Add option to gitlab config to specify if LDAP server is active directory.
This commit is contained in:
parent
0c29cb3451
commit
f7aba277e7
4 changed files with 25 additions and 1 deletions
|
@ -140,6 +140,12 @@ production: &base
|
|||
method: 'ssl' # "tls" or "ssl" or "plain"
|
||||
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
||||
password: '_the_password_of_the_bind_user'
|
||||
|
||||
# This setting specifies if LDAP server is Active Directory LDAP server.
|
||||
# For non AD servers it skips the AD specific queries.
|
||||
# If your LDAP server is not AD, set this to false.
|
||||
active_directory: true
|
||||
|
||||
# If allow_username_or_email_login is enabled, GitLab will ignore everything
|
||||
# after the first '@' in the LDAP username submitted by the user on login.
|
||||
#
|
||||
|
|
|
@ -57,6 +57,7 @@ end
|
|||
Settings['ldap'] ||= Settingslogic.new({})
|
||||
Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil?
|
||||
Settings.ldap['allow_username_or_email_login'] = false if Settings.ldap['allow_username_or_email_login'].nil?
|
||||
Settings.ldap['active_directory'] = true if Settings.ldap['active_directory'].nil?
|
||||
|
||||
|
||||
Settings['omniauth'] ||= Settingslogic.new({})
|
||||
|
|
|
@ -28,7 +28,9 @@ module Gitlab
|
|||
|
||||
def allowed?(user)
|
||||
if Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter)
|
||||
!Gitlab::LDAP::Person.disabled_via_active_directory?(user.extern_uid, adapter)
|
||||
if Gitlab.config.ldap.active_directory
|
||||
!Gitlab::LDAP::Person.disabled_via_active_directory?(user.extern_uid, adapter)
|
||||
end
|
||||
else
|
||||
false
|
||||
end
|
||||
|
|
|
@ -27,6 +27,21 @@ describe Gitlab::LDAP::Access do
|
|||
|
||||
it { should be_true }
|
||||
end
|
||||
|
||||
context 'and has no disabled flag in active diretory' do
|
||||
before {
|
||||
Gitlab::LDAP::Person.stub(disabled_via_active_directory?: false)
|
||||
Gitlab.config.ldap['enabled'] = true
|
||||
Gitlab.config.ldap['active_directory'] = false
|
||||
}
|
||||
|
||||
after {
|
||||
Gitlab.config.ldap['enabled'] = false
|
||||
Gitlab.config.ldap['active_directory'] = true
|
||||
}
|
||||
|
||||
it { should be_false }
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue