Merge dev-v2 branch into master #50
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
How could I forget.
Didn't match DN so resulted in false positives.
Membership Validators
Helpful for debugging since quiet will override verbose in practice.
The original posixGroup schema was mostly made up, so this duplicates the reference: http://www.zytrax.com/books/ldap/ape/nis.html
Add CI build for OpenLDAP integration
Fix membership validation tests
added 2 commits
October 15, 2014 15:21
| module MembershipValidators | ||
| autoload :Base, 'github/ldap/membership_validators/base' | ||
| autoload :Classic, 'github/ldap/membership_validators/classic' | ||
| autoload :Recursive, 'github/ldap/membership_validators/recursive' |
There was a problem hiding this comment.
@jch will want to change this from autoload since it's deprecated (thanks for the pointer).
Pass through search options for GitHub::Ldap::Domain#user?
Removed deprecated autoload. h/t @jch
|
🚢 I think we can make further tweaks from master as needed. I only skimmed over this since we've reviewed them separately in other PR's. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR merges in the
dev-v2branch into master, including these fixes:This does not signify that v2 is ready, just that this code is at a point where we want to keep iterating on master and that v2 is on the horizon.
Membership Validation
This introduces
MembershipValidatorsmodule withClassicandRecursive(with more to come) objects intended to replace the expensive/inefficientGitHub::Ldap::Domain#is_member?method. (TheClassicstrategy wraps that method so it's still available if required.)The
GitHub::Ldap::MembershipValidators::Recursivestrategy efficiently determines whether a user is a member of any of the supplied groups, recursing down a chain until membership is validated, no more groups can be checked, or we hit the maximum depth. Very little data is transferred to the client side for these queried, resulting in much faster operation and much less data transferred over the wire.An ActiveDirectory-specific strategy is planned before v2.
Tests
cc @jch