Merge branch 'improve/gitlab_ldap' of /home/git/repositories/gitlab/gitlab-ee

b1150883 · Dmitriy Zaporozhets · 397282b4 · 44507069 · b1150883 · b1150883
Commit b1150883 authored Sep 09, 2013 by Dmitriy Zaporozhets
4 changed files
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -12,7 +12,7 @@ module Gitlab
        # if instance does not use group_base setting
        return true unless Gitlab.config.ldap['group_base'].present?
-        ldap_user = Gitlab::LDAP::Person.find(user.extern_uid)
+        ldap_user = Gitlab::LDAP::Person.find_by_dn(user.extern_uid)
        ldap_groups = ldap_user.groups
        ldap_groups_cn = ldap_groups.map(&:name)
        groups = ::Group.where(ldap_cn: ldap_groups_cn)

--- a/lib/gitlab/ldap/adapter.rb
+++ b/lib/gitlab/ldap/adapter.rb
@@ -51,14 +51,20 @@ module Gitlab
        end
      end
-      def users(uid = "*")
+      def users(field, value)
+        if field.to_sym == :dn
+          options = {
+            base: value
+          }
+        else
          options = {
            base: config['base'],
-          filter: Net::LDAP::Filter.eq(config.uid, uid)
+            filter: Net::LDAP::Filter.eq(field, value)
          }
+        end
        entries = ldap.search(options).select do |entry|
-          entry.respond_to? :uid
+          entry.respond_to? config.uid
        end
        entries.map do |entry|
@@ -66,8 +72,8 @@ module Gitlab
        end
      end
-      def user(uid)
+      def user(*args)
-        users(uid).first
+        users(*args).first
      end
      private

--- a/lib/gitlab/ldap/group.rb
+++ b/lib/gitlab/ldap/group.rb
@@ -19,24 +19,14 @@ module Gitlab
        name.parameterize
      end
-      def members
+      def memberuid?
-        member_uids.map do |uid|
+        entry.respond_to? :memberuid
-          adapter.user(uid)
-        end.compact
      end
      def member_uids
-        if entry.respond_to? :memberuid
        entry.memberuid
-        else
-          member_dns.map do |dn|
-            $1 if dn =~ /uid=([a-zA-Z0-9.-]+)/
-          end
-        end.compact
      end
-      private
      def member_dns
        if entry.respond_to? :member
          entry.member
@@ -49,6 +39,8 @@ module Gitlab
        end
      end
+      private
      def entry
        @entry
      end

--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -7,15 +7,12 @@
 module Gitlab
  module LDAP
    class Person
-      def self.find(user_uid)
+      def self.find_by_uid(uid)
-        uid = if user_uid =~ /uid=([a-zA-Z0-9.-]+)/
+        Gitlab::LDAP::Adapter.new.user(config.uid, uid)
-                $1
-              else
-                user_uid
      end
+      def self.find_by_dn(dn)
-        Gitlab::LDAP::Adapter.new.user(uid)
+        Gitlab::LDAP::Adapter.new.user('dn', dn)
      end
      def initialize(entry)
@@ -27,16 +24,24 @@ module Gitlab
      end
      def uid
-        entry.uid.join(" ")
+        entry.send(config.uid).join(" ")
      end
      def username
        uid
      end
+      def dn
+        entry.dn
+      end
      def groups
        adapter.groups.select do |group|
+          if group.memberuid?
            group.member_uids.include?(uid)
+          else
+            group.member_dns.include?(dn)
+          end
        end
      end
@@ -49,6 +54,10 @@ module Gitlab
      def adapter
        @adapter ||= Gitlab::LDAP::Adapter.new
      end
+      def config
+        @config ||= Gitlab.config.ldap
+      end
    end
  end
 end