|
#--
|
|
# LdapShadows, a Medium-level LDAP Access Library and Tool.
|
|
# Copyright (c) 2009 Marc Dequènes (Duck) <Duck@DuckCorp.org>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#++
|
|
|
|
|
|
module LdapShadows
|
|
class LdapObject < ActiveLdap::Base
|
|
class_inheritable_accessor :handle, :presentation, :mapper, :relations_info
|
|
|
|
ldap_mapping :prefix => '', :classes => ['top'], :scope => :sub
|
|
|
|
OPERATIONAL_ATTRIBUTES = ['creatorsName', 'createTimestamp', 'modifiersName', 'modifyTimestamp', 'structuralObjectClass', 'entryUUID']
|
|
|
|
# temporary method until active_ldap is fixed: return a DN object (see #23932)
|
|
def dn_obj
|
|
ActiveLdap::DistinguishedName.parse(self.dn)
|
|
end
|
|
|
|
def self.find(*args)
|
|
obj_stuff = super(*args)
|
|
if obj_stuff.is_a? Array
|
|
obj_list = obj_stuff
|
|
else
|
|
obj_list = [obj_stuff]
|
|
end
|
|
obj_list.each do |obj|
|
|
obj.load_initial_attribute_list
|
|
end
|
|
return obj_stuff
|
|
end
|
|
|
|
def load_initial_attribute_list
|
|
@initial_attribute_list ||= self.attributes.keys
|
|
end
|
|
|
|
def name
|
|
name = self[dn_attribute].is_a?(Array) ? self[dn_attribute][0] : self[dn_attribute]
|
|
name.strip
|
|
end
|
|
|
|
def validate_required_ldap_values
|
|
_schema = nil
|
|
# Make sure all MUST attributes have a value
|
|
entry_attribute.object_classes.each do |object_class|
|
|
object_class.must.each do |required_attribute|
|
|
# Normalize to ensure we catch schema problems
|
|
# needed?
|
|
real_name = to_real_attribute_name(required_attribute.name, true)
|
|
raise UnknownAttribute.new(required_attribute) if real_name.nil?
|
|
|
|
next if required_attribute.read_only?
|
|
|
|
value = @data[real_name] || []
|
|
next unless self.class.blank_value?(value)
|
|
|
|
# Duck: hack
|
|
next unless @initial_attribute_list.include?(real_name)
|
|
|
|
_schema ||= schema
|
|
aliases = required_attribute.aliases.collect do |name|
|
|
self.class.human_attribute_name(name)
|
|
end
|
|
args = [self.class.human_object_class_name(object_class)]
|
|
if aliases.empty?
|
|
format = _("%{fn} is required attribute by objectClass '%s'")
|
|
else
|
|
format = _("%{fn} is required attribute by objectClass " \
|
|
"'%s': aliases: %s")
|
|
args << aliases.join(', ')
|
|
end
|
|
unless ActiveLdap.get_text_supported?
|
|
format = format.sub(/^%\{fn\} /, '')
|
|
end
|
|
errors.add(real_name, format % args)
|
|
end
|
|
end
|
|
end
|
|
|
|
def human_name
|
|
[self.class.presentation[:name_attribute], 'displayName', 'cn'].each do |attr|
|
|
if attr == 'dn' or (self.has_attribute?(attr) and self.attribute_present?(attr))
|
|
val = self.send(attr)
|
|
name = val.is_a?(Array) ? val[0] : val
|
|
return name.strip
|
|
end
|
|
end
|
|
return ""
|
|
end
|
|
|
|
def description
|
|
[self.class.presentation[:desc_attribute], 'description'].each do |attr|
|
|
if self.has_attribute?(attr) and self.attribute_present?(attr)
|
|
return self[attr].is_a?(Array) ? self[attr][0] : self[attr]
|
|
end
|
|
end
|
|
return ""
|
|
end
|
|
|
|
def possible_relations
|
|
self.associations.collect {|assoc| assoc.to_s } - ['children']
|
|
end
|
|
|
|
def relations
|
|
rel_list = []
|
|
|
|
rel_list += self.class.presentation[:associated_relations] if self.class.presentation[:associated_relations]
|
|
|
|
aspects.each do |aspect|
|
|
aspect_data = self.class.mapper.get_aspect(aspect)
|
|
if defined?(aspect_data[:presentation][:associated_relations]) and aspect_data[:presentation][:associated_relations]
|
|
rel_list += aspect_data[:presentation][:associated_relations]
|
|
end
|
|
end
|
|
|
|
rel_list & possible_relations
|
|
end
|
|
|
|
def self.possible_aspects
|
|
return [] unless self.presentation[:allowed_aspects]
|
|
self.presentation[:allowed_aspects].collect{|key| key.to_s }.sort
|
|
end
|
|
|
|
def aspects
|
|
present_aspects = []
|
|
(self.class.presentation[:allowed_aspects] || []).each do |aspect|
|
|
aspect_data = self.class.mapper.get_aspect(aspect)
|
|
aspect_mapping = aspect_data[:mapping]
|
|
present_aspects << aspect if self.classes & aspect_mapping[:classes] == aspect_mapping[:classes]
|
|
end
|
|
|
|
present_aspects
|
|
end
|
|
|
|
def objectclasses_attr_list(objectclass_list)
|
|
objectclass_list = [objectclass_list] unless objectclass_list.is_a? Array
|
|
list = []
|
|
objectclass_list.each do |objectclass|
|
|
objectclass_obj = ActiveLdap::Base.schema.object_class(objectclass)
|
|
attr_list = objectclass_obj.must + objectclass_obj.may
|
|
list += attr_list.collect{|attr| attr.human_attribute_name }
|
|
end
|
|
list
|
|
end
|
|
|
|
def info_for_relation(rel)
|
|
return nil unless self.relations.include?(rel)
|
|
|
|
self.relations_info[rel.to_sym]
|
|
end
|
|
|
|
def organized_data
|
|
expert_attributes = (self.class.presentation[:expert_attributes] || []) + OPERATIONAL_ATTRIBUTES
|
|
|
|
ignored_attrs = self.mapper.get_global_config[:hidden_attributes] || []
|
|
ignored_attrs += self.class.presentation[:hidden_attributes] || []
|
|
attr_list = self.attributes.keys - ignored_attrs
|
|
|
|
aspects = self.aspects
|
|
rel_list = self.possible_relations
|
|
|
|
# first pass to take aspects forced relations into account
|
|
obj_aspects = {}
|
|
aspects.each do |aspect|
|
|
aspect_data = self.class.mapper.get_aspect(aspect)
|
|
|
|
if defined?(aspect_data[:presentation][:associated_attributes]) and aspect_data[:presentation][:associated_attributes]
|
|
taken_attr_list = aspect_data[:presentation][:associated_attributes] & (attr_list + ignored_attrs)
|
|
unless taken_attr_list.empty?
|
|
obj_aspects[aspect] ||= {}
|
|
obj_aspects[aspect].merge!(fetch_attributes_data(taken_attr_list, expert_attributes))
|
|
attr_list -= taken_attr_list
|
|
end
|
|
end
|
|
|
|
if defined?(aspect_data[:presentation][:associated_relations]) and aspect_data[:presentation][:associated_relations]
|
|
taken_rel_list = aspect_data[:presentation][:associated_relations] & rel_list
|
|
unless taken_rel_list.empty?
|
|
obj_aspects[aspect] ||= {}
|
|
obj_aspects[aspect].merge!(fetch_relations_data(taken_rel_list, expert_attributes))
|
|
rel_list -= taken_rel_list
|
|
end
|
|
end
|
|
end
|
|
|
|
# manage general attributes
|
|
obj_info = {}
|
|
if self.class.presentation[:associate_unclaimed_attributes]
|
|
taken_attr_list = attr_list
|
|
else
|
|
taken_attr_list = []
|
|
if self.class.presentation.has_key?(:associated_attributes)
|
|
taken_attr_list += self.class.presentation[:associated_attributes]
|
|
end
|
|
taken_attr_list += objectclasses_attr_list(self.required_classes + (self.class.presentation[:optional_classes] || []))
|
|
end
|
|
taken_attr_list = taken_attr_list.uniq & attr_list
|
|
obj_info = fetch_attributes_data(taken_attr_list, expert_attributes)
|
|
attr_list -= taken_attr_list
|
|
|
|
# manage general relations
|
|
if self.class.presentation[:associated_relations]
|
|
taken_rel_list = self.class.presentation[:associated_relations] & rel_list
|
|
unless taken_rel_list.empty?
|
|
obj_info.merge!(fetch_relations_data(taken_rel_list, expert_attributes))
|
|
rel_list -= taken_rel_list
|
|
end
|
|
end
|
|
|
|
# second pass to dispath the remaining attributes
|
|
unless attr_list.empty?
|
|
aspects.each do |aspect|
|
|
aspect_data = self.class.mapper.get_aspect(aspect)
|
|
|
|
taken_attr_list = (objectclasses_attr_list(aspect_data[:mapping][:classes]) & attr_list)
|
|
obj_aspects[aspect] ||= {}
|
|
obj_aspects[aspect].merge!(fetch_attributes_data(taken_attr_list, expert_attributes))
|
|
attr_list -= taken_attr_list
|
|
|
|
break if attr_list.empty?
|
|
end
|
|
end
|
|
|
|
[obj_info, obj_aspects]
|
|
end
|
|
|
|
def family_parent_dn
|
|
pdn = self.dn_obj.dup
|
|
pdn.shift
|
|
pdn
|
|
end
|
|
|
|
def family_children
|
|
LdapObject.find(:all, :base => self.dn, :scope => :one)
|
|
end
|
|
|
|
def family_children_dn
|
|
self.family_children.collect {|obj| obj.dn }
|
|
end
|
|
|
|
def family_siblings
|
|
# cannot substract, as the ruby object signature may be different
|
|
LdapObject.find(:all, :base => self.family_parent_dn.to_s, :scope => :one).select{|obj| obj.dn != self.dn }
|
|
end
|
|
|
|
def family_siblings_dn
|
|
self.family_siblings.collect {|obj| obj.dn }
|
|
end
|
|
|
|
def modified_attributes
|
|
list = []
|
|
prepare_data_for_saving do |data, ldap_data|
|
|
list = collect_modified_attributes(ldap_data, data)
|
|
false
|
|
end
|
|
list
|
|
end
|
|
|
|
protected
|
|
|
|
def fetch_attributes_data(attr_list, expert_attributes)
|
|
attr_data = self.attributes.collect do |key, val|
|
|
if attr_list.include?(key)
|
|
[key, {
|
|
:value => val,
|
|
:multiple => (val.is_a?(Array) ? val.size : 1),
|
|
:expert => expert_attributes.include?(key),
|
|
:binary => ActiveLdap::Base.schema.attribute(key).binary?
|
|
}]
|
|
else
|
|
nil
|
|
end
|
|
end
|
|
Hash[attr_data.compact]
|
|
end
|
|
|
|
def fetch_relations_data(rel_list, expert_attributes)
|
|
rel_data = rel_list.collect do |rel|
|
|
data = self.send(rel).collect{|g| g.name }
|
|
if data.empty?
|
|
nil
|
|
else
|
|
["rel:" + rel, {
|
|
:value => data,
|
|
:multiple => (data.size > 1),
|
|
:expert => expert_attributes.include?("rel:" + rel),
|
|
:binary => false
|
|
}]
|
|
end
|
|
end
|
|
Hash[rel_data.compact]
|
|
end
|
|
end
|
|
end
|
|
|