BigW Consortium Gitlab

Commit babb7d52 by Drew Blessing

Gitlab::LDAP::Person uses LDAP attributes configuration

We allow users to configure LDAP attribute preferences. For example, email can be configured to use `mail`, `email` and `userPrincipalName`, falling through to the next until a value is found. Prior to this change, Gitlab::LDAP::Person did not honor this configuration. Now, the class will honor `name` and `mail` configuration. It does not handle `username`, or fallback to `first_name` + `last_name` in the absence of `name`.
parent 37ef8d72
---
title: Gitlab::LDAP::Person uses LDAP attributes configuration
merge_request: 8418
author:
...@@ -28,7 +28,7 @@ module Gitlab ...@@ -28,7 +28,7 @@ module Gitlab
end end
def name def name
entry.cn.first attribute_value(:name)
end end
def uid def uid
...@@ -40,7 +40,7 @@ module Gitlab ...@@ -40,7 +40,7 @@ module Gitlab
end end
def email def email
entry.try(:mail) attribute_value(:email)
end end
def dn def dn
...@@ -56,6 +56,21 @@ module Gitlab ...@@ -56,6 +56,21 @@ module Gitlab
def config def config
@config ||= Gitlab::LDAP::Config.new(provider) @config ||= Gitlab::LDAP::Config.new(provider)
end end
# Using the LDAP attributes configuration, find and return the first
# attribute with a value. For example, by default, when given 'email',
# this method looks for 'mail', 'email' and 'userPrincipalName' and
# returns the first with a value.
def attribute_value(attribute)
attributes = Array(config.attributes[attribute.to_sym])
selected_attr = attributes.find { |attr| entry.respond_to?(attr) }
return nil unless selected_attr
# Some LDAP attributes return an array,
# even if it is a single value (like 'cn')
Array(entry.public_send(selected_attr)).first
end
end end
end end
end end
require 'spec_helper'
describe Gitlab::LDAP::Person do
include LdapHelpers
let(:entry) { ldap_user_entry('john.doe') }
before do
stub_ldap_config(
attributes: {
name: 'cn',
email: %w(mail email userPrincipalName)
}
)
end
describe '#name' do
it 'uses the configured name attribute and handles values as an array' do
name = 'John Doe'
entry['cn'] = [name]
person = Gitlab::LDAP::Person.new(entry, 'ldapmain')
expect(person.name).to eq(name)
end
end
describe '#email' do
it 'returns the value of mail, if present' do
mail = 'john@example.com'
entry['mail'] = mail
person = Gitlab::LDAP::Person.new(entry, 'ldapmain')
expect(person.email).to eq(mail)
end
it 'returns the value of userPrincipalName, if mail and email are not present' do
user_principal_name = 'john.doe@example.com'
entry['userPrincipalName'] = user_principal_name
person = Gitlab::LDAP::Person.new(entry, 'ldapmain')
expect(person.email).to eq(user_principal_name)
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment