class GitHub::Ldap::Group

This class represents an LDAP group. It encapsulates operations that you can perform against a group, like retrieving its members.

To get a group, you'll need to create a `Ldap` object and then call the method `group` with the name of its base.

For example:

domain = GitHub::Ldap.new(options).group(“cn=enterprise,dc=github,dc=com”)

Constants

GROUP_CLASS_NAMES

Attributes

entry[R]
ldap[R]

Public Class Methods

group?(object_class) click to toggle source

Internal - Check if an object class includes the member names Use `&` rathen than `include?` because both are arrays.

NOTE: object classes are downcased by default in Net::LDAP, so this will fail to match correctly unless we also downcase our group classes.

Returns true if the object class includes one of the group class names.

# File lib/github/ldap/group.rb, line 84
def self.group?(object_class)
  !(GROUP_CLASS_NAMES.map(&:downcase) & object_class.map(&:downcase)).empty?
end
new(ldap, entry) click to toggle source
# File lib/github/ldap/group.rb, line 19
def initialize(ldap, entry)
  @ldap, @entry = ldap, entry
end

Public Instance Methods

group?(object_class) click to toggle source

Internal: Returns true if the object class(es) provided match a group's.

# File lib/github/ldap/group.rb, line 73
def group?(object_class)
  self.class.group?(object_class)
end
group_and_member_entries() click to toggle source

Internal - Inspect the ldap server searching for group and member entries.

Returns two arrays, the first one with subgroups and the second one with users.

# File lib/github/ldap/group.rb, line 127
def group_and_member_entries
  groups, members = groups_and_members
  @all_members = members
  @all_groups  = groups

  cache = load_cache(groups)

  loop_cached_groups(groups, cache) do |subgroups, users|
    @all_groups.concat subgroups
    @all_members.concat users
  end

  @all_members.uniq! {|m| m.dn }

  [@all_groups, @all_members]
end
groups_and_members() click to toggle source

Internal - Divide members of a group in user and subgroups.

Returns two arrays, the first one with subgroups and the second one with users.

# File lib/github/ldap/group.rb, line 120
def groups_and_members
  member_entries.partition {|e| group?(e[:objectclass])}
end
is_member?(user_entry) click to toggle source

Public - Check if a user dn is included in the members of this group and its subgroups.

user_entry: is the user entry to check the membership.

Returns true if the dn is in the list of members.

# File lib/github/ldap/group.rb, line 47
def is_member?(user_entry)
  member_names.include?(user_entry.dn) ||
    members.detect {|entry| entry.dn == user_entry.dn}
end
load_cache(groups) click to toggle source

Internal - Generate a hash with all the group DNs for caching purposes.

groups: is an array of group entries.

Returns a hash with the cache groups.

# File lib/github/ldap/group.rb, line 93
def load_cache(groups)
  groups.each_with_object({}) {|entry, h| h[entry.dn] = true }
end
loop_cached_groups(groups, cache, &block) click to toggle source

Internal - Iterate over a collection of groups recursively. Remove groups already inspected before iterating over subgroups.

groups: is an array of group entries. cache: is a hash where the keys are group dns. block: is a block to call with the groups and members of subgroups.

Returns nothing.

# File lib/github/ldap/group.rb, line 105
def loop_cached_groups(groups, cache, &block)
  groups.each do |result|
    subgroups, members = @ldap.group(result.dn).groups_and_members

    subgroups.delete_if {|entry| cache[entry.dn]}
    subgroups.each {|entry| cache[entry.dn] = true}

    block.call(subgroups, members)
    loop_cached_groups(subgroups, cache, &block)
  end
end
member_entries() click to toggle source

Internal - Get all the member entries for a group.

Returns an array of Net::LDAP::Entry.

# File lib/github/ldap/group.rb, line 56
def member_entries
  @member_entries ||= member_names.each_with_object([]) do |m, a|
    entry = @ldap.domain(m).bind
    a << entry if entry
  end
end
member_names() click to toggle source

Internal - Get all the names under `member` and `uniqueMember`.

Returns an array with all the DN members.

# File lib/github/ldap/group.rb, line 66
def member_names
  MEMBERSHIP_NAMES.each_with_object([]) do |n, cache|
    cache.concat @entry[n]
  end
end
members() click to toggle source

Public - Get all members that belong to a group. This list also includes the members of subgroups.

Returns an array with all the member entries.

# File lib/github/ldap/group.rb, line 27
def members
  return @all_members if @all_members
  group_and_member_entries
  @all_members
end
subgroups() click to toggle source

Public - Get all the subgroups from a group recursively.

Returns an array with all the subgroup entries.

# File lib/github/ldap/group.rb, line 36
def subgroups
  return @all_groups if @all_groups
  group_and_member_entries
  @all_groups
end