module Devise::LDAP::Adapter
Establishes connections and interacts with LDAP
. Uses Connection
objects to do this.
Can interact with these methods in rails
Public Class Methods
The default scope to use if none is specified
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 103 def self.default_scope ::Devise.ldap_default_scope end
Deletes the LDAP
attribute for an account
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 90 def self.delete_ldap_param(login, param, password = nil, scope = default_scope) options = { login: login, password: password, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.delete_param(param) end
Returns true or false depending on if the users credentials have expired or not
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 54 def self.expired_valid_credentials?(login, password_plaintext, scope = default_scope) options = { login: login, password: password_plaintext, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.expired_valid_credentials? end
Returns the DistinguishedName of an account (regardless of if it exists or not)
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 25 def self.get_dn(login, scope = default_scope) self.ldap_connect(login, scope).dn end
Returns a list of group memberships for a user
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 73 def self.get_groups(login, scope = default_scope) self.ldap_connect(login, scope).user_groups end
Returns all attributes for an account from LDAP
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 14 def self.get_ldap_entry(login, scope = default_scope) self.ldap_connect(login, scope).search_for_login end
Get the value of an attribute for an account from LDAP
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 19 def self.get_ldap_param(login, param, scope = default_scope) resource = self.ldap_connect(login, scope) resource.ldap_param_value(param) end
Checks if a user is a member of a specific group
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 78 def self.in_ldap_group?(login, group_name, group_attribute = nil, scope = default_scope) self.ldap_connect(login, scope).in_group?(group_name, group_attribute) end
Creates a new connection to an LDAP
database and returns the connection object to run methods against
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 97 def self.ldap_connect(login, scope = default_scope) options = { login: login, scope: scope } Devise::LDAP::Connection.new(options) end
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 29 def self.password_updatable? (login, scope = default_scope) options = { login: login, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.password_updatable? end
Sets an LDAP
attribute for an account to a new value
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 83 def self.set_ldap_param(login, param, new_value, password = nil, scope = default_scope) options = { login: login, password: password, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.set_param(param, new_value) end
Also updates the password. Unsure what differentiates this from update_password
currently.
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 68 def self.update_own_password(login, new_password, current_password) set_ldap_param(login, :userPassword, new_password, current_password, true) end
Updates a users password in LDAP
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 61 def self.update_password(login, new_password, scope = default_scope) options = { login: login, new_password: new_password, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.change_password! if new_password.present? end
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 35 def self.user_creatable? (login, scope = default_scope) options = { login: login, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.user_creatable? end
Tries to authenticate credentails to LDAP
. Returns true or false appropriately.
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 47 def self.valid_credentials?(login, password_plaintext, scope = default_scope) options = { login: login, password: password_plaintext, scope: scope } resource = Devise::LDAP::Connection.new(options) resource.authorized? end
Boolean returned for if an account in the LDAP
exists (doesn’t check authentication / authorization): false if a valid match can’t be obtained from ldap.
# File lib/devise_ldap_multiple/ldap/adapter.rb, line 42 def self.valid_login?(login, scope = default_scope) self.ldap_connect(login, scope).valid_login? end