socialcast 1.3.0 → 1.3.1

data/README.md

@@ -5,7 +5,7 @@ command line interface to the Socialcast API
 http://www.socialcast.com/resources/api.html
 
 ## Contributing
- 
+
 * Fork the project.
 * Fix the issue
 * Add tests

data/lib/socialcast.rb

@@ -8,19 +8,23 @@ module Socialcast
       FileUtils.mkdir config_dir, :mode => 0700 unless File.exist?(config_dir)
       config_dir
     end
+
     def self.credentials_file
-      File.join config_dir, 'credentials.yml'
+      ENV['SC_CREDENTIALS_FILE'] || File.join(config_dir, 'credentials.yml')
     end
+
     def self.credentials
       fail 'Unknown Socialcast credentials.  Run `socialcast authenticate` to initialize' unless File.exist?(credentials_file)
-      @@credentials ||= YAML.load_file(credentials_file)
+      YAML.load_file(credentials_file)
     end
+
     def self.credentials=(options)
       File.open(credentials_file, "w") do |f|
         f.write(options.to_yaml)
       end
       File.chmod 0600, credentials_file
     end
+
     # configure restclient for api call
     def self.resource_for_path(path, options = {}, debug = true)
       RestClient.log = Logger.new(STDOUT) if debug
@@ -28,5 +32,6 @@ module Socialcast
       url = ['https://', credentials[:domain], path].join
       RestClient::Resource.new url, options.merge({ :user => credentials[:user], :password => credentials[:password] })
     end
+
   end
 end

data/lib/socialcast/command_line/cli.rb

@@ -33,7 +33,7 @@ module Socialcast
       include Thor::Actions
 
       method_option :trace, :type => :boolean, :aliases => '-v'
-      def initialize(*args); super(*args) end
+      def initialize(*args); super; end
 
       desc "authenticate", "Authenticate using your Socialcast credentials"
       method_option :user, :type => :string, :aliases => '-u', :desc => 'email address for the authenticated user'
@@ -47,7 +47,7 @@ module Socialcast
 
         url = ['https://', domain, '/api/authentication'].join
         say "Authenticating #{user} to #{url}"
-        params = {:email => user, :password => password }
+        params = { :email => user, :password => password }
         RestClient.log = Logger.new(STDOUT) if options[:trace]
         RestClient.proxy = options[:proxy] if options[:proxy]
         resource = RestClient::Resource.new url

data/lib/socialcast/command_line/provision.rb

@@ -25,6 +25,27 @@ module Socialcast
         end
       end
 
+      def fetch_user_hash(identifier, options = {})
+        identifying_field = options.delete(:identifying_field) || 'unique_identifier'
+
+        each_ldap_connection do |connection_name, connection_config, ldap|
+          filter = if connection_config['filter'].present?
+                     Net::LDAP::Filter.construct(connection_config['filter'])
+                   else
+                     Net::LDAP::Filter.pres("objectclass")
+                   end
+
+          attr_mappings = attribute_mappings(connection_name)
+
+          filter = filter & Net::LDAP::Filter.construct("#{attr_mappings[identifying_field]}=#{identifier}")
+
+          search(ldap, :base => connection_config['basedn'], :filter => filter, :attributes => ldap_search_attributes(connection_name), :size => 1) do |entry, connection|
+            return build_user_hash_from_mappings(ldap, entry, attr_mappings, permission_mappings(connection_name))
+          end
+        end
+        nil
+      end
+
       def provision
         http_config = @ldap_config.fetch 'http', {}
 
@@ -46,8 +67,8 @@ module Socialcast
 
         if @options[:sanity_check]
           puts "Sanity checking users currently marked as needing to be terminated"
-          each_ldap_connection do |ldap_connection_name, connection, ldap|
-            attr_mappings = attribute_mappings(ldap_connection_name)
+          each_ldap_connection do |connection_name, connection_config, ldap|
+            attr_mappings = attribute_mappings(connection_name)
             (current_socialcast_users(http_config) - user_whitelist).each do |user_identifiers|
               combined_filters = []
               ['email', 'unique_identifier', 'employee_number'].each_with_index do |identifier, index|
@@ -55,8 +76,8 @@ module Socialcast
               end
               combined_filters.compact!
               filter = ((combined_filters.size > 1) ? '(|%s)' : '%s') % combined_filters.join(' ')
-              filter = Net::LDAP::Filter.construct(filter) & Net::LDAP::Filter.construct(connection["filter"])
-              ldap_result = ldap.search(:return_result => true, :base => connection["basedn"], :filter => filter, :attributes => ldap_search_attributes(ldap_connection_name))
+              filter = Net::LDAP::Filter.construct(filter) & Net::LDAP::Filter.construct(connection_config["filter"])
+              ldap_result = ldap.search(:return_result => true, :base => connection_config["basedn"], :filter => filter, :attributes => ldap_search_attributes(connection_name))
               raise ProvisionError.new "Found user marked for termination that should not be terminated: #{user_identifiers}" unless ldap_result.blank?
             end
           end
@@ -85,8 +106,8 @@ module Socialcast
       def sync_photos
         http_config = @ldap_config.fetch 'http', {}
 
-        @ldap_config["connections"].keys.each do |ldap_connection_name|
-          attribute_mappings(ldap_connection_name).fetch('profile_photo')
+        @ldap_config["connections"].keys.each do |connection_name|
+          attribute_mappings(connection_name).fetch('profile_photo')
         end
 
         search_users_resource = Socialcast::CommandLine.resource_for_path '/api/users/search', http_config
@@ -129,14 +150,29 @@ module Socialcast
 
       private
 
-      def dereference_mail(entry, ldap_connection, dn_field, mail_attribute)
+      def dereference_mail(entry, ldap, dn_field, mail_attribute)
         dn = grab(entry, dn_field)
-        ldap_connection.search(:base => dn, :scope => Net::LDAP::SearchScope_BaseObject) do |manager_entry|
+        ldap.search(:base => dn, :scope => Net::LDAP::SearchScope_BaseObject) do |manager_entry|
           return grab(manager_entry, mail_attribute)
         end
       end
 
-      def build_user_hash_from_mappings(ldap_connection, entry, attr_mappings, perm_mappings)
+      def search(ldap, search_options)
+        options_for_search = if search_options[:base].present?
+                               Array.wrap(search_options)
+                             else
+                               distinguished_names = Array.wrap(ldap.search_root_dse.namingcontexts)
+                               options_for_search = distinguished_names.map { |dn| search_options.merge(:base => dn ) }
+                             end
+
+        options_for_search.each do |options|
+          ldap.search(options) do |entry|
+            yield(entry)
+          end
+        end
+      end
+
+      def build_user_hash_from_mappings(ldap, entry, attr_mappings, perm_mappings)
         user_hash = HashWithIndifferentAccess.new
         primary_attributes = %w{unique_identifier first_name last_name employee_number}
         primary_attributes.each do |attribute|
@@ -156,7 +192,7 @@ module Socialcast
         user_hash['custom_fields'] = []
         custom_attributes.each do |attribute|
           if attribute == 'manager'
-            user_hash['custom_fields'] << { 'id' => 'manager_email', 'label' => 'manager_email', 'value' => dereference_mail(entry, ldap_connection, attr_mappings[attribute], attr_mappings['email']) }
+            user_hash['custom_fields'] << { 'id' => 'manager_email', 'label' => 'manager_email', 'value' => dereference_mail(entry, ldap, attr_mappings[attribute], attr_mappings['email']) }
           else
             user_hash['custom_fields'] << { 'id' => attribute, 'label' => attribute, 'value' => grab(entry, attr_mappings[attribute]) }
           end
@@ -185,14 +221,13 @@ module Socialcast
         user_hash
       end
 
-
       def each_ldap_entry(&block)
         count = 0
 
-        each_ldap_connection do |ldap_connection_name, connection, ldap|
-          attr_mappings = attribute_mappings(ldap_connection_name)
-          perm_mappings = permission_mappings(ldap_connection_name)
-          ldap.search(:return_result => false, :filter => connection["filter"], :base => connection["basedn"], :attributes => ldap_search_attributes(ldap_connection_name)) do |entry|
+        each_ldap_connection do |connection_name, connection_config, ldap|
+          attr_mappings = attribute_mappings(connection_name)
+          perm_mappings = permission_mappings(connection_name)
+          search(ldap, :return_result => false, :filter => connection_config["filter"], :base => connection_config["basedn"], :attributes => ldap_search_attributes(connection_name)) do |entry|
             if grab(entry, attr_mappings["email"]).present? || (attr_mappings.has_key?("unique_identifier") && grab(entry, attr_mappings["unique_identifier"]).present?)
               yield ldap, entry, attr_mappings, perm_mappings
             end
@@ -204,26 +239,24 @@ module Socialcast
         puts "Finished scanning #{count} users"
       end
 
-
       def each_ldap_connection
-        @ldap_config["connections"].each_pair do |ldap_connection_name, connection|
-          puts "Connecting to #{ldap_connection_name} at #{[connection["host"], connection["port"]].join(':')}"
-          ldap = create_ldap_instance(connection)
-          puts "Searching base DN: #{connection["basedn"]} with filter: #{connection["filter"]}"
-          yield ldap_connection_name, connection, ldap
+        @ldap_config["connections"].each_pair do |connection_name, connection_config|
+          puts "Connecting to #{connection_name} at #{[connection_config["host"], connection_config["port"]].join(':')} with base DN #{connection_config['basedn']} and filter #{connection_config['filter']}"
+          ldap = create_ldap_instance(connection_config)
+          yield connection_name, connection_config, ldap
         end
       end
 
-      def create_ldap_instance(connection)
-        ldap = Net::LDAP.new :host => connection["host"], :port => connection["port"], :base => connection["basedn"]
-        ldap.encryption connection['encryption'].to_sym if connection['encryption']
-        ldap.auth connection["username"], connection["password"]
+      def create_ldap_instance(connection_config)
+        ldap = Net::LDAP.new :host => connection_config["host"], :port => connection_config["port"], :base => connection_config["basedn"]
+        ldap.encryption connection_config['encryption'].to_sym if connection_config['encryption']
+        ldap.auth connection_config["username"], connection_config["password"]
         ldap
       end
 
-      def ldap_search_attributes(ldap_connection_name)
-        attr_mappings = attribute_mappings(ldap_connection_name)
-        perm_mappings = permission_mappings(ldap_connection_name)
+      def ldap_search_attributes(connection_name)
+        attr_mappings = attribute_mappings(connection_name)
+        perm_mappings = permission_mappings(connection_name)
 
         membership_attribute = perm_mappings.fetch 'attribute_name', 'memberof'
         attributes = attr_mappings.values.map do |mapping_value|

data/lib/socialcast/command_line/version.rb

@@ -1,5 +1,5 @@
 module Socialcast
   module CommandLine
-    VERSION = "1.3.0"
+    VERSION = "1.3.1"
   end
 end

data/spec/fixtures/credentials.yml

@@ -1,4 +1,4 @@
---- 
+---
 :user: ryan@socialcast.com
 :password: foo
 :domain: test.staging.socialcast.com

data/spec/fixtures/custom_credentials.yml

@@ -0,0 +1,4 @@
+---
+:user: mike@socialcast.com
+:password: michael
+:domain: test.staging.socialcast.com

data/spec/fixtures/ldap_with_blank_basedn.yml

@@ -0,0 +1,50 @@
+--- 
+# LDAP connections
+connections:
+  example_connection_1:
+    username: "cn=Directory Manager"
+    password: "test"
+    host: localhost
+    port: 1389
+    basedn: 
+    filter: "(mail=*)"
+
+
+# LDAP attribute mappings
+mappings: 
+  first_name: givenName
+  last_name: sn
+  email: mail
+  # only use employee_number if the email is unknown
+  # employee_number: emp_id
+  # only use unique_identifier if you do not wish to use email as the main user identification method
+  # unique_identifier: samaccountname
+
+
+# Map LDAP Group Memberships to Socialcast Permissions
+permission_mappings:
+  # configure LDAP field for group memberships (ex: memberof, isMemberOf, etc)
+  attribute_name: isMemberOf
+  account_types:
+    external: "cn=External,dc=example,dc=com"
+  roles:
+    tenant_admin: "cn=Admins,dc=example,dc=com"
+    sbi_admin: "cn=SbiAdmins,dc=example,dc=com"
+    reach_admin: "cn=ReachAdmins,dc=example,dc=com"
+    town_hall_admin: "cn=TownHallAdmins,dc=example,dc=com"
+
+
+# general script options
+options:
+  # cleanup the extracted ldap data file after run is complete
+  delete_users_file: false
+  # skip sending emails to newly activated users
+  skip_emails: true
+  # do not actually provision accounts
+  # useful during testing
+  test: true
+
+
+# http options for connecting to Socialcast servers
+http:
+  timeout: 660

data/spec/fixtures/ldap_without_filter.yml

@@ -0,0 +1,50 @@
+--- 
+# LDAP connections
+connections:
+  example_connection_1:
+    username: "cn=Directory Manager"
+    password: "test"
+    host: localhost
+    port: 1389
+    basedn: "dc=example,dc=com"
+    filter: 
+
+
+# LDAP attribute mappings
+mappings: 
+  first_name: givenName
+  last_name: sn
+  email: mail
+  # only use employee_number if the email is unknown
+  # employee_number: emp_id
+  # only use unique_identifier if you do not wish to use email as the main user identification method
+  # unique_identifier: samaccountname
+
+
+# Map LDAP Group Memberships to Socialcast Permissions
+permission_mappings:
+  # configure LDAP field for group memberships (ex: memberof, isMemberOf, etc)
+  attribute_name: isMemberOf
+  account_types:
+    external: "cn=External,dc=example,dc=com"
+  roles:
+    tenant_admin: "cn=Admins,dc=example,dc=com"
+    sbi_admin: "cn=SbiAdmins,dc=example,dc=com"
+    reach_admin: "cn=ReachAdmins,dc=example,dc=com"
+    town_hall_admin: "cn=TownHallAdmins,dc=example,dc=com"
+
+
+# general script options
+options:
+  # cleanup the extracted ldap data file after run is complete
+  delete_users_file: false
+  # skip sending emails to newly activated users
+  skip_emails: true
+  # do not actually provision accounts
+  # useful during testing
+  test: true
+
+
+# http options for connecting to Socialcast servers
+http:
+  timeout: 660

data/spec/socialcast/command_line/cli_spec.rb

@@ -12,11 +12,14 @@ describe Socialcast::CommandLine::CLI do
   let(:ldap_with_profile_photo_config) { YAML.load_file(ldap_with_profile_photo_config_file) }
   let(:ldap_without_permission_mappings_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_without_permission_mappings.yml')) }
 
+  before do
+    Socialcast::CommandLine.stub(:credentials).and_return(credentials)
+  end
+
   describe '#share' do
     # Expects -u=emily@socialcast.com -p=demo --domain=demo.socialcast.com
     context 'with a basic message' do
       before do
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
                  with(:body => { "message" => { "body" => "testing", "url" => nil, "message_type" => nil, "attachment_ids" => [], "group_id" => nil }}).
                  with(:headers => {'Accept' => 'application/json'}).
@@ -31,7 +34,6 @@ describe Socialcast::CommandLine::CLI do
 
     context 'with a message_type message' do
       before do
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
                  with(:body => /message\_type\"\:review\_request/).
                  with(:body => /please\sreview/).
@@ -46,7 +48,6 @@ describe Socialcast::CommandLine::CLI do
     end
     context 'with a group_id param' do
       before do
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
                  with(:body => /group\_id\"\:123/).
                  with(:headers => {'Accept' => 'application/json'}).
@@ -60,7 +61,6 @@ describe Socialcast::CommandLine::CLI do
     end
     context "with a proxy" do
       before do
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
                  with(:body => /message\_type\"\:null/).
                  with(:body => /testing/).
@@ -93,7 +93,6 @@ describe Socialcast::CommandLine::CLI do
         @entry[:jpegPhoto] = photo_data
         Net::LDAP.any_instance.stub(:search).and_yield(@entry)
 
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         user_search_resource = double(:user_search_resource)
         search_api_response = {
           'users' => [
@@ -131,7 +130,6 @@ describe Socialcast::CommandLine::CLI do
         @entry[:jpegPhoto] = photo_data
         Net::LDAP.any_instance.stub(:search).and_yield(@entry)
 
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         user_search_resource = double(:user_search_resource)
         search_api_response = {
           'users' => [
@@ -165,7 +163,6 @@ describe Socialcast::CommandLine::CLI do
         @entry[:jpegPhoto] = "\x89PNGabc"
         Net::LDAP.any_instance.stub(:search).and_yield(@entry)
 
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         user_search_resource = double(:user_search_resource)
         search_api_response = {
           'users' => [
@@ -202,7 +199,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_without_permission_mappings_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -218,7 +214,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_without_permission_mappings_config)
 
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
@@ -235,7 +230,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_without_permission_mappings_config)
 
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
@@ -256,7 +250,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).with(hash_including('config' => '/my/path/to/ldap.yml')).and_return(ldap_without_permission_mappings_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
         RestClient::Resource.any_instance.stub(:post)
@@ -273,7 +266,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_without_permission_mappings_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
         RestClient::Resource.any_instance.stub(:post)
@@ -292,7 +284,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_plugin_mapping_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
         RestClient::Resource.any_instance.stub(:post)
@@ -312,7 +303,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_without_permission_mappings_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -334,7 +324,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_default_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -356,7 +345,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_array_permission_mapping_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -379,7 +367,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_default_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -404,7 +391,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_array_permission_mapping_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -429,7 +415,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_array_permission_mapping_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -456,7 +441,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_interpolated_values_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -482,7 +466,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_with_manager_attribute_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 
@@ -512,7 +495,6 @@ describe Socialcast::CommandLine::CLI do
 
         @result = ''
         Zlib::GzipWriter.stub(:open).and_yield(@result)
-        Socialcast::CommandLine.stub(:credentials).and_return(credentials)
         Socialcast::CommandLine::CLI.any_instance.should_receive(:ldap_config).and_return(ldap_default_config)
         File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
 

data/spec/socialcast/command_line/provision_spec.rb

@@ -3,6 +3,7 @@ require 'spec_helper'
 describe Socialcast::CommandLine::Provision do
   let!(:credentials) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'credentials.yml')) }
   let!(:ldap_default_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap.yml')) }
+  let!(:ldap_blank_basedn_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_blank_basedn.yml')) }
   let!(:ldap_connection_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_connection_mapping.yml')) }
   let!(:ldap_connection_permission_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_connection_permission_mapping.yml')) }
   let!(:ldap_multiple_connection_mapping_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_multiple_connection_mappings.yml')) }
@@ -15,6 +16,7 @@ describe Socialcast::CommandLine::Provision do
   let!(:ldap_with_roles_without_account_type_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_roles_without_account_type.yml')) }
   let!(:ldap_with_unique_identifier_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_with_unique_identifier.yml')) }
   let!(:ldap_without_account_type_or_roles_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_without_account_type_or_roles.yml')) }
+  let!(:ldap_without_filter_config) { YAML.load_file(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'ldap_without_filter.yml')) }
 
   def create_entry(entry_attributes)
     Net::LDAP::Entry.new("dc=example,dc=com").tap do |e|
@@ -132,12 +134,12 @@ describe Socialcast::CommandLine::Provision do
         before do
           provision_instance = Socialcast::CommandLine::Provision.new(ldap_multiple_connection_mapping_config, {})
 
-          ldap_instance1 = double
+          ldap_instance1 = double(Net::LDAP)
           provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance1)
           entry1 = create_entry :mailCon => 'user@example.com', :givenName => 'first name', :sn => 'last name'
           ldap_instance1.should_receive(:search).once.with(hash_including(:attributes => ['mailCon', 'isMemberOf'])).and_yield(entry1)
 
-          ldap_instance2 = double
+          ldap_instance2 = double(Net::LDAP)
           provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance2)
           entry2 = create_entry :mailCon2 => 'user2@example.com', :firstName => 'first name2', :sn => 'last name2'
           ldap_instance2.should_receive(:search).once.with(hash_including(:attributes => ['mailCon2', 'firstName', 'isMemberOf'])).and_yield(entry2)
@@ -190,7 +192,7 @@ describe Socialcast::CommandLine::Provision do
         before do
           provision_instance = Socialcast::CommandLine::Provision.new(ldap_with_manager_attribute_config, {})
 
-          ldap_instance = double
+          ldap_instance = double(Net::LDAP)
           provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance)
 
           user_entry = create_entry :mail => 'user@example.com', :ldap_manager => 'cn=theboss,dc=example,dc=com'
@@ -358,12 +360,12 @@ describe Socialcast::CommandLine::Provision do
         before do
           provision_instance = Socialcast::CommandLine::Provision.new(ldap_multiple_connection_permission_mapping_config, {})
 
-          ldap_instance1 = double
+          ldap_instance1 = double(Net::LDAP)
           provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance1)
           entry1 = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name', :memberOf => ["cn=External,dc=example,dc=com", "cn=SbiAdmins,dc=example,dc=com", "cn=TownHallAdmins,dc=example,dc=com"]
           ldap_instance1.should_receive(:search).once.with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'memberOf'])).and_yield(entry1)
 
-          ldap_instance2 = double
+          ldap_instance2 = double(Net::LDAP)
           provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance2)
           entry2 = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name', :member => ["cn=Contractors,dc=example,dc=com", "cn=SbiAdmins,dc=example,dc=com", "cn=TownHallAdmins,dc=example,dc=com"]
           ldap_instance2.should_receive(:search).once.with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'member'])).and_yield(entry2)
@@ -383,6 +385,28 @@ describe Socialcast::CommandLine::Provision do
         it_behaves_like "permission attributes are mapped properly"
       end
     end
+
+    context "with no basedn configured" do
+      before do
+        RestClient::Resource.any_instance.should_receive(:post).once.with(hash_including(:file => result), { :accept => :json })
+
+        provision_instance = Socialcast::CommandLine::Provision.new(ldap_blank_basedn_config, {})
+
+        root_entry = create_entry(:namingcontexts => ['dc=foo,dc=com', 'dc=bar,dc=com'])
+        ldap_instance = double(Net::LDAP)
+        ldap_instance.should_receive(:search_root_dse).once.and_return(root_entry)
+        provision_instance.should_receive(:create_ldap_instance).once.ordered.and_return(ldap_instance)
+
+        user_entry = create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name'
+        ldap_instance.should_receive(:search).once.ordered.with(hash_including(:base => 'dc=foo,dc=com', :attributes => ['givenName', 'sn', 'mail', 'isMemberOf']))
+        ldap_instance.should_receive(:search).once.ordered.with(hash_including(:base => 'dc=bar,dc=com', :attributes => ['givenName', 'sn', 'mail', 'isMemberOf'])).and_yield(user_entry)
+
+        provision_instance.provision
+      end
+      it "searches all basedns and puts the user in the output file" do
+        result.should =~ /user@example.com/
+      end
+    end
   end
 
   describe '#dereference_mail' do
@@ -427,6 +451,74 @@ describe Socialcast::CommandLine::Provision do
     end
   end
 
+  describe "#fetch_user_hash" do
+    context "without specifying an identifying field" do
+      let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_with_unique_identifier_config, {}) }
+      let(:entry) { create_entry :uid => 'unique identifier', :givenName => 'first name', :sn => 'last name' }
+      before do
+        filter = Net::LDAP::Filter.construct('(&(mail=*)(uid=unique identifier))')
+        Net::LDAP.any_instance.should_receive(:search).once
+          .with(hash_including(:attributes => ['givenName', 'sn', 'uid', 'isMemberOf'], :filter => filter))
+          .and_yield(entry)
+      end
+      it do
+        provision_instance.fetch_user_hash('unique identifier').should == {
+          'account_type' => 'member',
+          'contact_info' => {},
+          'custom_fields' => [],
+          'first_name' => 'first name',
+          'last_name' => 'last name',
+          'roles' => [],
+          'unique_identifier' => 'unique identifier'
+        }
+      end
+    end
+    context "specifying an identifying field" do
+      let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_default_config, {}) }
+      let(:entry) { create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name' }
+      before do
+        filter = Net::LDAP::Filter.construct('(&(mail=*)(mail=user@example.com))')
+        Net::LDAP.any_instance.should_receive(:search).once
+          .with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'isMemberOf'], :filter => filter))
+          .and_yield(entry)
+      end
+      it do
+        provision_instance.fetch_user_hash('user@example.com', :identifying_field => 'email').should == {
+          'account_type' => 'member',
+          'contact_info' => {
+            'email' => 'user@example.com'
+          },
+          'custom_fields' => [],
+          'first_name' => 'first name',
+          'last_name' => 'last name',
+          'roles' => []
+        }
+      end
+    end
+    context "without a filter specified" do
+      let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_without_filter_config, {}) }
+      let(:entry) { create_entry :mail => 'user@example.com', :givenName => 'first name', :sn => 'last name' }
+      before do
+        filter = Net::LDAP::Filter.construct('(&(objectclass=*)(mail=user@example.com))')
+        Net::LDAP.any_instance.should_receive(:search).once
+          .with(hash_including(:attributes => ['givenName', 'sn', 'mail', 'isMemberOf'], :filter => filter))
+          .and_yield(entry)
+      end
+      it do
+        provision_instance.fetch_user_hash('user@example.com', :identifying_field => 'email').should == {
+          'account_type' => 'member',
+          'contact_info' => {
+            'email' => 'user@example.com'
+          },
+          'custom_fields' => [],
+          'first_name' => 'first name',
+          'last_name' => 'last name',
+          'roles' => []
+        }
+      end
+    end
+  end
+
   describe "#grab" do
     let(:provision_instance) { Socialcast::CommandLine::Provision.new(ldap_with_plugin_mapping_config, :plugins => 'socialcast/command_line/fake_attribute_map') }
     let(:entry) do

data/spec/socialcast/socialcast_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Socialcast::CommandLine do
+
+  let(:custom_file) { File.join(File.dirname(__FILE__), '..', 'fixtures', 'custom_credentials.yml') }
+  let(:stubbed_credentials) { File.join(File.dirname(__FILE__), '..', 'fixtures') }
+  before { Socialcast::CommandLine.stub(:config_dir).and_return(stubbed_credentials) }
+
+  describe '#credentials_file' do
+    subject { Socialcast::CommandLine.credentials_file }
+    context 'with ENV variable' do
+      before { ENV['SC_CREDENTIALS_FILE'] = custom_file }
+      after { ENV['SC_CREDENTIALS_FILE'] = nil }
+      it { should == custom_file }
+    end
+    context 'without ENV variable' do
+      it { should == File.join(Socialcast::CommandLine.config_dir, 'credentials.yml') }
+    end
+  end
+
+  describe '#credentials' do
+    subject { Socialcast::CommandLine.credentials }
+    describe 'with ENV variable' do
+      before { ENV['SC_CREDENTIALS_FILE'] = custom_file }
+      after { ENV['SC_CREDENTIALS_FILE'] = nil }
+      it { subject[:user].should == 'mike@socialcast.com' }
+    end
+    describe 'without ENV variable' do
+      it { subject[:user].should == 'ryan@socialcast.com' }
+    end
+  end
+
+end

metadata

@@ -1,7 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: socialcast
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.3.1
+  prerelease: 
 platform: ruby
 authors:
 - Ryan Sonnek
@@ -10,11 +11,12 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-18 00:00:00.000000000 Z
+date: 2014-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -22,6 +24,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -29,6 +32,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -39,6 +43,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -49,6 +54,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -59,6 +65,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -69,6 +76,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -79,6 +87,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -89,6 +98,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: socialcast-net-ldap
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -99,6 +109,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -109,6 +120,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -116,6 +128,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -123,6 +136,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -130,6 +144,7 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -137,6 +152,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -144,6 +160,7 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -151,6 +168,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -161,6 +179,7 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -171,6 +190,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
@@ -178,6 +198,7 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
@@ -185,6 +206,7 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -192,6 +214,7 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -224,10 +247,12 @@ files:
 - socialcast.gemspec
 - spec/fixtures/credentials.yml
 - spec/fixtures/credentials_with_proxy.yml
+- spec/fixtures/custom_credentials.yml
 - spec/fixtures/fake_attribute_map.rb
 - spec/fixtures/ldap.yml
 - spec/fixtures/ldap_with_account_type_without_roles.yml
 - spec/fixtures/ldap_with_array_permission_mapping.yml
+- spec/fixtures/ldap_with_blank_basedn.yml
 - spec/fixtures/ldap_with_class_ldap_attribute.yml
 - spec/fixtures/ldap_with_connection_mapping.yml
 - spec/fixtures/ldap_with_connection_permission_mapping.yml
@@ -241,41 +266,46 @@ files:
 - spec/fixtures/ldap_with_roles_without_account_type.yml
 - spec/fixtures/ldap_with_unique_identifier.yml
 - spec/fixtures/ldap_without_account_type_or_roles.yml
+- spec/fixtures/ldap_without_filter.yml
 - spec/fixtures/ldap_without_permission_mappings.yml
 - spec/socialcast/command_line/cli_spec.rb
 - spec/socialcast/command_line/provision_spec.rb
+- spec/socialcast/socialcast_spec.rb
 - spec/spec_helper.rb
 homepage: http://github.com/socialcast/socialcast-command-line
 licenses:
 - MIT
-metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: socialcast
-rubygems_version: 2.2.1
+rubygems_version: 1.8.23
 signing_key: 
-specification_version: 4
+specification_version: 3
 summary: command line interface to socialcast api
 test_files:
 - spec/fixtures/credentials.yml
 - spec/fixtures/credentials_with_proxy.yml
+- spec/fixtures/custom_credentials.yml
 - spec/fixtures/fake_attribute_map.rb
 - spec/fixtures/ldap.yml
 - spec/fixtures/ldap_with_account_type_without_roles.yml
 - spec/fixtures/ldap_with_array_permission_mapping.yml
+- spec/fixtures/ldap_with_blank_basedn.yml
 - spec/fixtures/ldap_with_class_ldap_attribute.yml
 - spec/fixtures/ldap_with_connection_mapping.yml
 - spec/fixtures/ldap_with_connection_permission_mapping.yml
@@ -289,7 +319,9 @@ test_files:
 - spec/fixtures/ldap_with_roles_without_account_type.yml
 - spec/fixtures/ldap_with_unique_identifier.yml
 - spec/fixtures/ldap_without_account_type_or_roles.yml
+- spec/fixtures/ldap_without_filter.yml
 - spec/fixtures/ldap_without_permission_mappings.yml
 - spec/socialcast/command_line/cli_spec.rb
 - spec/socialcast/command_line/provision_spec.rb
+- spec/socialcast/socialcast_spec.rb
 - spec/spec_helper.rb

checksums.yaml

@@ -1,15 +0,0 @@
----
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    NGRhZWZlNmVkZGY1ODEwZTcyNTJkMmYyZmE4ZjQ3Yzc4ZWIwNDIyNw==
-  data.tar.gz: !binary |-
-    MDMzZGZiZjdmN2NkOTk5NzZjYTU2MzY3YzIxZDQxZWNkMmQxNWMwNw==
-SHA512:
-  metadata.gz: !binary |-
-    MmEzZWUwYjZlZDk1ZGM3NWRkYjNlYWRiMWU3NGIxZTg3ZWEzOTg2NGRiZGFk
-    NDk4MGQ0NWI1OGNmZWMzYTEwZWJmZDg0NjI3OGRlZmViNmI0YjAxNjQ2NGU4
-    M2I1NmZmYTllYWRlMjkwZmY2YTY2ZjgyZDdmZTYwYjY3ZTFhNzI=
-  data.tar.gz: !binary |-
-    MTJmNDA3MTQ1ZDdkMDhhNDMyOWNiNjcyZTRhN2UzOWU2YjEzMDJmY2RiNDk3
-    YzZjMzMzNDdmYWYxMzllMmM0MGUxZTFiNTRiNzViZDVlZGRmZTQ1YjA4ZmRm
-    YjJiMzVjMzlmOGVlNDEzYzEzYTNhMTlkYzg5MGVlMmEwZTkyMTk=