From fab2ace0071f12b95735baaa30bf141ce0226ff3 Mon Sep 17 00:00:00 2001 From: Adam Reece Date: Thu, 9 Nov 2023 18:25:16 +0000 Subject: [PATCH] Group ignore list: Centralised into function `getBuiltInGroups()`. Ignore "lost-and-found" group. --- src/LdapSyncCommand.php | 76 ++++++++++++++++------------------------- 1 file changed, 30 insertions(+), 46 deletions(-) diff --git a/src/LdapSyncCommand.php b/src/LdapSyncCommand.php index 12d75d9..9020adb 100644 --- a/src/LdapSyncCommand.php +++ b/src/LdapSyncCommand.php @@ -1353,7 +1353,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc } if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) { - $this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName)); + $this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName)); continue; } @@ -1374,7 +1374,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc $this->logger?->notice("Creating directory users of which don't exist in Gitlab..."); foreach ($ldapUsers as $ldapUserName => $ldapUserDetails) { if ($this->in_array_i($ldapUserName, $this->getBuiltInUserNames())) { - $this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $ldapUserName)); + $this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $ldapUserName)); continue; } @@ -1471,7 +1471,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc } if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) { - $this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName)); + $this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName)); continue; } @@ -1616,14 +1616,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc continue; } - if ("Root" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in root group will be ignored."); - continue; // The Gitlab root group should never be updated from LDAP. - } - - if ("Users" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in users group will be ignored."); - continue; // The Gitlab users group should never be updated from LDAP. + if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) { + $this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName)); + continue; } $this->logger?->info(sprintf("Found Gitlab group #%d \"%s\" [%s].", $gitlabGroupId, $gitlabGroupName, $gitlabGroupPath)); @@ -1642,14 +1637,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc // Create directory groups of which don't exist in Gitlab $this->logger?->notice("Creating directory groups of which don't exist in Gitlab..."); foreach ($ldapGroupsSafe as $ldapGroupName => $ldapGroupMembers) { - if ("Root" == $ldapGroupName) { - $this->logger?->info("Gitlab built-in root group will be ignored."); - continue; // The Gitlab root group should never be updated from LDAP. - } - - if ("Users" == $ldapGroupName) { - $this->logger?->info("Gitlab built-in users group will be ignored."); - continue; // The Gitlab users group should never be updated from LDAP. + if ($this->in_array_i($ldapGroupName, $this->getBuiltInGroups())) { + $this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $ldapGroupName)); + continue; } if ($this->in_array_i($ldapGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) { @@ -1686,14 +1676,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc // Delete Gitlab groups of which don't exist in directory $this->logger?->notice("Deleting Gitlab groups of which don't exist in directory..."); foreach ($groupsSync["found"] as $gitlabGroupId => $gitlabGroupName) { - if ("Root" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in root group will be ignored."); - continue; // The Gitlab root group should never be updated from LDAP. - } - - if ("Users" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in users group will be ignored."); - continue; // The Gitlab users group should never be updated from LDAP. + if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) { + $this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName)); + continue; } if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) { @@ -1743,14 +1728,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc continue; } - if ("Root" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in root group will be ignored."); - continue; // The Gitlab root group should never be updated from LDAP. - } - - if ("Users" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in users group will be ignored."); - continue; // The Gitlab users group should never be updated from LDAP. + if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) { + $this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName)); + continue; } if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) { @@ -1800,14 +1780,9 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc $this->logger?->notice("Synchronising Gitlab group members with directory group members..."); foreach ($groupsToSyncMembership as $gitlabGroupId => $gitlabGroupName) { - if ("Root" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in root group will be ignored."); - continue; // The Gitlab root group should never be updated from LDAP. - } - - if ("Users" == $gitlabGroupName) { - $this->logger?->info("Gitlab built-in users group will be ignored."); - continue; // The Gitlab users group should never be updated from LDAP. + if ($this->in_array_i($gitlabGroupName, $this->getBuiltInGroups())) { + $this->logger?->info(sprintf("Group \"%s\" in built-in ignore list.", $gitlabGroupName)); + continue; } if ($this->in_array_i($gitlabGroupName, $config["gitlab"]["options"]["groupNamesToIgnore"])) { @@ -1892,7 +1867,7 @@ private function deployGitlabUsersAndGroups(array $config, string $gitlabInstanc } if ($this->in_array_i($gitlabUserName, $this->getBuiltInUserNames())) { - $this->logger?->info(sprintf("Gitlab built-in %s user will be ignored.", $gitlabUserName)); + $this->logger?->info(sprintf("User \"%s\" in built in ignore list.", $gitlabUserName)); continue; } @@ -2051,13 +2026,22 @@ private function generateRandomPassword(int $length): string /** * Get a list of built-in user names, of which should be ignored by this application. - * @return array + * @return string[] */ - private function getBuiltInUserNames() + private function getBuiltInUserNames(): array { return ["root", "ghost", "support-bot", "alert-bot"]; } + /** + * Get a list of built-in group names, of which should be ignored by this application. + * @return string[] + */ + private function getBuiltInGroups(): array + { + return ["root", "lost-and-found", "Users"]; + } + /** * Wait a bit of time between each Gitlab API request to avoid HTTP 500 errors when doing too many requests in a short time. * @return void