LDAP and Enterprise plan activation #183
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughAdded navigation entries and documentation: a new LDAP authentication guide and a "Manage licenses" group with Enterprise and Pro/Business activation guides; updated self-hosting docs to point to the new license pages and removed a few image embeds. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor User
participant Plane as Plane app
participant LDAP as LDAP server
participant DB as Plane DB
User->>Plane: Click "Sign in with LDAP"
Plane->>LDAP: Bind with service account (Bind DN + password)
LDAP-->>Plane: Bind success
Plane->>LDAP: Search for user (base DN + filter)
LDAP-->>Plane: Return user entry + attributes
Plane->>LDAP: Optional: Bind as user to verify credentials
LDAP-->>Plane: Authentication result
Plane->>DB: Create/update user profile & roles
DB-->>Plane: Persisted
Plane-->>User: Establish session / show UI
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Fix all issues with AI agents
In `@self-hosting/govern/ldap.mdx`:
- Around line 171-172: Fix the run-on by splitting into clearer sentences or
using punctuation: change the clause to something like "This is why you
configure a Bind DN and password: it's Plane's identity on your LDAP server."
and ensure the following sentence reads "The Bind DN only needs read access
because Plane is just looking up information, never modifying your directory."
Update the phrasing around "Bind DN and password" and "Plane's identity" to
reflect this punctuation change.
- Around line 193-198: The two example filter lines `(mail={username})` and
`(|(uid={username})(mail={username}))` are missing Markdown list markers; update
the LDAP doc block around the User Search Filter examples so each example is a
bulleted item (e.g., prefix those lines with `- `) to match the surrounding list
style and preserve formatting for the examples like `(uid={username})` and the
group-restriction example `(&(uid={username})(memberOf=...))`.
- Around line 17-21: The ordered steps in the LDAP setup list in ldap.mdx have a
numbering gap (it goes from "2." to "4."); update the sequence so it reads 1.,
2., 3., 4., 5. (specifically change the item currently labeled "4. Click
**Configure** next to **LDAP** at the bottom of the page." to "3.") to restore
correct step ordering and ensure the list renders properly.
In `@self-hosting/manage/manage-licenses/activate-enterprise.mdx`:
- Around line 14-19: The numbered steps under the "Activate in God Mode" heading
have a discontinuity (steps go 1,2,3,6); update the list so the final step reads
"4. Click **Activate**." and, to match document hierarchy, change the "Activate
in God Mode" heading from H3 (###) to H2 (##) or make it a continuation of the
previous workflow heading; adjust the heading level in the file and fix the list
numbering in the block containing "Activate in God Mode" and the items "Sign in
to your Plane instance...", "Select **Billing**...", "Paste your license
key...", and "Click **Activate**."
🧹 Nitpick comments (2)
self-hosting/manage/manage-licenses/activate-pro-and-business.mdx (1)
57-57: Consider using a relative link for internal documentation.The link to the migration documentation uses an absolute URL (
https://developers.plane.so/...). If this is within the same documentation site, a relative link would be more maintainable and work across environments (preview, staging, production).Suggested change
-4. If you're switching machines or reinstalling the Commercial edition, see [Move Plane instance to another server](https://developers.plane.so/self-hosting/manage/migrate-plane). +4. If you're switching machines or reinstalling the Commercial edition, see [Move Plane instance to another server](/self-hosting/manage/migrate-plane).self-hosting/govern/ldap.mdx (1)
143-152: Consider noting security implications of unencrypted LDAP.The OpenLDAP example uses
ldap://(unencrypted) on port 389, while the Active Directory and FreeIPA examples useldaps://(encrypted). Consider adding a note thatldaps://is recommended for production, or updating the example to use encryption.Suggested change
### OpenLDAP-Server URI: ldap://ldap.example.com:389
+Server URI: ldaps://ldap.example.com:636
Bind DN: cn=readonly,dc=example,dc=com
Bind Password: ********
User Search Base: ou=users,dc=example,dc=comAlternatively, keep the example but add a note: ```diff ### OpenLDAP +> **Note:** This example uses an unencrypted connection for simplicity. For production, use `ldaps://` on port 636.Server URI: ldap://ldap.example.com:389
</details> </blockquote></details> </blockquote></details> <!-- This is an auto-generated comment by CodeRabbit for review status -->
Description
Type of Change
Screenshots and Media (if applicable)
Test Scenarios
References
Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings.