Add LDAP_USER_ATTRIBUTE_*

This will add misssing options to configure LDAP_USER_ATTRIBUTES

These will fix several Issues and merge multiple merge requests.

Fixes sameersbn#699
Fixes sameersbn#1746
Fixes sameersbn#1814

Signed-off-by: solidnerd <niclas@mietz.io>

README.md

@@ -1003,6 +1003,11 @@ Below is the complete list of available options that can be used to customize yo
 | `LDAP_BLOCK_AUTO_CREATED_USERS` | Locks down those users until they have been cleared by the admin. Defaults to `false`. |
 | `LDAP_BASE` | Base where we can search for users. No default. |
 | `LDAP_USER_FILTER` | Filter LDAP users. No default. |
+| `LDAP_USER_ATTRIBUTE_USERNAME` | Attribute fields for the identification of a user. Default to `['uid', 'userid', 'sAMAccountName']` |
+| `LDAP_USER_ATTRIBUTE_MAIL` | Attribute fields for the shown mail address. Default to `['mail', 'email', 'userPrincipalName']` |
+| `LDAP_USER_ATTRIBUTE_NAME` | Attribute field for the used username of a user. Default to `cn`. |
+| `LDAP_USER_ATTRIBUTE_FIRSTNAME` | Attribute field for the forename of a user. Default to `givenName` |
+| `LDAP_USER_ATTRIBUTE_LASTNAME` |  Attribute field for the surname of a user. Default to `sn` |
 | `LDAP_LOWERCASE_USERNAMES` | GitLab will lower case the username for the LDAP Server. Defaults to `false` |
 | `OAUTH_ENABLED` | Enable OAuth support. Defaults to `true` if any of the support OAuth providers is configured, else defaults to `false`. |
 | `OAUTH_AUTO_SIGN_IN_WITH_PROVIDER` | Automatically sign in with a specific OAuth provider without showing GitLab sign-in page. Accepted values are `cas3`, `github`, `bitbucket`, `gitlab`, `google_oauth2`, `facebook`, `twitter`, `saml`, `crowd`, `auth0` and `azure_oauth2`. No default. |

assets/runtime/config/gitlabhq/gitlab.yml

@@ -395,15 +395,15 @@ production: &base
           # them in issues, merge request and comments (like `@username`).
           # If the attribute specified for `username` contains an email address,
           # the GitLab username will be the part of the email address before the '@'.
-          username: ['uid', 'userid', 'sAMAccountName']
-          email:    ['mail', 'email', 'userPrincipalName']
+          username: {{LDAP_USER_ATTRIBUTE_USERNAME}}
+          email: {{LDAP_USER_ATTRIBUTE_MAIL}}
 
           # If no full name could be found at the attribute specified for `name`,
           # the full name is determined using the attributes specified for
           # `first_name` and `last_name`.
-          name:       'cn'
-          first_name: 'givenName'
-          last_name:  'sn'
+          name: '{{LDAP_USER_ATTRIBUTE_NAME}}'
+          first_name: '{{LDAP_USER_ATTRIBUTE_FIRSTNAME}}'
+          last_name: '{{LDAP_USER_ATTRIBUTE_LASTNAME}}'
 
           # If lowercase_usernames is enabled, GitLab will lower case the username.
           lowercase_usernames: {{LDAP_LOWERCASE_USERNAMES}}

assets/runtime/env-defaults

@@ -285,6 +285,11 @@ LDAP_ACTIVE_DIRECTORY=${LDAP_ACTIVE_DIRECTORY:-true}
 LDAP_BLOCK_AUTO_CREATED_USERS=${LDAP_BLOCK_AUTO_CREATED_USERS:-false}
 LDAP_BASE=${LDAP_BASE:-}
 LDAP_USER_FILTER=${LDAP_USER_FILTER:-}
+LDAP_USER_ATTRIBUTE_USERNAME=${LDAP_USER_ATTRIBUTE_USERNAME:-['uid', 'userid', 'sAMAccountName']}
+LDAP_USER_ATTRIBUTE_MAIL=${LDAP_USER_ATTRIBUTE_MAIL:-['mail', 'email', 'userPrincipalName']}
+LDAP_USER_ATTRIBUTE_NAME=${LDAP_USER_ATTRIBUTE_NAME:-cn}
+LDAP_USER_ATTRIBUTE_FIRSTNAME=${LDAP_USER_ATTRIBUTE_FIRSTNAME:-givenName}
+LDAP_USER_ATTRIBUTE_LASTNAME=${LDAP_USER_ATTRIBUTE_LASTNAME:-sn}
 LDAP_LOWERCASE_USERNAMES="${LDAP_LOWERCASE_USERNAMES:-false}"
 LDAP_LABEL=${LDAP_LABEL:-LDAP}
 LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-}

assets/runtime/functions

@@ -463,6 +463,11 @@ gitlab_configure_ldap() {
     LDAP_BASE \
     LDAP_USER_FILTER \
     LDAP_LOWERCASE_USERNAMES \
+    LDAP_USER_ATTRIBUTE_USERNAME \
+    LDAP_USER_ATTRIBUTE_MAIL \
+    LDAP_USER_ATTRIBUTE_NAME \
+    LDAP_USER_ATTRIBUTE_FIRSTNAME \
+    LDAP_USER_ATTRIBUTE_LASTNAME \
     LDAP_LABEL
 }