BigW Consortium Gitlab

person.rb 1.83 KB
Newer Older
1 2 3
module Gitlab
  module LDAP
    class Person
4 5 6
      # Active Directory-specific LDAP filter that checks if bit 2 of the
      # userAccountControl attribute is set.
      # Source: http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/
7
      AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", "2")
8

9 10 11
      attr_accessor :entry, :provider

      def self.find_by_uid(uid, adapter)
12
        uid = Net::LDAP::Filter.escape(uid)
13
        adapter.user(adapter.config.uid, uid)
14 15
      end

16
      def self.find_by_dn(dn, adapter)
17
        adapter.user('dn', dn)
18 19
      end

20
      def self.disabled_via_active_directory?(dn, adapter)
21 22 23
        adapter.dn_matches_filter?(dn, AD_USER_DISABLED)
      end

24
      def initialize(entry, provider)
25 26
        Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
        @entry = entry
27
        @provider = provider
28 29 30
      end

      def name
31
        attribute_value(:name).first
32 33 34 35 36 37 38 39 40 41
      end

      def uid
        entry.send(config.uid).first
      end

      def username
        uid
      end

42
      def email
43
        attribute_value(:email)
44 45
      end

Douwe Maan committed
46
      delegate :dn, to: :entry
47 48 49 50 51 52 53 54

      private

      def entry
        @entry
      end

      def config
55
        @config ||= Gitlab::LDAP::Config.new(provider)
56
      end
57 58 59 60 61 62

      # Using the LDAP attributes configuration, find and return the first
      # attribute with a value. For example, by default, when given 'email',
      # this method looks for 'mail', 'email' and 'userPrincipalName' and
      # returns the first with a value.
      def attribute_value(attribute)
63
        attributes = Array(config.attributes[attribute.to_s])
64 65 66 67
        selected_attr = attributes.find { |attr| entry.respond_to?(attr) }

        return nil unless selected_attr

68
        entry.public_send(selected_attr)
69
      end
70 71 72
    end
  end
end