Commit c6accae1 authored by Ruslan Zakirov's avatar Ruslan Zakirov
Browse files

make it possible to use sub in Member_Attr

allows to convert members or do other things
parent bb27e954
......@@ -934,7 +934,18 @@ sub import_groups {
my $done = 0; my $count = scalar @results;
while (my $entry = shift @results) {
my $group = $self->_build_object( ldap_entry => $entry, skip => qr/(?i)^Member_Attr/, mapping => $mapping );
my $group = $self->_parse_ldap_mapping(
%args,
ldap_entry => $entry,
skip => qr/^Member_Attr_Value$/i,
mapping => $mapping,
);
foreach my $key ( grep !/^Member_Attr/, keys %$group ) {
@{ $group->{$key} } = map { ref $_ eq 'ARRAY'? $_->[0] : $_ } @{ $group->{$key} };
$group->{$key} = join ' ', grep defined && length, @{ $group->{$key} };
}
@{ $group->{'Member_Attr'} } = map { ref $_ eq 'ARRAY'? @$_ : $_ } @{ $group->{'Member_Attr'} }
if $group->{'Member_Attr'};
$group->{Description} ||= 'Imported from LDAP';
unless ( $group->{Name} ) {
$self->_warn("No Name for group, skipping ".Dumper $group);
......@@ -987,7 +998,14 @@ sub _import_group {
$self->_debug("Processing group $group->{Name}");
my ($group_obj, $created) = $self->create_rt_group( %args, group => $group );
return if $args{import} and not $group_obj;
$self->add_group_members( %args, name => $group->{Name}, group => $group_obj, ldap_entry => $ldap_entry, new => $created );
$self->add_group_members(
%args,
name => $group->{Name},
info => $group,
group => $group_obj,
ldap_entry => $ldap_entry,
new => $created,
);
# XXX TODO: support OCFVs for groups too
return;
}
......@@ -1015,6 +1033,8 @@ sub create_rt_group {
my $group_obj = $self->find_rt_group(%args);
return unless defined $group_obj;
$group = { map { $_ => $group->{$_} } qw(id Name Description) };
my $id = delete $group->{'id'};
my $created;
......@@ -1165,8 +1185,7 @@ sub add_group_members {
$self->_debug("Processing group membership for $groupname");
my $members = $self->_get_group_members_from_ldap(%args);
my $members = $args{'info'}{'Member_Attr'};
unless (defined $members) {
$self->_warn("No members found for $groupname in Member_Attr");
return;
......@@ -1235,17 +1254,6 @@ sub add_group_members {
}
}
sub _get_group_members_from_ldap {
my $self = shift;
my %args = @_;
my $ldap_entry = $args{ldap_entry};
my $mapping = $RT::LDAPGroupMapping;
my $members = $ldap_entry->get_value($mapping->{Member_Attr}, asref => 1);
}
=head2 _show_group
Show debugging information about the group record we're going to import
......
use strict;
use warnings;
use lib 't/lib';
use RT::Extension::LDAPImport::Test tests => undef;
eval { require Net::LDAP::Server::Test; 1; } or do {
plan skip_all => 'Unable to test without Net::Server::LDAP::Test';
};
use Net::LDAP::Entry;
use RT::User;
my $importer = RT::Extension::LDAPImport->new;
isa_ok($importer,'RT::Extension::LDAPImport');
my $ldap_port = 1024 + int rand(10000) + $$ % 1024;
ok( my $server = Net::LDAP::Server::Test->new( $ldap_port, auto_schema => 1 ),
"spawned test LDAP server on port $ldap_port");
my $ldap = Net::LDAP->new("localhost:$ldap_port");
$ldap->bind();
$ldap->add("dc=bestpractical,dc=com");
my @ldap_user_entries;
for ( 1 .. 12 ) {
my $username = "testuser$_";
my $dn = "uid=$username,ou=foo,dc=bestpractical,dc=com";
my $entry = {
dn => $dn,
cn => "Test User $_",
mail => "$username\@invalid.tld",
uid => $username,
objectClass => 'User',
};
push @ldap_user_entries, $entry;
$ldap->add( $dn, attr => [%$entry] );
}
my @ldap_group_entries;
for ( 1 .. 4 ) {
my $groupname = "Test Group $_";
my $dn = "cn=$groupname,ou=groups,dc=bestpractical,dc=com";
my $entry = {
cn => $groupname,
gid => $_,
members => [ map { 'mail="'. $_->{'mail'} .'"' } @ldap_user_entries[($_-1),($_+3),($_+7)] ],
objectClass => 'Group',
};
$ldap->add( $dn, attr => [%$entry] );
push @ldap_group_entries, $entry;
}
RT->Config->Set('LDAPHost',"ldap://localhost:$ldap_port");
RT->Config->Set('LDAPMapping',
{Name => 'uid',
EmailAddress => 'mail',
RealName => 'cn'});
RT->Config->Set('LDAPBase','dc=bestpractical,dc=com');
RT->Config->Set('LDAPFilter','(objectClass=User)');
RT->Config->Set('LDAPSkipAutogeneratedGroup',1);
RT->Config->Set('LDAPGroupBase','dc=bestpractical,dc=com');
RT->Config->Set('LDAPGroupFilter','(objectClass=Group)');
RT->Config->Set('LDAPGroupMapping', {
Name => 'cn',
Member_Attr => sub {
my %args = @_;
my $self = $args{'self'};
my $members = $args{ldap_entry}->get_value('members', asref => 1);
foreach my $record ( @$members ) {
my $user = RT::User->new( RT->SystemUser );
$user->LoadByEmail($record =~ /mail="(.*)"/);
$self->_users->{ lc $record } = $user->Name;
}
return @$members;
},
});
ok( $importer->import_users( import => 1 ), 'imported users');
# no id mapping
{
ok( $importer->import_groups( import => 1 ), "imported groups" );
is_member_of('testuser1', 'Test Group 1');
}
done_testing;
sub is_member_of {
my $uname = shift;
my $gname = shift;
my $group = get_group($gname);
return ok(0, "found group $gname") unless $group->id;
my $user = RT::User->new($RT::SystemUser);
$user->Load( $uname );
return ok(0, "found user $uname") unless $user->id;
return ok($group->HasMember($user->id), "$uname is member of $gname");
}
sub get_group {
my $gname = shift;
my $group = RT::Group->new($RT::SystemUser);
$group->LoadUserDefinedGroup( $gname );
return $group;
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment