Commit 9ce45faa authored by charlie ablett's avatar charlie ablett

Merge branch '210492-revert-ldap-readonly-sync' into 'master'

Revert "Add read-only state for LDAP syncable attributes"

See merge request gitlab-org/gitlab!28541
parents 29b9c417 022d4d01
...@@ -1583,13 +1583,6 @@ class User < ApplicationRecord ...@@ -1583,13 +1583,6 @@ class User < ApplicationRecord
end end
def read_only_attribute?(attribute) def read_only_attribute?(attribute)
if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
enabled = Gitlab::Auth::Ldap::Config.enabled?
read_only = attribute.to_sym.in?(UserSyncedAttributesMetadata::SYNCABLE_ATTRIBUTES)
return true if enabled && read_only
end
user_synced_attributes_metadata&.read_only?(attribute) user_synced_attributes_metadata&.read_only?(attribute)
end end
......
...@@ -60,11 +60,7 @@ module Users ...@@ -60,11 +60,7 @@ module Users
end end
def discard_read_only_attributes def discard_read_only_attributes
if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true) discard_synced_attributes
params.reject! { |key, _| @user.read_only_attribute?(key.to_sym) }
else
discard_synced_attributes
end
end end
def discard_synced_attributes def discard_synced_attributes
......
---
title: Revert LDAP readonly attributes feature
merge_request: 28541
author:
type: removed
...@@ -4263,30 +4263,6 @@ describe User, :do_not_mock_admin_mode do ...@@ -4263,30 +4263,6 @@ describe User, :do_not_mock_admin_mode do
end end
describe '#read_only_attribute?' do describe '#read_only_attribute?' do
context 'when LDAP server is enabled' do
before do
allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
end
%i[name email location].each do |attribute|
it "is true for #{attribute}" do
expect(subject.read_only_attribute?(attribute)).to be_truthy
end
end
context 'and ldap_readonly_attributes feature is disabled' do
before do
stub_feature_flags(ldap_readonly_attributes: false)
end
%i[name email location].each do |attribute|
it "is false" do
expect(subject.read_only_attribute?(attribute)).to be_falsey
end
end
end
end
context 'when synced attributes metadata is present' do context 'when synced attributes metadata is present' do
it 'delegates to synced_attributes_metadata' do it 'delegates to synced_attributes_metadata' do
subject.build_user_synced_attributes_metadata subject.build_user_synced_attributes_metadata
...@@ -4297,7 +4273,7 @@ describe User, :do_not_mock_admin_mode do ...@@ -4297,7 +4273,7 @@ describe User, :do_not_mock_admin_mode do
end end
end end
context 'when synced attributes metadata is present' do context 'when synced attributes metadata is not present' do
it 'is false for any attribute' do it 'is false for any attribute' do
expect(subject.read_only_attribute?(:email)).to be_falsey expect(subject.read_only_attribute?(:email)).to be_falsey
end end
......
...@@ -55,15 +55,6 @@ describe Users::UpdateService do ...@@ -55,15 +55,6 @@ describe Users::UpdateService do
expect(result[:message]).to eq("Emoji is not included in the list") expect(result[:message]).to eq("Emoji is not included in the list")
end end
it 'ignores read-only attributes' do
allow(user).to receive(:read_only_attribute?).with(:name).and_return(true)
expect do
update_user(user, name: 'changed' + user.name)
user.reload
end.not_to change { user.name }
end
it 'updates user detail with provided attributes' do it 'updates user detail with provided attributes' do
result = update_user(user, job_title: 'Backend Engineer') result = update_user(user, job_title: 'Backend Engineer')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment