Only new users get marked as external
This commit is contained in:
parent
d772f52e1e
commit
1ab85b9696
3 changed files with 27 additions and 10 deletions
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
title: Login via OAuth now only marks new users as external
|
||||||
|
merge_request: 16672
|
||||||
|
author:
|
||||||
|
type: fixed
|
|
@ -55,7 +55,7 @@ module Gitlab
|
||||||
user ||= find_or_build_ldap_user if auto_link_ldap_user?
|
user ||= find_or_build_ldap_user if auto_link_ldap_user?
|
||||||
user ||= build_new_user if signup_enabled?
|
user ||= build_new_user if signup_enabled?
|
||||||
|
|
||||||
user.external = true if external_provider? && user
|
user.external = true if external_provider? && user&.new_record?
|
||||||
|
|
||||||
user
|
user
|
||||||
end
|
end
|
||||||
|
|
|
@ -44,6 +44,18 @@ describe Gitlab::OAuth::User do
|
||||||
|
|
||||||
let(:provider) { 'twitter' }
|
let(:provider) { 'twitter' }
|
||||||
|
|
||||||
|
describe 'when account exists on server' do
|
||||||
|
it 'does not mark the user as external' do
|
||||||
|
create(:omniauth_user, extern_uid: 'my-uid', provider: provider)
|
||||||
|
stub_omniauth_config(allow_single_sign_on: [provider], external_providers: [provider])
|
||||||
|
|
||||||
|
oauth_user.save
|
||||||
|
|
||||||
|
expect(gl_user).to be_valid
|
||||||
|
expect(gl_user.external).to be_falsey
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'signup' do
|
describe 'signup' do
|
||||||
context 'when signup is disabled' do
|
context 'when signup is disabled' do
|
||||||
before do
|
before do
|
||||||
|
@ -51,7 +63,7 @@ describe Gitlab::OAuth::User do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'creates the user' do
|
it 'creates the user' do
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'])
|
stub_omniauth_config(allow_single_sign_on: [provider])
|
||||||
|
|
||||||
oauth_user.save
|
oauth_user.save
|
||||||
|
|
||||||
|
@ -65,7 +77,7 @@ describe Gitlab::OAuth::User do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'creates and confirms the user anyway' do
|
it 'creates and confirms the user anyway' do
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'])
|
stub_omniauth_config(allow_single_sign_on: [provider])
|
||||||
|
|
||||||
oauth_user.save
|
oauth_user.save
|
||||||
|
|
||||||
|
@ -75,7 +87,7 @@ describe Gitlab::OAuth::User do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'marks user as having password_automatically_set' do
|
it 'marks user as having password_automatically_set' do
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter'])
|
stub_omniauth_config(allow_single_sign_on: [provider], external_providers: [provider])
|
||||||
|
|
||||||
oauth_user.save
|
oauth_user.save
|
||||||
|
|
||||||
|
@ -86,7 +98,7 @@ describe Gitlab::OAuth::User do
|
||||||
shared_examples 'to verify compliance with allow_single_sign_on' do
|
shared_examples 'to verify compliance with allow_single_sign_on' do
|
||||||
context 'provider is marked as external' do
|
context 'provider is marked as external' do
|
||||||
it 'marks user as external' do
|
it 'marks user as external' do
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter'])
|
stub_omniauth_config(allow_single_sign_on: [provider], external_providers: [provider])
|
||||||
oauth_user.save
|
oauth_user.save
|
||||||
expect(gl_user).to be_valid
|
expect(gl_user).to be_valid
|
||||||
expect(gl_user.external).to be_truthy
|
expect(gl_user.external).to be_truthy
|
||||||
|
@ -95,8 +107,8 @@ describe Gitlab::OAuth::User do
|
||||||
|
|
||||||
context 'provider was external, now has been removed' do
|
context 'provider was external, now has been removed' do
|
||||||
it 'does not mark external user as internal' do
|
it 'does not mark external user as internal' do
|
||||||
create(:omniauth_user, extern_uid: 'my-uid', provider: 'twitter', external: true)
|
create(:omniauth_user, extern_uid: 'my-uid', provider: provider, external: true)
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['facebook'])
|
stub_omniauth_config(allow_single_sign_on: [provider], external_providers: ['facebook'])
|
||||||
oauth_user.save
|
oauth_user.save
|
||||||
expect(gl_user).to be_valid
|
expect(gl_user).to be_valid
|
||||||
expect(gl_user.external).to be_truthy
|
expect(gl_user.external).to be_truthy
|
||||||
|
@ -118,7 +130,7 @@ describe Gitlab::OAuth::User do
|
||||||
|
|
||||||
context 'with new allow_single_sign_on enabled syntax' do
|
context 'with new allow_single_sign_on enabled syntax' do
|
||||||
before do
|
before do
|
||||||
stub_omniauth_config(allow_single_sign_on: ['twitter'])
|
stub_omniauth_config(allow_single_sign_on: [provider])
|
||||||
end
|
end
|
||||||
|
|
||||||
it "creates a user from Omniauth" do
|
it "creates a user from Omniauth" do
|
||||||
|
@ -127,7 +139,7 @@ describe Gitlab::OAuth::User do
|
||||||
expect(gl_user).to be_valid
|
expect(gl_user).to be_valid
|
||||||
identity = gl_user.identities.first
|
identity = gl_user.identities.first
|
||||||
expect(identity.extern_uid).to eql uid
|
expect(identity.extern_uid).to eql uid
|
||||||
expect(identity.provider).to eql 'twitter'
|
expect(identity.provider).to eql provider
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -142,7 +154,7 @@ describe Gitlab::OAuth::User do
|
||||||
expect(gl_user).to be_valid
|
expect(gl_user).to be_valid
|
||||||
identity = gl_user.identities.first
|
identity = gl_user.identities.first
|
||||||
expect(identity.extern_uid).to eql uid
|
expect(identity.extern_uid).to eql uid
|
||||||
expect(identity.provider).to eql 'twitter'
|
expect(identity.provider).to eql provider
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue