From d25819bb875fa35adf3ad2a75add0ab60ddf7028 Mon Sep 17 00:00:00 2001
From: Samuel Couillard <43917914+scouillard@users.noreply.github.com>
Date: Wed, 5 Jul 2023 15:30:10 -0400
Subject: [PATCH] (migration) Add ldap and google to provider whitelist (#5306)

* Add ldap and google to provider whitelist

* Add provider rewrite to greenlight, add specs
---
 .../api/v1/migrations/external_controller.rb  |  5 ++++-
 .../migrations/external_controller_spec.rb    | 22 +++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/v1/migrations/external_controller.rb b/app/controllers/api/v1/migrations/external_controller.rb
index 2c7189de..b106ef20 100644
--- a/app/controllers/api/v1/migrations/external_controller.rb
+++ b/app/controllers/api/v1/migrations/external_controller.rb
@@ -83,12 +83,15 @@ module Api
         def create_user
           user_hash = user_params.to_h
 
+          # Re-write LDAP and Google to greenlight
+          user_hash[:provider] = %w[greenlight ldap google].include?(user_hash[:provider]) ? 'greenlight' : user_hash[:provider]
+
           # Returns an error if the provider does not exist
           unless user_hash[:provider] == 'greenlight' || Tenant.exists?(name: user_hash[:provider])
             return render_error(status: :bad_request, errors: 'Provider does not exist')
           end
 
-          return render_data status: :created if User.exists? email: user_hash[:email], provider: user_hash[:provider]
+          return render_data status: :created if User.exists?(email: user_hash[:email], provider: user_hash[:provider])
 
           user_hash[:language] = I18n.default_locale if user_hash[:language].blank? || user_hash[:language] == 'default'
 
diff --git a/spec/controllers/migrations/external_controller_spec.rb b/spec/controllers/migrations/external_controller_spec.rb
index fd6dddab..e2cf4c22 100644
--- a/spec/controllers/migrations/external_controller_spec.rb
+++ b/spec/controllers/migrations/external_controller_spec.rb
@@ -190,6 +190,28 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
           end
         end
 
+        context 'when the provider does not exists' do
+          before { valid_user_params[:provider] = 'not_a_provider' }
+
+          it 'returns :bad_request without creating a user' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.not_to change(User, :count)
+            expect(response).to have_http_status(:bad_request)
+          end
+        end
+
+        context 'when the provider is ldap' do
+          before { valid_user_params[:provider] = 'ldap' }
+
+          it 'creates a user with the greenlight provider' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.to change(User, :count).from(0).to(1)
+            user = User.take
+            expect(user.provider).to eq('greenlight')
+            expect(response).to have_http_status(:created)
+          end
+        end
+
         context 'when external_id is present' do
           before { valid_user_params[:external_id] = 'EXTERNAL' }
 
-- 
GitLab