Treequel::Model::

SchemaValidations

module

A collection of schema-based validations for LDAP model objects.

Constants

IGNORED_OPERATIONAL_ATTRS

OpenLDAP servers with syncrepl include 'entryCSN' and 'contextCSN' attributes, but don't define its attribute type in the subschema. This is a list of operational attribute types that don't appear in the subschema that shouldn't be considered when validating MUST and MAY attributes. (www.openldap.org/its/index.cgi/Development?id=5573)

Public Instance Methods

anchor
validate( options={} )

Entrypoint – run all the validations, adding any errors to the object's error collector.

# File lib/treequel/model/schemavalidations.rb, line 20
def validate( options={} )
        return unless options[:with_schema]

        self.validate_structural_objectclass
        self.validate_must_attributes
        self.validate_may_attributes
        self.validate_attribute_syntax
end
anchor
validate_attribute_syntax()

Validate that the attribute values present in the entry are all valid according to the syntax rule for it.

# File lib/treequel/model/schemavalidations.rb, line 72
def validate_attribute_syntax
        @values.each do |attribute, values|
                [ values ].flatten.each do |value|
                        begin
                                self.get_converted_attribute( attribute.to_sym, value )
                        rescue => err
                                self.log.error "validation for %p failed: %s: %s" %
                                        [ attribute, err.class.name, err.message ]
                                attrtype = self.find_attribute_type( attribute )
                                self.errors.add( attribute, "isn't a valid %s value" %
                                        [ attrtype.syntax ? attrtype.syntax.desc : attrtype.syntax_oid ] )
                        end
                end
        end
end
anchor
validate_may_attributes()

Validate that all attributes present in the entry are allowed by either a MUST or a MAY rule of one of its objectClasses.

# File lib/treequel/model/schemavalidations.rb, line 54
def validate_may_attributes
        hash = (self.entry || {} ).merge( @values )
        attributes = hash.keys.map( &:to_sym ).uniq
        valid_attributes = self.valid_attribute_oids +
                self.operational_attribute_oids +
                IGNORED_OPERATIONAL_ATTRS

        self.log.debug "Validating MAY attributes: %p against the list of valid OIDs: %p" %
                [ attributes, valid_attributes ]
        unknown_attributes = attributes - valid_attributes
        unknown_attributes.each do |oid|
                self.errors.add( oid, "is not allowed by entry's objectClasses" )
        end
end
anchor
validate_must_attributes()

Validate that all attributes that MUST be included according to the entry's objectClasses have at least one value.

# File lib/treequel/model/schemavalidations.rb, line 40
def validate_must_attributes
        self.must_attribute_types.each do |attrtype|
                oid = attrtype.name
                if attrtype.single?
                        self.errors.add( oid, "MUST have a value" ) if self[ oid ].nil?
                else
                        self.errors.add( oid, "MUST have at least one value" ) if self[ oid ].empty?
                end
        end
end
anchor
validate_structural_objectclass()

Ensure that the object has at least one structural objectClass.

# File lib/treequel/model/schemavalidations.rb, line 31
def validate_structural_objectclass
        unless self.object_classes.any? {|oc| oc.structural? }
                self.errors.add( :entry, "must have at least one structural objectClass" )
        end
end