fruworg/pgls
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Support synchronize groups with over 1500 users in Active Directory server"

Browse Source 
This reverts commit d833228547ed9d5d3b79a8f17143512a9762f49d.
This commit is contained in:
Lars Kanis 2022-11-30 13:24:29 +01:00
parent f83b32f8d9
commit f5b9587eb7
3 changed files with 1 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/sample-config2.yaml
View File

@ -38,8 +38,6 @@ ldap_groups:
lowercase_name: false lowercase_name: false
# this attribute must reference to all member DN's of the given group # this attribute must reference to all member DN's of the given group
member_attribute: member member_attribute: member
# must be true if group with over 1500 members for Active Directory server
need_member_range_retrieval: false
# Connection parameters to PostgreSQL server # Connection parameters to PostgreSQL server
# see also: http://rubydoc.info/gems/pg/PG/Connection#initialize-instance_method # see also: http://rubydoc.info/gems/pg/PG/Connection#initialize-instance_method

3
config/schema.yaml
View File

@ -46,9 +46,6 @@ mapping:
"member_attribute": "member_attribute":
type: str type: str
required: yes required: yes
"need_member_range_retrieval":
type: bool
required: no
"pg_connection": "pg_connection":
type: any type: any

40
lib/pg_ldap_sync/application.rb
View File

@ -85,40 +85,6 @@ class Application
return users return users
end end
def load_group_members_by_range(group_dn)
range_start = 0
all_group_members = []
while true do
member_size = 0
member_attribute_with_range = "#{@config[:ldap_groups][:member_attribute]};range=#{range_start}-*"
returned_member_attribute_with_range = ""
log.debug " current attribute for range retrieval ----> #{member_attribute_with_range} "
res_entry = @ldap.search(
base: group_dn,
filter: Net::LDAP::Filter.eq('distinguishedName', group_dn),
attributes: member_attribute_with_range).first
res_entry.each do |attribute, values|
next if "#{attribute}" == "dn"
returned_member_attribute_with_range = "#{attribute}"
log.debug " returned attribute --------> #{returned_member_attribute_with_range}"
member_size = values.count
values.each do |value|
log.debug " -----> #{value}"
all_group_members << value
end
break
end
if returned_member_attribute_with_range == member_attribute_with_range
break
end
range_start = range_start + member_size
end
return all_group_members
end
def search_ldap_groups def search_ldap_groups
ldap_group_conf = @config[:ldap_groups] ldap_group_conf = @config[:ldap_groups]
@ -141,11 +107,7 @@ class Application
end end
names.each do |n| names.each do |n|
group_members = entry[ldap_group_conf[:member_attribute]] groups << LdapRole.new(n, entry.dn, entry[ldap_group_conf[:member_attribute]])
if group_members.count == 0 and ldap_group_conf[:need_member_range_retrieval]
group_members = load_group_members_by_range(entry.dn)
end
groups << LdapRole.new(n, entry.dn, group_members)
end end
entry.each do |attribute, values| entry.each do |attribute, values|
log.debug " #{attribute}:" log.debug " #{attribute}:"