Merge branch 'ldap_connections'

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: CHANGELOG

Merge branch 'ldap_connections'
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: CHANGELOG
1ec106b8 · Dmitriy Zaporozhets · bce8edbb · 48e90540 · 1ec106b8 · 1ec106b8
Commit 1ec106b8 authored Mar 14, 2014 by Dmitriy Zaporozhets
5 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -18,6 +18,7 @@ v 6.7.0
  - Add webhook when a new tag is pushed (Jeroen van Baarsen)
  - Add button for toggling inline comments in diff view
  - Add retry feature for repository import
+  - Reuse the GitLab LDAP connection within each request
 v 6.6.2
  - Fix 500 error on branch/tag create or remove via UI

--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -182,7 +182,8 @@ class ApplicationController < ActionController::Base
  def ldap_security_check
    if current_user && current_user.requires_ldap_check?
-      if gitlab_ldap_access.allowed?(current_user)
+      gitlab_ldap_access do |access|
+        if access.allowed?(current_user)
          current_user.last_credential_check_at = Time.now
          current_user.save
        else
@@ -192,14 +193,15 @@ class ApplicationController < ActionController::Base
        end
      end
    end
+  end
  def event_filter
    filters = cookies['event_filter'].split(',') if cookies['event_filter'].present?
    @event_filter ||= EventFilter.new(filters)
  end
-  def gitlab_ldap_access
+  def gitlab_ldap_access(&block)
-    Gitlab::LDAP::Access.new
+    Gitlab::LDAP::Access.open { |access| block.call(access) }
  end
  # JSON for infinite scroll via Pager object

--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
 module Gitlab
  module LDAP
    class Access
+      attr_reader :adapter
+      def self.open(&block)
+        Gitlab::LDAP::Adapter.open do |adapter|
+          block.call(self.new(adapter))
+        end
+      end
+      def initialize(adapter=nil)
+        @adapter = adapter
+      end
      def allowed?(user)
-        !!Gitlab::LDAP::Person.find_by_dn(user.extern_uid)
+        !!Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter)
      rescue
        false
      end

--- a/lib/gitlab/ldap/adapter.rb
+++ b/lib/gitlab/ldap/adapter.rb
@@ -3,7 +3,17 @@ module Gitlab
    class Adapter
      attr_reader :ldap
-      def initialize
+      def self.open(&block)
+        Net::LDAP.open(adapter_options) do |ldap|
+          block.call(self.new(ldap))
+        end
+      end
+      def self.config
+        Gitlab.config.ldap
+      end
+      def self.adapter_options
        encryption = config['method'].to_s == 'ssl' ? :simple_tls : nil
        options = {
@@ -23,8 +33,12 @@ module Gitlab
        if config['password'] || config['bind_dn']
          options.merge!(auth_options)
        end
+        options
+      end
-        @ldap = Net::LDAP.new(options)
+      def initialize(ldap=nil)
+        @ldap = ldap || Net::LDAP.new(self.class.adapter_options)
      end
      def users(field, value)
@@ -65,7 +79,7 @@ module Gitlab
      private
      def config
-        @config ||= Gitlab.config.ldap
+        @config ||= self.class.config
      end
    end
  end

--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
 module Gitlab
  module LDAP
    class Person
-      def self.find_by_uid(uid)
+      def self.find_by_uid(uid, adapter=nil)
-        Gitlab::LDAP::Adapter.new.user(config.uid, uid)
+        adapter ||= Gitlab::LDAP::Adapter.new
+        adapter.user(config.uid, uid)
      end
-      def self.find_by_dn(dn)
+      def self.find_by_dn(dn, adapter=nil)
-        Gitlab::LDAP::Adapter.new.user('dn', dn)
+        adapter ||= Gitlab::LDAP::Adapter.new
+        adapter.user('dn', dn)
      end
      def initialize(entry)