Permalink
Browse files

Fixes issue 176

LDAP auth support.


git-svn-id: http://ovz-web-panel.googlecode.com/svn/trunk@822 5ed322ce-bccc-11de-a0e9-83d03c287164
  • Loading branch information...
1 parent 081c29e commit 8eb2f34b5dd639bf18f8584fdac2d37f470aece4 sibprogrammer committed Jan 19, 2011
@@ -15,5 +15,9 @@ def imenu_link_to(title, options = {}, icon = '')
title = icon + '<span class="name">' + h(title) + '</span><span class="arrow"></span>'
'<li class="menu">' + link_to(title, options) + '</li>'
end
+
+ def external_auth?
+ AppConfig.ldap.enabled
+ end
end
View
@@ -24,8 +24,19 @@ class User < ActiveRecord::Base
def self.authenticate(login, password)
return nil if login.blank? || password.blank?
- u = find_by_login(login.downcase) # need to get the salt
- u && u.authenticated?(password) ? u : nil
+ u = find_by_login(login.downcase)
+ u && u.auth?(password) ? u : nil
+ end
+
+ def auth?(password)
+ if AppConfig.ldap.enabled
+ require 'net/ldap'
+ ldap = Net::LDAP.new :host => AppConfig.ldap.host
+ ldap.auth AppConfig.ldap.login_pattern.sub('<login>', login), password
+ ldap.bind || authenticated?(password)
+ else
+ authenticated?(password)
+ end
end
def login=(value)
@@ -35,6 +46,11 @@ def login=(value)
def superadmin?
can_manage_hardware_servers?
end
+
+ def password_required?
+ external_auth = AppConfig.ldap.enabled
+ !external_auth && (crypted_password.blank? || !password.blank?)
+ end
def can_control(server)
superadmin? or (server.user and (server.user.id == self.id))
@@ -25,7 +25,7 @@ Ext.onReady(function() {
name: 'login',
xtype: ('add' == mode) ? 'textfield' : 'displayfield',
allowBlank: ('edit' == mode)
- }, {
+ }, <% if !external_auth? %> {
fieldLabel: '<%= tjs('admin.users.form.create.field.password') %>',
name: 'password',
inputType: 'password',
@@ -35,7 +35,7 @@ Ext.onReady(function() {
name: 'password_confirmation',
inputType: 'password',
allowBlank: ('edit' == mode)
- }, {
+ }, <% end -%> {
fieldLabel: '<%= tjs('admin.users.form.create.field.contact_name') %>',
name: 'contact_name',
inputType: 'textfield'
@@ -18,7 +18,7 @@
fieldLabel: '<%= tjs('admin.my_profile.user_name') %>',
value: '<%= escape_javascript @current_user.login %>',
xtype: 'displayfield'
- }, {
+ }, <% if @current_user.superadmin? || !external_auth? %> {
fieldLabel: '<%= tjs('admin.my_profile.current_password') %>',
name: 'current_password',
inputType: 'password'
@@ -30,7 +30,7 @@
fieldLabel: '<%= tjs('admin.my_profile.confirm_password') %>',
name: 'password_confirmation',
inputType: 'password'
- }, {
+ }, <% end -%> {
fieldLabel: '<%= tjs('admin.my_profile.contact_name') %>',
name: 'contact_name',
inputType: 'textfield',
@@ -48,7 +48,12 @@
'locale' => {
'default' => 'en',
'single' => false,
- }
+ },
+ 'ldap' => {
+ 'enabled' => false,
+ 'host' => 'example.com',
+ 'login_pattern' => 'uid=<login>,ou=people,dc=example,dc=com',
+ },
}
def hashes2ostruct(object)
@@ -0,0 +1,79 @@
+--- !ruby/object:Gem::Specification
+name: ruby-net-ldap
+version: !ruby/object:Gem::Version
+ version: 0.0.4
+platform: ruby
+authors:
+- Francis Cianfrocca
+autorequire:
+bindir: bin
+cert_chain:
+date: 2006-08-15 00:00:00 +07:00
+default_executable:
+dependencies: []
+
+description: Net::LDAP is an LDAP support library written in pure Ruby. It supports all LDAP client features, and a subset of server features as well.
+email: garbagecat10@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files:
+- README
+- ChangeLog
+- LICENCE
+- COPYING
+files:
+- README
+- LICENCE
+- ChangeLog
+- COPYING
+- tests/testfilter.rb
+- tests/testpsw.rb
+- tests/testem.rb
+- tests/testdata.ldif
+- tests/testber.rb
+- tests/testldif.rb
+- tests/testldap.rb
+- lib/net
+- lib/net/ber.rb
+- lib/net/ldap.rb
+- lib/net/ldap
+- lib/net/ldif.rb
+- lib/net/ldap/filter.rb
+- lib/net/ldap/entry.rb
+- lib/net/ldap/psw.rb
+- lib/net/ldap/dataset.rb
+- lib/net/ldap/pdu.rb
+has_rdoc: true
+homepage: http://rubyforge.org/projects/net-ldap
+post_install_message:
+rdoc_options:
+- --title
+- Net::LDAP
+- --main
+- README
+- --line-numbers
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">"
+ - !ruby/object:Gem::Version
+ version: 0.0.0
+ version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">="
+ - !ruby/object:Gem::Version
+ version: "0"
+ version:
+requirements: []
+
+rubyforge_project: net-ldap
+rubygems_version: 1.3.1
+signing_key:
+specification_version: 1
+summary: A pure Ruby LDAP client library.
+test_files:
+- tests/testem.rb
Oops, something went wrong.

0 comments on commit 8eb2f34

Please sign in to comment.