Merge branch 'fix_ldap_sync_ssh_keys_boolean' into 'master'

Fix failed LDAP logins when sync_ssh_keys is included in config Closes #4662 See merge request gitlab-org/gitlab-ee!4202

Merge branch 'fix_ldap_sync_ssh_keys_boolean' into 'master'
Fix failed LDAP logins when sync_ssh_keys is included in config Closes #4662 See merge request gitlab-org/gitlab-ee!4202
d41a8297 · Stan Hu · e6c0b419 · 55f93e15 · d41a8297 · d41a8297
Commit d41a8297 authored Jan 24, 2018 by Stan Hu
3 changed files
--- a/changelogs/unreleased-ee/fix_ldap_sync_ssh_keys_boolean.yml
+++ b/changelogs/unreleased-ee/fix_ldap_sync_ssh_keys_boolean.yml
+---
+title: Fix failed LDAP logins when sync_ssh_keys is included in config
+merge_request:
+author:
+type: fixed
--- a/ee/lib/ee/gitlab/ldap/person.rb
+++ b/ee/lib/ee/gitlab/ldap/person.rb
@@ -46,7 +46,7 @@ module EE
          def ldap_attributes(config)
            attributes = super + [
              'memberof',
-              config.sync_ssh_keys
+              (config.sync_ssh_keys if config.sync_ssh_keys.is_a?(String))
            ]
            attributes.compact.uniq
          end

--- a/spec/ee/spec/lib/ee/gitlab/ldap/person_spec.rb
+++ b/spec/ee/spec/lib/ee/gitlab/ldap/person_spec.rb
@@ -69,6 +69,50 @@ describe Gitlab::LDAP::Person do
    end
  end
+  describe '.ldap_attributes' do
+    def stub_sync_ssh_keys(value)
+      stub_ldap_config(
+        options: {
+          'uid'          => nil,
+          'attributes'   => {
+            'name'       => 'cn',
+            'email'      => 'mail',
+            'username'   => %w(uid mail memberof)
+          },
+          'sync_ssh_keys' => value
+        }
+      )
+    end
+    let(:config) { Gitlab::LDAP::Config.new('ldapmain') }
+    let(:ldap_attributes) { described_class.ldap_attributes(config) }
+    let(:expected_attributes) { %w(dn cn uid mail memberof) }
+    it 'includes a real attribute name' do
+      stub_sync_ssh_keys('my-ssh-attribute')
+      expect(ldap_attributes).to match_array(expected_attributes + ['my-ssh-attribute'])
+    end
+    it 'excludes integers' do
+      stub_sync_ssh_keys(0)
+      expect(ldap_attributes).to match_array(expected_attributes)
+    end
+    it 'excludes false values' do
+      stub_sync_ssh_keys(false)
+      expect(ldap_attributes).to match_array(expected_attributes)
+    end
+    it 'excludes true values' do
+      stub_sync_ssh_keys(true)
+      expect(ldap_attributes).to match_array(expected_attributes)
+    end
+  end
  describe '#kerberos_principal' do
    let(:entry) do
      ldif = "dn: cn=foo, dc=bar, dc=com\nsAMAccountName: myName\n"