@@ -10,17 +10,22 @@ import (
10
10
)
11
11
12
12
// SyncLdapGroupsToTeams maps LDAP groups to organization and team memberships
13
- func (source * Source ) SyncLdapGroupsToTeams (user * models.User , ldapTeamAdd map [string ][]string , ldapTeamRemove map [string ][]string ) {
13
+ func (source * Source ) SyncLdapGroupsToTeams (user * models.User , ldapTeamAdd map [string ][]string , ldapTeamRemove map [string ][]string , orgCache map [string ]* models.User , teamCache map [string ]* models.Team ) {
14
+ var err error
14
15
if source .TeamGroupMapRemoval {
15
16
// when the user is not a member of configs LDAP group, remove mapped organizations/teams memberships
16
- removeMappedMemberships (user , ldapTeamRemove )
17
+ removeMappedMemberships (user , ldapTeamRemove , orgCache , teamCache )
17
18
}
18
19
for orgName , teamNames := range ldapTeamAdd {
19
- org , err := models .GetOrgByName (orgName )
20
- if err != nil {
21
- // organization must be created before LDAP group sync
22
- log .Debug ("LDAP group sync: Could not find organisation %s: %v" , orgName , err )
23
- continue
20
+ org , ok := orgCache [orgName ]
21
+ if ! ok {
22
+ org , err = models .GetOrgByName (orgName )
23
+ if err != nil {
24
+ // organization must be created before LDAP group sync
25
+ log .Debug ("LDAP group sync: Could not find organisation %s: %v" , orgName , err )
26
+ continue
27
+ }
28
+ orgCache [orgName ] = org
24
29
}
25
30
if isMember , err := models .IsOrganizationMember (org .ID , user .ID ); ! isMember && err == nil {
26
31
log .Trace ("LDAP group sync: adding user [%s] to organization [%s]" , user .Name , org .Name )
@@ -31,18 +36,22 @@ func (source *Source) SyncLdapGroupsToTeams(user *models.User, ldapTeamAdd map[s
31
36
}
32
37
}
33
38
for _ , teamName := range teamNames {
34
- team , err := org .GetTeam (teamName )
35
- if err != nil {
36
- // team must be created before LDAP group sync
37
- log .Debug ("LDAP group sync: Could not find team %s: %v" , teamName , err )
38
- continue
39
+ team , ok := teamCache [orgName + teamName ]
40
+ if ! ok {
41
+ team , err = org .GetTeam (teamName )
42
+ if err != nil {
43
+ // team must be created before LDAP group sync
44
+ log .Debug ("LDAP group sync: Could not find team %s: %v" , teamName , err )
45
+ continue
46
+ }
47
+ teamCache [orgName + teamName ] = team
39
48
}
40
49
if isMember , err := models .IsTeamMember (org .ID , team .ID , user .ID ); ! isMember && err == nil {
41
50
log .Trace ("LDAP group sync: adding user [%s] to team [%s]" , user .Name , org .Name )
42
51
} else {
43
52
continue
44
53
}
45
- err = team .AddMember (user .ID )
54
+ err : = team .AddMember (user .ID )
46
55
if err != nil {
47
56
log .Error ("LDAP group sync: Could not add user to team: %v" , err )
48
57
}
@@ -53,21 +62,29 @@ func (source *Source) SyncLdapGroupsToTeams(user *models.User, ldapTeamAdd map[s
53
62
// remove membership to organizations/teams if user is not member of corresponding LDAP group
54
63
// e.g. lets assume user is member of LDAP group "x", but LDAP group team map contains LDAP groups "x" and "y"
55
64
// then users membership gets removed for all organizations/teams mapped by LDAP group "y"
56
- func removeMappedMemberships (user * models.User , ldapTeamRemove map [string ][]string ) {
65
+ func removeMappedMemberships (user * models.User , ldapTeamRemove map [string ][]string , orgCache map [string ]* models.User , teamCache map [string ]* models.Team ) {
66
+ var err error
57
67
for orgName , teamNames := range ldapTeamRemove {
58
- org , err := models .GetOrgByName (orgName )
59
- if err != nil {
60
- // organization must be created before LDAP group sync
61
- log .Debug ("LDAP group sync: Could not find organisation %s: %v" , orgName , err )
62
- continue
63
- }
64
- for _ , teamName := range teamNames {
65
- team , err := org .GetTeam (teamName )
68
+ org , ok := orgCache [orgName ]
69
+ if ! ok {
70
+ org , err = models .GetOrgByName (orgName )
66
71
if err != nil {
67
- // team must must be created before LDAP group sync
68
- log .Debug ("LDAP group sync: Could not find team %s: %v" , teamName , err )
72
+ // organization must be created before LDAP group sync
73
+ log .Debug ("LDAP group sync: Could not find organisation %s: %v" , orgName , err )
69
74
continue
70
75
}
76
+ orgCache [orgName ] = org
77
+ }
78
+ for _ , teamName := range teamNames {
79
+ team , ok := teamCache [orgName + teamName ]
80
+ if ! ok {
81
+ team , err = org .GetTeam (teamName )
82
+ if err != nil {
83
+ // team must must be created before LDAP group sync
84
+ log .Debug ("LDAP group sync: Could not find team %s: %v" , teamName , err )
85
+ continue
86
+ }
87
+ }
71
88
if isMember , err := models .IsTeamMember (org .ID , team .ID , user .ID ); isMember && err == nil {
72
89
log .Trace ("LDAP group sync: removing user [%s] from team [%s]" , user .Name , org .Name )
73
90
} else {
0 commit comments