Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
251375ad
Commit
251375ad
authored
May 10, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add access level spillover test
parent
8c599cd0
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
53 additions
and
0 deletions
+53
-0
spec/lib/gitlab/ldap/group_sync_spec.rb
spec/lib/gitlab/ldap/group_sync_spec.rb
+53
-0
No files found.
spec/lib/gitlab/ldap/group_sync_spec.rb
View file @
251375ad
...
...
@@ -244,6 +244,59 @@ describe Gitlab::LDAP::GroupSync, lib: true do
end
end
end
context
'when access level spillover could happen'
do
it
'does not erroneously add users'
do
ldap_group2
=
Net
::
LDAP
::
Entry
.
from_single_ldif_string
(
<<-
EOS
.
strip_heredoc
dn: cn=ldap_group2,ou=groups,dc=example,dc=com
cn: ldap_group2
description: LDAP Group 2
gidnumber: 55
uniqueMember: uid=
#{
user2
.
username
}
,ou=users,dc=example,dc=com
objectclass: top
objectclass: groupOfNames
EOS
)
allow_any_instance_of
(
Gitlab
::
LDAP
::
Group
)
.
to
receive
(
:adapter
).
and_return
(
adapter
)
user1
.
identities
.
create
(
provider:
'ldapmain'
,
extern_uid:
"uid=
#{
user1
.
username
}
,ou=users,dc=example,dc=com"
)
user2
.
identities
.
create
(
provider:
'ldapmain'
,
extern_uid:
"uid=
#{
user2
.
username
}
,ou=users,dc=example,dc=com"
)
allow
(
Gitlab
::
LDAP
::
Group
)
.
to
receive
(
:find_by_cn
)
.
with
(
'ldap_group1'
,
kind_of
(
Gitlab
::
LDAP
::
Adapter
))
.
and_return
(
Gitlab
::
LDAP
::
Group
.
new
(
ldap_group1
))
allow
(
Gitlab
::
LDAP
::
Group
)
.
to
receive
(
:find_by_cn
)
.
with
(
'ldap_group2'
,
kind_of
(
Gitlab
::
LDAP
::
Adapter
))
.
and_return
(
Gitlab
::
LDAP
::
Group
.
new
(
ldap_group2
))
group1
.
ldap_group_links
.
create
(
cn:
'ldap_group1'
,
group_access:
Gitlab
::
Access
::
DEVELOPER
,
provider:
'ldapmain'
)
group2
.
ldap_group_links
.
create
(
cn:
'ldap_group2'
,
group_access:
Gitlab
::
Access
::
OWNER
,
provider:
'ldapmain'
)
group_sync
.
sync_groups
expect
(
group1
.
members
.
pluck
(
:user_id
).
sort
).
to
eq
([
user1
.
id
,
user2
.
id
].
sort
)
expect
(
group2
.
members
.
pluck
(
:user_id
)).
to
eq
([
user2
.
id
])
end
end
end
# Test that membership can be resolved for all different type of LDAP groups
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
