diff options
| author | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2014-07-30 09:50:50 +0200 |
|---|---|---|
| committer | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2014-08-06 18:03:01 +0200 |
| commit | 669682686ea32a787aa9ef950388f780cfc00146 (patch) | |
| tree | 586fcdc44534f1aee34ce9432cf1d8fa6d620feb /app | |
| parent | 68a9203bcef1e44bdf72acf4cc8d4977eec79b7a (diff) | |
| download | gitlab-ce-669682686ea32a787aa9ef950388f780cfc00146.tar.gz | |
Move LDAP timeout code to Gitlab::LDAP::Access
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/application_controller.rb | 13 | ||||
| -rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 13 |
2 files changed, 10 insertions, 16 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index d0546a441e1..5ffec7f75bf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -201,15 +201,10 @@ class ApplicationController < ActionController::Base def ldap_security_check if current_user && current_user.requires_ldap_check? - gitlab_ldap_access do |access| - if access.allowed?(current_user) - current_user.last_credential_check_at = Time.now - current_user.save - else - sign_out current_user - flash[:alert] = "Access denied for your LDAP account." - redirect_to new_user_session_path - end + unless Gitlab::LDAP::Access.allowed?(current_user) + sign_out current_user + flash[:alert] = "Access denied for your LDAP account." + redirect_to new_user_session_path end end end diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index ef2afec52dc..3ed6a69c2d8 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -21,13 +21,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController @user = Gitlab::LDAP::User.find_or_create(oauth) @user.remember_me = true if @user.persisted? - gitlab_ldap_access do |access| - if access.allowed?(@user) - sign_in_and_redirect(@user) - else - flash[:alert] = "Access denied for your LDAP account." - redirect_to new_user_session_path - end + # Do additional LDAP checks for the user filter and EE features + if Gitlab::LDAP::Access.allowed?(@user) + sign_in_and_redirect(@user) + else + flash[:alert] = "Access denied for your LDAP account." + redirect_to new_user_session_path end end |