Merge branch 'ldap-unblock-user' into 'master'

Unblock user if they were unblocked in AD.

Fixes problem with !1687.

See merge request !1694

3 files changed, 12 insertions, 1 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 5ccedcbc8c5..4f8717174d9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -65,6 +65,7 @@ v 7.9.0 (unreleased)
   - Fix import pages not working after first load.
   - Use custom LDAP label in LDAP signin form.
   - Execute hooks and services when branch or tag is created or deleted through web interface.
+  - Block and unblock user if he/she was blocked/unblocked in Active Directory
 
 v 7.8.4
   - Fix issue_tracker_id substitution in custom issue trackers
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb
index 6e30724e1f7..960fb3849b4 100644
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -40,6 +40,7 @@ module Gitlab
             user.block unless user.blocked?
             false
           else
+            user.activate if user.blocked?
             true
           end
         else
diff --git a/spec/lib/gitlab/ldap/access_spec.rb b/spec/lib/gitlab/ldap/access_spec.rb
index 39d46efcbc3..707a0521ab3 100644
--- a/spec/lib/gitlab/ldap/access_spec.rb
+++ b/spec/lib/gitlab/ldap/access_spec.rb
@@ -28,9 +28,18 @@ describe Gitlab::LDAP::Access do
       end
 
       context 'and has no disabled flag in active diretory' do
-        before { Gitlab::LDAP::Person.stub(disabled_via_active_directory?: false) }
+        before do
+          user.block
+          
+          Gitlab::LDAP::Person.stub(disabled_via_active_directory?: false)
+        end
 
         it { is_expected.to be_truthy }
+
+        it "should unblock user in GitLab" do
+          access.allowed?
+          user.should_not be_blocked
+        end
       end
 
       context 'without ActiveDirectory enabled' do