diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2017-04-26 09:19:30 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2017-04-26 09:19:30 +0000 |
commit | 8c22045ec0a2401d4629d8e59dadc0180c5a137b (patch) | |
tree | d062346b3509aae411e7023ecba721790dacf5c2 | |
parent | 3c6fad64296738239582ad449bb202cfd99ba7ff (diff) | |
parent | aa54bb7e5a247e98efa95ad810503579eb3d0cbc (diff) | |
download | gitlab-ce-8c22045ec0a2401d4629d8e59dadc0180c5a137b.tar.gz |
Merge branch '31294-fix-oauth-users-do-not-need-to-be-confirmed-master' into 'master'
Ensures that OAuth/LDAP/SAML users don't need to be confirmed
Closes #31294
See merge request !10926
-rw-r--r-- | app/services/users/build_service.rb | 25 | ||||
-rw-r--r-- | spec/lib/gitlab/ldap/user_spec.rb | 13 | ||||
-rw-r--r-- | spec/lib/gitlab/o_auth/user_spec.rb | 15 | ||||
-rw-r--r-- | spec/lib/gitlab/saml/user_spec.rb | 13 |
4 files changed, 57 insertions, 9 deletions
diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb index d2a1c161026..363135ef09b 100644 --- a/app/services/users/build_service.rb +++ b/app/services/users/build_service.rb @@ -9,15 +9,13 @@ module Users def execute(skip_authorization: false) raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user? - user = User.new(build_user_params) + user_params = build_user_params(skip_authorization: skip_authorization) + user = User.new(user_params) if current_user&.admin? - if params[:reset_password] - user.generate_reset_token - params[:force_random_password] = true - end + @reset_token = user.generate_reset_token if params[:reset_password] - if params[:force_random_password] + if user_params[:force_random_password] random_password = Devise.friendly_token.first(Devise.password_length.min) user.password = user.password_confirmation = random_password end @@ -81,7 +79,7 @@ module Users ] end - def build_user_params + def build_user_params(skip_authorization:) if current_user&.admin? user_params = params.slice(*admin_create_params) user_params[:created_by_id] = current_user&.id @@ -90,11 +88,20 @@ module Users user_params.merge!(force_random_password: true, password_expires_at: nil) end else - user_params = params.slice(*signup_params) - user_params[:skip_confirmation] = !current_application_settings.send_user_confirmation_email + allowed_signup_params = signup_params + allowed_signup_params << :skip_confirmation if skip_authorization + + user_params = params.slice(*allowed_signup_params) + if user_params[:skip_confirmation].nil? + user_params[:skip_confirmation] = skip_user_confirmation_email_from_setting + end end user_params end + + def skip_user_confirmation_email_from_setting + !current_application_settings.send_user_confirmation_email + end end end diff --git a/spec/lib/gitlab/ldap/user_spec.rb b/spec/lib/gitlab/ldap/user_spec.rb index 65a304d1468..f4aab429931 100644 --- a/spec/lib/gitlab/ldap/user_spec.rb +++ b/spec/lib/gitlab/ldap/user_spec.rb @@ -120,6 +120,19 @@ describe Gitlab::LDAP::User, lib: true do expect(gl_user).to be_persisted end end + + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + ldap_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end end describe 'updating email' do diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb index 6d3ac62d9e9..828c953197d 100644 --- a/spec/lib/gitlab/o_auth/user_spec.rb +++ b/spec/lib/gitlab/o_auth/user_spec.rb @@ -54,6 +54,21 @@ describe Gitlab::OAuth::User, lib: true do end end + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + stub_omniauth_config(allow_single_sign_on: ['twitter']) + + oauth_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end + it 'marks user as having password_automatically_set' do stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter']) diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb index b3b76a6d629..b106d156b75 100644 --- a/spec/lib/gitlab/saml/user_spec.rb +++ b/spec/lib/gitlab/saml/user_spec.rb @@ -223,6 +223,19 @@ describe Gitlab::Saml::User, lib: true do expect(gl_user).to be_persisted end end + + context 'when user confirmation email is enabled' do + before do + stub_application_setting send_user_confirmation_email: true + end + + it 'creates and confirms the user anyway' do + saml_user.save + + expect(gl_user).to be_persisted + expect(gl_user).to be_confirmed + end + end end describe 'blocking' do |