Chris@1494: # Redmine - project management software Chris@1494: # Copyright (C) 2006-2014 Jean-Philippe Lang Chris@1494: # Chris@1494: # This program is free software; you can redistribute it and/or Chris@1494: # modify it under the terms of the GNU General Public License Chris@1494: # as published by the Free Software Foundation; either version 2 Chris@1494: # of the License, or (at your option) any later version. Chris@1494: # Chris@1494: # This program is distributed in the hope that it will be useful, Chris@1494: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@1494: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@1494: # GNU General Public License for more details. Chris@1494: # Chris@1494: # You should have received a copy of the GNU General Public License Chris@1494: # along with this program; if not, write to the Free Software Chris@1494: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@1494: Chris@1494: # Generic exception for when the AuthSource can not be reached Chris@1494: # (eg. can not connect to the LDAP) Chris@1494: class AuthSourceException < Exception; end Chris@1494: class AuthSourceTimeoutException < AuthSourceException; end Chris@1494: Chris@1494: class AuthSource < ActiveRecord::Base Chris@1494: include Redmine::SubclassFactory Chris@1494: include Redmine::Ciphering Chris@1494: Chris@1494: has_many :users Chris@1494: Chris@1494: validates_presence_of :name Chris@1494: validates_uniqueness_of :name Chris@1494: validates_length_of :name, :maximum => 60 Chris@1494: Chris@1494: def authenticate(login, password) Chris@1494: end Chris@1494: Chris@1494: def test_connection Chris@1494: end Chris@1494: Chris@1494: def auth_method_name Chris@1494: "Abstract" Chris@1494: end Chris@1494: Chris@1494: def account_password Chris@1494: read_ciphered_attribute(:account_password) Chris@1494: end Chris@1494: Chris@1494: def account_password=(arg) Chris@1494: write_ciphered_attribute(:account_password, arg) Chris@1494: end Chris@1494: Chris@1494: def searchable? Chris@1494: false Chris@1494: end Chris@1494: Chris@1494: def self.search(q) Chris@1494: results = [] Chris@1494: AuthSource.all.each do |source| Chris@1494: begin Chris@1494: if source.searchable? Chris@1494: results += source.search(q) Chris@1494: end Chris@1494: rescue AuthSourceException => e Chris@1494: logger.error "Error while searching users in #{source.name}: #{e.message}" Chris@1494: end Chris@1494: end Chris@1494: results Chris@1494: end Chris@1494: Chris@1494: def allow_password_changes? Chris@1494: self.class.allow_password_changes? Chris@1494: end Chris@1494: Chris@1494: # Does this auth source backend allow password changes? Chris@1494: def self.allow_password_changes? Chris@1494: false Chris@1494: end Chris@1494: Chris@1494: # Try to authenticate a user not yet registered against available sources Chris@1494: def self.authenticate(login, password) Chris@1494: AuthSource.where(:onthefly_register => true).all.each do |source| Chris@1494: begin Chris@1494: logger.debug "Authenticating '#{login}' against '#{source.name}'" if logger && logger.debug? Chris@1494: attrs = source.authenticate(login, password) Chris@1494: rescue => e Chris@1494: logger.error "Error during authentication: #{e.message}" Chris@1494: attrs = nil Chris@1494: end Chris@1494: return attrs if attrs Chris@1494: end Chris@1494: return nil Chris@1494: end Chris@1494: end