ruby-activeldap 0.8.2 → 0.8.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/test/test_adapter.rb +17 -0
- data/test/test_associations.rb +19 -0
- data/test/test_attributes.rb +2 -1
- data/test/test_base.rb +28 -1
- data/test/test_base_per_instance.rb +2 -1
- data/test/test_callback.rb +2 -2
- data/test/test_connection.rb +2 -1
- data/test/test_connection_per_dn.rb +81 -0
- data/test/test_dn.rb +3 -2
- data/test/test_find.rb +35 -1
- data/test/test_object_class.rb +12 -1
- data/test/test_reflection.rb +16 -10
- data/test/test_schema.rb +141 -2
- data/test/test_user.rb +14 -4
- metadata +7 -104
- data/CHANGES +0 -397
- data/COPYING +0 -340
- data/LICENSE +0 -58
- data/Manifest.txt +0 -99
- data/README +0 -85
- data/Rakefile +0 -70
- data/TODO +0 -23
- data/benchmark/bench-al.rb +0 -152
- data/examples/config.yaml.example +0 -5
- data/examples/example.der +0 -0
- data/examples/example.jpg +0 -0
- data/examples/groupadd +0 -41
- data/examples/groupdel +0 -35
- data/examples/groupls +0 -49
- data/examples/groupmod +0 -42
- data/examples/lpasswd +0 -55
- data/examples/objects/group.rb +0 -13
- data/examples/objects/ou.rb +0 -4
- data/examples/objects/user.rb +0 -20
- data/examples/ouadd +0 -38
- data/examples/useradd +0 -45
- data/examples/useradd-binary +0 -50
- data/examples/userdel +0 -34
- data/examples/userls +0 -50
- data/examples/usermod +0 -42
- data/examples/usermod-binary-add +0 -47
- data/examples/usermod-binary-add-time +0 -51
- data/examples/usermod-binary-del +0 -48
- data/examples/usermod-lang-add +0 -43
- data/lib/active_ldap.rb +0 -964
- data/lib/active_ldap/adapter/base.rb +0 -461
- data/lib/active_ldap/adapter/ldap.rb +0 -232
- data/lib/active_ldap/adapter/ldap_ext.rb +0 -69
- data/lib/active_ldap/adapter/net_ldap.rb +0 -288
- data/lib/active_ldap/adapter/net_ldap_ext.rb +0 -29
- data/lib/active_ldap/association/belongs_to.rb +0 -40
- data/lib/active_ldap/association/belongs_to_many.rb +0 -39
- data/lib/active_ldap/association/collection.rb +0 -80
- data/lib/active_ldap/association/has_many.rb +0 -40
- data/lib/active_ldap/association/has_many_wrap.rb +0 -55
- data/lib/active_ldap/association/proxy.rb +0 -89
- data/lib/active_ldap/associations.rb +0 -162
- data/lib/active_ldap/attributes.rb +0 -203
- data/lib/active_ldap/base.rb +0 -1510
- data/lib/active_ldap/callbacks.rb +0 -19
- data/lib/active_ldap/command.rb +0 -46
- data/lib/active_ldap/configuration.rb +0 -106
- data/lib/active_ldap/connection.rb +0 -142
- data/lib/active_ldap/distinguished_name.rb +0 -246
- data/lib/active_ldap/ldap_error.rb +0 -74
- data/lib/active_ldap/object_class.rb +0 -74
- data/lib/active_ldap/schema.rb +0 -299
- data/lib/active_ldap/timeout.rb +0 -75
- data/lib/active_ldap/timeout_stub.rb +0 -17
- data/lib/active_ldap/user_password.rb +0 -92
- data/lib/active_ldap/validations.rb +0 -76
- data/rails/plugin/active_ldap/README +0 -54
- data/rails/plugin/active_ldap/generators/scaffold_al/scaffold_al_generator.rb +0 -7
- data/rails/plugin/active_ldap/generators/scaffold_al/templates/ldap.yml +0 -21
- data/rails/plugin/active_ldap/init.rb +0 -12
- data/test/TODO +0 -2
- data/test/al-test-utils.rb +0 -381
- data/test/command.rb +0 -62
- data/test/config.yaml.sample +0 -6
- data/test/run-test.rb +0 -29
- data/test/test-unit-ext.rb +0 -2
- data/test/test-unit-ext/always-show-result.rb +0 -28
- data/test/test-unit-ext/priority.rb +0 -163
@@ -1,17 +0,0 @@
|
|
1
|
-
require 'timeout'
|
2
|
-
|
3
|
-
module Timeout
|
4
|
-
# STUB
|
5
|
-
def Timeout.alarm(sec, exception=Timeout::Error, &block)
|
6
|
-
return block.call
|
7
|
-
end
|
8
|
-
end # Timeout
|
9
|
-
|
10
|
-
if __FILE__ == $0
|
11
|
-
require 'time'
|
12
|
-
Timeout.alarm(2) do
|
13
|
-
loop do
|
14
|
-
p Time.now
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
@@ -1,92 +0,0 @@
|
|
1
|
-
require 'English'
|
2
|
-
require 'base64'
|
3
|
-
require 'md5'
|
4
|
-
require 'sha1'
|
5
|
-
|
6
|
-
module ActiveLdap
|
7
|
-
module UserPassword
|
8
|
-
module_function
|
9
|
-
def valid?(password, hashed_password)
|
10
|
-
unless /^\{([A-Z][A-Z\d]+)\}/ =~ hashed_password
|
11
|
-
raise ArgumentError, "Invalid hashed password"
|
12
|
-
end
|
13
|
-
type = $1
|
14
|
-
hashed_password_without_type = $POSTMATCH
|
15
|
-
normalized_type = type.downcase
|
16
|
-
unless respond_to?(normalized_type)
|
17
|
-
raise ArgumentError, "Unknown Hash type #{type}"
|
18
|
-
end
|
19
|
-
salt_extractor = "extract_salt_for_#{normalized_type}"
|
20
|
-
if respond_to?(salt_extractor)
|
21
|
-
salt = send(salt_extractor, hashed_password_without_type)
|
22
|
-
if salt.nil?
|
23
|
-
raise ArgumentError, "Can't extract salt from hashed password"
|
24
|
-
end
|
25
|
-
generated_password = send(normalized_type, password, salt)
|
26
|
-
else
|
27
|
-
generated_password = send(normalized_type, password)
|
28
|
-
end
|
29
|
-
hashed_password == generated_password
|
30
|
-
end
|
31
|
-
|
32
|
-
def crypt(password, salt=nil)
|
33
|
-
salt ||= "$1$#{Salt.generate(8)}"
|
34
|
-
"{CRYPT}#{password.crypt(salt)}"
|
35
|
-
end
|
36
|
-
|
37
|
-
def extract_salt_for_crypt(crypted_password)
|
38
|
-
if /^\$1\$/ =~ crypted_password
|
39
|
-
$MATCH + $POSTMATCH[0, 8].sub(/\$.*/, '') + "$"
|
40
|
-
else
|
41
|
-
crypted_password[0, 2]
|
42
|
-
end
|
43
|
-
end
|
44
|
-
|
45
|
-
def md5(password)
|
46
|
-
"{MD5}#{Base64.encode64(MD5.md5(password).digest).chomp}"
|
47
|
-
end
|
48
|
-
|
49
|
-
def smd5(password, salt=nil)
|
50
|
-
if salt and salt.size != 4
|
51
|
-
raise ArgumentError.new("salt size must be == 4")
|
52
|
-
end
|
53
|
-
salt ||= Salt.generate(4)
|
54
|
-
md5_hash_with_salt = "#{MD5.md5(password + salt).digest}#{salt}"
|
55
|
-
"{SMD5}#{Base64.encode64(md5_hash_with_salt).chomp}"
|
56
|
-
end
|
57
|
-
|
58
|
-
def extract_salt_for_smd5(smd5ed_password)
|
59
|
-
Base64.decode64(smd5ed_password)[-4, 4]
|
60
|
-
end
|
61
|
-
|
62
|
-
def sha(password)
|
63
|
-
"{SHA}#{Base64.encode64(SHA1.sha1(password).digest).chomp}"
|
64
|
-
end
|
65
|
-
|
66
|
-
def ssha(password, salt=nil)
|
67
|
-
if salt and salt.size != 4
|
68
|
-
raise ArgumentError.new("salt size must be == 4")
|
69
|
-
end
|
70
|
-
salt ||= Salt.generate(4)
|
71
|
-
sha1_hash_with_salt = "#{SHA1.sha1(password + salt).digest}#{salt}"
|
72
|
-
"{SSHA}#{Base64.encode64(sha1_hash_with_salt).chomp}"
|
73
|
-
end
|
74
|
-
|
75
|
-
def extract_salt_for_ssha(sshaed_password)
|
76
|
-
extract_salt_for_smd5(sshaed_password)
|
77
|
-
end
|
78
|
-
|
79
|
-
module Salt
|
80
|
-
CHARS = ['.', '/', '0'..'9', 'A'..'Z', 'a'..'z'].collect do |x|
|
81
|
-
x.to_a
|
82
|
-
end.flatten
|
83
|
-
|
84
|
-
module_function
|
85
|
-
def generate(length)
|
86
|
-
salt = ""
|
87
|
-
length.times {salt << CHARS[rand(CHARS.length)]}
|
88
|
-
salt
|
89
|
-
end
|
90
|
-
end
|
91
|
-
end
|
92
|
-
end
|
@@ -1,76 +0,0 @@
|
|
1
|
-
require 'active_record/validations'
|
2
|
-
|
3
|
-
module ActiveLdap
|
4
|
-
module Validations
|
5
|
-
def self.append_features(base)
|
6
|
-
super
|
7
|
-
|
8
|
-
base.class_eval do
|
9
|
-
alias_method :new_record?, :new_entry?
|
10
|
-
include ActiveRecord::Validations
|
11
|
-
|
12
|
-
validate :validate_required_values
|
13
|
-
|
14
|
-
class << self
|
15
|
-
def evaluate_condition_with_active_ldap_support(condition, entry)
|
16
|
-
evaluate_condition_without_active_ldap_support(condition, entry)
|
17
|
-
rescue ActiveRecord::ActiveRecordError
|
18
|
-
raise Error, $!.message
|
19
|
-
end
|
20
|
-
alias_method_chain :evaluate_condition, :active_ldap_support
|
21
|
-
end
|
22
|
-
|
23
|
-
def save_with_active_ldap_support!
|
24
|
-
save_without_active_ldap_support!
|
25
|
-
rescue ActiveRecord::RecordInvalid
|
26
|
-
raise EntryInvalid, $!.message
|
27
|
-
end
|
28
|
-
alias_method_chain :save!, :active_ldap_support
|
29
|
-
|
30
|
-
def valid?
|
31
|
-
ensure_apply_object_class
|
32
|
-
super
|
33
|
-
end
|
34
|
-
|
35
|
-
# validate_required_values
|
36
|
-
#
|
37
|
-
# Basic validation:
|
38
|
-
# - Verify that every 'MUST' specified in the schema has a value defined
|
39
|
-
def validate_required_values
|
40
|
-
logger.debug {"stub: validate_required_values called"}
|
41
|
-
|
42
|
-
# Make sure all MUST attributes have a value
|
43
|
-
@musts.each do |object_class, attributes|
|
44
|
-
attributes.each do |required_attribute|
|
45
|
-
# Normalize to ensure we catch schema problems
|
46
|
-
real_name = to_real_attribute_name(required_attribute, true)
|
47
|
-
raise UnknownAttribute.new(required_attribute) if real_name.nil?
|
48
|
-
# # Set default if it wasn't yet set.
|
49
|
-
# @data[real_name] ||= [] # need?
|
50
|
-
value = @data[real_name] || []
|
51
|
-
# Check for missing requirements.
|
52
|
-
if value.empty?
|
53
|
-
aliases = schema.attribute_aliases(real_name) - [real_name]
|
54
|
-
message = "is required attribute "
|
55
|
-
unless aliases.empty?
|
56
|
-
message << "(aliases: #{aliases.join(', ')}) "
|
57
|
-
end
|
58
|
-
message << "by objectClass '#{object_class}'"
|
59
|
-
errors.add(real_name, message)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
63
|
-
logger.debug {"stub: validate_required_values finished"}
|
64
|
-
end
|
65
|
-
|
66
|
-
private
|
67
|
-
def run_validations_with_active_ldap_support(validation_method)
|
68
|
-
run_validations_without_active_ldap_support(validation_method)
|
69
|
-
rescue ActiveRecord::ActiveRecordError
|
70
|
-
raise Error, $!.message
|
71
|
-
end
|
72
|
-
alias_method_chain :run_validations, :active_ldap_support
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
@@ -1,54 +0,0 @@
|
|
1
|
-
= ActiveLdap plugin for Ruby on Rails
|
2
|
-
|
3
|
-
== Setup
|
4
|
-
|
5
|
-
You need to write RAILS_ROOT/config/ldap.yml like the following:
|
6
|
-
|
7
|
-
development:
|
8
|
-
host: 127.0.0.1
|
9
|
-
port: 389
|
10
|
-
base: dc=devel,dc=local,dc=net
|
11
|
-
bind_dn: cn=admin,dc=local,dc=net
|
12
|
-
password: secret
|
13
|
-
|
14
|
-
test:
|
15
|
-
host: 127.0.0.1
|
16
|
-
port: 389
|
17
|
-
base: dc=test,dc=local,dc=net
|
18
|
-
bind_dn: cn=admin,dc=local,dc=net
|
19
|
-
password: secret
|
20
|
-
|
21
|
-
production:
|
22
|
-
host: 127.0.0.1
|
23
|
-
port: 389
|
24
|
-
base: dc=production,dc=local,dc=net
|
25
|
-
bind_dn: cn=admin,dc=local,dc=net
|
26
|
-
password: secret
|
27
|
-
|
28
|
-
== Model
|
29
|
-
|
30
|
-
Here is some examples.
|
31
|
-
|
32
|
-
app/model/member.rb:
|
33
|
-
class Member < ActiveLdap::Base
|
34
|
-
ldap_mapping :dn_attribute => 'uid',
|
35
|
-
:classes => ['person', 'posixAccount']
|
36
|
-
belongs_to :primary_group, :class => "Group",
|
37
|
-
:foreign_key => "gidNumber", :primary_key => "gidNumber"
|
38
|
-
belongs_to :groups, :many => 'memberUid'
|
39
|
-
end
|
40
|
-
|
41
|
-
app/model/group.rb:
|
42
|
-
class Group < ActiveLdap::Base
|
43
|
-
ldap_mapping :dn_attribute => "cn", :classes => ['posixGroup']
|
44
|
-
has_many :members, :wrap => "memberUid"
|
45
|
-
has_many :primary_members,
|
46
|
-
:foreign_key => 'gidNumber',
|
47
|
-
:primary_key => 'gidNumber'
|
48
|
-
end
|
49
|
-
|
50
|
-
app/model/ou.rb:
|
51
|
-
class Ou < ActiveLdap::Base
|
52
|
-
ldap_mapping :prefix => "",
|
53
|
-
:classes => ["top", "organizationalUnit"]
|
54
|
-
end
|
@@ -1,21 +0,0 @@
|
|
1
|
-
development:
|
2
|
-
host: 127.0.0.1
|
3
|
-
port: 389
|
4
|
-
base: dc=devel,dc=local,dc=net
|
5
|
-
bind_dn: cn=admin,dc=local,dc=net
|
6
|
-
password: secret
|
7
|
-
|
8
|
-
test:
|
9
|
-
host: 127.0.0.1
|
10
|
-
port: 389
|
11
|
-
base: dc=test,dc=local,dc=net
|
12
|
-
bind_dn: cn=admin,dc=local,dc=net
|
13
|
-
password: secret
|
14
|
-
|
15
|
-
production:
|
16
|
-
host: 127.0.0.1
|
17
|
-
port: 389
|
18
|
-
method: :tls
|
19
|
-
base: dc=production,dc=local,dc=net
|
20
|
-
bind_dn: cn=admin,dc=local,dc=net
|
21
|
-
password: secret
|
@@ -1,12 +0,0 @@
|
|
1
|
-
require_library_or_gem 'active_ldap'
|
2
|
-
ActiveLdap::Base.logger ||= RAILS_DEFAULT_LOGGER
|
3
|
-
ldap_configuration_file = File.join(RAILS_ROOT, 'config', 'ldap.yml')
|
4
|
-
if File.exist?(ldap_configuration_file)
|
5
|
-
configurations = YAML::load(ERB.new(IO.read(ldap_configuration_file)).result)
|
6
|
-
ActiveLdap::Base.configurations = configurations
|
7
|
-
ActiveLdap::Base.establish_connection
|
8
|
-
else
|
9
|
-
message = "You should run 'script/generator scaffold_al' " +
|
10
|
-
"to make #{ldap_configuration_file}"
|
11
|
-
ActiveLdap::Base.logger.error(message)
|
12
|
-
end
|
data/test/TODO
DELETED
data/test/al-test-utils.rb
DELETED
@@ -1,381 +0,0 @@
|
|
1
|
-
require 'test/unit'
|
2
|
-
require 'test-unit-ext'
|
3
|
-
|
4
|
-
require 'erb'
|
5
|
-
require 'yaml'
|
6
|
-
require 'socket'
|
7
|
-
require 'openssl'
|
8
|
-
require 'rbconfig'
|
9
|
-
require 'tempfile'
|
10
|
-
|
11
|
-
require 'active_ldap'
|
12
|
-
|
13
|
-
require File.join(File.expand_path(File.dirname(__FILE__)), "command")
|
14
|
-
|
15
|
-
LDAP_ENV = "test" unless defined?(LDAP_ENV)
|
16
|
-
|
17
|
-
module AlTestUtils
|
18
|
-
def self.included(base)
|
19
|
-
base.class_eval do
|
20
|
-
include Config
|
21
|
-
include Connection
|
22
|
-
include Populate
|
23
|
-
include TemporaryEntry
|
24
|
-
include CommandSupport
|
25
|
-
include MockLogger
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
module Config
|
30
|
-
def setup
|
31
|
-
super
|
32
|
-
@base_dir = File.expand_path(File.dirname(__FILE__))
|
33
|
-
@top_dir = File.expand_path(File.join(@base_dir, ".."))
|
34
|
-
@example_dir = File.join(@top_dir, "examples")
|
35
|
-
@config_file = File.join(File.dirname(__FILE__), "config.yaml")
|
36
|
-
ActiveLdap::Base.configurations = read_config
|
37
|
-
end
|
38
|
-
|
39
|
-
def teardown
|
40
|
-
super
|
41
|
-
end
|
42
|
-
|
43
|
-
def current_configuration
|
44
|
-
ActiveLdap::Base.configurations[LDAP_ENV]
|
45
|
-
end
|
46
|
-
|
47
|
-
def read_config
|
48
|
-
unless File.exist?(@config_file)
|
49
|
-
raise "config file for testing doesn't exist: #{@config_file}"
|
50
|
-
end
|
51
|
-
config = YAML.load(ERB.new(File.read(@config_file)).result)
|
52
|
-
config.each do |key, value|
|
53
|
-
adapter = ENV["ACTIVE_LDAP_TEST_ADAPTER"]
|
54
|
-
value[:adapter] = adapter if adapter
|
55
|
-
end
|
56
|
-
config
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
module Connection
|
61
|
-
def setup
|
62
|
-
super
|
63
|
-
ActiveLdap::Base.establish_connection
|
64
|
-
end
|
65
|
-
|
66
|
-
def teardown
|
67
|
-
ActiveLdap::Base.clear_active_connections!
|
68
|
-
super
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
|
-
module Populate
|
73
|
-
def setup
|
74
|
-
@dumped_data = nil
|
75
|
-
super
|
76
|
-
begin
|
77
|
-
@dumped_data = ActiveLdap::Base.dump(:scope => :sub)
|
78
|
-
rescue ActiveLdap::ConnectionError
|
79
|
-
end
|
80
|
-
ActiveLdap::Base.delete_all(nil, :scope => :sub)
|
81
|
-
populate
|
82
|
-
end
|
83
|
-
|
84
|
-
def teardown
|
85
|
-
if @dumped_data
|
86
|
-
ActiveLdap::Base.establish_connection
|
87
|
-
ActiveLdap::Base.delete_all(nil, :scope => :sub)
|
88
|
-
ActiveLdap::Base.load(@dumped_data)
|
89
|
-
end
|
90
|
-
super
|
91
|
-
end
|
92
|
-
|
93
|
-
def populate
|
94
|
-
populate_base
|
95
|
-
populate_ou
|
96
|
-
populate_user_class
|
97
|
-
populate_group_class
|
98
|
-
populate_associations
|
99
|
-
end
|
100
|
-
|
101
|
-
def populate_base
|
102
|
-
unless ActiveLdap::Base.search(:scope => :base).empty?
|
103
|
-
return
|
104
|
-
end
|
105
|
-
|
106
|
-
suffixes = []
|
107
|
-
ActiveLdap::Base.base.split(/,/).reverse_each do |suffix|
|
108
|
-
prefix = suffixes.join(",")
|
109
|
-
suffixes.unshift(suffix)
|
110
|
-
name, value = suffix.split(/=/, 2)
|
111
|
-
next unless name == "dc"
|
112
|
-
dc_class = Class.new(ActiveLdap::Base)
|
113
|
-
dc_class.ldap_mapping :dn_attribute => "dc",
|
114
|
-
:prefix => "",
|
115
|
-
:scope => :base,
|
116
|
-
:classes => ["top", "dcObject", "organization"]
|
117
|
-
dc_class.base = prefix
|
118
|
-
next if dc_class.exists?(value, :prefix => "dc=#{value}")
|
119
|
-
dc = dc_class.new(value)
|
120
|
-
dc.o = dc.dc
|
121
|
-
begin
|
122
|
-
dc.save
|
123
|
-
rescue ActiveLdap::OperationNotPermitted
|
124
|
-
end
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
def ou_class(prefix="")
|
129
|
-
ou_class = Class.new(ActiveLdap::Base)
|
130
|
-
ou_class.ldap_mapping :dn_attribute => "ou",
|
131
|
-
:prefix => prefix,
|
132
|
-
:classes => ["top", "organizationalUnit"]
|
133
|
-
ou_class
|
134
|
-
end
|
135
|
-
|
136
|
-
def populate_ou
|
137
|
-
%w(Users Groups).each do |name|
|
138
|
-
make_ou(name)
|
139
|
-
end
|
140
|
-
end
|
141
|
-
|
142
|
-
def make_ou(name)
|
143
|
-
ou_class.new(name).save
|
144
|
-
end
|
145
|
-
|
146
|
-
def populate_user_class
|
147
|
-
@user_class = Class.new(ActiveLdap::Base)
|
148
|
-
@user_class_classes = ["posixAccount", "person"]
|
149
|
-
@user_class.ldap_mapping :dn_attribute => "uid",
|
150
|
-
:prefix => "ou=Users",
|
151
|
-
:scope => :sub,
|
152
|
-
:classes => @user_class_classes
|
153
|
-
end
|
154
|
-
|
155
|
-
def populate_group_class
|
156
|
-
@group_class = Class.new(ActiveLdap::Base)
|
157
|
-
@group_class.ldap_mapping :prefix => "ou=Groups",
|
158
|
-
:scope => :sub,
|
159
|
-
:classes => ["posixGroup"]
|
160
|
-
end
|
161
|
-
|
162
|
-
def populate_associations
|
163
|
-
@user_class.belongs_to :groups, :many => "memberUid"
|
164
|
-
@user_class.belongs_to :primary_group,
|
165
|
-
:foreign_key => "gidNumber",
|
166
|
-
:primary_key => "gidNumber"
|
167
|
-
@group_class.has_many :members, :wrap => "memberUid"
|
168
|
-
@group_class.has_many :primary_members,
|
169
|
-
:foreign_key => "gidNumber",
|
170
|
-
:primary_key => "gidNumber"
|
171
|
-
@user_class.set_associated_class(:groups, @group_class)
|
172
|
-
@user_class.set_associated_class(:primary_group, @group_class)
|
173
|
-
@group_class.set_associated_class(:members, @user_class)
|
174
|
-
@group_class.set_associated_class(:primary_members, @user_class)
|
175
|
-
end
|
176
|
-
end
|
177
|
-
|
178
|
-
module TemporaryEntry
|
179
|
-
@@certificate = nil
|
180
|
-
def setup
|
181
|
-
super
|
182
|
-
@user_index = 0
|
183
|
-
@group_index = 0
|
184
|
-
end
|
185
|
-
|
186
|
-
def make_temporary_user(config={})
|
187
|
-
@user_index += 1
|
188
|
-
uid = config[:uid] || "temp-user#{@user_index}"
|
189
|
-
ensure_delete_user(uid) do
|
190
|
-
password = config[:password] || "password"
|
191
|
-
uid_number = config[:uid_number] || default_uid
|
192
|
-
gid_number = config[:gid_number] || default_gid
|
193
|
-
home_directory = config[:home_directory] || "/nonexistent"
|
194
|
-
_wrap_assertion do
|
195
|
-
assert(!@user_class.exists?(uid))
|
196
|
-
assert_raise(ActiveLdap::EntryNotFound) do
|
197
|
-
@user_class.find(uid).dn
|
198
|
-
end
|
199
|
-
user = @user_class.new(uid)
|
200
|
-
assert(user.new_entry?)
|
201
|
-
user.cn = user.uid
|
202
|
-
user.sn = user.uid
|
203
|
-
user.uid_number = uid_number
|
204
|
-
user.gid_number = gid_number
|
205
|
-
user.home_directory = home_directory
|
206
|
-
user.user_password = ActiveLdap::UserPassword.ssha(password)
|
207
|
-
unless config[:simple]
|
208
|
-
user.add_class('shadowAccount', 'inetOrgPerson',
|
209
|
-
'organizationalPerson')
|
210
|
-
user.user_certificate = certificate
|
211
|
-
user.jpeg_photo = jpeg_photo
|
212
|
-
end
|
213
|
-
user.save
|
214
|
-
assert(!user.new_entry?)
|
215
|
-
yield(@user_class.find(user.uid), password)
|
216
|
-
end
|
217
|
-
end
|
218
|
-
end
|
219
|
-
|
220
|
-
def make_temporary_group(config={})
|
221
|
-
@group_index += 1
|
222
|
-
cn = config[:cn] || "temp-group#{@group_index}"
|
223
|
-
ensure_delete_group(cn) do
|
224
|
-
gid_number = config[:gid_number] || default_gid
|
225
|
-
_wrap_assertion do
|
226
|
-
assert(!@group_class.exists?(cn))
|
227
|
-
assert_raise(ActiveLdap::EntryNotFound) do
|
228
|
-
@group_class.find(cn)
|
229
|
-
end
|
230
|
-
group = @group_class.new(cn)
|
231
|
-
assert(group.new_entry?)
|
232
|
-
group.gid_number = gid_number
|
233
|
-
assert(group.save)
|
234
|
-
assert(!group.new_entry?)
|
235
|
-
yield(@group_class.find(group.cn))
|
236
|
-
end
|
237
|
-
end
|
238
|
-
end
|
239
|
-
|
240
|
-
def ensure_delete_user(uid)
|
241
|
-
yield(uid)
|
242
|
-
ensure
|
243
|
-
@user_class.delete(uid) if @user_class.exists?(uid)
|
244
|
-
end
|
245
|
-
|
246
|
-
def ensure_delete_group(cn)
|
247
|
-
yield(cn)
|
248
|
-
ensure
|
249
|
-
@group_class.delete(cn) if @group_class.exists?(cn)
|
250
|
-
end
|
251
|
-
|
252
|
-
def default_uid
|
253
|
-
"10000#{@user_index}"
|
254
|
-
end
|
255
|
-
|
256
|
-
def default_gid
|
257
|
-
"10000#{@group_index}"
|
258
|
-
end
|
259
|
-
|
260
|
-
def certificate_path
|
261
|
-
File.join(@example_dir, 'example.der')
|
262
|
-
end
|
263
|
-
|
264
|
-
def certificate
|
265
|
-
return @@certificate if @@certificate
|
266
|
-
if File.exists?(certificate_path)
|
267
|
-
@@certificate = File.read(certificate_path)
|
268
|
-
return @@certificate
|
269
|
-
end
|
270
|
-
|
271
|
-
rsa = OpenSSL::PKey::RSA.new(512)
|
272
|
-
comment = "Generated by Ruby/OpenSSL"
|
273
|
-
|
274
|
-
cert = OpenSSL::X509::Certificate.new
|
275
|
-
cert.version = 3
|
276
|
-
cert.serial = 0
|
277
|
-
subject = [["OU", "test"],
|
278
|
-
["CN", Socket.gethostname]]
|
279
|
-
name = OpenSSL::X509::Name.new(subject)
|
280
|
-
cert.subject = name
|
281
|
-
cert.issuer = name
|
282
|
-
cert.not_before = Time.now
|
283
|
-
cert.not_after = Time.now + (365*24*60*60)
|
284
|
-
cert.public_key = rsa.public_key
|
285
|
-
|
286
|
-
ef = OpenSSL::X509::ExtensionFactory.new(nil, cert)
|
287
|
-
ef.issuer_certificate = cert
|
288
|
-
cert.extensions = [
|
289
|
-
ef.create_extension("basicConstraints","CA:FALSE"),
|
290
|
-
ef.create_extension("keyUsage", "keyEncipherment"),
|
291
|
-
ef.create_extension("subjectKeyIdentifier", "hash"),
|
292
|
-
ef.create_extension("extendedKeyUsage", "serverAuth"),
|
293
|
-
ef.create_extension("nsComment", comment),
|
294
|
-
]
|
295
|
-
aki = ef.create_extension("authorityKeyIdentifier",
|
296
|
-
"keyid:always,issuer:always")
|
297
|
-
cert.add_extension(aki)
|
298
|
-
cert.sign(rsa, OpenSSL::Digest::SHA1.new)
|
299
|
-
|
300
|
-
@@certificate = cert.to_der
|
301
|
-
@@certificate
|
302
|
-
end
|
303
|
-
|
304
|
-
def jpeg_photo_path
|
305
|
-
File.join(@example_dir, 'example.jpg')
|
306
|
-
end
|
307
|
-
|
308
|
-
def jpeg_photo
|
309
|
-
File.read(jpeg_photo_path)
|
310
|
-
end
|
311
|
-
end
|
312
|
-
|
313
|
-
module CommandSupport
|
314
|
-
def setup
|
315
|
-
super
|
316
|
-
@fakeroot = "fakeroot"
|
317
|
-
@ruby = File.join(::Config::CONFIG["bindir"],
|
318
|
-
::Config::CONFIG["RUBY_INSTALL_NAME"])
|
319
|
-
@top_dir = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
320
|
-
@examples_dir = File.join(@top_dir, "examples")
|
321
|
-
@lib_dir = File.join(@top_dir, "lib")
|
322
|
-
@ruby_args = [
|
323
|
-
"-I", @examples_dir,
|
324
|
-
"-I", @lib_dir,
|
325
|
-
]
|
326
|
-
end
|
327
|
-
|
328
|
-
def run_command(*args, &block)
|
329
|
-
file = Tempfile.new("al-command-support")
|
330
|
-
file.open
|
331
|
-
file.puts(ActiveLdap::Base.configurations["test"].to_yaml)
|
332
|
-
file.close
|
333
|
-
run_ruby(*[@command, "--config", file.path, *args], &block)
|
334
|
-
end
|
335
|
-
|
336
|
-
def run_ruby(*ruby_args, &block)
|
337
|
-
args = [@ruby, *@ruby_args]
|
338
|
-
args.concat(ruby_args)
|
339
|
-
Command.run(*args, &block)
|
340
|
-
end
|
341
|
-
|
342
|
-
def run_ruby_with_fakeroot(*ruby_args, &block)
|
343
|
-
args = [@fakeroot, @ruby, *@ruby_args]
|
344
|
-
args.concat(ruby_args)
|
345
|
-
Command.run(*args, &block)
|
346
|
-
end
|
347
|
-
end
|
348
|
-
|
349
|
-
module MockLogger
|
350
|
-
def make_mock_logger
|
351
|
-
logger = Object.new
|
352
|
-
class << logger
|
353
|
-
def messages(type)
|
354
|
-
@messages ||= {}
|
355
|
-
@messages[type] ||= []
|
356
|
-
@messages[type]
|
357
|
-
end
|
358
|
-
|
359
|
-
def info(content=nil)
|
360
|
-
messages(:info) << (block_given? ? yield : content)
|
361
|
-
end
|
362
|
-
def warn(content=nil)
|
363
|
-
messages(:warn) << (block_given? ? yield : content)
|
364
|
-
end
|
365
|
-
def error(content=nil)
|
366
|
-
messages(:error) << (block_given? ? yield : content)
|
367
|
-
end
|
368
|
-
end
|
369
|
-
logger
|
370
|
-
end
|
371
|
-
|
372
|
-
def with_mock_logger
|
373
|
-
original_logger = ActiveLdap::Base.logger
|
374
|
-
mock_logger = make_mock_logger
|
375
|
-
ActiveLdap::Base.logger = mock_logger
|
376
|
-
yield(mock_logger)
|
377
|
-
ensure
|
378
|
-
ActiveLdap::Base.logger = original_logger
|
379
|
-
end
|
380
|
-
end
|
381
|
-
end
|