Nested ldap groups

As far as I know ROR doesn’t support nested LDAP groups at the moment.
Can you please add this functionality?
If yes, please tell me when it will be done?

Hi @driveirk

It’s an exciting proposition. I’ve created JIRA for it (RORDEV-747).
@sscarduzio is scheduling tasks based on the priority of importance.

1 Like

Oh great, thanks.
Is there any Estimated time of arrival functionality? A week? month? year? 5 years?

It’s under discussion at the moment :slight_smile:

Have you made a decision?

We have at least two important bug fixes before we can squeeze in any feature. In the meantime, it would be nice if you could detail your feature proposal, use case example, and expected behaviours in a new feature proposal topic.

I ask you this because I’m trying to understand what’s the best way to approach this.

Nested groups is a feature of LDAP where a group can contain users and/or another group (with its users). So it would be interesting to know, given a graph structure of LDAP groups and users like:

admins_grp: [ "billie" ]
develpers_grp: [
   "senior_developers_grp": [ "billie" ]

When ROR looks for a list of groups for the user “billie”, I’m not sure how should it evaluate?

a) [“admins_grp”, “developer_grp”, “senior_developers”]
b) [“admins_grp”, “senior_developers”]
b) [“admins_grp”, “developer_grp.senior_developers”]

As you asked, I created a new topic with a description.

1 Like