class Tapjoy::LDAP::Base
Attributes
basedn[R]
conn[R]
group[R]
hosts[R]
key[R]
service_ou[R]
Public Class Methods
new()
click to toggle source
Instantiate class
# File lib/tapjoy/ldap/base.rb, line 8 def initialize ldap_config_file = "#{ldap_config_directory}/ldap_info.yaml" ldap_password_file = "#{ldap_config_directory}/ldap.secret" begin if can_read_files?(ldap_config_file, ldap_password_file) load_config_from_files(ldap_config_file, ldap_password_file) else load_config_from_env end rescue => err STDERR.puts "Error message: #{err.inspect}" abort("Config not specified. Either provide #{ldap_config_file} and #{ldap_password_file} or environment variables") else @conn = find_valid_host end end
Public Instance Methods
add(distinguished_name, attributes)
click to toggle source
Add objects to LDAP
# File lib/tapjoy/ldap/base.rb, line 49 def add(distinguished_name, attributes) @conn.add(dn: distinguished_name, attributes: attributes) return return_result end
add_attribute(distinguished_name, attribute, value)
click to toggle source
# File lib/tapjoy/ldap/base.rb, line 54 def add_attribute(distinguished_name, attribute, value) @conn.add_attribute(distinguished_name, attribute, value) return return_result end
delete(distinguished_name)
click to toggle source
Delete objects from LDAP
# File lib/tapjoy/ldap/base.rb, line 71 def delete(distinguished_name) @conn.delete(:dn => distinguished_name) return return_result end
get_max_id(object_type, role)
click to toggle source
Get highest used ID
# File lib/tapjoy/ldap/base.rb, line 84 def get_max_id(object_type, role) case object_type when 'user' objectclass = 'person' ldap_attr = 'uidNumber' when 'group' objectclass = 'posixGroup' ldap_attr = 'gidNumber' else abort('Unknown object type') end minID, maxID = set_id_boundary(role) # LDAP Filters oc_filter = Net::LDAP::Filter.eq('objectclass', objectclass) attr_filter = Net::LDAP::Filter.eq(ldap_attr, '*') filter = Net::LDAP::Filter.join(oc_filter, attr_filter) highid = minID - 1 #subtract 1, so we can add 1 later id_list = search([ldap_attr], filter) id_list.each do |item| # parse attribute associated with object # users => uidnumber # groups => gidnumber if object_type == 'user' id = item.uidnumber[0].to_i elsif object_type == 'group' id = item.gidnumber[0].to_i else abort('Unknown object') end # Now that we have the appropriate attribute # let's find the first useable id. # I *really* hate the pattern I use here, but # can't think of a better one atm. if id > highid highid = id end if maxID.nil? next else if id > maxID highid = maxID end end end if !highid.nil? id = highid + 1 return id.to_s else abort("Unable to find highest #{ldap_attr}") end end
ldap_config_directory()
click to toggle source
Set LDAP
Config Directory
# File lib/tapjoy/ldap/base.rb, line 27 def ldap_config_directory return "#{ENV['LDAP_CONFIG_DIR'] ? ENV['LDAP_CONFIG_DIR'] : ENV['HOME'] + '/.ldap'}" end
modify(distinguished_name, operations)
click to toggle source
Modify objects in LDAP
# File lib/tapjoy/ldap/base.rb, line 65 def modify(distinguished_name, operations) @conn.modify(:dn => distinguished_name, :operations => operations) return return_result end
replace_attribute(distinguished_name, attribute, value)
click to toggle source
# File lib/tapjoy/ldap/base.rb, line 59 def replace_attribute(distinguished_name, attribute, value) @conn.replace_attribute(distinguished_name, attribute, value) return_result end
return_result()
click to toggle source
Format return codes
# File lib/tapjoy/ldap/base.rb, line 77 def return_result msg1 = "Return Code: #{ @conn.get_operation_result.code }\n" msg2 = "Message: #{ @conn.get_operation_result.message }" return msg1 + msg2 end
search(attributes = ['*'], filter = Net::LDAP::Filter.eq('objectclass','*'))
click to toggle source
Search the LDAP
directory
# File lib/tapjoy/ldap/base.rb, line 32 def search(attributes = ['*'], filter = Net::LDAP::Filter.eq('objectclass','*')) @entries = [] if @conn @conn.search base: @basedn, filter: filter, attributes: attributes do |entry| @entries.push(entry) end else abort('Could not connect to any LDAP servers') end return @entries end
Private Instance Methods
can_read_files?(ldap_config_file, ldap_password_file)
click to toggle source
Check if config files are readable
# File lib/tapjoy/ldap/base.rb, line 217 def can_read_files?(ldap_config_file, ldap_password_file) File.readable?(ldap_config_file) && File.readable?(ldap_password_file) end
find_valid_host()
click to toggle source
Find valid LDAP
host
# File lib/tapjoy/ldap/base.rb, line 159 def find_valid_host @hosts.each do |host| @ldap = ldap_connect(host) begin if @ldap.bind return @ldap else next end rescue Net::LDAP::LdapError next end end abort('Could not connect to any LDAP servers') end
ldap_connect(host)
click to toggle source
Connect to LDAP
server
# File lib/tapjoy/ldap/base.rb, line 148 def ldap_connect(host) auth = { method: :simple, username: @rootdn, password: @ldap_password } Net::LDAP.new(host: host, port: @port, base: @basedn, auth: auth) end
load_config_from_env()
click to toggle source
Load config from ENV
# File lib/tapjoy/ldap/base.rb, line 204 def load_config_from_env raise Tapjoy::LDAP::Errors::UndefinedServers if ENV['LDAP_SERVERS'].nil? @rootdn = ENV['LDAP_BIND_DN'] @basedn = ENV['LDAP_BASE_DN'] @service_ou = ENV['LDAP_SERVICE_OU'] @email_domain = ENV['LDAP_EMAIL_DOMAIN'] @port = ENV['LDAP_PORT'] @ldap_password = ENV['LDAP_BIND_PASS'] @hosts = ENV['LDAP_SERVERS'].split(',') end
load_config_from_files(ldap_config_file, ldap_password_file)
click to toggle source
Load config from files
# File lib/tapjoy/ldap/base.rb, line 192 def load_config_from_files(ldap_config_file, ldap_password_file) ldap_info = YAML.load_file(ldap_config_file) @rootdn = ldap_info['rootdn'] @hosts = ldap_info['servers'] @basedn = ldap_info['basedn'] @service_ou = ldap_info['service_ou'] @email_domain = ldap_info['email_domain'] @port = ldap_info['port'] @ldap_password = File.read(ldap_password_file).chomp end
set_id_boundary(role)
click to toggle source
Set acceptable range for IDs
# File lib/tapjoy/ldap/base.rb, line 176 def set_id_boundary(role) case role when 'user' minID = 10000 maxID = 19999 when 'service' minID = 20000 maxID = nil else abort('Unknown role') end return minID, maxID end