Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
66968268
Commit
66968268
authored
Jul 30, 2014
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move LDAP timeout code to Gitlab::LDAP::Access
parent
68a9203b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
23 additions
and
16 deletions
+23
-16
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+4
-9
app/controllers/omniauth_callbacks_controller.rb
app/controllers/omniauth_callbacks_controller.rb
+6
-7
lib/gitlab/ldap/access.rb
lib/gitlab/ldap/access.rb
+13
-0
No files found.
app/controllers/application_controller.rb
View file @
66968268
...
@@ -201,15 +201,10 @@ class ApplicationController < ActionController::Base
...
@@ -201,15 +201,10 @@ class ApplicationController < ActionController::Base
def
ldap_security_check
def
ldap_security_check
if
current_user
&&
current_user
.
requires_ldap_check?
if
current_user
&&
current_user
.
requires_ldap_check?
gitlab_ldap_access
do
|
access
|
unless
Gitlab
::
LDAP
::
Access
.
allowed?
(
current_user
)
if
access
.
allowed?
(
current_user
)
sign_out
current_user
current_user
.
last_credential_check_at
=
Time
.
now
flash
[
:alert
]
=
"Access denied for your LDAP account."
current_user
.
save
redirect_to
new_user_session_path
else
sign_out
current_user
flash
[
:alert
]
=
"Access denied for your LDAP account."
redirect_to
new_user_session_path
end
end
end
end
end
end
end
...
...
app/controllers/omniauth_callbacks_controller.rb
View file @
66968268
...
@@ -21,13 +21,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
...
@@ -21,13 +21,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
@user
=
Gitlab
::
LDAP
::
User
.
find_or_create
(
oauth
)
@user
=
Gitlab
::
LDAP
::
User
.
find_or_create
(
oauth
)
@user
.
remember_me
=
true
if
@user
.
persisted?
@user
.
remember_me
=
true
if
@user
.
persisted?
gitlab_ldap_access
do
|
access
|
# Do additional LDAP checks for the user filter and EE features
if
access
.
allowed?
(
@user
)
if
Gitlab
::
LDAP
::
Access
.
allowed?
(
@user
)
sign_in_and_redirect
(
@user
)
sign_in_and_redirect
(
@user
)
else
else
flash
[
:alert
]
=
"Access denied for your LDAP account."
flash
[
:alert
]
=
"Access denied for your LDAP account."
redirect_to
new_user_session_path
redirect_to
new_user_session_path
end
end
end
end
end
...
...
lib/gitlab/ldap/access.rb
View file @
66968268
...
@@ -9,6 +9,19 @@ module Gitlab
...
@@ -9,6 +9,19 @@ module Gitlab
end
end
end
end
def
self
.
allowed?
(
user
)
self
.
open
do
|
access
|
if
access
.
allowed?
(
user
)
# GitLab EE LDAP code goes here
user
.
last_credential_check_at
=
Time
.
now
user
.
save
true
else
false
end
end
end
def
initialize
(
adapter
=
nil
)
def
initialize
(
adapter
=
nil
)
@adapter
=
adapter
@adapter
=
adapter
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment