diff options
author | Rémy Coutable <remy@rymai.me> | 2017-04-25 21:51:36 +0200 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2017-04-25 22:24:30 +0200 |
commit | 4caf0dd07dc12661c4f01834439583bde330275f (patch) | |
tree | 3fbb4635acbbf56effbf03e29031b94f90ec999d | |
parent | cc52dfab92116ca91fda37e07ad9cef21a62ce69 (diff) | |
download | gitlab-ce-31294-fix-oauth-users-do-not-need-to-be-confirmed-master.tar.gz |
Ensures that OAuth/LDAP/SAML users don't need to be confirmed31294-fix-oauth-users-do-not-need-to-be-confirmed-master
Signed-off-by: Rémy Coutable <remy@rymai.me>
-rw-r--r-- | app/services/users/build_service.rb | 8 | ||||
-rw-r--r-- | spec/lib/gitlab/ldap/user_spec.rb | 13 | ||||
-rw-r--r-- | spec/lib/gitlab/o_auth/user_spec.rb | 15 | ||||
-rw-r--r-- | spec/lib/gitlab/saml/user_spec.rb | 13 |
4 files changed, 45 insertions, 4 deletions
diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb index d2a1c161026..05cdea10e96 100644 --- a/app/services/users/build_service.rb +++ b/app/services/users/build_service.rb @@ -9,12 +9,11 @@ module Users def execute(skip_authorization: false) raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user? - user = User.new(build_user_params) + user = User.new(build_user_params(skip_authorization: skip_authorization)) if current_user&.admin? if params[:reset_password] user.generate_reset_token - params[:force_random_password] = true end if params[:force_random_password] @@ -81,7 +80,7 @@ module Users ] end - def build_user_params + def build_user_params(skip_authorization:) if current_user&.admin? user_params = params.slice(*admin_create_params) user_params[:created_by_id] = current_user&.id @@ -91,7 +90,8 @@ module Users end else user_params = params.slice(*signup_params) - user_params[:skip_confirmation] = !current_application_settings.send_user_confirmation_email + user_params[:skip_confirmation] = params[:skip_confirmation] if skip_authorization + user_params[:skip_confirmation] ||= !current_application_settings.send_user_confirmation_email end user_params diff --git a/spec/lib/gitlab/ldap/user_spec.rb b/spec/lib/gitlab/ldap/user_spec.rb index 65a304d1468..f4aab429931 100644 --- a/spec/lib/gitlab/ldap/user_spec.rb +++ b/spec/lib/gitlab/ldap/user_spec.rb @@ -120,6 +120,19 @@ describe Gitlab::LDAP::User, lib: true do expect(gl_user).to be_persisted end end + + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + ldap_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end end describe 'updating email' do diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb index 6d3ac62d9e9..828c953197d 100644 --- a/spec/lib/gitlab/o_auth/user_spec.rb +++ b/spec/lib/gitlab/o_auth/user_spec.rb @@ -54,6 +54,21 @@ describe Gitlab::OAuth::User, lib: true do end end + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + stub_omniauth_config(allow_single_sign_on: ['twitter']) + + oauth_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end + it 'marks user as having password_automatically_set' do stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter']) diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb index b3b76a6d629..b106d156b75 100644 --- a/spec/lib/gitlab/saml/user_spec.rb +++ b/spec/lib/gitlab/saml/user_spec.rb @@ -223,6 +223,19 @@ describe Gitlab::Saml::User, lib: true do expect(gl_user).to be_persisted end end + + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + saml_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end end describe 'blocking' do |