Merge remote-tracking branch 'origin/release/10.5' into release/10.6

5 years ago · 6f19b9334e
parent 7fa37398a0 9bf6de699d
commit 6f19b9334e
4 changed files with 102 additions and 22 deletions
--- a/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb
+++ b/modules/auth_plugins/lib/open_project/plugins/auth_plugin.rb
@ -51,7 +51,9 @@ module OpenProject::Plugins
    end

    def self.providers
-      filtered_strategies strategies.values.flatten.map(&:call).flatten.map(&:to_hash)
+      RequestStore.fetch(:openproject_omniauth_filtered_strategies) do
+        filtered_strategies strategies.values.flatten.map(&:call).flatten.map(&:to_hash)
+      end
    end

    def self.filtered_strategies(options)
--- a/modules/auth_saml/lib/open_project/auth_saml/engine.rb
+++ b/modules/auth_saml/lib/open_project/auth_saml/engine.rb
@ -1,6 +1,41 @@
 require 'omniauth-saml'
 module OpenProject
  module AuthSaml
+    def self.configuration
+      RequestStore.fetch(:openproject_omniauth_saml_provider) do
+        @saml_settings ||= load_global_settings!
+        @saml_settings.deep_merge(settings_from_db)
+      end
+    end
+
+    ##
+    # Loads the settings once to avoid accessing the file in each request
+    def self.load_global_settings!
+       Hash(settings_from_config || settings_from_yaml).with_indifferent_access
+    end
+
+    def self.settings_from_db
+      value = Hash(Setting.plugin_openproject_auth_saml).with_indifferent_access[:providers]
+
+      value.is_a?(Hash) ? value : {}
+    end
+
+    def self.settings_from_config
+      if OpenProject::Configuration['saml'].present?
+        Rails.logger.info("[auth_saml] Registering saml integration from configuration.yml")
+
+        OpenProject::Configuration['saml']
+      end
+    end
+
+    def self.settings_from_yaml
+      if (settings = Rails.root.join('config', 'plugins', 'auth_saml', 'settings.yml')).exist?
+        Rails.logger.info("[auth_saml] Registering saml integration from settings file")
+
+        YAML::load(File.open(settings)).symbolize_keys
+      end
+    end
+
    class Engine < ::Rails::Engine
      engine_name :openproject_auth_saml

@ -9,7 +44,8 @@ module OpenProject

      register 'openproject-auth_saml',
               author_url: 'https://github.com/finnlabs/openproject-auth_saml',
-               bundled: true
+               bundled: true,
+               settings: { default: { "providers" => nil }}

      assets %w(
        auth_saml/**
@ -31,27 +67,15 @@ module OpenProject
      end

      register_auth_providers do
-        configuration = if OpenProject::Configuration['saml'].present?
-                          Rails.logger.info("[auth_saml] Registering saml integration from configuration.yml")
-
-                          OpenProject::Configuration['saml']
-                        elsif (settings = Rails.root.join('config', 'plugins', 'auth_saml', 'settings.yml')).exist?
-                          Rails.logger.info("[auth_saml] Registering saml integration from settings file")
-
-                          YAML::load(File.open(settings)).symbolize_keys
-                        end
-
-        if configuration
-          strategy :saml do
-            configuration.values.map do |h|
-              h[:openproject_attribute_map] = Proc.new do |auth|
-                {
-                  login: auth[:uid],
-                  admin: (auth.info['admin'].to_s.downcase == "true")
-                }
-              end
-              h.symbolize_keys
+        strategy :saml do
+          OpenProject::AuthSaml.configuration.values.map do |h|
+            h[:openproject_attribute_map] = Proc.new do |auth|
+              {
+                login: auth[:uid],
+                admin: (auth.info['admin'].to_s.downcase == "true")
+              }
            end
+            h.symbolize_keys
          end
        end
      end
--- a/modules/auth_saml/spec/lib/open_project/auth_saml_spec.rb
+++ b/modules/auth_saml/spec/lib/open_project/auth_saml_spec.rb
@ -0,0 +1,52 @@
+require File.dirname(__FILE__) + '/../../spec_helper'
+require 'open_project/auth_saml'
+
+describe OpenProject::AuthSaml do
+  describe ".configuration" do
+    let(:config) { OpenProject::AuthSaml.configuration }
+
+    context(
+      "with configuration",
+      with_config: {
+        saml: {
+          my_saml: {
+            name: "saml",
+            display_name: "My SSO"
+          }
+        }
+      }
+    ) do
+      it "contains the configuration from OpenProject::Configuration (or settings.yml) by default" do
+        expect(config[:my_saml][:name]).to eq 'saml'
+        expect(config[:my_saml][:display_name]).to eq 'My SSO'
+      end
+
+      context(
+        "with settings override from database",
+        with_settings: {
+          plugin_openproject_auth_saml: {
+            providers: {
+              my_saml: {
+                display_name: "Your SSO"
+              },
+              new_saml: {
+                name: "new_saml",
+                display_name: "Another SAML"
+              }
+            }
+          }
+        }
+      ) do
+        it "overrides the existing configuration where defined" do
+          expect(config[:my_saml][:name]).to eq 'saml'
+          expect(config[:my_saml][:display_name]).to eq 'Your SSO'
+        end
+
+        it "defines new providers if given" do
+          expect(config[:new_saml][:name]).to eq 'new_saml'
+          expect(config[:new_saml][:display_name]).to eq 'Another SAML'
+        end
+      end
+    end
+  end
+end
--- a/modules/auth_saml/spec/spec_helper.rb
+++ b/modules/auth_saml/spec/spec_helper.rb
@ -0,0 +1,2 @@
+# -- load spec_helper from OpenProject core
+require "spec_helper"