From: Peter Karman <perl@peknet.com>
Date: Sat, 28 Aug 2010 04:46:57 +0000 (+0000)
Subject: add documentation for AD; add User methods per RT #60793
X-Git-Tag: v1.012~3
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Authentication-Store-LDAP.git;a=commitdiff_plain;h=57d476f11c5e55a1d39c6f5b5ac56ab31e2d9226

add documentation for AD; add User methods per RT #60793
---

diff --git a/Changes b/Changes
index e850fb8..870cc0e 100644
--- a/Changes
+++ b/Changes
@@ -1,3 +1,10 @@
+1.012  xxx
+  - add methods conforming to the Catalyst::Authentication::User API
+    as required here: 
+    http://search.cpan.org/dist/Catalyst-Plugin-Authentication/lib/Catalyst/Plugin/Authentication/Internals.pod#USER_METHODS
+    Nudging provided via RT https://rt.cpan.org/Ticket/Display.html?id=60793
+  - add documentation for Active Directory at suggestion of Adam Wohld
+
 1.011  7 July 2010
   - fix t/05-user_attributes.t to skip correct number of tests if
     Catalyst::Model::LDAP is not installed.
diff --git a/README b/README
index 1ffefe6..d7700cb 100644
--- a/README
+++ b/README
@@ -37,7 +37,7 @@ SYNOPSIS
                    user_basedn         => "ou=people,dc=yourcompany,dc=com",
                    user_field          => "uid",
                    user_filter         => "(&(objectClass=posixAccount)(uid=%s))",
-                   user_scope          => "one",
+                   user_scope          => "one", # or "sub" for Active Directory
                    user_search_options => { deref => "always" },
                    user_results_filter => sub { return shift->pop_entry },
                  },
@@ -131,7 +131,8 @@ CONFIGURATION OPTIONS
 
         user_basedn: ou=Domain Users,ou=Accounts,dc=mycompany,dc=com
         user_field:  samaccountname
-        user_filter: (sAMAccountName=%s)
+        user_filter: (sAMAccountName=%s) 
+        user_scope: sub
 
     He also notes: "I found the case in the value of user_field to be
     significant: it didn't seem to work when I had the mixed case value
@@ -220,7 +221,7 @@ CONFIGURATION OPTIONS
                               }
                               return undef; # i.e., no match
                             }
-
+ 
   use_roles
     Whether or not to enable role lookups. It defaults to true; set it to 0
     if you want to always avoid role lookups.
diff --git a/lib/Catalyst/Authentication/Store/LDAP.pm b/lib/Catalyst/Authentication/Store/LDAP.pm
index 4a43a7c..38c1487 100644
--- a/lib/Catalyst/Authentication/Store/LDAP.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP.pm
@@ -3,7 +3,7 @@ package Catalyst::Authentication::Store::LDAP;
 use strict;
 use warnings;
 
-our $VERSION = '1.011';
+our $VERSION = '1.012';
 
 use Catalyst::Authentication::Store::LDAP::Backend;
 
@@ -60,7 +60,7 @@ Catalyst::Authentication::Store::LDAP
                user_basedn         => "ou=people,dc=yourcompany,dc=com",
                user_field          => "uid",
                user_filter         => "(&(objectClass=posixAccount)(uid=%s))",
-               user_scope          => "one",
+               user_scope          => "one", # or "sub" for Active Directory
                user_search_options => { deref => "always" },
                user_results_filter => sub { return shift->pop_entry },
              },
@@ -156,6 +156,7 @@ tweeks to the example configuration will work:
     user_basedn: ou=Domain Users,ou=Accounts,dc=mycompany,dc=com
     user_field:  samaccountname
     user_filter: (sAMAccountName=%s) 
+    user_scope: sub
 
 He also notes: "I found the case in the value of user_field to be significant: 
 it didn't seem to work when I had the mixed case value there."
diff --git a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
index 5602802..aaac17b 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
@@ -31,7 +31,7 @@ Catalyst::Authentication::Store::LDAP::Backend
             },
             'user_basedn' => 'ou=people,dc=yourcompany,dc=com',
             'user_filter' => '(&(objectClass=posixAccount)(uid=%s))',
-            'user_scope' => 'one',
+            'user_scope' => 'one',  # or 'sub' for Active Directory
             'user_field' => 'uid',
             'user_search_options' => {
                 'deref' => 'always',
@@ -72,7 +72,7 @@ use base qw( Class::Accessor::Fast );
 use strict;
 use warnings;
 
-our $VERSION = '1.011';
+our $VERSION = '1.012';
 
 use Catalyst::Authentication::Store::LDAP::User;
 use Net::LDAP;
diff --git a/lib/Catalyst/Authentication/Store/LDAP/User.pm b/lib/Catalyst/Authentication/Store/LDAP/User.pm
index 8141bc8..42e4417 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/User.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/User.pm
@@ -50,7 +50,7 @@ use strict;
 use warnings;
 use Scalar::Util qw/refaddr/;
 
-our $VERSION = '1.011';
+our $VERSION = '1.012';
 
 BEGIN { __PACKAGE__->mk_accessors(qw/user store/) }
 
@@ -239,6 +239,23 @@ sub has_attribute {
     }
 }
 
+=head2 get
+
+A simple wrapper around has_attribute() to satisfy the Catalyst::Authentication::User API.
+
+=cut
+
+sub get { return shift->has_attribute(@_) }
+
+=head2 get_object
+
+Satisfies the Catalyst::Authentication::User API and returns the contents of the user()
+attribute.
+
+=cut
+
+sub get_object { return shift->user }
+
 =head2 ldap_connection
 
 Re-binds to the auth store with the credentials of the user you logged in