Pull EE specific Gitlab::Auth code in to its own module

Only a tiny portion of code in EE for Gitlab::Auth was different from CE. This had the potential to result in merge conflicts. Now, it's moved in to its own EE module and is prepended into the Gitlab::Auth class.

Pull EE specific Gitlab::Auth code in to its own module
Only a tiny portion of code in EE for Gitlab::Auth was different from CE. This had the potential to result in merge conflicts. Now, it's moved in to its own EE module and is prepended into the Gitlab::Auth class.
f484e3c4 · Drew Blessing · 70a17615 · f484e3c4 · f484e3c4 · f484e3c4
Commit f484e3c4 authored Jan 24, 2017 by Drew Blessing
5 changed files
--- a/changelogs/unreleased-ee/gitlab_auth_move_ee_to_module.yml
+++ b/changelogs/unreleased-ee/gitlab_auth_move_ee_to_module.yml
+---
+title: Pull EE specific Gitlab::Auth code in to its own module
+merge_request: 1112
+author:
--- a/lib/ee/gitlab/auth.rb
+++ b/lib/ee/gitlab/auth.rb
+module EE
+  module Gitlab
+    module Auth
+      def find_with_user_password(login, password)
+        if Devise.omniauth_providers.include?(:kerberos)
+          kerberos_user = ::Gitlab::Kerberos::Authentication.login(login, password)
+          return kerberos_user if kerberos_user
+        end
+        super
+      end
+    end
+  end
+end
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -7,6 +7,8 @@ module Gitlab
    OPTIONAL_SCOPES = SCOPES - DEFAULT_SCOPES
    class << self
+      prepend EE::Gitlab::Auth
      def find_for_git_client(login, password, project:, ip:)
        raise "Must provide an IP for rate limiting" if ip.nil?
@@ -27,11 +29,6 @@ module Gitlab
      def find_with_user_password(login, password)
        user = User.by_login(login)
-        if Devise.omniauth_providers.include?(:kerberos)
-          kerberos_user = Gitlab::Kerberos::Authentication.login(login, password)
-          return kerberos_user if kerberos_user
-        end
        # If no user is found, or it's an LDAP server, try LDAP.
        #   LDAP users are only authenticated via LDAP
        if user.nil? || user.ldap_user?

--- a/spec/lib/ee/gitlab/auth_spec.rb
+++ b/spec/lib/ee/gitlab/auth_spec.rb
+require 'spec_helper'
+describe Gitlab::Auth, lib: true do
+  let(:gl_auth) { described_class }
+  let!(:user) do
+    create(:user,
+           username: username,
+           password: password,
+           password_confirmation: password)
+  end
+  let(:username) { 'John' }     # username isn't lowercase, test this
+  let(:password) { 'my-secret' }
+  context 'with kerberos' do
+    before do
+      allow(Devise).to receive_messages(omniauth_providers: [:kerberos])
+    end
+    it 'finds user' do
+      expect(::Gitlab::Kerberos::Authentication).to receive_messages(login: user)
+      expect( gl_auth.find_with_user_password(username, password) ).to eql user
+    end
+  end
+end
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -152,19 +152,6 @@ describe Gitlab::Auth, lib: true do
      expect( gl_auth.find_with_user_password(username, password) ).not_to eql user
    end
-    context "with kerberos" do
-      before do
-        allow(Devise).to receive_messages(omniauth_providers: [:kerberos])
-      end
-      it "finds user" do
-        allow(Gitlab::Kerberos::Authentication).to receive_messages(valid?: true)
-        allow(Gitlab::Kerberos::Authentication).to receive_messages(email: user.email)
-        expect( gl_auth.find_with_user_password(username, password) ).to eql user
-      end
-    end
    context "with ldap enabled" do
      before do
        allow(Gitlab::LDAP::Config).to receive(:enabled?).and_return(true)