Commit fa01c373 authored by Rémy Coutable's avatar Rémy Coutable

Ensures that OAuth/LDAP/SAML users don't need to be confirmed

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 3c6fad64
...@@ -9,12 +9,11 @@ module Users ...@@ -9,12 +9,11 @@ module Users
def execute(skip_authorization: false) def execute(skip_authorization: false)
raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user? raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user?
user = User.new(build_user_params) user = User.new(build_user_params(skip_authorization: skip_authorization))
if current_user&.admin? if current_user&.admin?
if params[:reset_password] if params[:reset_password]
user.generate_reset_token user.generate_reset_token
params[:force_random_password] = true
end end
if params[:force_random_password] if params[:force_random_password]
...@@ -81,7 +80,7 @@ module Users ...@@ -81,7 +80,7 @@ module Users
] ]
end end
def build_user_params def build_user_params(skip_authorization:)
if current_user&.admin? if current_user&.admin?
user_params = params.slice(*admin_create_params) user_params = params.slice(*admin_create_params)
user_params[:created_by_id] = current_user&.id user_params[:created_by_id] = current_user&.id
...@@ -91,7 +90,8 @@ module Users ...@@ -91,7 +90,8 @@ module Users
end end
else else
user_params = params.slice(*signup_params) user_params = params.slice(*signup_params)
user_params[:skip_confirmation] = !current_application_settings.send_user_confirmation_email user_params[:skip_confirmation] = params[:skip_confirmation] if skip_authorization
user_params[:skip_confirmation] ||= !current_application_settings.send_user_confirmation_email
end end
user_params user_params
......
...@@ -120,6 +120,19 @@ describe Gitlab::LDAP::User, lib: true do ...@@ -120,6 +120,19 @@ describe Gitlab::LDAP::User, lib: true do
expect(gl_user).to be_persisted expect(gl_user).to be_persisted
end end
end end
context 'when user confirmation email is enabled' do
before do
stub_application_setting send_user_confirmation_email: true
end
it 'creates and confirms the user anyway' do
ldap_user.save
expect(gl_user).to be_persisted
expect(gl_user).to be_confirmed
end
end
end end
describe 'updating email' do describe 'updating email' do
......
...@@ -54,6 +54,21 @@ describe Gitlab::OAuth::User, lib: true do ...@@ -54,6 +54,21 @@ describe Gitlab::OAuth::User, lib: true do
end end
end end
context 'when user confirmation email is enabled' do
before do
stub_application_setting send_user_confirmation_email: true
end
it 'creates and confirms the user anyway' do
stub_omniauth_config(allow_single_sign_on: ['twitter'])
oauth_user.save
expect(gl_user).to be_persisted
expect(gl_user).to be_confirmed
end
end
it 'marks user as having password_automatically_set' do it 'marks user as having password_automatically_set' do
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter']) stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter'])
......
...@@ -223,6 +223,19 @@ describe Gitlab::Saml::User, lib: true do ...@@ -223,6 +223,19 @@ describe Gitlab::Saml::User, lib: true do
expect(gl_user).to be_persisted expect(gl_user).to be_persisted
end end
end end
context 'when user confirmation email is enabled' do
before do
stub_application_setting send_user_confirmation_email: true
end
it 'creates and confirms the user anyway' do
saml_user.save
expect(gl_user).to be_persisted
expect(gl_user).to be_confirmed
end
end
end end
describe 'blocking' do describe 'blocking' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment