Merge branch '210492-revert-ldap-readonly-sync' into 'master'

Revert "Add read-only state for LDAP syncable attributes" See merge request gitlab-org/gitlab!28541

Merge branch '210492-revert-ldap-readonly-sync' into 'master'
Revert "Add read-only state for LDAP syncable attributes" See merge request gitlab-org/gitlab!28541
9ce45faa · charlie ablett · 29b9c417 · 022d4d01 · 9ce45faa · 9ce45faa
Commit 9ce45faa authored Apr 01, 2020 by charlie ablett
5 changed files
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1583,13 +1583,6 @@ class User < ApplicationRecord
  end
  def read_only_attribute?(attribute)
-    if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
-      enabled = Gitlab::Auth::Ldap::Config.enabled?
-      read_only = attribute.to_sym.in?(UserSyncedAttributesMetadata::SYNCABLE_ATTRIBUTES)
-      return true if enabled && read_only
-    end
    user_synced_attributes_metadata&.read_only?(attribute)
  end

--- a/app/services/users/update_service.rb
+++ b/app/services/users/update_service.rb
@@ -60,12 +60,8 @@ module Users
    end
    def discard_read_only_attributes
-      if Feature.enabled?(:ldap_readonly_attributes, default_enabled: true)
-        params.reject! { |key, _| @user.read_only_attribute?(key.to_sym) }
-      else
      discard_synced_attributes
    end
-    end
    def discard_synced_attributes
      if (metadata = @user.user_synced_attributes_metadata)

--- a/changelogs/unreleased/210492-revert-ldap-readonly-sync.yml
+++ b/changelogs/unreleased/210492-revert-ldap-readonly-sync.yml
+---
+title: Revert LDAP readonly attributes feature
+merge_request: 28541
+author:
+type: removed
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -4263,30 +4263,6 @@ describe User, :do_not_mock_admin_mode do
  end
  describe '#read_only_attribute?' do
-    context 'when LDAP server is enabled' do
-      before do
-        allow(Gitlab::Auth::Ldap::Config).to receive(:enabled?).and_return(true)
-      end
-      %i[name email location].each do |attribute|
-        it "is true for #{attribute}" do
-          expect(subject.read_only_attribute?(attribute)).to be_truthy
-        end
-      end
-      context 'and ldap_readonly_attributes feature is disabled' do
-        before do
-          stub_feature_flags(ldap_readonly_attributes: false)
-        end
-        %i[name email location].each do |attribute|
-          it "is false" do
-            expect(subject.read_only_attribute?(attribute)).to be_falsey
-          end
-        end
-      end
-    end
    context 'when synced attributes metadata is present' do
      it 'delegates to synced_attributes_metadata' do
        subject.build_user_synced_attributes_metadata
@@ -4297,7 +4273,7 @@ describe User, :do_not_mock_admin_mode do
      end
    end
-    context 'when synced attributes metadata is present' do
+    context 'when synced attributes metadata is not present' do
      it 'is false for any attribute' do
        expect(subject.read_only_attribute?(:email)).to be_falsey
      end

--- a/spec/services/users/update_service_spec.rb
+++ b/spec/services/users/update_service_spec.rb
@@ -55,15 +55,6 @@ describe Users::UpdateService do
      expect(result[:message]).to eq("Emoji is not included in the list")
    end
-    it 'ignores read-only attributes' do
-      allow(user).to receive(:read_only_attribute?).with(:name).and_return(true)
-      expect do
-        update_user(user, name: 'changed' + user.name)
-        user.reload
-      end.not_to change { user.name }
-    end
    it 'updates user detail with provided attributes' do
      result = update_user(user, job_title: 'Backend Engineer')