ruby-activeldap 0.8.2 → 0.8.3

data/lib/active_ldap/timeout_stub.rb

@@ -1,17 +0,0 @@
-require 'timeout'
-
-module Timeout
-  # STUB
-  def Timeout.alarm(sec, exception=Timeout::Error, &block)
-    return block.call
-  end
-end # Timeout
-
-if __FILE__ == $0
-  require 'time'
-  Timeout.alarm(2) do 
-    loop do 
-      p Time.now
-    end
-  end
-end

data/lib/active_ldap/user_password.rb

@@ -1,92 +0,0 @@
-require 'English'
-require 'base64'
-require 'md5'
-require 'sha1'
-
-module ActiveLdap
-  module UserPassword
-    module_function
-    def valid?(password, hashed_password)
-      unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password
-        raise ArgumentError, "Invalid hashed password"
-      end
-      type = $1
-      hashed_password_without_type = $POSTMATCH
-      normalized_type = type.downcase
-      unless respond_to?(normalized_type)
-        raise ArgumentError, "Unknown Hash type #{type}"
-      end
-      salt_extractor = "extract_salt_for_#{normalized_type}"
-      if respond_to?(salt_extractor)
-        salt = send(salt_extractor, hashed_password_without_type)
-        if salt.nil?
-          raise ArgumentError, "Can't extract salt from hashed password"
-        end
-        generated_password = send(normalized_type, password, salt)
-      else
-        generated_password = send(normalized_type, password)
-      end
-      hashed_password == generated_password
-    end
-
-    def crypt(password, salt=nil)
-      salt ||= "$1$#{Salt.generate(8)}"
-      "{CRYPT}#{password.crypt(salt)}"
-    end
-
-    def extract_salt_for_crypt(crypted_password)
-      if /^\$1\$/ =~ crypted_password
-        $MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$"
-      else
-        crypted_password[0, 2]
-      end
-    end
-
-    def md5(password)
-      "{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}"
-    end
-
-    def smd5(password, salt=nil)
-      if salt and salt.size != 4
-        raise ArgumentError.new("salt size must be == 4")
-      end
-      salt ||= Salt.generate(4)
-      md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}"
-      "{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}"
-    end
-
-    def extract_salt_for_smd5(smd5ed_password)
-      Base64.decode64(smd5ed_password)[-4, 4]
-    end
-
-    def sha(password)
-      "{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}"
-    end
-
-    def ssha(password, salt=nil)
-      if salt and salt.size != 4
-        raise ArgumentError.new("salt size must be == 4")
-      end
-      salt ||= Salt.generate(4)
-      sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}"
-      "{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}"
-    end
-
-    def extract_salt_for_ssha(sshaed_password)
-      extract_salt_for_smd5(sshaed_password)
-    end
-
-    module Salt
-      CHARS = ['.', '/', '0'..'9', 'A'..'Z', 'a'..'z'].collect do |x|
-        x.to_a
-      end.flatten
-
-      module_function
-      def generate(length)
-        salt = ""
-        length.times {salt << CHARS[rand(CHARS.length)]}
-        salt
-      end
-    end
-  end
-end

data/lib/active_ldap/validations.rb

@@ -1,76 +0,0 @@
-require 'active_record/validations'
-
-module ActiveLdap
-  module Validations
-    def self.append_features(base)
-      super
-
-      base.class_eval do
-        alias_method :new_record?, :new_entry?
-        include ActiveRecord::Validations
-
-        validate :validate_required_values
-
-        class << self
-          def evaluate_condition_with_active_ldap_support(condition, entry)
-            evaluate_condition_without_active_ldap_support(condition, entry)
-          rescue ActiveRecord::ActiveRecordError
-            raise Error, $!.message
-          end
-          alias_method_chain :evaluate_condition, :active_ldap_support
-        end
-
-        def save_with_active_ldap_support!
-          save_without_active_ldap_support!
-        rescue ActiveRecord::RecordInvalid
-          raise EntryInvalid, $!.message
-        end
-        alias_method_chain :save!, :active_ldap_support
-
-        def valid?
-          ensure_apply_object_class
-          super
-        end
-
-        # validate_required_values
-        #
-        # Basic validation:
-        # - Verify that every 'MUST' specified in the schema has a value defined
-        def validate_required_values
-          logger.debug {"stub: validate_required_values called"}
-
-          # Make sure all MUST attributes have a value
-          @musts.each do |object_class, attributes|
-            attributes.each do |required_attribute|
-              # Normalize to ensure we catch schema problems
-              real_name = to_real_attribute_name(required_attribute, true)
-              raise UnknownAttribute.new(required_attribute) if real_name.nil?
-              # # Set default if it wasn't yet set.
-              # @data[real_name] ||= [] # need?
-              value = @data[real_name] || []
-              # Check for missing requirements.
-              if value.empty?
-                aliases = schema.attribute_aliases(real_name) - [real_name]
-                message = "is required attribute "
-                unless aliases.empty?
-                  message << "(aliases: #{aliases.join(', ')}) "
-                end
-                message << "by objectClass '#{object_class}'"
-                errors.add(real_name, message)
-              end
-            end
-          end
-          logger.debug {"stub: validate_required_values finished"}
-        end
-
-        private
-        def run_validations_with_active_ldap_support(validation_method)
-          run_validations_without_active_ldap_support(validation_method)
-        rescue ActiveRecord::ActiveRecordError
-          raise Error, $!.message
-        end
-        alias_method_chain :run_validations, :active_ldap_support
-      end
-    end
-  end
-end

data/rails/plugin/active_ldap/README

@@ -1,54 +0,0 @@
-= ActiveLdap plugin for Ruby on Rails
-
-== Setup
-
-You need to write RAILS_ROOT/config/ldap.yml like the following:
-
-  development:
-    host: 127.0.0.1
-    port: 389
-    base: dc=devel,dc=local,dc=net
-    bind_dn: cn=admin,dc=local,dc=net
-    password: secret
-
-  test:
-    host: 127.0.0.1
-    port: 389
-    base: dc=test,dc=local,dc=net
-    bind_dn: cn=admin,dc=local,dc=net
-    password: secret
-
-  production:
-    host: 127.0.0.1
-    port: 389
-    base: dc=production,dc=local,dc=net
-    bind_dn: cn=admin,dc=local,dc=net
-    password: secret
-
-== Model
-
-Here is some examples.
-
-app/model/member.rb:
-  class Member < ActiveLdap::Base
-    ldap_mapping :dn_attribute => 'uid',
-                  :classes => ['person', 'posixAccount']
-    belongs_to :primary_group, :class => "Group",
-               :foreign_key => "gidNumber", :primary_key => "gidNumber"
-    belongs_to :groups, :many => 'memberUid'
-  end
-
-app/model/group.rb:
-  class Group < ActiveLdap::Base
-    ldap_mapping :dn_attribute => "cn", :classes => ['posixGroup']
-    has_many :members, :wrap => "memberUid"
-    has_many :primary_members,
-             :foreign_key => 'gidNumber',
-             :primary_key => 'gidNumber'
-  end
-
-app/model/ou.rb:
-  class Ou < ActiveLdap::Base
-    ldap_mapping :prefix => "",
-                 :classes => ["top", "organizationalUnit"]
-  end

data/rails/plugin/active_ldap/generators/scaffold_al/scaffold_al_generator.rb

@@ -1,7 +0,0 @@
-class ScaffoldAlGenerator < Rails::Generator::Base
-  def manifest
-    record do |m|
-      m.template("ldap.yml", File.join("config", "ldap.yml"))
-    end
-  end
-end

data/rails/plugin/active_ldap/generators/scaffold_al/templates/ldap.yml

@@ -1,21 +0,0 @@
-development:
-  host: 127.0.0.1
-  port: 389
-  base: dc=devel,dc=local,dc=net
-  bind_dn: cn=admin,dc=local,dc=net
-  password: secret
-
-test:
-  host: 127.0.0.1
-  port: 389
-  base: dc=test,dc=local,dc=net
-  bind_dn: cn=admin,dc=local,dc=net
-  password: secret
-
-production:
-  host: 127.0.0.1
-  port: 389
-  method: :tls
-  base: dc=production,dc=local,dc=net
-  bind_dn: cn=admin,dc=local,dc=net
-  password: secret

data/rails/plugin/active_ldap/init.rb

@@ -1,12 +0,0 @@
-require_library_or_gem 'active_ldap'
-ActiveLdap::Base.logger ||= RAILS_DEFAULT_LOGGER
-ldap_configuration_file = File.join(RAILS_ROOT, 'config', 'ldap.yml')
-if File.exist?(ldap_configuration_file)
-  configurations = YAML::load(ERB.new(IO.read(ldap_configuration_file)).result)
-  ActiveLdap::Base.configurations = configurations
-  ActiveLdap::Base.establish_connection
-else
-  message = "You should run 'script/generator scaffold_al' " +
-    "to make #{ldap_configuration_file}"
-  ActiveLdap::Base.logger.error(message)
-end

data/test/TODO

@@ -1,2 +0,0 @@
-
-- Perform explicit testing of Schema2, ActiveLdap::Base, etc

data/test/al-test-utils.rb

@@ -1,381 +0,0 @@
-require 'test/unit'
-require 'test-unit-ext'
-
-require 'erb'
-require 'yaml'
-require 'socket'
-require 'openssl'
-require 'rbconfig'
-require 'tempfile'
-
-require 'active_ldap'
-
-require File.join(File.expand_path(File.dirname(__FILE__)), "command")
-
-LDAP_ENV = "test" unless defined?(LDAP_ENV)
-
-module AlTestUtils
-  def self.included(base)
-    base.class_eval do
-      include Config
-      include Connection
-      include Populate
-      include TemporaryEntry
-      include CommandSupport
-      include MockLogger
-    end
-  end
-
-  module Config
-    def setup
-      super
-      @base_dir = File.expand_path(File.dirname(__FILE__))
-      @top_dir = File.expand_path(File.join(@base_dir, ".."))
-      @example_dir = File.join(@top_dir, "examples")
-      @config_file = File.join(File.dirname(__FILE__), "config.yaml")
-      ActiveLdap::Base.configurations = read_config
-    end
-
-    def teardown
-      super
-    end
-
-    def current_configuration
-      ActiveLdap::Base.configurations[LDAP_ENV]
-    end
-
-    def read_config
-      unless File.exist?(@config_file)
-        raise "config file for testing doesn't exist: #{@config_file}"
-      end
-      config = YAML.load(ERB.new(File.read(@config_file)).result)
-      config.each do |key, value|
-        adapter = ENV["ACTIVE_LDAP_TEST_ADAPTER"]
-        value[:adapter] = adapter if adapter
-      end
-      config
-    end
-  end
-
-  module Connection
-    def setup
-      super
-      ActiveLdap::Base.establish_connection
-    end
-
-    def teardown
-      ActiveLdap::Base.clear_active_connections!
-      super
-    end
-  end
-
-  module Populate
-    def setup
-      @dumped_data = nil
-      super
-      begin
-        @dumped_data = ActiveLdap::Base.dump(:scope => :sub)
-      rescue ActiveLdap::ConnectionError
-      end
-      ActiveLdap::Base.delete_all(nil, :scope => :sub)
-      populate
-    end
-
-    def teardown
-      if @dumped_data
-        ActiveLdap::Base.establish_connection
-        ActiveLdap::Base.delete_all(nil, :scope => :sub)
-        ActiveLdap::Base.load(@dumped_data)
-      end
-      super
-    end
-
-    def populate
-      populate_base
-      populate_ou
-      populate_user_class
-      populate_group_class
-      populate_associations
-    end
-
-    def populate_base
-      unless ActiveLdap::Base.search(:scope => :base).empty?
-        return
-      end
-
-      suffixes = []
-      ActiveLdap::Base.base.split(/,/).reverse_each do |suffix|
-        prefix = suffixes.join(",")
-        suffixes.unshift(suffix)
-        name, value = suffix.split(/=/, 2)
-        next unless name == "dc"
-        dc_class = Class.new(ActiveLdap::Base)
-        dc_class.ldap_mapping :dn_attribute => "dc",
-                              :prefix => "",
-                              :scope => :base,
-                              :classes => ["top", "dcObject", "organization"]
-        dc_class.base = prefix
-        next if dc_class.exists?(value, :prefix => "dc=#{value}")
-        dc = dc_class.new(value)
-        dc.o = dc.dc
-        begin
-          dc.save
-        rescue ActiveLdap::OperationNotPermitted
-        end
-      end
-    end
-
-    def ou_class(prefix="")
-      ou_class = Class.new(ActiveLdap::Base)
-      ou_class.ldap_mapping :dn_attribute => "ou",
-                            :prefix => prefix,
-                            :classes => ["top", "organizationalUnit"]
-      ou_class
-    end
-
-    def populate_ou
-      %w(Users Groups).each do |name|
-        make_ou(name)
-      end
-    end
-
-    def make_ou(name)
-      ou_class.new(name).save
-    end
-
-    def populate_user_class
-      @user_class = Class.new(ActiveLdap::Base)
-      @user_class_classes = ["posixAccount", "person"]
-      @user_class.ldap_mapping :dn_attribute => "uid",
-                               :prefix => "ou=Users",
-                               :scope => :sub,
-                               :classes => @user_class_classes
-    end
-
-    def populate_group_class
-      @group_class = Class.new(ActiveLdap::Base)
-      @group_class.ldap_mapping :prefix => "ou=Groups",
-                                :scope => :sub,
-                                :classes => ["posixGroup"]
-    end
-
-    def populate_associations
-      @user_class.belongs_to :groups, :many => "memberUid"
-      @user_class.belongs_to :primary_group,
-                             :foreign_key => "gidNumber",
-                             :primary_key => "gidNumber"
-      @group_class.has_many :members, :wrap => "memberUid"
-      @group_class.has_many :primary_members,
-                            :foreign_key => "gidNumber",
-                            :primary_key => "gidNumber"
-      @user_class.set_associated_class(:groups, @group_class)
-      @user_class.set_associated_class(:primary_group, @group_class)
-      @group_class.set_associated_class(:members, @user_class)
-      @group_class.set_associated_class(:primary_members, @user_class)
-    end
-  end
-
-  module TemporaryEntry
-    @@certificate = nil
-    def setup
-      super
-      @user_index = 0
-      @group_index = 0
-    end
-
-    def make_temporary_user(config={})
-      @user_index += 1
-      uid = config[:uid] || "temp-user#{@user_index}"
-      ensure_delete_user(uid) do
-        password = config[:password] || "password"
-        uid_number = config[:uid_number] || default_uid
-        gid_number = config[:gid_number] || default_gid
-        home_directory = config[:home_directory] || "/nonexistent"
-        _wrap_assertion do
-          assert(!@user_class.exists?(uid))
-          assert_raise(ActiveLdap::EntryNotFound) do
-            @user_class.find(uid).dn
-          end
-          user = @user_class.new(uid)
-          assert(user.new_entry?)
-          user.cn = user.uid
-          user.sn = user.uid
-          user.uid_number = uid_number
-          user.gid_number = gid_number
-          user.home_directory = home_directory
-          user.user_password = ActiveLdap::UserPassword.ssha(password)
-          unless config[:simple]
-            user.add_class('shadowAccount', 'inetOrgPerson',
-                           'organizationalPerson')
-            user.user_certificate = certificate
-            user.jpeg_photo = jpeg_photo
-          end
-          user.save
-          assert(!user.new_entry?)
-          yield(@user_class.find(user.uid), password)
-        end
-      end
-    end
-
-    def make_temporary_group(config={})
-      @group_index += 1
-      cn = config[:cn] || "temp-group#{@group_index}"
-      ensure_delete_group(cn) do
-        gid_number = config[:gid_number] || default_gid
-        _wrap_assertion do
-          assert(!@group_class.exists?(cn))
-          assert_raise(ActiveLdap::EntryNotFound) do
-            @group_class.find(cn)
-          end
-          group = @group_class.new(cn)
-          assert(group.new_entry?)
-          group.gid_number = gid_number
-          assert(group.save)
-          assert(!group.new_entry?)
-          yield(@group_class.find(group.cn))
-        end
-      end
-    end
-
-    def ensure_delete_user(uid)
-      yield(uid)
-    ensure
-      @user_class.delete(uid) if @user_class.exists?(uid)
-    end
-
-    def ensure_delete_group(cn)
-      yield(cn)
-    ensure
-      @group_class.delete(cn) if @group_class.exists?(cn)
-    end
-
-    def default_uid
-      "10000#{@user_index}"
-    end
-
-    def default_gid
-      "10000#{@group_index}"
-    end
-
-    def certificate_path
-      File.join(@example_dir, 'example.der')
-    end
-
-    def certificate
-      return @@certificate if @@certificate
-      if File.exists?(certificate_path)
-        @@certificate = File.read(certificate_path)
-        return @@certificate
-      end
-
-      rsa = OpenSSL::PKey::RSA.new(512)
-      comment = "Generated by Ruby/OpenSSL"
-
-      cert = OpenSSL::X509::Certificate.new
-      cert.version = 3
-      cert.serial = 0
-      subject = [["OU", "test"],
-                 ["CN", Socket.gethostname]]
-      name = OpenSSL::X509::Name.new(subject)
-      cert.subject = name
-      cert.issuer = name
-      cert.not_before = Time.now
-      cert.not_after = Time.now + (365*24*60*60)
-      cert.public_key = rsa.public_key
-
-      ef = OpenSSL::X509::ExtensionFactory.new(nil, cert)
-      ef.issuer_certificate = cert
-      cert.extensions = [
-        ef.create_extension("basicConstraints","CA:FALSE"),
-        ef.create_extension("keyUsage", "keyEncipherment"),
-        ef.create_extension("subjectKeyIdentifier", "hash"),
-        ef.create_extension("extendedKeyUsage", "serverAuth"),
-        ef.create_extension("nsComment", comment),
-      ]
-      aki = ef.create_extension("authorityKeyIdentifier",
-                                "keyid:always,issuer:always")
-      cert.add_extension(aki)
-      cert.sign(rsa, OpenSSL::Digest::SHA1.new)
-
-      @@certificate = cert.to_der
-      @@certificate
-    end
-
-    def jpeg_photo_path
-      File.join(@example_dir, 'example.jpg')
-    end
-
-    def jpeg_photo
-      File.read(jpeg_photo_path)
-    end
-  end
-
-  module CommandSupport
-    def setup
-      super
-      @fakeroot = "fakeroot"
-      @ruby = File.join(::Config::CONFIG["bindir"],
-                        ::Config::CONFIG["RUBY_INSTALL_NAME"])
-      @top_dir = File.expand_path(File.join(File.dirname(__FILE__), ".."))
-      @examples_dir = File.join(@top_dir, "examples")
-      @lib_dir = File.join(@top_dir, "lib")
-      @ruby_args = [
-                    "-I", @examples_dir,
-                    "-I", @lib_dir,
-                   ]
-    end
-
-    def run_command(*args, &block)
-      file = Tempfile.new("al-command-support")
-      file.open
-      file.puts(ActiveLdap::Base.configurations["test"].to_yaml)
-      file.close
-      run_ruby(*[@command, "--config", file.path, *args], &block)
-    end
-
-    def run_ruby(*ruby_args, &block)
-      args = [@ruby, *@ruby_args]
-      args.concat(ruby_args)
-      Command.run(*args, &block)
-    end
-
-    def run_ruby_with_fakeroot(*ruby_args, &block)
-      args = [@fakeroot, @ruby, *@ruby_args]
-      args.concat(ruby_args)
-      Command.run(*args, &block)
-    end
-  end
-
-  module MockLogger
-    def make_mock_logger
-      logger = Object.new
-      class << logger
-        def messages(type)
-          @messages ||= {}
-          @messages[type] ||= []
-          @messages[type]
-        end
-
-        def info(content=nil)
-          messages(:info) << (block_given? ? yield : content)
-        end
-        def warn(content=nil)
-          messages(:warn) << (block_given? ? yield : content)
-        end
-        def error(content=nil)
-          messages(:error) << (block_given? ? yield : content)
-        end
-      end
-      logger
-    end
-
-    def with_mock_logger
-      original_logger = ActiveLdap::Base.logger
-      mock_logger = make_mock_logger
-      ActiveLdap::Base.logger = mock_logger
-      yield(mock_logger)
-    ensure
-      ActiveLdap::Base.logger = original_logger
-    end
-  end
-end