Move backwards compatibility logic out of the code

And closer to the configuration setup. The code doesn’t need to know about this.

Move backwards compatibility logic out of the code
And closer to the configuration setup. The code doesn’t need to know about this.
72d8b1e4 · Michael Kozono · 2d7d1fa6 · 72d8b1e4 · 72d8b1e4 · 72d8b1e4
Commit 72d8b1e4 authored Jun 09, 2017 by Michael Kozono
Showing with 6 additions and 30 deletions

config/initializers/1_settings.rb config/initializers/1_settings.rb +5 -1

lib/gitlab/ldap/config.rb lib/gitlab/ldap/config.rb +1 -5

spec/lib/gitlab/ldap/config_spec.rb spec/lib/gitlab/ldap/config_spec.rb +0 -24

No files found.
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test?
    server['attributes'] = {} if server['attributes'].nil?
    server['provider_name'] ||= "ldap#{key}".downcase
    server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
-    server['encryption'] ||= server['method'] # for backwards compatibility
+
+    # For backwards compatibility
+    server['encryption'] ||= server['method']
+    server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
+    server['encryption'] = 'start_tls' if server['encryption'] == 'tls'

    # Certificates are not verified for backwards compatibility.
    # This default should be flipped to true in 9.5.

--- a/lib/gitlab/ldap/config.rb
+++ b/lib/gitlab/ldap/config.rb
@@ -5,11 +5,7 @@ module Gitlab
      NET_LDAP_ENCRYPTION_METHOD = {
        :simple_tls => :simple_tls,
        :start_tls => :start_tls,
-        :plain => nil,
-
-        # Deprecated. Better to pass-through the actual `Net::LDAP` encryption type.
-        :ssl => :simple_tls,
-        :tls => :start_tls,
+        :plain => nil
      }

      attr_accessor :provider, :options

--- a/spec/lib/gitlab/ldap/config_spec.rb
+++ b/spec/lib/gitlab/ldap/config_spec.rb
@@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do
      expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
    end

-    it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do
-      stub_ldap_config(
-        options: {
-          'host'                => 'ldap.example.com',
-          'port'                => 686,
-          'encryption'          => 'ssl'
-        }
-      )
-
-      expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
-    end
-
    it 'sets encryption method to start_tls when configured as start_tls' do
      stub_ldap_config(
        options: {
@@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do
      expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
    end

-    it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do
-      stub_ldap_config(
-        options: {
-          'host'                => 'ldap.example.com',
-          'port'                => 686,
-          'encryption'          => 'tls'
-        }
-      )
-
-      expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
-    end
-
    context 'when verify_certificates is enabled' do
      it 'sets tls_options to OpenSSL defaults' do
        stub_ldap_config(