Skip to content
This repository has been archived by the owner on Jul 28, 2021. It is now read-only.

Include all common names when common_names is in extra attributes #11

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Include all common names when common_names is in extra attributes #11

wants to merge 1 commit into from

Conversation

ryanzbone
Copy link

When memberof is supplied in extra_attributes, the current implementation will only return the user's first group membership. This change introduces a new option for extra attributes that will return all group common names. Solutions similar to the ones proposed in #5 led to ActionDispatch::Cookies::CookieOverflow errors from rails due to the number of groups our users are in. This solution will run into the same issue at a certain level and maybe needs some kind of limiter on what is returned beyond just using the common names.

Would the maintainers be interested in something like this?

@coveralls
Copy link

Coverage Status

Coverage decreased (-0.04%) to 98.077% when pulling ffd3c3b on ryanzbone:common-name-list into eb6f778 on rbCAS:master.

@ryanzbone
Copy link
Author

Looks like CI is failing to install some gems

kylekthompson
kylekthompson reviewed May 15, 2017
View reviewed changes
lib/casino/ldap_authenticator.rb
@@ -77,17 +77,16 @@ def user_filter(username)
end

def extra_attributes(user_plain)
if @options[:extra_attributes]
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it safe to remove this conditional?

Alternatively, you could do (@options[:extra_attributes] || []).each_with_object({})...

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was able to remove it without any specs failing, but that doesn't mean it's safe to remove. It turns out that line 52 already requires extra_attributes to be present. @options[:extra_attributes].values will give you NoMethodError: undefined method `values' for nil:NilClass if extra_attributes isn't included in the config.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, there's an issue about this exact thing #9

kylekthompson
kylekthompson reviewed May 15, 2017
View reviewed changes
lib/casino/ldap_authenticator.rb Outdated
@options[:extra_attributes].each_with_object({}) do |(index_result, index_ldap), result|
result.merge!(index_result => user_plain[index_ldap].first.to_s)
end.tap do |results|
if @options[:extra_attributes].keys.include? :common_names
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe add parenthesis here to keep consistency?

@ryanzbone
Include all common names when common_names is in extra attributes
c1a0256 
The current implementation will only return the first group the user is
in when memberof is supplied in extra_attributes. This will allow all
group common names to be returned. Returning all full group names led
to ActionDispatch::Cookies::CookieOverflow errors.
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.04%) to 98.077% when pulling c1a0256 on ryanzbone:common-name-list into eb6f778 on rbCAS:master.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kylekthompson kylekthompson kylekthompson left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ryanzbone @coveralls @kylekthompson