Skip to content

G
gitlab-ce
Commit fb43a606 authored by Małgorzata Ksionek's avatar Małgorzata Ksionek
Browse files
Options

Add cr remarks

parent 0d66c970
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 15 deletions
app/controllers/sessions_controller.rb
View file @ fb43a606
......@@ -76,13 +76,6 @@ class SessionsController < Devise::SessionsController
flash[:notice] = nil
end
if password_based_login? && resource.password_based_login_forbidden?
sign_out
flash[:alert] = _('You are not allowed to log in using password')
redirect_to new_user_session_path
break
end
log_audit_event(current_user, resource, with: authentication_method)
log_user_activity(current_user)
end
......
ee/app/controllers/ee/sessions_controller.rb
View file @ fb43a606
......@@ -7,6 +7,7 @@ module EE
prepended do
before_action :gitlab_geo_logout, only: [:destroy]
before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? }
end
override :new
......@@ -69,5 +70,12 @@ module EE
super
end
def check_forbidden_password_based_login
if find_user&.password_based_login_forbidden?
flash[:alert] = _('You are not allowed to log in using password')
redirect_to new_user_session_path
end
end
end
end
ee/app/models/ee/user.rb
View file @ fb43a606
......@@ -330,9 +330,7 @@ module EE
override :password_based_login_forbidden?
def password_based_login_forbidden?
return true if user_authorized_by_provisioning_group?
super
user_authorized_by_provisioning_group? || super
end
def user_authorized_by_provisioning_group?
......
ee/spec/controllers/ee/sessions_controller_spec.rb
View file @ fb43a606
......@@ -130,7 +130,7 @@ RSpec.describe SessionsController, :geo do
end
context 'when user is not allowed to log in using password' do
let(:user) { create(:user, provisioned_by_group: create(:group)) }
let_it_be(:user) { create(:user, provisioned_by_group: build(:group)) }
it 'does not authenticate the user' do
post(:create, params: { user: { login: user.username, password: user.password } })
......
ee/spec/requests/git_http_spec.rb
View file @ fb43a606
......@@ -155,15 +155,15 @@ RSpec.describe 'Git HTTP requests' do
end
describe 'when user cannot use password-based login' do
let(:user) { create(:user) }
let(:group) { create(:group) }
let(:project) { create(:project, :repository, :private, group: group) }
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, :repository, :private, group: group) }
let_it_be(:user) { create(:user, provisioned_by_group: group) }
let(:env) { { user: user.username, password: user.password } }
let(:path) { "#{project.full_path}.git" }
before do
project.add_developer(user)
user.update!(provisioned_by_group: group)
end
context 'with feature flag switched off' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7