powerhome-activeldap 3.2.3

data/examples/config.yaml.example

@@ -0,0 +1,5 @@
+host: 127.0.0.1
+method: :tls
+base: dc=localdomain
+bind_dn: cn=admin,dc=localdomain
+#adapter: net-ldap

data/examples/groupadd

@@ -0,0 +1,41 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " GROUP_NAME"
+end
+
+if argv.size == 1
+  name = argv.shift
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+if Group.exists?(name)
+  $stderr.puts("Group #{name} already exists.")
+  exit 1
+end
+
+group = Group.new(name)
+group.gid_number = 9000
+
+unless group.save
+  puts "failed"
+  puts group.errors.full_messages
+  exit 1
+end

data/examples/groupdel

@@ -0,0 +1,35 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " GROUP_NAME"
+end
+
+if argv.size == 1
+  name = argv.shift
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+
+unless Group.exists?(name)
+  $stderr.puts("Group #{name} doesn't exist.")
+  exit 1
+end
+
+Group.destroy(name)

data/examples/groupls

@@ -0,0 +1,49 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " GROUP_NAME"
+end
+
+if argv.size == 1
+  name = argv.shift
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+unless Group.exists?(name)
+  $stderr.puts("Group #{name} doesn't exist.")
+  exit 1
+end
+
+group = Group.find(name)
+
+members = []
+group.primary_members.each do |mem|
+  members << "#{mem.uid}[#{mem.uidNumber}]"
+end
+
+group.members.each do |mem|
+  if mem.new_entry?
+    members << "#{mem.uid}[????]"
+  else
+    members << "#{mem.uid}[#{mem.uidNumber}]"
+  end
+end
+
+puts("#{group.id}(#{group.gid_number}): #{members.join(', ')}")

data/examples/groupmod

@@ -0,0 +1,42 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " GROUP_NAME GID_NUMBER"
+end
+
+if argv.size == 2
+  name, gid = argv
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+
+unless Group.exists?(name)
+  $stderr.puts("Group #{name} doesn't exist.")
+  exit 1
+end
+
+group = Group.find(name)
+group.gid_number = gid
+
+unless group.save
+  puts "failed"
+  puts group.errors.full_messages
+  exit 1
+end

data/examples/lpasswd

@@ -0,0 +1,55 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " USER_NAME"
+end
+
+if argv.size == 1
+  name = argv.shift
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  user ||= ENV["USER"]
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+unless User.exists?(name)
+  $stderr.puts("User #{name} doesn't exist.")
+  exit 1
+end
+
+class PasswordMismatch < RuntimeError
+end
+
+user = User.find(name)
+count = 0
+begin
+  count += 1
+  pw1 = pwb.call(user.dn)
+  pw2 = pwb.call(user.dn)
+  raise PasswordMismatch if pw1 != pw2
+rescue PasswordMismatch
+  puts "Password mismatch!"
+  exit 1 if count == 3
+  retry
+end
+
+user.user_password = ActiveLdap::UserPassword.ssha(pw1)
+unless user.save
+  puts "failed"
+  puts user.errors.full_messages
+  exit 1
+end

data/examples/objects/group.rb

@@ -0,0 +1,13 @@
+class Group < ActiveLdap::Base
+  ldap_mapping :dn_attribute => "cn",
+               :classes => ['posixGroup']
+  # Inspired by ActiveRecord, this tells ActiveLDAP that the
+  # LDAP entry has a attribute which contains one or more of
+  # some class |:class_name| where the attributes name is
+  # |:local_key|. This means that it will call
+  # :class_name.new(value_of(:local_key)) to create the objects.
+  has_many :members, :class_name => "User", :wrap => "memberUid"
+  has_many :primary_members, :class_name => 'User',
+           :foreign_key => 'gidNumber',
+           :primary_key => 'gidNumber'
+end # Group

data/examples/objects/ou.rb

@@ -0,0 +1,4 @@
+class Ou < ActiveLdap::Base
+  ldap_mapping :dn_attribute => 'ou', :prefix => '',
+               :classes => ['top', 'organizationalUnit']
+end

data/examples/objects/user.rb

@@ -0,0 +1,20 @@
+require 'objects/group'
+
+class User < ActiveLdap::Base
+  ldap_mapping :dn_attribute => 'uid', :prefix => 'ou=People',
+               :classes => ['person', 'posixAccount']
+  belongs_to :primary_group, :class_name => "Group",
+             :foreign_key => "gidNumber", :primary_key => "gidNumber"
+  belongs_to :groups, :many => 'memberUid'
+
+  # An example of using the old "return_objects" API with the
+  # new ActiveRecord-style API.
+  alias groups_mapping groups
+  def groups(return_objects=true)
+    return groups_mapping if return_objects
+    attr = 'cn'
+    Group.search(:attribute => 'memberUid',
+                 :value => id,
+                 :attributes => [attr]).map {|dn, attrs| attrs[attr]}.flatten
+  end
+end

data/examples/ouadd

@@ -0,0 +1,38 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/ou'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " name"
+end
+
+if argv.size == 1
+  name = argv[0]
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+if Ou.exists?(name)
+  $stderr.puts("Ou #{name} already exists.")
+  exit 1
+end
+
+ou = Ou.new(name)
+unless ou.save
+  puts "failed"
+  puts ou.errors.full_messages
+  exit 1
+end

data/examples/useradd

@@ -0,0 +1,45 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " USER_NAME CN UID"
+end
+
+if argv.size == 3
+  name, cn, uid = argv
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+if User.exists?(name)
+  $stderr.puts("User #{name} already exists.")
+  exit 1
+end
+
+user = User.new(name)
+user.add_class('shadowAccount')
+user.cn = cn
+user.uid_number = uid
+user.gid_number = uid
+user.home_directory = "/home/#{name}"
+user.sn = "somesn"
+unless user.save
+  puts "failed"
+  puts user.errors.full_messages
+  exit 1
+end

data/examples/useradd-binary

@@ -0,0 +1,53 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " USER_NAME CN UID"
+end
+
+if argv.size == 3
+  name, cn, uid = argv
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+if User.exists?(name)
+  $stderr.puts("User #{name} already exists.")
+  exit 1
+end
+
+user = User.new(name)
+user.add_class('shadowAccount')
+user.cn = cn
+user.sn = "somesn"
+user.uid_number = uid
+user.gid_number = uid
+user.home_directory = "/home/#{name}"
+user.add_class('strongAuthenticationUser')
+cert_file = File.join(File.dirname(__FILE__), 'example.der')
+File.open(cert_file) do |input|
+  input.set_encoding("ascii-8bit") if input.respond_to?(:set_encoding)
+  user.user_certificate = input.read
+end
+
+unless user.save
+  puts "failed"
+  puts user.errors.full_messages
+  exit 1
+end
+

data/examples/userdel

@@ -0,0 +1,34 @@
+#!/usr/bin/ruby
+
+base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+$LOAD_PATH << File.join(base, "lib")
+$LOAD_PATH << File.join(base, "examples")
+
+require 'active_ldap'
+require 'objects/user'
+require 'objects/group'
+
+argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
+  opts.banner += " USER_NAME"
+end
+
+if argv.size == 1
+  name = argv.shift
+else
+  $stderr.puts opts
+  exit 1
+end
+
+pwb = Proc.new do |user|
+  ActiveLdap::Command.read_password("[#{user}] Password: ")
+end
+
+ActiveLdap::Base.setup_connection(:password_block => pwb,
+                                  :allow_anonymous => false)
+
+unless User.exists?(name)
+  $stderr.puts("User #{name} doesn't exist.")
+  exit 1
+end
+
+User.destroy(name)