How can I retrieve deleted objects from Active Directory with Ruby? - ruby-on-rails

From the research I've done, it appears I need to send a special OID with my request (1.2.840.113556.1.4.417) in order to access the Deleted Objects container.
I couldn't find a way to send a specific control with a request using the "net-ldap" gem. Does anyone know if this is possible?
There is another gem, ruby-ldap, which appears to be more flexible and it seems I can send controls with my request (e.g. using the search_ext2() method).
However, no matter what I try, I am not getting back any objects, even though I know they haven't been garbage collected yet.
I'm including the filter "isDeleted=TRUE" with my requests as well.

OK, I finally figured it out. One will need to use the ruby-ldap gem. The reason my controls were not being sent was because the LDAP Protocol Version (LDAP::LDAP_OPT_PROTOCOL_VERSION) had defaulted to v2 and apparently it must be v3.
The following is a snippet that works:
require 'ldap'
conn = LDAP::Conn.new('yourserver.example.com', 389)
conn.set_option(LDAP::LDAP_OPT_PROTOCOL_VERSION, 3)
conn.bind("CN=Administrator,CN=Users,DC=example,DC=com", "sekritpass")
# controlType: 1.2.840.113556.1.4.417 (LDAP_SERVER_SHOW_DELETED_OID)
control = LDAP::Control.new('1.2.840.113556.1.4.417')
conn.search_ext2('CN=Deleted Objects,DC=example,DC=com', LDAP::LDAP_SCOPE_SUBTREE, "(isDeleted=*)", nil, false, [control], nil)
The filter (isDeleted=*) isn't necessarily required, you could also simply use (objectClass=*). You can also use the scope LDAP::LDAP_SCOPE_ONELEVEL if desired.

Have you tried isDeleted=* instead?
https://technet.microsoft.com/en-us/library/cc978013.aspx

Related

Umbraco7 - ContentService.SaveAndPublishWithStatus VS ContentService.SendToPublication

I have an application that uses a combination of ContentService.Saved & ContentService.Saving to extend Umbraco to manage content.
I have two websites in one Umbraco installation I am using those methods to keep content up to date in different parts of the tree.
So far I have got everything working the way I wanted to.
Now I want to add a feature that: depending on which Umbraco User is logged in, will either publish the content or simply send it for approval.
So I have changed some lines of code from:
cs.SaveAndPublishWithStatus(savedNode, 0, false)
To this:
cs.SendToPublication(savedNode);
Now the problem that I am finding is that unlike the SaveAndPublishWithStatus() method, the cs.SendToPublication(); doesn't have the option of passing false so that a save event is not raised. So I get into an infinite loop.
When I attach the debugger and manually stop the infinite loop the first time it calls cs.SendToPublication(savedNode); I get exactly the behavior I want.
Any ideas about how I can get round this problem? Is there a different method that I should be using?
You are correct in saying that it currently isn't possible to set raiseEvents to false when sending an item to publication - that's a problem.
I've added that overload in v. 7.6 (http://issues.umbraco.org/issue/U4-9490).
However considering that you need this now, an interim solution could be that you make sure your code is only run once when triggered by the .Saved / .Saving events.
One way to do this would be to check the last saved date (UpdateDate) in your code. If the content was saved within the last second of the current save operation, you know that this is a save event triggered by the save happening in SendToPublication action. Then you also know that the item has already been sent to publication and that this doesn't need to be done again - thereby preventing the endless loop from happening.

Sharing an object in simperium, write_access doesnt do anything

I have created two users, and if i create a bucket for one user and an object inside that bucket i can share it using the HTTP api at the moment.. see here
https://simperium.com/docs/reference/http/#objectshare
However, even when i sent through "write_access" = true and get a 200 as a result, it doesnt seem to let me write to it.
Its only if i enable sharing back the other way that it allows data to sync both ways, am i doing something wrong?
Has collaboration got any further yet? i can see there is a long but no docs as yet? anyone know?
After some more trial & error, I found the solution:
to edit the shared object, the target user (ie the user that the object was shared with) needs to use an objectId that is equal to: <original_user_simperiumId>/<original_objectId> to edit the object.
If you just use <original_objectId> it won't work.
So the full command for editing a shared object, using curl:
curl -H 'X-Simperium-Token: {auth_token_of_target_user}' https://api.simperium.com/1/{appID}/{entity}/i/{original_user_simperiumId>/{original_objectId} -d '{"data_key" : "new_data_value"}'

Cant update table in using isset

I have a table called settings, when I would change or enter data into the form it did not change the data in the table. In addition on form an image upload file is not running, There may be the wrong code below.
(Solved by me)
Maybe someone can help me Related to this.
What you are doing here is tottaly in secure and your data can be hacked / manipulate really fast.
Why dont you use a framework like codeignighter there are about 100 easy frameworks that will help you manage database a lot easyer.
Are you sure that you are updating the wrond ID? where id = 1, seems to be not dynamic.
Please post your error http://www.w3schools.com/php/func_mysql_error.asp
I know it is not so related to your question, but you should see these light frameworks:
http://kohanaframework.org/
https://github.com/ElbertF/Swiftlet
http://ellislab.com/codeigniter
You're not checking the return status of of your query, so if it's not working you wouldn't know. Do this:
mysql_query("UPDATE settings SET site='$name',keywords='$keys',descrp='$desc',email='$email',fbpage='$fbpage',twitter='$twitter',gplus='$gplus',disclaimer='$disclaimer',template='$template' WHERE id=1")
or die(mysql_error());
Note: mysql_*() is deprecated: you shouldn't use it. Use mysqli_*() or PDO instead.
Also: You are susceptible to an SQL Injection attack. You should escape your input variables with mysql_real_escape_string() (or the equivalent if you switch to mysqli), or consider moving to prepared statements.

How do I associate all logs with their request in grails?

In our grails application we're logging a lot, but need a mechanism to associate all of those messages with the request/response being processed. It has proven easy enough to generate a request UUID, but now I'd like that id appended to each log message generated within a request context without passing that id within each log message. Has anybody implemented such a system so that you can associate all of your log statements together?
A rather obscure feature of log4j, called MDC seems to be exactly what you need.
Something like http://gustlik.wordpress.com/2008/07/05/user-context-tracking-in-log4j/
It will work fine in Grails as well if you use a custom AppFilter to set the request-unique value.
you could try utilizing the RequestContextHolder
http://static.springsource.org/spring/docs/3.0.x/javadoc-api/org/springframework/web/context/request/RequestContextHolder.html
ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
log.debug attr.getRequest().getSession()
Once you get the session object, you can get whatever identifier you have stashed away?

Symfony: question about a piece of code of sfDoctrineGuardPlugin

there is this code below in sfDoctrineGuardPlugin.
$a = sfConfig::get('app_sf_guard_plugin_success_signin_url');
var_dump($a);
$signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', $user->getReferer($request->getReferer()));
var_dump($signinUrl);
var_dump($user->getReferer($request->getReferer()));
It prints this:
null
string
'http://rs3.localhost/frontend_dev.php/'
(length=38)
string
'http://rs3.localhost/frontend_dev.php/miembros' (length=46)
I don't know why the the second and the third lines are different..any idea?
Regards
Javi
Weird. Spooky.
I wonder if maybe the two calls to getReferer() are in different contexts? Maybe the first (as the second arg to sfConfig::get()) implicitly uses __toString() whereas when you use var_dump(), maybe it's printing the raw value of the referer object?
Hrmm... the API says getReferer() returns a string, so that's probably not it.
What are you trying to do, BTW? Is it not honoring your app_sf_guard_plugin_success_signin_url setting from app.yml?
sfDoctrineGuardPlugin sets a referer attribute in the user, so that it can redirect back to the page originally requested. When you call getReferer it removes the attribute. (This is causing bugs for me, which is what brought me here.)
yitznewton pointed me towards a solution. The sfGuardSecurityUser class uses a method setReferer that saves a referer attribute but only if one is not yet set.
If somehow you manage to get to the executeSignin method in the sfGuard actions twice only the first referer attribute will be saved, this means that the second time the referer in the request and the referer in the user attribute can be different.
The getReferer method removes that attribute, and falls back to the request referer when the attribute is not set. this explains why calling $user->getReferer($request->getReferer()) twice returns different values sometimes.
The solution i found was to overwrite the setReferer method of the sfGuardSecurityUser in the myUser class:
public function setReferer($referer) {
$this->setAttribute('referer', $referer);
}
So far i have not found any side effects, this change ensures the user attribute will allways be the most recent, however there has to be a reason to explain why the symfony folk chose to implement this as it was.
Ive tested this by switching between apps on the login screen, allowing the session to die, killing the session manually and normally using the application and so far i have not found any side effects.

Resources