ldap_access field added to group. set ldap group membership based on ldap_access value

915315a4 · Dmitriy Zaporozhets · 721758e8 · 915315a4 · 915315a4 · 915315a4
Commit 915315a4 authored Aug 09, 2013 by Dmitriy Zaporozhets
6 changed files
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -19,7 +19,12 @@ class Group < Namespace
  has_many :project_group_links, dependent: :destroy
  has_many :shared_projects, through: :project_group_links, source: 'project'

-  attr_accessible :ldap_cn
+  attr_accessible :ldap_cn, :ldap_access
+
+  validates :ldap_access,
+    inclusion: { in: UsersGroup.group_access_roles.values },
+    presence: true,
+    if: ->(group) { group.ldap_cn.present? }

  after_create :add_owner


--- a/app/views/admin/groups/edit.html.haml
+++ b/app/views/admin/groups/edit.html.haml
@@ -26,12 +26,20 @@
        %li It will change web url for access group and group projects.
        %li It will change the git path to repositories under this group.

+  %hr
+
  .clearfix
    = f.label :ldap_cn do
      LDAP Group cn
    .input
      = f.text_field :ldap_cn, class: "xxlarge left"

+  .clearfix
+    = f.label :ldap_access do
+      LDAP Access
+    .input
+      = f.select :ldap_access, options_for_select(UsersGroup.group_access_roles, @group.ldap_access)
+
  .form-actions
    = f.submit 'Save changes', class: "btn btn-primary"
    = link_to  'Cancel', admin_groups_path, class: "btn btn-cancel"
--- a/app/views/groups/edit.html.haml
+++ b/app/views/groups/edit.html.haml
@@ -78,6 +78,12 @@
                .input
                  = f.text_field :ldap_cn, placeholder: "Ex. QA group", class: "xxlarge left"

+              .clearfix
+                = f.label :ldap_access do
+                  LDAP Access
+                .input
+                  = f.select :ldap_access, options_for_select(UsersGroup.group_access_roles, @group.ldap_access)
+
              .form-actions
                = f.submit 'Save group', class: "btn btn-save"


--- a/db/migrate/20130809090140_add_ldap_access_to_group.rb
+++ b/db/migrate/20130809090140_add_ldap_access_to_group.rb
+class AddLdapAccessToGroup < ActiveRecord::Migration
+  def change
+    add_column :namespaces, :ldap_access, :integer, null: true
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20130802124933) do
+ActiveRecord::Schema.define(:version => 20130809090140) do

  create_table "deploy_keys_projects", :force => true do |t|
    t.integer  "deploy_key_id", :null => false
@@ -130,6 +130,7 @@ ActiveRecord::Schema.define(:version => 20130802124933) do
    t.string   "type"
    t.string   "description", :default => "", :null => false
    t.string   "ldap_cn"
+    t.integer  "ldap_access"
  end

  add_index "namespaces", ["name"], :name => "index_namespaces_on_name"

--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -21,7 +21,7 @@ module Gitlab

        # First lets add user to new groups
        groups.each do |group|
-          group.add_users([user.id], UsersGroup::DEVELOPER)
+          group.add_users([user.id], group.ldap_access) if group.ldap_access.present?
        end

        # Remove groups with LDAP if user lost access to it