Last active
August 29, 2015 14:02
-
-
Save owen2345/27ac51acde4df0ed8f7c to your computer and use it in GitHub Desktop.
Ruby 2.0 code snippet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'net-ldap' | |
| class CustomActiveDirectory | |
| def initialize(host, port, base, username, pass) | |
| @ldap = connect(host, port, base, username, pass) | |
| end | |
| def connected? | |
| begin | |
| return @ldap.bind | |
| rescue | |
| return false | |
| end | |
| end | |
| def get_users_from_group(group_dn) | |
| filter = Net::LDAP::Filter.eq("memberof", "#{group_dn}") | |
| @ldap.search(:filter => filter) | |
| end | |
| # incomplete, instead this please use find_user(objectClass, "group") | |
| def list_groups | |
| group_filter = Net::LDAP::Filter.eq("objectClass", "group") | |
| proxy_address_filter = Net::LDAP::Filter.eq("proxyAddresses", "*") | |
| composite_filter = Net::LDAP::Filter.join(group_filter, proxy_address_filter) | |
| @ldap.search(:filter => composite_filter) | |
| end | |
| # incomplete, instead this please use find_user(objectClass, "user|person") | |
| def list_users(type = "person") | |
| group_filter = Net::LDAP::Filter.eq("objectClass", type) | |
| proxy_address_filter = Net::LDAP::Filter.eq("proxyAddresses", "*") | |
| composite_filter = Net::LDAP::Filter.join(group_filter, proxy_address_filter) | |
| @ldap.search(:filter => composite_filter) | |
| end | |
| #query => "(&(cn=Adriana Camacho*)(givenName=Adriana))" | |
| #query => "(&(|(sn=Jones)(sn=Edwards))(!(givenName=David)))" | |
| # info: http://search.cpan.org/~oliver/Net-LDAP-FilterBuilder-1.0004/lib/Net/LDAP/FilterBuilder.pm | |
| def find_user(query, attributes = nil, base = nil) | |
| data = {:filter => query.encode('utf-8')} | |
| data[:attributes] = attributes if attributes.present? | |
| data[:base] = base if base.present? | |
| @ldap.search(data) | |
| end | |
| def authentificate(user, pass) | |
| @ldap.auth user, pass | |
| @ldap.bind | |
| end | |
| def connect(host, port, base, username, pass) | |
| ldap = Net::LDAP.new :host => host, | |
| :port => port, | |
| :base => base, | |
| :auth => { :username => username, | |
| :password => pass, | |
| :method => :simple } | |
| ldap | |
| end | |
| end | |
| ######### sample ###### | |
| ad = CustomActiveDirectory.new(main_configuration("host_active_directory"), main_configuration("port_active_directory"), | |
| main_configuration("base_active_directory"), main_configuration("user_active_directory"), | |
| main_configuration("pass_active_directory")) | |
| if ad.connected? && ad.authentificate("#{params[:session][:username]}@megaxine.net", params[:session][:password]) | |
| ad_user = ad.find_user("(samaccountname=#{params[:session][:username]})").first | |
| if ad_user.present? | |
| unless active_directory_add_user(ad, ad_user) | |
| redirect_to action: "signin", error: "Datos incompletos de AD para ingresar al sistema. Por favor reporte este error a su aministrador." | |
| return | |
| end | |
| user = active_directory_get_user(params[:session][:username]) | |
| if user.present? | |
| flash[:notice] = "Sesión iniciada usando su cuenta de Active directory" | |
| do_login_user(user) | |
| else | |
| flash[:notice] = "Usuario logeado en Active directory pero error de acceso al sistema" | |
| redirect_to action: "signin", :redirect_to => session[:return_to] | |
| end | |
| return | |
| end | |
| end | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment