Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
ec67e9be
Commit
ec67e9be
authored
Jan 06, 2016
by
Gabriel Mazetto
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Repair ldap_blocked state when no ldap identity exist anymore
parent
d6dc088a
Changes
7
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
109 additions
and
0 deletions
+109
-0
app/controllers/admin/identities_controller.rb
app/controllers/admin/identities_controller.rb
+2
-0
app/models/identity.rb
app/models/identity.rb
+4
-0
app/models/user.rb
app/models/user.rb
+1
-0
app/services/repair_ldap_blocked_user_service.rb
app/services/repair_ldap_blocked_user_service.rb
+15
-0
spec/controllers/admin/identities_controller_spec.rb
spec/controllers/admin/identities_controller_spec.rb
+26
-0
spec/models/identity_spec.rb
spec/models/identity_spec.rb
+38
-0
spec/services/repair_ldap_blocked_user_service_spec.rb
spec/services/repair_ldap_blocked_user_service_spec.rb
+23
-0
No files found.
app/controllers/admin/identities_controller.rb
View file @
ec67e9be
...
...
@@ -26,6 +26,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
def
update
if
@identity
.
update_attributes
(
identity_params
)
RepairLdapBlockedUserService
.
new
(
@user
,
@identity
).
execute
redirect_to
admin_user_identities_path
(
@user
),
notice:
'User identity was successfully updated.'
else
render
:edit
...
...
@@ -34,6 +35,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
def
destroy
if
@identity
.
destroy
RepairLdapBlockedUserService
.
new
(
@user
,
@identity
).
execute
redirect_to
admin_user_identities_path
(
@user
),
notice:
'User identity was successfully removed.'
else
redirect_to
admin_user_identities_path
(
@user
),
alert:
'Failed to remove user identity.'
...
...
app/models/identity.rb
View file @
ec67e9be
...
...
@@ -18,4 +18,8 @@ class Identity < ActiveRecord::Base
validates
:provider
,
presence:
true
validates
:extern_uid
,
allow_blank:
true
,
uniqueness:
{
scope: :provider
}
validates
:user_id
,
uniqueness:
{
scope: :provider
}
def
is_ldap?
provider
.
starts_with?
(
'ldap'
)
end
end
app/models/user.rb
View file @
ec67e9be
...
...
@@ -196,6 +196,7 @@ class User < ActiveRecord::Base
state_machine
:state
,
initial: :active
do
event
:block
do
transition
active: :blocked
transition
ldap_blocked: :blocked
end
event
:ldap_block
do
...
...
app/services/repair_ldap_blocked_user_service.rb
0 → 100644
View file @
ec67e9be
class
RepairLdapBlockedUserService
attr_accessor
:user
,
:identity
def
initialize
(
user
,
identity
)
@user
,
@identity
=
user
,
identity
end
def
execute
if
identity
.
destroyed?
user
.
block
if
identity
.
is_ldap?
&&
user
.
ldap_blocked?
&&
!
user
.
ldap_user?
else
user
.
block
if
!
identity
.
is_ldap?
&&
user
.
ldap_blocked?
&&
!
user
.
ldap_user?
end
end
end
spec/controllers/admin/identities_controller_spec.rb
0 → 100644
View file @
ec67e9be
require
'spec_helper'
describe
Admin
::
IdentitiesController
do
let
(
:admin
)
{
create
(
:admin
)
}
before
{
sign_in
(
admin
)
}
describe
'UPDATE identity'
do
let
(
:user
)
{
create
(
:omniauth_user
,
provider:
'ldapmain'
,
extern_uid:
'uid=myuser,ou=people,dc=example,dc=com'
)
}
it
'repairs ldap blocks'
do
expect_any_instance_of
(
RepairLdapBlockedUserService
).
to
receive
(
:execute
)
put
:update
,
user_id:
user
.
username
,
id:
user
.
ldap_identity
.
id
,
identity:
{
provider:
'twitter'
}
end
end
describe
'DELETE identity'
do
let
(
:user
)
{
create
(
:omniauth_user
,
provider:
'ldapmain'
,
extern_uid:
'uid=myuser,ou=people,dc=example,dc=com'
)
}
it
'repairs ldap blocks'
do
expect_any_instance_of
(
RepairLdapBlockedUserService
).
to
receive
(
:execute
)
delete
:destroy
,
user_id:
user
.
username
,
id:
user
.
ldap_identity
.
id
end
end
end
spec/models/identity_spec.rb
0 → 100644
View file @
ec67e9be
# == Schema Information
#
# Table name: identities
#
# id :integer not null, primary key
# extern_uid :string(255)
# provider :string(255)
# user_id :integer
# created_at :datetime
# updated_at :datetime
#
require
'spec_helper'
RSpec
.
describe
Identity
,
models:
true
do
describe
'relations'
do
it
{
is_expected
.
to
belong_to
(
:user
)
}
end
describe
'fields'
do
it
{
is_expected
.
to
respond_to
(
:provider
)
}
it
{
is_expected
.
to
respond_to
(
:extern_uid
)
}
end
describe
'#is_ldap?'
do
let
(
:ldap_identity
)
{
create
(
:identity
,
provider:
'ldapmain'
)
}
let
(
:other_identity
)
{
create
(
:identity
,
provider:
'twitter'
)
}
it
'returns true if it is a ldap identity'
do
expect
(
ldap_identity
.
is_ldap?
).
to
be_truthy
end
it
'returns false if it is not a ldap identity'
do
expect
(
other_identity
.
is_ldap?
).
to
be_falsey
end
end
end
spec/services/repair_ldap_blocked_user_service_spec.rb
0 → 100644
View file @
ec67e9be
require
'spec_helper'
describe
RepairLdapBlockedUserService
,
services:
true
do
let
(
:user
)
{
create
(
:omniauth_user
,
provider:
'ldapmain'
,
state:
'ldap_blocked'
)
}
let
(
:identity
)
{
user
.
ldap_identity
}
subject
(
:service
)
{
RepairLdapBlockedUserService
.
new
(
user
,
identity
)
}
describe
'#execute'
do
it
'change to normal block after destroying last ldap identity'
do
identity
.
destroy
service
.
execute
expect
(
user
.
reload
).
not_to
be_ldap_blocked
end
it
'change to normal block after changing last ldap identity to another provider'
do
identity
.
update_attribute
(
:provider
,
'twitter'
)
service
.
execute
expect
(
user
.
reload
).
not_to
be_ldap_blocked
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment