Commit c9f741bb authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge pull request #4743 from karlhungus/feature-users-api-respect-defaults

Update User api to respect default settings
parents fc6ed495 88d4559e
...@@ -13,7 +13,7 @@ class Admin::UsersController < Admin::ApplicationController ...@@ -13,7 +13,7 @@ class Admin::UsersController < Admin::ApplicationController
end end
def new def new
@user = User.new.with_defaults @user = User.build_user
end end
def edit def edit
...@@ -44,7 +44,7 @@ class Admin::UsersController < Admin::ApplicationController ...@@ -44,7 +44,7 @@ class Admin::UsersController < Admin::ApplicationController
password_expires_at: Time.now password_expires_at: Time.now
} }
@user = User.new(params[:user].merge(opts), as: :admin) @user = User.build_user(params[:user].merge(opts), as: :admin)
@user.admin = (admin && admin.to_i > 0) @user.admin = (admin && admin.to_i > 0)
@user.created_by_id = current_user.id @user.created_by_id = current_user.id
......
...@@ -198,6 +198,21 @@ class User < ActiveRecord::Base ...@@ -198,6 +198,21 @@ class User < ActiveRecord::Base
User.find_by_username(name_or_id) User.find_by_username(name_or_id)
end end
end end
def build_user(attrs = {}, options= {})
user = User.new(defaults.merge(attrs), options)
# if not as: :admin force default settings
user.with_defaults unless options[:as] == :admin
user
end
def defaults
{
projects_limit: Gitlab.config.gitlab.default_projects_limit,
can_create_group: Gitlab.config.gitlab.default_can_create_group,
theme_id: Gitlab::Theme::BASIC
}
end
end end
# #
...@@ -208,14 +223,6 @@ class User < ActiveRecord::Base ...@@ -208,14 +223,6 @@ class User < ActiveRecord::Base
username username
end end
def with_defaults
tap do |u|
u.projects_limit = Gitlab.config.gitlab.default_projects_limit
u.can_create_group = Gitlab.config.gitlab.default_can_create_group
u.theme_id = Gitlab::Theme::MARS
end
end
def notification def notification
@notification ||= Notification.new(self) @notification ||= Notification.new(self)
end end
...@@ -375,4 +382,10 @@ class User < ActiveRecord::Base ...@@ -375,4 +382,10 @@ class User < ActiveRecord::Base
group.owners == [self] group.owners == [self]
end end
end end
def with_defaults
User.defaults.each do |k,v|
self.send("#{k}=",v)
end
end
end end
...@@ -45,9 +45,8 @@ module API ...@@ -45,9 +45,8 @@ module API
post do post do
authenticated_as_admin! authenticated_as_admin!
required_attributes! [:email, :password, :name, :username] required_attributes! [:email, :password, :name, :username]
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio] attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
user = User.new attrs, as: :admin user = User.build_user(attrs, as: :admin)
if user.save if user.save
present user, with: Entities::User present user, with: Entities::User
else else
......
...@@ -13,6 +13,72 @@ module Gitlab ...@@ -13,6 +13,72 @@ module Gitlab
end end
end end
def find_for_ldap_auth(auth, signed_in_resource = nil)
uid = auth.info.uid
provider = auth.provider
email = auth.info.email.downcase unless auth.info.email.nil?
raise OmniAuth::Error, "LDAP accounts must provide an uid and email address" if uid.nil? or email.nil?
if @user = User.find_by_extern_uid_and_provider(uid, provider)
@user
elsif @user = User.find_by_email(email)
log.info "Updating legacy LDAP user #{email} with extern_uid => #{uid}"
@user.update_attributes(extern_uid: uid, provider: provider)
@user
else
create_from_omniauth(auth, true)
end
end
def create_from_omniauth(auth, ldap = false)
provider = auth.provider
uid = auth.info.uid || auth.uid
uid = uid.to_s.force_encoding("utf-8")
name = auth.info.name.to_s.force_encoding("utf-8")
email = auth.info.email.to_s.downcase unless auth.info.email.nil?
ldap_prefix = ldap ? '(LDAP) ' : ''
raise OmniAuth::Error, "#{ldap_prefix}#{provider} does not provide an email"\
" address" if auth.info.email.blank?
log.info "#{ldap_prefix}Creating user from #{provider} login"\
" {uid => #{uid}, name => #{name}, email => #{email}}"
password = Devise.friendly_token[0, 8].downcase
@user = User.build_user({
extern_uid: uid,
provider: provider,
name: name,
username: email.match(/^[^@]*/)[0],
email: email,
password: password,
password_confirmation: password,
}, as: :admin)
@user.save!
if Gitlab.config.omniauth['block_auto_created_users'] && !ldap
@user.block
end
@user
end
def find_or_new_for_omniauth(auth)
provider, uid = auth.provider, auth.uid
email = auth.info.email.downcase unless auth.info.email.nil?
if @user = User.find_by_provider_and_extern_uid(provider, uid)
@user
elsif @user = User.find_by_email(email)
@user.update_attributes(extern_uid: uid, provider: provider)
@user
else
if Gitlab.config.omniauth['allow_single_sign_on']
@user = create_from_omniauth(auth)
@user
end
end
end
def log def log
Gitlab::AppLogger Gitlab::AppLogger
end end
......
...@@ -27,7 +27,7 @@ module Gitlab ...@@ -27,7 +27,7 @@ module Gitlab
password_confirmation: password, password_confirmation: password,
} }
user = model.new(opts, as: :admin).with_defaults user = model.build_user(opts, as: :admin)
user.save! user.save!
log.info "(OAuth) Creating user #{email} from login with extern_uid => #{uid}" log.info "(OAuth) Creating user #{email} from login with extern_uid => #{uid}"
......
...@@ -196,6 +196,7 @@ describe User do ...@@ -196,6 +196,7 @@ describe User do
it { User.not_in_project(@project).should include(@user, @project.owner) } it { User.not_in_project(@project).should include(@user, @project.owner) }
end end
describe 'user creation' do
describe 'normal user' do describe 'normal user' do
let(:user) { create(:user, name: 'John Smith') } let(:user) { create(:user, name: 'John Smith') }
...@@ -210,15 +211,48 @@ describe User do ...@@ -210,15 +211,48 @@ describe User do
let(:user) { User.new } let(:user) { User.new }
it "should not apply defaults to user" do it "should not apply defaults to user" do
user.projects_limit.should == 10 user.projects_limit.should == 10
user.can_create_group.should == true user.can_create_group.should be_true
user.theme_id.should == Gitlab::Theme::BASIC
end
end
context 'as admin' do
describe 'with defaults' do
let(:user) { User.build_user({}, as: :admin) }
it "should apply defaults to user" do
user.projects_limit.should == 42
user.can_create_group.should be_false
user.theme_id.should == Gitlab::Theme::BASIC
end end
end end
describe 'with default overrides' do
let(:user) { User.build_user({projects_limit: 123, can_create_group: true, can_create_team: true, theme_id: Gitlab::Theme::MARS}, as: :admin) }
it "should apply defaults to user" do
user.projects_limit.should == 123
user.can_create_group.should be_true
user.theme_id.should == Gitlab::Theme::MARS
end
end
end
context 'as user' do
describe 'with defaults' do describe 'with defaults' do
let(:user) { User.new.with_defaults } let(:user) { User.build_user }
it "should apply defaults to user" do
user.projects_limit.should == 42
user.can_create_group.should be_false
user.theme_id.should == Gitlab::Theme::BASIC
end
end
describe 'with default overrides' do
let(:user) { User.build_user(projects_limit: 123, can_create_group: true, theme_id: Gitlab::Theme::MARS) }
it "should apply defaults to user" do it "should apply defaults to user" do
user.projects_limit.should == 42 user.projects_limit.should == 42
user.can_create_group.should == false user.can_create_group.should be_false
user.theme_id.should == Gitlab::Theme::BASIC
end
end
end end
end end
......
...@@ -57,6 +57,19 @@ describe API::API do ...@@ -57,6 +57,19 @@ describe API::API do
response.status.should == 201 response.status.should == 201
end end
it "creating a user should respect default project limit" do
limit = 123456
Gitlab.config.gitlab.stub(:default_projects_limit).and_return(limit)
attr = attributes_for(:user )
expect {
post api("/users", admin), attr
}.to change { User.count }.by(1)
user = User.find_by_username(attr[:username])
user.projects_limit.should == limit
user.theme_id.should == Gitlab::Theme::BASIC
Gitlab.config.gitlab.unstub(:default_projects_limit)
end
it "should not create user with invalid email" do it "should not create user with invalid email" do
post api("/users", admin), { email: "invalid email", password: 'password' } post api("/users", admin), { email: "invalid email", password: 'password' }
response.status.should == 400 response.status.should == 400
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment