summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Kozono <mkozono@gmail.com>2017-06-09 10:39:29 -0700
committerMichael Kozono <mkozono@gmail.com>2017-07-26 02:43:36 -0700
commit72d8b1e40aa96f575aac9a8c9dada09e66cd7a9d (patch)
tree6e9ce22aa0aa4f6a3e18f52952d95a414f7e5b79
parent2d7d1fa69db2b5e0056d5ab8884684886229f852 (diff)
downloadgitlab-ce-72d8b1e40aa96f575aac9a8c9dada09e66cd7a9d.tar.gz
Move backwards compatibility logic out of the code
And closer to the configuration setup. The code doesn’t need to know about this.
-rw-r--r--config/initializers/1_settings.rb6
-rw-r--r--lib/gitlab/ldap/config.rb6
-rw-r--r--spec/lib/gitlab/ldap/config_spec.rb24
3 files changed, 6 insertions, 30 deletions
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 9344a42540b..20fe92dd6b3 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test?
server['attributes'] = {} if server['attributes'].nil?
server['provider_name'] ||= "ldap#{key}".downcase
server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
- server['encryption'] ||= server['method'] # for backwards compatibility
+
+ # For backwards compatibility
+ server['encryption'] ||= server['method']
+ server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
+ server['encryption'] = 'start_tls' if server['encryption'] == 'tls'
# Certificates are not verified for backwards compatibility.
# This default should be flipped to true in 9.5.
diff --git a/lib/gitlab/ldap/config.rb b/lib/gitlab/ldap/config.rb
index efc3c50e038..db76ee098c5 100644
--- a/lib/gitlab/ldap/config.rb
+++ b/lib/gitlab/ldap/config.rb
@@ -5,11 +5,7 @@ module Gitlab
NET_LDAP_ENCRYPTION_METHOD = {
:simple_tls => :simple_tls,
:start_tls => :start_tls,
- :plain => nil,
-
- # Deprecated. Better to pass-through the actual `Net::LDAP` encryption type.
- :ssl => :simple_tls,
- :tls => :start_tls,
+ :plain => nil
}
attr_accessor :provider, :options
diff --git a/spec/lib/gitlab/ldap/config_spec.rb b/spec/lib/gitlab/ldap/config_spec.rb
index 7679c9ea913..e3a9505531d 100644
--- a/spec/lib/gitlab/ldap/config_spec.rb
+++ b/spec/lib/gitlab/ldap/config_spec.rb
@@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do
expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
end
- it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do
- stub_ldap_config(
- options: {
- 'host' => 'ldap.example.com',
- 'port' => 686,
- 'encryption' => 'ssl'
- }
- )
-
- expect(config.adapter_options[:encryption]).to include({ method: :simple_tls })
- end
-
it 'sets encryption method to start_tls when configured as start_tls' do
stub_ldap_config(
options: {
@@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do
expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
end
- it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do
- stub_ldap_config(
- options: {
- 'host' => 'ldap.example.com',
- 'port' => 686,
- 'encryption' => 'tls'
- }
- )
-
- expect(config.adapter_options[:encryption]).to include({ method: :start_tls })
- end
-
context 'when verify_certificates is enabled' do
it 'sets tls_options to OpenSSL defaults' do
stub_ldap_config(