Commit c5ad0119 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'fix-ldap-check' into 'master'

Fix ldap check

Fixes gitlab/gitlabhq#1691

See merge request !1206
parents 47064ea5 da21b9e7
...@@ -22,7 +22,7 @@ module Gitlab ...@@ -22,7 +22,7 @@ module Gitlab
Gitlab::LDAP::Config.new(provider) Gitlab::LDAP::Config.new(provider)
end end
def users(field, value) def users(field, value, limit = nil)
if field.to_sym == :dn if field.to_sym == :dn
options = { options = {
base: value, base: value,
...@@ -45,6 +45,10 @@ module Gitlab ...@@ -45,6 +45,10 @@ module Gitlab
end end
end end
if limit.present?
options.merge!(size: limit)
end
entries = ldap_search(options).select do |entry| entries = ldap_search(options).select do |entry|
entry.respond_to? config.uid entry.respond_to? config.uid
end end
......
...@@ -664,7 +664,7 @@ namespace :gitlab do ...@@ -664,7 +664,7 @@ namespace :gitlab do
warn_user_is_not_gitlab warn_user_is_not_gitlab
start_checking "LDAP" start_checking "LDAP"
if ldap_config.enabled if Gitlab::LDAP::Config.enabled?
print_users(args.limit) print_users(args.limit)
else else
puts 'LDAP is disabled in config/gitlab.yml' puts 'LDAP is disabled in config/gitlab.yml'
...@@ -675,39 +675,19 @@ namespace :gitlab do ...@@ -675,39 +675,19 @@ namespace :gitlab do
def print_users(limit) def print_users(limit)
puts "LDAP users with access to your GitLab server (only showing the first #{limit} results)" puts "LDAP users with access to your GitLab server (only showing the first #{limit} results)"
ldap.search(attributes: attributes, filter: filter, size: limit, return_result: false) do |entry|
puts "DN: #{entry.dn}\t#{ldap_config.uid}: #{entry[ldap_config.uid]}"
end
end
def attributes
[ldap_config.uid]
end
def filter servers = Gitlab.config.ldap.servers.keys
uid_filter = Net::LDAP::Filter.present?(ldap_config.uid)
if user_filter
Net::LDAP::Filter.join(uid_filter, user_filter)
else
uid_filter
end
end
def user_filter servers.each do |server|
if ldap_config['user_filter'] && ldap_config.user_filter.present? puts "Server: #{server}"
Net::LDAP::Filter.construct(ldap_config.user_filter) Gitlab::LDAP::Adapter.open("ldap#{server}") do |adapter|
else users = adapter.users(adapter.config.uid, '*', 100)
nil users.each do |user|
puts "\tDN: #{user.dn}\t #{adapter.config.uid}: #{user.uid}"
end
end
end end
end end
def ldap
@ldap ||= OmniAuth::LDAP::Adaptor.new(ldap_config).connection
end
def ldap_config
@ldap_config ||= Gitlab.config.ldap
end
end end
# Helper methods # Helper methods
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment