Merge branch 'feature/sign_out_page' into 'master'

Allow to configure a URL to show after sign out

Split of !669 as requested

This is especially useful with SAML ( !722 ) since the omniauth-saml gem does not support single log-out. This provides a way to log out the user from the SAML IdP after signing out from GitLab.

See merge request !725

4 files changed, 12 insertions, 1 deletions

diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index 5aaae94e6bf..a01e2a907d7 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -38,6 +38,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
       :twitter_sharing_enabled,
       :sign_in_text,
       :home_page_url,
+      :after_sign_out_path,
       :max_attachment_size,
       :default_project_visibility,
       :default_snippet_visibility,
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e5da94b2327..62d46a5482e 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -89,7 +89,7 @@ class ApplicationController < ActionController::Base
   end
 
   def after_sign_out_path_for(resource)
-    new_user_session_path
+    current_application_settings.after_sign_out_path || new_user_session_path 
   end
 
   def abilities
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index c465158f764..80463ee8841 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -19,6 +19,7 @@
 #  default_snippet_visibility   :integer
 #  restricted_signup_domains    :text
 #  user_oauth_applications      :bool             default(TRUE)
+#  after_sign_out_path          :string(255)
 #
 
 class ApplicationSetting < ActiveRecord::Base
@@ -31,6 +32,10 @@ class ApplicationSetting < ActiveRecord::Base
     format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" },
     if: :home_page_url_column_exist
 
+  validates :after_sign_out_path,
+    allow_blank: true,
+    format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" }
+
   validates_each :restricted_visibility_levels do |record, attr, value|
     unless value.nil?
       value.each do |level|
diff --git a/app/views/admin/application_settings/_form.html.haml b/app/views/admin/application_settings/_form.html.haml
index dd8978647c4..188a08940ab 100644
--- a/app/views/admin/application_settings/_form.html.haml
+++ b/app/views/admin/application_settings/_form.html.haml
@@ -70,6 +70,11 @@
         = f.text_field :home_page_url, class: 'form-control', placeholder: 'http://company.example.com', :'aria-describedby' => 'home_help_block'
         %span.help-block#home_help_block We will redirect non-logged in users to this page
     .form-group
+      = f.label :after_sign_out_path, class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.text_field :after_sign_out_path, class: 'form-control', placeholder: 'http://company.example.com', :'aria-describedby' => 'after_sign_out_path_help_block'
+        %span.help-block#after_sign_out_path_help_block We will redirect users to this page after they sign out
+    .form-group
       = f.label :sign_in_text, class: 'control-label col-sm-2'
       .col-sm-10
         = f.text_area :sign_in_text, class: 'form-control', rows: 4