Class: PrincetonUsers

Inherits:
Object
  • Object
show all
Defined in:
app/services/princeton_users.rb

Constant Summary collapse

CHARS_AND_NUMS = 
('a'..'z').to_a + (0..9).to_a + ['-']
RDSS_DEVELOPERS =

‘cbentler` and `az3007` are required because they come as data manager and data sponsor in the default project in the Mediaflux in our Docker image.

%w[bs3097 jrg5 cac9 hc8719 rl3667 kl37 pp9425 jh6441 cbentler az3007].freeze

Class Method Summary collapse

Class Method Details

.check_for_malformed_ldap_entries(ldap_person) ⇒ Boolean

If any required LDAP fields are missing, return true

Parameters:

  • ldap_person (Net::LDAP::Entry)

    an LDAP entry representing a person

Returns:

  • (Boolean)

    true if the LDAP entry is missing required fields, false otherwise



93
94
95
96
97
98
 
# File 'app/services/princeton_users.rb', line 93

def check_for_malformed_ldap_entries(ldap_person)
  uid_blank = ldap_person[:uid].blank?
  edupersonprincipalname_blank = ldap_person[:edupersonprincipalname].blank?
  malformed = uid_blank || edupersonprincipalname_blank
  malformed
end

.create_user_from_ldap_by_uid(uid, ldap_connection: default_ldap_connection) ⇒ Object

Raises:



58
59
60
61
62
63
64
 
# File 'app/services/princeton_users.rb', line 58

def create_user_from_ldap_by_uid(uid, ldap_connection: default_ldap_connection)
  filter = Net::LDAP::Filter.eq('uid', uid)
  person = ldap_connection.search(filter:, attributes: [:pudisplayname, :givenname, :sn, :uid, :edupersonprincipalname]);
  raise TigerData::LdapError, "More than one user matches supplied uid: #{uid}" if person.length > 1
  raise TigerData::LdapError, "No user with uid #{uid} found" if person.empty?
  user_from_ldap(person.first)
end

.create_users_from_ldap(current_uid_start: "", ldap_connection: default_ldap_connection) ⇒ Object

Creates users from LDAP data, starting with the given uid prefix.



46
47
48
49
50
51
52
53
54
55
56
 
# File 'app/services/princeton_users.rb', line 46

def create_users_from_ldap(current_uid_start: "", ldap_connection: default_ldap_connection)
  CHARS_AND_NUMS.each do |char|
    filter =(~ Net::LDAP::Filter.eq( "pustatus", "guest" )) & Net::LDAP::Filter.eq("uid", "#{current_uid_start}#{char}*")
    people = ldap_connection.search(filter:, attributes: [:pudisplayname, :givenname, :sn, :uid, :edupersonprincipalname]);
    if ldap_connection.get_operation_result.message == "Success"
      people.each{|person| user_from_ldap(person)}
    else
      create_users_from_ldap(current_uid_start: "#{current_uid_start}#{char}", ldap_connection:)
    end
  end
end

.default_ldap_connectionObject 



100
101
102
103
104
105
106
 
# File 'app/services/princeton_users.rb', line 100

def default_ldap_connection
  @default_ldap_connection ||= Net::LDAP.new host: "ldap.princeton.edu", base: "o=Princeton University,c=US", port: 636,
                                              encryption: {
                                                method: :simple_tls,
                                                tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
                                              }
end

.load_rdss_developersObject 



37
38
39
40
41
42
43
 
# File 'app/services/princeton_users.rb', line 37

def load_rdss_developers
  RDSS_DEVELOPERS.each do |netid|
    create_user_from_ldap_by_uid(netid)
    rescue TigerData::LdapError
    raise TigerData::LdapError, "Unable to create user from LDAP. Are you connected to VPN?"
  end
end

.name_query(tokens) ⇒ Object 



30
31
32
33
34
35
 
# File 'app/services/princeton_users.rb', line 30

def name_query(tokens)
  tokens.inject(User.all) do |partial_query, token|
    search_token = '%'+User.sanitize_sql_like(token)+'%'
    partial_query.where("(LOWER(display_name) like ?) OR (LOWER(uid) like ?)", search_token, search_token)
  end.order(:given_name).order(:family_name)
end

.uid_query(token) ⇒ Object 



24
25
26
27
28
 
# File 'app/services/princeton_users.rb', line 24

def uid_query(token)
  order_sql = User.sanitize_sql_for_order("LENGTH(uid)-LENGTH('#{token}')")
  search_token = User.sanitize_sql_like(token)+'%'
  User.where("(uid like ?)",search_token).order(Arel.sql(order_sql)).order(:uid)
end

.user_from_ldap(ldap_person) ⇒ User?

Creates or updates a User from an LDAP entry.

Parameters:

  • ldap_person (Net::LDAP::Entry)

    an LDAP entry representing a person

Returns:

  • (User, nil)

    the created or updated User, or nil if the LDAP entry is missing a edupersonprincipalname



69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'app/services/princeton_users.rb', line 69

def user_from_ldap(ldap_person)
  return if check_for_malformed_ldap_entries(ldap_person)
  uid = ldap_person[:uid].first.downcase
  current_entries = User.where(uid:)
  if current_entries.empty?
    User.create(uid: , display_name: ldap_person[:pudisplayname].first,
                family_name: ldap_person[:sn].first, given_name: ldap_person[:givenname].first,
                email: ldap_person[:edupersonprincipalname].first, provider: "cas")
  else
    user = current_entries.first
    if user.display_name.blank?
      user.display_name = ldap_person[:pudisplayname].first
      user.family_name = ldap_person[:sn].first
      user.given_name = ldap_person[:givenname].first
      user.provider = "cas"
      user.save
    end
    user
  end
end

.user_list_query(query) ⇒ Object

Returns a list of Users that match the given query



13
14
15
16
17
18
19
20
21
22
 
# File 'app/services/princeton_users.rb', line 13

def user_list_query(query)
  tokens = query.downcase.strip.split(/[^a-zA-Z\d]/).compact_blank
  return [] if tokens.count == 0
  if (tokens.count == 1)
    # if I have a single token I might be trying a uid search, so put all the uid matches at the top
    uid_query(tokens[0]) | name_query(tokens)
  else
    name_query(tokens)
  end.map{|user| { uid: user.uid, name: user.display_name, display_name: user.display_name_safe } }
end