kolan
/
Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Refactor: Extract #get_user_dn from AuthSourceLdap. 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3454 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Eric Davis 2010-02-19 17:00:49 +00:00
parent d828122009
commit c6b2f1d606
1 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
app/models/auth_source_ldap.rb
View File

@ -33,22 +33,9 @@ class AuthSourceLdap < AuthSource
def authenticate(login, password) def authenticate(login, password)
return nil if login.blank? || password.blank? return nil if login.blank? || password.blank?
attrs = [] attrs = get_user_dn(login)
# get user's DN
ldap_con = initialize_ldap_con(self.account, self.account_password) if attrs.first && attrs.first[:dn] && authenticate_dn(attrs.first[:dn], password)
login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
dn = String.new
ldap_con.search( :base => self.base_dn,
:filter => object_filter & login_filter,
:attributes=> search_attributes) do |entry|
dn = entry.dn
attrs = get_user_attributes_from_ldap_entry(entry) if onthefly_register?
logger.debug "DN found for #{login}: #{dn}" if logger && logger.debug?
end
if authenticate_dn(dn, password)
logger.debug "Authentication successful for '#{login}'" if logger && logger.debug? logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
return attrs return attrs
end end
@ -87,6 +74,7 @@ class AuthSourceLdap < AuthSource
def get_user_attributes_from_ldap_entry(entry) def get_user_attributes_from_ldap_entry(entry)
[ [
:dn => entry.dn,
:firstname => AuthSourceLdap.get_attr(entry, self.attr_firstname), :firstname => AuthSourceLdap.get_attr(entry, self.attr_firstname),
:lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname), :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname),
:mail => AuthSourceLdap.get_attr(entry, self.attr_mail), :mail => AuthSourceLdap.get_attr(entry, self.attr_mail),
@ -110,6 +98,29 @@ class AuthSourceLdap < AuthSource
initialize_ldap_con(dn, password).bind initialize_ldap_con(dn, password).bind
end end
end end
# Get the user's dn and any attributes for them, given their login
def get_user_dn(login)
ldap_con = initialize_ldap_con(self.account, self.account_password)
login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
attrs = []
ldap_con.search( :base => self.base_dn,
:filter => object_filter & login_filter,
:attributes=> search_attributes) do |entry|
if onthefly_register?
attrs = get_user_attributes_from_ldap_entry(entry)
else
attrs = [:dn => entry.dn]
end
logger.debug "DN found for #{login}: #{attrs.first[:dn]}" if logger && logger.debug?
end
attrs
end
def self.get_attr(entry, attr_name) def self.get_attr(entry, attr_name)
if !attr_name.blank? if !attr_name.blank?