diff --git a/Dockerfile.rootless b/Dockerfile.rootless index 6d1503f034..3f4cba955a 100644 --- a/Dockerfile.rootless +++ b/Dockerfile.rootless @@ -100,11 +100,8 @@ ENV GITEA_CUSTOM /var/lib/gitea/custom ENV GITEA_TEMP /tmp/gitea ENV TMPDIR /tmp/gitea -# Legacy config file for backwards compatibility -# TODO: remove on next major version release -ENV GITEA_APP_INI_LEGACY /etc/gitea/app.ini - -ENV GITEA_APP_INI ${GITEA_CUSTOM}/conf/app.ini +#TODO add to docs the ability to define the ini to load (useful to test and revert a config) +ENV GITEA_APP_INI /etc/gitea/app.ini ENV HOME "/var/lib/gitea/git" VOLUME ["/var/lib/gitea", "/etc/gitea"] WORKDIR /var/lib/gitea diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index 9980338629..85c8f8bcc1 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -8,19 +8,6 @@ A [patch or minor release](https://semver.org/spec/v2.0.0.html) (e.g. upgrading - [8.0.0](/release-notes/8.0.0/) -## 7.0.1 - -This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.0...v7.0.1) included in this release. - -* **Bug fixes:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3466): LFS data corruption when running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`). - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3412): [non backward compatible change](https://codeberg.org/forgejo/forgejo/issues/3399) in the [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3448): error 500 because of an incorrect evaluation of the template when visiting the LFS settings of a repository. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3464): `GET /repos/{owner}/{name}` API endpoint [always returns an empty string for the `object_format_name` field](https://codeberg.org/forgejo/forgejo/issues/3458). - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3444): fuzzy search [may fail with bleve](https://codeberg.org/forgejo/forgejo/issues/3443). - ## 7.0.0 The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v7.0/forgejo) included in the `Forgejo v7.0.0` release can be reviewed from the command line with: @@ -32,7 +19,7 @@ $ git -C forgejo log --oneline --no-merges origin/v1.21/forgejo..origin/v7.0/for * **Regressions and workarounds:** * Running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`) will corrupt the LFS storage. The workaround is to not run the doctor CLI command and disable the `cron.gc_lfs`. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3438). - * The [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399). + * The [`fogejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399). * **Breaking changes requiring manual intervention:** * [MySQL 8.0 or PostgreSQL 12](https://codeberg.org/forgejo/forgejo/commit/e94f9fcafdcf284561e7fb33f60156a69c4ad6a5) are the minimum supported versions. The database must be migrated before upgrading. The requirements regarding SQLite did not change. * The `per_page` parameter is [no longer a synonym for `limit`](https://codeberg.org/forgejo/forgejo/commit/0aab2d38a7d91bc8caff332e452364468ce52d9a) in the [/repos/{owner}/{repo}/releases](https://code.forgejo.org/api/swagger/#/repository/repoListReleases) API endpoint. diff --git a/docker/rootless/usr/local/bin/docker-entrypoint.sh b/docker/rootless/usr/local/bin/docker-entrypoint.sh index e5fa41cc78..ca509214bf 100755 --- a/docker/rootless/usr/local/bin/docker-entrypoint.sh +++ b/docker/rootless/usr/local/bin/docker-entrypoint.sh @@ -13,10 +13,5 @@ fi if [ $# -gt 0 ]; then exec "$@" else - # TODO: remove on next major version release - # Honour legacy config file if existing - if [ -f ${GITEA_APP_INI_LEGACY} ]; then - GITEA_APP_INI=${GITEA_APP_INI_LEGACY} - fi exec /usr/local/bin/gitea -c ${GITEA_APP_INI} web fi diff --git a/docker/rootless/usr/local/bin/docker-setup.sh b/docker/rootless/usr/local/bin/docker-setup.sh index 09bbeabc63..b480685863 100755 --- a/docker/rootless/usr/local/bin/docker-setup.sh +++ b/docker/rootless/usr/local/bin/docker-setup.sh @@ -11,18 +11,6 @@ mkdir -p ${GITEA_CUSTOM} && chmod 0700 ${GITEA_CUSTOM} mkdir -p ${GITEA_TEMP} && chmod 0700 ${GITEA_TEMP} if [ ! -w ${GITEA_TEMP} ]; then echo "${GITEA_TEMP} is not writable"; exit 1; fi -# TODO: remove on next major version release -# Honour legacy config file if existing, but inform the user -if [ -f ${GITEA_APP_INI_LEGACY} ] && [ ${GITEA_APP_INI} != ${GITEA_APP_INI_LEGACY} ]; then - GITEA_APP_INI_DEFAULT=/var/lib/gitea/custom/conf/app.ini - echo -e \ - "\033[33mWARNING\033[0m: detected configuration file in deprecated default path ${GITEA_APP_INI_LEGACY}." \ - "The new default is ${GITEA_APP_INI_DEFAULT}. To remove this warning, choose one of the options:\n" \ - "* Move ${GITEA_APP_INI_LEGACY} to ${GITEA_APP_INI_DEFAULT} (or to \$GITEA_APP_INI if you want to override this variable)\n" \ - "* Explicitly override GITEA_APP_INI=${GITEA_APP_INI_LEGACY} in the container environment" - GITEA_APP_INI=${GITEA_APP_INI_LEGACY} -fi - #Prepare config file if [ ! -f ${GITEA_APP_INI} ]; then diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 7125d97d9b..d7680f3545 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -3100,7 +3100,6 @@ auths.attribute_mail = Email attribute auths.attribute_ssh_public_key = Public SSH key attribute auths.attribute_avatar = Avatar attribute auths.attributes_in_bind = Fetch attributes in bind DN context -auths.default_domain_name = Default domain name used for the email address auths.allow_deactivate_all = Allow an empty search result to deactivate all users auths.use_paged_search = Use paged search auths.search_page_size = Page size diff --git a/release-notes/8.0.0/3414.md b/release-notes/8.0.0/3414.md deleted file mode 100644 index 2e10483e23..0000000000 --- a/release-notes/8.0.0/3414.md +++ /dev/null @@ -1 +0,0 @@ -Allow to customize the domain name used as a fallback when synchronizing sources from ldap [`ldap: default domain name`](https://codeberg.org/forgejo/forgejo/pulls/3414) diff --git a/release-notes/8.0.0/fix/3363.md b/release-notes/8.0.0/fix/3363.md deleted file mode 100644 index 65b516cabc..0000000000 --- a/release-notes/8.0.0/fix/3363.md +++ /dev/null @@ -1,6 +0,0 @@ -Reverted the rootless container image path in `GITEA_APP_INI` from -`/etc/gitea/app.ini` to its default value of -`/var/lib/gitea/custom/conf/app.ini`. This allows container users to not have -to mount two separate volumes (one for the configuration data and one for the -configuration `.ini` file). A warning is issued for users with the legacy -configuration on how to update to the new path. diff --git a/release-notes/8.0.0/fix/3399.md b/release-notes/8.0.0/fix/3399.md new file mode 100644 index 0000000000..d25d66d5f0 --- /dev/null +++ b/release-notes/8.0.0/fix/3399.md @@ -0,0 +1 @@ +The regression in the [`fogejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [is fixed](https://codeberg.org/forgejo/forgejo/issues/3399) and it is backward compatible. diff --git a/release-notes/8.0.0/fix/3444.md b/release-notes/8.0.0/fix/3444.md new file mode 100644 index 0000000000..4988fdad15 --- /dev/null +++ b/release-notes/8.0.0/fix/3444.md @@ -0,0 +1 @@ +Fixed bleve indexer failing when [fuzziness exceeds the maximum 2](https://codeberg.org/forgejo/forgejo/pulls/3444) diff --git a/release-notes/8.0.0/fix/3451.md b/release-notes/8.0.0/fix/3451.md new file mode 100644 index 0000000000..e0c307e896 --- /dev/null +++ b/release-notes/8.0.0/fix/3451.md @@ -0,0 +1 @@ +Fixed an error 500 when visiting [the LFS settings](https://codeberg.org/forgejo/forgejo/pulls/3451) at `/{owner}/{repo}/settings/lfs/find?oid=...`. diff --git a/routers/web/admin/auths.go b/routers/web/admin/auths.go index 799b7e8a84..ba487d1045 100644 --- a/routers/web/admin/auths.go +++ b/routers/web/admin/auths.go @@ -129,7 +129,6 @@ func parseLDAPConfig(form forms.AuthenticationForm) *ldap.Source { UserDN: form.UserDN, BindPassword: form.BindPassword, UserBase: form.UserBase, - DefaultDomainName: form.DefaultDomainName, AttributeUsername: form.AttributeUsername, AttributeName: form.AttributeName, AttributeSurname: form.AttributeSurname, diff --git a/services/auth/source/ldap/source.go b/services/auth/source/ldap/source.go index ba407b351a..dc4cb2c940 100644 --- a/services/auth/source/ldap/source.go +++ b/services/auth/source/ldap/source.go @@ -34,7 +34,6 @@ type Source struct { BindPassword string // Bind DN password UserBase string // Base search path for users UserDN string // Template for the DN of the user for simple auth - DefaultDomainName string // DomainName used if none are in the field, default "localhost.local" AttributeUsername string // Username attribute AttributeName string // First name attribute AttributeSurname string // Surname attribute diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go index 7c5d3da595..62f052d68c 100644 --- a/services/auth/source/ldap/source_sync.go +++ b/services/auth/source/ldap/source_sync.go @@ -105,11 +105,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error { } if len(su.Mail) == 0 { - domainName := source.DefaultDomainName - if len(domainName) == 0 { - domainName = "localhost.local" - } - su.Mail = fmt.Sprintf("%s@%s", su.Username, domainName) + su.Mail = fmt.Sprintf("%s@localhost.local", su.Username) } fullName := composeFullName(su.Name, su.Surname, su.Username) diff --git a/services/forms/auth_form.go b/services/forms/auth_form.go index a3eca9473b..c9f3182b3a 100644 --- a/services/forms/auth_form.go +++ b/services/forms/auth_form.go @@ -26,7 +26,6 @@ type AuthenticationForm struct { AttributeUsername string AttributeName string AttributeSurname string - DefaultDomainName string AttributeMail string AttributeSSHPublicKey string AttributeAvatar string diff --git a/templates/admin/auth/edit.tmpl b/templates/admin/auth/edit.tmpl index 8a8bd61148..687a277a84 100644 --- a/templates/admin/auth/edit.tmpl +++ b/templates/admin/auth/edit.tmpl @@ -97,10 +97,6 @@ -
- - -
diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl index 6cb6643f26..680849c8ea 100644 --- a/templates/admin/auth/source/ldap.tmpl +++ b/templates/admin/auth/source/ldap.tmpl @@ -71,10 +71,6 @@
-
- - -
diff --git a/tests/integration/auth_ldap_test.go b/tests/integration/auth_ldap_test.go index 06677287c0..3a5fdb97a6 100644 --- a/tests/integration/auth_ldap_test.go +++ b/tests/integration/auth_ldap_test.go @@ -112,17 +112,13 @@ func getLDAPServerPort() string { return port } -func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter, groupTeamMap, groupTeamMapRemoval string) map[string]string { +func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval string) map[string]string { // Modify user filter to test group filter explicitly userFilter := "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))" if groupFilter != "" { userFilter = "(&(objectClass=inetOrgPerson)(uid=%s))" } - if len(mailKeyAttribute) == 0 { - mailKeyAttribute = "mail" - } - return map[string]string{ "_csrf": csrf, "type": "2", @@ -138,9 +134,8 @@ func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, default "attribute_username": "uid", "attribute_name": "givenName", "attribute_surname": "sn", - "attribute_mail": mailKeyAttribute, + "attribute_mail": "mail", "attribute_ssh_public_key": sshKeyAttribute, - "default_domain_name": defaultDomainName, "is_sync_enabled": "on", "is_active": "on", "groups_enabled": "on", @@ -153,7 +148,7 @@ func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, default } } -func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter string, groupMapParams ...string) { +func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, groupFilter string, groupMapParams ...string) { groupTeamMapRemoval := "off" groupTeamMap := "" if len(groupMapParams) == 2 { @@ -162,7 +157,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, mailKeyAttribute, defaultD } session := loginUser(t, "user1") csrf := GetCSRF(t, session, "/admin/auths/new") - req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter, groupTeamMap, groupTeamMapRemoval)) + req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval)) session.MakeRequest(t, req, http.StatusSeeOther) } @@ -172,7 +167,7 @@ func TestLDAPUserSignin(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "") + addAuthSourceLDAP(t, "", "") u := gitLDAPUsers[0] @@ -189,7 +184,7 @@ func TestLDAPUserSignin(t *testing.T) { func TestLDAPAuthChange(t *testing.T) { defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "") + addAuthSourceLDAP(t, "", "") session := loginUser(t, "user1") req := NewRequest(t, "GET", "/admin/auths") @@ -210,7 +205,7 @@ func TestLDAPAuthChange(t *testing.T) { binddn, _ := doc.Find(`input[name="bind_dn"]`).Attr("value") assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn) - req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "", "", "", "off")) + req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "", "off")) session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", href) @@ -220,21 +215,6 @@ func TestLDAPAuthChange(t *testing.T) { assert.Equal(t, host, getLDAPServerHost()) binddn, _ = doc.Find(`input[name="bind_dn"]`).Attr("value") assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn) - domainname, _ := doc.Find(`input[name="default_domain_name"]`).Attr("value") - assert.Equal(t, "", domainname) - - req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "test.org", "", "", "off")) - session.MakeRequest(t, req, http.StatusSeeOther) - - req = NewRequest(t, "GET", href) - resp = session.MakeRequest(t, req, http.StatusOK) - doc = NewHTMLParser(t, resp.Body) - host, _ = doc.Find(`input[name="host"]`).Attr("value") - assert.Equal(t, host, getLDAPServerHost()) - binddn, _ = doc.Find(`input[name="bind_dn"]`).Attr("value") - assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn) - domainname, _ = doc.Find(`input[name="default_domain_name"]`).Attr("value") - assert.Equal(t, "test.org", domainname) } func TestLDAPUserSync(t *testing.T) { @@ -243,7 +223,7 @@ func TestLDAPUserSync(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "") + addAuthSourceLDAP(t, "", "") auth.SyncExternalUsers(context.Background(), true) // Check if users exists @@ -272,7 +252,7 @@ func TestLDAPUserSyncWithEmptyUsernameAttribute(t *testing.T) { session := loginUser(t, "user1") csrf := GetCSRF(t, session, "/admin/auths/new") - payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "", "", "") + payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "") payload["attribute_username"] = "" req := NewRequestWithValues(t, "POST", "/admin/auths/new", payload) session.MakeRequest(t, req, http.StatusSeeOther) @@ -320,7 +300,7 @@ func TestLDAPUserSyncWithGroupFilter(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "(cn=git)") + addAuthSourceLDAP(t, "", "(cn=git)") // Assert a user not a member of the LDAP group "cn=git" cannot login // This test may look like TestLDAPUserSigninFailed but it is not. @@ -379,7 +359,7 @@ func TestLDAPUserSigninFailed(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "") + addAuthSourceLDAP(t, "", "") u := otherLDAPUsers[0] testLoginFailed(t, u.UserName, u.Password, translation.NewLocale("en-US").TrString("form.username_password_incorrect")) @@ -391,7 +371,7 @@ func TestLDAPUserSSHKeySync(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "sshPublicKey", "", "", "") + addAuthSourceLDAP(t, "sshPublicKey", "") auth.SyncExternalUsers(context.Background(), true) @@ -424,7 +404,7 @@ func TestLDAPGroupTeamSyncAddMember(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "", "on", `{"cn=ship_crew,ou=people,dc=planetexpress,dc=com":{"org26": ["team11"]},"cn=admin_staff,ou=people,dc=planetexpress,dc=com": {"non-existent": ["non-existent"]}}`) + addAuthSourceLDAP(t, "", "", "on", `{"cn=ship_crew,ou=people,dc=planetexpress,dc=com":{"org26": ["team11"]},"cn=admin_staff,ou=people,dc=planetexpress,dc=com": {"non-existent": ["non-existent"]}}`) org, err := organization.GetOrgByName(db.DefaultContext, "org26") assert.NoError(t, err) team, err := organization.GetTeam(db.DefaultContext, org.ID, "team11") @@ -469,7 +449,7 @@ func TestLDAPGroupTeamSyncRemoveMember(t *testing.T) { return } defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "", "", "", "on", `{"cn=dispatch,ou=people,dc=planetexpress,dc=com": {"org26": ["team11"]}}`) + addAuthSourceLDAP(t, "", "", "on", `{"cn=dispatch,ou=people,dc=planetexpress,dc=com": {"org26": ["team11"]}}`) org, err := organization.GetOrgByName(db.DefaultContext, "org26") assert.NoError(t, err) team, err := organization.GetTeam(db.DefaultContext, org.ID, "team11") @@ -507,58 +487,6 @@ func TestLDAPPreventInvalidGroupTeamMap(t *testing.T) { session := loginUser(t, "user1") csrf := GetCSRF(t, session, "/admin/auths/new") - req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off")) + req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off")) session.MakeRequest(t, req, http.StatusOK) // StatusOK = failed, StatusSeeOther = ok } - -func TestLDAPUserSyncInvalidMail(t *testing.T) { - if skipLDAPTests() { - t.Skip() - return - } - defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "nonexisting", "", "") - auth.SyncExternalUsers(context.Background(), true) - - // Check if users exists - for _, gitLDAPUser := range gitLDAPUsers { - dbUser, err := user_model.GetUserByName(db.DefaultContext, gitLDAPUser.UserName) - assert.NoError(t, err) - assert.Equal(t, gitLDAPUser.UserName, dbUser.Name) - assert.Equal(t, gitLDAPUser.UserName+"@localhost.local", dbUser.Email) - assert.Equal(t, gitLDAPUser.IsAdmin, dbUser.IsAdmin) - assert.Equal(t, gitLDAPUser.IsRestricted, dbUser.IsRestricted) - } - - // Check if no users exist - for _, otherLDAPUser := range otherLDAPUsers { - _, err := user_model.GetUserByName(db.DefaultContext, otherLDAPUser.UserName) - assert.True(t, user_model.IsErrUserNotExist(err)) - } -} - -func TestLDAPUserSyncInvalidMailDefaultDomain(t *testing.T) { - if skipLDAPTests() { - t.Skip() - return - } - defer tests.PrepareTestEnv(t)() - addAuthSourceLDAP(t, "", "nonexisting", "test.org", "") - auth.SyncExternalUsers(context.Background(), true) - - // Check if users exists - for _, gitLDAPUser := range gitLDAPUsers { - dbUser, err := user_model.GetUserByName(db.DefaultContext, gitLDAPUser.UserName) - assert.NoError(t, err) - assert.Equal(t, gitLDAPUser.UserName, dbUser.Name) - assert.Equal(t, gitLDAPUser.UserName+"@test.org", dbUser.Email) - assert.Equal(t, gitLDAPUser.IsAdmin, dbUser.IsAdmin) - assert.Equal(t, gitLDAPUser.IsRestricted, dbUser.IsRestricted) - } - - // Check if no users exist - for _, otherLDAPUser := range otherLDAPUsers { - _, err := user_model.GetUserByName(db.DefaultContext, otherLDAPUser.UserName) - assert.True(t, user_model.IsErrUserNotExist(err)) - } -}