[asl-commit] ActiveSambaLdap (trunk) r88:
null at cozmixng.org
null at cozmixng.org
Fri Aug 3 22:52:33 EDT 2007
retro 2007-08-04 11:52:31 +0900 (Sat, 04 Aug 2007)
New Revision: 88
Copied files:
trunk/lib/active_samba_ldap/account_entry.rb
(from rev 81, trunk/lib/active_samba_ldap/account.rb)
trunk/lib/active_samba_ldap/computer_account_entry.rb
(from rev 81, trunk/lib/active_samba_ldap/computer_account.rb)
trunk/lib/active_samba_ldap/samba_account_entry.rb
(from rev 85, trunk/lib/active_samba_ldap/samba_account.rb)
trunk/lib/active_samba_ldap/user_account_entry.rb
(from rev 81, trunk/lib/active_samba_ldap/user_account.rb)
Removed files:
trunk/lib/active_samba_ldap/account.rb
trunk/lib/active_samba_ldap/computer_account.rb
trunk/lib/active_samba_ldap/samba_account.rb
trunk/lib/active_samba_ldap/user_account.rb
Modified files:
trunk/lib/active_samba_ldap/computer.rb
trunk/lib/active_samba_ldap/user.rb
Log:
Modified: trunk/lib/active_samba_ldap/user.rb (+6 -6)
===================================================================
--- trunk/lib/active_samba_ldap/user.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/user.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,9 +1,9 @@
require 'active_samba_ldap/base'
require 'active_samba_ldap/entry'
require 'active_samba_ldap/samba_entry'
-require 'active_samba_ldap/account'
-require 'active_samba_ldap/user_account'
-require 'active_samba_ldap/samba_account'
+require 'active_samba_ldap/account_entry'
+require 'active_samba_ldap/user_account_entry'
+require 'active_samba_ldap/samba_account_entry'
module ActiveSambaLdap
class User < Base
@@ -12,9 +12,9 @@
include Entry
include SambaEntry
- include Account
- include UserAccount
- include SambaAccount
+ include AccountEntry
+ include UserAccountEntry
+ include SambaAccountEntry
def fill_default_values(options={})
result = super
Copied: trunk/lib/active_samba_ldap/samba_account_entry.rb (+225 -0)
===================================================================
--- trunk/lib/active_samba_ldap/samba_account.rb 2007-04-27 15:25:44 +09:00 (rev 85)
+++ trunk/lib/active_samba_ldap/samba_account_entry.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -0,0 +1,225 @@
+module ActiveSambaLdap
+ module SambaAccountEntry
+ def self.included(base)
+ super
+ base.extend(ClassMethods)
+ end
+
+ # from source/include/rpc_misc.c in Samba
+ DOMAIN_ADMIN_RID = 0x000001F4
+ DOMAIN_GUEST_RID = 0x000001F5
+
+ # from source/rpc_server/srv_util.c in Samba
+ DOMAIN_ADMIN_NAME = "Administrator"
+ DOMAIN_GUEST_NAME = "Guest"
+
+ WELL_KNOWN_RIDS = []
+ WELL_KNOWN_NAMES = []
+ constants.each do |name|
+ case name
+ when /_RID$/
+ WELL_KNOWN_RIDS << const_get(name)
+ when /_NAME$/
+ WELL_KNOWN_NAMES << const_get(name)
+ end
+ end
+
+ # FAR_FUTURE_TIME = Time.parse("2050/01/01").to_i.to_s
+ FAR_FUTURE_TIME = Time.parse("2038/01/19").to_i.to_s
+ ACCOUNT_FLAGS_RE = /\A\[([NDHTUMWSLXI ]+)\]\z/
+
+ module ClassMethods
+ def samba_object_class
+ "sambaSamAccount"
+ end
+
+ def uid2rid(uid)
+ uid = Integer(uid)
+ if WELL_KNOWN_RIDS.include?(uid)
+ uid
+ else
+ 2 * uid + 1000
+ end
+ end
+
+ def rid2uid(rid)
+ rid = Integer(rid)
+ if WELL_KNOWN_RIDS.include?(rid)
+ rid
+ else
+ (Integer(rid) - 1000) / 2
+ end
+ end
+
+ def start_rid
+ uid2rid(start_uid)
+ end
+
+ private
+ def default_recommended_classes
+ super + [samba_object_class]
+ end
+
+ def primary_group_options(options)
+ super.merge(:extend => PrimaryGroupProxy)
+ end
+
+ module PrimaryGroupProxy
+ def replace(entry)
+ result = super
+ return result unless @owner.samba_available?
+
+ if @target and @target.samba_available?
+ if @target.samba_sid.to_s.empty?
+ raise GroupDoesNotHaveSambaSID.new(@target.gid_number)
+ end
+ @owner.samba_primary_group_sid = @target.samba_sid
+ else
+ @owner.samba_primary_group_sid = nil
+ end
+
+ result
+ end
+ end
+ end
+
+ def fill_default_values(options={})
+ result = super
+ return result unless samba_available?
+
+ self.samba_logon_time ||= "0"
+ self.samba_logoff_time ||= FAR_FUTURE_TIME
+ self.samba_kickoff_time ||= nil
+
+ password = options[:password]
+ change_samba_password(password) if password
+ self.samba_lm_password ||= "XXX"
+ self.samba_nt_password ||= "XXX"
+ self.samba_pwd_last_set ||= "0"
+
+ account_flags_is_not_set = samba_acct_flags.nil?
+ self.samba_acct_flags ||= default_account_flags
+
+ can_change_password = options[:can_change_password]
+ if can_change_password
+ self.enable_password_change
+ elsif account_flags_is_not_set or can_change_password == false
+ self.disable_password_change
+ end
+
+ must_change_password = options[:must_change_password]
+ if must_change_password
+ self.enable_forcing_password_change
+ elsif account_flags_is_not_set or must_change_password == false
+ self.disable_forcing_password_change
+ end
+
+ enable_account = options[:enable]
+ if enable_account
+ self.enable
+ elsif account_flags_is_not_set or enable_account == false
+ self.disable
+ end
+
+ self
+ end
+
+ def change_uid_number(uid, allow_non_unique=false)
+ result = super
+ return result unless samba_available?
+
+ rid = self.class.uid2rid(uid_number.to_s)
+ change_sid(rid, allow_non_unique)
+ end
+
+ def change_uid_number_by_rid(rid, allow_non_unique=false)
+ assert_samba_available
+ change_uid_number(self.class.rid2uid(rid), allow_non_unique)
+ end
+
+ def change_sid(rid, allow_non_unique=false)
+ assert_samba_available
+ sid = "#{self.class.configuration[:sid]}-#{rid}"
+ # check_unique_sid_number(sid) unless allow_non_unique
+ self.samba_sid = sid
+ end
+
+ def rid
+ assert_samba_available
+ Integer(samba_sid.split(/-/).last)
+ end
+
+ def change_samba_password(password)
+ assert_samba_available
+ self.samba_lm_password = Samba::Encrypt.lm_hash(password)
+ self.samba_nt_password = Samba::Encrypt.ntlm_hash(password)
+ self.samba_pwd_last_set = Time.now.to_i.to_s
+ end
+
+ def enable_password_change
+ assert_samba_available
+ self.samba_pwd_can_change = "0"
+ end
+
+ def disable_password_change
+ assert_samba_available
+ self.samba_pwd_can_change = FAR_FUTURE_TIME
+ end
+
+ def can_change_password?
+ assert_samba_available
+ samba_pwd_can_change.nil? or
+ Time.at(samba_pwd_can_change.to_i) <= Time.now
+ end
+
+ def enable_forcing_password_change
+ assert_samba_available
+ self.samba_pwd_must_change = "0"
+ if /X/ =~ samba_acct_flags.to_s
+ self.samba_acct_flags = samba_acct_flags.sub(/X/, '')
+ end
+ if samba_pwd_last_set.to_i.zero?
+ self.samba_pwd_last_set = FAR_FUTURE_TIME
+ end
+ end
+
+ def disable_forcing_password_change
+ assert_samba_available
+ self.samba_pwd_must_change = FAR_FUTURE_TIME
+ end
+
+ def must_change_password?
+ assert_samba_available
+ !(/X/ =~ samba_acct_flags.to_s or
+ samba_pwd_must_change.nil? or
+ Time.at(samba_pwd_must_change.to_i) > Time.now)
+ end
+
+ def enable
+ assert_samba_available
+ if /D/ =~ samba_acct_flags.to_s
+ self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
+ end
+ end
+
+ def disable
+ assert_samba_available
+ flags = ""
+ if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
+ flags = $1
+ return if /D/ =~ flags
+ end
+ self.samba_acct_flags = "[D#{flags}]"
+ end
+
+ def enabled?
+ assert_samba_available
+ !disabled?
+ end
+
+ def disabled?
+ assert_samba_available
+ (/D/ =~ samba_acct_flags.to_s) ? true : false
+ end
+ end
+end
Deleted: trunk/lib/active_samba_ldap/computer_account.rb (+0 -34)
===================================================================
--- trunk/lib/active_samba_ldap/computer_account.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/computer_account.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,34 +0,0 @@
-module ActiveSambaLdap
- module ComputerAccount
- NAME_RE = /\A#{Account::NAME_RE_SRC}\$\z/
-
- def self.included(base)
- super
- base.extend(ClassMethods)
- base.validates_format_of :uid, :with => NAME_RE
- end
-
- module ClassMethods
- def valid_name?(name)
- NAME_RE =~ name ? true : false
- end
-
- private
- def default_prefix
- configuration[:computers_suffix]
- end
- end
-
- def remove_from_group(group)
- group.computers.delete(self)
- end
-
- def default_gid_number
- self.class.configuration[:default_computer_gid]
- end
-
- def created_group_name
- super.sub(/\$$/, '')
- end
- end
-end
Copied: trunk/lib/active_samba_ldap/computer_account_entry.rb (+34 -0)
===================================================================
--- trunk/lib/active_samba_ldap/computer_account.rb 2007-04-27 14:07:04 +09:00 (rev 81)
+++ trunk/lib/active_samba_ldap/computer_account_entry.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -0,0 +1,34 @@
+module ActiveSambaLdap
+ module ComputerAccountEntry
+ NAME_RE = /\A#{AccountEntry::NAME_RE_SRC}\$\z/
+
+ def self.included(base)
+ super
+ base.extend(ClassMethods)
+ base.validates_format_of :uid, :with => NAME_RE
+ end
+
+ module ClassMethods
+ def valid_name?(name)
+ NAME_RE =~ name ? true : false
+ end
+
+ private
+ def default_prefix
+ configuration[:computers_suffix]
+ end
+ end
+
+ def remove_from_group(group)
+ group.computers.delete(self)
+ end
+
+ def default_gid_number
+ self.class.configuration[:default_computer_gid]
+ end
+
+ def created_group_name
+ super.sub(/\$$/, '')
+ end
+ end
+end
Deleted: trunk/lib/active_samba_ldap/account.rb (+0 -206)
===================================================================
--- trunk/lib/active_samba_ldap/account.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/account.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,206 +0,0 @@
-require 'time'
-require 'fileutils'
-require 'English'
-
-require 'active_samba_ldap/base'
-
-module ActiveSambaLdap
- module Account
- NAME_RE_SRC = "(?!\\d)[\\w @_\\-\\.]+"
-
- def self.included(base)
- super
- base.extend(ClassMethods)
- end
-
- module ClassMethods
- def ldap_mapping(options={})
- options = default_options.merge(options)
- super(extract_ldap_mapping_options(options))
- belongs_to :primary_group, primary_group_options(options)
- belongs_to :groups, groups_options(options)
- end
-
- def find_by_uid_number(number)
- options = {:objects => true}
- attribute = "uidNumber"
- value = Integer(number)
- find(:first, :filter => "(#{attribute}=#{value})")
- end
-
- private
- def default_options
- {
- :dn_attribute => "uid",
- :ldap_scope => :sub,
- :primary_group_class => default_group_class,
- :primary_group_foreign_key => "gidNumber",
- :primary_group_primary_key => "gidNumber",
- :groups_class => default_group_class,
- :groups_many => "memberUid",
- :prefix => default_prefix,
- :classes => default_classes,
- :recommended_classes => default_recommended_classes,
- }
- end
-
- def default_group_class
- "Group"
- end
-
- def default_classes
- ["top", "inetOrgPerson", "posixAccount"]
- end
-
- def default_recommended_classes
- []
- end
-
- def primary_group_options(options)
- {
- :class => options[:primary_group_class],
- :foreign_key => options[:primary_group_foreign_key],
- :primary_key => options[:primary_group_primary_key],
- }
- end
-
- def groups_options(options)
- {
- :class => options[:groups_class],
- :many => options[:groups_many],
- }
- end
-
- def prepare_create_options(account, options)
- prepare_create_options_for_number(:uid_number, account, options)
- end
- end
-
- def fill_default_values(options={})
- self.cn ||= uid
- self.sn ||= uid
- self.given_name ||= uid
- self.display_name ||= cn
- self.gecos ||= substituted_value(:user_gecos) {cn}
- self.home_directory ||= substituted_value(:user_home_directory)
- self.login_shell ||= self.class.configuration[:user_login_shell]
-
- password = options[:password]
- change_password(password) if password
- self.user_password ||= "{crypt}x"
-
- uid_number = options[:uid_number]
- self.change_uid_number(uid_number) if uid_number
-
- group = options[:group] || retrieve_default_group(options)
- self.primary_group = group if group
-
- self
- end
-
- def destroy(options={})
- if options[:removed_from_group]
- groups.each do |group|
- remove_from_group(group)
- end
- end
- dir = home_directory
- need_remove_home_directory =
- options[:remove_home_directory] && !new_entry?
- super()
- if need_remove_home_directory and File.directory?(dir)
- if options[:remove_home_directory_interactive]
- system("rm", "-r", "-i", dir)
- else
- FileUtils.rm_r(dir)
- end
- end
- new_entry?
- end
-
- def change_uid_number(uid, allow_non_unique=false)
- check_unique_uid_number(uid) unless allow_non_unique
- self.uid_number = Integer(uid).to_s
- end
-
- def change_password(password)
- hash_type = self.class.configuration[:password_hash_type]
- hashed_password = ActiveLdap::UserPassword.__send__(hash_type, password)
- self.user_password = hashed_password
- end
-
- def setup_home_directory(options={})
- dest = home_directory
- return unless dest
-
- FileUtils.mkdir_p(dest)
- mode = options[:mode]
- mode ||= self.class.configuration[:user_home_directory_mode]
- FileUtils.chmod(Integer(mode), dest)
- skel = options[:skeleton_directory]
- skel ||= self.class.configuration[:skeleton_directory]
- FileUtils.cp_r(Dir.glob(File.join(skel, ".*")) +
- Dir.glob(File.join(skel, "*")) -
- [File.join(skel, "."), File.join(skel, "..")],
- dest)
- FileUtils.chown_R(uid_number, gid_number, dest)
- end
-
- private
- def check_unique_uid_number(uid_number)
- ActiveSambaLdap::Base.restart_nscd do
- if self.class.find_by_uid_number(uid_number)
- raise UidNumberAlreadyExists.new(uid_number)
- end
- end
- end
-
- def substitute_template(template)
- template.gsub(/%U/, uid)
- end
-
- def substituted_value(key)
- config = self.class.configuration
- if block_given?
- value = config[key.to_sym]
- if value
- substitute_template(value)
- else
- yield
- end
- else
- substitute_template(config[key.to_sym])
- end
- end
-
- def created_group_name
- uid
- end
-
- def retrieve_default_group(options={})
- group = nil
-
- gid_number = options[:gid_number]
- group_class = options[:group_class]
- unless gid_number
- if options[:create_group]
- group_name = created_group_name
- if group_class.exists?(group_name)
- group = group_class.find(group_name)
- else
- group = group_class.create(:cn => group_name,
- :pool => options[:pool],
- :pool_class => options[:pool_class])
- end
- else
- gid_number = default_gid_number
- end
- end
- if gid_number
- group = group_class.find_by_gid_number(gid_number)
- end
-
- group
- end
- end
-end
Modified: trunk/lib/active_samba_ldap/computer.rb (+6 -6)
===================================================================
--- trunk/lib/active_samba_ldap/computer.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/computer.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,9 +1,9 @@
require 'active_samba_ldap/base'
require 'active_samba_ldap/entry'
require 'active_samba_ldap/samba_entry'
-require 'active_samba_ldap/account'
-require 'active_samba_ldap/computer_account'
-require 'active_samba_ldap/samba_account'
+require 'active_samba_ldap/account_entry'
+require 'active_samba_ldap/computer_account_entry'
+require 'active_samba_ldap/samba_account_entry'
module ActiveSambaLdap
class Computer < Base
@@ -12,9 +12,9 @@
include Entry
include SambaEntry
- include Account
- include ComputerAccount
- include SambaAccount
+ include AccountEntry
+ include ComputerAccountEntry
+ include SambaAccountEntry
private
def default_account_flags
Deleted: trunk/lib/active_samba_ldap/user_account.rb (+0 -30)
===================================================================
--- trunk/lib/active_samba_ldap/user_account.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/user_account.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,30 +0,0 @@
-module ActiveSambaLdap
- module UserAccount
- NAME_RE = /\A#{Account::NAME_RE_SRC}\z/
-
- def self.included(base)
- super
- base.extend(ClassMethods)
- base.validates_format_of :uid, :with => NAME_RE
- end
-
- module ClassMethods
- def valid_name?(name)
- NAME_RE =~ name ? true : false
- end
-
- private
- def default_prefix
- configuration[:users_suffix]
- end
- end
-
- def remove_from_group(group)
- group.users.delete(self)
- end
-
- def default_gid_number
- self.class.configuration[:default_user_gid]
- end
- end
-end
Copied: trunk/lib/active_samba_ldap/user_account_entry.rb (+30 -0)
===================================================================
--- trunk/lib/active_samba_ldap/user_account.rb 2007-04-27 14:07:04 +09:00 (rev 81)
+++ trunk/lib/active_samba_ldap/user_account_entry.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -0,0 +1,30 @@
+module ActiveSambaLdap
+ module UserAccountEntry
+ NAME_RE = /\A#{AccountEntry::NAME_RE_SRC}\z/
+
+ def self.included(base)
+ super
+ base.extend(ClassMethods)
+ base.validates_format_of :uid, :with => NAME_RE
+ end
+
+ module ClassMethods
+ def valid_name?(name)
+ NAME_RE =~ name ? true : false
+ end
+
+ private
+ def default_prefix
+ configuration[:users_suffix]
+ end
+ end
+
+ def remove_from_group(group)
+ group.users.delete(self)
+ end
+
+ def default_gid_number
+ self.class.configuration[:default_user_gid]
+ end
+ end
+end
Deleted: trunk/lib/active_samba_ldap/samba_account.rb (+0 -225)
===================================================================
--- trunk/lib/active_samba_ldap/samba_account.rb 2007-04-27 15:58:53 +09:00 (rev 87)
+++ trunk/lib/active_samba_ldap/samba_account.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -1,225 +0,0 @@
-module ActiveSambaLdap
- module SambaAccount
- def self.included(base)
- super
- base.extend(ClassMethods)
- end
-
- # from source/include/rpc_misc.c in Samba
- DOMAIN_ADMIN_RID = 0x000001F4
- DOMAIN_GUEST_RID = 0x000001F5
-
- # from source/rpc_server/srv_util.c in Samba
- DOMAIN_ADMIN_NAME = "Administrator"
- DOMAIN_GUEST_NAME = "Guest"
-
- WELL_KNOWN_RIDS = []
- WELL_KNOWN_NAMES = []
- constants.each do |name|
- case name
- when /_RID$/
- WELL_KNOWN_RIDS << const_get(name)
- when /_NAME$/
- WELL_KNOWN_NAMES << const_get(name)
- end
- end
-
- # FAR_FUTURE_TIME = Time.parse("2050/01/01").to_i.to_s
- FAR_FUTURE_TIME = Time.parse("2038/01/19").to_i.to_s
- ACCOUNT_FLAGS_RE = /\A\[([NDHTUMWSLXI ]+)\]\z/
-
- module ClassMethods
- def samba_object_class
- "sambaSamAccount"
- end
-
- def uid2rid(uid)
- uid = Integer(uid)
- if WELL_KNOWN_RIDS.include?(uid)
- uid
- else
- 2 * uid + 1000
- end
- end
-
- def rid2uid(rid)
- rid = Integer(rid)
- if WELL_KNOWN_RIDS.include?(rid)
- rid
- else
- (Integer(rid) - 1000) / 2
- end
- end
-
- def start_rid
- uid2rid(start_uid)
- end
-
- private
- def default_recommended_classes
- super + [samba_object_class]
- end
-
- def primary_group_options(options)
- super.merge(:extend => PrimaryGroupProxy)
- end
-
- module PrimaryGroupProxy
- def replace(entry)
- result = super
- return result unless @owner.samba_available?
-
- if @target and @target.samba_available?
- if @target.samba_sid.to_s.empty?
- raise GroupDoesNotHaveSambaSID.new(@target.gid_number)
- end
- @owner.samba_primary_group_sid = @target.samba_sid
- else
- @owner.samba_primary_group_sid = nil
- end
-
- result
- end
- end
- end
-
- def fill_default_values(options={})
- result = super
- return result unless samba_available?
-
- self.samba_logon_time ||= "0"
- self.samba_logoff_time ||= FAR_FUTURE_TIME
- self.samba_kickoff_time ||= nil
-
- password = options[:password]
- change_samba_password(password) if password
- self.samba_lm_password ||= "XXX"
- self.samba_nt_password ||= "XXX"
- self.samba_pwd_last_set ||= "0"
-
- account_flags_is_not_set = samba_acct_flags.nil?
- self.samba_acct_flags ||= default_account_flags
-
- can_change_password = options[:can_change_password]
- if can_change_password
- self.enable_password_change
- elsif account_flags_is_not_set or can_change_password == false
- self.disable_password_change
- end
-
- must_change_password = options[:must_change_password]
- if must_change_password
- self.enable_forcing_password_change
- elsif account_flags_is_not_set or must_change_password == false
- self.disable_forcing_password_change
- end
-
- enable_account = options[:enable]
- if enable_account
- self.enable
- elsif account_flags_is_not_set or enable_account == false
- self.disable
- end
-
- self
- end
-
- def change_uid_number(uid, allow_non_unique=false)
- result = super
- return result unless samba_available?
-
- rid = self.class.uid2rid(uid_number.to_s)
- change_sid(rid, allow_non_unique)
- end
-
- def change_uid_number_by_rid(rid, allow_non_unique=false)
- assert_samba_available
- change_uid_number(self.class.rid2uid(rid), allow_non_unique)
- end
-
- def change_sid(rid, allow_non_unique=false)
- assert_samba_available
- sid = "#{self.class.configuration[:sid]}-#{rid}"
- # check_unique_sid_number(sid) unless allow_non_unique
- self.samba_sid = sid
- end
-
- def rid
- assert_samba_available
- Integer(samba_sid.split(/-/).last)
- end
-
- def change_samba_password(password)
- assert_samba_available
- self.samba_lm_password = Samba::Encrypt.lm_hash(password)
- self.samba_nt_password = Samba::Encrypt.ntlm_hash(password)
- self.samba_pwd_last_set = Time.now.to_i.to_s
- end
-
- def enable_password_change
- assert_samba_available
- self.samba_pwd_can_change = "0"
- end
-
- def disable_password_change
- assert_samba_available
- self.samba_pwd_can_change = FAR_FUTURE_TIME
- end
-
- def can_change_password?
- assert_samba_available
- samba_pwd_can_change.nil? or
- Time.at(samba_pwd_can_change.to_i) <= Time.now
- end
-
- def enable_forcing_password_change
- assert_samba_available
- self.samba_pwd_must_change = "0"
- if /X/ =~ samba_acct_flags.to_s
- self.samba_acct_flags = samba_acct_flags.sub(/X/, '')
- end
- if samba_pwd_last_set.to_i.zero?
- self.samba_pwd_last_set = FAR_FUTURE_TIME
- end
- end
-
- def disable_forcing_password_change
- assert_samba_available
- self.samba_pwd_must_change = FAR_FUTURE_TIME
- end
-
- def must_change_password?
- assert_samba_available
- !(/X/ =~ samba_acct_flags.to_s or
- samba_pwd_must_change.nil? or
- Time.at(samba_pwd_must_change.to_i) > Time.now)
- end
-
- def enable
- assert_samba_available
- if /D/ =~ samba_acct_flags.to_s
- self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
- end
- end
-
- def disable
- assert_samba_available
- flags = ""
- if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
- flags = $1
- return if /D/ =~ flags
- end
- self.samba_acct_flags = "[D#{flags}]"
- end
-
- def enabled?
- assert_samba_available
- !disabled?
- end
-
- def disabled?
- assert_samba_available
- (/D/ =~ samba_acct_flags.to_s) ? true : false
- end
- end
-end
Copied: trunk/lib/active_samba_ldap/account_entry.rb (+206 -0)
===================================================================
--- trunk/lib/active_samba_ldap/account.rb 2007-04-27 14:07:04 +09:00 (rev 81)
+++ trunk/lib/active_samba_ldap/account_entry.rb 2007-08-04 11:52:31 +09:00 (rev 88)
@@ -0,0 +1,206 @@
+require 'time'
+require 'fileutils'
+require 'English'
+
+require 'active_samba_ldap/base'
+
+module ActiveSambaLdap
+ module AccountEntry
+ NAME_RE_SRC = "(?!\\d)[\\w @_\\-\\.]+"
+
+ def self.included(base)
+ super
+ base.extend(ClassMethods)
+ end
+
+ module ClassMethods
+ def ldap_mapping(options={})
+ options = default_options.merge(options)
+ super(extract_ldap_mapping_options(options))
+ belongs_to :primary_group, primary_group_options(options)
+ belongs_to :groups, groups_options(options)
+ end
+
+ def find_by_uid_number(number)
+ options = {:objects => true}
+ attribute = "uidNumber"
+ value = Integer(number)
+ find(:first, :filter => "(#{attribute}=#{value})")
+ end
+
+ private
+ def default_options
+ {
+ :dn_attribute => "uid",
+ :ldap_scope => :sub,
+ :primary_group_class => default_group_class,
+ :primary_group_foreign_key => "gidNumber",
+ :primary_group_primary_key => "gidNumber",
+ :groups_class => default_group_class,
+ :groups_many => "memberUid",
+ :prefix => default_prefix,
+ :classes => default_classes,
+ :recommended_classes => default_recommended_classes,
+ }
+ end
+
+ def default_group_class
+ "Group"
+ end
+
+ def default_classes
+ ["top", "inetOrgPerson", "posixAccount"]
+ end
+
+ def default_recommended_classes
+ []
+ end
+
+ def primary_group_options(options)
+ {
+ :class => options[:primary_group_class],
+ :foreign_key => options[:primary_group_foreign_key],
+ :primary_key => options[:primary_group_primary_key],
+ }
+ end
+
+ def groups_options(options)
+ {
+ :class => options[:groups_class],
+ :many => options[:groups_many],
+ }
+ end
+
+ def prepare_create_options(account, options)
+ prepare_create_options_for_number(:uid_number, account, options)
+ end
+ end
+
+ def fill_default_values(options={})
+ self.cn ||= uid
+ self.sn ||= uid
+ self.given_name ||= uid
+ self.display_name ||= cn
+ self.gecos ||= substituted_value(:user_gecos) {cn}
+ self.home_directory ||= substituted_value(:user_home_directory)
+ self.login_shell ||= self.class.configuration[:user_login_shell]
+
+ password = options[:password]
+ change_password(password) if password
+ self.user_password ||= "{crypt}x"
+
+ uid_number = options[:uid_number]
+ self.change_uid_number(uid_number) if uid_number
+
+ group = options[:group] || retrieve_default_group(options)
+ self.primary_group = group if group
+
+ self
+ end
+
+ def destroy(options={})
+ if options[:removed_from_group]
+ groups.each do |group|
+ remove_from_group(group)
+ end
+ end
+ dir = home_directory
+ need_remove_home_directory =
+ options[:remove_home_directory] && !new_entry?
+ super()
+ if need_remove_home_directory and File.directory?(dir)
+ if options[:remove_home_directory_interactive]
+ system("rm", "-r", "-i", dir)
+ else
+ FileUtils.rm_r(dir)
+ end
+ end
+ new_entry?
+ end
+
+ def change_uid_number(uid, allow_non_unique=false)
+ check_unique_uid_number(uid) unless allow_non_unique
+ self.uid_number = Integer(uid).to_s
+ end
+
+ def change_password(password)
+ hash_type = self.class.configuration[:password_hash_type]
+ hashed_password = ActiveLdap::UserPassword.__send__(hash_type, password)
+ self.user_password = hashed_password
+ end
+
+ def setup_home_directory(options={})
+ dest = home_directory
+ return unless dest
+
+ FileUtils.mkdir_p(dest)
+ mode = options[:mode]
+ mode ||= self.class.configuration[:user_home_directory_mode]
+ FileUtils.chmod(Integer(mode), dest)
+ skel = options[:skeleton_directory]
+ skel ||= self.class.configuration[:skeleton_directory]
+ FileUtils.cp_r(Dir.glob(File.join(skel, ".*")) +
+ Dir.glob(File.join(skel, "*")) -
+ [File.join(skel, "."), File.join(skel, "..")],
+ dest)
+ FileUtils.chown_R(uid_number, gid_number, dest)
+ end
+
+ private
+ def check_unique_uid_number(uid_number)
+ ActiveSambaLdap::Base.restart_nscd do
+ if self.class.find_by_uid_number(uid_number)
+ raise UidNumberAlreadyExists.new(uid_number)
+ end
+ end
+ end
+
+ def substitute_template(template)
+ template.gsub(/%U/, uid)
+ end
+
+ def substituted_value(key)
+ config = self.class.configuration
+ if block_given?
+ value = config[key.to_sym]
+ if value
+ substitute_template(value)
+ else
+ yield
+ end
+ else
+ substitute_template(config[key.to_sym])
+ end
+ end
+
+ def created_group_name
+ uid
+ end
+
+ def retrieve_default_group(options={})
+ group = nil
+
+ gid_number = options[:gid_number]
+ group_class = options[:group_class]
+ unless gid_number
+ if options[:create_group]
+ group_name = created_group_name
+ if group_class.exists?(group_name)
+ group = group_class.find(group_name)
+ else
+ group = group_class.create(:cn => group_name,
+ :pool => options[:pool],
+ :pool_class => options[:pool_class])
+ end
+ else
+ gid_number = default_gid_number
+ end
+ end
+ if gid_number
+ group = group_class.find_by_gid_number(gid_number)
+ end
+
+ group
+ end
+ end
+end
More information about the asl-commit
mailing list