puppet/ldapquery
1
0
Fork 0
mirror of https://github.com/philippdieter/puppet-ldapquery.git synced 2025-10-13 12:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for scoped queries

Browse Source 
This work adds support for setting the scope of a given query.  This
allows retrieval of a specific objects, or searching at a specific level
of the tree for the desired results.
This commit is contained in:
Zach Leslie 2016-05-08 12:43:16 -07:00
parent d56300b2eb
commit 1a7a4894b1
2 changed files with 39 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/puppet/parser/functions/ldapquery.rb
View File

@ -1,3 +1,11 @@
# Provides a query interface to an LDAP server
#
# @example simple query
# ldapquery("(objectClass=dnsDomain)", ['dc'])
#
# @example more complex query for ssh public keys
# ldapquery('(&(objectClass=ldapPublicKey)(sshPublicKey=*)(objectClass=posixAccount))', ['uid', 'sshPublicKey'])
#
require_relative '../../../puppet_x/ldapquery' require_relative '../../../puppet_x/ldapquery'
begin begin
@ -9,14 +17,15 @@ end
Puppet::Parser::Functions.newfunction(:ldapquery, Puppet::Parser::Functions.newfunction(:ldapquery,
:type => :rvalue) do |args| :type => :rvalue) do |args|
if args.size > 3 if args.size > 4
raise Puppet::ParseError, "Too many arguments received in ldapquery()" raise Puppet::ParseError, "Too many arguments received in ldapquery()"
end end
filter, attributes, base = args filter, attributes, base, scope = args
attributes ||= [] attributes ||= []
base ||= Puppet[:ldapbase] base ||= Puppet[:ldapbase]
scope ||= 'sub'
return PuppetX::LDAPquery.new(filter, attributes, base).results return PuppetX::LDAPquery.new(filter, attributes, base, scope).results
end end

37
lib/puppet_x/ldapquery.rb
View File

@ -8,11 +8,24 @@ module PuppetX
def initialize( def initialize(
filter, filter,
attributes=[], attributes=[],
base=Puppet[:ldapbase] base=Puppet[:ldapbase],
scope='sub'
) )
@filter = filter @filter = filter
@attributes = attributes @attributes = attributes
@base = base @base = base
if scope
if scope == 'sub'
@scope = Net::LDAP::SearchScope_WholeSubtree
elsif scope == 'base'
@scope = Net::LDAP::SearchScope_BaseObject
elsif scope == 'single'
@scope = Net::LDAP::SearchScope_SingleLevel
else
raise Puppet::ParseError, 'Received param "scope" not one of ["sub","base","single"]'
end
end
end end
def get_config def get_config
@ -66,23 +79,27 @@ module PuppetX
# Query the LDAP server for attributes using the filter # Query the LDAP server for attributes using the filter
# #
# Returns: An array of Net::LDAP::Entry objects # Returns: An array of Net::LDAP::Entry objects
ldapfilter = @filter
attributes = @attributes
base = @base
conf = self.get_config() conf = self.get_config()
start_time = Time.now start_time = Time.now
ldap = Net::LDAP.new(conf) ldap = Net::LDAP.new(conf)
ldapfilter = Net::LDAP::Filter.construct(@filter)
search_args = {
:base => @base,
:attributes => @attributes,
:scope => @scope,
:time => 10,
}
if @filter and @filter.length > 0
ldapfilter = Net::LDAP::Filter.construct(@filter)
search_args[:filter] = ldapfilter
end
entries = [] entries = []
begin begin
ldap.search(:base => base, ldap.search(search_args) do |entry|
:filter => ldapfilter,
:attributes => attributes,
:time => 10) do |entry|
entries << entry entries << entry
end end
end_time = Time.now end_time = Time.now