Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443)

* Configure SkipOrgRoleSync from OAuthInfo * Remove skipOrgRoleSync from socialbase and connectors * Add test to socialimpl.ProvideService * Deprecate AuthSettings' fields * clean up misleading init of frontendsettings.Auth
2025-02-25 18:55:37 -06:00 · 2023-12-15 10:58:08 +01:00
parent d50ce18357
commit ce1450d4d3
30 changed files with 295 additions and 455 deletions
--- a/pkg/login/social/connectors/gitlab_oauth.go
+++ b/pkg/login/social/connectors/gitlab_oauth.go
@@ -29,8 +29,7 @@ var _ ssosettings.Reloadable = (*SocialGitlab)(nil)

 type SocialGitlab struct {
 	*SocialBase
-	apiUrl          string
-	skipOrgRoleSync bool
+	apiUrl string
 }

 type apiData struct {
@@ -57,11 +56,8 @@ type userData struct {
 func NewGitLabProvider(info *social.OAuthInfo, cfg *setting.Cfg, ssoSettings ssosettings.Service, features *featuremgmt.FeatureManager) *SocialGitlab {
 	config := createOAuthConfig(info, cfg, social.GitlabProviderName)
 	provider := &SocialGitlab{
-		SocialBase:      newSocialBase(social.GitlabProviderName, config, info, cfg.AutoAssignOrgRole, cfg.OAuthSkipOrgRoleUpdateSync, *features),
-		apiUrl:          info.ApiUrl,
-		skipOrgRoleSync: cfg.GitLabSkipOrgRoleSync,
-		// FIXME: Move skipOrgRoleSync to OAuthInfo
-		// skipOrgRoleSync: info.SkipOrgRoleSync
+		SocialBase: newSocialBase(social.GitlabProviderName, config, info, cfg.AutoAssignOrgRole, *features),
+		apiUrl:     info.ApiUrl,
 	}

 	if features.IsEnabledGlobally(featuremgmt.FlagSsoSettingsApi) {
@@ -187,7 +183,7 @@ func (s *SocialGitlab) UserInfo(ctx context.Context, client *http.Client, token
 		return nil, errMissingGroupMembership
 	}

-	if s.allowAssignGrafanaAdmin && s.skipOrgRoleSync {
+	if s.allowAssignGrafanaAdmin && s.info.SkipOrgRoleSync {
 		s.log.Debug("AllowAssignGrafanaAdmin and skipOrgRoleSync are both set, Grafana Admin role will not be synced, consider setting one or the other")
 	}

@@ -226,7 +222,7 @@ func (s *SocialGitlab) extractFromAPI(ctx context.Context, client *http.Client,
 		Groups: s.getGroups(ctx, client),
 	}

-	if !s.skipOrgRoleSync {
+	if !s.info.SkipOrgRoleSync {
 		var grafanaAdmin bool
 		role, grafanaAdmin, err := s.extractRoleAndAdmin(response.Body, idData.Groups)
 		if err != nil {
@@ -283,7 +279,7 @@ func (s *SocialGitlab) extractFromToken(ctx context.Context, client *http.Client
 		data.Groups = userInfo.Groups
 	}

-	if !s.skipOrgRoleSync {
+	if !s.info.SkipOrgRoleSync {
 		role, grafanaAdmin, errRole := s.extractRoleAndAdmin(rawJSON, data.Groups)
 		if errRole != nil {
 			return nil, errRole