diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index a27f2841..74dce24a 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,7 +1,8 @@ class SessionsController < Devise::SessionsController prepend_before_filter :require_no_authentication, :only => [ :new, :create ] include Devise::Controllers::InternalHelpers - + MiddleSiteConnection.establish + NccuLdapConnection.establish # POST /resource/sign_in def create @@ -10,42 +11,52 @@ class SessionsController < Devise::SessionsController login_password = params[:user][:password] login_uid = params[:user][:nccu_ldap_uid] result = false - ldap = Net::LDAP.new - #ldap.port = '8001' - #ldap.host = '127.0.0.1' - ldap.port = '389' - ldap.host = '140.119.166.23' ldap_filter = "(uid=#{login_uid})" - ldap_base = 'ou=People,dc=nccu,dc=edu,dc=tw' - ldap.authenticate("cn=uccn,ou=profile,dc=nccu,dc=edu,dc=tw","nccu2ucc") - if ldap.bind && login_password!='' #need to block password empty - result = ldap.bind_as(:base => ldap_base,:filter => ldap_filter,:password=> login_password) - if result + if $nccu_ldap_connection.bind + logger.info "=LDAP Binded password ok..." + result =check_auth_with_ldap(login_uid,login_password) + if result && login_password!='' + logger.info "==LDAP password passed..." nccu_id = get_nccu_id_from_mid_site(login_uid) resource = nccu_id.nil? ? nil : (User.first(conditions:{ nccu_id: nccu_id })) # resource = env['warden'].authenticate!(:check_nccu_ldap) # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new") set_flash_message(:notice, :signed_in) if is_navigational_format? if (resource.nil? || nccu_id.nil?) + logger.error "===LDAP passed local block... resource:#{resource.inspect}\n nccu_id:#{nccu_id} \t login_uid:#{login_uid}" flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit') render :action => "new" else + logger.info "===ALL passed" resource_name = resource._type.downcase sign_in(resource_name, resource) respond_with resource, :location => redirect_location(resource_name, resource) end + elsif resource = User.first(conditions:{email: login_uid}) + + resource_name = resource._type.downcase + sign_in(resource_name, resource) + respond_with resource, :location => redirect_location(resource_name, resource) else + logger.error "==password LDAP fail..." flash[:notice] = t('devise.failure.ldap_invalid') render :action => "new" end else + logger.error "=LDAP fail..." flash[:notice] = t('devise.failure.ldap_connection_failed') render :action => "new" end + logger.info "=======End Debugging======" end private + def check_auth_with_ldap(login_uid,login_password) + ldap_filter = "(uid=#{login_uid})" + $nccu_ldap_connection.bind_as(:base => NccuLdapConnection::BASE,:filter => ldap_filter,:password=> login_password) rescue false + end + def get_nccu_id_from_mid_site(ldap_id) - nccu_id = MID_CLIENT.query("SELECT nccu_id FROM rss_aaldap_view WHERE ldap_id='#{ldap_id}' LIMIT 1").first['nccu_id'] rescue nil + nccu_id = $mid_site_connection.query("SELECT nccu_id FROM rss_aaldap_view WHERE ldap_id='#{ldap_id}' LIMIT 1").first['nccu_id'] rescue nil # # if nccu_id.nil? # #show_error @@ -53,7 +64,7 @@ private # #should return? # end # # User.first(conditions: { }) - # rss_pautlst_ut = MID_CLIENT.query("SELECT * FROM rss_pautlst_ut WHERE nccu_id='#{nccu_id}' LIMIT 1").first rescue nil + # rss_pautlst_ut = $mid_site_connection.query("SELECT * FROM rss_pautlst_ut WHERE nccu_id='#{nccu_id}' LIMIT 1").first rescue nil # # rss_paunit = client.query("SELECT * FROM rss_paunit LIMIT 1").first rescue nil # user = User.find_or_create_by(:nccu_id => nccu_id) # p user diff --git a/config/initializers/middle_site_connection.rb b/config/initializers/middle_site_connection.rb index 4f20995a..345ad464 100644 --- a/config/initializers/middle_site_connection.rb +++ b/config/initializers/middle_site_connection.rb @@ -1,14 +1,21 @@ #encoding: utf-8 - require 'mysql2' +$mid_site_connection -mid_host = { - :host => 'mruling.nccu.edu.tw', #mruling.nccu.edu.tw or 127.0.0.1 - :port => 3306, #3306 or 8005 - :username => "root", - :password => "a3G6yWd9", - :database => "RSS23_NCCU_MIDDLE", - :encoding => "UTF8" -} -MID_CLIENT = Mysql2::Client.new(mid_host) +module MiddleSiteConnection + + @mid_host = { + :host => 'mruling.nccu.edu.tw', #mruling.nccu.edu.tw or 127.0.0.1 + :port => 3306, #3306 or 8005 + :username => "rulingcom", + :password => "5w3iJQ9OJQMGhJibKP6YQje8", + :database => "RSS23_NCCU_MIDDLE", + :encoding => "UTF8" + } + + def self.establish + $mid_site_connection = Mysql2::Client.new(@mid_host) + end + +end \ No newline at end of file diff --git a/config/nccu_mid_site.yml b/config/nccu_mid_site.yml new file mode 100644 index 00000000..d6b35603 --- /dev/null +++ b/config/nccu_mid_site.yml @@ -0,0 +1,9 @@ +nccu_mid_site: + adapter: mysql2 + encoding: utf8 + reconnect: true + database: RSS23_NCCU_MIDDLE + pool: 5 + username: rulingcom + password: 5w3iJQ9OJQMGhJibKP6YQje8 + socket: /tmp/mysql.sock \ No newline at end of file diff --git a/lib/tasks/mid_site_sync.rake b/lib/tasks/mid_site_sync.rake index 89684985..d2b69daa 100644 --- a/lib/tasks/mid_site_sync.rake +++ b/lib/tasks/mid_site_sync.rake @@ -8,7 +8,7 @@ namespace :mid_site do admin_role = nil sub_role = nil test_account_ldap_id ='139716' - + MiddleSiteConnection.establish task :sync => :environment do info_profile = Info.first(conditions: {:key => 'profile'}) @@ -27,8 +27,8 @@ namespace :mid_site do sub_role end - users_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})") - ut_data_from_mid = MID_CLIENT.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe = '1' AND ut_grp != '3' AND up_ut_cod != 'F00' ORDER BY ut_odr, ut_cod") + users_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})") + ut_data_from_mid = $mid_site_connection.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe = '1' AND ut_grp != '3' AND up_ut_cod != 'F00' ORDER BY ut_odr, ut_cod") remote_list = users_from_mid.collect{|t| t["nccu_id"]} #remove delete user sho has been deleted at remote first @@ -72,7 +72,7 @@ namespace :mid_site do # admin_role = Role.find_or_create_by( key: 'administrator') # sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center') - user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1") + user_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1") admin_at_mid = user_from_mid.first user_first_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][3..-1] : admin_at_mid["psn_nam"][1..-1] user_last_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][1..2] : admin_at_mid["psn_nam"][0] @@ -95,7 +95,7 @@ namespace :mid_site do # sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center') info_profile = Info.first(conditions: {:key => 'profile'}) - user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE nccu_id = '#{admins_nccu_id}' limit 1") + user_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut WHERE nccu_id = '#{admins_nccu_id}' limit 1") admin_at_mid = user_from_mid.first user_first_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][3..-1] : admin_at_mid["psn_nam"][1..-1] user_last_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][1..2] : admin_at_mid["psn_nam"][0]