Extend support from memberof to other multi-value attribute for group membership

[jvlcek]

MiqLdap currently has the group membership attribute hardcodes to memberof.

This PR moves this same hardcoded value into ::Settings.authentication.group_attribute.
The result being that by default the current functionality will not change but it will now be
possible for uses who want to use a different multi-value attribute for group membership
to do so by manually setting the Advanced Configuration option group_attribute.

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1353037

Steps for Testing/QA [Optional]

• Configure your LDAP directory to have groupMembership attribute to contain a user's group membership
• Configure MiQ authentication mode LDAP or LDAPS.
• Manually configure group_attribute in MiQ UI under Configuration/Advanced
  -- From: :group_attribute: memberof
  -- To: :group_attribute: groupmembership
• Test by adding a group for the user configured in you LDAP directory with the groupMembership attribute by looking up groups by checking: (Look up LDAP Groups) and providing the needed input.

Note: ldapsearch can be used to confirm the multi-value attribute, groupmembership, is correctly configured in LDAP:

ldapsearch -x -LLL -H ldap://<my ldap>:389  -b "dc=example,dc=com"  -D "cn=Manager,dc=example,dc=com" -w ******** -s sub "(CN=ldaptest1)" "groupmembership"
dn: cn=ldaptest1,ou=people,ou=prod,dc=example,dc=com
groupmembership: cn=ldap-group-2,ou=groups,ou=prod,dc=example,dc=com
groupmembership: cn=ldap-group-1,ou=groups,ou=prod,dc=example,dc=com

[jvlcek]

@miq-bot add_label bug

[jvlcek]

@miq-bot add_label authentication

[jvlcek]

@miq-bot assign @abellotti

[jvlcek]

@abellotti Please review.

[miq-bot]

Checked commit jvlcek@f290134 with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0
2 files checked, 0 offenses detected
Everything looks fine. 🏆

[abellotti]

just saw this, LGTM!! Thanks @jvlcek for the enhancement 👍