Add member search Detect strategy

mtodd · mtodd · commit 05cb39cb9b86 · 2014-12-03T15:59:29.000-08:00
diff --git a/lib/github/ldap/member_search.rb b/lib/github/ldap/member_search.rb
@@ -1,3 +1,4 @@
+require 'github/ldap/member_search/detect'
 require 'github/ldap/member_search/classic'
 require 'github/ldap/member_search/recursive'
 
diff --git a/lib/github/ldap/member_search/detect.rb b/lib/github/ldap/member_search/detect.rb
@@ -0,0 +1,71 @@
+module GitHub
+  class Ldap
+    module MemberSearch
+      # Detects the LDAP host's capabilities and determines the appropriate
+      # member search strategy at runtime.
+      #
+      # Currently detects for ActiveDirectory in-chain membership validation.
+      #
+      # An explicit strategy can also be defined via
+      # `GitHub::Ldap#member_search_strategy=`.
+      #
+      # See also `GitHub::Ldap#configure_member_search_strategy`.
+      class Detect
+        # Defines `active_directory_capability?` and necessary helpers.
+        include GitHub::Ldap::Capabilities
+
+        # Internal: The GitHub::Ldap object to search domains with.
+        attr_reader :ldap
+
+        # Internal: The Hash of options to pass through to the strategy.
+        attr_reader :options
+
+        # Public: Instantiate a meta strategy to detect the right strategy
+        # to use for the search, and call that strategy, at runtime.
+        #
+        # - ldap:    GitHub::Ldap object
+        # - options: Hash of options (passed through)
+        def initialize(ldap, options = {})
+          @ldap    = ldap
+          @options = options
+        end
+
+        # Public: Performs search for group members via the appropriate search
+        # strategy detected/configured.
+        #
+        # Returns Array of Net::LDAP::Entry objects.
+        def perform(entry)
+          strategy.perform(entry)
+        end
+
+        # Internal: Returns the member search strategy object.
+        def strategy
+          @strategy ||= begin
+            strategy = detect_strategy
+            strategy.new(ldap, options)
+          end
+        end
+
+        # Internal: Find the most appropriate search strategy, either by
+        # configuration or by detecting the host's capabilities.
+        #
+        # Returns the strategy class.
+        def detect_strategy
+          case
+          when GitHub::Ldap::MemberSearch::STRATEGIES.key?(strategy_config)
+            GitHub::Ldap::MemberSearch::STRATEGIES[strategy_config]
+          when active_directory_capability?
+            GitHub::Ldap::MemberSearch::STRATEGIES[:active_directory]
+          else
+            GitHub::Ldap::MemberSearch::STRATEGIES[:recursive]
+          end
+        end
+
+        # Internal: Returns the configured member search strategy Symbol.
+        def strategy_config
+          ldap.member_search_strategy
+        end
+      end
+    end
+  end
+end
diff --git a/test/member_search/detect_test.rb b/test/member_search/detect_test.rb
@@ -0,0 +1,42 @@
+require_relative '../test_helper'
+
+# NOTE: Since this strategy is targeted at detecting ActiveDirectory
+# capabilities, and we don't have AD setup in CI, we stub out actual queries
+# and test against what AD *would* respond with.
+
+class GitHubLdapDetectMemberSearchTest < GitHub::Ldap::Test
+  include GitHub::Ldap::Capabilities
+
+  def setup
+    @ldap      = GitHub::Ldap.new(options.merge(search_domains: %w(dc=github,dc=com)))
+    @domain    = @ldap.domain("dc=github,dc=com")
+    @entry     = @domain.user?('user1')
+    @strategy  = GitHub::Ldap::MemberSearch::Detect.new(@ldap)
+  end
+
+  def test_defers_to_configured_strategy
+    @ldap.configure_member_search_strategy(:classic)
+
+    assert_kind_of GitHub::Ldap::MemberSearch::Classic, @strategy.strategy
+  end
+
+  def test_detects_active_directory
+    caps = Net::LDAP::Entry.new
+    caps[:supportedcapabilities] = [ACTIVE_DIRECTORY_V61_R2_OID]
+
+    @ldap.stub :capabilities, caps do
+      assert_kind_of GitHub::Ldap::MemberSearch::ActiveDirectory,
+      @strategy.strategy
+    end
+  end
+
+  def test_falls_back_to_recursive
+    caps = Net::LDAP::Entry.new
+    caps[:supportedcapabilities] = []
+
+    @ldap.stub :capabilities, caps do
+      assert_kind_of GitHub::Ldap::MemberSearch::Recursive,
+      @strategy.strategy
+    end
+  end
+end

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+require 'github/ldap/member_search/detect'`
`1`	`2`	`require 'github/ldap/member_search/classic'`
`2`	`3`	`require 'github/ldap/member_search/recursive'`
`3`	`4`