Sync ldap external groups on login
What does this MR do?
On LDAP login, the user's external flag is set by checking external groups immediately.
Are there points in the code the reviewer needs to double check?
I would prefer to have at least one integration test for this, but I didn't see a good one that doesn't seem to stub as much as I'm already doing in these unit tests.
I don't know how slow it can be to pull member DNs for a group, but if there are a lot of external_groups
with a lot of members, I imagine this could cause logins to be slow. I am currently unaware of a faster way to do it though.
Why was this MR needed?
On customer installations with LDAP and external groups, new users that should be external could login and see everything until a scheduled sync worker ran.
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together
What are the relevant issue numbers?
Edited by 🤖 GitLab Bot 🤖