Commit f2dbf1ca authored by Robert Speicher's avatar Robert Speicher

Merge branch 'ce-jej/group-saml-sso-enforcement' into 'master'

CE changes for SSO web enforcement

See merge request gitlab-org/gitlab-ce!28141
parents 0658ebf7 651cfd08
...@@ -86,7 +86,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -86,7 +86,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
log_audit_event(current_user, with: oauth['provider']) log_audit_event(current_user, with: oauth['provider'])
identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth) identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth)
identity_linker.link
link_identity(identity_linker)
if identity_linker.changed? if identity_linker.changed?
redirect_identity_linked redirect_identity_linked
...@@ -100,6 +101,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -100,6 +101,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
end end
end end
def link_identity(identity_linker)
identity_linker.link
end
def redirect_identity_exists def redirect_identity_exists
redirect_to after_sign_in_path_for(current_user) redirect_to after_sign_in_path_for(current_user)
end end
......
...@@ -129,6 +129,10 @@ class GroupPolicy < BasePolicy ...@@ -129,6 +129,10 @@ class GroupPolicy < BasePolicy
def access_level def access_level
return GroupMember::NO_ACCESS if @user.nil? return GroupMember::NO_ACCESS if @user.nil?
@access_level ||= @subject.max_member_access_for_user(@user) @access_level ||= lookup_access_level!
end
def lookup_access_level!
@subject.max_member_access_for_user(@user)
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment