_readable_format(value)
+      end
+      params = [inspected_value,
+                self.class.human_syntax_description(attribute.syntax),
+                failed_reason]
+      if option
+        format = _("(%s) has invalid format: %s: required syntax: %s: %s")
+      else
+        format = _("has invalid format: %s: required syntax: %s: %s")
+      end
+      params.unshift(option) if option
+      message = format_validation_message(format, params)
+      errors.add(name, message)
+    end
+  end
+end

data/lib/active_ldap/version.rb ADDED

@@ -0,0 +1,3 @@
+module ActiveLdap
+  VERSION = "3.2.3"
+end

data/lib/active_ldap/xml.rb ADDED

@@ -0,0 +1,139 @@
+require 'erb'
+require 'builder'
+require 'active_ldap/ldif'
+module ActiveLdap
+  class Xml
+    class Serializer
+      PRINTABLE_STRING = /[\x20-\x7e\t\r\n]*/n
+      def initialize(dn, attributes, schema, options={})
+        @dn = dn
+        @attributes = attributes
+        @schema = schema
+        @options = options
+      end
+      def to_s
+        root = @options[:root]
+        indent = @options[:indent] || 2
+        xml = @options[:builder] || Builder::XmlMarkup.new(:indent => indent)
+        xml.tag!(root) do
+          target_attributes.each do |key, values|
+            values = normalize_values(values).sort_by {|value, _| value}
+            if @schema.attribute(key).single_value?
+              next if values.empty?
+              serialize_attribute_value(xml, key, *values[0])
+            else
+              serialize_attribute_values(xml, key, values)
+            end
+          end
+        end
+      end
+      private
+      def target_attributes
+        except_dn = false
+        only = @options[:only] || []
+        except = @options[:except] || []
+        if !only.empty?
+          attributes = []
+          except_dn = true
+          only.each do |name|
+            if name == "dn"
+              except_dn = false
+            elsif @attributes.has_key?(name)
+              attributes << [name, @attributes[name]]
+            end
+          end
+        elsif !except.empty?
+          attributes = @attributes.dup
+          except.each do |name|
+            if name == "dn"
+              except_dn = true
+            else
+              attributes.delete(name)
+            end
+          end
+        else
+          attributes = @attributes.dup
+        end
+        attributes = attributes.sort_by {|key, values| key}
+        attributes.unshift(["dn", [@dn]]) unless except_dn
+        attributes
+      end
+      def normalize_values(values)
+        targets = []
+        values.each do |value|
+          targets.concat(normalize_value(value))
+        end
+        targets
+      end
+      def normalize_value(value, options=[])
+        targets = []
+        case value
+        when Hash
+          value.each do |real_option, real_value|
+            targets.concat(normalize_value(real_value, options + [real_option]))
+          end
+        when Array
+          value.each do |real_value|
+            targets.concat(normalize_value(real_value, options))
+          end
+        when DN
+          targets.concat(normalize_value(value.to_s, options))
+        when nil
+          # ignore
+        else
+          if /\A#{PRINTABLE_STRING}\z/ !~ value
+            value = [value].pack("m").gsub(/\n/u, '')
+            options += ["base64"]
+          end
+          xml_attributes = {}
+          options.each do |name, val|
+            xml_attributes[name] = val || "true"
+          end
+          targets << [value, xml_attributes]
+        end
+        targets
+      end
+      def serialize_attribute_values(xml, name, values)
+        return if values.blank?
+        if name == "dn" or @options[:type].to_s.downcase == "ldif"
+          values.each do |value, xml_attributes|
+            serialize_attribute_value(xml, name, value, xml_attributes)
+          end
+        else
+          plural_name = name.pluralize
+          attributes = @options[:skip_types] ? {} : {"type" => "array"}
+          xml.tag!(plural_name, attributes) do
+            values.each do |value, xml_attributes|
+              serialize_attribute_value(xml, name, value, xml_attributes)
+            end
+          end
+        end
+      end
+      def serialize_attribute_value(xml, name, value, xml_attributes)
+        xml.tag!(name, value, xml_attributes)
+      end
+    end
+    def initialize(dn, attributes, schema)
+      @dn = dn
+      @attributes = attributes
+      @schema = schema
+    end
+    def to_s(options={})
+      Serializer.new(@dn, @attributes, @schema, options).to_s
+    end
+  end
+  XML = Xml
+end