kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/lib/gitlab
History
Jacob Vosmaer 614ca3ec65 Remove LDAP::Access#find_user 
This method existed to allow LDAP users to take over existing GitLab
accounts if the part before the '@' of their LDAP email attribute
matched the username of an existing GitLab user. I propose to disable
this behavior in order to prevent unintended GitLab account takeovers.

After this change it is still possible to take over an existing GitLab
account with your LDAP credentials, as long as the GitLab account email
address matches the LDAP user email address.
2014-08-29 15:38:05 +02:00
..
backend Increase import timeout from 2 to 4 minutes 2014-08-11 20:58:39 +03:00
ldap Remove LDAP::Access#find_user 2014-08-29 15:38:05 +02:00
oauth Merge pull request #7141 from PuzzleFlow/uid_should_always_be_string 2014-07-23 20:26:16 +03:00
satellite Always set the origin remote in satellite actions 2014-08-22 14:32:04 +02:00
sidekiq_middleware Log Sidekiq arguments 2014-07-28 16:46:36 +02:00
access.rb Improve admin user show page 2013-08-27 21:39:34 +03:00
app_logger.rb Application logger 2012-09-11 23:24:53 +03:00
auth.rb Remove deprecated finders 2014-01-19 23:39:56 +04:00
blacklist.rb Add 'unsubscribes' to the paths blacklist 2014-08-22 10:25:13 +02:00
closing_issue_extractor.rb Detect closing issues in Merge Request description 2014-06-13 17:25:44 +02:00
compare_result.rb Refactor compare logic for MR. Use satellites only for forks for better performance 2014-07-29 12:11:16 +03:00
config_helper.rb Make app works with strong params 2014-06-26 23:24:17 +03:00
contributors.rb Use Contributor class instead of hash 2014-07-02 15:09:06 +03:00
diff_parser.rb diff unfold 2014-08-14 15:48:14 +04:00
git_access.rb Dont allow git tag rewrite/removal unless you are master 2014-05-30 16:26:45 +03:00
git_logger.rb Application logger 2012-09-11 23:24:53 +03:00
identifier.rb Remove deprecated finders 2014-01-19 23:39:56 +04:00
inline_diff.rb Improve commit diff 2013-09-04 18:15:42 +03:00
issues_labels.rb Refactor label rendering and default label set generation 2014-07-29 22:19:47 +03:00
logger.rb Replace backticks with Gitlab::Popen 2014-03-03 08:40:29 +01:00
markdown.rb Move checking of recepients to a service. 2014-06-23 15:44:49 +02:00
markdown_helper.rb Use readme we support to render if there are multiple readmes 2014-08-11 08:50:56 +02:00
popen.rb Make it possible to call Gitlab::Popen.popen 2014-02-25 11:58:58 +01:00
project_search_results.rb Fix tests 2014-08-27 15:26:35 +03:00
reference_extractor.rb links to issues on main dashboard 2014-05-26 13:24:21 +00:00
regex.rb Dont allow ? in project path 2014-07-08 18:15:23 +03:00
search_results.rb Fix tests 2014-08-27 15:26:35 +03:00
seeder.rb Remove set of thread variables 2014-06-10 17:51:49 +03:00
theme.rb Removed some constant allready defined warnings 2014-07-16 20:12:46 +02:00
upgrader.rb Fix upgrader 2014-03-21 23:08:36 +02:00
url_builder.rb Added an UrlBuilder for building rails named routes 2014-06-13 12:34:15 +02:00
user_access.rb Cache LDAP check in Gitlab::UserAccess 2014-08-06 18:03:01 +02:00
version_info.rb Fix abort gitlab:app:check 2013-06-06 10:10:51 +09:00
visibility_level.rb block visibility level restriction override in controller 2014-08-28 20:33:41 +02:00