Skip to content

Commit

Permalink
Group ignore list:
Browse files Browse the repository at this point in the history 
Centralised into function `getBuiltInGroups()`.
Ignore "lost-and-found" group.
  • Loading branch information
@Adambean
Adambean committed Nov 9, 2023
1 parent 5372554 commit fab2ace
Showing 1 changed file with 30 additions and 46 deletions.
76 changes: 30 additions & 46 deletions src/LdapSyncCommand.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1353,7 +1353,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
}

if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) {
$this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName));
$this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName));
continue;
}

Expand All @@ -1374,7 +1374,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
$this->logger?->notice("Creating directory users of which don't exist in Gitlab...");
foreach ($ldapUsers as $ldapUserName => $ldapUserDetails) {
if ($this->in_array_i($ldapUserName, $this->getBuiltInUserNames())) {
$this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $ldapUserName));
$this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $ldapUserName));
continue;
}

Expand Down Expand Up @@ -1471,7 +1471,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
}

if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) {
$this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName));
$this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName));
continue;
}

Expand Down Expand Up @@ -1616,14 +1616,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
continue;
}

if ("Root" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in root group will be ignored.");
continue; // The Gitlab root group should never be updated from LDAP.
}

if ("Users" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in users group will be ignored.");
continue; // The Gitlab users group should never be updated from LDAP.
if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) {
$this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName));
continue;
}

$this->logger?->info(sprintf("Found Gitlab group #%d \"%s\" [%s].", $gitlabGroupId, $gitlabGroupName, $gitlabGroupPath));
Expand All @@ -1642,14 +1637,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
// Create directory groups of which don't exist in Gitlab
$this->logger?->notice("Creating directory groups of which don't exist in Gitlab...");
foreach ($ldapGroupsSafe as $ldapGroupName => $ldapGroupMembers) {
if ("Root" == $ldapGroupName) {
$this->logger?->info("Gitlab built-in root group will be ignored.");
continue; // The Gitlab root group should never be updated from LDAP.
}

if ("Users" == $ldapGroupName) {
$this->logger?->info("Gitlab built-in users group will be ignored.");
continue; // The Gitlab users group should never be updated from LDAP.
if ($this->in_array_i($ldapGroupName, $this->getBuiltInGroups())) {
$this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $ldapGroupName));
continue;
}

if ($this->in_array_i($ldapGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) {
Expand Down Expand Up @@ -1686,14 +1676,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
// Delete Gitlab groups of which don't exist in directory
$this->logger?->notice("Deleting Gitlab groups of which don't exist in directory...");
foreach ($groupsSync["found"] as $gitlabGroupId => $gitlabGroupName) {
if ("Root" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in root group will be ignored.");
continue; // The Gitlab root group should never be updated from LDAP.
}

if ("Users" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in users group will be ignored.");
continue; // The Gitlab users group should never be updated from LDAP.
if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) {
$this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName));
continue;
}

if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) {
Expand Down Expand Up @@ -1743,14 +1728,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
continue;
}

if ("Root" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in root group will be ignored.");
continue; // The Gitlab root group should never be updated from LDAP.
}

if ("Users" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in users group will be ignored.");
continue; // The Gitlab users group should never be updated from LDAP.
if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) {
$this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName));
continue;
}

if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) {
Expand Down Expand Up @@ -1800,14 +1780,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc

$this->logger?->notice("Synchronising Gitlab group members with directory group members...");
foreach ($groupsToSyncMembership as $gitlabGroupId => $gitlabGroupName) {
if ("Root" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in root group will be ignored.");
continue; // The Gitlab root group should never be updated from LDAP.
}

if ("Users" == $gitlabGroupName) {
$this->logger?->info("Gitlab built-in users group will be ignored.");
continue; // The Gitlab users group should never be updated from LDAP.
if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) {
$this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName));
continue;
}

if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) {
Expand Down Expand Up @@ -1892,7 +1867,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc
}

if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) {
$this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName));
$this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName));
continue;
}

Expand Down Expand Up @@ -2051,13 +2026,22 @@ private function generateRandomPassword(int $length): string

/**
* Get a list of built-in user names, of which should be ignored by this application.
* @return array<string>
* @return string[]
*/
private function getBuiltInUserNames()
private function getBuiltInUserNames(): array
{
return ["root", "ghost", "support-bot", "alert-bot"];
}

/**
* Get a list of built-in group names, of which should be ignored by this application.
* @return string[]
*/
private function getBuiltInGroups(): array
{
return ["root", "lost-and-found", "Users"];
}

/**
* Wait a bit of time between each Gitlab API request to avoid HTTP 500 errors when doing too many requests in a short time.
* @return void
Expand Down

0 comments on commit fab2ace

Please sign in to comment.