Merge branch 'ldap_check' of /home/git/repositories/gitlab/gitlabhq

Dmitriy Zaporozhets
2 parents 4f067ae9 80302a0f
Showing 2 changed files with 41 additions and 0 deletions Show diff stats
config/gitlab.yml.example
lib/tasks/gitlab/check.rake
@@ -114,6 +114,8 @@ production: &amp;base
   # ==========================
  
   ## LDAP settings
+  # You can inspect the first 100 LDAP users with login access by running:
+  #   bundle exec rake gitlab:ldap:check[100] RAILS_ENV=production
   ldap:
     enabled: false
     host: '_your_ldap_server'
@@ -3,6 +3,7 @@ namespace :gitlab do
   task check: %w{gitlab:env:check
                  gitlab:gitlab_shell:check
                  gitlab:sidekiq:check
+                 gitlab:ldap:check
                  gitlab:app:check}
  
  
@@ -679,6 +680,44 @@ namespace :gitlab do
     end
   end
  
+  namespace :ldap do
+    task :check, [:limit] => :environment do |t, args|
+      args.with_defaults(limit: 100)
+      warn_user_is_not_gitlab
+      start_checking "LDAP"
+
+      if ldap_config.enabled
+        print_users(args.limit)
+      else
+        puts 'LDAP is disabled in config/gitlab.yml'
+      end
+
+      finished_checking "LDAP"
+    end
+
+    def print_users(limit)
+      puts "LDAP users with access to your GitLab server (limit: #{limit}):"
+      ldap.search(attributes: attributes, filter: filter, size: limit, return_result: false) do |entry|
+        puts "DN: #{entry.dn}\t#{ldap_config.uid}: #{entry[ldap_config.uid]}"
+      end
+    end
+
+    def attributes
+      [ldap_config.uid]
+    end
+
+    def filter
+      Net::LDAP::Filter.present?(ldap_config.uid)
+    end
+
+    def ldap
+      @ldap ||= OmniAuth::LDAP::Adaptor.new(ldap_config).connection
+    end
+
+    def ldap_config
+      @ldap_config ||= Gitlab.config.ldap
+    end
+  end
  
   # Helper methods
   ##########################
...	...	@@ -114,6 +114,8 @@ production: &base
114	114	# ==========================
115	115
116	116	## LDAP settings
	117	+ # You can inspect the first 100 LDAP users with login access by running:
	118	+ # bundle exec rake gitlab:ldap:check[100] RAILS_ENV=production
117	119	ldap:
118	120	enabled: false
119	121	host: '_your_ldap_server'
...	...
...	...	@@ -3,6 +3,7 @@ namespace :gitlab do
3	3	task check: %w{gitlab:env:check
4	4	gitlab:gitlab_shell:check
5	5	gitlab:sidekiq:check
	6	+ gitlab:ldap:check
6	7	gitlab:app:check}
7	8
8	9
...	...	@@ -679,6 +680,44 @@ namespace :gitlab do
679	680	end
680	681	end
681	682
	683	+ namespace :ldap do
	684	+ task :check, [:limit] => :environment do \|t, args\|
	685	+ args.with_defaults(limit: 100)
	686	+ warn_user_is_not_gitlab
	687	+ start_checking "LDAP"
	688	+
	689	+ if ldap_config.enabled
	690	+ print_users(args.limit)
	691	+ else
	692	+ puts 'LDAP is disabled in config/gitlab.yml'
	693	+ end
	694	+
	695	+ finished_checking "LDAP"
	696	+ end
	697	+
	698	+ def print_users(limit)
	699	+ puts "LDAP users with access to your GitLab server (limit: #{limit}):"
	700	+ ldap.search(attributes: attributes, filter: filter, size: limit, return_result: false) do \|entry\|
	701	+ puts "DN: #{entry.dn}\t#{ldap_config.uid}: #{entry[ldap_config.uid]}"
	702	+ end
	703	+ end
	704	+
	705	+ def attributes
	706	+ [ldap_config.uid]
	707	+ end
	708	+
	709	+ def filter
	710	+ Net::LDAP::Filter.present?(ldap_config.uid)
	711	+ end
	712	+
	713	+ def ldap
	714	+ @ldap \|\|= OmniAuth::LDAP::Adaptor.new(ldap_config).connection
	715	+ end
	716	+
	717	+ def ldap_config
	718	+ @ldap_config \|\|= Gitlab.config.ldap
	719	+ end
	720	+ end
682	721
683	722	# Helper methods
684	723	##########################
...	...