Move backwards compatibility logic out of the code

And closer to the configuration setup. The code doesn’t need to know about this.
2017-06-09 10:39:29 -07:00 · 2017-06-09 10:39:29 -07:00 · 72d8b1e40a
parent 2d7d1fa69d
commit 72d8b1e40a
3 changed files with 6 additions and 30 deletions
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test?
    server['attributes'] = {} if server['attributes'].nil?
    server['provider_name'] ||= "ldap#{key}".downcase
    server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
-    server['encryption'] ||= server['method'] # for backwards compatibility
+
+    # For backwards compatibility
+    server['encryption'] ||= server['method']
+    server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
+    server['encryption'] = 'start_tls' if server['encryption'] == 'tls'

    # Certificates are not verified for backwards compatibility.
    # This default should be flipped to true in 9.5.
--- a/lib/gitlab/ldap/config.rb
+++ b/lib/gitlab/ldap/config.rb
@ -5,11 +5,7 @@ module Gitlab
      NET_LDAP_ENCRYPTION_METHOD = {
        :simple_tls => :simple_tls,
        :start_tls => :start_tls,
-        :plain => nil,
-
-        # Deprecated. Better to pass-through the actual `Net::LDAP` encryption type.
-        :ssl => :simple_tls,
-        :tls => :start_tls,
+        :plain => nil
      }

      attr_accessor :provider, :options
--- a/spec/lib/gitlab/ldap/config_spec.rb
+++ b/spec/lib/gitlab/ldap/config_spec.rb
@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do
      expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
    end

-    it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do
-      stub_ldap_config(
-        options: {
-          'host'                => 'ldap.example.com',
-          'port'                => 686,
-          'encryption'          => 'ssl'
-        }
-      )
-
-      expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
-    end
-
    it 'sets encryption method to start_tls when configured as start_tls' do
      stub_ldap_config(
        options: {
@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do
      expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
    end

-    it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do
-      stub_ldap_config(
-        options: {
-          'host'                => 'ldap.example.com',
-          'port'                => 686,
-          'encryption'          => 'tls'
-        }
-      )
-
-      expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
-    end
-
    context 'when verify_certificates is enabled' do
      it 'sets tls_options to OpenSSL defaults' do
        stub_ldap_config(