BigW Consortium Gitlab

person.rb 1.29 KB
Newer Older
1 2 3
module Gitlab
  module LDAP
    class Person
4 5 6
      # Active Directory-specific LDAP filter that checks if bit 2 of the
      # userAccountControl attribute is set.
      # Source: http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/
7
      AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", "2")
8

9 10 11
      attr_accessor :entry, :provider

      def self.find_by_uid(uid, adapter)
12
        uid = Net::LDAP::Filter.escape(uid)
13
        adapter.user(adapter.config.uid, uid)
14 15
      end

16
      def self.find_by_dn(dn, adapter)
17
        adapter.user('dn', dn)
18 19
      end

20
      def self.disabled_via_active_directory?(dn, adapter)
21 22 23
        adapter.dn_matches_filter?(dn, AD_USER_DISABLED)
      end

24
      def initialize(entry, provider)
25 26
        Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
        @entry = entry
27
        @provider = provider
28 29 30 31 32 33 34 35 36 37 38 39 40 41
      end

      def name
        entry.cn.first
      end

      def uid
        entry.send(config.uid).first
      end

      def username
        uid
      end

42 43 44 45
      def email
        entry.try(:mail)
      end

46 47 48 49 50 51 52 53 54 55 56
      def dn
        entry.dn
      end

      private

      def entry
        @entry
      end

      def config
57
        @config ||= Gitlab::LDAP::Config.new(provider)
58 59 60 61
      end
    end
  end
end