Add latest changes from gitlab-org/gitlab@master

3 files changed, 3 insertions, 1 deletions

diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 02d66067418..94fd71aaa33 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -494,6 +494,7 @@ production: &base
   #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
   ldap:
     enabled: false
+    prevent_ldap_sign_in: false
 
     # This setting controls the number of seconds between LDAP permission checks
     # for each user. After this time has expired for a given user, their next
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 7ee4a4e3610..5e94a0716fa 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -5,6 +5,7 @@ require_relative '../smime_signature_settings'
 # Default settings
 Settings['ldap'] ||= Settingslogic.new({})
 Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil?
+Settings.ldap['prevent_ldap_sign_in'] = false if Settings.ldap['prevent_ldap_sign_in'].blank?
 
 Gitlab.ee do
   Settings.ldap['sync_time'] = 3600 if Settings.ldap['sync_time'].nil?
diff --git a/config/routes/user.rb b/config/routes/user.rb
index d4616c8080d..6e277f18e36 100644
--- a/config/routes/user.rb
+++ b/config/routes/user.rb
@@ -13,7 +13,7 @@ def override_omniauth(provider, controller, path_prefix = '/users/auth')
 end
 
 # Use custom controller for LDAP omniauth callback
-if Gitlab::Auth::LDAP::Config.enabled?
+if Gitlab::Auth::LDAP::Config.sign_in_enabled?
   devise_scope :user do
     Gitlab::Auth::LDAP::Config.available_servers.each do |server|
       override_omniauth(server['provider_name'], 'ldap/omniauth_callbacks')