git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9044 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/1.4.0
@@ -21,9 +21,10 @@ require 'net/ldap' | |||
class AuthSourceLdap < AuthSource | |||
validates_presence_of :host, :port, :attr_login | |||
validates_length_of :name, :host, :maximum => 60, :allow_nil => true | |||
validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true | |||
validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_blank => true | |||
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true | |||
validates_numericality_of :port, :only_integer => true | |||
validate :validate_filter | |||
before_validation :strip_ldap_attributes | |||
@@ -58,6 +59,20 @@ class AuthSourceLdap < AuthSource | |||
private | |||
def ldap_filter | |||
if filter.present? | |||
Net::LDAP::Filter.construct(filter) | |||
end | |||
rescue Net::LDAP::LdapError | |||
nil | |||
end | |||
def validate_filter | |||
if filter.present? && ldap_filter.nil? | |||
errors.add(:filter, :invalid) | |||
end | |||
end | |||
def strip_ldap_attributes | |||
[:attr_login, :attr_firstname, :attr_lastname, :attr_mail].each do |attr| | |||
write_attribute(attr, read_attribute(attr).strip) unless read_attribute(attr).nil? | |||
@@ -107,8 +122,13 @@ class AuthSourceLdap < AuthSource | |||
object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) | |||
attrs = {} | |||
search_filter = object_filter & login_filter | |||
if f = ldap_filter | |||
search_filter = search_filter & f | |||
end | |||
ldap_con.search( :base => self.base_dn, | |||
:filter => object_filter & login_filter, | |||
:filter => search_filter, | |||
:attributes=> search_attributes) do |entry| | |||
if onthefly_register? |
@@ -23,6 +23,9 @@ | |||
<p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label> | |||
<%= text_field 'auth_source', 'base_dn', :size => 60 %></p> | |||
<p><label for="auth_source_custom_filter"><%=l(:field_ldap_filter)%></label> | |||
<%= text_field 'auth_source', 'filter', :size => 60 %></p> | |||
<p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label> | |||
<%= check_box 'auth_source', 'onthefly_register' %></p> | |||
</div> |
@@ -1023,3 +1023,4 @@ ar: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1021,3 +1021,4 @@ bg: | |||
description_date_range_interval: Изберете диапазон чрез задаване на начална и крайна дати | |||
description_date_from: Въведете начална дата | |||
description_date_to: Въведете крайна дата | |||
field_ldap_filter: LDAP filter |
@@ -1037,3 +1037,4 @@ bs: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1025,3 +1025,4 @@ ca: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1026,3 +1026,4 @@ cs: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1040,3 +1040,4 @@ da: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1043,3 +1043,4 @@ de: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ el: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1025,3 +1025,4 @@ en-GB: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -321,6 +321,7 @@ en: | |||
field_cvs_module: Module | |||
field_repository_is_default: Main repository | |||
field_multiple: Multiple values | |||
field_ldap_filter: LDAP filter | |||
setting_app_title: Application title | |||
setting_app_subtitle: Application subtitle |
@@ -1060,3 +1060,4 @@ es: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1039,3 +1039,4 @@ et: | |||
label_export_options: "%{export_format} ekspordi valikud" | |||
label_completed_versions: "Lõpetatud versioonid" | |||
error_attachment_too_big: "Seda faili ei saa üles laadida, kuna ületab maksimumsuurust (%{max_size})" | |||
field_ldap_filter: LDAP filter |
@@ -1026,3 +1026,4 @@ eu: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1025,3 +1025,4 @@ fa: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1044,3 +1044,4 @@ fi: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -320,6 +320,7 @@ fr: | |||
field_commit_logs_encoding: Encodage des messages de commit | |||
field_repository_is_default: Dépôt principal | |||
field_multiple: Valeurs multiples | |||
field_ldap_filter: Filtre LDAP | |||
setting_app_title: Titre de l'application | |||
setting_app_subtitle: Sous-titre de l'application |
@@ -1034,3 +1034,4 @@ gl: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1028,3 +1028,4 @@ he: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1029,3 +1029,4 @@ hr: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1042,3 +1042,4 @@ | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1029,3 +1029,4 @@ id: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1024,3 +1024,4 @@ it: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1053,3 +1053,4 @@ ja: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1073,3 +1073,4 @@ ko: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1083,3 +1083,4 @@ lt: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1017,3 +1017,4 @@ lv: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ mk: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ mn: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1005,3 +1005,4 @@ nl: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1013,3 +1013,4 @@ | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1040,3 +1040,4 @@ pl: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1046,3 +1046,4 @@ pt-BR: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1028,3 +1028,4 @@ pt: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1020,3 +1020,4 @@ ro: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1138,3 +1138,4 @@ ru: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ sk: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ sl: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1023,3 +1023,4 @@ sr-YU: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1024,3 +1024,4 @@ sr: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1064,3 +1064,4 @@ sv: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1020,3 +1020,4 @@ th: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1042,3 +1042,4 @@ tr: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1020,3 +1020,4 @@ uk: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1074,3 +1074,4 @@ vi: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -1103,3 +1103,4 @@ | |||
zero: 0 問題 | |||
one: 1 問題 | |||
other: "%{count} 問題清單" | |||
field_ldap_filter: LDAP filter |
@@ -1025,3 +1025,4 @@ zh: | |||
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it. | |||
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link} | |||
permission_manage_related_issues: Manage related issues | |||
field_ldap_filter: LDAP filter |
@@ -0,0 +1,9 @@ | |||
class AddAuthSourcesFilter < ActiveRecord::Migration | |||
def self.up | |||
add_column :auth_sources, :filter, :string | |||
end | |||
def self.down | |||
remove_column :auth_sources, :filter | |||
end | |||
end |
@@ -18,6 +18,7 @@ | |||
require File.expand_path('../../test_helper', __FILE__) | |||
class AuthSourceLdapTest < ActiveSupport::TestCase | |||
include Redmine::I18n | |||
fixtures :auth_sources | |||
def setup | |||
@@ -44,6 +45,18 @@ class AuthSourceLdapTest < ActiveSupport::TestCase | |||
assert_equal 389, a.port | |||
end | |||
def test_filter_should_be_validated | |||
set_language_if_valid 'en' | |||
a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :attr_login => 'sn') | |||
a.filter = "(mail=*@redmine.org" | |||
assert !a.valid? | |||
assert_equal "is invalid", a.errors[:filter].to_s | |||
a.filter = "(mail=*@redmine.org)" | |||
assert a.valid? | |||
end | |||
if ldap_configured? | |||
context '#authenticate' do | |||
setup do | |||
@@ -83,6 +96,23 @@ class AuthSourceLdapTest < ActiveSupport::TestCase | |||
end | |||
end | |||
context 'without filter' do | |||
should 'return any user' do | |||
assert @auth.authenticate('example1','123456') | |||
assert @auth.authenticate('edavis', '123456') | |||
end | |||
end | |||
context 'with filter' do | |||
setup do | |||
@auth.filter = "(mail=*@redmine.org)" | |||
end | |||
should 'return user who matches the filter only' do | |||
assert @auth.authenticate('example1','123456') | |||
assert_nil @auth.authenticate('edavis', '123456') | |||
end | |||
end | |||
end | |||
else | |||
puts '(Test LDAP server not configured)' |