summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJacob Vosmaer <jacob@gitlab.com>2016-06-10 14:51:16 +0200
committerJacob Vosmaer <jacob@gitlab.com>2016-06-10 14:51:16 +0200
commit0e896ffe4eebb8bcf04bc1327d498bb041faed56 (patch)
tree78a0e64cba51421b5164c7479099a9b2a0c13790
parentcfc99bbd1390bc548a703fdc7857c7db5b0e7c13 (diff)
downloadgitlab-ce-0e896ffe4eebb8bcf04bc1327d498bb041faed56.tar.gz
Improve Gitlab::Auth method names
Auth.find was a very generic name for a very specific method. Auth.find_in_gitlab_or_ldap was inaccurate in GitLab EE where it also looks in Kerberos.
-rw-r--r--app/controllers/jwt_controller.rb2
-rw-r--r--app/controllers/projects/git_http_controller.rb2
-rw-r--r--config/initializers/doorkeeper.rb2
-rw-r--r--lib/api/session.rb2
-rw-r--r--lib/gitlab/auth.rb6
-rw-r--r--lib/gitlab/backend/grack_auth.rb2
-rw-r--r--spec/lib/gitlab/auth_spec.rb16
-rw-r--r--spec/requests/jwt_controller_spec.rb2
8 files changed, 17 insertions, 17 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 131a16dad9b..014b9b43ff2 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -42,7 +42,7 @@ class JwtController < ApplicationController
end
def authenticate_user(login, password)
- user = Gitlab::Auth.find_in_gitlab_or_ldap(login, password)
+ user = Gitlab::Auth.find_with_user_password(login, password)
Gitlab::Auth.rate_limit!(request.ip, success: user.present?, login: login)
user
end
diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index 348d6cf4d96..f907d63258b 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -43,7 +43,7 @@ class Projects::GitHttpController < Projects::ApplicationController
return if project && project.public? && upload_pack?
authenticate_or_request_with_http_basic do |login, password|
- auth_result = Gitlab::Auth.find(login, password, project: project, ip: request.ip)
+ auth_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
if auth_result.type == :ci && upload_pack?
@ci = true
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 8dc8e270afc..618dba74151 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,7 +12,7 @@ Doorkeeper.configure do
end
resource_owner_from_credentials do |routes|
- Gitlab::Auth.find_in_gitlab_or_ldap(params[:username], params[:password])
+ Gitlab::Auth.find_with_user_password(params[:username], params[:password])
end
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
diff --git a/lib/api/session.rb b/lib/api/session.rb
index 56e69b2366f..56c202f1294 100644
--- a/lib/api/session.rb
+++ b/lib/api/session.rb
@@ -11,7 +11,7 @@ module API
# Example Request:
# POST /session
post "/session" do
- user = Gitlab::Auth.find_in_gitlab_or_ldap(params[:email] || params[:login], params[:password])
+ user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password])
return unauthorized! unless user
present user, with: Entities::UserLogin
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 076e2af7d38..db1704af75e 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -3,14 +3,14 @@ module Gitlab
Result = Struct.new(:user, :type)
class << self
- def find(login, password, project:, ip:)
+ def find_for_git_client(login, password, project:, ip:)
raise "Must provide an IP for rate limiting" if ip.nil?
result = Result.new
if valid_ci_request?(login, password, project)
result.type = :ci
- elsif result.user = find_in_gitlab_or_ldap(login, password)
+ elsif result.user = find_with_user_password(login, password)
result.type = :gitlab_or_ldap
elsif result.user = oauth_access_token_check(login, password)
result.type = :oauth
@@ -20,7 +20,7 @@ module Gitlab
result
end
- def find_in_gitlab_or_ldap(login, password)
+ def find_with_user_password(login, password)
user = User.by_login(login)
# If no user is found, or it's an LDAP server, try LDAP.
diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb
index 9e09d2e118d..adbf5941a96 100644
--- a/lib/gitlab/backend/grack_auth.rb
+++ b/lib/gitlab/backend/grack_auth.rb
@@ -95,7 +95,7 @@ module Grack
end
def authenticate_user(login, password)
- user = Gitlab::Auth.find_in_gitlab_or_ldap(login, password)
+ user = Gitlab::Auth.find_with_user_password(login, password)
unless user
user = oauth_access_token_check(login, password)
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index a814ad2a4e7..f081d550ec8 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -41,7 +41,7 @@ describe Gitlab::Auth, lib: true do
end
end
- describe 'find_in_gitlab_or_ldap' do
+ describe 'find_with_user_password' do
let!(:user) do
create(:user,
username: username,
@@ -52,25 +52,25 @@ describe Gitlab::Auth, lib: true do
let(:password) { 'my-secret' }
it "should find user by valid login/password" do
- expect( gl_auth.find_in_gitlab_or_ldap(username, password) ).to eql user
+ expect( gl_auth.find_with_user_password(username, password) ).to eql user
end
it 'should find user by valid email/password with case-insensitive email' do
- expect(gl_auth.find_in_gitlab_or_ldap(user.email.upcase, password)).to eql user
+ expect(gl_auth.find_with_user_password(user.email.upcase, password)).to eql user
end
it 'should find user by valid username/password with case-insensitive username' do
- expect(gl_auth.find_in_gitlab_or_ldap(username.upcase, password)).to eql user
+ expect(gl_auth.find_with_user_password(username.upcase, password)).to eql user
end
it "should not find user with invalid password" do
password = 'wrong'
- expect( gl_auth.find_in_gitlab_or_ldap(username, password) ).not_to eql user
+ expect( gl_auth.find_with_user_password(username, password) ).not_to eql user
end
it "should not find user with invalid login" do
user = 'wrong'
- expect( gl_auth.find_in_gitlab_or_ldap(username, password) ).not_to eql user
+ expect( gl_auth.find_with_user_password(username, password) ).not_to eql user
end
context "with ldap enabled" do
@@ -81,13 +81,13 @@ describe Gitlab::Auth, lib: true do
it "tries to autheticate with db before ldap" do
expect(Gitlab::LDAP::Authentication).not_to receive(:login)
- gl_auth.find_in_gitlab_or_ldap(username, password)
+ gl_auth.find_with_user_password(username, password)
end
it "uses ldap as fallback to for authentication" do
expect(Gitlab::LDAP::Authentication).to receive(:login)
- gl_auth.find_in_gitlab_or_ldap('ldap_user', 'password')
+ gl_auth.find_with_user_password('ldap_user', 'password')
end
end
end
diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb
index c995993a853..d2d4a9eca18 100644
--- a/spec/requests/jwt_controller_spec.rb
+++ b/spec/requests/jwt_controller_spec.rb
@@ -44,7 +44,7 @@ describe JwtController do
let(:user) { create(:user) }
let(:headers) { { authorization: credentials('user', 'password') } }
- before { expect(Gitlab::Auth).to receive(:find_in_gitlab_or_ldap).with('user', 'password').and_return(user) }
+ before { expect(Gitlab::Auth).to receive(:find_with_user_password).with('user', 'password').and_return(user) }
subject! { get '/jwt/auth', parameters, headers }