[Bps-public-commit] RT-Extension-LDAPImport branch, 0.32.03/add-group-member-regex, created. 0.32_03-1-g157bb26

Jim Brandt jbrandt at bestpractical.com
Mon Apr 9 14:46:41 EDT 2012


The branch, 0.32.03/add-group-member-regex has been created
        at  157bb262b2837092a08614774e0cccb4c2d9fa23 (commit)

- Log -----------------------------------------------------------------
commit 157bb262b2837092a08614774e0cccb4c2d9fa23
Author: Jim Brandt <jbrandt at bestpractical.com>
Date:   Mon Apr 9 11:45:11 2012 -0400

    Add regex match option for LDAP group members.
    
    Added a feature to allow you to use a regex to match an LDAP member
    field. But upon further review, I don't think it would ever be
    needed unless someone's LDAP was really mis-configured. So this
    commit is for posterity only.
    (cherry picked from commit f5b2b5c7d0a02577f36782bebfdc5ff2082f9951)
    
    Adding back docs for this feature so they fit with the docs
    branch this was pulled from.

diff --git a/lib/RT/Extension/LDAPImport.pm b/lib/RT/Extension/LDAPImport.pm
index 411f138..0da089a 100644
--- a/lib/RT/Extension/LDAPImport.pm
+++ b/lib/RT/Extension/LDAPImport.pm
@@ -18,11 +18,27 @@ use Data::Dumper;
 
 RT::Extension::LDAPImport - Import Users from an LDAP store
 
-
 =head1 SYNOPSIS
 
     use RT::Extension::LDAPImport;
 
+=head1 CONFIGURATION
+
+If the LDAP group field you are mapping to doesn't have a
+simple username, you provide a regex to pull the name out
+with Member_Attr_Regex. The capture value in the regex will be
+used to find the username.
+
+    Set($LDAPGroupMapping, {Name               => 'cn',
+                            Member_Attr        => 'member',
+                            Member_Attr_Value  => 'dn'
+                            Member_Attr_Regex   => qr/^cn=(\w+)\,/,
+                           });
+
+The above would pull the name out of an entry something like
+
+    cn=somename,ou=company
+
 =head1 METHODS
 
 =head2 connect_ldap
@@ -865,6 +881,13 @@ sub _get_group_members_from_ldap {
     my $mapping = $RT::LDAPGroupMapping;
 
     my $members = $ldap_entry->get_value($mapping->{Member_Attr}, asref => 1);
+
+    if ( exists $mapping->{Member_Attr_Regex}
+	 and defined $mapping->{Member_Attr_Regex} ) {
+      @{$members} = map{ /$mapping->{Member_Attr_Regex}/ } @{$members};
+    }
+
+    return $members;
 }
 
 
diff --git a/t/group-import.t b/t/group-import.t
index 6d28e80..e15754b 100644
--- a/t/group-import.t
+++ b/t/group-import.t
@@ -1,7 +1,7 @@
 use strict;
 use warnings;
 use lib 't/lib';
-use RT::Extension::LDAPImport::Test tests => 66;
+use RT::Extension::LDAPImport::Test tests => 74;
 eval { require Net::LDAP::Server::Test; 1; } or do {
     plan skip_all => 'Unable to test without Net::Server::LDAP::Test';
 };
@@ -99,6 +99,39 @@ RT->Config->Set('LDAPGroupMapping',
                    });
 import_group_members_ok( memberUid => 'uid' );
 
+# Test a regex on Member_Attr
+# This is for a case where the member attribute
+# isn't the simple member name.
+
+ at ldap_group_entries = ();
+{
+    my $groupname = "Test Group 5";
+    my $dn = "cn=$groupname,ou=groups,dc=bestpractical,dc=com";
+    my $entry = {
+        cn   =>  $groupname,
+        members => [ map { $_->{dn} } @ldap_user_entries[3,7,11] ],
+       # Make an entries that looks like cn=testuser12,ou=foo,dc=bestpractical
+        memberUid => [ map { 'cn=' . $_->{uid} . ',ou=foo,dc=bestpractical' }
+		       @ldap_user_entries[3,7,11] ],
+        objectClass => 'Test5',
+    };
+    $ldap->add( $dn, attr => [%$entry] );
+
+    # Fix entry for expected value after regex.
+    $entry->{memberUid} = [ map { $_->{uid} } @ldap_user_entries[3,7,11] ];
+    push @ldap_group_entries, $entry;
+}
+
+RT->Config->Set('LDAPGroupFilter','(objectClass=Test5)');
+RT->Config->Set('LDAPGroupMapping',
+                   {Name                => 'cn',
+                    Member_Attr         => 'memberUid',
+                    Member_Attr_Value   => 'uid',
+		    Member_Attr_Regex   => qr/^cn=(\w+)\,/,
+                   });
+
+import_group_members_ok( memberUid => 'uid' );
+
 sub import_group_members_ok {
     my $attr = shift;
     my $user_attr = shift;

-----------------------------------------------------------------------



More information about the Bps-public-commit mailing list