Commit 0df1cf7f authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Inherit Gitlab::LDAP::User from Gitlab::OAuth::User

parent b45e9264
require 'gitlab/oauth/user'
# LDAP extension for User model
#
# * Find or create user from omniauth.auth data
# * Links LDAP account with existing user
# * Auth LDAP user with login and password
#
module Gitlab
module LDAP
class User
class User < Gitlab::OAuth::User
class << self
def find(uid, email)
# Look for user with ldap provider and same uid
user = find_by_uid(uid)
return user if user
def find_or_create(auth)
@auth = auth
if uid.blank? || email.blank?
raise_error("Account must provide an uid and email address")
end
user = find(auth)
unless user
# Look for user with same emails
#
# Possible cases:
......@@ -21,51 +29,21 @@ module Gitlab
user = model.find_by_email(email)
if user
user.update_attributes(extern_uid: uid, provider: 'ldap')
user.update_attributes(extern_uid: uid, provider: provider)
log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
else
# Create a new user inside GitLab database
# based on LDAP credentials
#
#
user = create(auth)
end
user
end
def create(uid, email, name)
password = Devise.friendly_token[0, 8].downcase
username = email.match(/^[^@]*/)[0]
opts = {
extern_uid: uid,
provider: 'ldap',
name: name,
username: username,
email: email,
password: password,
password_confirmation: password,
}
user = model.new(opts, as: :admin).with_defaults
user.save!
log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
user
end
def find_or_create(auth)
uid, email, name = uid(auth), email(auth), name(auth)
if uid.blank? || email.blank?
raise_error("Account must provide an uid and email address")
end
user = find(uid, email)
user = create(uid, email, name) unless user
user
end
def find_by_uid(uid)
model.ldap.where(extern_uid: uid).last
end
def auth(login, password)
def authenticate(login, password)
# Check user against LDAP backend if user is not authenticated
# Only check with valid login and password to prevent anonymous bind results
return nil unless ldap_conf.enabled && login.present? && password.present?
......@@ -82,30 +60,18 @@ module Gitlab
private
def uid(auth)
auth.info.uid
end
def email(auth)
auth.info.email.downcase unless auth.info.email.nil?
end
def name(auth)
auth.info.name.to_s.force_encoding("utf-8")
def find_by_uid(uid)
model.where(provider: provider, extern_uid: uid).last
end
def log
Gitlab::AppLogger
def provider
'ldap'
end
def raise_error(message)
raise OmniAuth::Error, "(LDAP) " + message
end
def model
::User
end
def ldap_conf
Gitlab.config.ldap
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment