From 0df1cf7fcceee10db1e66ecf99dcd453d9e687a4 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Wed, 4 Sep 2013 00:06:13 +0300
Subject: [PATCH] Inherit Gitlab::LDAP::User from Gitlab::OAuth::User
---
lib/gitlab/ldap/user.rb | 100 +++++++++++++---------------------------
1 file changed, 33 insertions(+), 67 deletions(-)
diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb
index fe4a93f3fe7..c8f3a69376a 100644
--- a/lib/gitlab/ldap/user.rb
+++ b/lib/gitlab/ldap/user.rb
@@ -1,71 +1,49 @@
+require 'gitlab/oauth/user'
+
# LDAP extension for User model
#
# * Find or create user from omniauth.auth data
# * Links LDAP account with existing user
+# * Auth LDAP user with login and password
#
module Gitlab
module LDAP
- class User
+ class User < Gitlab::OAuth::User
class << self
- def find(uid, email)
- # Look for user with ldap provider and same uid
- user = find_by_uid(uid)
- return user if user
-
- # Look for user with same emails
- #
- # Possible cases:
- # * When user already has account and need to link his LDAP account.
- # * LDAP uid changed for user with same email and we need to update his uid
- #
- user = model.find_by_email(email)
-
- if user
- user.update_attributes(extern_uid: uid, provider: 'ldap')
- log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
- end
-
- user
- end
-
- def create(uid, email, name)
- password = Devise.friendly_token[0, 8].downcase
- username = email.match(/^[^@]*/)[0]
-
- opts = {
- extern_uid: uid,
- provider: 'ldap',
- name: name,
- username: username,
- email: email,
- password: password,
- password_confirmation: password,
- }
-
- user = model.new(opts, as: :admin).with_defaults
- user.save!
- log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
-
- user
- end
-
def find_or_create(auth)
- uid, email, name = uid(auth), email(auth), name(auth)
+ @auth = auth
if uid.blank? || email.blank?
raise_error("Account must provide an uid and email address")
end
- user = find(uid, email)
- user = create(uid, email, name) unless user
- user
- end
+ user = find(auth)
+
+ unless user
+ # Look for user with same emails
+ #
+ # Possible cases:
+ # * When user already has account and need to link his LDAP account.
+ # * LDAP uid changed for user with same email and we need to update his uid
+ #
+ user = model.find_by_email(email)
+
+ if user
+ user.update_attributes(extern_uid: uid, provider: provider)
+ log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
+ else
+ # Create a new user inside GitLab database
+ # based on LDAP credentials
+ #
+ #
+ user = create(auth)
+ end
+ end
- def find_by_uid(uid)
- model.ldap.where(extern_uid: uid).last
+ user
end
- def auth(login, password)
+ def authenticate(login, password)
# Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && login.present? && password.present?
@@ -82,30 +60,18 @@ module Gitlab
private
- def uid(auth)
- auth.info.uid
- end
-
- def email(auth)
- auth.info.email.downcase unless auth.info.email.nil?
- end
-
- def name(auth)
- auth.info.name.to_s.force_encoding("utf-8")
+ def find_by_uid(uid)
+ model.where(provider: provider, extern_uid: uid).last
end
- def log
- Gitlab::AppLogger
+ def provider
+ 'ldap'
end
def raise_error(message)
raise OmniAuth::Error, "(LDAP) " + message
end
- def model
- ::User
- end
-
def ldap_conf
Gitlab.config.ldap
end
--
GitLab