From 539d8f1fb49549ae53a21dd99293cdf7d9deb696 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mateusz=20Ko=C5=82odziejczyk?= <coutoPL@gmail.com>
Date: Fri, 15 Mar 2024 17:50:18 +0100
Subject: [PATCH] LDAP authentication optimization is disabled by now; docker
 build fix for module es63x

---
 .../definitions/LdapServicesDecoder.scala         |  4 +---
 .../definitions/LdapServicesSettingsTests.scala   |  3 ++-
 es63x/Dockerfile                                  | 15 +--------------
 .../containers/images/ReadonlyRestPlugin.scala    |  2 +-
 4 files changed, 5 insertions(+), 19 deletions(-)

diff --git a/core/src/main/scala/tech/beshu/ror/accesscontrol/factory/decoders/definitions/LdapServicesDecoder.scala b/core/src/main/scala/tech/beshu/ror/accesscontrol/factory/decoders/definitions/LdapServicesDecoder.scala
index efd1a735f3..8edce6e758 100644
--- a/core/src/main/scala/tech/beshu/ror/accesscontrol/factory/decoders/definitions/LdapServicesDecoder.scala
+++ b/core/src/main/scala/tech/beshu/ror/accesscontrol/factory/decoders/definitions/LdapServicesDecoder.scala
@@ -176,11 +176,9 @@ object LdapServicesDecoder {
     for {
       searchUserBaseDn <- c.downField("search_user_base_DN").as[Dn]
       userIdAttributeName <- c.downNonEmptyOptionalField("user_id_attribute")
-      // to be removed in the future (it's a safety-valve)
-      disableUserAuthenticationOptimization <- c.downField("disable_user_authentication_optimization").as[Option[Boolean]]
     } yield UserSearchFilterConfig(
       searchUserBaseDN = searchUserBaseDn,
-      userIdAttribute = userIdAttributeFrom(userIdAttributeName, disableUserAuthenticationOptimization)
+      userIdAttribute = userIdAttributeFrom(userIdAttributeName, disableUserAuthenticationOptimization = Some(true))
     )
   }
 
diff --git a/core/src/test/scala/tech/beshu/ror/unit/acl/factory/decoders/definitions/LdapServicesSettingsTests.scala b/core/src/test/scala/tech/beshu/ror/unit/acl/factory/decoders/definitions/LdapServicesSettingsTests.scala
index fc7ecbb56f..52b0cafdc4 100644
--- a/core/src/test/scala/tech/beshu/ror/unit/acl/factory/decoders/definitions/LdapServicesSettingsTests.scala
+++ b/core/src/test/scala/tech/beshu/ror/unit/acl/factory/decoders/definitions/LdapServicesSettingsTests.scala
@@ -518,7 +518,8 @@ class LdapServicesSettingsTests private(ldapConnectionPoolProvider: UnboundidLda
           )
         }
       }
-      "User ID attribute is configured to be CN" in {
+      // todo: uncomment when LDAP authentication optimization is enabled
+      "User ID attribute is configured to be CN" ignore {
         assertDecodingSuccess(
           yaml =
             s"""
diff --git a/es63x/Dockerfile b/es63x/Dockerfile
index ca845f7f92..3943938d5c 100644
--- a/es63x/Dockerfile
+++ b/es63x/Dockerfile
@@ -9,20 +9,7 @@ ARG ROR_VERSION
 ENV KIBANA_USER_PASS=kibana
 ENV ADMIN_USER_PASS=admin
 
-USER root
-
-RUN curl -o /usr/local/bin/gosu -SL "https://github.com/tianon/gosu/releases/download/1.17/gosu-amd64" && \
-    chmod +x /usr/local/bin/gosu && \
-    gosu nobody true
-
-USER elasticsearch
-
 COPY readonlyrest-${ROR_VERSION}_es${ES_VERSION}.zip /tmp/readonlyrest.zip
 COPY init-readonlyrest.yml /usr/share/elasticsearch/config/readonlyrest.yml
-COPY ror-entrypoint-es6x.sh /usr/local/bin/ror-entrypoint.sh
-
-RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch file:///tmp/readonlyrest.zip
-
-USER root
 
-ENTRYPOINT ["/usr/local/bin/ror-entrypoint.sh"]
\ No newline at end of file
+RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install --batch file:///tmp/readonlyrest.zip
\ No newline at end of file
diff --git a/tests-utils/src/main/scala/tech/beshu/ror/utils/containers/images/ReadonlyRestPlugin.scala b/tests-utils/src/main/scala/tech/beshu/ror/utils/containers/images/ReadonlyRestPlugin.scala
index 71c645bdee..09ffc25cd7 100644
--- a/tests-utils/src/main/scala/tech/beshu/ror/utils/containers/images/ReadonlyRestPlugin.scala
+++ b/tests-utils/src/main/scala/tech/beshu/ror/utils/containers/images/ReadonlyRestPlugin.scala
@@ -110,7 +110,7 @@ class ReadonlyRestPlugin(esVersion: String,
         .runWhen(Version.greaterOrEqualThan(esVersion, 7, 0, 0),
           command = s"${esDir.toString()}/jdk/bin/java -jar ${esDir.toString()}/plugins/readonlyrest/ror-tools.jar patch"
         )
-        .runWhen(Version.greaterOrEqualThan(esVersion, 6, 3, 0) && Version.lowerThan(esVersion, 7, 0, 0),
+        .runWhen(Version.greaterOrEqualThan(esVersion, 6, 5, 0) && Version.lowerThan(esVersion, 7, 0, 0),
           command = s"$$JAVA_HOME/bin/java -jar ${esDir.toString()}/plugins/readonlyrest/ror-tools.jar patch"
         )
         .user("elasticsearch")