Do not allow password reset for ldap user.

a740e2d6 · Marin Jankovski · 8fa53ce4 · a740e2d6 · a740e2d6
Commit a740e2d6 authored Mar 18, 2014 by Marin Jankovski
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 1 deletion

app/controllers/passwords_controller.rb app/controllers/passwords_controller.rb +18 -0

config/routes.rb config/routes.rb +1 -1

No files found.
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
+class PasswordsController < Devise::PasswordsController
+
+  def create
+    email = resource_params[:email]
+    resource_found = resource_class.find_by_email(email)
+    if resource_found && resource_found.ldap_user?
+      flash[:alert] = "Cannot reset password for LDAP user."
+      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name)) and return
+    end
+
+    self.resource = resource_class.send_reset_password_instructions(resource_params)
+    if successfully_sent?(resource)
+      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name))
+    else
+      respond_with(resource)
+    end
+  end
+end
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -167,7 +167,7 @@ Gitlab::Application.routes.draw do

  resources :projects, constraints: { id: /[^\/]+/ }, only: [:new, :create]

-  devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations }
+  devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations , passwords: :passwords}

  #
  # Project Area