Skip to content

Commit 2c5d990

Browse files
TheFox0x7TheFox0x7
committed
add removal flag
1 parent 6a2d6d6 commit 2c5d990

File tree

2 files changed

+21
-0
lines changed

2 files changed

+21
-0
lines changed

cmd/admin_auth_ldap.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -151,6 +151,10 @@ var (
151151
&cli.StringFlag{
152152
Name: "group-team-map",
153153
Usage: "Map LDAP groups to Organization teams",
154+
},
155+
&cli.BoolFlag{
156+
Name: "group-users-remove",
157+
Usage: "Remove users from synchronized teams if user does not belong to corresponding LDAP group",
154158
})
155159

156160
ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
@@ -315,6 +319,9 @@ func parseLdapConfig(c *cli.Context, config *ldap.Source) error {
315319
if c.IsSet("group-team-map") {
316320
config.GroupTeamMap = c.String("group-team-map")
317321
}
322+
if c.IsSet("group-users-remove") {
323+
config.GroupTeamMapRemoval = c.Bool("group-users-remove")
324+
}
318325
return nil
319326
}
320327

cmd/admin_auth_ldap_test.go

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,13 @@ func TestAddLdapBindDn(t *testing.T) {
5151
"--attributes-in-bind",
5252
"--synchronize-users",
5353
"--page-size", "99",
54+
"--enable-groups", "true",
55+
"--group-search-base", "ou=group,dc=full-domain-bind,dc=org",
56+
"--group-member-uid", "memberUid",
57+
"--group-user-attribute", "uid",
58+
"--group-filter", "(|(cn=gitea_user)(cn=admins))",
59+
"--group-team-map", `{"cn=my-group,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2"]}}`,
60+
"--group-users-remove", "true",
5461
},
5562
source: &auth.Source{
5663
Type: auth.LDAP,
@@ -78,6 +85,13 @@ func TestAddLdapBindDn(t *testing.T) {
7885
AdminFilter: "(memberOf=cn=admin-group,ou=example,dc=full-domain-bind,dc=org)",
7986
RestrictedFilter: "(memberOf=cn=restricted-group,ou=example,dc=full-domain-bind,dc=org)",
8087
Enabled: true,
88+
GroupsEnabled: true,
89+
GroupDN: "ou=group,dc=full-domain-bind,dc=org",
90+
GroupMemberUID: "memberUid",
91+
UserUID: "uid",
92+
GroupFilter: "(|(cn=gitea_users)(cn=admins))",
93+
GroupTeamMap: `{"cn=my-group,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2"]}}`,
94+
GroupTeamMapRemoval: true,
8195
},
8296
},
8397
},

0 commit comments

Comments
 (0)