-
-
Save norrs/25e3df445eff2ab6a460 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/redmine--backup/app/models/auth_source_ldap.rb b/redmine-1.0.2/app/models/auth_source_ldap.rb | |
index d2a7e70..71f9465 100644 | |
--- a/redmine--backup/app/models/auth_source_ldap.rb | |
+++ b/redmine-1.0.2/app/models/auth_source_ldap.rb | |
@@ -21,7 +21,7 @@ require 'iconv' | |
class AuthSourceLdap < AuthSource | |
validates_presence_of :host, :port, :attr_login | |
validates_length_of :name, :host, :account_password, :maximum => 60, :allow_nil => true | |
- validates_length_of :account, :base_dn, :maximum => 255, :allow_nil => true | |
+ validates_length_of :account, :base_dn, :group_base_dn, :maximum => 255, :allow_nil => true | |
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true | |
validates_numericality_of :port, :only_integer => true | |
@@ -37,12 +37,64 @@ class AuthSourceLdap < AuthSource | |
if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password) | |
logger.debug "Authentication successful for '#{login}'" if logger && logger.debug? | |
+ group_create(login) | |
return attrs.except(:dn) | |
end | |
rescue Net::LDAP::LdapError => text | |
raise "LdapError: " + text | |
end | |
+ def group_create(login) | |
+ ldap_con = initialize_ldap_con(self.account, self.account_password) | |
+ if self.group_base_dn != "" | |
+ @redminegroups = Group.find(:all) | |
+ @userdetails = User.find(:first, :conditions => "login = '#{login}'") | |
+ | |
+ | |
+ # Removing user from all groups | |
+ # @todo add exception list which is manually organized inside redmine.. | |
+ for i in @redminegroups | |
+ i.user_ids = i.user_ids - [@userdetails.id] | |
+ unless i.save | |
+ logger.debug "couldnt cleanup '#{@userdetails.login}' from '#{i.lastname}'" if logger | |
+ end | |
+ end | |
+ | |
+ # Search for ldap groups that the user is in | |
+ ldap_con.search( :base => self.group_base_dn, | |
+ :filter => Net::LDAP::Filter.eq("memberUid", login), | |
+ :attributes => [ "cn" ]) do |entry| | |
+ # look to see if the group exists | |
+ # then add it if it doesn't | |
+ @matchinggroups = Group.find(:all, :conditions => "lastname = '#{entry.cn}'") | |
+ | |
+ if @matchinggroups.length == 0 | |
+ @group = Group.new(:lastname => "#{entry.cn}") | |
+ | |
+ unless @group.save | |
+ logger.debug "group '#{entry.cn}' save didn't work" if logger && logger.debug? | |
+ end | |
+ end | |
+ | |
+ # look to see if the user is a member of the group | |
+ # and add them if they are not | |
+ | |
+ @currentgroup = Group.find(:first, :conditions => "lastname = '#{entry.cn}'") | |
+ | |
+ if !@currentgroup.user_ids.include?(@userdetails.id) | |
+ # add the user to the group | |
+ | |
+ @currentgroup.user_ids = @currentgroup.user_ids + [@userdetails.id] | |
+ | |
+ unless @currentgroup.save | |
+ logger.debug "user NOT added to group" if logger && logger.debug? | |
+ end | |
+ end | |
+ | |
+ end | |
+ end | |
+ end | |
+ | |
# test the connection to the LDAP | |
def test_connection | |
ldap_con = initialize_ldap_con(self.account, self.account_password) | |
diff --git a/redmine--backup/app/views/ldap_auth_sources/_form.rhtml b/redmine-1.0.2/app/views/ldap_auth_sources/_form.rhtml | |
index 9ffffaf..a15d06a 100644 | |
--- a/redmine--backup/app/views/ldap_auth_sources/_form.rhtml | |
+++ b/redmine-1.0.2/app/views/ldap_auth_sources/_form.rhtml | |
@@ -23,6 +23,9 @@ | |
<p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label> | |
<%= text_field 'auth_source', 'base_dn', :size => 60 %></p> | |
+<p><label for="auth_source_group_base_dn"><%=l(:field_group_base_dn)%></label> | |
+<%= text_field 'auth_source', 'group_base_dn', :size => 60 %></p> | |
+ | |
<p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label> | |
<%= check_box 'auth_source', 'onthefly_register' %></p> | |
</div> | |
diff --git a/redmine--backup/config/locales/en.yml b/redmine-1.0.2/config/locales/en.yml | |
index c1befee..bc730ec 100644 | |
--- a/redmine--backup/config/locales/en.yml | |
+++ b/redmine-1.0.2/config/locales/en.yml | |
@@ -260,6 +260,7 @@ en: | |
field_attr_firstname: Firstname attribute | |
field_attr_lastname: Lastname attribute | |
field_attr_mail: Email attribute | |
+ field_group_base_dn: Base DN for groups | |
field_onthefly: On-the-fly user creation | |
field_start_date: Start | |
field_done_ratio: % Done | |
diff --git a/dev/null b/redmine-1.0.2/db/migrate/20100125132612_add_group_base_dn_to_auth_sources.rb | |
new file mode 100644 | |
index 0000000..9c583c2 | |
--- /dev/null | |
+++ b/redmine-1.0.2/db/migrate/20100125132612_add_group_base_dn_to_auth_sources.rb | |
@@ -0,0 +1,9 @@ | |
+class AddGroupBaseDnToAuthSources < ActiveRecord::Migration | |
+ def self.up | |
+ add_column :auth_sources, :group_base_dn, :string, :limit => 255 | |
+ end | |
+ | |
+ def self.down | |
+ remove_column :auth_sources, :group_base_dn | |
+ end | |
+end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment