PLT-5813 support SAML sync via LDAP (#7668)

* PLT-5813 support SAML sync via LDAP * Cleaning up based on review
2025-02-25 18:55:24 -06:00 · 2017-10-31 08:37:34 -07:00
parent 1012bce8bb
commit b3b46a01aa
5 changed files with 23 additions and 7 deletions
--- a/app/ldap.go
+++ b/app/ldap.go
@@ -13,7 +13,8 @@ import (

 func (a *App) SyncLdap() {
 	a.Go(func() {
-		if utils.IsLicensed() && *utils.License().Features.LDAP && *a.Config().LdapSettings.Enable {
+
+		if utils.IsLicensed() && *utils.License().Features.LDAP && *a.Config().LdapSettings.EnableSync {
 			if ldapI := a.Ldap; ldapI != nil {
 				ldapI.StartSynchronizeJob(false)
 			} else {
--- a/config/default.json
+++ b/config/default.json
@@ -223,6 +223,7 @@
    },
    "LdapSettings": {
        "Enable": false,
+        "EnableSync": false,
        "LdapServer": "",
        "LdapPort": 389,
        "ConnectionSecurity": "",
--- a/einterfaces/ldap.go
+++ b/einterfaces/ldap.go
@@ -21,5 +21,5 @@ type LdapInterface interface {
 	GetAllLdapUsers() ([]*model.User, *model.AppError)
 	UserFromLdapUser(ldapUser *ldap.Entry) *model.User
 	UserHasUpdateFromLdap(existingUser *model.User, currentLdapUser *model.User) bool
-	UpdateLdapUser(existingUser *model.User, currentLdapUser *model.User) *model.User
+	UpdateLocalLdapUser(existingUser *model.User, currentLdapUser *model.User) *model.User
 }
--- a/jobs/workers.go
+++ b/jobs/workers.go
@@ -65,7 +65,7 @@ func (workers *Workers) Start() *Workers {
 			go workers.ElasticsearchAggregation.Run()
 		}

-		if workers.LdapSync != nil && *workers.Config().LdapSettings.Enable {
+		if workers.LdapSync != nil && *workers.Config().LdapSettings.EnableSync {
 			go workers.LdapSync.Run()
 		}

@@ -103,9 +103,9 @@ func (workers *Workers) handleConfigChange(oldConfig *model.Config, newConfig *m
 	}

 	if workers.LdapSync != nil {
-		if !*oldConfig.LdapSettings.Enable && *newConfig.LdapSettings.Enable {
+		if !*oldConfig.LdapSettings.EnableSync && *newConfig.LdapSettings.EnableSync {
 			go workers.LdapSync.Run()
-		} else if *oldConfig.LdapSettings.Enable && !*newConfig.LdapSettings.Enable {
+		} else if *oldConfig.LdapSettings.EnableSync && !*newConfig.LdapSettings.EnableSync {
 			workers.LdapSync.Stop()
 		}
 	}
@@ -128,7 +128,7 @@ func (workers *Workers) Stop() *Workers {
 		workers.ElasticsearchAggregation.Stop()
 	}

-	if workers.LdapSync != nil && *workers.Config().LdapSettings.Enable {
+	if workers.LdapSync != nil && *workers.Config().LdapSettings.EnableSync {
 		workers.LdapSync.Stop()
 	}

--- a/model/config.go
+++ b/model/config.go
@@ -394,6 +394,7 @@ type ClientRequirements struct {
 type LdapSettings struct {
 	// Basic
 	Enable             *bool
+	EnableSync         *bool
 	LdapServer         *string
 	LdapPort           *int
 	ConnectionSecurity *string
@@ -439,7 +440,9 @@ type LocalizationSettings struct {

 type SamlSettings struct {
 	// Basic
-	Enable  *bool
+	Enable             *bool
+	EnableSyncWithLdap *bool
+
 	Verify  *bool
 	Encrypt *bool

@@ -987,6 +990,12 @@ func (o *Config) SetDefaults() {
 		o.LdapSettings.Enable = NewBool(false)
 	}

+	// When unset should default to LDAP Enabled
+	if o.LdapSettings.EnableSync == nil {
+		o.LdapSettings.EnableSync = new(bool)
+		*o.LdapSettings.EnableSync = *o.LdapSettings.Enable
+	}
+
 	if o.LdapSettings.LdapServer == nil {
 		o.LdapSettings.LdapServer = NewString("")
 	}
@@ -1209,6 +1218,11 @@ func (o *Config) SetDefaults() {
 		o.SamlSettings.Enable = NewBool(false)
 	}

+	if o.SamlSettings.EnableSyncWithLdap == nil {
+		o.SamlSettings.EnableSyncWithLdap = new(bool)
+		*o.SamlSettings.EnableSyncWithLdap = false
+	}
+
 	if o.SamlSettings.Verify == nil {
 		o.SamlSettings.Verify = NewBool(true)
 	}