Loading config/gitlab.yml.example +6 −0 Original line number Diff line number Diff line Loading @@ -140,6 +140,12 @@ production: &base method: 'ssl' # "tls" or "ssl" or "plain" bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' password: '_the_password_of_the_bind_user' # This setting specifies if LDAP server is Active Directory LDAP server. # For non AD servers it skips the AD specific queries. # If your LDAP server is not AD, set this to false. active_directory: true # If allow_username_or_email_login is enabled, GitLab will ignore everything # after the first '@' in the LDAP username submitted by the user on login. # Loading config/initializers/1_settings.rb +1 −0 Original line number Diff line number Diff line Loading @@ -57,6 +57,7 @@ def verify_constant(modul, current, default) Settings['ldap'] ||= Settingslogic.new({}) Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil? Settings.ldap['allow_username_or_email_login'] = false if Settings.ldap['allow_username_or_email_login'].nil? Settings.ldap['active_directory'] = true if Settings.ldap['active_directory'].nil? Settings['omniauth'] ||= Settingslogic.new({}) Loading lib/gitlab/ldap/access.rb +3 −1 Original line number Diff line number Diff line Loading @@ -28,7 +28,9 @@ def initialize(adapter=nil) def allowed?(user) if Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter) if Gitlab.config.ldap.active_directory !Gitlab::LDAP::Person.disabled_via_active_directory?(user.extern_uid, adapter) end else false end Loading spec/lib/gitlab/ldap/access_spec.rb +15 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,21 @@ it { should be_true } end context 'and has no disabled flag in active diretory' do before { Gitlab::LDAP::Person.stub(disabled_via_active_directory?: false) Gitlab.config.ldap['enabled'] = true Gitlab.config.ldap['active_directory'] = false } after { Gitlab.config.ldap['enabled'] = false Gitlab.config.ldap['active_directory'] = true } it { should be_false } end end end end Loading
config/gitlab.yml.example +6 −0 Original line number Diff line number Diff line Loading @@ -140,6 +140,12 @@ production: &base method: 'ssl' # "tls" or "ssl" or "plain" bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' password: '_the_password_of_the_bind_user' # This setting specifies if LDAP server is Active Directory LDAP server. # For non AD servers it skips the AD specific queries. # If your LDAP server is not AD, set this to false. active_directory: true # If allow_username_or_email_login is enabled, GitLab will ignore everything # after the first '@' in the LDAP username submitted by the user on login. # Loading
config/initializers/1_settings.rb +1 −0 Original line number Diff line number Diff line Loading @@ -57,6 +57,7 @@ def verify_constant(modul, current, default) Settings['ldap'] ||= Settingslogic.new({}) Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil? Settings.ldap['allow_username_or_email_login'] = false if Settings.ldap['allow_username_or_email_login'].nil? Settings.ldap['active_directory'] = true if Settings.ldap['active_directory'].nil? Settings['omniauth'] ||= Settingslogic.new({}) Loading
lib/gitlab/ldap/access.rb +3 −1 Original line number Diff line number Diff line Loading @@ -28,7 +28,9 @@ def initialize(adapter=nil) def allowed?(user) if Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter) if Gitlab.config.ldap.active_directory !Gitlab::LDAP::Person.disabled_via_active_directory?(user.extern_uid, adapter) end else false end Loading
spec/lib/gitlab/ldap/access_spec.rb +15 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,21 @@ it { should be_true } end context 'and has no disabled flag in active diretory' do before { Gitlab::LDAP::Person.stub(disabled_via_active_directory?: false) Gitlab.config.ldap['enabled'] = true Gitlab.config.ldap['active_directory'] = false } after { Gitlab.config.ldap['enabled'] = false Gitlab.config.ldap['active_directory'] = true } it { should be_false } end end end end
