Commit 022d4d01 authored by Pavel Shutsin's avatar Pavel Shutsin

Revert "Add read-only state for LDAP syncable attributes"

LDAP read-only attributes should be redone with more
knowledge about customer needs
parent a47e7c0e
......@@ -1582,13 +1582,6 @@ class User < ApplicationRecord
end
def read_only_attribute?(attribute)
if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
enabled = Gitlab::Auth::Ldap::Config.enabled?
read_only = attribute.to_sym.in?(UserSyncedAttributesMetadata::SYNCABLE_ATTRIBUTES)
return true if enabled && read_only
end
user_synced_attributes_metadata&.read_only?(attribute)
end
......
......@@ -60,12 +60,8 @@ module Users
end
def discard_read_only_attributes
if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
params.reject! { |key, _| @user.read_only_attribute?(key.to_sym) }
else
discard_synced_attributes
end
end
def discard_synced_attributes
if (metadata = @user.user_synced_attributes_metadata)
......
---
title: Revert LDAP readonly attributes feature
merge_request: 28541
author:
type: removed
......@@ -4259,30 +4259,6 @@ describe User, :do_not_mock_admin_mode do
end
describe '#read_only_attribute?' do
context 'when LDAP server is enabled' do
before do
allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
end
%i[name email location].each do |attribute|
it "is true for #{attribute}" do
expect(subject.read_only_attribute?(attribute)).to be_truthy
end
end
context 'and ldap_readonly_attributes feature is disabled' do
before do
stub_feature_flags(ldap_readonly_attributes: false)
end
%i[name email location].each do |attribute|
it "is false" do
expect(subject.read_only_attribute?(attribute)).to be_falsey
end
end
end
end
context 'when synced attributes metadata is present' do
it 'delegates to synced_attributes_metadata' do
subject.build_user_synced_attributes_metadata
......@@ -4293,7 +4269,7 @@ describe User, :do_not_mock_admin_mode do
end
end
context 'when synced attributes metadata is present' do
context 'when synced attributes metadata is not present' do
it 'is false for any attribute' do
expect(subject.read_only_attribute?(:email)).to be_falsey
end
......
......@@ -55,15 +55,6 @@ describe Users::UpdateService do
expect(result[:message]).to eq("Emoji is not included in the list")
end
it 'ignores read-only attributes' do
allow(user).to receive(:read_only_attribute?).with(:name).and_return(true)
expect do
update_user(user, name: 'changed' + user.name)
user.reload
end.not_to change { user.name }
end
it 'updates user detail with provided attributes' do
result = update_user(user, job_title: 'Backend Engineer')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment