Merge branch 'case-insensitive-group-member' into 'master'

Ignore case of LDAP user DN when checking group membership.

Fixes #254.

See merge request !336

CHANGELOG

@@ -15,6 +15,7 @@ v 7.9.0 (unreleased)
   - Fix mass-unassignment of issues (Robert Speicher)
   - Allow user confirmation to be skipped for new users via API
   - Add a service to send updates to an Irker gateway (Romain Coltel)
+  - Ignore case of LDAP user DN when checking group membership.
 
 v 7.8.1
   - Fix run of custom post receive hooks

lib/gitlab/ldap/group.rb

@@ -34,9 +34,12 @@ module Gitlab
       end
 
       def has_member?(user)
+        user_uid = user.uid.downcase
+        user_dn = user.dn.downcase
+
         if memberuid?
-          member_uids.include?(user.uid)
-        elsif member_dns.include?(user.dn)
+          member_uids.any? { |member_uid| member_uid.downcase == user_uid }
+        elsif member_dns.any? { |member_dn| member_dn.downcase == user_dn }
           true
         elsif adapter.config.active_directory
           adapter.dn_matches_filter?(user.dn, active_directory_recursive_memberof_filter)

spec/lib/gitlab/ldap/access_spec.rb

@@ -293,8 +293,8 @@ objectclass: posixGroup
 cn: group1
 description: GitLab group 1
 gidnumber: 21
-memberuid: #{ldap_user.uid}
-memberuid: user2
+uniquemember: #{ldap_user.dn.downcase}
+uniquemember: uid=user2,ou=people,dc=example
 objectclass: top
 objectclass: posixGroup
 })
@@ -321,7 +321,8 @@ objectclass: posixGroup
 
     before do
       access.stub(ldap_user: ldap_user)
-      ldap_user.stub(:uid) { 'user42' }
+      ldap_user.stub(:uid) { 'user1' }
+      ldap_user.stub(:dn) { 'uid=user1,ou=People,dc=example' }
     end
 
     it "only returns ldap cns to which the user has access" do