Add LDAP group sync to Teams, fixes #1395 (#16299)

* Add setting for a JSON that maps LDAP groups to Org Teams. * Add log when removing or adding team members. * Sync is being run on login and periodically. * Existing group filter settings are reused. * Adding and removing team members. * Sync not existing LDAP group. * Login with broken group map JSON.
2025-07-23 02:38:35 +00:00 · 2022-02-11 15:24:58 +01:00
parent 26718a785a
commit 832ce406ae
14 changed files with 423 additions and 65 deletions
--- a/services/auth/source/ldap/README.md
+++ b/services/auth/source/ldap/README.md
@@ -120,3 +120,11 @@ share the following fields:
 * Group Attribute for User (optional)
  * Which group LDAP attribute contains an array above user attribute names.
  * Example: memberUid
+
+* Team group map (optional)
+  * Automatically add users to Organization teams, depending on LDAP group memberships.
+  * Note: this function only adds users to teams, it never removes users.
+  * Example: {"cn=MyGroup,cn=groups,dc=example,dc=org": {"MyGiteaOrganization": ["MyGiteaTeam1", "MyGiteaTeam2", ...], ...}, ...}
+
+* Team group map removal (optional)
+  * If set to true, users will be removed from teams if they are not members of the corresponding group.