Sha256: a8afb1c92ae73f1bd9286ec3e49f0d374a327fc6aaaabca29d300fc8ddc8b3d8
Contents?: true
Size: 1.68 KB
Versions: 3
Compression:
Stored size: 1.68 KB
Contents
module Adauth
# Authenticates the specifed user agains the domain
#
# Checks the groups & ous are in the allow/deny lists
def self.authenticate(username, password)
begin
if Adauth::AdObjects::User.authenticate(username, password)
user = Adauth::AdObjects::User.where('sAMAccountName', username).first
if allowed_group_login(user) && allowed_ou_login(user)
return user
else
return false
end
else
return false
end
rescue RuntimeError
return false
end
end
# Makes sure the user meets the group requirements
def self.allowed_group_login(user)
if @config.allowed_groups != []
allowed = (user && @config.allowed_groups != (@config.allowed_groups - user.cn_groups)) ? user : nil
else
allowed = user
end
if @config.denied_groups != []
denied = (user && @config.denied_groups == (@config.denied_groups - user.cn_groups)) ? user : nil
else
denied = user
end
allowed == denied
end
# Makes sure the user meets the ou requirements
def self.allowed_ou_login(user)
if @config.allowed_ous != []
allowed = (user && @config.allowed_ous != (@config.allowed_ous - user.dn_ous)) ? user : nil
else
allowed = user
end
if @config.denied_ous != []
denied = (user && @config.denied_ous == (@config.denied_ous - user.dn_ous)) ? user : nil
else
denied = user
end
allowed == denied
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| adauth-2.0.0pre2 | lib/adauth/authenticate.rb |
| adauth-2.0.0pre1 | lib/adauth/authenticate.rb |
| adauth-2.0.0pre | lib/adauth/authenticate.rb |