summaryrefslogtreecommitdiffstats
path: root/app/models
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2012-12-26 11:23:53 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2012-12-26 11:23:53 +0000
commit7b8ebb7e3ffc62e28396fadbd009216eb0e53c5f (patch)
tree43269790cccebe4e886064e897b9cb0d59edb31b /app/models
parenteba4efc9d0ad6222818a32a5bac2190cef0d45b0 (diff)
downloadredmine-7b8ebb7e3ffc62e28396fadbd009216eb0e53c5f.tar.gz
redmine-7b8ebb7e3ffc62e28396fadbd009216eb0e53c5f.zip
Auto-populate fields while creating a new user with LDAP (#10286).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11080 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models')
-rw-r--r--app/models/auth_source.rb18
-rw-r--r--app/models/auth_source_ldap.rb42
2 files changed, 53 insertions, 7 deletions
diff --git a/app/models/auth_source.rb b/app/models/auth_source.rb
index 784415863..d7098d5cb 100644
--- a/app/models/auth_source.rb
+++ b/app/models/auth_source.rb
@@ -48,6 +48,24 @@ class AuthSource < ActiveRecord::Base
write_ciphered_attribute(:account_password, arg)
end
+ def searchable?
+ false
+ end
+
+ def self.search(q)
+ results = []
+ AuthSource.all.each do |source|
+ begin
+ if source.searchable?
+ results += source.search(q)
+ end
+ rescue AuthSourceException => e
+ logger.error "Error while searching users in #{source.name}: #{e.message}"
+ end
+ end
+ results
+ end
+
def allow_password_changes?
self.class.allow_password_changes?
end
diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb
index 5a32ffc2a..71625dd6b 100644
--- a/app/models/auth_source_ldap.rb
+++ b/app/models/auth_source_ldap.rb
@@ -64,6 +64,32 @@ class AuthSourceLdap < AuthSource
"LDAP"
end
+ # Returns true if this source can be searched for users
+ def searchable?
+ !account.to_s.include?("$login") && %w(login firstname lastname mail).all? {|a| send("attr_#{a}?")}
+ end
+
+ # Searches the source for users and returns an array of results
+ def search(q)
+ q = q.to_s.strip
+ return [] unless searchable? && q.present?
+
+ results = []
+ search_filter = base_filter & Net::LDAP::Filter.begins(self.attr_login, q)
+ ldap_con = initialize_ldap_con(self.account, self.account_password)
+ ldap_con.search(:base => self.base_dn,
+ :filter => search_filter,
+ :attributes => ['dn', self.attr_login, self.attr_firstname, self.attr_lastname, self.attr_mail],
+ :size => 10) do |entry|
+ attrs = get_user_attributes_from_ldap_entry(entry)
+ attrs[:login] = AuthSourceLdap.get_attr(entry, self.attr_login)
+ results << attrs
+ end
+ results
+ rescue Net::LDAP::LdapError => e
+ raise AuthSourceException.new(e.message)
+ end
+
private
def with_timeout(&block)
@@ -84,6 +110,14 @@ class AuthSourceLdap < AuthSource
nil
end
+ def base_filter
+ filter = Net::LDAP::Filter.eq("objectClass", "*")
+ if f = ldap_filter
+ filter = filter & f
+ end
+ filter
+ end
+
def validate_filter
if filter.present? && ldap_filter.nil?
errors.add(:filter, :invalid)
@@ -140,14 +174,8 @@ class AuthSourceLdap < AuthSource
else
ldap_con = initialize_ldap_con(self.account, self.account_password)
end
- login_filter = Net::LDAP::Filter.eq( self.attr_login, login )
- object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
attrs = {}
-
- search_filter = object_filter & login_filter
- if f = ldap_filter
- search_filter = search_filter & f
- end
+ search_filter = base_filter & Net::LDAP::Filter.eq(self.attr_login, login)
ldap_con.search( :base => self.base_dn,
:filter => search_filter,