diff options
author | Marius Mathiesen <marius@gitorious.org> | 2012-05-31 13:13:42 (GMT) |
---|---|---|
committer | Marius Mathiesen <marius@gitorious.org> | 2012-10-08 07:41:30 (GMT) |
commit | f8dbda61883bc40d557d180a121cd6a75cdf2fcf (patch) | |
tree | 46420bc10279cf847329df9e8bf738f6919f0434 /lib | |
parent | b41f7afd6988c815ecc045da1d7ddaef09b6704c (diff) |
Match LDAP-provided membership DNs to (internal) LdapGroups
LDAP returns a list of groups a user is member of while Gitorious matches these DNs
to those LdapGroup objects registered with these DNs set up
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitorious/authorization/ldap/connection.rb | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/lib/gitorious/authorization/ldap/connection.rb b/lib/gitorious/authorization/ldap/connection.rb new file mode 100644 index 0000000..6ed814b --- /dev/null +++ b/lib/gitorious/authorization/ldap/connection.rb @@ -0,0 +1,55 @@ + # encoding: utf-8 +#-- +# Copyright (C) 2012 Gitorious AS +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +#++ +module Gitorious + module Authorization + module LDAP + class Connection + attr_reader :options + + def initialize(options) + @options = options + end + + def bind_as(bind_user_dn, bind_user_pass) + connection = Net::LDAP.new({:host => options[:host], :port => options[:port], :encryption => options[:encryption]}) + connection.auth(bind_user_dn, bind_user_pass) + begin + if connection.bind + yield BoundConnection.new(connection) + connection.close + end + rescue Net::LDAP::LdapError => e + raise LdapError, "Unable to connect to the LDAP server on #{options[:host]}:#{options[:port]}. Are you sure the LDAP server is running?" + end + end + + class BoundConnection + def initialize(native_connection) + @native_connection = native_connection + end + + def search(options) + @native_connection.search(options) + end + end + + class LdapError < StandardError;end + end + end + end +end |