Commit 23d180f5 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'ldap_check' of /home/git/repositories/gitlab/gitlabhq

parents 4f067ae9 80302a0f
...@@ -114,6 +114,8 @@ production: &base ...@@ -114,6 +114,8 @@ production: &base
# ========================== # ==========================
## LDAP settings ## LDAP settings
# You can inspect the first 100 LDAP users with login access by running:
# bundle exec rake gitlab:ldap:check[100] RAILS_ENV=production
ldap: ldap:
enabled: false enabled: false
host: '_your_ldap_server' host: '_your_ldap_server'
......
...@@ -3,6 +3,7 @@ namespace :gitlab do ...@@ -3,6 +3,7 @@ namespace :gitlab do
task check: %w{gitlab:env:check task check: %w{gitlab:env:check
gitlab:gitlab_shell:check gitlab:gitlab_shell:check
gitlab:sidekiq:check gitlab:sidekiq:check
gitlab:ldap:check
gitlab:app:check} gitlab:app:check}
...@@ -679,6 +680,44 @@ namespace :gitlab do ...@@ -679,6 +680,44 @@ namespace :gitlab do
end end
end end
namespace :ldap do
task :check, [:limit] => :environment do |t, args|
args.with_defaults(limit: 100)
warn_user_is_not_gitlab
start_checking "LDAP"
if ldap_config.enabled
print_users(args.limit)
else
puts 'LDAP is disabled in config/gitlab.yml'
end
finished_checking "LDAP"
end
def print_users(limit)
puts "LDAP users with access to your GitLab server (limit: #{limit}):"
ldap.search(attributes: attributes, filter: filter, size: limit, return_result: false) do |entry|
puts "DN: #{entry.dn}\t#{ldap_config.uid}: #{entry[ldap_config.uid]}"
end
end
def attributes
[ldap_config.uid]
end
def filter
Net::LDAP::Filter.present?(ldap_config.uid)
end
def ldap
@ldap ||= OmniAuth::LDAP::Adaptor.new(ldap_config).connection
end
def ldap_config
@ldap_config ||= Gitlab.config.ldap
end
end
# Helper methods # Helper methods
########################## ##########################
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment