Commit 64434261 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'ldap_sync_time_option' into 'master'

Ldap sync time option

Related to #147

/cc @sytse @jacobvosmaer @job

See merge request !155
parents e6871279 83a919f9
v 7.3.0
- Add an option to change the LDAP sync time from default 1 hour
v 7.2.0 v 7.2.0
- Improve Redmine integration - Improve Redmine integration
- Better logging for the JIRA issue closing service - Better logging for the JIRA issue closing service
......
7.2.0.rc5-ee 7.3.0.pre-ee
...@@ -419,7 +419,7 @@ class User < ActiveRecord::Base ...@@ -419,7 +419,7 @@ class User < ActiveRecord::Base
if !Gitlab.config.ldap.enabled if !Gitlab.config.ldap.enabled
false false
elsif ldap_user? elsif ldap_user?
!last_credential_check_at || (last_credential_check_at + 1.hour) < Time.now !last_credential_check_at || (last_credential_check_at + Gitlab.config.ldap['sync_time']) < Time.now
else else
false false
end end
......
...@@ -134,6 +134,15 @@ production: &base ...@@ -134,6 +134,15 @@ production: &base
method: 'ssl' # "tls" or "ssl" or "plain" method: 'ssl' # "tls" or "ssl" or "plain"
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user' password: '_the_password_of_the_bind_user'
# This setting controls the amount of time between LDAP permission checks for each user.
# After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
# How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
# The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
#
# Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
# sync_time: 3600
# If allow_username_or_email_login is enabled, GitLab will ignore everything # If allow_username_or_email_login is enabled, GitLab will ignore everything
# after the first '@' in the LDAP username submitted by the user on login. # after the first '@' in the LDAP username submitted by the user on login.
# #
...@@ -279,9 +288,9 @@ test: ...@@ -279,9 +288,9 @@ test:
port: 80 port: 80
# When you run tests we clone and setup gitlab-shell # When you run tests we clone and setup gitlab-shell
# In order to setup it correctly you need to specify # In order to setup it correctly you need to specify
# your system username you use to run GitLab # your system username you use to run GitLab
# user: YOUR_USERNAME # user: YOUR_USERNAME
satellites: satellites:
path: tmp/tests/gitlab-satellites/ path: tmp/tests/gitlab-satellites/
gitlab_shell: gitlab_shell:
......
...@@ -57,6 +57,7 @@ end ...@@ -57,6 +57,7 @@ end
Settings['ldap'] ||= Settingslogic.new({}) Settings['ldap'] ||= Settingslogic.new({})
Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil? Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil?
Settings.ldap['allow_username_or_email_login'] = false if Settings.ldap['allow_username_or_email_login'].nil? Settings.ldap['allow_username_or_email_login'] = false if Settings.ldap['allow_username_or_email_login'].nil?
Settings.ldap['sync_time'] = 3600 if Settings.ldap['sync_time'].nil?
Settings['omniauth'] ||= Settingslogic.new({}) Settings['omniauth'] ||= Settingslogic.new({})
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment