LDAP patch modifications, issue 1113 - need some debugging help

Added by Roy Sindre Norangshol almost 10 years ago

Hello fellow nerds.

I'm currently running Redmine 1.0.2 with ldap modifications based on ticket #1113 and stuff from there.
I posted my tiny modifications at gist: https://gist.github.com/25e3df445eff2ab6a460

Anyway, I have a problem with my patch... new users registered in LDAP which doesn't have a redmine user yet and ldap authentication "on the fly user" creation enabled borks/breaks the process of creating the redmine user..

From my debug, line 29 ends up being nil, hence rest of the logic pretty much fails...

Anyone have any suggestions on how to handle this? At the moment my quick fix is to do a simply check for:

return if @userdetails.nil?

Using this method, the redmine user get's created but he doesn't get any user groups... logging out and in again does the process of automagically doing the user and group mapping.

So how should I make sure that the redmine user get persisted before it tries to do the "magic" user-group mapping so the user object isn't nil?

Replies (4)

RE: LDAP patch modifications, issue 1113 - need some debugging help - Added by Felix Schäfer almost 10 years ago

While it's pretty hard and time-consuming (meaning: I didn't do it) to get a good grasp of code "from vanilla, from here and from there", from what I see your call to the group-creating method is at the wrong place: you're only collecting attributes in the AuthLDAP part, the user gets created further down the road in whatever controller. Take the call to the group-method from where it is to the controller creating the user after the user has been created and call it only for LDAP users. Better still: take the group-method to the user model and call it from after a login or similar.

RE: LDAP patch modifications, issue 1113 - need some debugging help - Added by Roy Sindre Norangshol almost 10 years ago

It is actually placed in the ldap auth controller right after a ldap user is authenticated. (authenticated and successful login in redmine for ldap user). The patch works if the user already has an redmine user up and running...

I guess I'll have to figure out which controller I can insert some code to create groups, and user-group mapping for first time users and only LDAP authenticated users.

Problems:
  • Know which controller to hijack
  • Are I'm able to determine in that controller that the user is comming from LDAP authenticated source?
    • I assume I'll just have to do another LDAP user lookup to confirm it in that controller...
  • Still need code at current place and the new one, duplicate code - I should learn more ruby and make a module I can import at both places :p

RE: LDAP patch modifications, issue 1113 - need some debugging help - Added by Felix Schäfer almost 10 years ago

Roy Sindre Norangshol wrote:

  • Are I'm able to determine in that controller that the user is comming from LDAP authenticated source?
    • I assume I'll just have to do another LDAP user lookup to confirm it in that controller…

First thing that comes to mind:

octopussy orga.fachschaften.org # RAILS_ENV=production script/console --sandbox
Loading production environment in sandbox (Rails 2.3.5)
Any modifications you make will be rolled back on exit
/usr/lib64/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/gem_dependency.rb:119:Warning: Gem::Dependency#version_requirements is deprecated and will be removed on or after August 2010.  Use #requirement
>> User.find(5).auth_source.type == "AuthSourceLdap" 
=> true

There already are places testing if the user comes from LDAP or not though, so you might want to have a look at them to see if there is a "nicer" solution.

RE: LDAP patch modifications, issue 1113 - need some debugging help - Added by Roy Sindre Norangshol almost 10 years ago

app/models/user.rb and app/models/auth_source_ldap.rb seem's to be the places I want to inject my code.

Just need some feedback on where I can place my group_create() method (which I'm gonna rename to ldap_user_group_sync()) which I can import from these two models..

(1-4/4)