Fixed issue #1771 - LDAP sync should keep local role assignments if no LDAP Group <-> Zammad Role map is configured.
This commit is contained in:
parent
7f3d889bed
commit
38d757c65b
2 changed files with 60 additions and 1 deletions
|
@ -11,12 +11,17 @@ class Sequencer
|
||||||
|
|
||||||
skip_any_action
|
skip_any_action
|
||||||
|
|
||||||
uses :mapped
|
uses :mapped, :ldap_config
|
||||||
|
|
||||||
def process
|
def process
|
||||||
# return if a mapping entry was found
|
# return if a mapping entry was found
|
||||||
return if mapped[:role_ids].present?
|
return if mapped[:role_ids].present?
|
||||||
|
|
||||||
|
# return if no general mapping is configured
|
||||||
|
# to let Zammad be the leading source of
|
||||||
|
# Role assignments
|
||||||
|
return if ldap_config[:group_role_map].blank?
|
||||||
|
|
||||||
# LDAP is the leading source if
|
# LDAP is the leading source if
|
||||||
# a mapping entry is present
|
# a mapping entry is present
|
||||||
provide_mapped do
|
provide_mapped do
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
RSpec.describe Sequencer::Unit::Import::Ldap::User::Attributes::RoleIds::Signup, sequencer: :unit do
|
||||||
|
|
||||||
|
it "doesn't provide mapped role_ids if already provided" do
|
||||||
|
|
||||||
|
ldap_config = {
|
||||||
|
group_role_map: {
|
||||||
|
'a' => 'b'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
mapped = {
|
||||||
|
role_ids: [1, 2]
|
||||||
|
}
|
||||||
|
|
||||||
|
provided = process(
|
||||||
|
ldap_config: ldap_config,
|
||||||
|
mapped: mapped,
|
||||||
|
)
|
||||||
|
|
||||||
|
expect(provided[:mapped][:role_ids]).to eq(mapped[:role_ids])
|
||||||
|
end
|
||||||
|
|
||||||
|
it "doesn't provide mapped role_ids if no LDAP Group <-> Zammad Role mapping is configured" do
|
||||||
|
|
||||||
|
ldap_config = {
|
||||||
|
group_role_map: {}
|
||||||
|
}
|
||||||
|
|
||||||
|
provided = process(
|
||||||
|
ldap_config: ldap_config,
|
||||||
|
mapped: {},
|
||||||
|
)
|
||||||
|
|
||||||
|
expect(provided[:mapped]).not_to have_key(:role_ids)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'ensures Signup Roles if no mapped role_ids are assigned' do
|
||||||
|
|
||||||
|
ldap_config = {
|
||||||
|
group_role_map: {
|
||||||
|
'a' => 'b'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
provided = process(
|
||||||
|
ldap_config: ldap_config,
|
||||||
|
mapped: {},
|
||||||
|
)
|
||||||
|
|
||||||
|
expect(provided[:mapped][:role_ids]).not_to be_nil
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue