Support authorization for push with LDAP backend
authorMarius Mathiesen <marius@gitorious.org>
Fri, 6 Jul 2012 12:39:23 +0000 (14:39 +0200)
committerMarius Mathiesen <marius@gitorious.org>
Mon, 8 Oct 2012 07:41:31 +0000 (09:41 +0200)
commitd290cf481cfba3c14299e322837ca8292168118c
treec8e19935eaeceeb0fd644b66344404909591b58a
parentc6cd78c777bb4a3429a40bcef38fce31b8fc0255
Support authorization for push with LDAP backend

When Gitorious is configured to use LDAP for authorization,
authorization for push needs to be done differently from
otherwise.

Rather than collecting all users who have push access and seeing if a
given user is included, we start off with the groups a user is member
of (from LDAP) and see if any of these have push access to the
repository. This is (mainly) because the list of users who are member
of a group lives in LDAP, not our database.
lib/gitorious/authorization/database_authorization.rb
test/unit/access_control_test.rb [new file with mode: 0644]