Does not log failed sign-in attempts when database is in read-only mode

8e51c481 · Douglas Barbosa Alexandre · efd7b57b · 8e51c481 · 8e51c481
Commit 8e51c481 authored May 14, 2018 by Douglas Barbosa Alexandre
Show whitespace changes
Inline Side-by-side

Showing with 17 additions and 0 deletions

app/models/user.rb app/models/user.rb +3 -0

spec/models/user_spec.rb spec/models/user_spec.rb +14 -0

No files found.
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1097,8 +1097,11 @@ class User < ActiveRecord::Base
  #   <https://github.com/plataformatec/devise/blob/v4.0.0/lib/devise/models/lockable.rb#L92>
  #
  def increment_failed_attempts!
+    return if ::Gitlab::Database.read_only?
    self.failed_attempts ||= 0
    self.failed_attempts += 1
    if attempts_exceeded?
      lock_access! unless access_locked?
    else

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -2755,4 +2755,18 @@ describe User do
      it { is_expected.to be_truthy }
    end
  end
+  describe '#increment_failed_attempts!' do
+    subject(:user) { create(:user, failed_attempts: 0) }
+    it 'logs failed sign-in attempts' do
+      expect { user.increment_failed_attempts! }.to change(user, :failed_attempts).from(0).to(1)
+    end
+    it 'does not log failed sign-in attempts when in a GitLab read-only instance' do
+      allow(Gitlab::Database).to receive(:read_only?) { true }
+      expect { user.increment_failed_attempts! }.not_to change(user, :failed_attempts)
+    end
+  end
 end