(migration) Add ldap and google to provider whitelist (#5306)

* Add ldap and google to provider whitelist * Add provider rewrite to greenlight, add specs
bigbluebutton · Jul 5, 2023 · d25819b · d25819b
1 parent c745c11
commit d25819b
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/app/controllers/api/v1/migrations/external_controller.rb b/app/controllers/api/v1/migrations/external_controller.rb
@@ -83,12 +83,15 @@ def create_role
         def create_user
           user_hash = user_params.to_h
 
+          # Re-write LDAP and Google to greenlight
+          user_hash[:provider] = %w[greenlight ldap google].include?(user_hash[:provider]) ? 'greenlight' : user_hash[:provider]
+
           # Returns an error if the provider does not exist
           unless user_hash[:provider] == 'greenlight' || Tenant.exists?(name: user_hash[:provider])
             return render_error(status: :bad_request, errors: 'Provider does not exist')
           end
 
-          return render_data status: :created if User.exists? email: user_hash[:email], provider: user_hash[:provider]
+          return render_data status: :created if User.exists?(email: user_hash[:email], provider: user_hash[:provider])
 
           user_hash[:language] = I18n.default_locale if user_hash[:language].blank? || user_hash[:language] == 'default'
 

diff --git a/spec/controllers/migrations/external_controller_spec.rb b/spec/controllers/migrations/external_controller_spec.rb
@@ -190,6 +190,28 @@
           end
         end
 
+        context 'when the provider does not exists' do
+          before { valid_user_params[:provider] = 'not_a_provider' }
+
+          it 'returns :bad_request without creating a user' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.not_to change(User, :count)
+            expect(response).to have_http_status(:bad_request)
+          end
+        end
+
+        context 'when the provider is ldap' do
+          before { valid_user_params[:provider] = 'ldap' }
+
+          it 'creates a user with the greenlight provider' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.to change(User, :count).from(0).to(1)
+            user = User.take
+            expect(user.provider).to eq('greenlight')
+            expect(response).to have_http_status(:created)
+          end
+        end
+
         context 'when external_id is present' do
           before { valid_user_params[:external_id] = 'EXTERNAL' }