Gitlab::LDAP::Person uses LDAP attributes configuration

We allow users to configure LDAP attribute preferences. For example,
email can be configured to use `mail`, `email` and `userPrincipalName`,
falling through to the next until a value is found. Prior to this
change, Gitlab::LDAP::Person did not honor this configuration. Now,
the class will honor `name` and `mail` configuration. It does not
handle `username`, or fallback to `first_name` + `last_name` in the
absence of `name`.

1 files changed, 17 insertions, 2 deletions

diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index b81f3e8e8f5..333f170a484 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -28,7 +28,7 @@ module Gitlab
       end
 
       def name
-        entry.cn.first
+        attribute_value(:name)
       end
 
       def uid
@@ -40,7 +40,7 @@ module Gitlab
       end
 
       def email
-        entry.try(:mail)
+        attribute_value(:email)
       end
 
       def dn
@@ -56,6 +56,21 @@ module Gitlab
       def config
         @config ||= Gitlab::LDAP::Config.new(provider)
       end
+
+      # Using the LDAP attributes configuration, find and return the first
+      # attribute with a value. For example, by default, when given 'email',
+      # this method looks for 'mail', 'email' and 'userPrincipalName' and
+      # returns the first with a value.
+      def attribute_value(attribute)
+        attributes = Array(config.attributes[attribute.to_sym])
+        selected_attr = attributes.find { |attr| entry.respond_to?(attr) }
+
+        return nil unless selected_attr
+
+        # Some LDAP attributes return an array,
+        # even if it is a single value (like 'cn')
+        Array(entry.public_send(selected_attr)).first
+      end
     end
   end
 end