| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Extract the creation of the in-memory servers and the interceptor
code to a base class that LDAP related unit tests can extend to
have the servers available.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The canAdmin permission is set on a LDAP user, when the user is listed
in `realm.ldap.admins` or is a member of a team listed in `realm.ldap.admins`.
This leads to inconsistent and surprising behaviour on the EditUser page
when clicking the "can admin" checkbox. Also, the "can admin" checkbox
is disabled, but not checked, for teams that are listed as admin teams.
The new behaviour implemented in this patch makes users and teams from
LDAP match local ones. That means:
* LDAP teams that are listed in `realm.ldap.admins` get the canAdmin
property set if teams are maintained in LDAP.
* LDAP users that are listed in `realm.ldap.admins` get the canAdmin
property set if teams are maintained in LDAP.
* LDAP users do not get the canAdmin property set, if they are only a
member of a team listed in `realm.ldap.admins`.
* The `supportsRoleChanges` method for users and teams of the
`LdapAuthProvider` unconditially returns false if teams are
maintained in LDAP, not only for users and teams listed in
`realm.ldap.admins`.
* Therefore, for all LDAP users and teams the "can admin" checkbox
is always disabled if teams are maintained in LDAP.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add access restrictions to the LDAP test server instances.
New modes used a test parameters are ANONYMOUS, DS_MANAGER and USR_MANAGER.
ANONYMOUS can bind anonymously and access users and groups.
In DS_MANAGER the server requires authentication and will only allow
the DIRECTORY_MANAGER user to search for users and groups.
In USR_MANAGER only the user can search groups, the USER_MANAGER, which
is used to bind in this mode, can not.
A third server instance is created because I did fear side effects should
the tests be run in parallel, had I tried to configure the access
restriction in Before.
|
| |
|
|
|
|
|
| |
Instantiate two LDAP servers, one that allows anonymous access, and
one that requires authentication for all operations.
The JUnit test is parameterized to run all tests with both instances.
It uses different settings for each mode.
|
| |
|
|
|
| |
+ Adds standard logging for all authentication providers
+ Updates help page to use default GitBlit SSH port
|
| | |
|
| | |
|
| |
|
| |
bind)
|
| | |
|
| |
|
|
|
|
|
|
| |
Using new settings key realm.ldap.synchronize
Switched from key String to Keys class. To avoid letting tests pass with
hardcoded keys wich doesn't exist anymore. Now on Key Refactorings the
test gets compile error again.
Test the isReady behavior from LdapSyncService.
|
| | |
|
| |
|
|
| |
synchronization is enabled.
|
| |
|
|
| |
every test.
|
| |
|
|
|
| |
background service. Introduced configuration property to configure the
synchronization period.
|
|
|
Change-Id: I336e005e02623fc5e11a4f8b4408bea5465a43fd
|
