Project

General

Profile

« Previous | Next » 

Revision d424cab5

Added by Stephen Benjamin about 10 years ago

fixes #3827 - adds ldap avatar support

View differences:

app/assets/stylesheets/application.scss
.form-group.condensed.error textarea{border-color: #b94a48;}
.form-group.condensed.warning textarea{border-color: #c09853;}
.gravatar{
.avatar{
width: 30px;
height: 30px;
-webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px;
app/controllers/api/v1/auth_source_ldaps_controller.rb
param :attr_firstname, String, :desc => "required if onthefly_register is true"
param :attr_lastname, String, :desc => "required if onthefly_register is true"
param :attr_mail, String, :desc => "required if onthefly_register is true"
param :attr_photo, String
param :onthefly_register, :bool
param :tls, :bool
end
......
param :attr_firstname, String, :desc => "required if onthefly_register is true"
param :attr_lastname, String, :desc => "required if onthefly_register is true"
param :attr_mail, String, :desc => "required if onthefly_register is true"
param :attr_photo, String
param :onthefly_register, :bool
param :tls, :bool
end
app/controllers/api/v2/auth_source_ldaps_controller.rb
param :attr_firstname, String, :desc => "required if onthefly_register is true"
param :attr_lastname, String, :desc => "required if onthefly_register is true"
param :attr_mail, String, :desc => "required if onthefly_register is true"
param :attr_photo, String
param :onthefly_register, :bool
param :tls, :bool
end
app/helpers/application_helper.rb
end
end
def gravatar_image_tag(email, html_options = {})
default_image = path_to_image("user.jpg")
html_options.merge!(:onerror=>"this.src='#{default_image}'")
image_url = Setting["use_gravatar"] ? gravatar_url(email, default_image) : default_image
def avatar_image_tag(user, html_options = {})
if user.avatar_hash.nil?
default_image = path_to_image("user.jpg")
if Setting["use_gravatar"]
image_url = gravatar_url(user.mail, default_image)
html_options.merge!(:onerror=>"this.src='#{default_image}'", :alt => _('Change your avatar at gravatar.com'))
else
image_url = default_image
end
else
image_url = path_to_image("avatars/#{user.avatar_hash}.jpg")
end
return image_tag(image_url, html_options)
end
app/helpers/home_helper.rb
end
def user_header
summary = gravatar_image_tag(User.current.mail, :class=>'gravatar small', :alt=>_('Change your avatar at gravatar.com')) +
summary = avatar_image_tag(User.current, :class=>'avatar small') +
"#{User.current.to_label} " + content_tag(:span, "", :class=>'caret')
link_to(summary.html_safe, "#", :class => "dropdown-toggle", :'data-toggle'=>"dropdown", :id => "account_menu")
end
app/models/auth_sources/auth_source_ldap.rb
entry = search_for_user_entries(login, password)
return nil unless entry.is_a?(Net::LDAP::Entry)
# extract required attributes
attrs = required_attributes_values(entry)
# extract attributes
attrs = attributes_values(entry)
# not sure if there is a case were search result without a DN
# but just to be on the safe side.
......
}
end
def required_attributes_values entry
Hash[required_ldap_attributes.map do |name, value|
value = entry[value].is_a?(Array) ? entry[value].first : entry[value]
[name, value.to_s]
def optional_ldap_attributes
{ :avatar => attr_photo }
end
def attributes_values entry
Hash[required_ldap_attributes.merge(optional_ldap_attributes).map do |name, value|
next if entry[value].empty? and optional_ldap_attributes.keys.include? name
if name.eql? :avatar
[:avatar_hash, store_avatar(entry[value].first)]
else
value = entry[value].is_a?(Array) ? entry[value].first : entry[value]
[name, value.to_s]
end
end]
end
def store_avatar avatar
avatar_path = "#{Rails.public_path}/assets/avatars"
avatar_hash = Digest::SHA1.hexdigest(avatar)
avatar_file = "#{avatar_path}/#{avatar_hash}.jpg"
unless FileTest.exist? avatar_file
FileUtils.mkdir_p(avatar_path)
File.open(avatar_file, 'w') { |f| f.write(avatar) }
end
avatar_hash
end
def validate_ldap_filter
Net::LDAP::Filter.construct(ldap_filter)
rescue Net::LDAP::LdapError => text
......
entries = ldap_con.search(:base => base_dn,
:filter => object_filter & login_filter,
# only ask for the DN if on-the-fly registration is disabled
:attributes => required_ldap_attributes.values)
:attributes => required_ldap_attributes.values + optional_ldap_attributes.values)
unless ldap_con.get_operation_result.code == 0
logger.warn "Search Result: #{ldap_con.get_operation_result.code}"
logger.warn "Search Message: #{ldap_con.get_operation_result.message}"
app/models/user.rb
# user is already in local database
if (user = unscoped.find_by_login(login))
# user has an authentication method and the authentication was successful
if user.auth_source and user.auth_source.authenticate(login, password)
if user.auth_source and attrs=user.auth_source.authenticate(login, password)
logger.debug "Authenticated user #{user} against #{user.auth_source} authentication source"
# update with returned attrs, maybe some info changed in LDAP
old_hash = user.avatar_hash
User.as :admin do
user.update_attributes(attrs.slice(:firstname, :lastname, :mail, :avatar_hash))
end if attrs.is_a? Hash
# clean up old avatar if it exists and the image isn't in use by anyone else
if old_hash.present? && user.avatar_hash != old_hash && !User.unscoped.where(:avatar_hash => old_hash).any?
File.delete "#{Rails.public_path}/avatars/#{old_hash}.jpg" if File.exist? old_avatar
end
else
logger.debug "Failed to authenticate #{user} against #{user.auth_source} authentication source"
user = nil
app/views/api/v1/auth_source_ldaps/show.json.rabl
object @auth_source_ldap
attributes :id, :type, :name, :host, :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :onthefly_register, :tls, :created_at, :updated_at
attributes :id, :type, :name, :host, :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :attr_photo, :onthefly_register, :tls, :created_at, :updated_at
app/views/api/v2/auth_source_ldaps/main.json.rabl
extends "api/v2/auth_source_ldaps/base"
attributes :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :onthefly_register, :tls, :created_at, :updated_at
attributes :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :attr_photo, :onthefly_register, :tls, :created_at, :updated_at
app/views/auth_source_ldaps/_form.html.erb
<%= text_f f, :attr_firstname, :help_inline => _("e.g. givenName") %>
<%= text_f f, :attr_lastname, :help_inline => _("e.g. sn") %>
<%= text_f f, :attr_mail, :help_inline => _("e.g. mail") %>
<%= text_f f, :attr_photo, :label => _("Photo attribute"), :help_inline => _("e.g. jpegPhoto") %>
</div>
</div>
app/views/users/index.html.erb
</tr>
<% for user in @users %>
<tr>
<td><%= gravatar_image_tag user.mail, :class => "gravatar" %> <%=link_to_if_authorized h(user.login), hash_for_edit_user_path(:id => user.id).merge(:auth_object => user, :authorizer => authorizer) %></td>
<td><%= avatar_image_tag user, :class => "avatar" %> <%=link_to_if_authorized h(user.login), hash_for_edit_user_path(:id => user.id).merge(:auth_object => user, :authorizer => authorizer) %></td>
<td><%=h user.firstname %></td>
<td><%=h user.lastname %></td>
<td><%=h user.mail %></td>
db/migrate/20131212125626_add_ldap_avatar_support.rb
class AddLdapAvatarSupport < ActiveRecord::Migration
def change
add_column :auth_sources, :attr_photo, :string
add_column :users, :avatar_hash, :string, :limit => 128
end
def down
remove_column :users, :avatar_hash
remove_column :auth_sources, :attr_photo
end
end

Also available in: Unified diff