Merge branch 'if-33641-fix_smartcard_param_check_in_user_build' into 'master'

Fix smartcard param check in User::BuildService Closes #33641 See merge request gitlab-org/gitlab!26800

Merge branch 'if-33641-fix_smartcard_param_check_in_user_build' into 'master'
Fix smartcard param check in User::BuildService Closes #33641 See merge request gitlab-org/gitlab!26800
93535f94 · James Fargher · ef2149dd · 2bec0e82 · 93535f94 · 93535f94
Commit 93535f94 authored Mar 10, 2020 by James Fargher
3 changed files
--- a/changelogs/unreleased/33641-fix_smartcard_param_check_in_user_build.yml
+++ b/changelogs/unreleased/33641-fix_smartcard_param_check_in_user_build.yml
+---
+title: Fix user registration when smartcard authentication is enabled
+merge_request: 26800
+author:
+type: fixed
--- a/ee/app/services/ee/users/build_service.rb
+++ b/ee/app/services/ee/users/build_service.rb
@@ -70,7 +70,7 @@ module EE
      def build_smartcard_identity(user, params)
        smartcard_identity_attrs = params.slice(:certificate_subject, :certificate_issuer)
-        if smartcard_identity_attrs.any?
+        unless smartcard_identity_attrs.empty?
          user.smartcard_identities.build(subject: params[:certificate_subject],
                                          issuer: params[:certificate_issuer])
        end

--- a/ee/spec/services/ee/users/build_service_spec.rb
+++ b/ee/spec/services/ee/users/build_service_spec.rb
@@ -28,6 +28,39 @@ describe Users::BuildService do
          end
        end
      end
+      context 'smartcard authentication enabled' do
+        before do
+          allow(Gitlab::Auth::Smartcard).to receive(:enabled?).and_return(true)
+        end
+        context 'smartcard params' do
+          let(:subject) { '/O=Random Corp Ltd/CN=gitlab-user/emailAddress=gitlab-user@random-corp.org' }
+          let(:issuer) { '/O=Random Corp Ltd/CN=Random Corp' }
+          let(:smartcard_identity_params) do
+            { certificate_subject: subject, certificate_issuer: issuer }
+          end
+          before do
+            params.merge!(smartcard_identity_params)
+          end
+          it 'sets smartcard identity attributes' do
+            expect(SmartcardIdentity).to(
+              receive(:new)
+                .with(hash_including(issuer: issuer, subject: subject))
+                .and_call_original)
+            service.execute
+          end
+        end
+        context 'missing smartcard params' do
+          it 'works as expected' do
+            expect { service.execute }.not_to raise_error
+          end
+        end
+      end
    end
  end
 end