From babb7d5260087abfe09d7c4d6994433def7d8b99 Mon Sep 17 00:00:00 2001 From: Drew Blessing Date: Tue, 3 Jan 2017 10:05:47 -0600 Subject: Gitlab::LDAP::Person uses LDAP attributes configuration We allow users to configure LDAP attribute preferences. For example, email can be configured to use `mail`, `email` and `userPrincipalName`, falling through to the next until a value is found. Prior to this change, Gitlab::LDAP::Person did not honor this configuration. Now, the class will honor `name` and `mail` configuration. It does not handle `username`, or fallback to `first_name` + `last_name` in the absence of `name`. --- lib/gitlab/ldap/person.rb | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb index b81f3e8e8f5..333f170a484 100644 --- a/lib/gitlab/ldap/person.rb +++ b/lib/gitlab/ldap/person.rb @@ -28,7 +28,7 @@ module Gitlab end def name - entry.cn.first + attribute_value(:name) end def uid @@ -40,7 +40,7 @@ module Gitlab end def email - entry.try(:mail) + attribute_value(:email) end def dn @@ -56,6 +56,21 @@ module Gitlab def config @config ||= Gitlab::LDAP::Config.new(provider) end + + # Using the LDAP attributes configuration, find and return the first + # attribute with a value. For example, by default, when given 'email', + # this method looks for 'mail', 'email' and 'userPrincipalName' and + # returns the first with a value. + def attribute_value(attribute) + attributes = Array(config.attributes[attribute.to_sym]) + selected_attr = attributes.find { |attr| entry.respond_to?(attr) } + + return nil unless selected_attr + + # Some LDAP attributes return an array, + # even if it is a single value (like 'cn') + Array(entry.public_send(selected_attr)).first + end end end end -- cgit v1.2.1