Merge branch 'fix_email_downcasing' into 'master'

LDAP email address downcasing Fixes #2960 In the event we cannot match an LDAP user by DN we attempt to find an identity by email address and then update the DN. In this case the identity is matched by email address. If the user's email address in LDAP has an upper case character we cannot find a match in the GitLab database. GitLab downcases emails before the user object is saved. This merge request downcases the email from LDAP before we lookup by email. I also added a test to prevent a regression. See merge request !1550
2015-10-11 22:53:11 +00:00 · 2015-10-11 22:53:11 +00:00 · 42603af326
parent 03b7fe71a5 b7def88c02
commit 42603af326
2 changed files with 22 additions and 1 deletions
--- a/lib/gitlab/ldap/user.rb
+++ b/lib/gitlab/ldap/user.rb
@ -35,7 +35,7 @@ module Gitlab
      end

      def find_by_email
-        ::User.find_by(email: auth_hash.email)
+        ::User.find_by(email: auth_hash.email.downcase)
      end

      def update_user_attributes
--- a/spec/lib/gitlab/ldap/user_spec.rb
+++ b/spec/lib/gitlab/ldap/user_spec.rb
@ -13,6 +13,17 @@ describe Gitlab::LDAP::User do
  let(:auth_hash) do
    OmniAuth::AuthHash.new(uid: 'my-uid', provider: 'ldapmain', info: info)
  end
+  let(:ldap_user_upper_case) { Gitlab::LDAP::User.new(auth_hash_upper_case) }
+  let(:info_upper_case) do
+    {
+      name: 'John',
+      email: 'John@Example.com', # Email address has upper case chars
+      nickname: 'john'
+    }
+  end
+  let(:auth_hash_upper_case) do
+    OmniAuth::AuthHash.new(uid: 'my-uid', provider: 'ldapmain', info: info_upper_case)
+  end

  describe :changed? do
    it "marks existing ldap user as changed" do
@ -57,6 +68,16 @@ describe Gitlab::LDAP::User do
      expect(existing_user.id).to eql ldap_user.gl_user.id
    end

+    it 'connects to existing ldap user if the extern_uid changes and email address has upper case characters' do
+      existing_user = create(:omniauth_user, email: 'john@example.com', extern_uid: 'old-uid', provider: 'ldapmain')
+      expect{ ldap_user_upper_case.save }.not_to change{ User.count }
+
+      existing_user.reload
+      expect(existing_user.ldap_identity.extern_uid).to eql 'my-uid'
+      expect(existing_user.ldap_identity.provider).to eql 'ldapmain'
+      expect(existing_user.id).to eql ldap_user.gl_user.id
+    end
+
    it 'maintains an identity per provider' do
      existing_user = create(:omniauth_user, email: 'john@example.com', provider: 'twitter')
      expect(existing_user.identities.count).to eql(1)