Finished implementing the user group memberships part.

New Gitlab option "newMemberAccessLevel" to determine the access level to use when adding users to groups. (Default 30: Developer.) Renamed "sync" to "update" in the sync arrays to avoid confusion. Removed some pointless messages. You can now all test this out if you like but please use the dry run option `-d` in your command to prevent writing changes to your Gitlab instances. (Yes I know it's Christmas day... Just committing in that gap between family visits and very dinner.)
Adambean · Dec 25, 2018 · b64545e · b64545e
1 parent 214a907
commit b64545e
Show file tree

Hide file tree

Showing 3 changed files with 188 additions and 37 deletions.
diff --git a/README.md b/README.md
@@ -6,22 +6,23 @@ Though this functionality is available out of the box with Gitlab enterprise edi
 
 As a bonus it can also do a light rake of LDAP users not currently in Gitlab, so those that haven't signed in for their first time can still have projects and permissions assigned to them. **This may make the tool unsuitable git Gitlab-EE as this would certainly impact its licensing fees!**
 
-## **THIS TOOL IS NOT COMPLETED YET. DO NOT USE IT IN A PRODUCTION ENVIRONMENT.**
+## **THIS TOOL IS NOT QUALITY ASSURED YET. DO NOT USE IT IN A PRODUCTION ENVIRONMENT.**
 
-**Seriously. Only use this on test Gitlab CE instances.**
+**Seriously.**
 
-What is complete:
+Though all of this tool's features are now implemented, very limited testing has happened, so don't expect a perfect experience. You should therefore only use this on test Gitlab CE instances, or if you must use this on your production environment, at the very least take a backup of your Gitlab data before using this.
+
+Features implemented:
 
 * Reading users from LDAP
 * Reading groups from LDAP
 * Synchronising users to Gitlab
 * Synchronising groups to Gitlab
+* Synchronising Gitlab group memberships based on LDAP group memberships
 
-What is left to-do:
-
-* Synchronising group memberships to Gitlab
+If in doubt use the dry run `-d` option to prevent writing to Gitlab first, combined with `-vv` to see exactly what would happen.
 
-**If in doubt use the dry run `-d` option to prevent writing to Gitlab first, combined with `-vv` to see exactly what would happen. You have been warned.**
+**You have been warned!**
 
 ## Getting Started
 
@@ -258,6 +259,20 @@ Only empty Gitlab groups will ever be deleted. If there are extra groups with me
 
 Default: *false*
 
+##### newMemberAccessLevel *(integer|null)*
+
+The access level to provide users when added to groups.
+
+* 10: Guest
+* 20: Reporter
+* 30: Developer
+* 40: Maintainer
+* 50: Owner
+
+This will not interfere with existing group members, so you can adjust user permissions in Gitlab later on.
+
+Default: 30
+
 ##### groupNamesOfAdministrators *(array|null)*
 
 Specify a list of group names of which members should be granted administrator access.

diff --git a/config.yml.dist b/config.yml.dist
@@ -36,6 +36,7 @@ gitlab:
 
         createEmptyGroups:              false
         deleteExtraGroups:              false
+        newMemberAccessLevel:           30
 
         groupNamesOfAdministrators:     ~
         groupNamesOfExternal:           ~