RubyGems - rom-ldap - Versions diffs - 0.2.2 - Mend

rom-ldap 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +251 -0
data/CONTRIBUTING.md +18 -0
data/README.md +172 -0
data/TODO.md +33 -0
data/config/responses.yml +328 -0
data/lib/dry/monitor/ldap/colorizers/default.rb +17 -0
data/lib/dry/monitor/ldap/colorizers/rouge.rb +31 -0
data/lib/dry/monitor/ldap/logger.rb +58 -0
data/lib/rom-ldap.rb +1 -0
data/lib/rom/ldap.rb +22 -0
data/lib/rom/ldap/alias.rb +30 -0
data/lib/rom/ldap/associations.rb +6 -0
data/lib/rom/ldap/associations/core.rb +23 -0
data/lib/rom/ldap/associations/many_to_many.rb +18 -0
data/lib/rom/ldap/associations/many_to_one.rb +22 -0
data/lib/rom/ldap/associations/one_to_many.rb +32 -0
data/lib/rom/ldap/associations/one_to_one.rb +19 -0
data/lib/rom/ldap/associations/self_ref.rb +35 -0
data/lib/rom/ldap/attribute.rb +327 -0
data/lib/rom/ldap/client.rb +185 -0
data/lib/rom/ldap/client/authentication.rb +118 -0
data/lib/rom/ldap/client/operations.rb +233 -0
data/lib/rom/ldap/commands.rb +6 -0
data/lib/rom/ldap/commands/create.rb +41 -0
data/lib/rom/ldap/commands/delete.rb +17 -0
data/lib/rom/ldap/commands/update.rb +35 -0
data/lib/rom/ldap/constants.rb +193 -0
data/lib/rom/ldap/dataset.rb +286 -0
data/lib/rom/ldap/dataset/conversion.rb +62 -0
data/lib/rom/ldap/dataset/dsl.rb +299 -0
data/lib/rom/ldap/dataset/persistence.rb +44 -0
data/lib/rom/ldap/directory.rb +126 -0
data/lib/rom/ldap/directory/capabilities.rb +71 -0
data/lib/rom/ldap/directory/entry.rb +200 -0
data/lib/rom/ldap/directory/env.rb +155 -0
data/lib/rom/ldap/directory/operations.rb +282 -0
data/lib/rom/ldap/directory/password.rb +122 -0
data/lib/rom/ldap/directory/root.rb +187 -0
data/lib/rom/ldap/directory/tokenization.rb +66 -0
data/lib/rom/ldap/directory/transactions.rb +31 -0
data/lib/rom/ldap/directory/vendors/active_directory.rb +129 -0
data/lib/rom/ldap/directory/vendors/apache_ds.rb +27 -0
data/lib/rom/ldap/directory/vendors/e_directory.rb +16 -0
data/lib/rom/ldap/directory/vendors/open_directory.rb +12 -0
data/lib/rom/ldap/directory/vendors/open_dj.rb +25 -0
data/lib/rom/ldap/directory/vendors/open_ldap.rb +35 -0
data/lib/rom/ldap/directory/vendors/three_eight_nine.rb +16 -0
data/lib/rom/ldap/directory/vendors/unknown.rb +22 -0
data/lib/rom/ldap/dsl.rb +76 -0
data/lib/rom/ldap/errors.rb +47 -0
data/lib/rom/ldap/expression.rb +77 -0
data/lib/rom/ldap/expression_encoder.rb +174 -0
data/lib/rom/ldap/extensions.rb +50 -0
data/lib/rom/ldap/extensions/active_support_notifications.rb +26 -0
data/lib/rom/ldap/extensions/compatibility.rb +11 -0
data/lib/rom/ldap/extensions/dsml.rb +165 -0
data/lib/rom/ldap/extensions/msgpack.rb +23 -0
data/lib/rom/ldap/extensions/optimised_json.rb +25 -0
data/lib/rom/ldap/extensions/rails_log_subscriber.rb +38 -0
data/lib/rom/ldap/formatter.rb +26 -0
data/lib/rom/ldap/functions.rb +207 -0
data/lib/rom/ldap/gateway.rb +145 -0
data/lib/rom/ldap/ldif.rb +74 -0
data/lib/rom/ldap/ldif/exporter.rb +77 -0
data/lib/rom/ldap/ldif/importer.rb +95 -0
data/lib/rom/ldap/mapper_compiler.rb +19 -0
data/lib/rom/ldap/matchers.rb +69 -0
data/lib/rom/ldap/message_queue.rb +7 -0
data/lib/rom/ldap/oid.rb +101 -0
data/lib/rom/ldap/parsers/abstract_syntax.rb +91 -0
data/lib/rom/ldap/parsers/attribute.rb +290 -0
data/lib/rom/ldap/parsers/filter_syntax.rb +133 -0
data/lib/rom/ldap/pdu.rb +285 -0
data/lib/rom/ldap/plugin/pagination.rb +145 -0
data/lib/rom/ldap/plugins.rb +7 -0
data/lib/rom/ldap/projection_dsl.rb +38 -0
data/lib/rom/ldap/relation.rb +135 -0
data/lib/rom/ldap/relation/exporting.rb +72 -0
data/lib/rom/ldap/relation/reading.rb +461 -0
data/lib/rom/ldap/relation/writing.rb +64 -0
data/lib/rom/ldap/responses.rb +17 -0
data/lib/rom/ldap/restriction_dsl.rb +45 -0
data/lib/rom/ldap/schema.rb +123 -0
data/lib/rom/ldap/schema/attributes_inferrer.rb +59 -0
data/lib/rom/ldap/schema/dsl.rb +13 -0
data/lib/rom/ldap/schema/inferrer.rb +50 -0
data/lib/rom/ldap/schema/type_builder.rb +133 -0
data/lib/rom/ldap/scope.rb +19 -0
data/lib/rom/ldap/search_request.rb +249 -0
data/lib/rom/ldap/socket.rb +210 -0
data/lib/rom/ldap/tasks/ldap.rake +103 -0
data/lib/rom/ldap/tasks/ldif.rake +80 -0
data/lib/rom/ldap/transaction.rb +29 -0
data/lib/rom/ldap/type_map.rb +88 -0
data/lib/rom/ldap/types.rb +158 -0
data/lib/rom/ldap/version.rb +17 -0
data/lib/rom/plugins/relation/ldap/active_directory.rb +182 -0
data/lib/rom/plugins/relation/ldap/auto_restrictions.rb +69 -0
data/lib/rom/plugins/relation/ldap/e_directory.rb +27 -0
data/lib/rom/plugins/relation/ldap/instrumentation.rb +35 -0
data/lib/rouge/lexers/ldap.rb +72 -0
data/lib/rouge/themes/ldap.rb +49 -0
metadata +231 -0

data/lib/rom/ldap/directory/vendors/apache_ds.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Apache Directory Extension
+    #
+    # @api private
+    module ApacheDs
+      # IGNORE_ATTRS_REGEX = /^[m-|ads|entry].*$/.freeze
+      # @return [Array]
+      #
+      # @api public
+      def schema_attributes
+        query(base: 'ou=schema', filter: '(objectClass=metaAttributeType)')
+      end
+      # @return [Array]
+      #
+      # @api public
+      def schemas_classes
+        query(base: 'ou=schema', filter: '(objectClass=metaObjectClass)')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/e_directory.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Novell eDirectory Extension
+    #
+    # @api private
+    module EDirectory
+      # WIP
+      def transactions
+        # noop
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_directory.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Apple Open Directory Extension
+    #
+    # @api private
+    module OpenDirectory
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_dj.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # OpenDJ Server Extension
+    #
+    # @api private
+    module OpenDj
+      # @return [String]
+      #
+      # @api public
+      def full_vendor_version
+        root.first('fullVendorVersion')
+      end
+      # @return [String]
+      #
+      # @api public
+      def etag
+        root.first('etag')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_ldap.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # OpenLDAP Extension
+    #
+    # @api private
+    module OpenLdap
+      #
+      # @return [String]
+      #
+      # @api public
+      def vendor_name
+        'OpenLDAP'
+      end
+      #
+      # @return [String]
+      #
+      # @api public
+      def vendor_version
+        '0.0'
+      end
+      #
+      # @return [String]
+      #
+      # @api public
+      def organization
+        query(base: contexts[0]).first.first('o')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/three_eight_nine.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # RedHat 389DS Extension
+    #
+    # @api private
+    module ThreeEightNine
+      # @api public
+      def netscapemdsuffix
+        root.first('netscapemdsuffix')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/unknown.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @api private
+    module Unknown
+      # @return [String]
+      #
+      # @api public
+      def vendor_name
+        'Unknown'
+      end
+      # @return [String]
+      #
+      # @api public
+      def vendor_version
+        'Unknown'
+      end
+    end
+  end
+end

data/lib/rom/ldap/dsl.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+require 'concurrent/map'
+require 'rom/support/inflector'
+require 'rom/constants'
+require 'rom/ldap/types'
+module ROM
+  module LDAP
+    # @api private
+    class DSL < BasicObject
+      # @!attribute [r] schema
+      #   @return [LDAP::Schema]
+      attr_reader :schema
+      # @!attribute [r] relations
+      #   @return [Hash, RelationRegistry]
+      attr_reader :relations
+      # @!attribute [r] picked_relations
+      #   @return [Concurrent::Map]
+      attr_reader :picked_relations
+      # @api private
+      def initialize(schema)
+        @schema = schema
+        @relations = schema.respond_to?(:relations) ? schema.relations : EMPTY_HASH
+        @picked_relations = ::Concurrent::Map.new
+      end
+      # @api private
+      def call(&block)
+        result = instance_exec(select_relations(block.parameters), &block)
+        if result.is_a?(::Array)
+          result
+        else
+          [result]
+        end
+      end
+      # @api private
+      def respond_to_missing?(name, include_private = false)
+        super || schema.key?(name)
+      end
+      private
+      # @api private
+      def type(identifier)
+        type_name = Inflector.classify(identifier)
+        types.const_get(type_name) if types.const_defined?(type_name)
+      end
+      # @api private
+      def types
+        ::ROM::LDAP::Types
+      end
+      # @api private
+      def select_relations(parameters)
+        @picked_relations.fetch_or_store(parameters.hash) do
+          keys = parameters.select { |type, _| type == :keyreq }
+          if keys.empty?
+            relations
+          else
+            keys.each_with_object({}) { |(_, k), rs| rs[k] = relations[k] }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rom/ldap/errors.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @see ROM::LDAP::Gateway
+    #
+    # @see ROM::LDAP::Schema::Inferrer
+    #
+    CONNECTION_FAILURES = [
+      EOFError,
+      Errno::ECONNABORTED,
+      Errno::ECONNREFUSED,
+      Errno::ECONNRESET,
+      Errno::EHOSTUNREACH,
+      Errno::EIO,
+      Errno::ENETDOWN,
+      Errno::ENETRESET,
+      Errno::EPIPE,
+      Errno::ETIMEDOUT,
+      IOError
+    ].freeze
+    # @see Client::Authentication#bind
+    #
+    BindError                     = Class.new(StandardError)
+    # @see Client::Authentication#sasl_bind
+    #
+    SecureBindError               = Class.new(StandardError)
+    # @see Client#submit
+    #
+    ResponseError                 = Class.new(StandardError)
+    # @see Directory::Operations#find, #by_dn, #add
+    #
+    DistinguishedNameError        = Class.new(StandardError)
+    # @see Socket#connect
+    #
+    ConnectionError               = Class.new(StandardError)
+    # @see Directory::Password#generate
+    #
+    PasswordError                 = Class.new(StandardError)
+  end
+end

data/lib/rom/ldap/expression.rb ADDED Viewed

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @api private
+    class Expression
+      extend Initializer
+      option :op, type: Types::Abstract
+      option :field, optional: true, type: Types::Field
+      option :value, optional: true, type: Types::Value
+      option :exps,  optional: true, type: Types::Array.of(Types.Instance(Expression))
+      #
+      #
+      # @return [String]
+      #
+      # @api public
+      def to_ber
+        require 'rom/ldap/expression_encoder'
+        ExpressionEncoder.new(options).call
+      end
+      # Unbracketed filter string
+      #
+      # @return [String]
+      #
+      def to_raw_filter
+        case op
+        when :op_eql, :op_bineq then "#{field}=#{value}"
+        when :op_ext  then "#{field}:=#{value}"
+        when :op_gte  then "#{field}>=#{value}"
+        when :op_lte  then "#{field}<=#{value}"
+        when :op_prx  then "#{field}~=#{value}"
+        when :con_and then "&#{exps.map(&:to_filter).join}"
+        when :con_or  then "|#{exps.map(&:to_filter).join}"
+        when :con_not then "!#{exps[0].to_filter}"
+        end
+      end
+      # Bracketed filter string
+      #
+      # @return [String]
+      #
+      def to_filter
+        "(#{to_raw_filter})"
+      end
+      alias_method :to_s, :to_filter
+      # AST with original atrributes and values
+      #
+      # @return [Array]
+      #
+      def to_ast
+        case op
+        when :con_and then [op, exps.map(&:to_ast)]
+        when :con_or  then [op, exps.map(&:to_ast)]
+        when :con_not then [op, exps[0].to_ast]
+        else
+          [op, field, value]
+        end
+      end
+      alias_method :to_a, :to_ast
+      # @return [String]
+      #
+      def inspect
+        %(#<#{self.class} #{to_raw_filter} />)
+      end
+    end
+  end
+end

data/lib/rom/ldap/expression_encoder.rb ADDED Viewed

@@ -0,0 +1,174 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # Used in ROM::LDAP::Expression#to_ber.
+    #
+    #       Filter ::=
+    #           CHOICE {
+    #               and             [0] SET OF Filter,
+    #               or              [1] SET OF Filter,
+    #               not             [2] Filter,
+    #               equalityMatch   [3] AttributeValueAssertion,
+    #               substrings      [4] SubstringFilter,
+    #               greaterOrEqual  [5] AttributeValueAssertion,
+    #               lessOrEqual     [6] AttributeValueAssertion,
+    #               present         [7] AttributeType,
+    #               approxMatch     [8] AttributeValueAssertion,
+    #               extensibleMatch [9] MatchingRuleAssertion
+    #           }
+    #
+    #       SubstringFilter ::=
+    #           SEQUENCE {
+    #               type               AttributeType,
+    #               SEQUENCE OF CHOICE {
+    #                   initial        [0] LDAPString,
+    #                   any            [1] LDAPString,
+    #                   final          [2] LDAPString
+    #               }
+    #           }
+    #
+    #       MatchingRuleAssertion ::=
+    #           SEQUENCE {
+    #             matchingRule    [1] MatchingRuleId OPTIONAL,
+    #             type            [2] AttributeDescription OPTIONAL,
+    #             matchValue      [3] AssertionValue,
+    #             dnAttributes    [4] BOOLEAN DEFAULT FALSE
+    #           }
+    #
+    #       Matching Rule Suffixes
+    #           Less than   [.1] or .[lt]
+    #           Less than or equal to  [.2] or [.lte]
+    #           Equality  [.3] or  [.eq] (default)
+    #           Greater than or equal to  [.4] or [.gte]
+    #           Greater than  [.5] or [.gt]
+    #           Substring  [.6] or  [.sub]
+    #
+    #
+    # @api private
+    class ExpressionEncoder
+      using ::BER
+      extend Initializer
+      option :op, type: Types::Abstract
+      option :field, optional: true, type: Types::Field
+      option :value, optional: true, type: Types::Value
+      option :exps,  optional: true, type: Types::Array.of(Types.Instance(LDAP::Expression))
+      # @return [BER]
+      #
+      def call
+        case op
+        when :op_eql
+          if value == WILDCARD
+            field.to_s.to_ber_contextspecific(7)
+          elsif /[*]/.match?(value.to_s) # substring
+            substring
+          else
+            to_context(3)
+          end
+        when :op_bineq
+          [
+            field.to_s.to_ber,
+            unescape(value).to_ber_bin
+          ].to_ber_contextspecific(3)
+        when :op_ext
+          extensible
+        when :op_gte
+          to_context(5)
+        when :op_lte
+          to_context(6)
+        when :op_prx
+          to_context(8)
+        when :con_and
+          exps.map(&:to_ber).to_ber_contextspecific(0)
+        when :con_or
+          exps.map(&:to_ber).to_ber_contextspecific(1)
+        when :con_not
+          exps.map(&:to_ber).to_ber_contextspecific(2)
+        end
+      end
+      private
+      def substring
+        ary = value.split(/[*]+/, -1)
+        if ary.first.empty?
+          first = nil
+          ary.shift
+        else
+          first = unescape(ary.shift).to_ber_contextspecific(0)
+        end
+        if ary.last.empty?
+          last = nil
+          ary.pop
+        else
+          last = unescape(ary.pop).to_ber_contextspecific(2)
+        end
+        seq = ary.map { |e| unescape(e).to_ber_contextspecific(1) }
+        seq.unshift(first) if first
+        seq.push(last) if last
+        [
+          field.to_s.to_ber,
+          seq.to_ber
+        ].to_ber_contextspecific(4)
+      end
+      def extensible
+        raise(Error, "Bad attribute #{field}") unless field =~ EXTENSIBLE_REGEX
+        type = Regexp.last_match(1)
+        dn   = Regexp.last_match(2)
+        rule = Regexp.last_match(4)
+        seq = []
+        seq << rule.to_ber_contextspecific(1) unless rule.to_s.empty? # matchingRule
+        seq << type.to_ber_contextspecific(2) unless type.to_s.empty? # type
+        seq << unescape(value).to_ber_contextspecific(3)              # matchingValue
+        seq << '1'.to_ber_contextspecific(4) unless dn.to_s.empty?    # dnAttributes
+        seq.to_ber_contextspecific(9)
+      end
+      # Common BER encoding
+      #
+      # @return [String]
+      #
+      def to_context(int)
+        [
+          field.to_s.to_ber,
+          unescape(value).to_ber
+        ].to_ber_contextspecific(int)
+      end
+      # @note
+      #   Don't attempt to unescape 16 byte binary data assumed to be objectGUIDs.
+      #   The binary form of 5936AE79-664F-44EA-BCCB-5C39399514C6
+      #   triggers a BINARY -> UTF-8 conversion error.
+      #
+      # Converts escaped characters to unescaped characters
+      #
+      # @example
+      #   => "\\28"
+      #
+      # @return [String]
+      #
+      # @api private
+      def unescape(str)
+        if str.to_s.length.eql?(16) && str.to_s.encoding.eql?(Encoding::BINARY)
+          str
+        else
+          str.to_s.gsub(UNESCAPE_REGEX) { [Regexp.last_match(1).hex].pack('U') }
+        end
+      end
+    end
+  end
+end