Move backwards compatibility logic out of the code
And closer to the configuration setup. The code doesn’t need to know about this.
This commit is contained in:
parent
2d7d1fa69d
commit
72d8b1e40a
|
@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test?
|
|||
server['attributes'] = {} if server['attributes'].nil?
|
||||
server['provider_name'] ||= "ldap#{key}".downcase
|
||||
server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
|
||||
server['encryption'] ||= server['method'] # for backwards compatibility
|
||||
|
||||
# For backwards compatibility
|
||||
server['encryption'] ||= server['method']
|
||||
server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
|
||||
server['encryption'] = 'start_tls' if server['encryption'] == 'tls'
|
||||
|
||||
# Certificates are not verified for backwards compatibility.
|
||||
# This default should be flipped to true in 9.5.
|
||||
|
|
|
@ -5,11 +5,7 @@ module Gitlab
|
|||
NET_LDAP_ENCRYPTION_METHOD = {
|
||||
:simple_tls => :simple_tls,
|
||||
:start_tls => :start_tls,
|
||||
:plain => nil,
|
||||
|
||||
# Deprecated. Better to pass-through the actual `Net::LDAP` encryption type.
|
||||
:ssl => :simple_tls,
|
||||
:tls => :start_tls,
|
||||
:plain => nil
|
||||
}
|
||||
|
||||
attr_accessor :provider, :options
|
||||
|
|
|
@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do
|
|||
expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
|
||||
end
|
||||
|
||||
it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do
|
||||
stub_ldap_config(
|
||||
options: {
|
||||
'host' => 'ldap.example.com',
|
||||
'port' => 686,
|
||||
'encryption' => 'ssl'
|
||||
}
|
||||
)
|
||||
|
||||
expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
|
||||
end
|
||||
|
||||
it 'sets encryption method to start_tls when configured as start_tls' do
|
||||
stub_ldap_config(
|
||||
options: {
|
||||
|
@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do
|
|||
expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
|
||||
end
|
||||
|
||||
it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do
|
||||
stub_ldap_config(
|
||||
options: {
|
||||
'host' => 'ldap.example.com',
|
||||
'port' => 686,
|
||||
'encryption' => 'tls'
|
||||
}
|
||||
)
|
||||
|
||||
expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
|
||||
end
|
||||
|
||||
context 'when verify_certificates is enabled' do
|
||||
it 'sets tls_options to OpenSSL defaults' do
|
||||
stub_ldap_config(
|
||||
|
|
Loading…
Reference in New Issue