Allow users that signed up via OAuth to set their password in order to use Git over HTTP(S).

2015-02-13 13:33:28 +01:00 · 2015-02-13 13:33:28 +01:00 · 25e44d0530
commit 25e44d0530
parent 529188e478
17 changed files with 99 additions and 46 deletions
--- a/1
+++ b/1
@ -50,6 +50,7 @@ v 7.8.0 (unreleased)
  - Prevent losing unsaved comments by automatically restoring them when comment page is loaded again.
  - Don't allow page to be scaled on mobile.
  - Clean the username acquired from OAuth/LDAP so it doesn't fail username validation and block signing up.
  - Allow users that signed up via OAuth to set their password in order to use Git over HTTP(S).
 v 7.7.2
  - Update GitLab Shell to version 2.4.2 that fixes a bug when developers can push to protected branch
--- a/app/assets/javascripts/project.js.coffee
+++ b/app/assets/javascripts/project.js.coffee
@ -16,5 +16,11 @@ class @Project
    $('.hide-no-ssh-message').on 'click', (e) ->
      path = '/'
      $.cookie('hide_no_ssh_message', 'false', { path: path })
-      $(@).parents('.no-ssh-key-message').hide()
+      $(@).parents('.no-ssh-key-message').remove()
      e.preventDefault()
    $('.hide-no-password-message').on 'click', (e) ->
      path = '/'
      $.cookie('hide_no_password_message', 'false', { path: path })
      $(@).parents('.no-password-message').remove()
      e.preventDefault()
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@ -121,7 +121,7 @@ class Admin::UsersController < Admin::ApplicationController
    params.require(:user).permit(
      :email, :remember_me, :bio, :name, :username,
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password,
-      :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key,
+      :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password,
      :projects_limit, :can_create_group, :admin, :key_id
    )
  end
--- a/app/controllers/profiles/passwords_controller.rb
+++ b/app/controllers/profiles/passwords_controller.rb
@ -11,7 +11,7 @@ class Profiles::PasswordsController < ApplicationController
  end
  def create
-    unless @user.valid_password?(user_params[:current_password])
+    unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password])
      redirect_to new_profile_password_path, alert: 'You must provide a valid current password'
      return
    end
@ -21,7 +21,8 @@ class Profiles::PasswordsController < ApplicationController
    result = @user.update_attributes(
      password: new_password,
-      password_confirmation: new_password_confirmation
+      password_confirmation: new_password_confirmation,
      password_automatically_set: false
    )
    if result
@ -39,8 +40,9 @@ class Profiles::PasswordsController < ApplicationController
    password_attributes = user_params.select do |key, value|
      %w(password password_confirmation).include?(key.to_s)
    end
    password_attributes[:password_automatically_set] = false
-    unless @user.valid_password?(user_params[:current_password])
+    unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password])
      redirect_to edit_profile_password_path, alert: 'You must provide a valid current password'
      return
    end
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@ -67,7 +67,7 @@ class ProfilesController < ApplicationController
    params.require(:user).permit(
      :email, :password, :password_confirmation, :bio, :name, :username,
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id,
-      :avatar, :hide_no_ssh_key,
+      :avatar, :hide_no_ssh_key, :hide_no_password
    )
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -40,6 +40,7 @@
 #  confirmation_sent_at     :datetime
 #  unconfirmed_email        :string(255)
 #  hide_no_ssh_key          :boolean          default(FALSE)
 #  hide_no_password         :boolean          default(FALSE)
 #  website_url              :string(255)      default(""), not null
 #  last_credential_check_at :datetime
 #  github_access_token      :string(255)
@ -60,6 +61,7 @@ class User < ActiveRecord::Base
  default_value_for :can_create_group, gitlab_config.default_can_create_group
  default_value_for :can_create_team, false
  default_value_for :hide_no_ssh_key, false
  default_value_for :hide_no_password, false
  default_value_for :projects_limit, current_application_settings.default_projects_limit
  default_value_for :theme_id, gitlab_config.default_theme
--- a/app/views/profiles/passwords/edit.html.haml
+++ b/app/views/profiles/passwords/edit.html.haml
@ -1,11 +1,15 @@
 %h3.page-title Password
 %p.light
  - if @user.password_automatically_set?
    Set your password.
  - else
    Change your password or recover your current one.
 %hr
 .update-password
  = form_for @user, url: profile_password_path, method: :put, html: { class: 'form-horizontal' }  do |f|
    %div
      %p.slead
        - unless @user.password_automatically_set?
          You must provide current password in order to change it.
          %br
        After a successful password update you will be redirected to login page where you should login with your new password
@ -14,6 +18,7 @@
          %ul
            - @user.errors.full_messages.each do |msg|
              %li= msg
      - unless @user.password_automatically_set?
        .form-group
          = f.label :current_password, class: 'control-label'
          .col-sm-10
--- a/app/views/profiles/passwords/new.html.haml
+++ b/app/views/profiles/passwords/new.html.haml
@ -11,6 +11,7 @@
        - @user.errors.full_messages.each do |msg|
          %li= msg
  - unless @user.password_automatically_set?
    .form-group
      = f.label :current_password, class: 'control-label'
      .col-sm-10= f.password_field :current_password, required: true, class: 'form-control'
--- a/app/views/projects/empty.html.haml
+++ b/app/views/projects/empty.html.haml
@ -1,5 +1,6 @@
 - if current_user && can?(current_user, :download_code, @project)
  = render 'shared/no_ssh'
  = render 'shared/no_password'
 = render "home_panel"
--- a/app/views/projects/show.html.haml
+++ b/app/views/projects/show.html.haml
@ -1,5 +1,6 @@
 - if current_user && can?(current_user, :download_code, @project)
  = render 'shared/no_ssh'
  = render 'shared/no_password'
 = render "home_panel"
--- a/app/views/shared/_clone_panel.html.haml
+++ b/app/views/shared/_clone_panel.html.haml
@ -1,8 +1,20 @@
 - project = project || @project
 .git-clone-holder.input-group
  .input-group-btn
-    %button{class: "btn #{ 'active' if default_clone_protocol == 'ssh' }", :"data-clone" => project.ssh_url_to_repo} SSH
+    %button{ |
-    %button{class: "btn #{ 'active' if default_clone_protocol == 'http' }", :"data-clone" => project.http_url_to_repo}= gitlab_config.protocol.upcase
+      class: "btn #{ 'active' if default_clone_protocol == 'ssh' }#{ ' has_tooltip' if current_user && current_user.require_ssh_key? }", |
      :"data-clone" => project.ssh_url_to_repo, |
      :"data-title" => "Add an SSH key to your profile<br> to pull or push via SSH",
      :"data-html" => "true",
      :"data-container" => "body"}
      SSH
    %button{ |
      class: "btn #{ 'active' if default_clone_protocol == 'http' }#{ ' has_tooltip' if current_user && current_user.password_automatically_set? }", |
      :"data-clone" => project.http_url_to_repo, |
      :"data-title" => "Set a password on your account<br> to pull or push via #{gitlab_config.protocol.upcase}",
      :"data-html" => "true",
      :"data-container" => "body"}
      = gitlab_config.protocol.upcase
  = text_field_tag :project_clone, default_url_to_repo(project), class: "one_click_select form-control", readonly: true
  - if project.kind_of?(Project)
    .input-group-addon
--- a/app/views/shared/_no_password.html.haml
+++ b/app/views/shared/_no_password.html.haml
@ -0,0 +1,8 @@
 - if cookies[:hide_no_password_message].blank? && !current_user.hide_no_password && current_user.password_automatically_set?
  .no-password-message.alert.alert-warning.hidden-xs
    You won't be able to pull or push project code via #{gitlab_config.protocol.upcase} until you #{link_to 'set a password', edit_profile_password_path} on your account
    .pull-right
      = link_to "Don't show again", profile_path(user: {hide_no_password: true}), method: :put
      |
      = link_to 'Remind later', '#', class: 'hide-no-password-message'
--- a/app/views/shared/_no_ssh.html.haml
+++ b/app/views/shared/_no_ssh.html.haml
@ -1,4 +1,4 @@
- if cookies[:hide_no_ssh_message].blank? && current_user.require_ssh_key? && !current_user.hide_no_ssh_key
+- if cookies[:hide_no_ssh_message].blank? && !current_user.hide_no_ssh_key && current_user.require_ssh_key?
  .no-ssh-key-message.alert.alert-warning.hidden-xs
    You won't be able to pull or push project code via SSH until you #{link_to 'add an SSH key', new_profile_key_path} to your profile
--- a/db/migrate/20150213114800_add_hide_no_password_to_user.rb
+++ b/db/migrate/20150213114800_add_hide_no_password_to_user.rb
@ -0,0 +1,5 @@
 class AddHideNoPasswordToUser < ActiveRecord::Migration
  def change
    add_column :users, :hide_no_password, :boolean, default: false
  end
 end
--- a/db/migrate/20150213121042_add_password_automatically_set_to_user.rb
+++ b/db/migrate/20150213121042_add_password_automatically_set_to_user.rb
@ -0,0 +1,5 @@
 class AddPasswordAutomaticallySetToUser < ActiveRecord::Migration
  def change
    add_column :users, :password_automatically_set, :boolean, default: false
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20150211174341) do
+ActiveRecord::Schema.define(version: 20150213121042) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@ -26,6 +26,7 @@ ActiveRecord::Schema.define(version: 20150211174341) do
    t.datetime "updated_at"
    t.string   "home_page_url"
    t.integer  "default_branch_protection", default: 2
    t.boolean  "twitter_sharing_enabled",   default: true
  end
  create_table "broadcast_messages", force: true do |t|
@ -333,10 +334,10 @@ ActiveRecord::Schema.define(version: 20150211174341) do
    t.string   "import_url"
    t.integer  "visibility_level",       default: 0,        null: false
    t.boolean  "archived",               default: false,    null: false
    t.string   "avatar"
    t.string   "import_status"
    t.float    "repository_size",        default: 0.0
    t.integer  "star_count",             default: 0,        null: false
    t.string   "avatar"
    t.string   "import_type"
    t.string   "import_source"
  end
@ -440,6 +441,7 @@ ActiveRecord::Schema.define(version: 20150211174341) do
    t.integer  "notification_level",         default: 1,     null: false
    t.datetime "password_expires_at"
    t.integer  "created_by_id"
    t.datetime "last_credential_check_at"
    t.string   "avatar"
    t.string   "confirmation_token"
    t.datetime "confirmed_at"
@ -447,10 +449,11 @@ ActiveRecord::Schema.define(version: 20150211174341) do
    t.string   "unconfirmed_email"
    t.boolean  "hide_no_ssh_key",            default: false
    t.string   "website_url",                default: "",    null: false
    t.datetime "last_credential_check_at"
    t.string   "github_access_token"
    t.string   "gitlab_access_token"
    t.string   "notification_email"
    t.boolean  "hide_no_password",           default: false
    t.boolean  "password_automatically_set", default: false
  end
  add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
--- a/lib/gitlab/oauth/user.rb
+++ b/lib/gitlab/oauth/user.rb
@ -89,7 +89,8 @@ module Gitlab
          username:                   ::User.clean_username(auth_hash.username),
          email:                      auth_hash.email,
          password:                   auth_hash.password,
-          password_confirmation:  auth_hash.password
+          password_confirmation:      auth_hash.password,
          password_automatically_set: true
        }
      end