Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
5a4a1a2f
Commit
5a4a1a2f
authored
Oct 17, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'fix-oauth-block' into 'master'
Fix user being blocked after oauth sign-in See merge request !1190
parents
966f68b3
f8cdd62e
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
89 additions
and
19 deletions
+89
-19
lib/gitlab/oauth/user.rb
lib/gitlab/oauth/user.rb
+23
-9
spec/lib/gitlab/oauth/user_spec.rb
spec/lib/gitlab/oauth/user_spec.rb
+66
-10
No files found.
lib/gitlab/oauth/user.rb
View file @
5a4a1a2f
...
@@ -17,7 +17,7 @@ module Gitlab
...
@@ -17,7 +17,7 @@ module Gitlab
end
end
def
new?
def
new?
!
gl_user
.
persisted?
!
persisted?
end
end
def
valid?
def
valid?
...
@@ -27,10 +27,14 @@ module Gitlab
...
@@ -27,10 +27,14 @@ module Gitlab
def
save
def
save
unauthorized_to_create
unless
gl_user
unauthorized_to_create
unless
gl_user
gl_user
.
save!
if
needs_blocking?
log
.
info
"(OAuth) saving user
#{
auth_hash
.
email
}
from login with extern_uid =>
#{
auth_hash
.
uid
}
"
gl_user
.
save!
gl_user
.
block
if
needs_blocking?
gl_user
.
block
else
gl_user
.
save!
end
log
.
info
"(OAuth) saving user
#{
auth_hash
.
email
}
from login with extern_uid =>
#{
auth_hash
.
uid
}
"
gl_user
gl_user
rescue
ActiveRecord
::
RecordInvalid
=>
e
rescue
ActiveRecord
::
RecordInvalid
=>
e
log
.
info
"(OAuth) Error saving user:
#{
gl_user
.
errors
.
full_messages
}
"
log
.
info
"(OAuth) Error saving user:
#{
gl_user
.
errors
.
full_messages
}
"
...
@@ -40,13 +44,27 @@ module Gitlab
...
@@ -40,13 +44,27 @@ module Gitlab
def
gl_user
def
gl_user
@user
||=
find_by_uid_and_provider
@user
||=
find_by_uid_and_provider
if
Gitlab
.
config
.
omniauth
.
allow_single_sign_on
if
signup_enabled?
@user
||=
build_new_user
@user
||=
build_new_user
end
end
@user
@user
end
end
protected
protected
def
needs_blocking?
new?
&&
block_after_signup?
end
def
signup_enabled?
Gitlab
.
config
.
omniauth
.
allow_single_sign_on
end
def
block_after_signup?
Gitlab
.
config
.
omniauth
.
block_auto_created_users
end
def
auth_hash
=
(
auth_hash
)
def
auth_hash
=
(
auth_hash
)
@auth_hash
=
AuthHash
.
new
(
auth_hash
)
@auth_hash
=
AuthHash
.
new
(
auth_hash
)
end
end
...
@@ -77,10 +95,6 @@ module Gitlab
...
@@ -77,10 +95,6 @@ module Gitlab
Gitlab
::
AppLogger
Gitlab
::
AppLogger
end
end
def
needs_blocking?
Gitlab
.
config
.
omniauth
[
'block_auto_created_users'
]
end
def
model
def
model
::
User
::
User
end
end
...
...
spec/lib/gitlab/oauth/user_spec.rb
View file @
5a4a1a2f
...
@@ -31,21 +31,77 @@ describe Gitlab::OAuth::User do
...
@@ -31,21 +31,77 @@ describe Gitlab::OAuth::User do
describe
:save
do
describe
:save
do
let
(
:provider
)
{
'twitter'
}
let
(
:provider
)
{
'twitter'
}
context
"with allow_single_sign_on enabled"
do
describe
'signup'
do
before
{
Gitlab
.
config
.
omniauth
.
stub
allow_single_sign_on:
true
}
context
"with allow_single_sign_on enabled"
do
before
{
Gitlab
.
config
.
omniauth
.
stub
allow_single_sign_on:
true
}
it
"creates a user from Omniauth"
do
oauth_user
.
save
it
"creates a user from Omniauth"
do
expect
(
gl_user
).
to
be_valid
oauth_user
.
save
expect
(
gl_user
.
extern_uid
).
to
eql
uid
expect
(
gl_user
.
provider
).
to
eql
'twitter'
end
end
expect
(
gl_user
).
to
be_valid
context
"with allow_single_sign_on disabled (Default)"
do
expect
(
gl_user
.
extern_uid
).
to
eql
uid
it
"throws an error"
do
expect
(
gl_user
.
provider
).
to
eql
'twitter'
expect
{
oauth_user
.
save
}.
to
raise_error
StandardError
end
end
end
end
end
context
"with allow_single_sign_on disabled (Default)"
do
describe
'blocking'
do
it
"throws an error"
do
let
(
:provider
)
{
'twitter'
}
expect
{
oauth_user
.
save
}.
to
raise_error
StandardError
before
{
Gitlab
.
config
.
omniauth
.
stub
allow_single_sign_on:
true
}
context
'signup'
do
context
'dont block on create'
do
before
{
Gitlab
.
config
.
omniauth
.
stub
block_auto_created_users:
false
}
it
do
oauth_user
.
save
gl_user
.
should
be_valid
gl_user
.
should_not
be_blocked
end
end
context
'block on create'
do
before
{
Gitlab
.
config
.
omniauth
.
stub
block_auto_created_users:
true
}
it
do
oauth_user
.
save
gl_user
.
should
be_valid
gl_user
.
should
be_blocked
end
end
end
context
'sign-in'
do
before
do
oauth_user
.
save
oauth_user
.
gl_user
.
activate
end
context
'dont block on create'
do
before
{
Gitlab
.
config
.
omniauth
.
stub
block_auto_created_users:
false
}
it
do
oauth_user
.
save
gl_user
.
should
be_valid
gl_user
.
should_not
be_blocked
end
end
context
'block on create'
do
before
{
Gitlab
.
config
.
omniauth
.
stub
block_auto_created_users:
true
}
it
do
oauth_user
.
save
gl_user
.
should
be_valid
gl_user
.
should_not
be_blocked
end
end
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment