lint fixes

2025-12-20 10:19:50 -06:00 · 2025-12-01 21:56:57 -08:00
parent 2cc46c6441
commit ddb176ed87
8 changed files with 26 additions and 27 deletions
--- a/app/actions/sso/create_teams_in_account.rb
+++ b/app/actions/sso/create_teams_in_account.rb
@@ -8,4 +8,4 @@ class SSO::CreateTeamsInAccount
      context.account.teams.find_or_create_by!(name: team_hash[:name])
    end
  end
-end
+end
--- a/app/actions/sso/sync_teams.rb
+++ b/app/actions/sso/sync_teams.rb
@@ -9,4 +9,4 @@ class SSO::SyncTeams
      TeamMembership.find_or_create_by!(user: context.user, team:)
    end
  end
-end
+end
--- a/app/actions/sso/sync_user_teams.rb
+++ b/app/actions/sso/sync_user_teams.rb
@@ -7,4 +7,4 @@ class SSO::SyncUserTeams
      SSO::SyncTeams,
    )
  end
-end
+end
--- a/app/models/sso_provider.rb
+++ b/app/models/sso_provider.rb
@@ -29,7 +29,7 @@ class SSOProvider < ApplicationRecord

  enum :team_provisioning_mode, {
    disabled: 0,
-    just_in_time: 1,
+    just_in_time: 1
    # scim: 2
  }

--- a/app/services/ldap/authenticator.rb
+++ b/app/services/ldap/authenticator.rb
@@ -198,7 +198,7 @@ module LDAP

    def fetch_group_membership(user_entry)
      reader_ldap = build_reader_connection
-    
+
      unless reader_ldap.bind
        if config.allow_anonymous_reads?
          logger.warn "LDAP group lookup: anonymous/reader bind failed: #{reader_ldap.get_operation_result.message}"
@@ -207,55 +207,54 @@ module LDAP
        end
        return []
      end
-    
+
      groups = []
-    
+
      # From the entry
      dn_from_entry = user_entry.dn
-    
+
      uid_attr = config.uid_attribute.presence || 'uid'
      uid_val  = Array(user_entry[uid_attr]).first
-    
+
      # This is the DN your groups seem to be using:
      #   uid=czhu,dc=example,dc=org
      dn_from_uid = if uid_val.present?
        "#{uid_attr}=#{uid_val},#{config.base_dn}"
      end
-    
+
      member_filters = []
-    
+
      # Try DN from entry (cn=... case)
      member_filters << Net::LDAP::Filter.eq('member', dn_from_entry) if dn_from_entry.present?
-    
+
      # Try DN built from uid (uid=... case – this is the one that works for you)
      member_filters << Net::LDAP::Filter.eq('member', dn_from_uid) if dn_from_uid.present?
-    
+
      # Try memberUid=uid (posixGroup style)
      member_filters << Net::LDAP::Filter.eq('memberUid', uid_val) if uid_val.present?
-    
+
      # If for some reason we have no filters, bail out
      return [] if member_filters.empty?
-    
+
      member_filter = member_filters.reduce do |memo, f|
        memo | f
      end
-    
+
      group_filter  = Net::LDAP::Filter.eq('objectClass', 'groupOfNames') |
                      Net::LDAP::Filter.eq('objectClass', 'groupOfUniqueNames') |
                      Net::LDAP::Filter.eq('objectClass', 'posixGroup')
-    
+
      combined_filter = group_filter & member_filter
-    
+
      reader_ldap.search(base: config.base_dn, filter: combined_filter) do |entry|
        groups << { name: entry.cn.first }
      end
-    
+
      logger.info "Found #{groups.size} LDAP groups for user #{dn_from_entry}"
      groups
    rescue => e
      logger.error "LDAP group lookup error for #{dn_from_entry}: #{e.class}: #{e.message}"
      []
    end
-
  end
 end
--- a/lib/devise/strategies/ldap_authenticatable.rb
+++ b/lib/devise/strategies/ldap_authenticatable.rb
@@ -8,16 +8,16 @@ module Devise
        # basic shape check
        user_params = params[:user]
        return false unless user_params.is_a?(ActionController::Parameters) || user_params.is_a?(Hash)
-      
+
        username = user_params[:username].presence
        password = user_params[:password].presence
-      
+
        return false if username.blank? || password.blank?
-      
+
        # make sure this slug maps to an LDAP-enabled account
        begin
          account = Account.friendly.find(params[:slug])
-      
+
          return false unless account&.sso_enabled?
          sso_provider = account.sso_provider
          return false unless sso_provider&.ldap?
@@ -25,7 +25,7 @@ module Devise
          # bad slug → this strategy is not applicable
          return false
        end
-      
+
        true
      end

--- a/spec/actions/sso/create_teams_in_account_spec.rb
+++ b/spec/actions/sso/create_teams_in_account_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe SSO::CreateTeamsInAccount do
    it 'creates only teams that do not already exist' do
      create(:team, account: account, name: 'Engineering')

-      result = described_class.execute(account: account, team_names: [{ name: 'Engineering' }, { name: 'Design' }])
+      result = described_class.execute(account: account, team_names: [ { name: 'Engineering' }, { name: 'Design' } ])

      expect(result).to be_success
      expect(account.teams.pluck(:name)).to match_array(%w[Engineering Design])
--- a/spec/actions/sso/sync_user_teams_spec.rb
+++ b/spec/actions/sso/sync_user_teams_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe SSO::SyncUserTeams do
    it 'creates user, teams, and team memberships' do
      create(:team, account: account, name: 'Existing')

-      result = described_class.call('new@example.com', [{ name: 'Existing' }, { name: 'NewTeam' }], account)
+      result = described_class.call('new@example.com', [ { name: 'Existing' }, { name: 'NewTeam' } ], account)

      expect(result).to be_success
      expect(result.user.email).to eq('new@example.com')