Add LDAP::Person#ad_disabled?

Check the bit for disabled Active Directory users. The filter is based on http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/ .

Add LDAP::Person#ad_disabled?
Check the bit for disabled Active Directory users. The filter is based on http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/ .
Jacob Vosmaer
1 parent d54133b0
Showing 1 changed file with 7 additions and 0 deletions Show diff stats
lib/gitlab/ldap/person.rb
 module Gitlab
   module LDAP
     class Person
+      AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", 2)
+
       def self.find_by_uid(uid, adapter=nil)
         adapter ||= Gitlab::LDAP::Adapter.new
         adapter.user(config.uid, uid)
@@ -11,6 +13,11 @@ module Gitlab
         adapter.user('dn', dn)
       end
  
+      def self.ad_disabled?(dn, adapter=nil)
+        adapter ||= Gitlab::LDAP::Adapter.new
+        adapter.dn_matches_filter?(dn, AD_USER_DISABLED)
+      end
+
       def initialize(entry)
         Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
         @entry = entry
1	1	module Gitlab
2	2	module LDAP
3	3	class Person
	4	+ AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", 2)
	5	+
4	6	def self.find_by_uid(uid, adapter=nil)
5	7	adapter \|\|= Gitlab::LDAP::Adapter.new
6	8	adapter.user(config.uid, uid)
...	...	@@ -11,6 +13,11 @@ module Gitlab
11	13	adapter.user('dn', dn)
12	14	end
13	15
	16	+ def self.ad_disabled?(dn, adapter=nil)
	17	+ adapter \|\|= Gitlab::LDAP::Adapter.new
	18	+ adapter.dn_matches_filter?(dn, AD_USER_DISABLED)
	19	+ end
	20	+
14	21	def initialize(entry)
15	22	Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
16	23	@entry = entry
...	...