class LdapFluff::FreeIPA::MemberService

handles the naughty bits of posix ldap

Attributes

ldap[RW]

Public Class Methods

new(ldap, group_base) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 8
def initialize(ldap, group_base)
  @ldap       = ldap
  @group_base = group_base
end

Public Instance Methods

_group_names_from_cn(grouplist) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 43
def _group_names_from_cn(grouplist)
  p = proc { |g| g.sub(/.*?cn=(.*?),.*/, '\1') }
  grouplist.collect(&p)
end
find_group(gid) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 29
def find_group(gid)
  group = @ldap.search(:filter => group_filter(gid), :base => @group_base)
  raise GIDNotFoundException if (group.nil? || group.empty?)
  group
end
find_user(uid) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 23
def find_user(uid)
  user = @ldap.search(:filter => name_filter(uid))
  raise UIDNotFoundException if (user.nil? || user.empty?)
  user
end
find_user_groups(uid) click to toggle source

return an ldap user with groups attached note : this method is not particularly fast for large ldap systems

# File lib/ldap_fluff/freeipa_member_service.rb, line 15
def find_user_groups(uid)
  user = find_user(uid)
  # if group data is missing, they aren't querying with a user
  # with enough privileges
  raise InsufficientQueryPrivilegesException if user.size <= 1
  _group_names_from_cn(user[1][:memberof])
end
group_filter(gid) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 39
def group_filter(gid)
  Net::LDAP::Filter.eq("cn", gid)
end
name_filter(uid) click to toggle source
# File lib/ldap_fluff/freeipa_member_service.rb, line 35
def name_filter(uid)
  Net::LDAP::Filter.eq("uid", uid)
end