Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
c388f3db
Commit
c388f3db
authored
Aug 29, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'joelkoglin/gitlab-ce-feature_fix_ldap_auth_issue_993'
parents
a429eb4d
12d8b01e
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
46 additions
and
4 deletions
+46
-4
CHANGELOG
CHANGELOG
+1
-0
app/models/user.rb
app/models/user.rb
+1
-1
db/migrate/20150817163600_deduplicate_user_identities.rb
db/migrate/20150817163600_deduplicate_user_identities.rb
+14
-0
lib/gitlab/ldap/user.rb
lib/gitlab/ldap/user.rb
+8
-3
spec/lib/gitlab/ldap/user_spec.rb
spec/lib/gitlab/ldap/user_spec.rb
+22
-0
No files found.
CHANGELOG
View file @
c388f3db
...
...
@@ -24,6 +24,7 @@ v 8.0.0 (unreleased)
- Improve search page usability
- Bring more UI consistency in way how projects, snippets and groups lists are rendered
- Make all profiles public
- Fixed login failure when extern_uid changes (Joel Koglin)
v 7.14.1
- Improve abuse reports management from admin area
...
...
app/models/user.rb
View file @
c388f3db
...
...
@@ -104,7 +104,7 @@ class User < ActiveRecord::Base
# Profile
has_many
:keys
,
dependent: :destroy
has_many
:emails
,
dependent: :destroy
has_many
:identities
,
dependent: :destroy
has_many
:identities
,
dependent: :destroy
,
autosave:
true
# Groups
has_many
:members
,
dependent: :destroy
...
...
db/migrate/20150817163600_deduplicate_user_identities.rb
0 → 100644
View file @
c388f3db
class
DeduplicateUserIdentities
<
ActiveRecord
::
Migration
def
change
execute
'DROP TABLE IF EXISTS tt_migration_DeduplicateUserIdentities;'
execute
'CREATE TEMPORARY TABLE tt_migration_DeduplicateUserIdentities AS SELECT id,provider,user_id FROM identities;'
execute
'DELETE FROM identities WHERE id NOT IN ( SELECT MIN(id) FROM tt_migration_DeduplicateUserIdentities GROUP BY user_id, provider);'
execute
'DROP TABLE IF EXISTS tt_migration_DeduplicateUserIdentities;'
end
def
down
# This is an irreversible migration;
# If someone is trying to rollback for other reasons, we should not throw an Exception.
# raise ActiveRecord::IrreversibleMigration
end
end
lib/gitlab/ldap/user.rb
View file @
c388f3db
...
...
@@ -44,9 +44,14 @@ module Gitlab
gl_user
.
skip_reconfirmation!
gl_user
.
email
=
auth_hash
.
email
# Build new identity only if we dont have have same one
gl_user
.
identities
.
find_or_initialize_by
(
provider:
auth_hash
.
provider
,
extern_uid:
auth_hash
.
uid
)
# find_or_initialize_by doesn't update `gl_user.identities`, and isn't autosaved.
identity
=
gl_user
.
identities
.
find
{
|
identity
|
identity
.
provider
==
auth_hash
.
provider
}
identity
||=
gl_user
.
identities
.
build
(
provider:
auth_hash
.
provider
)
# For a new user set extern_uid to the LDAP DN
# For an existing user with matching email but changed DN, update the DN.
# For an existing user with no change in DN, this line changes nothing.
identity
.
extern_uid
=
auth_hash
.
uid
gl_user
end
...
...
spec/lib/gitlab/ldap/user_spec.rb
View file @
c388f3db
...
...
@@ -47,6 +47,28 @@ describe Gitlab::LDAP::User do
expect
(
existing_user
.
ldap_identity
.
provider
).
to
eql
'ldapmain'
end
it
'connects to existing ldap user if the extern_uid changes'
do
existing_user
=
create
(
:omniauth_user
,
email:
'john@example.com'
,
extern_uid:
'old-uid'
,
provider:
'ldapmain'
)
expect
{
ldap_user
.
save
}.
not_to
change
{
User
.
count
}
existing_user
.
reload
expect
(
existing_user
.
ldap_identity
.
extern_uid
).
to
eql
'my-uid'
expect
(
existing_user
.
ldap_identity
.
provider
).
to
eql
'ldapmain'
expect
(
existing_user
.
id
).
to
eql
ldap_user
.
gl_user
.
id
end
it
'maintains an identity per provider'
do
existing_user
=
create
(
:omniauth_user
,
email:
'john@example.com'
,
provider:
'twitter'
)
expect
(
existing_user
.
identities
.
count
).
to
eql
(
1
)
ldap_user
.
save
expect
(
ldap_user
.
gl_user
.
identities
.
count
).
to
eql
(
2
)
# Expect that find_by provider only returns a single instance of an identity and not an Enumerable
expect
(
ldap_user
.
gl_user
.
identities
.
find_by
(
provider:
'twitter'
)).
to
be_instance_of
Identity
expect
(
ldap_user
.
gl_user
.
identities
.
find_by
(
provider:
auth_hash
.
provider
)).
to
be_instance_of
Identity
end
it
"creates a new user if not found"
do
expect
{
ldap_user
.
save
}.
to
change
{
User
.
count
}.
by
(
1
)
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment