Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
abd6d821
Commit
abd6d821
authored
Mar 21, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'recursive_ldap_groups' into 'master'
Recursive LDAP groups (ActiveDirectory only)
parents
f716b2f5
8722d6bd
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
17 additions
and
3 deletions
+17
-3
CHANGELOG-EE
CHANGELOG-EE
+1
-0
lib/gitlab/ldap/adapter.rb
lib/gitlab/ldap/adapter.rb
+5
-1
lib/gitlab/ldap/group.rb
lib/gitlab/ldap/group.rb
+11
-2
No files found.
CHANGELOG-EE
View file @
abd6d821
v 6.7.0
v 6.7.0
- Improve LDAP sign-in speed by reusing connections
- Improve LDAP sign-in speed by reusing connections
- Add support for Active Directory nested LDAP groups
v 6.5.0
v 6.5.0
- Add reset permissions button to Group#members page
- Add reset permissions button to Group#members page
...
...
lib/gitlab/ldap/adapter.rb
View file @
abd6d821
...
@@ -63,7 +63,7 @@ module Gitlab
...
@@ -63,7 +63,7 @@ module Gitlab
options
.
merge!
(
size:
size
)
if
size
options
.
merge!
(
size:
size
)
if
size
ldap
.
search
(
options
).
map
do
|
entry
|
ldap
.
search
(
options
).
map
do
|
entry
|
Gitlab
::
LDAP
::
Group
.
new
(
entry
)
Gitlab
::
LDAP
::
Group
.
new
(
entry
,
self
)
end
end
end
end
...
@@ -106,6 +106,10 @@ module Gitlab
...
@@ -106,6 +106,10 @@ module Gitlab
users
(
*
args
).
first
users
(
*
args
).
first
end
end
def
dn_matches_filter?
(
dn
,
filter
)
ldap
.
search
(
base:
dn
,
filter:
filter
,
attributes:
%w{dn}
).
any?
end
private
private
def
config
def
config
...
...
lib/gitlab/ldap/group.rb
View file @
abd6d821
...
@@ -12,9 +12,10 @@ module Gitlab
...
@@ -12,9 +12,10 @@ module Gitlab
adapter
.
group
(
cn
)
adapter
.
group
(
cn
)
end
end
def
initialize
(
entry
)
def
initialize
(
entry
,
adapter
=
nil
)
Rails
.
logger
.
debug
{
"Instantiating
#{
self
.
class
.
name
}
with LDIF:
\n
#{
entry
.
to_ldif
}
"
}
Rails
.
logger
.
debug
{
"Instantiating
#{
self
.
class
.
name
}
with LDIF:
\n
#{
entry
.
to_ldif
}
"
}
@entry
=
entry
@entry
=
entry
@adapter
=
adapter
end
end
def
cn
def
cn
...
@@ -40,8 +41,10 @@ module Gitlab
...
@@ -40,8 +41,10 @@ module Gitlab
def
has_member?
(
user
)
def
has_member?
(
user
)
if
memberuid?
if
memberuid?
member_uids
.
include?
(
user
.
uid
)
member_uids
.
include?
(
user
.
uid
)
elsif
member_dns
.
include?
(
user
.
dn
)
true
else
else
member_dns
.
include?
(
user
.
dn
)
adapter
.
dn_matches_filter?
(
user
.
dn
,
active_directory_recursive_memberof_filter
)
end
end
end
end
...
@@ -60,6 +63,12 @@ module Gitlab
...
@@ -60,6 +63,12 @@ module Gitlab
private
private
# We use the ActiveDirectory LDAP_MATCHING_RULE_IN_CHAIN matching rule; see
# http://msdn.microsoft.com/en-us/library/aa746475%28VS.85%29.aspx#code-snippet-5
def
active_directory_recursive_memberof_filter
Net
::
LDAP
::
Filter
.
ex
(
"memberOf:1.2.840.113556.1.4.1941"
,
entry
.
dn
)
end
def
entry
def
entry
@entry
@entry
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment