-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes to how user mapping is handled #729
Conversation
After reviewing the full set of changes, it seems like
-@user_mapping = opts.fetch(:user_mapping, 'match')
-@user_map_match = opts.fetch(:user_map_match, ".*")
-@user_map_cmd = opts.fetch(:user_map_cmd, nil)
+@user_map_cmd = opts.fetch(:user_map_cmd, nil)
+@user_map_match = @user_map_cmd ? nil : opts.fetch(:user_map_match, ".*") And then instead of
we do
|
The benefit of getting rid of the new user_mapping setting is that existing ood portal configs will be backwards compatible since they all set user_map_cmd right now - though we can of course recommend sites to switch to user_map_match |
My only objection is this will be for OnDemand 2.0 so we are already at a breaking change release and we should move people to the more efficient method of mapping regexes. I don't think we should make a more efficient method and still support ood_auth_map regexes, offering people 2 ways to do the exact same thing when one is far better than another does not make sense to me. We should completely remove |
We can drop the old Ruby Regardless, the suggestion above provides a better admin experience for configuration: -@user_mapping = opts.fetch(:user_mapping, 'match')
-@user_map_match = opts.fetch(:user_map_match, ".*")
-@user_map_cmd = opts.fetch(:user_map_cmd, nil)
+@user_map_cmd = opts.fetch(:user_map_cmd, nil)
+@user_map_match = @user_map_cmd ? nil : opts.fetch(:user_map_match, ".*") Since you only have to do |
…through OOD_USER_MAP_MATCH environment variable
Add user_mapping and user_map_match settings to ood-portal-generator
Made those necessary adjustments. |
Moves regex user mapping to Lua.
Keeps
OOD_USER_MAP_CMD
but makes the defaultOOD_USER_MAP_MATCH
to do regex in pure Lua.New ood-portal-generator options
match
but can also becommand
.*
Makes it so
ood_auth_map
is run using ondemand SCL to ensure the we can remove the need to make Apache aware of SCL Ruby and not rely on system Ruby to launch the mapping script.Still need unit tests for Lua and maybe a unit test to validate
user_mapping
when the value iscommand
.Fixes #728