| ... | @@ -7,7 +7,7 @@ class User < ActiveRecord::Base |
... | @@ -7,7 +7,7 @@ class User < ActiveRecord::Base |
|
|
|
|
|
|
|
attr_accessible :email, :password, :password_confirmation, :remember_me, :bio,
|
|
attr_accessible :email, :password, :password_confirmation, :remember_me, :bio,
|
|
|
:name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme,
|
|
:name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme,
|
|
|
:theme_id, :force_random_password
|
|
:theme_id, :force_random_password, :extern_uid, :provider
|
|
|
|
|
|
|
|
attr_accessor :force_random_password
|
|
attr_accessor :force_random_password
|
|
|
|
|
|
| ... | @@ -54,6 +54,8 @@ class User < ActiveRecord::Base |
... | @@ -54,6 +54,8 @@ class User < ActiveRecord::Base |
|
|
|
|
|
|
|
validates :bio, length: { within: 0..255 }
|
|
validates :bio, length: { within: 0..255 }
|
|
|
|
|
|
|
|
|
validates :extern_uid, :allow_blank => true, :uniqueness => {:scope => :provider}
|
|
|
|
|
|
|
before_save :ensure_authentication_token
|
|
before_save :ensure_authentication_token
|
|
|
alias_attribute :private_token, :authentication_token
|
|
alias_attribute :private_token, :authentication_token
|
|
|
|
|
|
| ... | @@ -84,21 +86,31 @@ class User < ActiveRecord::Base |
... | @@ -84,21 +86,31 @@ class User < ActiveRecord::Base |
|
|
where('id NOT IN (SELECT DISTINCT(user_id) FROM users_projects)')
|
|
where('id NOT IN (SELECT DISTINCT(user_id) FROM users_projects)')
|
|
|
end
|
|
end
|
|
|
|
|
|
|
|
def self.find_for_ldap_auth(omniauth_info)
|
|
def self.find_for_ldap_auth(auth, signed_in_resource=nil)
|
|
|
name = omniauth_info.name.force_encoding("utf-8")
|
|
uid = auth.info.uid
|
|
|
email = omniauth_info.email.downcase unless omniauth_info.email.nil?
|
|
provider = auth.provider
|
|
|
raise OmniAuth::Error, "LDAP accounts must provide an email address" if email.nil?
|
|
name = auth.info.name.force_encoding("utf-8")
|
|
|
|
email = auth.info.email.downcase unless auth.info.email.nil?
|
|
|
|
raise OmniAuth::Error, "LDAP accounts must provide an uid and email address" if uid.nil? or email.nil?
|
|
|
|
|
|
|
|
if @user = User.find_by_email(email)
|
|
if @user = User.find_by_extern_uid_and_provider(uid, provider)
|
|
|
|
@user
|
|
|
|
# workaround for backward compatibility
|
|
|
|
elsif @user = User.find_by_email(email)
|
|
|
|
logger.info "Updating legacy LDAP user #{email} with extern_uid => #{uid}"
|
|
|
|
@user.update_attributes(:extern_uid => uid, :provider => provider)
|
|
|
@user
|
|
@user
|
|
|
else
|
|
else
|
|
|
|
logger.info "Creating user from LDAP login {uid => #{uid}, name => #{name}, email => #{email}}"
|
|
|
password = Devise.friendly_token[0, 8].downcase
|
|
password = Devise.friendly_token[0, 8].downcase
|
|
|
@user = User.create(
|
|
@user = User.create(
|
|
|
name: name,
|
|
:extern_uid => uid,
|
|
|
email: email,
|
|
:provider => provider,
|
|
|
password: password,
|
|
:name => name,
|
|
|
password_confirmation: password,
|
|
:email => email,
|
|
|
projects_limit: Gitlab.config.default_projects_limit
|
|
:password => password,
|
|
|
|
:password_confirmation => password,
|
|
|
|
:projects_limit => Gitlab.config.default_projects_limit
|
|
|
)
|
|
)
|
|
|
end
|
|
end
|
|
|
end
|
|
end
|
| ... | |
... | |
| ... | | ... | |