Short circuit membership valiation without groups to check

mtodd · mtodd · commit e63e2afb24dc · 2014-10-16T15:41:12.000-07:00
Default to true since no groups to validate against translates to
existing handling: if no groups to check against, then they are valid
members.
diff --git a/lib/github/ldap/membership_validators/active_directory.rb b/lib/github/ldap/membership_validators/active_directory.rb
@@ -15,6 +15,9 @@ module MembershipValidators
       # nested groups, performed on the server side.
       class ActiveDirectory < Base
         def perform(entry)
+          # short circuit validation if there are no groups to check against
+          return true if groups.empty?
+
           # search for the entry on the condition that the entry is a member
           # of one of the groups or their subgroups.
           #
diff --git a/lib/github/ldap/membership_validators/classic.rb b/lib/github/ldap/membership_validators/classic.rb
@@ -7,6 +7,7 @@ module MembershipValidators
       # it consistently with the new approach.
       class Classic < Base
         def perform(entry)
+          # short circuit validation if there are no groups to check against
           return true if groups.empty?
 
           domains.each do |domain|
diff --git a/lib/github/ldap/membership_validators/recursive.rb b/lib/github/ldap/membership_validators/recursive.rb
@@ -22,6 +22,9 @@ class Recursive < Base
         ATTRS             = %w(dn cn)
 
         def perform(entry, depth = DEFAULT_MAX_DEPTH)
+          # short circuit validation if there are no groups to check against
+          return true if groups.empty?
+
           domains.each do |domain|
             # find groups entry is an immediate member of
             membership = domain.search(filter: member_filter(entry), attributes: ATTRS)
