Revision d424cab5
Added by Stephen Benjamin about 10 years ago
app/assets/stylesheets/application.scss | ||
---|---|---|
.form-group.condensed.error textarea{border-color: #b94a48;}
|
||
.form-group.condensed.warning textarea{border-color: #c09853;}
|
||
|
||
.gravatar{
|
||
.avatar{
|
||
width: 30px;
|
||
height: 30px;
|
||
-webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px;
|
app/controllers/api/v1/auth_source_ldaps_controller.rb | ||
---|---|---|
param :attr_firstname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_lastname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_mail, String, :desc => "required if onthefly_register is true"
|
||
param :attr_photo, String
|
||
param :onthefly_register, :bool
|
||
param :tls, :bool
|
||
end
|
||
... | ... | |
param :attr_firstname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_lastname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_mail, String, :desc => "required if onthefly_register is true"
|
||
param :attr_photo, String
|
||
param :onthefly_register, :bool
|
||
param :tls, :bool
|
||
end
|
app/controllers/api/v2/auth_source_ldaps_controller.rb | ||
---|---|---|
param :attr_firstname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_lastname, String, :desc => "required if onthefly_register is true"
|
||
param :attr_mail, String, :desc => "required if onthefly_register is true"
|
||
param :attr_photo, String
|
||
param :onthefly_register, :bool
|
||
param :tls, :bool
|
||
end
|
app/helpers/application_helper.rb | ||
---|---|---|
end
|
||
end
|
||
|
||
def gravatar_image_tag(email, html_options = {})
|
||
default_image = path_to_image("user.jpg")
|
||
html_options.merge!(:onerror=>"this.src='#{default_image}'")
|
||
image_url = Setting["use_gravatar"] ? gravatar_url(email, default_image) : default_image
|
||
def avatar_image_tag(user, html_options = {})
|
||
if user.avatar_hash.nil?
|
||
default_image = path_to_image("user.jpg")
|
||
if Setting["use_gravatar"]
|
||
image_url = gravatar_url(user.mail, default_image)
|
||
html_options.merge!(:onerror=>"this.src='#{default_image}'", :alt => _('Change your avatar at gravatar.com'))
|
||
else
|
||
image_url = default_image
|
||
end
|
||
else
|
||
image_url = path_to_image("avatars/#{user.avatar_hash}.jpg")
|
||
end
|
||
return image_tag(image_url, html_options)
|
||
end
|
||
|
app/helpers/home_helper.rb | ||
---|---|---|
end
|
||
|
||
def user_header
|
||
summary = gravatar_image_tag(User.current.mail, :class=>'gravatar small', :alt=>_('Change your avatar at gravatar.com')) +
|
||
summary = avatar_image_tag(User.current, :class=>'avatar small') +
|
||
"#{User.current.to_label} " + content_tag(:span, "", :class=>'caret')
|
||
link_to(summary.html_safe, "#", :class => "dropdown-toggle", :'data-toggle'=>"dropdown", :id => "account_menu")
|
||
end
|
app/models/auth_sources/auth_source_ldap.rb | ||
---|---|---|
entry = search_for_user_entries(login, password)
|
||
return nil unless entry.is_a?(Net::LDAP::Entry)
|
||
|
||
# extract required attributes
|
||
attrs = required_attributes_values(entry)
|
||
# extract attributes
|
||
attrs = attributes_values(entry)
|
||
|
||
# not sure if there is a case were search result without a DN
|
||
# but just to be on the safe side.
|
||
... | ... | |
}
|
||
end
|
||
|
||
def required_attributes_values entry
|
||
Hash[required_ldap_attributes.map do |name, value|
|
||
value = entry[value].is_a?(Array) ? entry[value].first : entry[value]
|
||
[name, value.to_s]
|
||
def optional_ldap_attributes
|
||
{ :avatar => attr_photo }
|
||
end
|
||
|
||
def attributes_values entry
|
||
Hash[required_ldap_attributes.merge(optional_ldap_attributes).map do |name, value|
|
||
next if entry[value].empty? and optional_ldap_attributes.keys.include? name
|
||
if name.eql? :avatar
|
||
[:avatar_hash, store_avatar(entry[value].first)]
|
||
else
|
||
value = entry[value].is_a?(Array) ? entry[value].first : entry[value]
|
||
[name, value.to_s]
|
||
end
|
||
end]
|
||
end
|
||
|
||
def store_avatar avatar
|
||
avatar_path = "#{Rails.public_path}/assets/avatars"
|
||
avatar_hash = Digest::SHA1.hexdigest(avatar)
|
||
avatar_file = "#{avatar_path}/#{avatar_hash}.jpg"
|
||
unless FileTest.exist? avatar_file
|
||
FileUtils.mkdir_p(avatar_path)
|
||
File.open(avatar_file, 'w') { |f| f.write(avatar) }
|
||
end
|
||
avatar_hash
|
||
end
|
||
|
||
def validate_ldap_filter
|
||
Net::LDAP::Filter.construct(ldap_filter)
|
||
rescue Net::LDAP::LdapError => text
|
||
... | ... | |
entries = ldap_con.search(:base => base_dn,
|
||
:filter => object_filter & login_filter,
|
||
# only ask for the DN if on-the-fly registration is disabled
|
||
:attributes => required_ldap_attributes.values)
|
||
:attributes => required_ldap_attributes.values + optional_ldap_attributes.values)
|
||
unless ldap_con.get_operation_result.code == 0
|
||
logger.warn "Search Result: #{ldap_con.get_operation_result.code}"
|
||
logger.warn "Search Message: #{ldap_con.get_operation_result.message}"
|
app/models/user.rb | ||
---|---|---|
# user is already in local database
|
||
if (user = unscoped.find_by_login(login))
|
||
# user has an authentication method and the authentication was successful
|
||
if user.auth_source and user.auth_source.authenticate(login, password)
|
||
if user.auth_source and attrs=user.auth_source.authenticate(login, password)
|
||
logger.debug "Authenticated user #{user} against #{user.auth_source} authentication source"
|
||
|
||
# update with returned attrs, maybe some info changed in LDAP
|
||
old_hash = user.avatar_hash
|
||
User.as :admin do
|
||
user.update_attributes(attrs.slice(:firstname, :lastname, :mail, :avatar_hash))
|
||
end if attrs.is_a? Hash
|
||
|
||
# clean up old avatar if it exists and the image isn't in use by anyone else
|
||
if old_hash.present? && user.avatar_hash != old_hash && !User.unscoped.where(:avatar_hash => old_hash).any?
|
||
File.delete "#{Rails.public_path}/avatars/#{old_hash}.jpg" if File.exist? old_avatar
|
||
end
|
||
else
|
||
logger.debug "Failed to authenticate #{user} against #{user.auth_source} authentication source"
|
||
user = nil
|
app/views/api/v1/auth_source_ldaps/show.json.rabl | ||
---|---|---|
object @auth_source_ldap
|
||
|
||
attributes :id, :type, :name, :host, :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :onthefly_register, :tls, :created_at, :updated_at
|
||
attributes :id, :type, :name, :host, :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :attr_photo, :onthefly_register, :tls, :created_at, :updated_at
|
app/views/api/v2/auth_source_ldaps/main.json.rabl | ||
---|---|---|
|
||
extends "api/v2/auth_source_ldaps/base"
|
||
|
||
attributes :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :onthefly_register, :tls, :created_at, :updated_at
|
||
attributes :port, :account, :base_dn, :ldap_filter, :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :attr_photo, :onthefly_register, :tls, :created_at, :updated_at
|
app/views/auth_source_ldaps/_form.html.erb | ||
---|---|---|
<%= text_f f, :attr_firstname, :help_inline => _("e.g. givenName") %>
|
||
<%= text_f f, :attr_lastname, :help_inline => _("e.g. sn") %>
|
||
<%= text_f f, :attr_mail, :help_inline => _("e.g. mail") %>
|
||
<%= text_f f, :attr_photo, :label => _("Photo attribute"), :help_inline => _("e.g. jpegPhoto") %>
|
||
</div>
|
||
</div>
|
||
|
app/views/users/index.html.erb | ||
---|---|---|
</tr>
|
||
<% for user in @users %>
|
||
<tr>
|
||
<td><%= gravatar_image_tag user.mail, :class => "gravatar" %> <%=link_to_if_authorized h(user.login), hash_for_edit_user_path(:id => user.id).merge(:auth_object => user, :authorizer => authorizer) %></td>
|
||
<td><%= avatar_image_tag user, :class => "avatar" %> <%=link_to_if_authorized h(user.login), hash_for_edit_user_path(:id => user.id).merge(:auth_object => user, :authorizer => authorizer) %></td>
|
||
<td><%=h user.firstname %></td>
|
||
<td><%=h user.lastname %></td>
|
||
<td><%=h user.mail %></td>
|
db/migrate/20131212125626_add_ldap_avatar_support.rb | ||
---|---|---|
class AddLdapAvatarSupport < ActiveRecord::Migration
|
||
def change
|
||
add_column :auth_sources, :attr_photo, :string
|
||
add_column :users, :avatar_hash, :string, :limit => 128
|
||
end
|
||
|
||
def down
|
||
remove_column :users, :avatar_hash
|
||
remove_column :auth_sources, :attr_photo
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #3827 - adds ldap avatar support