UI and controller for group members access reset

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

app/controllers/groups/ldaps_controller.rb

+class Groups::LdapsController < ApplicationController
+  before_filter :group
+  before_filter :authorize_admin_group!
+
+  def reset_access
+    LdapGroupResetService.new.execute(group, current_user)
+
+    redirect_to members_group_path(@group), notice: 'Access reset complete'
+  end
+
+  private
+
+  def group
+    @group ||= Group.find_by(path: params[:group_id])
+  end
+
+  def authorize_admin_group!
+    unless can?(current_user, :manage_group, group)
+      return render_404
+    end
+  end
+end

app/helpers/application_helper.rb

@@ -233,4 +233,8 @@ module ApplicationHelper
       content_tag(:i, nil, class: 'icon-spinner icon-spin') + text
     end
   end
+
+  def ldap_enabled?
+    Gitlab.config.ldap.enabled
+  end
 end

app/models/group.rb

@@ -76,4 +76,8 @@ class Group < Namespace
       self.errors.add :avatar, "only images allowed"
     end
   end
+
+  def human_ldap_access
+    Gitlab::Access.options_with_owner.key ldap_access
+  end
 end

app/views/groups/members.html.haml

@@ -15,6 +15,10 @@
 
   - if current_user.can? :manage_group, @group
     .pull-right
+      - if ldap_enabled? && @group.ldap_cn.present?
+        = link_to reset_access_group_ldap_path(@group), class: 'btn grouped', data: { confirm: "Reset all ldap group members access to '#{@group.human_ldap_access}'?" }, method: :put do
+          Reset access
+
       = link_to '#', class: 'btn btn-new js-toggle-visibility-link' do
         Add members
         %i.icon-chevron-down

config/routes.rb

@@ -159,6 +159,14 @@ Gitlab::Application.routes.draw do
       get :members
     end
 
+    scope module: :groups do
+      resource :ldap, only: [] do
+        member do
+          put :reset_access
+        end
+      end
+    end
+
     resources :users_groups, only: [:create, :update, :destroy]
     scope module: :groups do
       resource :avatar, only: [:destroy]