Remove user from groups and projects when deleted

Author: thorin

.travis.yml

@@ -1,4 +1,3 @@
----
 language: ruby
 sudo: false
 cache: bundler
@@ -7,9 +6,10 @@ addons:
     packages:
       - ldap-utils
       - slapd
+  chrome: stable
 rvm:
  - 1.9.3
- - 2.3.1
+ - 2.3.4
 env:
   global: REDMINE_DIR=./workspace/redmine
   matrix:
@@ -18,8 +18,6 @@ env:
    - REDMINE=master
 matrix:
   include:
-   - rvm: 2.3.1
-     env: REDMINE=3.3-stable
    - rvm: 2.4.1
      env: REDMINE=3.4-stable
    - rvm: 2.4.1

app/helpers/ldap_settings_helper.rb

@@ -158,7 +158,7 @@ def current_base
     end
 
     def base_settings
-      @base_settings if @base_settings
+      @base_settings if defined? @base_settings
 
       config_dir = File.join(Redmine::Plugin.find(:redmine_ldap_sync).directory, 'config')
       default = baseable_fields.inject({}) {|h, k| h[k] = ''; h }

app/models/ldap_setting.rb

@@ -30,7 +30,7 @@ class LdapSetting
   CLASS_NAMES = %w( class_user class_group )
   FLAGS = %w( create_groups create_users active )
   COMBOS = %w( group_membership nested_groups sync_on_login dyngroups users_search_scope )
-  OTHERS = %w( account_disabled_test user_fields_to_sync group_fields_to_sync user_ldap_attrs group_ldap_attrs fixed_group admin_group required_group group_search_filter groupname_pattern groups_base_dn dyngroups_cache_ttl )
+  OTHERS = %w( account_locked_test user_fields_to_sync group_fields_to_sync user_ldap_attrs group_ldap_attrs fixed_group admin_group required_group group_search_filter groupname_pattern groups_base_dn dyngroups_cache_ttl )
 
   validates_presence_of :auth_source_ldap_id
   validates_presence_of :class_user, :class_group, :groupname
@@ -51,7 +51,7 @@ class LdapSetting
   validates_numericality_of :dyngroups_cache_ttl, :only_integer => true, :allow_blank => true
 
   validate :validate_groupname_pattern
-  validate :validate_account_disabled_test
+  validate :validate_account_locked_test
   validate :validate_group_filter
   validate :validate_user_fields_to_sync, :validate_user_ldap_attrs
   validate :validate_group_fields_to_sync, :validate_group_ldap_attrs
@@ -141,9 +141,9 @@ def sync_fields_on_login?
   end
 
   # Returns the evaluated proc of the account disabled test
-  def account_disabled_proc
-    @account_disabled_proc ||= if has_account_disabled_test?
-      eval("lambda { |flags| #{account_disabled_test} }")
+  def account_locked_proc
+    @account_locked_proc ||= if has_account_locked_test?
+      eval("lambda { |flags| #{account_locked_test} }")
     end
   end
 
@@ -274,12 +274,12 @@ def self.all(options = {})
 
   protected
 
-    def validate_account_disabled_test
-      if account_disabled_test.present?
-        eval "lambda { |flags| #{account_disabled_test} }"
+    def validate_account_locked_test
+      if account_locked_test.present?
+        eval "lambda { |flags| #{account_locked_test} }"
       end
     rescue Exception => e
-      errors.add :account_disabled_test, :invalid_expression, :error_message => e.message.gsub(/^(\(eval\):1: )?(.*?)(lambda.*|$)/m, '\2')
+      errors.add :account_locked_test, :invalid_expression, :error_message => e.message.gsub(/^(\(eval\):1: )?(.*?)(lambda.*|$)/m, '\2')
       Rails.logger.error "#{e.message}\n #{e.backtrace.join("\n ")}"
     end
 

app/models/ldap_test.rb

@@ -22,7 +22,7 @@ class LdapTest
   include ActiveModel::Validations
   extend ActiveModel::Naming
 
-  attr_accessor :setting, :bind_user, :bind_password, :test_users, :test_groups, :messages, :user_attrs, :group_attrs, :users_at_ldap, :groups_at_ldap, :non_dynamic_groups, :dynamic_groups, :users_disabled_by_group, :admin_users, :user_changes
+  attr_accessor :setting, :bind_user, :bind_password, :test_users, :test_groups, :messages, :user_attrs, :group_attrs, :users_at_ldap, :groups_at_ldap, :non_dynamic_groups, :dynamic_groups, :users_locked_by_group, :admin_users, :user_changes
 
   delegate :auth_source_ldap, :to => :setting
   delegate :users, :to => :auth_source_ldap
@@ -34,12 +34,12 @@ def initialize(setting)
 
     @setting = setting
     @messages = ''
-    @user_changes = {:enabled => [], :disabled => []}
+    @user_changes = {:enabled => [], :locked => [], :deleted => []}
     @users_at_ldap = {}
     @groups_at_ldap = {}
     @non_dynamic_groups = []
     @dynamic_groups = {}
-    @users_disabled_by_group = []
+    @users_locked_by_group = []
     @admin_users = []
   end
 
@@ -72,7 +72,7 @@ def run_with_users_and_groups(users, groups)
         end
 
         if setting.has_required_group?
-          users_disabled_by_group << login unless enabled_groups.include? setting.required_group.downcase
+          users_locked_by_group << login unless enabled_groups.include? setting.required_group.downcase
         end
       end if setting.has_admin_group? || setting.has_required_group?
 

app/views/ldap_settings/_ldap_settings.html.erb

@@ -10,7 +10,7 @@
   <p><%= f.text_field :groupname_pattern, :size => 50 %></p>
   <p><%= f.text_field :group_search_filter, :size => 50  %></p>
 
-  <p><%= f.text_field :account_disabled_test, :size => 50 %></p>
+  <p><%= f.text_field :account_locked_test, :size => 50 %></p>
   <p><%= f.select :group_membership, options_for_group_membeship %></p>
   <p><%= f.select :nested_groups, options_for_nested_groups %></p>
 

app/views/ldap_settings/test.text.erb

@@ -12,13 +12,13 @@
     <%= @test.user_changes[:enabled].to_a.inspect %>
 <% if @ldap_setting.has_account_flags? -%>
 
-<%=l :label_users_disabled_by_flag %>: <%=l :label_a_total_of, @test.user_changes[:disabled].size %>
-    <%= @test.user_changes[:disabled].to_a.inspect %>
+<%=l :label_users_locked_by_flag %>: <%=l :label_a_total_of, @test.user_changes[:locked].size %>
+    <%= @test.user_changes[:locked].to_a.inspect %>
 <% end -%>
 <% if @ldap_setting.has_required_group? -%>
 
-<%=l :label_users_disabled_by_group %>: <%=l :label_a_total_of, @test.users_disabled_by_group.size %>
-    <%= @test.users_disabled_by_group.inspect %>
+<%=l :label_users_locked_by_group %>: <%=l :label_a_total_of, @test.users_locked_by_group.size %>
+    <%= @test.users_locked_by_group.inspect %>
 <% end -%>
 <% if @ldap_setting.has_admin_group? -%>
 

config/Gemfile.travis

@@ -1,4 +1,5 @@
 group :test do
+  gem 'chromedriver-helper', '~> 1.1'
   if RUBY_VERSION >= '2.0'
     gem 'coveralls', :require => false
   elsif RUBY_VERSION < '1.9'

config/base_settings.yml

@@ -2,7 +2,7 @@ active_directory:
   name: Active Directory
   class_user: user
   class_group: group
-  account_disabled_test: "flags.to_i & 2 != 0"
+  account_locked_test: "flags.to_i & 2 != 0"
   group_membership: on_members
   nested_groups: ""
   groupname: samaccountname
@@ -13,7 +13,7 @@ active_directory_nested:
   name: Active Directory (with nested groups)
   class_user: user
   class_group: group
-  account_disabled_test: "flags.to_i & 2 != 0"
+  account_locked_test: "flags.to_i & 2 != 0"
   group_membership: on_members
   nested_groups: on_parents
   groupname: samaccountname
@@ -51,7 +51,7 @@ samba_ldap:
   name: Samba LDAP
   class_user: sambaSamAccount
   class_group: sambaGroupMapping
-  account_disabled_test: "flags.include? 'D'"
+  account_locked_test: "flags.include? 'D'"
   group_membership: on_groups
   groupname: cn
   account_flags: sambaAcctFlags

config/locales/de.yml

@@ -15,8 +15,8 @@ de:
   label_not_found: "Not found"
   label_users_enabled: "Users enabled"
   label_a_total_of: "a total of %{count}"
-  label_users_disabled_by_flag: "Users disabled by flag"
-  label_users_disabled_by_group: "Users disabled by group"
+  label_users_locked_by_flag: "Users locked by flag"
+  label_users_locked_by_group: "Users locked by group"
   label_admin_users: "Admin users"
   label_dynamic_grous: "Dynamic groups"
   label_ldap_attributes_on_a_user: "LDAP attributes on a user"
@@ -45,7 +45,7 @@ de:
   field_class_user: "Benutzerobjektklasse"
   field_users_search_scope: "Users search scope"
   field_class_group: "Gruppenobjektklasse"
-  field_account_disabled_test: "Account Deaktivierungsbedingung"
+  field_account_locked_test: "Account Deaktivierungsbedingung"
 
   field_groupname_pattern: "Regular Expression für den Gruppenfilter"
   field_group_search_filter: "Gruppensuchfilfer"

config/locales/en.yml

@@ -15,8 +15,8 @@ en:
   label_not_found: "Not found"
   label_users_enabled: "Users enabled"
   label_a_total_of: "a total of %{count}"
-  label_users_disabled_by_flag: "Users disabled by flag"
-  label_users_disabled_by_group: "Users disabled by group"
+  label_users_locked_by_flag: "Users locked by flag"
+  label_users_locked_by_group: "Users locked by group"
   label_admin_users: "Admin users"
   label_dynamic_groups: "Dynamic groups"
   label_ldap_attributes_on_a_user: "LDAP attributes on a user"
@@ -45,7 +45,7 @@ en:
   field_class_user: "Users objectclass"
   field_users_search_scope: "Users search scope"
   field_class_group: "Groups objectclass"
-  field_account_disabled_test: "Account disabled test"
+  field_account_locked_test: "Account disabled test"
 
   field_groupname_pattern: "Group name pattern"
   field_group_search_filter: "Group search filter"

config/locales/es.yml

@@ -15,8 +15,8 @@ es:
   label_not_found: "No encontrado"
   label_users_enabled: "Usuarios activos"
   label_a_total_of: "un total de %{count}"
-  label_users_disabled_by_flag: "Usuarios inhabilitados por indicadores"
-  label_users_disabled_by_group: "Usuarios inhabilitados por grupo"
+  label_users_locked_by_flag: "Usuarios inhabilitados por indicadores"
+  label_users_locked_by_group: "Usuarios inhabilitados por grupo"
   label_admin_users: "Administradores redmine"
   label_dynamic_grous: "Grupos dinámicos"
   label_ldap_attributes_on_a_user: "Atributos LDAP en un usuario"
@@ -45,7 +45,7 @@ es:
   field_class_user: "Objectclass de usuarios"
   field_users_search_scope: "Ámbito de búsqueda de usuarios"
   field_class_group: "Objectclass de grupos"
-  field_account_disabled_test: "Prueba de cuenta inhabilitada"
+  field_account_locked_test: "Prueba de cuenta inhabilitada"
 
   field_groupname_pattern: "Filtro regex de grupos"
   field_group_search_filter: "Filtro de búsqueda de grupos"

config/locales/fr.yml

@@ -15,8 +15,8 @@
   label_not_found: "Pas trouvé"
   label_users_enabled: "Utilisateurs activés"
   label_a_total_of: "un total de %{count}"
-  label_users_disabled_by_flag: "Utilisateurs désactivés par statut"
-  label_users_disabled_by_group: "Utilisateurs désactivés par groupes"
+  label_users_locked_by_flag: "Utilisateurs désactivés par statut"
+  label_users_locked_by_group: "Utilisateurs désactivés par groupes"
   label_admin_users: "Administrateurs"
   label_dynamic_groups: "Groupes Dynamiques"
   label_ldap_attributes_on_a_user: "Attributs LDAP sur un utilisateur"
@@ -45,7 +45,7 @@
   field_class_user: "Utilisateurs objectclass"
   field_users_search_scope: "Profondeur de la recherche des utilisateurs"
   field_class_group: "Groupes objectclass"
-  field_account_disabled_test: "Compte désactivé test"
+  field_account_locked_test: "Compte désactivé test"
 
   field_groupname_pattern: "Modèle de nom de groupe"
   field_group_search_filter: "Filtre de recherche de groupes"

config/locales/ja.yml

@@ -15,8 +15,8 @@ ja:
   label_not_found: "見つかりません" # "Not found"
   label_users_enabled: "有効ユーザー" # "Users enabled"
   label_a_total_of: "%{count} 個" # "a total of %{count}"
-  label_users_disabled_by_flag: "フラグによって無効化されたユーザー" # "Users disabled by flag"
-  label_users_disabled_by_group: "グループによって無効化されたユーザー"
+  label_users_locked_by_flag: "フラグによって無効化されたユーザー" # "Users disabled by flag"
+  label_users_locked_by_group: "グループによって無効化されたユーザー"
   label_admin_users: "管理者" # "Admin users"
   label_dynamic_groups: "ダイナミックグループ" # "Dynamic groups"
   label_ldap_attributes_on_a_user: "ユーザー中に在るLDAP属性" # "LDAP attributes on a user"
@@ -45,7 +45,7 @@ ja:
   field_class_user: "ユーザー オブジェクトクラス" # "Users objectclass"
   field_users_search_scope: "Users search scope"
   field_class_group: "グループ オブジェクトクラス" # "Groups objectclass"
-  field_account_disabled_test: "無効アカウントの判別方法" # "Account disabled test"
+  field_account_locked_test: "無効アカウントの判別方法" # "Account disabled test"
 
   field_groupname_pattern: "グループネームパターン" # "Group name pattern"
   field_group_search_filter: "グループフィルター" # "Group search filter"

config/locales/nl.yml

@@ -15,8 +15,8 @@ nl:
   label_not_found: "Niet gevonden"
   label_users_enabled: "Ingeschakelde gebruikers"
   label_a_total_of: "een totaal van %{count}"
-  label_users_disabled_by_flag: "Gebruikers uitgeschakeld door vlag"
-  label_users_disabled_by_group: "Gebruikers uitgeschakeld door groep"
+  label_users_locked_by_flag: "Gebruikers uitgeschakeld door vlag"
+  label_users_locked_by_group: "Gebruikers uitgeschakeld door groep"
   label_admin_users: "Beheerders"
   label_dynamic_groups: "Dynamische groepen"
   label_ldap_attributes_on_a_user: "LDAP-attributen voor een gebruiker"
@@ -45,7 +45,7 @@ nl:
   field_class_user: "ObjectClass gebruikers"
   field_users_search_scope: "Zoekbereik gebruikers"
   field_class_group: "ObjectClass groepen"
-  field_account_disabled_test: "Gebruikersaccount uitgeschakeld test"
+  field_account_locked_test: "Gebruikersaccount uitgeschakeld test"
 
   field_groupname_pattern: "Groepsnaam-patroon"
   field_group_search_filter: "Zoekfilter groepen"

config/locales/pl.yml

@@ -15,8 +15,8 @@ pl:
   label_not_found: "Nie znaleziono"
   label_users_enabled: "Włączeni użytkownicy"
   label_a_total_of: "łącznie %{count}"
-  label_users_disabled_by_flag: "Użytkownicy wyłączeni poprzez flagi"
-  label_users_disabled_by_group: "Użytkownicy wyłączeni przez grupy"
+  label_users_locked_by_flag: "Użytkownicy wyłączeni poprzez flagi"
+  label_users_locked_by_group: "Użytkownicy wyłączeni przez grupy"
   label_admin_users: "Administratorzy"
   label_dynamic_groups: "Dynamiczne grupy"
   label_ldap_attributes_on_a_user: "Atrybuty LDAP użytkownika"
@@ -45,7 +45,7 @@ pl:
   field_class_user: "ObjectClass użytkowników"
   field_users_search_scope: "Ścieżka szukania użytkowników"
   field_class_group: "ObjectClass grup"
-  field_account_disabled_test: "Test na konto wyłączone"
+  field_account_locked_test: "Test na konto wyłączone"
 
   field_groupname_pattern: "Wzór nazwy grup"
   field_group_search_filter: "Filtr szukania grup"

config/locales/pt.yml

@@ -15,8 +15,8 @@ pt:
   label_not_found: "Não encontrado"
   label_users_enabled: "Utilizadores activos"
   label_a_total_of: "no total de %{count}"
-  label_users_disabled_by_flag: "Utilizadores inactivos por flag"
-  label_users_disabled_by_group: "Utilizadores inactivos por grupo"
+  label_users_locked_by_flag: "Utilizadores inactivos por flag"
+  label_users_locked_by_group: "Utilizadores inactivos por grupo"
   label_admin_users: "Administradores redmine"
   label_dynamic_grous: "Grupos dinâmicos"
   label_ldap_attributes_on_a_user: "Atributos LDAP num utilizador"
@@ -45,7 +45,7 @@ pt:
   field_class_user: "Objectclass de utilizadores"
   field_users_search_scope: "Âmbito da pesquisa de utilizadores"
   field_class_group: "Objectclass de grupos"
-  field_account_disabled_test: "Teste de conta desactivada"
+  field_account_locked_test: "Teste de conta desactivada"
 
   field_groupname_pattern: "Filtro regex de grupos"
   field_group_search_filter: "Filtro de pesquisa de grupos"

config/locales/ru.yml

@@ -15,8 +15,8 @@ ru:
   label_not_found: "Не найден"
   label_users_enabled: "пользователей разблокировано"
   label_a_total_of: "Всего %{count}"
-  label_users_disabled_by_flag: "пользователей заблокировано по флагу"
-  label_users_disabled_by_group: "пользователей заблокировано по группе"
+  label_users_locked_by_flag: "пользователей заблокировано по флагу"
+  label_users_locked_by_group: "пользователей заблокировано по группе"
   label_admin_users: "Администраторы"
   label_dynamic_groups: "Динамические группы"
   label_ldap_attributes_on_a_user: "Атрибуты LDAP пользователя"
@@ -45,7 +45,7 @@ ru:
   field_class_user: "objectclass пользователей"
   field_users_search_scope: "Users search scope"
   field_class_group: "objectclass групп"
-  field_account_disabled_test: "Проверка заблокированности учетной записи"
+  field_account_locked_test: "Проверка заблокированности учетной записи"
 
   field_groupname_pattern: "Шаблон имени группы"
   field_group_search_filter: "Фильтр поиска групп"

db/migrate/20170524063056_rename_account_disabled_test.rb

@@ -0,0 +1,31 @@
+class RenameAccountDisabledTest < ActiveRecord::Migration[4.2]
+  def self.up
+    all_settings = Setting.plugin_redmine_ldap_sync
+    return unless all_settings
+
+    AuthSourceLdap.all.each do |as|
+      settings = all_settings[as.id]
+
+      say_with_time "Updating settings for '#{as.name}'" do
+        settings[:account_locked_test] = settings[:account_disabled_test]
+        settings.delete(:account_disabled_test)
+        Setting.plugin_redmine_ldap_sync = all_settings
+      end if settings
+    end
+  end
+
+  def self.down
+    all_settings = Setting.plugin_redmine_ldap_sync
+    return unless all_settings
+
+    AuthSourceLdap.all.each do |as|
+      settings = all_settings[as.id]
+
+      say_with_time "Updating settings for '#{as.name}'" do
+        settings[:account_disabled_test] = settings[:account_locked_test]
+        settings.delete(:account_locked_test)
+        Setting.plugin_redmine_ldap_sync = all_settings
+      end if settings
+    end
+  end
+end