ref: master
plugins/ldap/lib/ldap_plugin.rb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
require_relative 'ldap_authentication.rb' class LdapPlugin < Noosfero::Plugin include Noosfero::Plugin::HotSpot def self.plugin_name "LdapPlugin" end def self.plugin_description _("A plugin that add ldap support.") end module Hotspots # -> Custom ldap plugin hotspot to set profile data before user creation # receive the followings params: # - attrs with ldap received data # - login received by ldap # - params from current context # returns = updated person_data hash def ldap_plugin_set_profile_data(attrs, params) [attrs, params] end # -> Custom ldap plugin hotspot to update user object # receive the followings params: # - user: user object # - attrs with ldap received data # returns = none def ldap_plugin_update_user(user, attrs) end end def allow_user_registration false end def allow_password_recovery context.environment.ldap_plugin['allow_password_recovery'] end def alternative_authentication login = context.params[:login] || context.params[:user][:login] password = context.params[:password] || context.params[:user][:password] ldap = LdapAuthentication.new(context.environment.ldap_plugin_attributes) # try to authenticate begin attrs = ldap.authenticate(login, password) rescue Net::LDAP::LdapError => e puts "LDAP is not configured correctly" end return nil if attrs.nil? user_login = get_login(attrs, ldap.attr_login, login) user = User.find_or_initialize_by(login: user_login) return nil if !user.new_record? && !user.activated? user.login = user_login user.email = get_email(attrs, login) user.name = attrs[:fullname] user.password = password user.password_confirmation = password user.person_data = plugins.pipeline(:ldap_plugin_set_profile_data, attrs, context.params).last[:profile_data] user.activated_at = Time.now.utc user.activation_code = nil ldap = LdapAuthentication.new(context.environment.ldap_plugin_attributes) begin if user.save user.activate plugins.dispatch(:ldap_plugin_update_user, user, attrs) else user = nil end rescue #User not saved end user end def get_login(attrs, attr_login, login) user_login = Array.wrap(attrs[attr_login.split.first.to_sym]) user_login.empty? ? login : user_login.first end def get_email(attrs, login) return attrs[:mail] unless attrs[:mail].blank? if attrs[:fullname] return attrs[:fullname].to_slug + "@ldap.user" else return login.to_slug + "@ldap.user" end end def login_extra_contents proc do @person = Person.new(:environment => @environment) @profile_data = @person labelled_fields_for :profile_data, @person do |f| render :partial => 'profile_editor/person_form', :locals => {:f => f} end end end end |