Skip to content
Snippets Groups Projects
Normal view Permalink
access.rb 929 B
Newer Older
  • Learn to ignore specific revisions
    • Dmitriy Zaporozhets's avatar
    Port LDAP code from EE
    Dmitriy Zaporozhets committed
    1 2 3 
    module Gitlab
  module LDAP
    class Access
    Jacob Vosmaer's avatar
    Add Gitlab::LDAP::Access.open  
    Jacob Vosmaer committed
    4 5 6 7 8 9 10 11 
          attr_reader :adapter

      def self.open(&block)
        Gitlab::LDAP::Adapter.open do |adapter|
          block.call(self.new(adapter))
        end
      end
    Jacob Vosmaer's avatar
    Move LDAP timeout code to Gitlab::LDAP::Access  
    Jacob Vosmaer committed
    12 13 14 15 16 17 18 19 20 21 22 23 24 
          def self.allowed?(user)
        self.open do |access|
          if access.allowed?(user)
            # GitLab EE LDAP code goes here
            user.last_credential_check_at = Time.now
            user.save
            true
          else
            false
          end
        end
      end
    Jacob Vosmaer's avatar
    Add Gitlab::LDAP::Access.open  
    Jacob Vosmaer committed
    25 26 27 28 
          def initialize(adapter=nil)
        @adapter = adapter
      end
    Dmitriy Zaporozhets's avatar
    Port LDAP code from EE
    Dmitriy Zaporozhets committed
    29 
          def allowed?(user)
    Jacob Vosmaer's avatar
    Check for the AD disabled flag in Access#allowed?  
    Jacob Vosmaer committed
    30 
            if Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter)
    Marin Jankovski's avatar
    Add option to gitlab config to specify if LDAP server is active directory.  
    Marin Jankovski committed
    31 32 33 
              if Gitlab.config.ldap.active_directory
            !Gitlab::LDAP::Person.disabled_via_active_directory?(user.extern_uid, adapter)
          end
    Jacob Vosmaer's avatar
    Check for the AD disabled flag in Access#allowed?  
    Jacob Vosmaer committed
    34 35 36 
            else
          false
        end
    Dmitriy Zaporozhets's avatar
    Port LDAP code from EE
    Dmitriy Zaporozhets committed
    37 38 39 40 41 42 
          rescue
        false
      end
    end
  end
end