kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Inherit Gitlab::LDAP::User from Gitlab::OAuth::User

This commit is contained in:
Dmitriy Zaporozhets 2013-09-04 00:06:13 +03:00
parent b45e92646e
commit 0df1cf7fcc
1 changed files with 33 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
lib/gitlab/ldap/user.rb
View File

@ -1,17 +1,25 @@
require 'gitlab/oauth/user'
# LDAP extension for User model # LDAP extension for User model
# #
# * Find or create user from omniauth.auth data # * Find or create user from omniauth.auth data
# * Links LDAP account with existing user # * Links LDAP account with existing user
# * Auth LDAP user with login and password
# #
module Gitlab module Gitlab
module LDAP module LDAP
class User class User < Gitlab::OAuth::User
class << self class << self
def find(uid, email) def find_or_create(auth)
# Look for user with ldap provider and same uid @auth = auth
user = find_by_uid(uid)
return user if user
if uid.blank? || email.blank?
raise_error("Account must provide an uid and email address")
end
user = find(auth)
unless user
# Look for user with same emails # Look for user with same emails
# #
# Possible cases: # Possible cases:
@ -21,51 +29,21 @@ module Gitlab
user = model.find_by_email(email) user = model.find_by_email(email)
if user if user
user.update_attributes(extern_uid: uid, provider: 'ldap') user.update_attributes(extern_uid: uid, provider: provider)
log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}") log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
else
# Create a new user inside GitLab database
# based on LDAP credentials
#
#
user = create(auth)
end
end end
user user
end end
def create(uid, email, name) def authenticate(login, password)
password = Devise.friendly_token[0, 8].downcase
username = email.match(/^[^@]*/)[0]
opts = {
extern_uid: uid,
provider: 'ldap',
name: name,
username: username,
email: email,
password: password,
password_confirmation: password,
}
user = model.new(opts, as: :admin).with_defaults
user.save!
log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
user
end
def find_or_create(auth)
uid, email, name = uid(auth), email(auth), name(auth)
if uid.blank? || email.blank?
raise_error("Account must provide an uid and email address")
end
user = find(uid, email)
user = create(uid, email, name) unless user
user
end
def find_by_uid(uid)
model.ldap.where(extern_uid: uid).last
end
def auth(login, password)
# Check user against LDAP backend if user is not authenticated # Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results # Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && login.present? && password.present? return nil unless ldap_conf.enabled && login.present? && password.present?
@ -82,30 +60,18 @@ module Gitlab
private private
def uid(auth) def find_by_uid(uid)
auth.info.uid model.where(provider: provider, extern_uid: uid).last
end end
def email(auth) def provider
auth.info.email.downcase unless auth.info.email.nil? 'ldap'
end
def name(auth)
auth.info.name.to_s.force_encoding("utf-8")
end
def log
Gitlab::AppLogger
end end
def raise_error(message) def raise_error(message)
raise OmniAuth::Error, "(LDAP) " + message raise OmniAuth::Error, "(LDAP) " + message
end end
def model
::User
end
def ldap_conf def ldap_conf
Gitlab.config.ldap Gitlab.config.ldap
end end