ruby-activeldap-debug 0.5.8 → 0.5.9

data/lib/activeldap.rb

@@ -8,7 +8,7 @@
 # Ruby/ActiveLDAP is a novel way of interacting with LDAP.  Most interaction with
 # LDAP is done using clunky LDIFs, web interfaces, or with painful APIs that
 # required a thick reference manual nearby. Ruby/ActiveLDAP aims to fix that.
-# Inspired by ActiveRecord[http://activerecord.rubyonrails.com], Ruby/ActiveLDAP provides an
+# Inspired by ActiveRecord[http://activerecord.rubyonrails.org], Ruby/ActiveLDAP provides an
 # object oriented interface to LDAP entries.
 # 
 # The target audience is system administrators and LDAP users everywhere that
@@ -26,8 +26,8 @@
 # against Microsoft's ActiveDirectory, despite what the name implies.)
 # 
 # Further reading: 
-# * RFC1777[http://www.faqs.com/rfcs/rfc1777.html] - Lightweight Directory Access Protocol
-# * OpenLDAP[http://www.openldap.com]
+# * RFC1777[http://www.faqs.org/rfcs/rfc1777.html] - Lightweight Directory Access Protocol
+# * OpenLDAP[http://www.openldap.org]
 # 
 # === So why use Ruby/ActiveLDAP?
 # 
@@ -50,18 +50,18 @@
 # 
 # === Requirements
 # 
-# * Ruby[http://www.ruby-lang.com] 1.8.x
-# * Ruby/LDAP[http://ruby-ldap.sourcefcome.net]
-# * Log4r[http://log4r.sourcefcome.net]
-# * (Optional) Ruby/LDAP+GSSAPI[http://caliban.com/files/redhat/RPMS/i386/ruby-ldap-0.8.2-4.i386.rpm]
-# * An LDAP server compatible with Ruby/LDAP: OpenLDAP[http://www.openldap.com], etc
+# * Ruby[http://www.ruby-lang.org] 1.8.x
+# * Ruby/LDAP[http://ruby-ldap.sourceforge.net]
+# * Log4r[http://log4r.sourceforge.net]
+# * (Optional) Ruby/LDAP+GSSAPI[http://caliban.org/files/redhat/RPMS/i386/ruby-ldap-0.8.2-4.i386.rpm]
+# * An LDAP server compatible with Ruby/LDAP: OpenLDAP[http://www.openldap.org], etc
 #   - Your LDAP server must allow root_dse queries to allow for schema queries
-# * Examples also require: Ruby/Password[http://raa.ruby-lang.com/project/ruby-password/]
+# * Examples also require: Ruby/Password[http://raa.ruby-lang.org/project/ruby-password/]
 # 
 # === Installation
 # 
 # Assuming all the requirements are installed, you can install by grabbing the latest tgz file from
-# the download site[http://projects.example.com/libraries/ruby/activeldap/download.html].
+# the download site[http://projects.dataspill.org/libraries/ruby/activeldap/download.html].
 # 
 # The following steps will get the Ruby/ActiveLDAP installed in no time!
 # 
@@ -183,23 +183,23 @@
 # As you can see, this method is used for defining how this class maps in to LDAP.  Let's say that 
 # my LDAP tree looks something like this:
 # 
-#   * dc=example,dc=com
-#   |- ou=People,dc=example,dc=com
-#   |+ ou=Groups,dc=example,dc=com
+#   * dc=dataspill,dc=org
+#   |- ou=People,dc=dataspill,dc=org
+#   |+ ou=Groups,dc=dataspill,dc=org
 #     \
-#      |- cn=develop,ou=Groups,dc=example,dc=com
-#      |- cn=root,ou=Groups,dc=example,dc=com
+#      |- cn=develop,ou=Groups,dc=dataspill,dc=org
+#      |- cn=root,ou=Groups,dc=dataspill,dc=org
 #      |- ...
 # 
 # Under ou=People I store user objects, and under ou=Groups, I store group
 # objects.  What |ldap_mapping| has done is mapped the class in to the LDAP tree
 # abstractly. With the given :dnattr and :prefix, it will only work for entries
-# under ou=Groups,dc=example,dc=com using the primary attribute 'cn' as the
+# under ou=Groups,dc=dataspill,dc=org using the primary attribute 'cn' as the
 # beginning of the distinguished name.
 # 
 # Just for clarity, here's how the arguments map out:
 # 
-#   cn=develop,ou=Groups,dc=example,dc=com
+#   cn=develop,ou=Groups,dc=dataspill,dc=org
 #   ^^         ^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^
 #  :dnattr       |         |
 #              :prefix     |
@@ -233,11 +233,11 @@
 # tying objects together across the LDAP tree. Often, user objects will be
 # members of, or belong_to, Group objects.
 # 
-#   * dc=example,dc=com
-#   |+ ou=People,dc=example,dc=com
+#   * dc=dataspill,dc=org
+#   |+ ou=People,dc=dataspill,dc=org
 #    \
-#    |- uid=drewry,ou=People,dc=example,dc=com
-#   |- ou=Groups,dc=example,dc=com
+#    |- uid=drewry,ou=People,dc=dataspill,dc=org
+#   |- ou=Groups,dc=dataspill,dc=org
 # 
 # 
 # In the above tree, one such example would be user 'drewry' who is a part of the
@@ -385,7 +385,7 @@
 #
 #   irb> Base.search(:base => 'dc=example,dc=com', :filter => '(uid=roo*)',
 #                    :scope => LDAP::LDAP_SCOPE_SUBTREE, :attrs => ['uid', 'cn'])
-#   =>  [{"dn"=>"uid=root,ou=People,dc=example,dc=com","cn"=>["root"], "uidNumber"=>["0"]}]
+#   =>  [{"dn"=>"uid=root,ou=People,dc=dataspill,dc=org","cn"=>["root"], "uidNumber"=>["0"]}]
 # You can specify the :filter, :base, :scope, and :attrs, but they all have defaults --
 #  * :filter defaults to objectClass=* - usually this isn't what you want
 #  * :base defaults to the base of the class this is executed from (as set in ldap_mapping)
@@ -443,10 +443,10 @@
 # won't need to call Base.connect. Here is a fully parameterized call:
 # 
 #   Base.connect(
-#     :host => 'ldap.example.com',
+#     :host => 'ldap.dataspill.org',
 #     :port => 389,
-#     :base => 'dc=example,dc=com',
-#     :bind_format => "uid=%s,ou=People,dc=example,dc=com",
+#     :base => 'dc=dataspill,dc=org',
+#     :bind_format => "uid=%s,ou=People,dc=dataspill,dc=org",
 #     :logger => log4r_obj,
 #     :user => 'drewry',
 #     :password_block => Proc.new { 'password12345' },
@@ -909,7 +909,7 @@ require 'activeldap/schema2'
 
 
 module ActiveLDAP
-  VERSION = "0.5.8"
+  VERSION = "0.5.9"
 end
 
 ActiveLDAP::Base.class_eval do

data/lib/activeldap/associations.rb

@@ -33,7 +33,7 @@ module ActiveLDAP
        # class which can then be inherited, etc
        # which describe the mapping to LDAP.
        klass.class_eval <<-"end_eval"
-         class << #{klass}
+         class << self
            # Return the list of required object classes
            def required_classes
              #{classes}

data/lib/activeldap/base.rb

@@ -34,7 +34,7 @@ require 'ldap/schema'
 require 'log4r'
 
 module ActiveLDAP
-  # OO-interface to LDAP assuming pam/nss_ldap-style comanization with Active specifics
+  # OO-interface to LDAP assuming pam/nss_ldap-style organization with Active specifics
   # Each subclass does a ldapsearch for the matching entry.
   # If no exact match, raise an error.
   # If match, change all LDAP attributes in accessor attributes on the object.
@@ -167,7 +167,7 @@ module ActiveLDAP
     # +config+ must be a hash that may contain any of the following fields:
     # :user, :password_block, :logger, :host, :port, :base, :bind_format, :try_sasl, :allow_anonymous
     # :user specifies the username to bind with.
-    # :bind_format specifies the string to substitute the username into on bind.  e.g. uid=%s,ou=People,dc=example,dc=com. Overrides @@bind_format.
+    # :bind_format specifies the string to substitute the username into on bind.  e.g. uid=%s,ou=People,dc=dataspill,dc=org. Overrides @@bind_format.
     # :password_block specifies a Proc object that will yield a String to be used as the password when called.
     # :logger specifies a preconfigured Log4r::Logger to be used for all logging
     # :host overrides the configuration.rb @@host setting with the LDAP server hostname
@@ -294,7 +294,7 @@ module ActiveLDAP
       rescue RuntimeError => detail
         #TODO# Check for 'No message' when retrying
         # The connection may have gone stale. Let's reconnect and retry. 
-        if tries > @max_retries
+        if tries > @@config[:retries]
           # Do nothing on failure
           @@logger.debug "No matches for #{config[:filter]} and attrs #{config[:attrs]}"
         end
@@ -346,12 +346,12 @@ module ActiveLDAP
       tries = 0
       begin
         # Get some attributes
-        @@conn.search(base(), LDAP::LDAP_SCOPE_SUBTREE, "(#{attr}=#{val})")  do |m|
+        @@conn.search(base(), LDAP::LDAP_SCOPE_ONELEVEL, "(#{attr}=#{val})")  do |m|
           # Extract the dnattr value
           dnval = m.dn.split(/,/)[0].split(/=/)[1]
 
           if objects
-            return eval("#{real_klass}.new(m)")
+            return real_klass.new(m)
           else
             return dnval
           end
@@ -359,7 +359,7 @@ module ActiveLDAP
       rescue RuntimeError => detail
         #todo# check for 'no message' when retrying
         # the connection may have gone stale. let's reconnect and retry. 
-        if tries > @max_retries
+        if tries > @@config[:retries]
           # do nothing on failure
           @@logger.debug "no matches for #{attr}=#{val}"
         end
@@ -394,11 +394,12 @@ module ActiveLDAP
 
       # Allow a single string argument
       val = config
+      attr = dnattr()
       objects = false
       # Or a hash
       if config.respond_to?"has_key?"
-        attr = config[:attribute] || dnattr()
         val = config[:value] || '*'
+        attr = config[:attribute] || dnattr()
         objects = config[:objects]
       end
 
@@ -407,20 +408,23 @@ module ActiveLDAP
       tries = 0
       begin
         # Get some attributes
-        @@conn.search(base(), LDAP::LDAP_SCOPE_SUBTREE, "(#{attr}=#{val})")  do |m|
+        @@conn.search(base(), LDAP::LDAP_SCOPE_ONELEVEL, "(#{attr}=#{val})")  do |m|
           # Extract the dnattr value
           dnval = m.dn.split(/,/)[0].split(/=/)[1]
 
           if objects
-            matches.push(eval("#{real_klass}.new(m)"))
+            matches.push(real_klass.new(m))
           else
             matches.push(dnval)
           end
         end
       rescue RuntimeError => detail
         #todo# check for 'no message' when retrying
+
+        #TODO# This is broken because search gives bad messages.
+
         # the connection may have gone stale. let's reconnect and retry. 
-        if tries > @max_retries
+        if tries > @@config[:retries]
           # do nothing on failure
           @@logger.debug "no matches for #{attr}=#{val}"
         end
@@ -508,7 +512,10 @@ module ActiveLDAP
       @data = {} # where the r/w entry data is stored
       @ldap_data = {} # original ldap entry data
       @attr_methods = {} # list of valid method calls for attributes used for dereferencing
-      @last_oc = nil # for use in other methods for "caching"
+      @last_oc = false # for use in other methods for "caching"
+      if dnattr().empty?
+        raise RuntimeError, "dnattr() not set for this class."
+      end
 
       # Break val apart if it is a dn
       if val.match(/^#{dnattr()}=([^,=]+),#{base()}$/i)
@@ -529,7 +536,7 @@ module ActiveLDAP
         tries = 0
         begin
           # Get some attributes
-          Base.connection.search("#{dnattr()}=#{val},#{base()}", LDAP::LDAP_SCOPE_SUBTREE, "objectClass=*")  do |m|
+          Base.connection.search(base(), LDAP::LDAP_SCOPE_ONELEVEL, "(#{dnattr()}=#{val})")  do |m|
             # Save DN
             @dn = m.dn
             # Load up data into tmp
@@ -557,24 +564,24 @@ module ActiveLDAP
           @ldap_data.each do |pair|
             send(:attribute_method=, pair[0], pair[1].dup)
           end
-				rescue RuntimeError => detail
-					#todo# check for 'no message' when retrying
-					# the connection may have gone stale. let's reconnect and retry. 
-					if tries > @max_retries
-						@exists = false
-						# Create what should be the authoritative DN
-						@dn = "#{dnattr()}=#{val},#{base()}"
-						send(:apply_objectclass, required_classes())
-
-						# Setup dn attribute (later rdn too!)
-						attr_sym = "#{dnattr()}=".to_sym
-						@@logger.debug("new: setting dnattr: #{dnattr()} = #{val}")
-						send(attr_sym, val)
-					end
-					tries += 1
-					# reconnect and rebind.
-					do_connect()
-					retry
+        rescue RuntimeError => detail
+          #todo# check for 'no message' when retrying
+          # the connection may have gone stale. let's reconnect and retry. 
+          if tries > @@config[:retries]
+            @exists = false
+            # Create what should be the authoritative DN
+            @dn = "#{dnattr()}=#{val},#{base()}"
+            send(:apply_objectclass, required_classes())
+
+            # Setup dn attribute (later rdn too!)
+            attr_sym = "#{dnattr()}=".to_sym
+            @@logger.debug("new: setting dnattr: #{dnattr()} = #{val}")
+            send(attr_sym, val)
+          end
+          tries += 1
+          # reconnect and rebind.
+          do_connect()
+          retry
         rescue LDAP::ResultError
           @exists = false
           # Create what should be the authoritative DN
@@ -672,16 +679,16 @@ module ActiveLDAP
       begin
         @@conn.delete(@dn)
         @exists = false
-			rescue RuntimeError => detail
-				#todo# check for 'no message' when retrying
-				# the connection may have gone stale. let's reconnect and retry. 
-				if tries > @max_retries
+      rescue RuntimeError => detail
+        #todo# check for 'no message' when retrying
+        # the connection may have gone stale. let's reconnect and retry. 
+        if tries > @@config[:retries]
           raise DeleteError, "Failed to delete LDAP entry: '#{@dn}'"
-				end
-				tries += 1
-				# reconnect and rebind.
-				do_connect()
-				retry
+        end
+        tries += 1
+        # reconnect and rebind.
+        do_connect()
+        retry
       rescue LDAP::ResultError => detail
         raise DeleteError, "Failed to delete LDAP entry: '#{@dn}'"
       end
@@ -812,16 +819,16 @@ module ActiveLDAP
           @@logger.debug("#write: modifying #{@dn}")
           @@conn.modify(@dn, entry)
           @@logger.debug("#write: modify successful")
-				rescue RuntimeError => detail
-					#todo# check for 'no message' when retrying
-					# the connection may have gone stale. let's reconnect and retry. 
-					if tries > @max_retries
-						raise WriteError, "Could not update LDAP entry: #{detail}"
-					end
-					tries += 1
-					# reconnect and rebind.
-					do_connect()
-					retry
+        rescue RuntimeError => detail
+          #todo# check for 'no message' when retrying
+          # the connection may have gone stale. let's reconnect and retry. 
+          if tries > @@config[:retries]
+            raise WriteError, "Could not update LDAP entry: #{detail}"
+          end
+          tries += 1
+          # reconnect and rebind.
+          do_connect()
+          retry
         rescue => detail
           raise WriteError, "Could not update LDAP entry: #{detail}"
         end
@@ -853,7 +860,7 @@ module ActiveLDAP
           @exists = true
         rescue RuntimeError => e
           # The connection may have gone stale. Let's reconnect and retry. 
-          if tries > @max_retries
+          if tries > @@config[:retries]
             raise WriteError, "Could not add LDAP entry[#{Base.connection.err2string(Base.connection.err)}]: #{detail}"
           end
           tries += 1
@@ -984,6 +991,9 @@ module ActiveLDAP
         @@logger.debug("stub: objectClass=(#{val.inspect}) called")
         new_oc = val
         new_oc = [val] if new_oc.class != Array
+        if defined?(@last_oc).nil?
+          @last_oc = false
+        end
         return new_oc if @last_oc == new_oc
 
         # Store for caching purposes
@@ -996,16 +1006,16 @@ module ActiveLDAP
         # Build |data| from schema
         # clear attr_method mapping first
         @attr_methods = {}
-	      @must = []
-	      @may = []
+        @must = []
+        @may = []
         new_oc.each do |objc|
           # get all attributes for the class
           attributes = Base.schema.class_attributes(objc.to_s)
-	        @must += attributes[:must]
-	        @may += attributes[:may]
+          @must += attributes[:must]
+          @may += attributes[:may]
         end
-	      @must.uniq!
-	      @may.uniq!
+        @must.uniq!
+        @may.uniq!
         (@must+@may).each do |attr|
             # Update attr_method with appropriate
             define_attribute_methods(attr)
@@ -1116,31 +1126,40 @@ module ActiveLDAP
     # Performs the actually connection. This separate so that it may
     # be called to refresh stale connections.
     def Base.do_connect()
-			# Connect to LDAP
-			begin
-				# SSL using START_TLS
-				@@conn = LDAP::SSLConn.new(@@config[:host], @@config[:port], true)
-			rescue
-				@@logger.warn "Warning: Failed to connect using TLS!"
-				begin
-					@@logger.warn "Warning: Attempting SSL connection . . ."
-					@@conn = LDAP::SSLConn.new(@@config[:host], @@config[:port], false)
-					# HACK: Load the schema here because otherwise you can't tell if the
-					# HACK: SSLConn is a real SSL connection.
-					@@schema = @@conn.schema() if @@schema.nil?
-				rescue
-					@@logger.warn "Warning: Attempting unencrypted connection . . ."
-					@@conn = LDAP::Conn.new(@@config[:host], @@config[:port])
-				end
-			end
-			@@logger.debug "Connected to #{@@config[:host]}:#{@@config[:port]}."
-
-			# Enforce LDAPv3
-			@@conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
-
-			# Authenticate
-			do_bind
-		end
+        # Wrap the whole thing an try retries times
+        tries = 0
+        begin
+          # Connect to LDAP
+          begin
+            # SSL using START_TLS
+            @@conn = LDAP::SSLConn.new(@@config[:host], @@config[:port], true)
+          rescue
+            @@logger.warn "Warning: Failed to connect using TLS!"
+            begin
+              @@logger.warn "Warning: Attempting SSL connection . . ."
+              @@conn = LDAP::SSLConn.new(@@config[:host], @@config[:port], false)
+              # HACK: Load the schema here because otherwise you can't tell if the
+              # HACK: SSLConn is a real SSL connection.
+              @@schema = @@conn.schema() if @@schema.nil?
+            rescue
+              @@logger.warn "Warning: Attempting unencrypted connection . . ."
+              @@conn = LDAP::Conn.new(@@config[:host], @@config[:port])
+            end
+          end
+          @@logger.debug "Connected to #{@@config[:host]}:#{@@config[:port]}."
+
+          # Enforce LDAPv3
+          @@conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
+
+          # Authenticate
+          do_bind
+        rescue => e
+          # Retry
+          tries += 1
+          raise e if tries > @@config[:retries]
+          retry
+        end
+    end
 
 
      # Wrapper all bind activity
@@ -1205,7 +1224,7 @@ module ActiveLDAP
        mechanisms = @@conn.root_dse[0]['supportedSASLMechanisms']
        # Use GSSAPI if available
        # Currently only GSSAPI is supported with Ruby/LDAP from
-       # http://caliban.com/files/redhat/RPMS/i386/ruby-ldap-0.8.2-4.i386.rpm
+       # http://caliban.org/files/redhat/RPMS/i386/ruby-ldap-0.8.2-4.i386.rpm
        # TODO: Investigate further SASL support
        if mechanisms.respond_to? :member? and mechanisms.member? 'GSSAPI'
          begin

data/lib/activeldap/configuration.rb

@@ -8,11 +8,11 @@ module ActiveLDAP
  module Configuration
     @@host = "127.0.0.1"
     @@port = 389
-    @@bind_format = "uid=%s,ou=People,dc=example,dc=com"
+    @@bind_format = "uid=%s,ou=People,dc=localdomain"
 
     # Make the return value the string that is your LDAP base
     def Base.base
-      'dc=example,dc=com'
+      'dc=localdomain'
     end
 
     # This is optionally set to the array of objectClass names

data/lib/activeldap/schema2.rb

@@ -14,9 +14,9 @@ module LDAP
     #  attr('attributeTypes', 'cn', 'DESC')
     #  attr('ldapSyntaxes', '1.3.6.1.4.1.1466.115.121.1.5', 'DESC')
     def attr(sub, type, at)
-      return '' if sub.empty?
-      return '' if type.empty?
-      return '' if at.empty?
+      return [] if sub.empty?
+      return [] if type.empty?
+      return [] if at.empty?
 
       # Check already parsed options first
       if @@attr_cache.has_key? sub \
@@ -169,6 +169,7 @@ module LDAP
         sups.each do |sup|
           new_sups += attr('objectClasses', sup, 'SUP')
         end
+
 	sups += new_sups
 	sups.uniq!
         break if sups.size == start_size

metadata

@@ -3,8 +3,8 @@ rubygems_version: 0.8.4
 specification_version: 1
 name: ruby-activeldap-debug
 version: !ruby/object:Gem::Version 
-  version: 0.5.8
-date: 2005-10-31
+  version: 0.5.9
+date: 2005-11-01
 summary: Ruby/ActiveLDAP is a object-oriented API to LDAP
 require_paths: 
   - lib