ucb_rails_user 4.1.0 → 4.1.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a2d32568b7c7c44c29b420b560c94db14a5cef2150e40e69b535cc9fad3b6714
|
4
|
+
data.tar.gz: 7325bbb7ee1f6cd3ea3a04c7f38411d5e75551c31022260ba454d22769c60d2d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: efb9dd7b036a5de8251cab4068172cea5fdcce1db57be780d0e70111d90b634dc591a09fadc8b81206a6005f6d2b4a59cc63b31d729716abfc3a396492567b82
|
7
|
+
data.tar.gz: 7f0beaa12b968857a56c1c6a8966c51a77447f975c88494c5e6c4022d5ad712b7be085c91c6a0ab267d3d454de9cfd38b5f979c61becc2c3812d2853dfb224d7
|
@@ -14,6 +14,7 @@ module UcbRailsUser::LdapPerson
|
|
14
14
|
attribute :first_name
|
15
15
|
attribute :last_name
|
16
16
|
attribute :email
|
17
|
+
attribute :alternate_email
|
17
18
|
attribute :phone
|
18
19
|
attribute :departments
|
19
20
|
attribute :affiliations
|
@@ -40,19 +41,23 @@ module UcbRailsUser::LdapPerson
|
|
40
41
|
class << self
|
41
42
|
|
42
43
|
def new_from_ldap_entry(ldap_entry)
|
44
|
+
# the to_s calls are because the underlying LDAP library sometimes returns strings as instances
|
45
|
+
# of Net::BER::BerIdentifiedString rather than String, and the Oracle DB library doesn't play
|
46
|
+
# nicely with those (postgres and sqlite work fine)
|
43
47
|
new(
|
44
|
-
:
|
45
|
-
:
|
46
|
-
:
|
47
|
-
:
|
48
|
-
:
|
49
|
-
:
|
50
|
-
:
|
51
|
-
:
|
52
|
-
:
|
53
|
-
:
|
54
|
-
:
|
55
|
-
:
|
48
|
+
uid: ldap_entry.uid&.to_s,
|
49
|
+
calnet_id: ldap_entry.berkeleyedukerberosprincipalstring.first&.to_s,
|
50
|
+
employee_id: ldap_entry.attributes[:berkeleyeduucpathid]&.first&.to_s,
|
51
|
+
student_id: ldap_entry.berkeleyedustuid&.to_s,
|
52
|
+
first_name: ldap_entry.givenname.first&.to_s,
|
53
|
+
last_name: ldap_entry.sn.first&.to_s,
|
54
|
+
email: ldap_entry.mail.first&.to_s,
|
55
|
+
alternate_email: ldap_entry.attributes[:berkeleyeduofficialemail]&.first&.to_s,
|
56
|
+
phone: ldap_entry.phone&.to_s,
|
57
|
+
departments: ldap_entry.berkeleyeduunithrdeptname&.to_s,
|
58
|
+
affiliations: ldap_entry.berkeleyeduaffiliations&.map(&:to_s),
|
59
|
+
affiliate_id: ldap_entry.berkeleyeduaffid.first&.to_s,
|
60
|
+
inactive: ldap_entry.expired? || false
|
56
61
|
)
|
57
62
|
end
|
58
63
|
|
@@ -8,6 +8,9 @@ module UcbRailsUser
|
|
8
8
|
|
9
9
|
if people_ou_entry.present?
|
10
10
|
UcbRailsUser::UserLdapService.create_or_update_user_from_entry(people_ou_entry).tap do |user|
|
11
|
+
if missing_or_invalid_email?(user)
|
12
|
+
user.update(email: people_ou_entry.alternate_email) if people_ou_entry.alternate_email.present?
|
13
|
+
end
|
11
14
|
user.touch(:last_login_at)
|
12
15
|
end
|
13
16
|
else
|
@@ -15,6 +18,12 @@ module UcbRailsUser
|
|
15
18
|
end
|
16
19
|
end
|
17
20
|
|
21
|
+
private
|
22
|
+
|
23
|
+
def missing_or_invalid_email?(user)
|
24
|
+
user&.email.blank? || (user.email =~ URI::MailTo::EMAIL_REGEXP).nil?
|
25
|
+
end
|
26
|
+
|
18
27
|
end
|
19
28
|
|
20
29
|
end
|
@@ -4,20 +4,38 @@ class UcbRailsUser::UserUcPathService
|
|
4
4
|
|
5
5
|
class << self
|
6
6
|
|
7
|
+
def create_or_update_user_from_employee_id(employee_id)
|
8
|
+
ucpath_entry = ucpath_client.fetch_employee_data_with_employee_id(employee_id)
|
9
|
+
return nil unless ucpath_entry.present?
|
10
|
+
user = User.find_or_initialize_by(employee_id: employee_id)
|
11
|
+
update_user_record_from_ucpath_entry!(user, ucpath_entry)
|
12
|
+
end
|
13
|
+
|
7
14
|
def create_or_update_user_from_ldap_uid(ldap_uid)
|
8
|
-
ucpath_entry = ucpath_client.
|
15
|
+
ucpath_entry = ucpath_client.fetch_employee_data_with_ldap_uid(ldap_uid)
|
9
16
|
return nil unless ucpath_entry.present?
|
17
|
+
user = User.find_or_initialize_by(ldap_uid: ldap_uid)
|
18
|
+
update_user_record_from_ucpath_entry!(user, ucpath_entry)
|
19
|
+
end
|
10
20
|
|
11
|
-
|
21
|
+
def ucpath_client
|
22
|
+
UcPathClient.new
|
23
|
+
end
|
24
|
+
|
25
|
+
def update_user_record_from_ucpath_entry!(user, ucpath_entry)
|
26
|
+
user.tap do |u|
|
12
27
|
name_entry = parse_name(ucpath_entry)
|
13
|
-
|
14
|
-
|
15
|
-
|
28
|
+
u.first_name = name_entry["givenName"]
|
29
|
+
u.last_name = name_entry["familyName"]
|
30
|
+
u.employee_id ||= ucpath_entry["identifiers"]&.detect do |id|
|
16
31
|
id["type"] == "hr-employee-id"
|
17
32
|
end&.fetch("id")
|
18
|
-
|
19
|
-
|
20
|
-
|
33
|
+
u.ldap_uid ||= ucpath_entry["identifiers"]&.detect do |id|
|
34
|
+
id["type"] == "campus-uid"
|
35
|
+
end&.fetch("id")
|
36
|
+
u.email = parse_email(ucpath_entry)
|
37
|
+
u.inactive_flag = false # any way to pull this from the API?
|
38
|
+
u.save!
|
21
39
|
end
|
22
40
|
end
|
23
41
|
|
@@ -42,32 +60,38 @@ class UcbRailsUser::UserUcPathService
|
|
42
60
|
email_entry&.fetch("emailAddress")
|
43
61
|
end
|
44
62
|
|
45
|
-
def ucpath_client
|
46
|
-
UcPathClient.new
|
47
|
-
end
|
48
|
-
|
49
63
|
end
|
50
64
|
|
51
65
|
class UcPathClient
|
52
66
|
attr_reader :app_id, :app_key, :endpoint
|
53
67
|
|
54
68
|
def initialize
|
55
|
-
|
56
|
-
Rails.application.credentials.ucpath ||
|
57
|
-
|
58
|
-
|
59
|
-
|
69
|
+
base_credentials =
|
70
|
+
Rails.application.credentials.ucpath&.with_indifferent_access ||
|
71
|
+
Rails.application.credentials.hcm&.with_indifferent_access ||
|
72
|
+
Rails.application.credentials.fetch(:"ucb-hcm", {})&.with_indifferent_access
|
73
|
+
env_credentials = base_credentials&.fetch(Rails.env, {})
|
74
|
+
@app_id = env_credentials&.fetch(:app_id, nil) || base_credentials&.fetch(:app_id, nil)
|
75
|
+
@app_key = env_credentials&.fetch(:app_key, nil) || base_credentials&.fetch(:app_key, nil)
|
76
|
+
@endpoint = env_credentials&.fetch(:endpoint, nil) || base_credentials&.fetch(:endpoint, nil)
|
60
77
|
end
|
61
78
|
|
62
|
-
def
|
79
|
+
def fetch_employee_data_with_ldap_uid(ldap_uid)
|
80
|
+
fetch_employee_data(ldap_uid, "campus-uid")
|
81
|
+
end
|
82
|
+
|
83
|
+
def fetch_employee_data_with_employee_id(employee_id)
|
84
|
+
fetch_employee_data(employee_id, "hr-employee-id")
|
85
|
+
end
|
86
|
+
|
87
|
+
def fetch_employee_data(id, id_type)
|
63
88
|
if [app_id, app_key, endpoint].any?(&:blank?)
|
64
89
|
Rails.logger.warn missing_api_values_message
|
65
90
|
return nil
|
66
91
|
end
|
67
|
-
|
68
92
|
response =
|
69
|
-
Faraday.get("#{endpoint}/employees/#{
|
70
|
-
req.params["id-type"] =
|
93
|
+
Faraday.get("#{endpoint}/employees/#{id}") do |req|
|
94
|
+
req.params["id-type"] = id_type
|
71
95
|
req.headers["Accept"] = "application/json"
|
72
96
|
req.headers["app_id"] = app_id
|
73
97
|
req.headers["app_key"] = app_key
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ucb_rails_user
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.1.
|
4
|
+
version: 4.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Steve Downey
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2022-
|
14
|
+
date: 2022-10-17 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rails
|
@@ -107,16 +107,22 @@ dependencies:
|
|
107
107
|
name: omniauth
|
108
108
|
requirement: !ruby/object:Gem::Requirement
|
109
109
|
requirements:
|
110
|
-
- - "
|
110
|
+
- - ">="
|
111
111
|
- !ruby/object:Gem::Version
|
112
112
|
version: '1.8'
|
113
|
+
- - "<"
|
114
|
+
- !ruby/object:Gem::Version
|
115
|
+
version: '3.0'
|
113
116
|
type: :runtime
|
114
117
|
prerelease: false
|
115
118
|
version_requirements: !ruby/object:Gem::Requirement
|
116
119
|
requirements:
|
117
|
-
- - "
|
120
|
+
- - ">="
|
118
121
|
- !ruby/object:Gem::Version
|
119
122
|
version: '1.8'
|
123
|
+
- - "<"
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: '3.0'
|
120
126
|
- !ruby/object:Gem::Dependency
|
121
127
|
name: omniauth-cas
|
122
128
|
requirement: !ruby/object:Gem::Requirement
|
@@ -386,7 +392,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
386
392
|
- !ruby/object:Gem::Version
|
387
393
|
version: '0'
|
388
394
|
requirements: []
|
389
|
-
rubygems_version: 3.
|
395
|
+
rubygems_version: 3.3.7
|
390
396
|
signing_key:
|
391
397
|
specification_version: 4
|
392
398
|
summary: Rails engine for UCB user accounts
|