Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
5f66d1de
Commit
5f66d1de
authored
Jul 27, 2018
by
Grzegorz Bizon
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improve specs for blocked user tracker class
parent
2ead2b97
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
43 additions
and
29 deletions
+43
-29
lib/gitlab/auth/blocked_user_tracker.rb
lib/gitlab/auth/blocked_user_tracker.rb
+22
-19
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
+21
-10
No files found.
lib/gitlab/auth/blocked_user_tracker.rb
View file @
5f66d1de
...
...
@@ -10,21 +10,8 @@ module Gitlab
@env
=
env
end
##
# Devise calls User#active_for_authentication? on the User model and then
# throws an exception to Warden with User#inactive_message:
# https://github.com/plataformatec/devise/blob/v4.2.1/lib/devise/hooks/activatable.rb#L8
#
# Since Warden doesn't pass the user record to the failure handler, we
# need to do a database lookup with the username. We can limit the
# lookups to happen when the user was blocked by checking the inactive
# message passed along by Warden.
#
def
has_user_blocked_message?
strong_memoize
(
:user_blocked_message
)
do
message
=
@env
.
dig
(
'warden.options'
,
:message
)
message
==
User
::
BLOCKED_MESSAGE
end
def
user_blocked?
user
&
.
blocked?
end
def
user
...
...
@@ -37,10 +24,7 @@ module Gitlab
User
.
by_login
(
login
)
if
login
.
present?
end
end
def
user_blocked?
user
&
.
blocked?
rescue
TypeError
end
def
log_blocked_user_activity!
...
...
@@ -51,6 +35,25 @@ module Gitlab
true
rescue
TypeError
end
private
##
# Devise calls User#active_for_authentication? on the User model and then
# throws an exception to Warden with User#inactive_message:
# https://github.com/plataformatec/devise/blob/v4.2.1/lib/devise/hooks/activatable.rb#L8
#
# Since Warden doesn't pass the user record to the failure handler, we
# need to do a database lookup with the username. We can limit the
# lookups to happen when the user was blocked by checking the inactive
# message passed along by Warden.
#
def
has_user_blocked_message?
strong_memoize
(
:user_blocked_message
)
do
message
=
@env
.
dig
(
'warden.options'
,
:message
)
message
==
User
::
BLOCKED_MESSAGE
end
end
end
end
end
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
View file @
5f66d1de
...
...
@@ -3,26 +3,30 @@ require 'spec_helper'
describe
Gitlab
::
Auth
::
BlockedUserTracker
do
set
(
:user
)
{
create
(
:user
)
}
# TODO, add more specs
describe
'#log_blocked_user_activity!'
do
it
'does not log if user failed to login due to undefined reason'
do
expect_any_instance_of
(
SystemHooksService
).
not_to
receive
(
:execute_hooks_for
)
expect
(
described_class
.
new
({}).
log_blocked_user_activity!
).
to
be_nil
tracker
=
described_class
.
new
({})
expect
(
tracker
.
user
).
to
be_nil
expect
(
tracker
.
user_blocked?
).
to
be_falsey
expect
(
tracker
.
log_blocked_user_activity!
).
to
be_nil
end
it
'gracefully handles malformed environment variables'
do
env
=
{
'warden.options'
=>
'test'
}
tracker
=
described_class
.
new
({
'warden.options'
=>
'test'
})
expect
(
described_class
.
new
(
env
).
log_blocked_user_activity!
).
to
be_nil
expect
(
tracker
.
user
).
to
be_nil
expect
(
tracker
.
user_blocked?
).
to
be_falsey
expect
(
tracker
.
log_blocked_user_activity!
).
to
be_nil
end
context
'failed login due to blocked user'
do
let
(
:base_env
)
{
{
'warden.options'
=>
{
message:
User
::
BLOCKED_MESSAGE
}
}
}
let
(
:env
)
{
base_env
.
merge
(
request_env
)
}
subject
{
described_class
.
new
(
env
)
.
log_blocked_user_activity!
}
subject
{
described_class
.
new
(
env
)
}
before
do
expect_any_instance_of
(
SystemHooksService
).
to
receive
(
:execute_hooks_for
).
with
(
user
,
:failed_login
)
...
...
@@ -34,14 +38,17 @@ describe Gitlab::Auth::BlockedUserTracker do
it
'logs a blocked user'
do
user
.
block!
expect
(
subject
).
to
be_truthy
expect
(
subject
.
user
).
to
be_blocked
expect
(
subject
.
user_blocked?
).
to
be
true
expect
(
subject
.
log_blocked_user_activity!
).
to
be_truthy
end
it
'logs a blocked user by e-mail'
do
user
.
block!
env
[
described_class
::
ACTIVE_RECORD_REQUEST_PARAMS
][
'user'
][
'login'
]
=
user
.
email
expect
(
subject
).
to
be_truthy
expect
(
subject
.
user
).
to
be_blocked
expect
(
subject
.
log_blocked_user_activity!
).
to
be_truthy
end
end
...
...
@@ -51,13 +58,17 @@ describe Gitlab::Auth::BlockedUserTracker do
it
'logs a blocked user'
do
user
.
block!
expect
(
subject
).
to
be_truthy
expect
(
subject
.
user
).
to
be_blocked
expect
(
subject
.
user_blocked?
).
to
be
true
expect
(
subject
.
log_blocked_user_activity!
).
to
be_truthy
end
it
'logs a LDAP blocked user'
do
user
.
ldap_block!
expect
(
subject
).
to
be_truthy
expect
(
subject
.
user
).
to
be_blocked
expect
(
subject
.
user_blocked?
).
to
be
true
expect
(
subject
.
log_blocked_user_activity!
).
to
be_truthy
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment