radum 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2,8 +2,8 @@
2
2
  # working with users and groups. The User class represents a standard Windows
3
3
  # user account. The UNIXUser class represents a Windows account that has UNIX
4
4
  # attributes. Similarly, the Group class represents a standard Windows group,
5
- # and a UNIXGroup represents a Windows group that has UNIX attributes. UNIX
6
- # attributes are supported if Active Directory has been extended, such as
5
+ # and the UNIXGroup class represents a Windows group that has UNIX attributes.
6
+ # UNIX attributes are supported if Active Directory has been extended, such as
7
7
  # when Microsoft Identity Management for UNIX has been installed. LDAP
8
8
  # extensions for UNIX are not required if only Windows users and groups are
9
9
  # operated on. This module concentrates only on users and groups at this time.
@@ -3261,6 +3261,10 @@ module RADUM
3261
3261
  # groups having users as implicit members, etc. we just make sure
3262
3262
  # the user is made a UNIX member of the previous UNIX main group
3263
3263
  # when it was changed just in case they are not already a member.
3264
+ # This only applies if the UNIXUser is still a member of their
3265
+ # previous UNIX main group - it is also possible they were explicitly
3266
+ # removed before getting here, so this should only be done if they
3267
+ # are currently a member of their old UNIX main group.
3264
3268
  #
3265
3269
  # Note that when converting a UNIXUser to a User, there will be a
3266
3270
  # gid change, but the gid will be "".to_i (0). In that case, we don't
@@ -3271,33 +3275,43 @@ module RADUM
3271
3275
  group_ops = []
3272
3276
  group_filter = Net::LDAP::Filter.eq("objectclass", "group")
3273
3277
  group = find_group_by_gid old_gid
3274
- entry = @ldap.search(:base => group.distinguished_name,
3275
- :filter => group_filter,
3276
- :scope => Net::LDAP::SearchScope_BaseObject).pop
3277
- # Double check to make sure they are not already members. Since this
3278
- # logic is difficult to deal with, the algorithm is simply to make
3279
- # sure the UNIXUser is a member of their previous UNIX main group
3280
- # if that has not been done by the update_group() method.
3281
- found = false
3282
3278
 
3283
- begin
3284
- found = entry.msSFU30PosixMember.find do |member|
3285
- user.distinguished_name.downcase == member.downcase
3279
+ # Make sure the group membership was not explicitly removed after
3280
+ # the UNIX main group for the user was modified.
3281
+ unless user.member_of?(group)
3282
+ RADUM::logger.log("\nSpecial case 1: membership in old UNIX main" +
3283
+ " group <#{group.name}> was explicitly removed" +
3284
+ " after change - no update required.", LOG_DEBUG)
3285
+ else
3286
+ entry = @ldap.search(:base => group.distinguished_name,
3287
+ :filter => group_filter,
3288
+ :scope => Net::LDAP::SearchScope_BaseObject).pop
3289
+ # Double check to make sure they are not already members. Since
3290
+ # this logic is difficult to deal with, the algorithm is simply to
3291
+ # make sure the UNIXUser is a member of their previous UNIX main
3292
+ # group if that has not been done by the update_group() method.
3293
+ found = false
3294
+
3295
+ begin
3296
+ found = entry.msSFU30PosixMember.find do |member|
3297
+ user.distinguished_name.downcase == member.downcase
3298
+ end
3299
+ rescue NoMethodError
3300
+ end
3301
+
3302
+ unless found
3303
+ group_ops.push [:add, :memberUid, user.username]
3304
+ group_ops.push [:add, :msSFU30PosixMember,
3305
+ user.distinguished_name]
3306
+ RADUM::logger.log("\nSpecial case 1: updating old UNIX main" +
3307
+ " group UNIX membership for group" +
3308
+ " <#{group.name}>.", LOG_DEBUG)
3309
+ RADUM::logger.log("\n" + group_ops.to_yaml, LOG_DEBUG)
3310
+ @ldap.modify :dn => group.distinguished_name,
3311
+ :operations => group_ops
3312
+ check_ldap_result
3313
+ RADUM::logger.log("\nSpecial case 1: end.\n\n", LOG_DEBUG)
3286
3314
  end
3287
- rescue NoMethodError
3288
- end
3289
-
3290
- unless found
3291
- group_ops.push [:add, :memberUid, user.username]
3292
- group_ops.push [:add, :msSFU30PosixMember, user.distinguished_name]
3293
- RADUM::logger.log("\nSpecial case 1: updating old UNIX main group" +
3294
- " UNIX membership for group <#{group.name}>.",
3295
- LOG_DEBUG)
3296
- RADUM::logger.log("\n" + group_ops.to_yaml, LOG_DEBUG)
3297
- @ldap.modify :dn => group.distinguished_name,
3298
- :operations => group_ops
3299
- check_ldap_result
3300
- RADUM::logger.log("\nSpecial case 1: end.\n\n", LOG_DEBUG)
3301
3315
  end
3302
3316
 
3303
3317
  # In this case, we also have to make sure the user is removed
@@ -361,7 +361,7 @@ module RADUM
361
361
 
362
362
  # The String representation of the Container object.
363
363
  def to_s
364
- "Container [#{@name},#{@directory.root}]"
364
+ "Container <#{@name}> [#{@distinguished_name}]"
365
365
  end
366
366
  end
367
367
  end
@@ -79,7 +79,7 @@ module RADUM
79
79
  end
80
80
 
81
81
  @type = args[:type] || GROUP_GLOBAL_SECURITY
82
- @distinguished_name = "cn=" + name + "," + @container.name + "," +
82
+ @distinguished_name = "cn=" + @name + "," + @container.name + "," +
83
83
  @container.directory.root
84
84
  @users = []
85
85
  @removed_users = []
@@ -291,7 +291,7 @@ module RADUM
291
291
  # The String representation of the Group object.
292
292
  def to_s
293
293
  "Group [(" + RADUM.group_type_to_s(@type) +
294
- ", RID #{@rid}) #{@distinguished_name}]"
294
+ ", RID #{@rid}) <#{@name}> #{@distinguished_name}]"
295
295
  end
296
296
  end
297
297
 
@@ -449,7 +449,7 @@ module RADUM
449
449
  # The String representation of the UNIXGroup object.
450
450
  def to_s
451
451
  "UNIXGroup [(" + RADUM.group_type_to_s(@type) +
452
- ", RID #{@rid}, GID #{@gid}) #{@distinguished_name}]"
452
+ ", RID #{@rid}, GID #{@gid}) <#{@name}> #{@distinguished_name}]"
453
453
  end
454
454
  end
455
455
  end
@@ -644,7 +644,7 @@ module RADUM
644
644
  # The String representation of the User object.
645
645
  def to_s
646
646
  "User [(" + (@disabled ? "USER_DISABLED" : "USER_ENABLED") +
647
- ", RID #{@rid}) #{@username} #{@distinguished_name}]"
647
+ ", RID #{@rid}) <#{@username}> #{@distinguished_name}]"
648
648
  end
649
649
  end
650
650
 
@@ -1080,8 +1080,8 @@ module RADUM
1080
1080
  # The String representation of the UNIXUser object.
1081
1081
  def to_s
1082
1082
  "UNIXUser [(" + (@disabled ? "USER_DISABLED" : "USER_ENABLED") +
1083
- ", RID #{@rid}, UID #{@uid}, GID #{@unix_main_group.gid}) #{@username} " +
1084
- "#{@distinguished_name}]"
1083
+ ", RID #{@rid}, UID #{@uid}, GID #{@unix_main_group.gid})" +
1084
+ " <#{@username}> #{@distinguished_name}]"
1085
1085
  end
1086
1086
  end
1087
1087
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: radum
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shaun Rowland
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-08-02 00:00:00 -04:00
12
+ date: 2009-08-06 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -66,9 +66,9 @@ require_paths:
66
66
  - lib
67
67
  required_ruby_version: !ruby/object:Gem::Requirement
68
68
  requirements:
69
- - - ">="
69
+ - - ~>
70
70
  - !ruby/object:Gem::Version
71
- version: "0"
71
+ version: 1.8.5
72
72
  version:
73
73
  required_rubygems_version: !ruby/object:Gem::Requirement
74
74
  requirements: