Skip to content

Instantly share code, notes, and snippets.

@norrs
Created Oct 21, 2010
Embed
What would you like to do?
diff --git a/redmine--backup/app/models/auth_source_ldap.rb b/redmine-1.0.2/app/models/auth_source_ldap.rb
index d2a7e70..71f9465 100644
--- a/redmine--backup/app/models/auth_source_ldap.rb
+++ b/redmine-1.0.2/app/models/auth_source_ldap.rb
@@ -21,7 +21,7 @@ require 'iconv'
class AuthSourceLdap < AuthSource
validates_presence_of :host, :port, :attr_login
validates_length_of :name, :host, :account_password, :maximum => 60, :allow_nil => true
- validates_length_of :account, :base_dn, :maximum => 255, :allow_nil => true
+ validates_length_of :account, :base_dn, :group_base_dn, :maximum => 255, :allow_nil => true
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
validates_numericality_of :port, :only_integer => true
@@ -37,12 +37,64 @@ class AuthSourceLdap < AuthSource
if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
+ group_create(login)
return attrs.except(:dn)
end
rescue Net::LDAP::LdapError => text
raise "LdapError: " + text
end
+ def group_create(login)
+ ldap_con = initialize_ldap_con(self.account, self.account_password)
+ if self.group_base_dn != ""
+ @redminegroups = Group.find(:all)
+ @userdetails = User.find(:first, :conditions => "login = '#{login}'")
+
+
+ # Removing user from all groups
+ # @todo add exception list which is manually organized inside redmine..
+ for i in @redminegroups
+ i.user_ids = i.user_ids - [@userdetails.id]
+ unless i.save
+ logger.debug "couldnt cleanup '#{@userdetails.login}' from '#{i.lastname}'" if logger
+ end
+ end
+
+ # Search for ldap groups that the user is in
+ ldap_con.search( :base => self.group_base_dn,
+ :filter => Net::LDAP::Filter.eq("memberUid", login),
+ :attributes => [ "cn" ]) do |entry|
+ # look to see if the group exists
+ # then add it if it doesn't
+ @matchinggroups = Group.find(:all, :conditions => "lastname = '#{entry.cn}'")
+
+ if @matchinggroups.length == 0
+ @group = Group.new(:lastname => "#{entry.cn}")
+
+ unless @group.save
+ logger.debug "group '#{entry.cn}' save didn't work" if logger && logger.debug?
+ end
+ end
+
+ # look to see if the user is a member of the group
+ # and add them if they are not
+
+ @currentgroup = Group.find(:first, :conditions => "lastname = '#{entry.cn}'")
+
+ if !@currentgroup.user_ids.include?(@userdetails.id)
+ # add the user to the group
+
+ @currentgroup.user_ids = @currentgroup.user_ids + [@userdetails.id]
+
+ unless @currentgroup.save
+ logger.debug "user NOT added to group" if logger && logger.debug?
+ end
+ end
+
+ end
+ end
+ end
+
# test the connection to the LDAP
def test_connection
ldap_con = initialize_ldap_con(self.account, self.account_password)
diff --git a/redmine--backup/app/views/ldap_auth_sources/_form.rhtml b/redmine-1.0.2/app/views/ldap_auth_sources/_form.rhtml
index 9ffffaf..a15d06a 100644
--- a/redmine--backup/app/views/ldap_auth_sources/_form.rhtml
+++ b/redmine-1.0.2/app/views/ldap_auth_sources/_form.rhtml
@@ -23,6 +23,9 @@
<p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
<%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
+<p><label for="auth_source_group_base_dn"><%=l(:field_group_base_dn)%></label>
+<%= text_field 'auth_source', 'group_base_dn', :size => 60 %></p>
+
<p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
<%= check_box 'auth_source', 'onthefly_register' %></p>
</div>
diff --git a/redmine--backup/config/locales/en.yml b/redmine-1.0.2/config/locales/en.yml
index c1befee..bc730ec 100644
--- a/redmine--backup/config/locales/en.yml
+++ b/redmine-1.0.2/config/locales/en.yml
@@ -260,6 +260,7 @@ en:
field_attr_firstname: Firstname attribute
field_attr_lastname: Lastname attribute
field_attr_mail: Email attribute
+ field_group_base_dn: Base DN for groups
field_onthefly: On-the-fly user creation
field_start_date: Start
field_done_ratio: % Done
diff --git a/dev/null b/redmine-1.0.2/db/migrate/20100125132612_add_group_base_dn_to_auth_sources.rb
new file mode 100644
index 0000000..9c583c2
--- /dev/null
+++ b/redmine-1.0.2/db/migrate/20100125132612_add_group_base_dn_to_auth_sources.rb
@@ -0,0 +1,9 @@
+class AddGroupBaseDnToAuthSources < ActiveRecord::Migration
+ def self.up
+ add_column :auth_sources, :group_base_dn, :string, :limit => 255
+ end
+
+ def self.down
+ remove_column :auth_sources, :group_base_dn
+ end
+end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment