60 lines
1.3 KiB
Ruby
60 lines
1.3 KiB
Ruby
module Gitlab
|
|
module LDAP
|
|
class Person
|
|
# Active Directory-specific LDAP filter that checks if bit 2 of the
|
|
# userAccountControl attribute is set.
|
|
# Source: http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/
|
|
AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", "2")
|
|
|
|
def self.find_by_uid(uid, adapter=nil)
|
|
adapter ||= Gitlab::LDAP::Adapter.new
|
|
adapter.user(config.uid, uid)
|
|
end
|
|
|
|
def self.find_by_dn(dn, adapter=nil)
|
|
adapter ||= Gitlab::LDAP::Adapter.new
|
|
adapter.user('dn', dn)
|
|
end
|
|
|
|
def self.active_directory_disabled?(dn, adapter=nil)
|
|
adapter ||= Gitlab::LDAP::Adapter.new
|
|
adapter.dn_matches_filter?(dn, AD_USER_DISABLED)
|
|
end
|
|
|
|
def initialize(entry)
|
|
Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
|
|
@entry = entry
|
|
end
|
|
|
|
def name
|
|
entry.cn.first
|
|
end
|
|
|
|
def uid
|
|
entry.send(config.uid).first
|
|
end
|
|
|
|
def username
|
|
uid
|
|
end
|
|
|
|
def dn
|
|
entry.dn
|
|
end
|
|
|
|
private
|
|
|
|
def entry
|
|
@entry
|
|
end
|
|
|
|
def adapter
|
|
@adapter ||= Gitlab::LDAP::Adapter.new
|
|
end
|
|
|
|
def config
|
|
@config ||= Gitlab.config.ldap
|
|
end
|
|
end
|
|
end
|
|
end
|