do not log "blocking Gitlab user" when user is already blocked
Summary
When the ldap_sync_worker job runs, it always logs LDAP account "uid=toto,..." does not exist anymore, blocking Gitlab user "Toto"
into application.log even if the users was already ldap blocked (for exemple, on the previous run of the job)
Steps to reproduce
- Create a LDAP user, for exemple "uid=toto,...".
- Ensure the user is also created in gitlab
- Delete the user with "uid=toto,..." in LDAP
- Run synchro job, it will display
LDAP account "uid=toto,..." does not exist anymore, blocking Gitlab user "Toto"'
into application.log and the user will be ldap blocked - Run synchro job again, it will display again
LDAP account "uid=toto,..." does not exist anymore, blocking Gitlab user "Toto"
into application.log (which is useless since the user was already ldap blocked)
Example Project
.
What is the current bug behavior?
When the ldap_sync_worker job run, it always logs into application.log LDAP account "uid=toto,..." does not exist anymore, blocking Gitlab user "Toto"
into application.log even if the users was already ldap blocked (for exemple, on the previous run of the job)
What is the expected correct behavior?
When the ldap_sync_worker job run, if the account with an extern_uid "uid=toto,..." is ldap_blocked and "uid=toto,..." is not in LDAP, then the message LDAP account "uid=toto,..." does not exist anymore, blocking Gitlab user "Toto"
is not displayed into application.log again
Relevant logs and/or screenshots
I ran ldap_sync_worker twice, I find the following in application.log :
...
May 30, 2018 17:29: LDAP account "uid=xxx,ou=users,dc=yyy,dc=com" does not exist anymore, blocking Gitlab user "Xxx Zzz" (xxx@yyy.com)
...
May 30, 2018 17:35: LDAP account "uid=xxx,ou=users,dc=yyy,dc=com" does not exist anymore, blocking Gitlab user "Xxx Zzz" (xxx@yyy.com)
...
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
System information System: Proxy: no Current User: git Using RVM: no Ruby Version: 2.3.7p456 Gem Version: 2.6.14 Bundler Version:1.13.7 Rake Version: 12.3.1 Redis Version: 3.2.11 Git Version: 2.16.4 Sidekiq Version:5.0.5 Go Version: unknown
GitLab information Version: 10.8.2-ee Revision: 1ae1e59 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: postgresql DB Version: 9.6.8 URL: https://xxx.com HTTP Clone URL: https://xxx.com/some-group/some-project.git SSH Clone URL: git@xxx.com:some-group/some-project.git Elasticsearch: no Geo: no Using LDAP: yes Using Omniauth: no
GitLab Shell Version: 7.1.2 Repository storage paths:
- default: /opt/git-data/repositories Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks Git: /opt/gitlab/embedded/bin/git
Results of GitLab application Check
Expand for output related to the GitLab application check
Redis version >= 2.8.0? ... yes Ruby version >= 2.3.5 ? ... yes (2.3.7) Git version >= 2.9.5 ? ... yes (2.16.4) Git user has default SSH configuration? ... no Try fixing it: mkdir ~/gitlab-check-backup-1527697588 ... For more information see: doc/ssh/README.md in section "SSH on the GitLab server" Please fix the error above and rerun the checks. Active users: ... 170 Elasticsearch version 5.1 - 5.5? ... skipped (elasticsearch is disabled)
Checking GitLab ... Finished
Possible fixes
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/gitlab/auth/ldap/access.rb#L81