user.rb 1.45 KB
Newer Older
1 2
require 'gitlab/oauth/user'

3 4 5 6
# LDAP extension for User model
#
# * Find or create user from omniauth.auth data
# * Links LDAP account with existing user
7
# * Auth LDAP user with login and password
8 9 10
#
module Gitlab
  module LDAP
11
    class User < Gitlab::OAuth::User
12
      class << self
13
        def find_by_uid_and_provider(uid, provider)
14
          # LDAP distinguished name is case-insensitive
15 16 17
          ::User.
            where(provider: [provider, :ldap]).
            where('lower(extern_uid) = ?', uid.downcase).last
18
        end
19
      end
20

21 22 23 24
      def initialize(auth_hash)
        super
        update_user_attributes
      end
25

26 27 28 29
      # instance methods
      def gl_user
        @gl_user ||= find_by_uid_and_provider || find_by_email || build_new_user
      end
30

31 32 33
      def find_by_uid_and_provider
        # LDAP distinguished name is case-insensitive
        model.
34
          where(provider: [auth_hash.provider, :ldap]).
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
          where('lower(extern_uid) = ?', auth_hash.uid.downcase).last
      end

      def find_by_email
        model.find_by(email: auth_hash.email)
      end

      def update_user_attributes
        gl_user.attributes = {
          extern_uid: auth_hash.uid,
          provider: auth_hash.provider,
          email: auth_hash.email
        }
      end

      def changed?
        gl_user.changed?
52
      end
53 54 55 56

      def needs_blocking?
        false
      end
57 58 59 60

      def allowed?
        Gitlab::LDAP::Access.allowed?(gl_user)
      end
61 62 63
    end
  end
end