summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlejandro Rodríguez <alejorro70@gmail.com>2018-08-22 20:46:35 +0000
committerJose Vargas <jvargas@gitlab.com>2018-08-22 16:00:40 -0500
commita8f7223d6a854879e69a01d2f6f22d6bfb87010b (patch)
treeafd0a57d614a5e90fdd66f633cd533c8e432926e
parenta4512a9be0d50a55575928a3d118701f74d50412 (diff)
downloadgitlab-ce-a8f7223d6a854879e69a01d2f6f22d6bfb87010b.tar.gz
Merge branch 'sh-fix-broken-ldap-clones' into 'master'11-2-stable-patch-1
Fix broken Git over HTTP clones with LDAP users Closes #50579 See merge request gitlab-org/gitlab-ce!21352
-rw-r--r--changelogs/unreleased/sh-fix-broken-ldap-clones.yml5
-rw-r--r--lib/gitlab/auth/o_auth/provider.rb1
-rw-r--r--spec/lib/gitlab/auth/o_auth/provider_spec.rb42
3 files changed, 48 insertions, 0 deletions
diff --git a/changelogs/unreleased/sh-fix-broken-ldap-clones.yml b/changelogs/unreleased/sh-fix-broken-ldap-clones.yml
new file mode 100644
index 00000000000..abe725924f2
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-broken-ldap-clones.yml
@@ -0,0 +1,5 @@
+---
+title: Fix broken Git over HTTP clones with LDAP users
+merge_request: 21352
+author:
+type: fixed
diff --git a/lib/gitlab/auth/o_auth/provider.rb b/lib/gitlab/auth/o_auth/provider.rb
index e73743944a9..26da9d09ccc 100644
--- a/lib/gitlab/auth/o_auth/provider.rb
+++ b/lib/gitlab/auth/o_auth/provider.rb
@@ -29,6 +29,7 @@ module Gitlab
def self.enabled?(name)
return true if name == 'database'
+ return true if self.ldap_provider?(name) && providers.include?(name.to_sym)
Gitlab::Auth.omniauth_enabled? && providers.include?(name.to_sym)
end
diff --git a/spec/lib/gitlab/auth/o_auth/provider_spec.rb b/spec/lib/gitlab/auth/o_auth/provider_spec.rb
index fc35d430917..80d702cf9dc 100644
--- a/spec/lib/gitlab/auth/o_auth/provider_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/provider_spec.rb
@@ -1,6 +1,48 @@
require 'spec_helper'
describe Gitlab::Auth::OAuth::Provider do
+ describe '.enabled?' do
+ before do
+ allow(described_class).to receive(:providers).and_return([:ldapmain, :google_oauth2])
+ end
+
+ context 'when OmniAuth is disabled' do
+ before do
+ allow(Gitlab::Auth).to receive(:omniauth_enabled?).and_return(false)
+ end
+
+ it 'allows database auth' do
+ expect(described_class.enabled?('database')).to be_truthy
+ end
+
+ it 'allows LDAP auth' do
+ expect(described_class.enabled?('ldapmain')).to be_truthy
+ end
+
+ it 'does not allow other OmniAuth providers' do
+ expect(described_class.enabled?('google_oauth2')).to be_falsey
+ end
+ end
+
+ context 'when OmniAuth is enabled' do
+ before do
+ allow(Gitlab::Auth).to receive(:omniauth_enabled?).and_return(true)
+ end
+
+ it 'allows database auth' do
+ expect(described_class.enabled?('database')).to be_truthy
+ end
+
+ it 'allows LDAP auth' do
+ expect(described_class.enabled?('ldapmain')).to be_truthy
+ end
+
+ it 'allows other OmniAuth providers' do
+ expect(described_class.enabled?('google_oauth2')).to be_truthy
+ end
+ end
+ end
+
describe '#config_for' do
context 'for an LDAP provider' do
context 'when the provider exists' do