gitlab-org--gitlab-foss/lib/gitlab/ldap/adapter.rb

96 lines
2.4 KiB
Ruby
Raw Normal View History

module Gitlab
module LDAP
class Adapter
attr_reader :provider, :ldap
def self.open(provider, &block)
Net::LDAP.open(config(provider).adapter_options) do |ldap|
block.call(self.new(provider, ldap))
end
end
def self.config(provider)
Gitlab::LDAP::Config.new(provider)
end
def initialize(provider, ldap=nil)
@provider = provider
@ldap = ldap || Net::LDAP.new(config.adapter_options)
end
def config
Gitlab::LDAP::Config.new(provider)
end
def users(field, value, limit = nil)
if field.to_sym == :dn
options = {
base: value,
scope: Net::LDAP::SearchScope_BaseObject
}
else
options = {
base: config.base,
filter: Net::LDAP::Filter.eq(field, value)
}
end
if config.user_filter.present?
user_filter = Net::LDAP::Filter.construct(config.user_filter)
options[:filter] = if options[:filter]
Net::LDAP::Filter.join(options[:filter], user_filter)
else
user_filter
end
end
if limit.present?
options.merge!(size: limit)
end
2014-05-14 12:10:43 -04:00
entries = ldap_search(options).select do |entry|
entry.respond_to? config.uid
end
entries.map do |entry|
Gitlab::LDAP::Person.new(entry, provider)
end
end
def user(*args)
users(*args).first
end
def dn_matches_filter?(dn, filter)
2015-02-03 00:15:44 -05:00
ldap_search(base: dn,
filter: filter,
scope: Net::LDAP::SearchScope_BaseObject,
attributes: %w{dn}).any?
end
2014-05-14 12:10:43 -04:00
def ldap_search(*args)
2015-12-31 14:22:51 -05:00
# Net::LDAP's `time` argument doesn't work. Use Ruby `Timeout` instead.
Timeout.timeout(config.timeout) do
results = ldap.search(*args)
2014-05-14 12:10:43 -04:00
2015-12-31 14:22:51 -05:00
if results.nil?
response = ldap.get_operation_result
2014-05-14 12:10:43 -04:00
2015-12-31 14:22:51 -05:00
unless response.code.zero?
Rails.logger.warn("LDAP search error: #{response.message}")
end
2014-05-14 12:10:43 -04:00
2015-12-31 14:22:51 -05:00
[]
else
results
end
2014-05-14 12:10:43 -04:00
end
2015-12-31 14:22:51 -05:00
rescue Timeout::Error
Rails.logger.warn("LDAP search timed out after #{config.timeout} seconds")
[]
2014-05-14 12:10:43 -04:00
end
end
end
end