Commit f484e3c4 authored by Drew Blessing's avatar Drew Blessing

Pull EE specific Gitlab::Auth code in to its own module

Only a tiny portion of code in EE for Gitlab::Auth was different
from CE. This had the potential to result in merge conflicts.
Now, it's moved in to its own EE module and is prepended into the
Gitlab::Auth class.
parent 70a17615
---
title: Pull EE specific Gitlab::Auth code in to its own module
merge_request: 1112
author:
module EE
module Gitlab
module Auth
def find_with_user_password(login, password)
if Devise.omniauth_providers.include?(:kerberos)
kerberos_user = ::Gitlab::Kerberos::Authentication.login(login, password)
return kerberos_user if kerberos_user
end
super
end
end
end
end
...@@ -7,6 +7,8 @@ module Gitlab ...@@ -7,6 +7,8 @@ module Gitlab
OPTIONAL_SCOPES = SCOPES - DEFAULT_SCOPES OPTIONAL_SCOPES = SCOPES - DEFAULT_SCOPES
class << self class << self
prepend EE::Gitlab::Auth
def find_for_git_client(login, password, project:, ip:) def find_for_git_client(login, password, project:, ip:)
raise "Must provide an IP for rate limiting" if ip.nil? raise "Must provide an IP for rate limiting" if ip.nil?
...@@ -27,11 +29,6 @@ module Gitlab ...@@ -27,11 +29,6 @@ module Gitlab
def find_with_user_password(login, password) def find_with_user_password(login, password)
user = User.by_login(login) user = User.by_login(login)
if Devise.omniauth_providers.include?(:kerberos)
kerberos_user = Gitlab::Kerberos::Authentication.login(login, password)
return kerberos_user if kerberos_user
end
# If no user is found, or it's an LDAP server, try LDAP. # If no user is found, or it's an LDAP server, try LDAP.
# LDAP users are only authenticated via LDAP # LDAP users are only authenticated via LDAP
if user.nil? || user.ldap_user? if user.nil? || user.ldap_user?
......
require 'spec_helper'
describe Gitlab::Auth, lib: true do
let(:gl_auth) { described_class }
let!(:user) do
create(:user,
username: username,
password: password,
password_confirmation: password)
end
let(:username) { 'John' } # username isn't lowercase, test this
let(:password) { 'my-secret' }
context 'with kerberos' do
before do
allow(Devise).to receive_messages(omniauth_providers: [:kerberos])
end
it 'finds user' do
expect(::Gitlab::Kerberos::Authentication).to receive_messages(login: user)
expect( gl_auth.find_with_user_password(username, password) ).to eql user
end
end
end
...@@ -152,19 +152,6 @@ describe Gitlab::Auth, lib: true do ...@@ -152,19 +152,6 @@ describe Gitlab::Auth, lib: true do
expect( gl_auth.find_with_user_password(username, password) ).not_to eql user expect( gl_auth.find_with_user_password(username, password) ).not_to eql user
end end
context "with kerberos" do
before do
allow(Devise).to receive_messages(omniauth_providers: [:kerberos])
end
it "finds user" do
allow(Gitlab::Kerberos::Authentication).to receive_messages(valid?: true)
allow(Gitlab::Kerberos::Authentication).to receive_messages(email: user.email)
expect( gl_auth.find_with_user_password(username, password) ).to eql user
end
end
context "with ldap enabled" do context "with ldap enabled" do
before do before do
allow(Gitlab::LDAP::Config).to receive(:enabled?).and_return(true) allow(Gitlab::LDAP::Config).to receive(:enabled?).and_return(true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment