Filter users by tenant, add tenant ids to demo users

services/auth-basic/pkg/config/config.go

@@ -84,6 +84,7 @@ type LDAPProvider struct {
 
 type LDAPUserSchema struct {
 	ID              string `yaml:"id" env:"OC_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"1.0.0"`
+	TenantID        string `yaml:"tenant_id" env:"OC_LDAP_USER_SCHEMA_TENANT_ID;AUTH_BASIC_LDAP_USER_SCHEMA_TENANT_ID" desc:"LDAP Attribute to use for the tenant ID of users. This is used to identify the tenant of a user in a multi-tenant environment." introductionVersion:"%%NEXT%%"`
 	IDIsOctetString bool   `yaml:"id_is_octet_string" env:"OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user IDs." introductionVersion:"1.0.0"`
 	Mail            string `yaml:"mail" env:"OC_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"1.0.0"`
 	DisplayName     string `yaml:"display_name" env:"OC_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"1.0.0"`

services/auth-basic/pkg/revaconfig/config.go

@@ -77,6 +77,7 @@ func ldapConfigFromString(cfg config.LDAPProvider) map[string]interface{} {
 		"idp":                     cfg.IDP,
 		"user_schema": map[string]interface{}{
 			"id":              cfg.UserSchema.ID,
+			"tenantId":        cfg.UserSchema.TenantID,
 			"idIsOctetString": cfg.UserSchema.IDIsOctetString,
 			"mail":            cfg.UserSchema.Mail,
 			"displayName":     cfg.UserSchema.DisplayName,