Commit b45c7dd5 authored by Drew Blessing's avatar Drew Blessing

Revert problematic LDAP person validation that threw exceptions

Constructors shouldn't throw exceptions. We also learned that
different LDAP servers behave a bit unexpectedly sometimes -
returning attributes we didn't ask for, or returned attributes
with language subtypes.
parent 7a18675c
---
title: LDAP Person no longer throws exception on invalid entry
merge_request:
author:
type: fixed
......@@ -63,8 +63,6 @@ module Gitlab
Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
@entry = entry
@provider = provider
validate_entry
end
def name
......@@ -115,19 +113,6 @@ module Gitlab
entry.public_send(selected_attr) # rubocop:disable GitlabSecurity/PublicSend
end
def validate_entry
allowed_attrs = self.class.ldap_attributes(config).map(&:downcase)
# Net::LDAP::Entry transforms keys to symbols. Change to strings to compare.
entry_attrs = entry.attribute_names.map { |n| n.to_s.downcase }
invalid_attrs = entry_attrs - allowed_attrs
if invalid_attrs.any?
raise InvalidEntryError,
"#{self.class.name} initialized with Net::LDAP::Entry containing invalid attributes(s): #{invalid_attrs}"
end
end
end
end
end
......@@ -66,15 +66,6 @@ describe Gitlab::LDAP::Person do
end
end
describe '.validate_entry' do
it 'raises InvalidEntryError' do
entry['foo'] = 'bar'
expect { described_class.new(entry, 'ldapmain') }
.to raise_error(Gitlab::LDAP::Person::InvalidEntryError)
end
end
describe '#name' do
it 'uses the configured name attribute and handles values as an array' do
name = 'John Doe'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment