Make SSH keys synchronisation with LDAP not delete keys added by users.
This is done by using a separate LDAPKey model (inherited from Key) for storing SSH keys which came from LDAP. These keys can be viewed from user profile, but they can not be deleted. Signed-off-by: Oleg Girko <oleg.girko@jollamobile.com> (+2 squashed commits) Squashed commits: [52b3816] Made SSH key synchronisation with LDAP configurable. Now it can be turned on or off using configuration option sync_ssh_keys in ldap section. The default is off to preserve compatibility with old behaviour. Signed-off-by: Oleg Girko <oleg.girko@jollamobile.com> [02f988d] Synchronise LDAP users SSH keys from LDAP automatically. SSH public keys are synchronised from sshPublicKey LDAP attribute upon login attempt and during regular LDAP security checks. New keys are added, old keys not present in LDAP are deleted. Signed-off-by: Oleg Girko <oleg.girko@jollamobile.com> (+1 squashed commit) Squashed commits: [f087fbc] Make Gitlab::LDAP::Person.entry method public. This is needed to allow access control methods to access arbitrary LDAP attributes. Signed-off-by: Oleg Girko <oleg.girko@jollamobile.com>
Showing
app/models/ldap_key.rb
0 → 100644
Please register or sign in to comment