ruby-activeldap 0.8.1 → 0.8.2
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES +5 -0
- data/Manifest.txt +91 -25
- data/README +22 -0
- data/Rakefile +41 -8
- data/TODO +1 -6
- data/examples/config.yaml.example +5 -0
- data/examples/example.der +0 -0
- data/examples/example.jpg +0 -0
- data/examples/groupadd +41 -0
- data/examples/groupdel +35 -0
- data/examples/groupls +49 -0
- data/examples/groupmod +42 -0
- data/examples/lpasswd +55 -0
- data/examples/objects/group.rb +13 -0
- data/examples/objects/ou.rb +4 -0
- data/examples/objects/user.rb +20 -0
- data/examples/ouadd +38 -0
- data/examples/useradd +45 -0
- data/examples/useradd-binary +50 -0
- data/examples/userdel +34 -0
- data/examples/userls +50 -0
- data/examples/usermod +42 -0
- data/examples/usermod-binary-add +47 -0
- data/examples/usermod-binary-add-time +51 -0
- data/examples/usermod-binary-del +48 -0
- data/examples/usermod-lang-add +43 -0
- data/lib/active_ldap.rb +213 -214
- data/lib/active_ldap/adapter/base.rb +461 -0
- data/lib/active_ldap/adapter/ldap.rb +232 -0
- data/lib/active_ldap/adapter/ldap_ext.rb +69 -0
- data/lib/active_ldap/adapter/net_ldap.rb +288 -0
- data/lib/active_ldap/adapter/net_ldap_ext.rb +29 -0
- data/lib/active_ldap/association/belongs_to.rb +3 -1
- data/lib/active_ldap/association/belongs_to_many.rb +5 -6
- data/lib/active_ldap/association/has_many.rb +9 -17
- data/lib/active_ldap/association/has_many_wrap.rb +4 -5
- data/lib/active_ldap/attributes.rb +4 -0
- data/lib/active_ldap/base.rb +201 -56
- data/lib/active_ldap/configuration.rb +11 -1
- data/lib/active_ldap/connection.rb +15 -9
- data/lib/active_ldap/distinguished_name.rb +246 -0
- data/lib/active_ldap/ldap_error.rb +74 -0
- data/lib/active_ldap/object_class.rb +9 -5
- data/lib/active_ldap/schema.rb +50 -9
- data/lib/active_ldap/validations.rb +11 -13
- data/rails/plugin/active_ldap/generators/scaffold_al/scaffold_al_generator.rb +7 -0
- data/rails/plugin/active_ldap/generators/scaffold_al/templates/ldap.yml +21 -0
- data/rails/plugin/active_ldap/init.rb +10 -4
- data/test/al-test-utils.rb +46 -3
- data/test/run-test.rb +16 -4
- data/test/test-unit-ext/always-show-result.rb +28 -0
- data/test/test-unit-ext/priority.rb +163 -0
- data/test/test_adapter.rb +81 -0
- data/test/test_attributes.rb +8 -1
- data/test/test_base.rb +132 -3
- data/test/test_base_per_instance.rb +14 -3
- data/test/test_connection.rb +19 -0
- data/test/test_dn.rb +161 -0
- data/test/test_find.rb +24 -0
- data/test/test_object_class.rb +15 -2
- data/test/test_schema.rb +108 -1
- metadata +111 -41
- data/lib/active_ldap/adaptor/base.rb +0 -29
- data/lib/active_ldap/adaptor/ldap.rb +0 -466
- data/lib/active_ldap/ldap.rb +0 -113
data/examples/lpasswd
ADDED
@@ -0,0 +1,55 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 1
|
16
|
+
name = argv.shift
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
user ||= ENV["USER"]
|
24
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
25
|
+
end
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
unless User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} doesn't exist.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
class PasswordMismatch < RuntimeError
|
35
|
+
end
|
36
|
+
|
37
|
+
user = User.find(name)
|
38
|
+
count = 0
|
39
|
+
begin
|
40
|
+
count += 1
|
41
|
+
pw1 = pwb.call(user.dn)
|
42
|
+
pw2 = pwb.call(user.dn)
|
43
|
+
raise PasswordMismatch if pw1 != pw2
|
44
|
+
rescue PasswordMismatch
|
45
|
+
puts "Password mismatch!"
|
46
|
+
exit 1 if count == 3
|
47
|
+
retry
|
48
|
+
end
|
49
|
+
|
50
|
+
user.user_password = ActiveLdap::UserPassword.ssha(pw1)
|
51
|
+
unless user.save
|
52
|
+
puts "failed"
|
53
|
+
puts user.errors.full_messages
|
54
|
+
exit 1
|
55
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
class Group < ActiveLdap::Base
|
2
|
+
ldap_mapping :dn_attribute => "cn",
|
3
|
+
:classes => ['posixGroup']
|
4
|
+
# Inspired by ActiveRecord, this tells ActiveLDAP that the
|
5
|
+
# LDAP entry has a attribute which contains one or more of
|
6
|
+
# some class |:class_name| where the attributes name is
|
7
|
+
# |:local_key|. This means that it will call
|
8
|
+
# :class_name.new(value_of(:local_key)) to create the objects.
|
9
|
+
has_many :members, :class => "User", :wrap => "memberUid"
|
10
|
+
has_many :primary_members, :class => 'User',
|
11
|
+
:foreign_key => 'gidNumber',
|
12
|
+
:primary_key => 'gidNumber'
|
13
|
+
end # Group
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'objects/group'
|
2
|
+
|
3
|
+
class User < ActiveLdap::Base
|
4
|
+
ldap_mapping :dn_attribute => 'uid', :prefix => 'ou=People',
|
5
|
+
:classes => ['person', 'posixAccount']
|
6
|
+
belongs_to :primary_group, :class => "Group",
|
7
|
+
:foreign_key => "gidNumber", :primary_key => "gidNumber"
|
8
|
+
belongs_to :groups, :many => 'memberUid'
|
9
|
+
|
10
|
+
# An example of using the old "return_objects" API with the
|
11
|
+
# new ActiveRecord-style API.
|
12
|
+
alias groups_mapping groups
|
13
|
+
def groups(return_objects=true)
|
14
|
+
return groups_mapping if return_objects
|
15
|
+
attr = 'cn'
|
16
|
+
Group.search(:attribute => 'memberUid',
|
17
|
+
:value => id,
|
18
|
+
:attributes => [attr]).map {|dn, attrs| attrs[attr]}.flatten
|
19
|
+
end
|
20
|
+
end
|
data/examples/ouadd
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/ou'
|
9
|
+
|
10
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
11
|
+
opts.banner += " name"
|
12
|
+
end
|
13
|
+
|
14
|
+
if argv.size == 1
|
15
|
+
name = argv[0]
|
16
|
+
else
|
17
|
+
$stderr.puts opts
|
18
|
+
exit 1
|
19
|
+
end
|
20
|
+
|
21
|
+
pwb = Proc.new do |user|
|
22
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
23
|
+
end
|
24
|
+
|
25
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
26
|
+
:allow_anonymous => false)
|
27
|
+
|
28
|
+
if Ou.exists?(name)
|
29
|
+
$stderr.puts("Ou #{name} already exists.")
|
30
|
+
exit 1
|
31
|
+
end
|
32
|
+
|
33
|
+
ou = Ou.new(name)
|
34
|
+
unless ou.save
|
35
|
+
puts "failed"
|
36
|
+
puts ou.errors.full_messages
|
37
|
+
exit 1
|
38
|
+
end
|
data/examples/useradd
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME CN UID"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 3
|
16
|
+
name, cn, uid = argv
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
if User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} already exists.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
user = User.new(name)
|
35
|
+
user.add_class('shadowAccount')
|
36
|
+
user.cn = cn
|
37
|
+
user.uid_number = uid
|
38
|
+
user.gid_number = uid
|
39
|
+
user.home_directory = "/home/#{name}"
|
40
|
+
user.sn = "somesn"
|
41
|
+
unless user.save
|
42
|
+
puts "failed"
|
43
|
+
puts user.errors.full_messages
|
44
|
+
exit 1
|
45
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME CN UID"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 3
|
16
|
+
name, cn, uid = argv
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
if User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} already exists.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
user = User.new(name)
|
35
|
+
user.add_class('shadowAccount')
|
36
|
+
user.cn = cn
|
37
|
+
user.sn = "somesn"
|
38
|
+
user.uid_number = uid
|
39
|
+
user.gid_number = uid
|
40
|
+
user.home_directory = "/home/#{name}"
|
41
|
+
user.add_class('strongAuthenticationUser')
|
42
|
+
cert_file = File.join(File.dirname(__FILE__), 'example.der')
|
43
|
+
user.user_certificate = File.read(cert_file)
|
44
|
+
|
45
|
+
unless user.save
|
46
|
+
puts "failed"
|
47
|
+
puts user.errors.full_messages
|
48
|
+
exit 1
|
49
|
+
end
|
50
|
+
|
data/examples/userdel
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 1
|
16
|
+
name = argv.shift
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
unless User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} doesn't exist.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
User.destroy(name)
|
data/examples/userls
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
require 'base64'
|
12
|
+
|
13
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
14
|
+
opts.banner += " USER_NAME"
|
15
|
+
end
|
16
|
+
|
17
|
+
if argv.size == 1
|
18
|
+
name = argv.shift
|
19
|
+
else
|
20
|
+
$stderr.puts opts
|
21
|
+
exit 1
|
22
|
+
end
|
23
|
+
|
24
|
+
pwb = Proc.new do |user|
|
25
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
26
|
+
end
|
27
|
+
|
28
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
29
|
+
:allow_anonymous => false)
|
30
|
+
|
31
|
+
unless User.exists?(name)
|
32
|
+
$stderr.puts("User #{name} doesn't exist.")
|
33
|
+
exit 1
|
34
|
+
end
|
35
|
+
|
36
|
+
user = User.find(name)
|
37
|
+
puts user.to_ldif
|
38
|
+
|
39
|
+
groups = []
|
40
|
+
primary_group = user.primary_group
|
41
|
+
if primary_group.exists?
|
42
|
+
groups << "#{primary_group.cn}[#{primary_group.gid_number}]"
|
43
|
+
end
|
44
|
+
puts "Groups by name only: #{user.groups(false).join(', ')}"
|
45
|
+
user.groups.sort_by do |group|
|
46
|
+
group.id
|
47
|
+
end.collect do |group|
|
48
|
+
groups << "#{group.cn}[#{group.gid_number}]"
|
49
|
+
end
|
50
|
+
puts "Groups: #{groups.join(', ')}"
|
data/examples/usermod
ADDED
@@ -0,0 +1,42 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME CN UID"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 3
|
16
|
+
name, cn, uid = argv
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
unless User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} doesn't exist.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
user = User.find(name)
|
35
|
+
user.cn = cn
|
36
|
+
user.uid_number = uid
|
37
|
+
user.gid_number = uid
|
38
|
+
unless user.save
|
39
|
+
puts "failed"
|
40
|
+
puts user.errors.full_messages
|
41
|
+
exit 1
|
42
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME CN UID"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 3
|
16
|
+
name, cn, uid = argv
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
unless User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} doesn't exist.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
user = User.find(name)
|
35
|
+
user.cn = cn
|
36
|
+
user.uid_number = uid
|
37
|
+
user.gid_number = uid
|
38
|
+
|
39
|
+
user.add_class('strongAuthenticationUser')
|
40
|
+
cert_file = File.join(File.dirname(__FILE__), 'example.der')
|
41
|
+
user.user_certificate = File.read(cert_file)
|
42
|
+
|
43
|
+
unless user.save
|
44
|
+
puts "failed"
|
45
|
+
puts user.errors.full_messages
|
46
|
+
exit 1
|
47
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
#!/usr/bin/ruby -W0
|
2
|
+
|
3
|
+
base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
4
|
+
$LOAD_PATH << File.join(base, "lib")
|
5
|
+
$LOAD_PATH << File.join(base, "examples")
|
6
|
+
|
7
|
+
require 'active_ldap'
|
8
|
+
require 'objects/user'
|
9
|
+
require 'objects/group'
|
10
|
+
|
11
|
+
argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
|
12
|
+
opts.banner += " USER_NAME CN UID"
|
13
|
+
end
|
14
|
+
|
15
|
+
if argv.size == 3
|
16
|
+
name, cn, uid = argv
|
17
|
+
else
|
18
|
+
$stderr.puts opts
|
19
|
+
exit 1
|
20
|
+
end
|
21
|
+
|
22
|
+
pwb = Proc.new do |user|
|
23
|
+
ActiveLdap::Command.read_password("[#{user}] Password: ")
|
24
|
+
end
|
25
|
+
|
26
|
+
ActiveLdap::Base.establish_connection(:password_block => pwb,
|
27
|
+
:allow_anonymous => false)
|
28
|
+
|
29
|
+
unless User.exists?(name)
|
30
|
+
$stderr.puts("User #{name} doesn't exist.")
|
31
|
+
exit 1
|
32
|
+
end
|
33
|
+
|
34
|
+
100.times do |i|
|
35
|
+
user = User.find(name)
|
36
|
+
user.cn = cn
|
37
|
+
user.uid_number = uid
|
38
|
+
user.gid_number = uid
|
39
|
+
|
40
|
+
user.add_class('strongAuthenticationUser')
|
41
|
+
cert_file = File.join(File.dirname(__FILE__), 'example.der')
|
42
|
+
user.user_certificate = File.read(cert_file)
|
43
|
+
|
44
|
+
unless user.save
|
45
|
+
puts "failed #{i}"
|
46
|
+
puts user.errors.full_messages
|
47
|
+
exit 1
|
48
|
+
end
|
49
|
+
|
50
|
+
# puts "success [#{i}]"
|
51
|
+
end
|