RubyGems - rom-ldap - Versions diffs - 0.2.2 - Mend

rom-ldap 0.2.2

Files changed (104) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +251 -0
data/CONTRIBUTING.md +18 -0
data/README.md +172 -0
data/TODO.md +33 -0
data/config/responses.yml +328 -0
data/lib/dry/monitor/ldap/colorizers/default.rb +17 -0
data/lib/dry/monitor/ldap/colorizers/rouge.rb +31 -0
data/lib/dry/monitor/ldap/logger.rb +58 -0
data/lib/rom-ldap.rb +1 -0
data/lib/rom/ldap.rb +22 -0
data/lib/rom/ldap/alias.rb +30 -0
data/lib/rom/ldap/associations.rb +6 -0
data/lib/rom/ldap/associations/core.rb +23 -0
data/lib/rom/ldap/associations/many_to_many.rb +18 -0
data/lib/rom/ldap/associations/many_to_one.rb +22 -0
data/lib/rom/ldap/associations/one_to_many.rb +32 -0
data/lib/rom/ldap/associations/one_to_one.rb +19 -0
data/lib/rom/ldap/associations/self_ref.rb +35 -0
data/lib/rom/ldap/attribute.rb +327 -0
data/lib/rom/ldap/client.rb +185 -0
data/lib/rom/ldap/client/authentication.rb +118 -0
data/lib/rom/ldap/client/operations.rb +233 -0
data/lib/rom/ldap/commands.rb +6 -0
data/lib/rom/ldap/commands/create.rb +41 -0
data/lib/rom/ldap/commands/delete.rb +17 -0
data/lib/rom/ldap/commands/update.rb +35 -0
data/lib/rom/ldap/constants.rb +193 -0
data/lib/rom/ldap/dataset.rb +286 -0
data/lib/rom/ldap/dataset/conversion.rb +62 -0
data/lib/rom/ldap/dataset/dsl.rb +299 -0
data/lib/rom/ldap/dataset/persistence.rb +44 -0
data/lib/rom/ldap/directory.rb +126 -0
data/lib/rom/ldap/directory/capabilities.rb +71 -0
data/lib/rom/ldap/directory/entry.rb +200 -0
data/lib/rom/ldap/directory/env.rb +155 -0
data/lib/rom/ldap/directory/operations.rb +282 -0
data/lib/rom/ldap/directory/password.rb +122 -0
data/lib/rom/ldap/directory/root.rb +187 -0
data/lib/rom/ldap/directory/tokenization.rb +66 -0
data/lib/rom/ldap/directory/transactions.rb +31 -0
data/lib/rom/ldap/directory/vendors/active_directory.rb +129 -0
data/lib/rom/ldap/directory/vendors/apache_ds.rb +27 -0
data/lib/rom/ldap/directory/vendors/e_directory.rb +16 -0
data/lib/rom/ldap/directory/vendors/open_directory.rb +12 -0
data/lib/rom/ldap/directory/vendors/open_dj.rb +25 -0
data/lib/rom/ldap/directory/vendors/open_ldap.rb +35 -0
data/lib/rom/ldap/directory/vendors/three_eight_nine.rb +16 -0
data/lib/rom/ldap/directory/vendors/unknown.rb +22 -0
data/lib/rom/ldap/dsl.rb +76 -0
data/lib/rom/ldap/errors.rb +47 -0
data/lib/rom/ldap/expression.rb +77 -0
data/lib/rom/ldap/expression_encoder.rb +174 -0
data/lib/rom/ldap/extensions.rb +50 -0
data/lib/rom/ldap/extensions/active_support_notifications.rb +26 -0
data/lib/rom/ldap/extensions/compatibility.rb +11 -0
data/lib/rom/ldap/extensions/dsml.rb +165 -0
data/lib/rom/ldap/extensions/msgpack.rb +23 -0
data/lib/rom/ldap/extensions/optimised_json.rb +25 -0
data/lib/rom/ldap/extensions/rails_log_subscriber.rb +38 -0
data/lib/rom/ldap/formatter.rb +26 -0
data/lib/rom/ldap/functions.rb +207 -0
data/lib/rom/ldap/gateway.rb +145 -0
data/lib/rom/ldap/ldif.rb +74 -0
data/lib/rom/ldap/ldif/exporter.rb +77 -0
data/lib/rom/ldap/ldif/importer.rb +95 -0
data/lib/rom/ldap/mapper_compiler.rb +19 -0
data/lib/rom/ldap/matchers.rb +69 -0
data/lib/rom/ldap/message_queue.rb +7 -0
data/lib/rom/ldap/oid.rb +101 -0
data/lib/rom/ldap/parsers/abstract_syntax.rb +91 -0
data/lib/rom/ldap/parsers/attribute.rb +290 -0
data/lib/rom/ldap/parsers/filter_syntax.rb +133 -0
data/lib/rom/ldap/pdu.rb +285 -0
data/lib/rom/ldap/plugin/pagination.rb +145 -0
data/lib/rom/ldap/plugins.rb +7 -0
data/lib/rom/ldap/projection_dsl.rb +38 -0
data/lib/rom/ldap/relation.rb +135 -0
data/lib/rom/ldap/relation/exporting.rb +72 -0
data/lib/rom/ldap/relation/reading.rb +461 -0
data/lib/rom/ldap/relation/writing.rb +64 -0
data/lib/rom/ldap/responses.rb +17 -0
data/lib/rom/ldap/restriction_dsl.rb +45 -0
data/lib/rom/ldap/schema.rb +123 -0
data/lib/rom/ldap/schema/attributes_inferrer.rb +59 -0
data/lib/rom/ldap/schema/dsl.rb +13 -0
data/lib/rom/ldap/schema/inferrer.rb +50 -0
data/lib/rom/ldap/schema/type_builder.rb +133 -0
data/lib/rom/ldap/scope.rb +19 -0
data/lib/rom/ldap/search_request.rb +249 -0
data/lib/rom/ldap/socket.rb +210 -0
data/lib/rom/ldap/tasks/ldap.rake +103 -0
data/lib/rom/ldap/tasks/ldif.rake +80 -0
data/lib/rom/ldap/transaction.rb +29 -0
data/lib/rom/ldap/type_map.rb +88 -0
data/lib/rom/ldap/types.rb +158 -0
data/lib/rom/ldap/version.rb +17 -0
data/lib/rom/plugins/relation/ldap/active_directory.rb +182 -0
data/lib/rom/plugins/relation/ldap/auto_restrictions.rb +69 -0
data/lib/rom/plugins/relation/ldap/e_directory.rb +27 -0
data/lib/rom/plugins/relation/ldap/instrumentation.rb +35 -0
data/lib/rouge/lexers/ldap.rb +72 -0
data/lib/rouge/themes/ldap.rb +49 -0
metadata +231 -0

data/lib/rom/ldap/directory/vendors/apache_ds.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Apache Directory Extension
+    #
+    # @api private
+    module ApacheDs
+      # IGNORE_ATTRS_REGEX = /^[m-|ads|entry].*$/.freeze
+      # @return [Array]
+      #
+      # @api public
+      def schema_attributes
+        query(base: 'ou=schema', filter: '(objectClass=metaAttributeType)')
+      end
+      # @return [Array]
+      #
+      # @api public
+      def schemas_classes
+        query(base: 'ou=schema', filter: '(objectClass=metaObjectClass)')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/e_directory.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Novell eDirectory Extension
+    #
+    # @api private
+    module EDirectory
+      # WIP
+      def transactions
+        # noop
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_directory.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # Apple Open Directory Extension
+    #
+    # @api private
+    module OpenDirectory
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_dj.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # OpenDJ Server Extension
+    #
+    # @api private
+    module OpenDj
+      # @return [String]
+      #
+      # @api public
+      def full_vendor_version
+        root.first('fullVendorVersion')
+      end
+      # @return [String]
+      #
+      # @api public
+      def etag
+        root.first('etag')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/open_ldap.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # OpenLDAP Extension
+    #
+    # @api private
+    module OpenLdap
+      #
+      # @return [String]
+      #
+      # @api public
+      def vendor_name
+        'OpenLDAP'
+      end
+      #
+      # @return [String]
+      #
+      # @api public
+      def vendor_version
+        '0.0'
+      end
+      #
+      # @return [String]
+      #
+      # @api public
+      def organization
+        query(base: contexts[0]).first.first('o')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/three_eight_nine.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    #
+    # RedHat 389DS Extension
+    #
+    # @api private
+    module ThreeEightNine
+      # @api public
+      def netscapemdsuffix
+        root.first('netscapemdsuffix')
+      end
+    end
+  end
+end

data/lib/rom/ldap/directory/vendors/unknown.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @api private
+    module Unknown
+      # @return [String]
+      #
+      # @api public
+      def vendor_name
+        'Unknown'
+      end
+      # @return [String]
+      #
+      # @api public
+      def vendor_version
+        'Unknown'
+      end
+    end
+  end
+end

data/lib/rom/ldap/dsl.rb ADDED Viewed

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+require 'concurrent/map'
+require 'rom/support/inflector'
+require 'rom/constants'
+require 'rom/ldap/types'
+module ROM
+  module LDAP
+    # @api private
+    class DSL < BasicObject
+      # @!attribute [r] schema
+      #   @return [LDAP::Schema]
+      attr_reader :schema
+      # @!attribute [r] relations
+      #   @return [Hash, RelationRegistry]
+      attr_reader :relations
+      # @!attribute [r] picked_relations
+      #   @return [Concurrent::Map]
+      attr_reader :picked_relations
+      # @api private
+      def initialize(schema)
+        @schema = schema
+        @relations = schema.respond_to?(:relations) ? schema.relations : EMPTY_HASH
+        @picked_relations = ::Concurrent::Map.new
+      end
+      # @api private
+      def call(&block)
+        result = instance_exec(select_relations(block.parameters), &block)
+        if result.is_a?(::Array)
+          result
+        else
+          [result]
+        end
+      end
+      # @api private
+      def respond_to_missing?(name, include_private = false)
+        super || schema.key?(name)
+      end
+      private
+      # @api private
+      def type(identifier)
+        type_name = Inflector.classify(identifier)
+        types.const_get(type_name) if types.const_defined?(type_name)
+      end
+      # @api private
+      def types
+        ::ROM::LDAP::Types
+      end
+      # @api private
+      def select_relations(parameters)
+        @picked_relations.fetch_or_store(parameters.hash) do
+          keys = parameters.select { |type, _| type == :keyreq }
+          if keys.empty?
+            relations
+          else
+            keys.each_with_object({}) { |(_, k), rs| rs[k] = relations[k] }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rom/ldap/errors.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @see ROM::LDAP::Gateway
+    #
+    # @see ROM::LDAP::Schema::Inferrer
+    #
+    CONNECTION_FAILURES = [
+      EOFError,
+      Errno::ECONNABORTED,
+      Errno::ECONNREFUSED,
+      Errno::ECONNRESET,
+      Errno::EHOSTUNREACH,
+      Errno::EIO,
+      Errno::ENETDOWN,
+      Errno::ENETRESET,
+      Errno::EPIPE,
+      Errno::ETIMEDOUT,
+      IOError
+    ].freeze
+    # @see Client::Authentication#bind
+    #
+    BindError                     = Class.new(StandardError)
+    # @see Client::Authentication#sasl_bind
+    #
+    SecureBindError               = Class.new(StandardError)
+    # @see Client#submit
+    #
+    ResponseError                 = Class.new(StandardError)
+    # @see Directory::Operations#find, #by_dn, #add
+    #
+    DistinguishedNameError        = Class.new(StandardError)
+    # @see Socket#connect
+    #
+    ConnectionError               = Class.new(StandardError)
+    # @see Directory::Password#generate
+    #
+    PasswordError                 = Class.new(StandardError)
+  end
+end

data/lib/rom/ldap/expression.rb ADDED Viewed

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # @api private
+    class Expression
+      extend Initializer
+      option :op, type: Types::Abstract
+      option :field, optional: true, type: Types::Field
+      option :value, optional: true, type: Types::Value
+      option :exps,  optional: true, type: Types::Array.of(Types.Instance(Expression))
+      #
+      #
+      # @return [String]
+      #
+      # @api public
+      def to_ber
+        require 'rom/ldap/expression_encoder'
+        ExpressionEncoder.new(options).call
+      end
+      # Unbracketed filter string
+      #
+      # @return [String]
+      #
+      def to_raw_filter
+        case op
+        when :op_eql, :op_bineq then "#{field}=#{value}"
+        when :op_ext  then "#{field}:=#{value}"
+        when :op_gte  then "#{field}>=#{value}"
+        when :op_lte  then "#{field}<=#{value}"
+        when :op_prx  then "#{field}~=#{value}"
+        when :con_and then "&#{exps.map(&:to_filter).join}"
+        when :con_or  then "|#{exps.map(&:to_filter).join}"
+        when :con_not then "!#{exps[0].to_filter}"
+        end
+      end
+      # Bracketed filter string
+      #
+      # @return [String]
+      #
+      def to_filter
+        "(#{to_raw_filter})"
+      end
+      alias_method :to_s, :to_filter
+      # AST with original atrributes and values
+      #
+      # @return [Array]
+      #
+      def to_ast
+        case op
+        when :con_and then [op, exps.map(&:to_ast)]
+        when :con_or  then [op, exps.map(&:to_ast)]
+        when :con_not then [op, exps[0].to_ast]
+        else
+          [op, field, value]
+        end
+      end
+      alias_method :to_a, :to_ast
+      # @return [String]
+      #
+      def inspect
+        %(#<#{self.class} #{to_raw_filter} />)
+      end
+    end
+  end
+end

data/lib/rom/ldap/expression_encoder.rb ADDED Viewed

@@ -0,0 +1,174 @@
+# frozen_string_literal: true
+module ROM
+  module LDAP
+    # Used in ROM::LDAP::Expression#to_ber.
+    #
+    #       Filter ::=
+    #           CHOICE {
+    #               and             [0] SET OF Filter,
+    #               or              [1] SET OF Filter,
+    #               not             [2] Filter,
+    #               equalityMatch   [3] AttributeValueAssertion,
+    #               substrings      [4] SubstringFilter,
+    #               greaterOrEqual  [5] AttributeValueAssertion,
+    #               lessOrEqual     [6] AttributeValueAssertion,
+    #               present         [7] AttributeType,
+    #               approxMatch     [8] AttributeValueAssertion,
+    #               extensibleMatch [9] MatchingRuleAssertion
+    #           }
+    #
+    #       SubstringFilter ::=
+    #           SEQUENCE {
+    #               type               AttributeType,
+    #               SEQUENCE OF CHOICE {
+    #                   initial        [0] LDAPString,
+    #                   any            [1] LDAPString,
+    #                   final          [2] LDAPString
+    #               }
+    #           }
+    #
+    #       MatchingRuleAssertion ::=
+    #           SEQUENCE {
+    #             matchingRule    [1] MatchingRuleId OPTIONAL,
+    #             type            [2] AttributeDescription OPTIONAL,
+    #             matchValue      [3] AssertionValue,
+    #             dnAttributes    [4] BOOLEAN DEFAULT FALSE
+    #           }
+    #
+    #       Matching Rule Suffixes
+    #           Less than   [.1] or .[lt]
+    #           Less than or equal to  [.2] or [.lte]
+    #           Equality  [.3] or  [.eq] (default)
+    #           Greater than or equal to  [.4] or [.gte]
+    #           Greater than  [.5] or [.gt]
+    #           Substring  [.6] or  [.sub]
+    #
+    #
+    # @api private
+    class ExpressionEncoder
+      using ::BER
+      extend Initializer
+      option :op, type: Types::Abstract
+      option :field, optional: true, type: Types::Field
+      option :value, optional: true, type: Types::Value
+      option :exps,  optional: true, type: Types::Array.of(Types.Instance(LDAP::Expression))
+      # @return [BER]
+      #
+      def call
+        case op
+        when :op_eql
+          if value == WILDCARD
+            field.to_s.to_ber_contextspecific(7)
+          elsif /[*]/.match?(value.to_s) # substring
+            substring
+          else
+            to_context(3)
+          end
+        when :op_bineq
+          [
+            field.to_s.to_ber,
+            unescape(value).to_ber_bin
+          ].to_ber_contextspecific(3)
+        when :op_ext
+          extensible
+        when :op_gte
+          to_context(5)
+        when :op_lte
+          to_context(6)
+        when :op_prx
+          to_context(8)
+        when :con_and
+          exps.map(&:to_ber).to_ber_contextspecific(0)
+        when :con_or
+          exps.map(&:to_ber).to_ber_contextspecific(1)
+        when :con_not
+          exps.map(&:to_ber).to_ber_contextspecific(2)
+        end
+      end
+      private
+      def substring
+        ary = value.split(/[*]+/, -1)
+        if ary.first.empty?
+          first = nil
+          ary.shift
+        else
+          first = unescape(ary.shift).to_ber_contextspecific(0)
+        end
+        if ary.last.empty?
+          last = nil
+          ary.pop
+        else
+          last = unescape(ary.pop).to_ber_contextspecific(2)
+        end
+        seq = ary.map { |e| unescape(e).to_ber_contextspecific(1) }
+        seq.unshift(first) if first
+        seq.push(last) if last
+        [
+          field.to_s.to_ber,
+          seq.to_ber
+        ].to_ber_contextspecific(4)
+      end
+      def extensible
+        raise(Error, "Bad attribute #{field}") unless field =~ EXTENSIBLE_REGEX
+        type = Regexp.last_match(1)
+        dn   = Regexp.last_match(2)
+        rule = Regexp.last_match(4)
+        seq = []
+        seq << rule.to_ber_contextspecific(1) unless rule.to_s.empty? # matchingRule
+        seq << type.to_ber_contextspecific(2) unless type.to_s.empty? # type
+        seq << unescape(value).to_ber_contextspecific(3)              # matchingValue
+        seq << '1'.to_ber_contextspecific(4) unless dn.to_s.empty?    # dnAttributes
+        seq.to_ber_contextspecific(9)
+      end
+      # Common BER encoding
+      #
+      # @return [String]
+      #
+      def to_context(int)
+        [
+          field.to_s.to_ber,
+          unescape(value).to_ber
+        ].to_ber_contextspecific(int)
+      end
+      # @note
+      #   Don't attempt to unescape 16 byte binary data assumed to be objectGUIDs.
+      #   The binary form of 5936AE79-664F-44EA-BCCB-5C39399514C6
+      #   triggers a BINARY -> UTF-8 conversion error.
+      #
+      # Converts escaped characters to unescaped characters
+      #
+      # @example
+      #   => "\\28"
+      #
+      # @return [String]
+      #
+      # @api private
+      def unescape(str)
+        if str.to_s.length.eql?(16) && str.to_s.encoding.eql?(Encoding::BINARY)
+          str
+        else
+          str.to_s.gsub(UNESCAPE_REGEX) { [Regexp.last_match(1).hex].pack('U') }
+        end
+      end
+    end
+  end
+end