You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by Sam Ruby <ru...@apache.org> on 2016/04/01 23:56:08 UTC
[whimsy.git] [1/1] Commit 92897c8: start to factor out ldap authentication
Commit 92897c81b19ca1d55f29e93044342b8031b9aba2:
start to factor out ldap authentication
Branch: refs/heads/master
Author: Sam Ruby <ru...@intertwingly.net>
Committer: Sam Ruby <ru...@intertwingly.net>
Pusher: rubys <ru...@apache.org>
------------------------------------------------------------
www/roster/models.rb | ++
www/roster/models/ldap.rb | +++++++++++++++
www/roster/views/actions/sascore.json.rb | ++++ ---------
------------------------------------------------------------
56 changes: 39 additions, 17 deletions.
------------------------------------------------------------
diff --git a/www/roster/models.rb b/www/roster/models.rb
index 0cf8bb1..29636bc 100644
--- a/www/roster/models.rb
+++ b/www/roster/models.rb
@@ -3,3 +3,5 @@
require_relative 'models/committer'
require_relative 'models/committee'
require_relative 'models/group'
+
+require_relative 'models/ldap'
diff --git a/www/roster/models/ldap.rb b/www/roster/models/ldap.rb
new file mode 100644
index 0000000..906f63b
--- /dev/null
+++ b/www/roster/models/ldap.rb
@@ -0,0 +1,30 @@
+#
+# Implement an _ldap command for json actions.
+#
+# Once tested, this code could migrate into whimsy/asf, and be available
+# for all Rack application (e.g., secmail, board/agenda, roster)
+#
+
+# provide methods to encapsulate updates update LDAP
+module ASF
+ module LDAP
+ class JsonBuilder
+ def initialize(env)
+ @env = env
+ end
+
+ def update(&block)
+ ASF::LDAP.bind(@env.user, @env.password, &block)
+ end
+ end
+ end
+end
+
+# provide _ldap command which forwards requests to the ASF::LDAP::JsonBuilder
+module Wunderbar
+ class JsonBuilder
+ def _ldap
+ ASF::LDAP::JsonBuilder.new(env)
+ end
+ end
+end
diff --git a/www/roster/views/actions/sascore.json.rb b/www/roster/views/actions/sascore.json.rb
index 0ae46fd..afee769 100644
--- a/www/roster/views/actions/sascore.json.rb
+++ b/www/roster/views/actions/sascore.json.rb
@@ -2,26 +2,16 @@
# Update LDAP SpamAssassin score attribute for a committer
#
-# probably not needed as LDAP will fail anyway, but ensure that the user
-# has authority to update fields
-unless
- env.user == @userid or
- ASF::Service.find('asf-secretary').members.include? ASF::Person.find(env.user)
-then
- raise Error.new('unauthorized')
-end
-
# update LDAP
-if env.password
- ASF::LDAP.bind(env.user, env.password) do
- person = ASF::Person.find(@userid)
+_ldap.update do
+ person = ASF::Person.find(@userid)
+
+ # report the previous value in the response
+ _previous sascore: person.attrs['asf-sascore']
- if @sascore
- person.modify 'asf-sascore', @sascore
- end
+ if @sascore and not @dryrun
+ person.modify 'asf-sascore', @sascore
end
-else
- STDERR.puts 'unable to access password'
end
# return updated committer info