Commit 52c1194a authored by Imre Farkas's avatar Imre Farkas

Merge branch 'bvl-fix-failing-saml-for-blocked-user' into 'master'

Fix infinite loop on saml login of a blocked user

See merge request gitlab-org/gitlab!75887
parents a4bebd81 00a4831d
...@@ -162,6 +162,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -162,6 +162,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
user = auth_user.find_and_update! user = auth_user.find_and_update!
if auth_user.valid_sign_in? if auth_user.valid_sign_in?
# In this case the `#current_user` would not be set. So we can't fetch it
# from that in `#context_user`. Pushing it manually here makes the information
# available in the logs for this request.
Gitlab::ApplicationContext.push(user: user)
log_audit_event(user, with: oauth['provider']) log_audit_event(user, with: oauth['provider'])
set_remember_me(user) set_remember_me(user)
...@@ -287,10 +291,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -287,10 +291,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def fail_admin_mode_invalid_credentials def fail_admin_mode_invalid_credentials
redirect_to new_admin_session_path, alert: _('Invalid login or password') redirect_to new_admin_session_path, alert: _('Invalid login or password')
end end
def context_user
current_user
end
end end
OmniauthCallbacksController.prepend_mod_with('OmniauthCallbacksController') OmniauthCallbacksController.prepend_mod_with('OmniauthCallbacksController')
...@@ -479,6 +479,19 @@ RSpec.describe OmniauthCallbacksController, type: :controller do ...@@ -479,6 +479,19 @@ RSpec.describe OmniauthCallbacksController, type: :controller do
post :saml, params: { SAMLResponse: mock_saml_response } post :saml, params: { SAMLResponse: mock_saml_response }
end end
end end
context 'with a blocked user trying to log in when there are hooks set up' do
let(:user) { create(:omniauth_user, extern_uid: 'my-uid', provider: 'saml') }
subject(:post_action) { post :saml, params: { SAMLResponse: mock_saml_response } }
before do
create(:system_hook)
user.block!
end
it { expect { post_action }.not_to raise_error }
end
end end
describe 'enable admin mode' do describe 'enable admin mode' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment