diff options
| author | Lin Jen-Shin <godfat@godfat.org> | 2019-06-21 11:42:00 +0000 |
|---|---|---|
| committer | Lin Jen-Shin <godfat@godfat.org> | 2019-06-21 11:42:00 +0000 |
| commit | 176164d37423ffb39d293341799aff757f050d7c (patch) | |
| tree | d71b107855b213fb87fa64032b78808ef23b4983 | |
| parent | c10bde1ff088d0b744ce98b28ee6faa16b0eda34 (diff) | |
| parent | 05d5504d072fa1a1c222e94b21e483ba28cbe666 (diff) | |
| download | gitlab-ce-176164d37423ffb39d293341799aff757f050d7c.tar.gz | |
Merge branch 'sanitize_rake_ldap_check_output' into 'master'
Sanitize LDAP output in Rake tasks
Closes #56131
See merge request gitlab-org/gitlab-ce!28427
| -rw-r--r-- | changelogs/unreleased/sanitize_rake_ldap_check_output.yml | 5 | ||||
| -rw-r--r-- | lib/system_check/ldap_check.rb | 9 | ||||
| -rw-r--r-- | spec/tasks/gitlab/check_rake_spec.rb | 9 |
3 files changed, 21 insertions, 2 deletions
diff --git a/changelogs/unreleased/sanitize_rake_ldap_check_output.yml b/changelogs/unreleased/sanitize_rake_ldap_check_output.yml new file mode 100644 index 00000000000..92824d1dd48 --- /dev/null +++ b/changelogs/unreleased/sanitize_rake_ldap_check_output.yml @@ -0,0 +1,5 @@ +--- +title: Sanitize LDAP output in Rake tasks +merge_request: 28427 +author: +type: fixed diff --git a/lib/system_check/ldap_check.rb b/lib/system_check/ldap_check.rb index 619fb3cccb8..938026424ed 100644 --- a/lib/system_check/ldap_check.rb +++ b/lib/system_check/ldap_check.rb @@ -33,8 +33,13 @@ module SystemCheck $stdout.puts "LDAP users with access to your GitLab server (only showing the first #{limit} results)" users = adapter.users(adapter.config.uid, '*', limit) - users.each do |user| - $stdout.puts "\tDN: #{user.dn}\t #{adapter.config.uid}: #{user.uid}" + + if should_sanitize? + $stdout.puts "\tUser output sanitized. Found #{users.length} users of #{limit} limit." + else + users.each do |user| + $stdout.puts "\tDN: #{user.dn}\t #{adapter.config.uid}: #{user.uid}" + end end end rescue Net::LDAP::ConnectionRefusedError, Errno::ECONNREFUSED => e diff --git a/spec/tasks/gitlab/check_rake_spec.rb b/spec/tasks/gitlab/check_rake_spec.rb index 06525e3c771..0fcb9b269f3 100644 --- a/spec/tasks/gitlab/check_rake_spec.rb +++ b/spec/tasks/gitlab/check_rake_spec.rb @@ -96,6 +96,15 @@ describe 'check.rake' do subject end + + it 'sanitizes output' do + user = double(dn: 'uid=fake_user1', uid: 'fake_user1') + allow(adapter).to receive(:users).and_return([user]) + stub_env('SANITIZE', 'true') + + expect { subject }.to output(/User output sanitized/).to_stdout + expect { subject }.not_to output('fake_user1').to_stdout + end end end end |