Add regressiontest to verify allow_single_sign_on setting
verification for #1677 Since testing omniauth_callback_controller.rb is very difficult, the logic is moved to the models
This commit is contained in:
parent
fad588f2be
commit
d9bfebc0e8
|
@ -49,22 +49,19 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|||
redirect_to profile_path
|
||||
else
|
||||
@user = Gitlab::OAuth::User.new(oauth)
|
||||
|
||||
if Gitlab.config.omniauth['allow_single_sign_on'] && @user.new?
|
||||
@user.save
|
||||
end
|
||||
@user.save
|
||||
|
||||
# Only allow properly saved users to login.
|
||||
if @user.persisted? && @user.valid?
|
||||
sign_in_and_redirect(@user.gl_user)
|
||||
elsif @user.gl_user.errors.any?
|
||||
else @user.gl_user.errors.any?
|
||||
error_message = @user.gl_user.errors.map{ |attribute, message| "#{attribute} #{message}" }.join(", ")
|
||||
redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return
|
||||
else
|
||||
flash[:notice] = "There's no such user!"
|
||||
redirect_to new_user_session_path
|
||||
end
|
||||
end
|
||||
rescue StandardError
|
||||
flash[:notice] = "There's no such user!"
|
||||
redirect_to new_user_session_path
|
||||
end
|
||||
|
||||
def oauth
|
||||
|
|
|
@ -13,7 +13,7 @@ module Gitlab
|
|||
end
|
||||
|
||||
def persisted?
|
||||
gl_user.persisted?
|
||||
gl_user.try(:persisted?)
|
||||
end
|
||||
|
||||
def new?
|
||||
|
@ -21,10 +21,12 @@ module Gitlab
|
|||
end
|
||||
|
||||
def valid?
|
||||
gl_user.valid?
|
||||
gl_user.try(:valid?)
|
||||
end
|
||||
|
||||
def save
|
||||
unauthorized_to_create unless gl_user
|
||||
|
||||
gl_user.save!
|
||||
log.info "(OAuth) saving user #{auth_hash.email} from login with extern_uid => #{auth_hash.uid}"
|
||||
gl_user.block if needs_blocking?
|
||||
|
@ -36,7 +38,12 @@ module Gitlab
|
|||
end
|
||||
|
||||
def gl_user
|
||||
@user ||= find_by_uid_and_provider || build_new_user
|
||||
@user ||= find_by_uid_and_provider
|
||||
|
||||
if Gitlab.config.omniauth.allow_single_sign_on
|
||||
@user ||= build_new_user
|
||||
end
|
||||
@user
|
||||
end
|
||||
|
||||
protected
|
||||
|
@ -77,6 +84,10 @@ module Gitlab
|
|||
def model
|
||||
::User
|
||||
end
|
||||
|
||||
def raise_unauthorized_to_create
|
||||
raise StandardError.new("Unauthorized to create user, signup disabled for #{auth_hash.provider}")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -31,17 +31,8 @@ describe Gitlab::OAuth::User do
|
|||
describe :save do
|
||||
let(:provider) { 'twitter' }
|
||||
|
||||
it "creates a user from Omniauth" do
|
||||
oauth_user.save
|
||||
|
||||
expect(gl_user).to be_valid
|
||||
expect(gl_user.extern_uid).to eql uid
|
||||
expect(gl_user.provider).to eql 'twitter'
|
||||
end
|
||||
end
|
||||
|
||||
context "twitter" do
|
||||
let(:provider) { 'twitter' }
|
||||
context "with allow_single_sign_on enabled" do
|
||||
before { Gitlab.config.omniauth.stub allow_single_sign_on: true }
|
||||
|
||||
it "creates a user from Omniauth" do
|
||||
oauth_user.save
|
||||
|
@ -51,5 +42,11 @@ describe Gitlab::OAuth::User do
|
|||
expect(gl_user.provider).to eql 'twitter'
|
||||
end
|
||||
end
|
||||
|
||||
context "with allow_single_sign_on disabled (Default)" do
|
||||
it "throws an error" do
|
||||
expect{ oauth_user.save }.to raise_error StandardError
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue