Dockerfile.rootless

@@ -100,11 +100,8 @@ ENV GITEA_CUSTOM /var/lib/gitea/custom
 ENV GITEA_TEMP /tmp/gitea
 ENV TMPDIR /tmp/gitea
 
-# Legacy config file for backwards compatibility
+#TODO add to docs the ability to define the ini to load (useful to test and revert a config)
-# TODO: remove on next major version release
+ENV GITEA_APP_INI /etc/gitea/app.ini
-ENV GITEA_APP_INI_LEGACY /etc/gitea/app.ini
-
-ENV GITEA_APP_INI ${GITEA_CUSTOM}/conf/app.ini
 ENV HOME "/var/lib/gitea/git"
 VOLUME ["/var/lib/gitea", "/etc/gitea"]
 WORKDIR /var/lib/gitea

RELEASE-NOTES.md

@@ -8,19 +8,6 @@ A [patch or minor release](https://semver.org/spec/v2.0.0.html) (e.g. upgrading
 
 - [8.0.0](/release-notes/8.0.0/)
 
-## 7.0.1
-
-This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/).
-
-In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.0...v7.0.1) included in this release.
-
-* **Bug fixes:**
-  * [PR](https://codeberg.org/forgejo/forgejo/pulls/3466): LFS data corruption when running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`).
-  * [PR](https://codeberg.org/forgejo/forgejo/pulls/3412): [non backward compatible change](https://codeberg.org/forgejo/forgejo/issues/3399) in the [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command.
-  * [PR](https://codeberg.org/forgejo/forgejo/pulls/3448): error 500 because of an incorrect evaluation of the template when visiting the LFS settings of a repository.
-  * [PR](https://codeberg.org/forgejo/forgejo/pulls/3464): `GET /repos/{owner}/{name}` API endpoint [always returns an empty string for the `object_format_name` field](https://codeberg.org/forgejo/forgejo/issues/3458).
-  * [PR](https://codeberg.org/forgejo/forgejo/pulls/3444): fuzzy search [may fail with bleve](https://codeberg.org/forgejo/forgejo/issues/3443).
-
 ## 7.0.0
 
 The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v7.0/forgejo) included in the `Forgejo v7.0.0` release can be reviewed from the command line with:
@@ -32,7 +19,7 @@ $ git -C forgejo log --oneline --no-merges origin/v1.21/forgejo..origin/v7.0/for
 
 * **Regressions and workarounds:**
   * Running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`) will corrupt the LFS storage. The workaround is to not run the doctor CLI command and disable the `cron.gc_lfs`. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3438).
-  * The [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399).
+  * The [`fogejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399).
 * **Breaking changes requiring manual intervention:**
   * [MySQL 8.0 or PostgreSQL 12](https://codeberg.org/forgejo/forgejo/commit/e94f9fcafdcf284561e7fb33f60156a69c4ad6a5) are the minimum supported versions. The database must be migrated before upgrading. The requirements regarding SQLite did not change.
   * The `per_page` parameter is [no longer a synonym for `limit`](https://codeberg.org/forgejo/forgejo/commit/0aab2d38a7d91bc8caff332e452364468ce52d9a) in the [/repos/{owner}/{repo}/releases](https://code.forgejo.org/api/swagger/#/repository/repoListReleases) API endpoint.

docker/rootless/usr/local/bin/docker-entrypoint.sh

@@ -13,10 +13,5 @@ fi
 if [ $# -gt 0 ]; then
     exec "$@"
 else
-    # TODO: remove on next major version release
-    # Honour legacy config file if existing
-    if [ -f ${GITEA_APP_INI_LEGACY} ]; then
-        GITEA_APP_INI=${GITEA_APP_INI_LEGACY}
-    fi
     exec /usr/local/bin/gitea -c ${GITEA_APP_INI} web
 fi

docker/rootless/usr/local/bin/docker-setup.sh

@@ -11,18 +11,6 @@ mkdir -p ${GITEA_CUSTOM} && chmod 0700 ${GITEA_CUSTOM}
 mkdir -p ${GITEA_TEMP} && chmod 0700 ${GITEA_TEMP}
 if [ ! -w ${GITEA_TEMP} ]; then echo "${GITEA_TEMP} is not writable"; exit 1; fi
 
-# TODO: remove on next major version release
-# Honour legacy config file if existing, but inform the user
-if [ -f ${GITEA_APP_INI_LEGACY} ] && [ ${GITEA_APP_INI} != ${GITEA_APP_INI_LEGACY} ]; then
-    GITEA_APP_INI_DEFAULT=/var/lib/gitea/custom/conf/app.ini
-    echo -e \
-      "\033[33mWARNING\033[0m: detected configuration file in deprecated default path ${GITEA_APP_INI_LEGACY}." \
-      "The new default is ${GITEA_APP_INI_DEFAULT}. To remove this warning, choose one of the options:\n" \
-      "* Move ${GITEA_APP_INI_LEGACY} to ${GITEA_APP_INI_DEFAULT} (or to \$GITEA_APP_INI if you want to override this variable)\n" \
-      "* Explicitly override GITEA_APP_INI=${GITEA_APP_INI_LEGACY} in the container environment"
-    GITEA_APP_INI=${GITEA_APP_INI_LEGACY}
-fi
-
 #Prepare config file
 if [ ! -f ${GITEA_APP_INI} ]; then
 

options/locale/locale_en-US.ini

@@ -3100,7 +3100,6 @@ auths.attribute_mail = Email attribute
 auths.attribute_ssh_public_key = Public SSH key attribute
 auths.attribute_avatar = Avatar attribute
 auths.attributes_in_bind = Fetch attributes in bind DN context
-auths.default_domain_name = Default domain name used for the email address
 auths.allow_deactivate_all = Allow an empty search result to deactivate all users
 auths.use_paged_search = Use paged search
 auths.search_page_size = Page size

release-notes/8.0.0/3414.md

@@ -1 +0,0 @@
-Allow to customize the domain name used as a fallback when synchronizing sources from ldap [`ldap: default domain name`](https://codeberg.org/forgejo/forgejo/pulls/3414)

release-notes/8.0.0/fix/3363.md

@@ -1,6 +0,0 @@
-Reverted the rootless container image path in `GITEA_APP_INI` from
-`/etc/gitea/app.ini` to its default value of
-`/var/lib/gitea/custom/conf/app.ini`. This allows container users to not have
-to mount two separate volumes (one for the configuration data and one for the
-configuration `.ini` file). A warning is issued for users with the legacy
-configuration on how to update to the new path.

release-notes/8.0.0/fix/3399.md

@@ -0,0 +1 @@
+The regression in the [`fogejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [is fixed](https://codeberg.org/forgejo/forgejo/issues/3399) and it is backward compatible.

release-notes/8.0.0/fix/3444.md

@@ -0,0 +1 @@
+Fixed bleve indexer failing when [fuzziness exceeds the maximum 2](https://codeberg.org/forgejo/forgejo/pulls/3444)

release-notes/8.0.0/fix/3451.md

@@ -0,0 +1 @@
+Fixed an error 500 when visiting [the LFS settings](https://codeberg.org/forgejo/forgejo/pulls/3451) at `/{owner}/{repo}/settings/lfs/find?oid=...`.

routers/web/admin/auths.go

@@ -129,7 +129,6 @@ func parseLDAPConfig(form forms.AuthenticationForm) *ldap.Source {
 		UserDN:                form.UserDN,
 		BindPassword:          form.BindPassword,
 		UserBase:              form.UserBase,
-		DefaultDomainName:     form.DefaultDomainName,
 		AttributeUsername:     form.AttributeUsername,
 		AttributeName:         form.AttributeName,
 		AttributeSurname:      form.AttributeSurname,

services/auth/source/ldap/source.go

@@ -34,7 +34,6 @@ type Source struct {
 	BindPassword          string // Bind DN password
 	UserBase              string // Base search path for users
 	UserDN                string // Template for the DN of the user for simple auth
-	DefaultDomainName     string // DomainName used if none are in the field, default "localhost.local"
 	AttributeUsername     string // Username attribute
 	AttributeName         string // First name attribute
 	AttributeSurname      string // Surname attribute

services/auth/source/ldap/source_sync.go

@@ -105,11 +105,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 		}
 
 		if len(su.Mail) == 0 {
-			domainName := source.DefaultDomainName
+			su.Mail = fmt.Sprintf("%s@localhost.local", su.Username)
-			if len(domainName) == 0 {
-				domainName = "localhost.local"
-			}
-			su.Mail = fmt.Sprintf("%s@%s", su.Username, domainName)
 		}
 
 		fullName := composeFullName(su.Name, su.Surname, su.Username)

services/forms/auth_form.go

@@ -26,7 +26,6 @@ type AuthenticationForm struct {
 	AttributeUsername             string
 	AttributeName                 string
 	AttributeSurname              string
-	DefaultDomainName             string
 	AttributeMail                 string
 	AttributeSSHPublicKey         string
 	AttributeAvatar               string

templates/admin/auth/edit.tmpl

@@ -97,10 +97,6 @@
 						<label for="attribute_mail">{{ctx.Locale.Tr "admin.auths.attribute_mail"}}</label>
 						<input id="attribute_mail" name="attribute_mail" value="{{$cfg.AttributeMail}}" placeholder="mail" required>
 					</div>
-					<div class="field">
-						<label for="default_domain_name">{{ctx.Locale.Tr "admin.auths.default_domain_name"}}</label>
-						<input id="default_domain_name" name="default_domain_name" value="{{$cfg.DefaultDomainName}}" placeholder="localhost.local" >
-					</div>
 					<div class="field">
 						<label for="attribute_ssh_public_key">{{ctx.Locale.Tr "admin.auths.attribute_ssh_public_key"}}</label>
 						<input id="attribute_ssh_public_key" name="attribute_ssh_public_key" value="{{$cfg.AttributeSSHPublicKey}}" placeholder="SshPublicKey">

templates/admin/auth/source/ldap.tmpl

@@ -71,10 +71,6 @@
 		<label for="attribute_mail">{{ctx.Locale.Tr "admin.auths.attribute_mail"}}</label>
 		<input id="attribute_mail" name="attribute_mail" value="{{.attribute_mail}}" placeholder="mail">
 	</div>
-	<div class="field">
-		<label for="default_domain_name">{{ctx.Locale.Tr "admin.auths.default_domain_name"}}</label>
-		<input id="default_domain_name" name="default_domain_name" value="{{.default_domain_name}}" placeholder="localhost.local">
-	</div>
 	<div class="field">
 		<label for="attribute_ssh_public_key">{{ctx.Locale.Tr "admin.auths.attribute_ssh_public_key"}}</label>
 		<input id="attribute_ssh_public_key" name="attribute_ssh_public_key" value="{{.attribute_ssh_public_key}}" placeholder="SshPublicKey">

tests/integration/auth_ldap_test.go

@@ -112,17 +112,13 @@ func getLDAPServerPort() string {
 	return port
 }
 
-func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter, groupTeamMap, groupTeamMapRemoval string) map[string]string {
+func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval string) map[string]string {
 	// Modify user filter to test group filter explicitly
 	userFilter := "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))"
 	if groupFilter != "" {
 		userFilter = "(&(objectClass=inetOrgPerson)(uid=%s))"
 	}
 
-	if len(mailKeyAttribute) == 0 {
-		mailKeyAttribute = "mail"
-	}
-
 	return map[string]string{
 		"_csrf":                    csrf,
 		"type":                     "2",
@@ -138,9 +134,8 @@ func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, default
 		"attribute_username":       "uid",
 		"attribute_name":           "givenName",
 		"attribute_surname":        "sn",
-		"attribute_mail":           mailKeyAttribute,
+		"attribute_mail":           "mail",
 		"attribute_ssh_public_key": sshKeyAttribute,
-		"default_domain_name":      defaultDomainName,
 		"is_sync_enabled":          "on",
 		"is_active":                "on",
 		"groups_enabled":           "on",
@@ -153,7 +148,7 @@ func buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, default
 	}
 }
 
-func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter string, groupMapParams ...string) {
+func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, groupFilter string, groupMapParams ...string) {
 	groupTeamMapRemoval := "off"
 	groupTeamMap := ""
 	if len(groupMapParams) == 2 {
@@ -162,7 +157,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute, mailKeyAttribute, defaultD
 	}
 	session := loginUser(t, "user1")
 	csrf := GetCSRF(t, session, "/admin/auths/new")
-	req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, mailKeyAttribute, defaultDomainName, groupFilter, groupTeamMap, groupTeamMapRemoval))
+	req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, sshKeyAttribute, groupFilter, groupTeamMap, groupTeamMapRemoval))
 	session.MakeRequest(t, req, http.StatusSeeOther)
 }
 
@@ -172,7 +167,7 @@ func TestLDAPUserSignin(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "")
+	addAuthSourceLDAP(t, "", "")
 
 	u := gitLDAPUsers[0]
 
@@ -189,7 +184,7 @@ func TestLDAPUserSignin(t *testing.T) {
 
 func TestLDAPAuthChange(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "")
+	addAuthSourceLDAP(t, "", "")
 
 	session := loginUser(t, "user1")
 	req := NewRequest(t, "GET", "/admin/auths")
@@ -210,7 +205,7 @@ func TestLDAPAuthChange(t *testing.T) {
 	binddn, _ := doc.Find(`input[name="bind_dn"]`).Attr("value")
 	assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn)
 
-	req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "", "", "", "off"))
+	req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "", "off"))
 	session.MakeRequest(t, req, http.StatusSeeOther)
 
 	req = NewRequest(t, "GET", href)
@@ -220,21 +215,6 @@ func TestLDAPAuthChange(t *testing.T) {
 	assert.Equal(t, host, getLDAPServerHost())
 	binddn, _ = doc.Find(`input[name="bind_dn"]`).Attr("value")
 	assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn)
-	domainname, _ := doc.Find(`input[name="default_domain_name"]`).Attr("value")
-	assert.Equal(t, "", domainname)
-
-	req = NewRequestWithValues(t, "POST", href, buildAuthSourceLDAPPayload(csrf, "", "", "test.org", "", "", "off"))
-	session.MakeRequest(t, req, http.StatusSeeOther)
-
-	req = NewRequest(t, "GET", href)
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	doc = NewHTMLParser(t, resp.Body)
-	host, _ = doc.Find(`input[name="host"]`).Attr("value")
-	assert.Equal(t, host, getLDAPServerHost())
-	binddn, _ = doc.Find(`input[name="bind_dn"]`).Attr("value")
-	assert.Equal(t, "uid=gitea,ou=service,dc=planetexpress,dc=com", binddn)
-	domainname, _ = doc.Find(`input[name="default_domain_name"]`).Attr("value")
-	assert.Equal(t, "test.org", domainname)
 }
 
 func TestLDAPUserSync(t *testing.T) {
@@ -243,7 +223,7 @@ func TestLDAPUserSync(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "")
+	addAuthSourceLDAP(t, "", "")
 	auth.SyncExternalUsers(context.Background(), true)
 
 	// Check if users exists
@@ -272,7 +252,7 @@ func TestLDAPUserSyncWithEmptyUsernameAttribute(t *testing.T) {
 
 	session := loginUser(t, "user1")
 	csrf := GetCSRF(t, session, "/admin/auths/new")
-	payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "", "", "")
+	payload := buildAuthSourceLDAPPayload(csrf, "", "", "", "")
 	payload["attribute_username"] = ""
 	req := NewRequestWithValues(t, "POST", "/admin/auths/new", payload)
 	session.MakeRequest(t, req, http.StatusSeeOther)
@@ -320,7 +300,7 @@ func TestLDAPUserSyncWithGroupFilter(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "(cn=git)")
+	addAuthSourceLDAP(t, "", "(cn=git)")
 
 	// Assert a user not a member of the LDAP group "cn=git" cannot login
 	// This test may look like TestLDAPUserSigninFailed but it is not.
@@ -379,7 +359,7 @@ func TestLDAPUserSigninFailed(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "")
+	addAuthSourceLDAP(t, "", "")
 
 	u := otherLDAPUsers[0]
 	testLoginFailed(t, u.UserName, u.Password, translation.NewLocale("en-US").TrString("form.username_password_incorrect"))
@@ -391,7 +371,7 @@ func TestLDAPUserSSHKeySync(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "sshPublicKey", "", "", "")
+	addAuthSourceLDAP(t, "sshPublicKey", "")
 
 	auth.SyncExternalUsers(context.Background(), true)
 
@@ -424,7 +404,7 @@ func TestLDAPGroupTeamSyncAddMember(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "", "on", `{"cn=ship_crew,ou=people,dc=planetexpress,dc=com":{"org26": ["team11"]},"cn=admin_staff,ou=people,dc=planetexpress,dc=com": {"non-existent": ["non-existent"]}}`)
+	addAuthSourceLDAP(t, "", "", "on", `{"cn=ship_crew,ou=people,dc=planetexpress,dc=com":{"org26": ["team11"]},"cn=admin_staff,ou=people,dc=planetexpress,dc=com": {"non-existent": ["non-existent"]}}`)
 	org, err := organization.GetOrgByName(db.DefaultContext, "org26")
 	assert.NoError(t, err)
 	team, err := organization.GetTeam(db.DefaultContext, org.ID, "team11")
@@ -469,7 +449,7 @@ func TestLDAPGroupTeamSyncRemoveMember(t *testing.T) {
 		return
 	}
 	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "", "", "", "on", `{"cn=dispatch,ou=people,dc=planetexpress,dc=com": {"org26": ["team11"]}}`)
+	addAuthSourceLDAP(t, "", "", "on", `{"cn=dispatch,ou=people,dc=planetexpress,dc=com": {"org26": ["team11"]}}`)
 	org, err := organization.GetOrgByName(db.DefaultContext, "org26")
 	assert.NoError(t, err)
 	team, err := organization.GetTeam(db.DefaultContext, org.ID, "team11")
@@ -507,58 +487,6 @@ func TestLDAPPreventInvalidGroupTeamMap(t *testing.T) {
 
 	session := loginUser(t, "user1")
 	csrf := GetCSRF(t, session, "/admin/auths/new")
-	req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off"))
+	req := NewRequestWithValues(t, "POST", "/admin/auths/new", buildAuthSourceLDAPPayload(csrf, "", "", `{"NOT_A_VALID_JSON"["MISSING_DOUBLE_POINT"]}`, "off"))
 	session.MakeRequest(t, req, http.StatusOK) // StatusOK = failed, StatusSeeOther = ok
 }
-
-func TestLDAPUserSyncInvalidMail(t *testing.T) {
-	if skipLDAPTests() {
-		t.Skip()
-		return
-	}
-	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "nonexisting", "", "")
-	auth.SyncExternalUsers(context.Background(), true)
-
-	// Check if users exists
-	for _, gitLDAPUser := range gitLDAPUsers {
-		dbUser, err := user_model.GetUserByName(db.DefaultContext, gitLDAPUser.UserName)
-		assert.NoError(t, err)
-		assert.Equal(t, gitLDAPUser.UserName, dbUser.Name)
-		assert.Equal(t, gitLDAPUser.UserName+"@localhost.local", dbUser.Email)
-		assert.Equal(t, gitLDAPUser.IsAdmin, dbUser.IsAdmin)
-		assert.Equal(t, gitLDAPUser.IsRestricted, dbUser.IsRestricted)
-	}
-
-	// Check if no users exist
-	for _, otherLDAPUser := range otherLDAPUsers {
-		_, err := user_model.GetUserByName(db.DefaultContext, otherLDAPUser.UserName)
-		assert.True(t, user_model.IsErrUserNotExist(err))
-	}
-}
-
-func TestLDAPUserSyncInvalidMailDefaultDomain(t *testing.T) {
-	if skipLDAPTests() {
-		t.Skip()
-		return
-	}
-	defer tests.PrepareTestEnv(t)()
-	addAuthSourceLDAP(t, "", "nonexisting", "test.org", "")
-	auth.SyncExternalUsers(context.Background(), true)
-
-	// Check if users exists
-	for _, gitLDAPUser := range gitLDAPUsers {
-		dbUser, err := user_model.GetUserByName(db.DefaultContext, gitLDAPUser.UserName)
-		assert.NoError(t, err)
-		assert.Equal(t, gitLDAPUser.UserName, dbUser.Name)
-		assert.Equal(t, gitLDAPUser.UserName+"@test.org", dbUser.Email)
-		assert.Equal(t, gitLDAPUser.IsAdmin, dbUser.IsAdmin)
-		assert.Equal(t, gitLDAPUser.IsRestricted, dbUser.IsRestricted)
-	}
-
-	// Check if no users exist
-	for _, otherLDAPUser := range otherLDAPUsers {
-		_, err := user_model.GetUserByName(db.DefaultContext, otherLDAPUser.UserName)
-		assert.True(t, user_model.IsErrUserNotExist(err))
-	}
-}