feat: ldap group acls (#590)

* wip * refactor: remove useless session struct abstraction * feat: retrieve and store groups from ldap provider * chore: fix merge issue * refactor: rework ldap group fetching logic * feat: store ldap group results in cache * fix: review nitpicks * fix: review feedback
2026-01-19 22:02:28 +00:00 · 2026-01-17 20:03:29 +02:00
parent c0dd432029
commit 4926e53409
18 changed files with 280 additions and 90 deletions
--- a/internal/controller/proxy_controller_test.go
+++ b/internal/controller/proxy_controller_test.go
@@ -143,11 +143,11 @@ func TestProxyHandler(t *testing.T) {
 	// Test logged in user
 	c := gin.CreateTestContextOnly(recorder, router)

-	err := authService.CreateSessionCookie(c, &config.SessionCookie{
+	err := authService.CreateSessionCookie(c, &repository.Session{
 		Username:    "testuser",
 		Name:        "testuser",
 		Email:       "testuser@example.com",
-		Provider:    "username",
+		Provider:    "local",
 		TotpPending: false,
 		OAuthGroups: "",
 	})
@@ -164,7 +164,7 @@ func TestProxyHandler(t *testing.T) {
 				Email:       "testuser@example.com",
 				IsLoggedIn:  true,
 				OAuth:       false,
-				Provider:    "username",
+				Provider:    "local",
 				TotpPending: false,
 				OAuthGroups: "",
 				TotpEnabled: false,
@@ -192,8 +192,9 @@ func TestProxyHandler(t *testing.T) {
 				Name:        "testuser",
 				Email:       "testuser@example.com",
 				IsLoggedIn:  true,
+				IsBasicAuth: true,
 				OAuth:       false,
-				Provider:    "basic",
+				Provider:    "local",
 				TotpPending: false,
 				OAuthGroups: "",
 				TotpEnabled: true,