54 lines
1.5 KiB
Ruby
54 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Identity < ApplicationRecord
|
|
include Sortable
|
|
include CaseSensitivity
|
|
|
|
belongs_to :user
|
|
|
|
validates :provider, presence: true
|
|
validates :extern_uid, allow_blank: true, uniqueness: { scope: UniquenessScopes.scopes, case_sensitive: false }
|
|
validates :user, uniqueness: { scope: UniquenessScopes.scopes }
|
|
|
|
before_save :ensure_normalized_extern_uid, if: :extern_uid_changed?
|
|
after_destroy :clear_user_synced_attributes, if: :user_synced_attributes_metadata_from_provider?
|
|
|
|
scope :for_user, ->(user) { where(user: user) }
|
|
scope :with_provider, ->(provider) { where(provider: provider) }
|
|
scope :with_extern_uid, ->(provider, extern_uid) do
|
|
iwhere(extern_uid: normalize_uid(provider, extern_uid)).with_provider(provider)
|
|
end
|
|
scope :with_any_extern_uid, ->(provider) do
|
|
where.not(extern_uid: nil).with_provider(provider)
|
|
end
|
|
|
|
def ldap?
|
|
Gitlab::Auth::OAuth::Provider.ldap_provider?(provider)
|
|
end
|
|
|
|
def self.normalize_uid(provider, uid)
|
|
if Gitlab::Auth::OAuth::Provider.ldap_provider?(provider)
|
|
Gitlab::Auth::Ldap::Person.normalize_dn(uid)
|
|
else
|
|
uid.to_s
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def ensure_normalized_extern_uid
|
|
return if extern_uid.nil?
|
|
|
|
self.extern_uid = Identity.normalize_uid(self.provider, self.extern_uid)
|
|
end
|
|
|
|
def user_synced_attributes_metadata_from_provider?
|
|
user.user_synced_attributes_metadata&.provider == provider
|
|
end
|
|
|
|
def clear_user_synced_attributes
|
|
user.user_synced_attributes_metadata&.destroy
|
|
end
|
|
end
|
|
|
|
Identity.prepend_mod_with('Identity')
|