Skip to content

Commit

Permalink
Allow enable LDAP source and disable user sync via CLI (go-gitea#20206)
Browse files Browse the repository at this point in the history
The current `admin auth` CLI for managing authentication source of type
LDAP via BindDN and Simple LDAP does not allow enabling the respective
source, once disabled via `--not-active`.
The same applies to `--synchronize-users` specifially for LDAP via
BindDN.

These changes add two new flags to LDAP related CLI commands:

- `--active` for both LDAP authentication source types
- `--disable-synchronize-users` for LDAP via BindDN

Signed-off-by: justusbunsi <61625851+justusbunsi@users.noreply.github.com>
  • Loading branch information
justusbunsi authored and Sysoev, Vladimir committed Aug 10, 2022
1 parent 219e73e commit 8358412
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 0 deletions.
14 changes: 14 additions & 0 deletions cmd/admin_auth_ldap.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,10 @@ var (
Name: "not-active",
Usage: "Deactivate the authentication source.",
},
cli.BoolFlag{
Name: "active",
Usage: "Activate the authentication source.",
},
cli.StringFlag{
Name: "security-protocol",
Usage: "Security protocol name.",
Expand Down Expand Up @@ -117,6 +121,10 @@ var (
Name: "synchronize-users",
Usage: "Enable user synchronization.",
},
cli.BoolFlag{
Name: "disable-synchronize-users",
Usage: "Disable user synchronization.",
},
cli.UintFlag{
Name: "page-size",
Usage: "Search page size.",
Expand Down Expand Up @@ -183,9 +191,15 @@ func parseAuthSource(c *cli.Context, authSource *auth.Source) {
if c.IsSet("not-active") {
authSource.IsActive = !c.Bool("not-active")
}
if c.IsSet("active") {
authSource.IsActive = c.Bool("active")
}
if c.IsSet("synchronize-users") {
authSource.IsSyncEnabled = c.Bool("synchronize-users")
}
if c.IsSet("disable-synchronize-users") {
authSource.IsSyncEnabled = !c.Bool("disable-synchronize-users")
}
}

// parseLdapConfig assigns values on config according to command line flags.
Expand Down
57 changes: 57 additions & 0 deletions cmd/admin_auth_ldap_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -858,6 +858,36 @@ func TestUpdateLdapBindDn(t *testing.T) {
},
errMsg: "Invalid authentication type. expected: LDAP (via BindDN), actual: OAuth2",
},
// case 24
{
args: []string{
"ldap-test",
"--id", "24",
"--name", "ldap (via Bind DN) flip 'active' and 'user sync' attributes",
"--active",
"--disable-synchronize-users",
},
id: 24,
existingAuthSource: &auth.Source{
Type: auth.LDAP,
IsActive: false,
IsSyncEnabled: true,
Cfg: &ldap.Source{
Name: "ldap (via Bind DN) flip 'active' and 'user sync' attributes",
Enabled: true,
},
},
authSource: &auth.Source{
Type: auth.LDAP,
Name: "ldap (via Bind DN) flip 'active' and 'user sync' attributes",
IsActive: true,
IsSyncEnabled: false,
Cfg: &ldap.Source{
Name: "ldap (via Bind DN) flip 'active' and 'user sync' attributes",
Enabled: true,
},
},
},
}

for n, c := range cases {
Expand Down Expand Up @@ -1221,6 +1251,33 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
},
errMsg: "Invalid authentication type. expected: LDAP (simple auth), actual: PAM",
},
// case 20
{
args: []string{
"ldap-test",
"--id", "20",
"--name", "ldap (simple auth) flip 'active' attribute",
"--active",
},
id: 20,
existingAuthSource: &auth.Source{
Type: auth.DLDAP,
IsActive: false,
Cfg: &ldap.Source{
Name: "ldap (simple auth) flip 'active' attribute",
Enabled: true,
},
},
authSource: &auth.Source{
Type: auth.DLDAP,
Name: "ldap (simple auth) flip 'active' attribute",
IsActive: true,
Cfg: &ldap.Source{
Name: "ldap (simple auth) flip 'active' attribute",
Enabled: true,
},
},
},
}

for n, c := range cases {
Expand Down

0 comments on commit 8358412

Please sign in to comment.