Adding the ability to do templated values for ldap.

socialcast · Feb 1, 2012 · 0cd7b55 · 0cd7b55
1 parent a1492e7
commit 0cd7b55
Show file tree

Hide file tree

Showing 6 changed files with 118 additions and 5 deletions.
diff --git a/config/ldap.yml b/config/ldap.yml
@@ -34,6 +34,15 @@ mappings:
   # employee_number: emp_id
   # only use unique_identifier if you do not wish to use email as the main user identification method
   # unique_identifier: samaccountname
+  # To combine multiple ldap attributes into one Socialcast attribute use the following pattern
+  # The key is the socialcast attribute and the value is a hash.  The hash requires a key of value
+  # which will use the other keys to interpolate the values.
+  # location:
+  #   value: "%{city}, %{state} %{zip}"
+  #   city: city
+  #   state: state
+  #   zip: zipcode
+
 
 
 # Map LDAP Group Memberships to Socialcast Permissions

diff --git a/lib/ext/string_ext.rb b/lib/ext/string_ext.rb
@@ -0,0 +1,13 @@
+if RUBY_VERSION < '1.9.2'
+  class String
+    old_format = instance_method(:%)
+
+    define_method(:%) do |arg|
+      if arg.is_a?(Hash)
+        self.gsub(/%\{(.*?)\}/) { arg[$1.to_sym] }
+      else
+        old_format.bind(self).call(arg)
+      end
+    end
+  end
+end
diff --git a/lib/socialcast.rb b/lib/socialcast.rb
@@ -1,6 +1,7 @@
 require 'yaml'
 require 'fileutils'
 require File.join(File.dirname(__FILE__), 'ext', 'array_ext') unless Array.respond_to?(:wrap)
+require File.join(File.dirname(__FILE__), 'ext', 'string_ext')
 
 module Socialcast
   class << self

diff --git a/lib/socialcast/net_ldap_ext.rb b/lib/socialcast/net_ldap_ext.rb
@@ -5,7 +5,13 @@ class Net::LDAP::Entry
   # grab a *single* value of an attribute
   # abstracts away ldap multivalue attributes
   def grab(attribute)
-    Array.wrap(self[attribute]).compact.first
+    case attribute
+    when Hash
+      value = attribute.delete("value")
+      value % Hash[attribute.map {|k,v| [k, grab(v)]}].symbolize_keys
+    else
+      Array.wrap(self[attribute]).compact.first
+    end
   end
 
   def build_xml_from_mappings(user, mappings = {}, permission_mappings = {})

diff --git a/spec/cli_spec.rb b/spec/cli_spec.rb
@@ -6,8 +6,10 @@
     # Expects -u=emily@socialcast.com -p=demo --domain=demo.socialcast.com
     context 'with a basic message' do
       before do
-        stub_request(:post, "https://emily%40socialcast.com:demo@demo.socialcast.com/api/messages.xml").
-                 with(:body => /<message-type.*nil="true">.*testing/m).
+        File.stub(:open).with(/credentials.yml/).and_yield(File.read(File.join(File.dirname(__FILE__), 'fixtures', 'credentials.yml')))
+        stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
+                 with(:body => /message\_type\"\:null/).
+                 with(:body => /testing/).
                  to_return(:status => 200, :body => "", :headers => {})
 
         Socialcast::CLI.start ['share', 'testing']
@@ -19,8 +21,10 @@
 
     context 'with a message_type message' do
       before do
-        stub_request(:post, "https://emily%40socialcast.com:demo@demo.socialcast.com/api/messages.xml").
-                 with(:body => /<message-type>review_request<\/message-type>.*please review/m).
+        File.stub(:open).with(/credentials.yml/).and_yield(File.read(File.join(File.dirname(__FILE__), 'fixtures', 'credentials.yml')))
+        stub_request(:post, "https://ryan%40socialcast.com:foo@test.staging.socialcast.com/api/messages.json").
+                 with(:body => /message\_type\"\:review\_request/).
+                 with(:body => /please\sreview/).
                  to_return(:status => 200, :body => "", :headers => {})
 
         Socialcast::CLI.start ['share', 'please review', '--message_type=review_request']
@@ -194,4 +198,27 @@
       end
     end
   end
+  context 'with ldap.yml configuration including template value' do
+    before do
+      @entry = Net::LDAP::Entry.new("dc=example,dc=com")
+      @entry[:mail] = 'ryan@example.com'
+      @entry[:l] = 'San Francisco'
+      @entry[:co] = 'USA'
+
+      Net::LDAP.any_instance.stub(:search).and_yield(@entry)
+
+      @result = ''
+      Zlib::GzipWriter.stub(:open).and_yield(@result)
+      File.stub(:open).with(/ldap.yml/).and_yield(File.read(File.join(File.dirname(__FILE__), 'fixtures', 'ldap_with_interpolated_values.yml')))
+      File.stub(:open).with(/users.xml.gz/, anything).and_yield(@result)
+      File.stub(:open).with(/credentials.yml/).and_yield(File.read(File.join(File.dirname(__FILE__), 'fixtures', 'credentials.yml')))
+
+      RestClient::Resource.any_instance.stub(:post)
+
+      Socialcast::CLI.start ['provision', '-c', 'spec/fixtures/ldap.yml']
+    end
+    it 'formats l and co according to template' do
+      @result.should =~ %r{<location>San Francisco, USA</location>}
+    end
+  end
 end
diff --git a/spec/fixtures/ldap_with_interpolated_values.yml b/spec/fixtures/ldap_with_interpolated_values.yml
@@ -0,0 +1,57 @@
+--- 
+# LDAP connections
+connections:
+  example_connection_1:
+    username: "cn=Directory Manager"
+    password: "test"
+    host: localhost
+    port: 1389
+    basedn: "dc=example,dc=com"
+    filter: "(mail=*)"
+
+
+# LDAP attribute mappings
+mappings: 
+  first_name: givenName
+  last_name: sn
+  email: mail
+  location:
+    value: "%{city}, %{country}"
+    city: l
+    country: co
+  # only use employee_number if the email is unknown
+  # employee_number: emp_id
+  # only use unique_identifier if you do not wish to use email as the main user identification method
+  # unique_identifier: samaccountname
+
+
+# Map LDAP Group Memberships to Socialcast Permissions
+# permission_mappings:
+#   # configure LDAP field for group memberships (ex: memberof, isMemberOf, etc)
+#   attribute_name: isMemberOf
+#   account_types:
+#     external: "cn=External,dc=example,dc=com"
+#   roles:
+#     tenant_admin: "cn=Admins,dc=example,dc=com"
+#     sbi_admin: "cn=SbiAdmins,dc=example,dc=com"
+#     reach_admin: "cn=ReachAdmins,dc=example,dc=com"
+#     town_hall_admin: "cn=TownHallAdmins,dc=example,dc=com"
+
+
+# general script options
+options:
+  # cleanup the extracted ldap data file after run is complete
+  delete_users_file: false
+  # skip sending emails to newly activated users
+  skip_emails: true
+  # do not actually provision accounts
+  # useful during testing
+  test: true
+
+
+# http options for connecting to Socialcast servers
+http:
+  timeout: 660
+  # optional setting if script must connect to Socialcast server through a proxy
+  # proxy: "http://username:password@proxy.company.com:3128"
+