debian-mirror-gitlab/lib/gitlab/auth/ldap/user.rb

67 lines
1.7 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
2018-03-27 19:54:05 +05:30
# LDAP extension for User model
#
# * Find or create user from omniauth.auth data
# * Links LDAP account with existing user
# * Auth LDAP user with login and password
#
module Gitlab
module Auth
2020-04-08 14:13:33 +05:30
module Ldap
2018-03-27 19:54:05 +05:30
class User < Gitlab::Auth::OAuth::User
2018-10-15 14:42:47 +05:30
extend ::Gitlab::Utils::Override
2020-04-08 14:13:33 +05:30
prepend_if_ee('::EE::Gitlab::Auth::Ldap::User') # rubocop: disable Cop/InjectEnterpriseEditionModule
2018-10-15 14:42:47 +05:30
2018-03-27 19:54:05 +05:30
class << self
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-03-27 19:54:05 +05:30
def find_by_uid_and_provider(uid, provider)
identity = ::Identity.with_extern_uid(provider, uid).take
identity && identity.user
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2018-03-27 19:54:05 +05:30
end
def save
super('LDAP')
end
# instance methods
def find_user
find_by_uid_and_provider || find_by_email || build_new_user
end
def find_by_uid_and_provider
self.class.find_by_uid_and_provider(auth_hash.uid, auth_hash.provider)
end
2018-10-15 14:42:47 +05:30
override :should_save?
def should_save?
2018-03-27 19:54:05 +05:30
gl_user.changed? || gl_user.identities.any?(&:changed?)
end
def block_after_signup?
ldap_config.block_auto_created_users
end
def allowed?
2020-04-08 14:13:33 +05:30
Gitlab::Auth::Ldap::Access.allowed?(gl_user)
2018-03-27 19:54:05 +05:30
end
2018-10-15 14:42:47 +05:30
def valid_sign_in?
allowed? && super
end
2018-03-27 19:54:05 +05:30
def ldap_config
2020-04-08 14:13:33 +05:30
Gitlab::Auth::Ldap::Config.new(auth_hash.provider)
2018-03-27 19:54:05 +05:30
end
def auth_hash=(auth_hash)
2020-04-08 14:13:33 +05:30
@auth_hash = Gitlab::Auth::Ldap::AuthHash.new(auth_hash)
2018-03-27 19:54:05 +05:30
end
end
end
end
end