opennebula 3.4.1-4.1ubuntu1 / usr / lib / one / ruby / ldap_auth.rb

This file is indexed.

/usr/lib/one/ruby/ldap_auth.rb is in opennebula 3.4.1-4.1ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# ---------------------------------------------------------------------------- #
# Copyright 2002-2012, C12G Labs S.L                                           #
#                                                                              #
# Licensed under the Apache License, Version 2.0 (the "License"); you may      #
# not use this file except in compliance with the License. You may obtain      #
# a copy of the License at                                                     #
#                                                                              #
# http://www.apache.org/licenses/LICENSE-2.0                                   #
#                                                                              #
# Unless required by applicable law or agreed to in writing, software          #
# distributed under the License is distributed on an "AS IS" BASIS,            #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.     #
# See the License for the specific language governing permissions and          #
# limitations under the License.                                               #
# ---------------------------------------------------------------------------- #

require 'rubygems'
require 'net/ldap'

class LdapAuth
    def initialize(options)
        @options={
            :host => 'localhost',
            :port => 389,
            :user => nil,
            :password => nil,
            :base => nil,
            :auth_method => :simple,
            :user_field => 'cn'
        }.merge(options)

        ops={}

        if @options[:user]
            ops[:auth] = {
                :method => @options[:auth_method],
                :username => @options[:user],
                :password => @options[:password]
            }
        end

        ops[:host]=@options[:host] if @options[:host]
        ops[:port]=@options[:port].to_i if @options[:port]

        @ldap=Net::LDAP.new(ops)
    end

    def find_user(name)
        begin
            result=@ldap.search(
                :base => @options[:base],
                :filter => "#{@options[:user_field]}=#{name}")

            if result && result.first
                result.first.dn
            else
                result=@ldap.search(:base => name)

                if result && result.first
                    name
                else
                    nil
                end
            end
        rescue
            nil
        end
    end

    def is_in_group?(user, group)
        result=@ldap.search(:base => group, :filter => "(member=#{user})")

        if result && result.first
            true
        else
            false
        end
    end

    def authenticate(user, password)
        ldap=@ldap.clone

        auth={
            :method => @options[:auth_method],
            :username => user,
            :password => password
        }

        if ldap.bind(auth)
            true
        else
            false
        end
    end
end

APT Browse - Built by Thomas Orozco.