##// END OF EJS Templates
jro_apps » redmine
RSS
Adds an optional LDAP filter (#1060)....
Jean-Philippe Lang -
r8924:60741b3e1c02
parent child
Show More
Side by Side Unified
Context file:
r8924:60741b3e1c02 Loading diff...:
Show file before | Show file after | Hide comments
@@ -0,0 +1,9
1 class AddAuthSourcesFilter < ActiveRecord::Migration
2 def self.up
3 add_column :auth_sources, :filter, :string
4 end
5
6 def self.down
7 remove_column :auth_sources, :filter
8 end
9 end
Show file before | Show file after | Hide comments
@@ -21,9 +21,10 require 'net/ldap'
21 21 class AuthSourceLdap < AuthSource
22 22 validates_presence_of :host, :port, :attr_login
23 23 validates_length_of :name, :host, :maximum => 60, :allow_nil => true
24 validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true
24 validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_blank => true
25 25 validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
26 26 validates_numericality_of :port, :only_integer => true
27 validate :validate_filter
27 28
28 29 before_validation :strip_ldap_attributes
29 30
@@ -58,6 +59,20 class AuthSourceLdap < AuthSource
58 59
59 60 private
60 61
62 def ldap_filter
63 if filter.present?
64 Net::LDAP::Filter.construct(filter)
65 end
66 rescue Net::LDAP::LdapError
67 nil
68 end
69
70 def validate_filter
71 if filter.present? && ldap_filter.nil?
72 errors.add(:filter, :invalid)
73 end
74 end
75
61 76 def strip_ldap_attributes
62 77 [:attr_login, :attr_firstname, :attr_lastname, :attr_mail].each do |attr|
63 78 write_attribute(attr, read_attribute(attr).strip) unless read_attribute(attr).nil?
@@ -107,8 +122,13 class AuthSourceLdap < AuthSource
107 122 object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
108 123 attrs = {}
109 124
125 search_filter = object_filter & login_filter
126 if f = ldap_filter
127 search_filter = search_filter & f
128 end
129
110 130 ldap_con.search( :base => self.base_dn,
111 :filter => object_filter & login_filter,
131 :filter => search_filter,
112 132 :attributes=> search_attributes) do |entry|
113 133
114 134 if onthefly_register?
Show file before | Show file after | Hide comments
@@ -23,6 +23,9
23 23 <p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
24 24 <%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
25 25
26 <p><label for="auth_source_custom_filter"><%=l(:field_ldap_filter)%></label>
27 <%= text_field 'auth_source', 'filter', :size => 60 %></p>
28
26 29 <p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
27 30 <%= check_box 'auth_source', 'onthefly_register' %></p>
28 31 </div>
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 ar:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1021,3 +1021,4 bg:
1021 1021 description_date_range_interval: Изберете диапазон чрез задаване на начална и крайна дати
1022 1022 description_date_from: Въведете начална дата
1023 1023 description_date_to: Въведете крайна дата
1024 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1037,3 +1037,4 bs:
1037 1037 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1038 1038 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1039 1039 permission_manage_related_issues: Manage related issues
1040 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1025,3 +1025,4 ca:
1025 1025 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1026 1026 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1027 1027 permission_manage_related_issues: Manage related issues
1028 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1026,3 +1026,4 cs:
1026 1026 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1027 1027 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1028 1028 permission_manage_related_issues: Manage related issues
1029 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1040,3 +1040,4 da:
1040 1040 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1041 1041 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1042 1042 permission_manage_related_issues: Manage related issues
1043 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1043,3 +1043,4 de:
1043 1043 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1044 1044 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1045 1045 permission_manage_related_issues: Manage related issues
1046 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 el:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1025,3 +1025,4 en-GB:
1025 1025 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1026 1026 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1027 1027 permission_manage_related_issues: Manage related issues
1028 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -321,6 +321,7 en:
321 321 field_cvs_module: Module
322 322 field_repository_is_default: Main repository
323 323 field_multiple: Multiple values
324 field_ldap_filter: LDAP filter
324 325
325 326 setting_app_title: Application title
326 327 setting_app_subtitle: Application subtitle
Show file before | Show file after | Hide comments
@@ -1060,3 +1060,4 es:
1060 1060 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1061 1061 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1062 1062 permission_manage_related_issues: Manage related issues
1063 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1039,3 +1039,4 et:
1039 1039 label_export_options: "%{export_format} ekspordi valikud"
1040 1040 label_completed_versions: "Lõpetatud versioonid"
1041 1041 error_attachment_too_big: "Seda faili ei saa üles laadida, kuna ületab maksimumsuurust (%{max_size})"
1042 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1026,3 +1026,4 eu:
1026 1026 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1027 1027 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1028 1028 permission_manage_related_issues: Manage related issues
1029 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1025,3 +1025,4 fa:
1025 1025 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1026 1026 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1027 1027 permission_manage_related_issues: Manage related issues
1028 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1044,3 +1044,4 fi:
1044 1044 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1045 1045 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1046 1046 permission_manage_related_issues: Manage related issues
1047 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -320,6 +320,7 fr:
320 320 field_commit_logs_encoding: Encodage des messages de commit
321 321 field_repository_is_default: Dépôt principal
322 322 field_multiple: Valeurs multiples
323 field_ldap_filter: Filtre LDAP
323 324
324 325 setting_app_title: Titre de l'application
325 326 setting_app_subtitle: Sous-titre de l'application
Show file before | Show file after | Hide comments
@@ -1034,3 +1034,4 gl:
1034 1034 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1035 1035 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1036 1036 permission_manage_related_issues: Manage related issues
1037 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1028,3 +1028,4 he:
1028 1028 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1029 1029 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1030 1030 permission_manage_related_issues: Manage related issues
1031 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1029,3 +1029,4 hr:
1029 1029 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1030 1030 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1031 1031 permission_manage_related_issues: Manage related issues
1032 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1042,3 +1042,4
1042 1042 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1043 1043 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1044 1044 permission_manage_related_issues: Manage related issues
1045 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1029,3 +1029,4 id:
1029 1029 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1030 1030 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1031 1031 permission_manage_related_issues: Manage related issues
1032 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1024,3 +1024,4 it:
1024 1024 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1025 1025 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1026 1026 permission_manage_related_issues: Manage related issues
1027 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1053,3 +1053,4 ja:
1053 1053 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1054 1054 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1055 1055 permission_manage_related_issues: Manage related issues
1056 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1073,3 +1073,4 ko:
1073 1073 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1074 1074 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1075 1075 permission_manage_related_issues: Manage related issues
1076 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1083,3 +1083,4 lt:
1083 1083 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1084 1084 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1085 1085 permission_manage_related_issues: Manage related issues
1086 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1017,3 +1017,4 lv:
1017 1017 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1018 1018 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1019 1019 permission_manage_related_issues: Manage related issues
1020 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 mk:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 mn:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1005,3 +1005,4 nl:
1005 1005 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1006 1006 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1007 1007 permission_manage_related_issues: Manage related issues
1008 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1013,3 +1013,4
1013 1013 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1014 1014 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1015 1015 permission_manage_related_issues: Manage related issues
1016 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1040,3 +1040,4 pl:
1040 1040 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1041 1041 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1042 1042 permission_manage_related_issues: Manage related issues
1043 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1046,3 +1046,4 pt-BR:
1046 1046 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1047 1047 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1048 1048 permission_manage_related_issues: Manage related issues
1049 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1028,3 +1028,4 pt:
1028 1028 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1029 1029 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1030 1030 permission_manage_related_issues: Manage related issues
1031 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1020,3 +1020,4 ro:
1020 1020 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1021 1021 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1022 1022 permission_manage_related_issues: Manage related issues
1023 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1138,3 +1138,4 ru:
1138 1138 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1139 1139 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1140 1140 permission_manage_related_issues: Manage related issues
1141 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 sk:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 sl:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1023,3 +1023,4 sr-YU:
1023 1023 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1024 1024 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1025 1025 permission_manage_related_issues: Manage related issues
1026 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1024,3 +1024,4 sr:
1024 1024 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1025 1025 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1026 1026 permission_manage_related_issues: Manage related issues
1027 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1064,3 +1064,4 sv:
1064 1064 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1065 1065 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1066 1066 permission_manage_related_issues: Manage related issues
1067 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1020,3 +1020,4 th:
1020 1020 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1021 1021 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1022 1022 permission_manage_related_issues: Manage related issues
1023 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1042,3 +1042,4 tr:
1042 1042 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1043 1043 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1044 1044 permission_manage_related_issues: Manage related issues
1045 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1020,3 +1020,4 uk:
1020 1020 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1021 1021 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1022 1022 permission_manage_related_issues: Manage related issues
1023 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1074,3 +1074,4 vi:
1074 1074 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1075 1075 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1076 1076 permission_manage_related_issues: Manage related issues
1077 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1103,3 +1103,4
1103 1103 zero: 0 問題
1104 1104 one: 1 問題
1105 1105 other: "%{count} 問題清單"
1106 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -1025,3 +1025,4 zh:
1025 1025 notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
1026 1026 text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
1027 1027 permission_manage_related_issues: Manage related issues
1028 field_ldap_filter: LDAP filter
Show file before | Show file after | Hide comments
@@ -18,6 +18,7
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class AuthSourceLdapTest < ActiveSupport::TestCase
21 include Redmine::I18n
21 22 fixtures :auth_sources
22 23
23 24 def setup
@@ -44,6 +45,18 class AuthSourceLdapTest < ActiveSupport::TestCase
44 45 assert_equal 389, a.port
45 46 end
46 47
48 def test_filter_should_be_validated
49 set_language_if_valid 'en'
50
51 a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :attr_login => 'sn')
52 a.filter = "(mail=*@redmine.org"
53 assert !a.valid?
54 assert_equal "is invalid", a.errors[:filter].to_s
55
56 a.filter = "(mail=*@redmine.org)"
57 assert a.valid?
58 end
59
47 60 if ldap_configured?
48 61 context '#authenticate' do
49 62 setup do
@@ -83,6 +96,23 class AuthSourceLdapTest < ActiveSupport::TestCase
83 96 end
84 97 end
85 98
99 context 'without filter' do
100 should 'return any user' do
101 assert @auth.authenticate('example1','123456')
102 assert @auth.authenticate('edavis', '123456')
103 end
104 end
105
106 context 'with filter' do
107 setup do
108 @auth.filter = "(mail=*@redmine.org)"
109 end
110
111 should 'return user who matches the filter only' do
112 assert @auth.authenticate('example1','123456')
113 assert_nil @auth.authenticate('edavis', '123456')
114 end
115 end
86 116 end
87 117 else
88 118 puts '(Test LDAP server not configured)'
General Comments 0
You need to be logged in to leave comments. Login now