Add a user's memberships when logging in
What does this MR do?
In this MR we're using the memberof
property that some LDAP servers support to create group memberships when the user logs in.
This is done in the LdapUpdateMembershipsWorker
because it can take a few seconds depending on how many groups need to be synced.
So we are showing a message to the user when he has no groups yet, telling him that the sync is currently being done and he should refresh to see the changes.
That way the user doesn't need to wait until the next LdapGroupSyncWorker
run to have access to his groups.
For now this only works for creating memberships, not for destroying them. I think this is the best way to go since all users created in LDAP before the memberof
overlay was applied wouldn't have this property set.
Are there points in the code the reviewer needs to double check?
Is the way we are now extracting LDAP-groups from memberof
correct?
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together
What are the relevant issue numbers?
Closes #906 (closed)