diff options
| author | Robin Bobbitt <ryehle@us.ibm.com> | 2017-06-27 14:02:09 -0400 |
|---|---|---|
| committer | Robin Bobbitt <ryehle@us.ibm.com> | 2017-07-13 10:08:27 -0400 |
| commit | 672a68d3724bcae676d18244c85566e7d664a169 (patch) | |
| tree | 0a80378a3d96290bda93db53bb231798f2a7ecdd /app/models/user.rb | |
| parent | 31ada792621f17ab7f4f7475405ddd1ec9e9673a (diff) | |
| download | gitlab-ce-672a68d3724bcae676d18244c85566e7d664a169.tar.gz | |
Fixes needed when GitLab sign-in is not enabled
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 4b01c2f19f0..e622f63b54d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -580,16 +580,20 @@ class User < ActiveRecord::Base keys.count == 0 && Gitlab::ProtocolAccess.allowed?('ssh') end - def require_password? - password_automatically_set? && !ldap_user? && current_application_settings.signin_enabled? + def require_password_creation? + password_automatically_set? && allow_password_authentication? end - def require_personal_access_token? - return false if current_application_settings.signin_enabled? || ldap_user? + def require_personal_access_token_creation_for_git_auth? + return false if allow_password_authentication? || ldap_user? PersonalAccessTokensFinder.new(user: self, impersonation: false, state: 'active').execute.none? end + def allow_password_authentication? + !ldap_user? && current_application_settings.password_authentication_enabled? + end + def can_change_username? gitlab_config.username_changing_enabled end |