Permalink
Browse files

Convert leading tabs to spaces

  • Loading branch information...
hube committed Apr 13, 2012
1 parent 316ef32 commit a884425db5cf070aec226ce05d9053d7789c2223
Showing with 43 additions and 43 deletions.
  1. +43 −43 lib/devise_ldap_authenticatable/ldap_adapter.rb
@@ -3,29 +3,29 @@
module Devise
module LdapAdapter
-
+
def self.valid_credentials?(login, password_plaintext)
- options = {:login => login,
- :password => password_plaintext,
+ options = {:login => login,
+ :password => password_plaintext,
:ldap_auth_username_builder => ::Devise.ldap_auth_username_builder,
:admin => ::Devise.ldap_use_admin_to_bind}
-
+
resource = LdapConnect.new(options)
resource.authorized?
end
-
+
def self.update_password(login, new_password)
options = {:login => login,
:new_password => new_password,
:ldap_auth_username_builder => ::Devise.ldap_auth_username_builder,
:admin => ::Devise.ldap_use_admin_to_bind}
-
+
resource = LdapConnect.new(options)
- resource.change_password! if new_password.present?
+ resource.change_password! if new_password.present?
end
def self.ldap_connect(login)
- options = {:login => login,
+ options = {:login => login,
:ldap_auth_username_builder => ::Devise.ldap_auth_username_builder,
:admin => ::Devise.ldap_use_admin_to_bind}
@@ -39,7 +39,7 @@ def self.valid_login?(login)
def self.get_groups(login)
self.ldap_connect(login).user_groups
end
-
+
def self.get_dn(login)
self.ldap_connect(login).dn
end
@@ -69,13 +69,13 @@ def initialize(params = {})
@ldap.base = ldap_config["base"]
@attribute = ldap_config["attribute"]
@ldap_auth_username_builder = params[:ldap_auth_username_builder]
-
+
@group_base = ldap_config["group_base"]
- @required_groups = ldap_config["required_groups"]
+ @required_groups = ldap_config["required_groups"]
@required_attributes = ldap_config["require_attribute"]
-
- @ldap.auth ldap_config["admin_user"], ldap_config["admin_password"] if params[:admin]
-
+
+ @ldap.auth ldap_config["admin_user"], ldap_config["admin_password"] if params[:admin]
+
@login = params[:login]
@password = params[:password]
@new_password = params[:new_password]
@@ -91,12 +91,12 @@ def dn
end
end
- def ldap_param_value(param)
- filter = Net::LDAP::Filter.eq(@attribute.to_s, @login.to_s)
+ def ldap_param_value(param)
+ filter = Net::LDAP::Filter.eq(@attribute.to_s, @login.to_s)
ldap_entry = nil
@ldap.search(:filter => filter) {|entry| ldap_entry = entry}
- if ldap_entry
+ if ldap_entry
if ldap_entry[param]
DeviseLdapAuthenticatable::Logger.send("Requested param #{param} has value #{ldap_entry.send(param)}")
value = ldap_entry.send(param)
@@ -110,8 +110,8 @@ def ldap_param_value(param)
DeviseLdapAuthenticatable::Logger.send("Requested ldap entry does not exist")
value = nil
end
- end
-
+ end
+
def authenticate!
@ldap.auth(dn, @password)
@ldap.bind
@@ -120,24 +120,24 @@ def authenticate!
def authenticated?
authenticate!
end
-
+
def authorized?
DeviseLdapAuthenticatable::Logger.send("Authorizing user #{dn}")
authenticated? && in_required_groups? && has_required_attribute?
end
-
+
def change_password!
update_ldap(:userpassword => Net::LDAP::Password.generate(:sha, @new_password))
end
- def in_required_groups?
+ def in_required_groups?
return true unless ::Devise.ldap_check_group_membership
-
+
## FIXME set errors here, the ldap.yml isn't set properly.
- return false if @required_groups.nil?
-
+ return false if @required_groups.nil?
+
admin_ldap = LdapConnect.admin
-
+
for group in @required_groups
if group.is_a?(Array)
group_attribute, group_name = group
@@ -155,37 +155,37 @@ def in_required_groups?
else
# AD optimization - extension will recursively check sub-groups with one query
# "(memberof:1.2.840.113556.1.4.1941:=group_name)"
- search_result = admin_ldap.search(:base => dn,
+ search_result = admin_ldap.search(:base => dn,
:filter => Net::LDAP::Filter.ex("memberof:1.2.840.113556.1.4.1941", group_name),
- :scope => Net::LDAP::SearchScope_BaseObject)
+ :scope => Net::LDAP::SearchScope_BaseObject)
# Will return the user entry if belongs to group otherwise nothing
unless search_result.length == 1 && search_result[0].dn.eql?(dn)
DeviseLdapAuthenticatable::Logger.send("User #{dn} is not in group: #{group_name }")
return false
end
end
end
-
+
return true
end
-
+
def has_required_attribute?
return true unless ::Devise.ldap_check_attributes
-
+
admin_ldap = LdapConnect.admin
-
+
user = find_ldap_user(admin_ldap)
-
+
@required_attributes.each do |key,val|
unless user[key].include? val
DeviseLdapAuthenticatable::Logger.send("User #{dn} did not match attribute #{key}:#{val}")
- return false
+ return false
end
end
-
+
return true
end
-
+
def user_groups
admin_ldap = LdapConnect.admin
@@ -208,25 +208,25 @@ def search_for_login
@ldap.search(:filter => filter) {|entry| ldap_entry = entry}
ldap_entry
end
-
+
private
-
+
def self.admin
ldap = LdapConnect.new(:admin => true).ldap
-
+
unless ldap.bind
DeviseLdapAuthenticatable::Logger.send("Cannot bind to admin LDAP user")
raise DeviseLdapAuthenticatable::LdapException, "Cannot connect to admin LDAP user"
end
-
+
return ldap
end
-
+
def find_ldap_user(ldap)
DeviseLdapAuthenticatable::Logger.send("Finding user: #{dn}")
ldap.search(:base => dn, :scope => Net::LDAP::SearchScope_BaseObject).try(:first)
end
-
+
def update_ldap(ops)
operations = []
if ops.is_a? Hash
@@ -238,7 +238,7 @@ def update_ldap(ops)
end
admin_ldap = LdapConnect.admin
-
+
DeviseLdapAuthenticatable::Logger.send("Modifying user #{dn}")
admin_ldap.modify(:dn => dn, :operations => operations)
end

0 comments on commit a884425

Please sign in to comment.