Merge branch 'ldap_connections'

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: CHANGELOG
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-14 12:58:43 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-14 12:58:43 +0200
commit: 1ec106b853cf2b3aa7c8fa29e24d1f429df2f0a8 (patch)
tree: d310c675e58ca8c9f7ffa6d2da186036366fd518
parent: bce8edbbcc03bd29230124f9d7871dabbc79d38f (diff)
parent: 48e9054056db7f14bdef0d2d5c859f357110ed95 (diff)
download: gitlab-ce-1ec106b853cf2b3aa7c8fa29e24d1f429df2f0a8.tar.gz
5 files changed, 48 insertions, 17 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 55a1a22e6b7..f93668289ce 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -18,6 +18,7 @@ v 6.7.0
   - Add webhook when a new tag is pushed (Jeroen van Baarsen)
   - Add button for toggling inline comments in diff view
   - Add retry feature for repository import
+  - Reuse the GitLab LDAP connection within each request
 
 v 6.6.2
   - Fix 500 error on branch/tag create or remove via UI
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 9a0c9f60b05..5f8b2da06f8 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -182,13 +182,15 @@ class ApplicationController < ActionController::Base
 
   def ldap_security_check
     if current_user && current_user.requires_ldap_check?
-      if gitlab_ldap_access.allowed?(current_user)
-        current_user.last_credential_check_at = Time.now
-        current_user.save
-      else
-        sign_out current_user
-        flash[:alert] = "Access denied for your LDAP account."
-        redirect_to new_user_session_path
+      gitlab_ldap_access do |access|
+        if access.allowed?(current_user)
+          current_user.last_credential_check_at = Time.now
+          current_user.save
+        else
+          sign_out current_user
+          flash[:alert] = "Access denied for your LDAP account."
+          redirect_to new_user_session_path
+        end
       end
     end
   end
@@ -198,8 +200,8 @@ class ApplicationController < ActionController::Base
     @event_filter ||= EventFilter.new(filters)
   end
 
-  def gitlab_ldap_access
-    Gitlab::LDAP::Access.new
+  def gitlab_ldap_access(&block)
+    Gitlab::LDAP::Access.open { |access| block.call(access) }
   end
 
   # JSON for infinite scroll via Pager object
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb
index 2a636244473..8f492e5c012 100644
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -1,8 +1,20 @@
 module Gitlab
   module LDAP
     class Access
+      attr_reader :adapter
+
+      def self.open(&block)
+        Gitlab::LDAP::Adapter.open do |adapter|
+          block.call(self.new(adapter))
+        end
+      end
+
+      def initialize(adapter=nil)
+        @adapter = adapter
+      end
+
       def allowed?(user)
-        !!Gitlab::LDAP::Person.find_by_dn(user.extern_uid)
+        !!Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter)
       rescue
         false
       end
diff --git a/lib/gitlab/ldap/adapter.rb b/lib/gitlab/ldap/adapter.rb
index a7b5bcb207c..983a2956a35 100644
--- a/lib/gitlab/ldap/adapter.rb
+++ b/lib/gitlab/ldap/adapter.rb
@@ -3,7 +3,17 @@ module Gitlab
     class Adapter
       attr_reader :ldap
 
-      def initialize
+      def self.open(&block)
+        Net::LDAP.open(adapter_options) do |ldap|
+          block.call(self.new(ldap))
+        end
+      end
+
+      def self.config
+        Gitlab.config.ldap
+      end
+
+      def self.adapter_options
         encryption = config['method'].to_s == 'ssl' ? :simple_tls : nil
 
         options = {
@@ -23,8 +33,12 @@ module Gitlab
         if config['password'] || config['bind_dn']
           options.merge!(auth_options)
         end
+        options
+      end
+
 
-        @ldap = Net::LDAP.new(options)
+      def initialize(ldap=nil)
+        @ldap = ldap || Net::LDAP.new(self.class.adapter_options)
       end
 
       def users(field, value)
@@ -65,7 +79,7 @@ module Gitlab
       private
 
       def config
-        @config ||= Gitlab.config.ldap
+        @config ||= self.class.config
       end
     end
   end
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index 5ee383dfa03..06b17c58f8c 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -1,12 +1,14 @@
 module Gitlab
   module LDAP
     class Person
-      def self.find_by_uid(uid)
-        Gitlab::LDAP::Adapter.new.user(config.uid, uid)
+      def self.find_by_uid(uid, adapter=nil)
+        adapter ||= Gitlab::LDAP::Adapter.new
+        adapter.user(config.uid, uid)
       end
 
-      def self.find_by_dn(dn)
-        Gitlab::LDAP::Adapter.new.user('dn', dn)
+      def self.find_by_dn(dn, adapter=nil)
+        adapter ||= Gitlab::LDAP::Adapter.new
+        adapter.user('dn', dn)
       end
 
       def initialize(entry)
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-14 12:58:43 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-14 12:58:43 +0200
commit	1ec106b853cf2b3aa7c8fa29e24d1f429df2f0a8 (patch)
tree	d310c675e58ca8c9f7ffa6d2da186036366fd518
parent	bce8edbbcc03bd29230124f9d7871dabbc79d38f (diff)
parent	48e9054056db7f14bdef0d2d5c859f357110ed95 (diff)
download	gitlab-ce-1ec106b853cf2b3aa7c8fa29e24d1f429df2f0a8.tar.gz