Commit becc14f7 authored by Rémy Coutable's avatar Rémy Coutable

Fix audit event that weren't being created for failed LDAP log-in tries

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 3d0a60e5
---
title: Fix audit event that weren't being created for failed LDAP log-in tries
merge_request: 27608
author:
type: fixed
......@@ -13,6 +13,15 @@ module EE
super
end
override :fail_login
def fail_login(user)
# This is the same implementation as EE::OmniauthCallbacksController#fail_login but we need to add it here since
# we're overriding Ldap::OmniauthCallbacksController#fail_login, not EE::OmniauthCallbacksController#fail_login.
log_failed_login(user.username, oauth['provider'])
super
end
private
def show_ldap_sync_flash
......
......@@ -22,7 +22,9 @@ describe Ldap::OmniauthCallbacksController do
context 'access denied' do
let(:valid_login?) { false }
it 'logs a failure event' do
# This test used to pass on retry only, masking an actual bug. We want to
# make sure it passes on the first try.
it 'logs a failure event', retry: 0 do
stub_licensed_features(extended_audit_events: true)
expect { post provider }.to change(SecurityEvent, :count).by(1)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment