diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-06-09 10:39:29 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-07-26 02:43:36 -0700 |
| commit | 72d8b1e40aa96f575aac9a8c9dada09e66cd7a9d (patch) | |
| tree | 6e9ce22aa0aa4f6a3e18f52952d95a414f7e5b79 | |
| parent | 2d7d1fa69db2b5e0056d5ab8884684886229f852 (diff) | |
| download | gitlab-ce-72d8b1e40aa96f575aac9a8c9dada09e66cd7a9d.tar.gz | |
Move backwards compatibility logic out of the code
And closer to the configuration setup. The code doesn’t need to know about this.
| -rw-r--r-- | config/initializers/1_settings.rb | 6 | ||||
| -rw-r--r-- | lib/gitlab/ldap/config.rb | 6 | ||||
| -rw-r--r-- | spec/lib/gitlab/ldap/config_spec.rb | 24 |
3 files changed, 6 insertions, 30 deletions
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 9344a42540b..20fe92dd6b3 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -145,7 +145,11 @@ if Settings.ldap['enabled'] || Rails.env.test? server['attributes'] = {} if server['attributes'].nil? server['provider_name'] ||= "ldap#{key}".downcase server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name']) - server['encryption'] ||= server['method'] # for backwards compatibility + + # For backwards compatibility + server['encryption'] ||= server['method'] + server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl' + server['encryption'] = 'start_tls' if server['encryption'] == 'tls' # Certificates are not verified for backwards compatibility. # This default should be flipped to true in 9.5. diff --git a/lib/gitlab/ldap/config.rb b/lib/gitlab/ldap/config.rb index efc3c50e038..db76ee098c5 100644 --- a/lib/gitlab/ldap/config.rb +++ b/lib/gitlab/ldap/config.rb @@ -5,11 +5,7 @@ module Gitlab NET_LDAP_ENCRYPTION_METHOD = { :simple_tls => :simple_tls, :start_tls => :start_tls, - :plain => nil, - - # Deprecated. Better to pass-through the actual `Net::LDAP` encryption type. - :ssl => :simple_tls, - :tls => :start_tls, + :plain => nil } attr_accessor :provider, :options diff --git a/spec/lib/gitlab/ldap/config_spec.rb b/spec/lib/gitlab/ldap/config_spec.rb index 7679c9ea913..e3a9505531d 100644 --- a/spec/lib/gitlab/ldap/config_spec.rb +++ b/spec/lib/gitlab/ldap/config_spec.rb @@ -69,18 +69,6 @@ describe Gitlab::LDAP::Config, lib: true do expect(config.adapter_options[:encryption]).to include({ method: :simple_tls }) end - it 'sets encryption method to simple_tls when configured as ssl, for backwards compatibility' do - stub_ldap_config( - options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'ssl' - } - ) - - expect(config.adapter_options[:encryption]).to include({ method: :simple_tls }) - end - it 'sets encryption method to start_tls when configured as start_tls' do stub_ldap_config( options: { @@ -93,18 +81,6 @@ describe Gitlab::LDAP::Config, lib: true do expect(config.adapter_options[:encryption]).to include({ method: :start_tls }) end - it 'sets encryption method to start_tls when configured as tls, for backwards compatibility' do - stub_ldap_config( - options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'tls' - } - ) - - expect(config.adapter_options[:encryption]).to include({ method: :start_tls }) - end - context 'when verify_certificates is enabled' do it 'sets tls_options to OpenSSL defaults' do stub_ldap_config( |