class ActiveLdap::Adapter::Ldap
def add(dn, entries, options={})
def add(dn, entries, options={}) super do |_dn, _entries| controls = options[:controls] attributes = parse_entries(_entries) info = {:dn => _dn, :attributes => _entries} if controls info.merge!(:name => :add, :controls => controls) execute(:add_ext, info, _dn, attributes, controls, []) else execute(:add, info, _dn, attributes) end end end
def bind(options={})
def bind(options={}) super do @connection.error_message end end
def bind_as_anonymous(options={})
def bind_as_anonymous(options={}) super do execute(:bind, :name => "bind: anonymous") true end end
def connect(options={})
def connect(options={}) super do |host, port, method| uri = construct_uri(host, port, method.ssl?) with_start_tls = method.start_tls? info = { :uri => uri, :with_start_tls => with_start_tls, :tls_options => @tls_options, } connection = log("connect", info) do method.connect(host, port, :tls_options => @tls_options) end [connection, uri, with_start_tls] end end
def delete(targets, options={})
def delete(targets, options={}) super do |target| controls = options[:controls] info = {:dn => target} if controls info.merge!(:name => :delete, :controls => controls) execute(:delete_ext, info, target, controls, []) else execute(:delete, info, target) end end end
def ensure_method(method)
def ensure_method(method) normalized_method = method.to_s.downcase Method.constants.each do |name| if normalized_method == name.to_s.downcase return Method.const_get(name).new end end available_methods = Method.constants.collect do |name| name.downcase.to_sym.inspect end.join(", ") format = _("%s is not one of the available connect methods: %s") raise ConfigurationError, format % [method.inspect, available_methods] end
def ensure_mod_type(type)
def ensure_mod_type(type) case type when :replace, :add, :delete LDAP.const_get("LDAP_MOD_#{type.to_s.upcase}") else raise ArgumentError, _("unknown type: %s") % type end end
def ensure_scope(scope)
def ensure_scope(scope) scope_map = { :base => LDAP::LDAP_SCOPE_BASE, :sub => LDAP::LDAP_SCOPE_SUBTREE, :one => LDAP::LDAP_SCOPE_ONELEVEL, } value = scope_map[scope || :sub] if value.nil? available_scopes = scope_map.keys.inspect format = _("%s is not one of the available LDAP scope: %s") raise ArgumentError, format % [scope.inspect, available_scopes] end value end
def execute(method, info=nil, *args, &block)
def execute(method, info=nil, *args, &block) begin name = (info || {}).delete(:name) || method @connection.set_option(LDAP::LDAP_OPT_REFERRALS, @ldap_follow_referrals) log(name, info) {@connection.send(method, *args, &block)} rescue LDAP::ResultError @connection.assert_error_code raise $!.message end end
def modify(dn, entries, options={})
def modify(dn, entries, options={}) super do |_dn, _entries| controls = options[:controls] attributes = parse_entries(_entries) info = {:dn => _dn, :attributes => _entries} if controls info.merge!(:name => :modify, :controls => controls) execute(:modify_ext, info, _dn, attributes, controls, []) else execute(:modify, info, _dn, attributes) end end end
def modify_rdn(dn, new_rdn, delete_old_rdn, new_superior, options={})
def modify_rdn(dn, new_rdn, delete_old_rdn, new_superior, options={}) super do |_dn, _new_rdn, _delete_old_rdn, _new_superior| rename_available_p = @connection.respond_to?(:rename) if _new_superior and not rename_available_p raise NotImplemented.new(_("modify RDN with new superior")) end info = { :name => "modify: RDN", :dn => _dn, :new_rdn => _new_rdn, :new_superior => _new_superior, :delete_old_rdn => _delete_old_rdn } if rename_available_p execute(:rename, info, _dn, _new_rdn, _new_superior, _delete_old_rdn, [], []) else execute(:modrdn, info, _dn, _new_rdn, _delete_old_rdn) end end end
def parse_entries(entries)
def parse_entries(entries) result = [] entries.each do |type, key, attributes| mod_type = ensure_mod_type(type) binary = schema.attribute(key).binary? mod_type |= LDAP::LDAP_MOD_BVALUES if binary attributes.each do |name, values| additional_mod_type = 0 if values.any? {|value| Ldif::Attribute.binary_value?(value)} additional_mod_type |= LDAP::LDAP_MOD_BVALUES end result << LDAP.mod(mod_type | additional_mod_type, name, values) end end result end
def prepare_connection(options={})
def prepare_connection(options={}) operation(options) do @connection.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3) @ldap_follow_referrals = follow_referrals?(options) ? 1 : 0 @connection.set_option(LDAP::LDAP_OPT_REFERRALS, @ldap_follow_referrals) end end
def sasl_bind(bind_dn, options={})
def sasl_bind(bind_dn, options={}) super do |_bind_dn, mechanism, quiet| begin _bind_dn ||= '' sasl_quiet = @connection.sasl_quiet @connection.sasl_quiet = quiet unless quiet.nil? args = [_bind_dn, mechanism] credential = nil if need_credential_sasl_mechanism?(mechanism) credential = password(_bind_dn, options) end if @sasl_options credential ||= "" args.concat([credential, nil, nil, @sasl_options]) else args << credential if credential end info = { :name => "bind: SASL", :dn => _bind_dn, :mechanism => mechanism } execute(:sasl_bind, info, *args) true ensure @connection.sasl_quiet = sasl_quiet end end end
def scope_name(scope)
def scope_name(scope) { LDAP::LDAP_SCOPE_BASE => :base, LDAP::LDAP_SCOPE_SUBTREE => :sub, LDAP::LDAP_SCOPE_ONELEVEL => :one, }[scope] end
def search(options={})
def search(options={}) super(options) do |search_options| begin scope = search_options[:scope] info = search_options.merge(scope: scope_name(scope)) execute(:search_full, info, search_options) do |entry| attributes = {} entry.attrs.each do |attr| value = entry.vals(attr) attributes[attr] = value if value end yield([entry.dn, attributes]) end rescue RuntimeError if $!.message == "no result returned by search" @logger.debug do args = [ search_options[:filter], search_options[:attributes].inspect, ] _("No matches: filter: %s: attributes: %s") % args end else raise end end end end
def simple_bind(bind_dn, options={})
def simple_bind(bind_dn, options={}) super do |_bind_dn, password| execute(:bind, {:dn => _bind_dn}, _bind_dn, password) true end end
def unbind(options={})
def unbind(options={}) super do execute(:unbind) end end