Reflect login method. LDAP,MidSite connection. The Mysql connection now is build on fly.

2012-05-15 11:28:24 +08:00 · 2012-05-15 11:28:24 +08:00 · 551e1ef740
parent 59b55d1574
commit 551e1ef740
4 changed files with 55 additions and 28 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -1,7 +1,8 @@
 class SessionsController < Devise::SessionsController
  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  include Devise::Controllers::InternalHelpers
-
+  MiddleSiteConnection.establish
  NccuLdapConnection.establish
  # POST /resource/sign_in
  def create 
@ -10,42 +11,52 @@ class SessionsController < Devise::SessionsController
    login_password = params[:user][:password]
    login_uid = params[:user][:nccu_ldap_uid]
    result = false
    ldap = Net::LDAP.new
    #ldap.port = '8001'
    #ldap.host = '127.0.0.1'
     ldap.port = '389' 
     ldap.host = '140.119.166.23' 
    ldap_filter = "(uid=#{login_uid})"
-    ldap_base = 'ou=People,dc=nccu,dc=edu,dc=tw'
+    if $nccu_ldap_connection.bind
-    ldap.authenticate("cn=uccn,ou=profile,dc=nccu,dc=edu,dc=tw","nccu2ucc") 
+        logger.info "=LDAP Binded password ok..."
-    if ldap.bind && login_password!='' #need to block password empty
+        result =check_auth_with_ldap(login_uid,login_password) 
-        result = ldap.bind_as(:base => ldap_base,:filter => ldap_filter,:password=> login_password)
+        if result && login_password!=''
-        if result 
+          logger.info "==LDAP  password passed..."
          nccu_id = get_nccu_id_from_mid_site(login_uid)
          resource =  nccu_id.nil? ? nil : (User.first(conditions:{ nccu_id: nccu_id }))
           # resource = env['warden'].authenticate!(:check_nccu_ldap)
           # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
           set_flash_message(:notice, :signed_in) if is_navigational_format?
           if (resource.nil? || nccu_id.nil?)
             logger.error "===LDAP passed local block... resource:#{resource.inspect}\n nccu_id:#{nccu_id} \t login_uid:#{login_uid}"
             flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
             render :action => "new"
           else
             logger.info "===ALL passed"
             resource_name = resource._type.downcase
             sign_in(resource_name, resource)
             respond_with resource, :location => redirect_location(resource_name, resource)
           end
           elsif resource = User.first(conditions:{email: login_uid})
             resource_name = resource._type.downcase
             sign_in(resource_name, resource)
             respond_with resource, :location => redirect_location(resource_name, resource)
        else
          logger.error "==password LDAP fail..."
          flash[:notice] = t('devise.failure.ldap_invalid')
          render :action => "new" 
        end
      else
        logger.error "=LDAP fail..."
        flash[:notice] = t('devise.failure.ldap_connection_failed')
        render :action => "new"
      end
        logger.info "=======End Debugging======"
    end
 private  
  def check_auth_with_ldap(login_uid,login_password)
    ldap_filter = "(uid=#{login_uid})"
    $nccu_ldap_connection.bind_as(:base => NccuLdapConnection::BASE,:filter => ldap_filter,:password=> login_password) rescue false
  end
  def get_nccu_id_from_mid_site(ldap_id)
-    nccu_id = MID_CLIENT.query("SELECT nccu_id FROM rss_aaldap_view WHERE ldap_id='#{ldap_id}' LIMIT 1").first['nccu_id'] rescue nil
+    nccu_id = $mid_site_connection.query("SELECT nccu_id FROM rss_aaldap_view WHERE ldap_id='#{ldap_id}' LIMIT 1").first['nccu_id'] rescue nil
        # 
        # if  nccu_id.nil?
        #   #show_error 
@ -53,7 +64,7 @@ private
        #   #should return?
        # end
        # # User.first(conditions: {  })
-        # rss_pautlst_ut = MID_CLIENT.query("SELECT * FROM rss_pautlst_ut WHERE nccu_id='#{nccu_id}' LIMIT 1").first rescue nil
+        # rss_pautlst_ut = $mid_site_connection.query("SELECT * FROM rss_pautlst_ut WHERE nccu_id='#{nccu_id}' LIMIT 1").first rescue nil
        # # rss_paunit = client.query("SELECT * FROM rss_paunit  LIMIT 1").first rescue nil
        # user = User.find_or_create_by(:nccu_id => nccu_id)
        #  p user
--- a/config/initializers/middle_site_connection.rb
+++ b/config/initializers/middle_site_connection.rb
@ -1,14 +1,21 @@
 #encoding: utf-8
 require 'mysql2'
 $mid_site_connection
-mid_host = { 
+module  MiddleSiteConnection
  @mid_host = { 
    :host => 'mruling.nccu.edu.tw',  #mruling.nccu.edu.tw or 127.0.0.1
    :port => 3306, #3306 or 8005
-  :username => "root",
+    :username => "rulingcom",
-  :password => "a3G6yWd9",
+    :password => "5w3iJQ9OJQMGhJibKP6YQje8",
    :database => "RSS23_NCCU_MIDDLE",
    :encoding => "UTF8"
  }
-MID_CLIENT = Mysql2::Client.new(mid_host)
+
  def self.establish
    $mid_site_connection = Mysql2::Client.new(@mid_host)
  end
 end
--- a/config/nccu_mid_site.yml
+++ b/config/nccu_mid_site.yml
@ -0,0 +1,9 @@
 nccu_mid_site:
  adapter: mysql2
  encoding: utf8
  reconnect: true
  database: RSS23_NCCU_MIDDLE
  pool: 5
  username: rulingcom
  password: 5w3iJQ9OJQMGhJibKP6YQje8
  socket: /tmp/mysql.sock
--- a/lib/tasks/mid_site_sync.rake
+++ b/lib/tasks/mid_site_sync.rake
@ -8,7 +8,7 @@ namespace :mid_site do
  admin_role = nil
  sub_role = nil
  test_account_ldap_id ='139716'
-
+ MiddleSiteConnection.establish
  task :sync => :environment do
    info_profile = Info.first(conditions: {:key => 'profile'})
@ -27,8 +27,8 @@ namespace :mid_site do
      sub_role
    end
-    users_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})") 
+    users_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')})") 
-    ut_data_from_mid = MID_CLIENT.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe =  '1' AND ut_grp !=  '3' AND up_ut_cod !=  'F00' ORDER BY ut_odr, ut_cod")   
+    ut_data_from_mid = $mid_site_connection.query("SELECT ut_odr, ut_cod, up_ut_cod, ut_chi_m, ut_eng_m FROM rss_paunit WHERE ut_tpe =  '1' AND ut_grp !=  '3' AND up_ut_cod !=  'F00' ORDER BY ut_odr, ut_cod")   
    remote_list = users_from_mid.collect{|t| t["nccu_id"]}
    #remove delete user sho has been deleted at remote first
@ -72,7 +72,7 @@ namespace :mid_site do
    # admin_role = Role.find_or_create_by( key: 'administrator')
    # sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center')
-    user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1")    
+    user_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE posgrp_cod IN (#{officer_posgrp_code.join(',')}) AND nccu_id = '#{admins_nccu_id}' limit 1")    
    admin_at_mid =  user_from_mid.first
    user_first_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][3..-1] : admin_at_mid["psn_nam"][1..-1]
    user_last_name =  admin_at_mid["psn_nam"].size  > 3 ? admin_at_mid["psn_nam"][1..2] : admin_at_mid["psn_nam"][0]
@ -95,7 +95,7 @@ namespace :mid_site do
    # sub_role = admin_role.sub_roles.find_or_create_by(:key => 'computer_center')
    info_profile = Info.first(conditions: {:key => 'profile'})
-    user_from_mid = MID_CLIENT.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE  nccu_id = '#{admins_nccu_id}' limit 1")    
+    user_from_mid = $mid_site_connection.query("SELECT #{attr_from_mid.join(',')} FROM rss_pautlst_ut  WHERE  nccu_id = '#{admins_nccu_id}' limit 1")    
    admin_at_mid =  user_from_mid.first
    user_first_name = admin_at_mid["psn_nam"].size > 3 ? admin_at_mid["psn_nam"][3..-1] : admin_at_mid["psn_nam"][1..-1]
    user_last_name =  admin_at_mid["psn_nam"].size  > 3 ? admin_at_mid["psn_nam"][1..2] : admin_at_mid["psn_nam"][0]