LDAP authentication optimization is disabled by now; docker build fix…

… for module es63x

core/src/main/scala/tech/beshu/ror/accesscontrol/factory/decoders/definitions/LdapServicesDecoder.scala

@@ -176,11 +176,9 @@ object LdapServicesDecoder {
     for {
       searchUserBaseDn <- c.downField("search_user_base_DN").as[Dn]
       userIdAttributeName <- c.downNonEmptyOptionalField("user_id_attribute")
-      // to be removed in the future (it's a safety-valve)
-      disableUserAuthenticationOptimization <- c.downField("disable_user_authentication_optimization").as[Option[Boolean]]
     } yield UserSearchFilterConfig(
       searchUserBaseDN = searchUserBaseDn,
-      userIdAttribute = userIdAttributeFrom(userIdAttributeName, disableUserAuthenticationOptimization)
+      userIdAttribute = userIdAttributeFrom(userIdAttributeName, disableUserAuthenticationOptimization = Some(true))
     )
   }
 

core/src/test/scala/tech/beshu/ror/unit/acl/factory/decoders/definitions/LdapServicesSettingsTests.scala

@@ -518,7 +518,8 @@ class LdapServicesSettingsTests private(ldapConnectionPoolProvider: UnboundidLda
           )
         }
       }
-      "User ID attribute is configured to be CN" in {
+      // todo: uncomment when LDAP authentication optimization is enabled
+      "User ID attribute is configured to be CN" ignore {
         assertDecodingSuccess(
           yaml =
             s"""

es63x/Dockerfile

@@ -9,20 +9,7 @@ ARG ROR_VERSION
 ENV KIBANA_USER_PASS=kibana
 ENV ADMIN_USER_PASS=admin
 
-USER root
-
-RUN curl -o /usr/local/bin/gosu -SL "https://github.com/tianon/gosu/releases/download/1.17/gosu-amd64" && \
-    chmod +x /usr/local/bin/gosu && \
-    gosu nobody true
-
-USER elasticsearch
-
 COPY readonlyrest-${ROR_VERSION}_es${ES_VERSION}.zip /tmp/readonlyrest.zip
 COPY init-readonlyrest.yml /usr/share/elasticsearch/config/readonlyrest.yml
-COPY ror-entrypoint-es6x.sh /usr/local/bin/ror-entrypoint.sh
-
-RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch file:///tmp/readonlyrest.zip
-
-USER root
 
-ENTRYPOINT ["/usr/local/bin/ror-entrypoint.sh"]
+RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch file:///tmp/readonlyrest.zip

tests-utils/src/main/scala/tech/beshu/ror/utils/containers/images/ReadonlyRestPlugin.scala

@@ -110,7 +110,7 @@ class ReadonlyRestPlugin(esVersion: String,
         .runWhen(Version.greaterOrEqualThan(esVersion, 7, 0, 0),
           command = s"${esDir.toString()}/jdk/bin/java -jar ${esDir.toString()}/plugins/readonlyrest/ror-tools.jar patch"
         )
-        .runWhen(Version.greaterOrEqualThan(esVersion, 6, 3, 0) && Version.lowerThan(esVersion, 7, 0, 0),
+        .runWhen(Version.greaterOrEqualThan(esVersion, 6, 5, 0) && Version.lowerThan(esVersion, 7, 0, 0),
           command = s"$$JAVA_HOME/bin/java -jar ${esDir.toString()}/plugins/readonlyrest/ror-tools.jar patch"
         )
         .user("elasticsearch")