diff options
author | Jan-Willem van der Meer <mail@jewilmeer.nl> | 2014-09-08 14:53:59 +0200 |
---|---|---|
committer | Jan-Willem van der Meer <mail@jewilmeer.nl> | 2014-09-08 14:53:59 +0200 |
commit | 11bb67c3c6d4b90629744f8a011121e35968c58b (patch) | |
tree | 25c4251a65634cf86539a7bbf07f9bcf54efe6ed /lib/gitlab/ldap | |
parent | f27830fa4c11548279b5eed68e92b6f352ad4a9f (diff) | |
download | gitlab-ce-11bb67c3c6d4b90629744f8a011121e35968c58b.tar.gz |
Test authenticate method for Gitlab::LDAP::User
Diffstat (limited to 'lib/gitlab/ldap')
-rw-r--r-- | lib/gitlab/ldap/user.rb | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb index 6d1bec5f54a..e0d718d1065 100644 --- a/lib/gitlab/ldap/user.rb +++ b/lib/gitlab/ldap/user.rb @@ -41,17 +41,8 @@ module Gitlab # Only check with valid login and password to prevent anonymous bind results return nil unless ldap_conf.enabled && login.present? && password.present? - ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf) - filter = Net::LDAP::Filter.eq(ldap.uid, login) - - # Apply LDAP user filter if present - if ldap_conf['user_filter'].present? - user_filter = Net::LDAP::Filter.construct(ldap_conf['user_filter']) - filter = Net::LDAP::Filter.join(filter, user_filter) - end - - ldap_user = ldap.bind_as( - filter: filter, + ldap_user = adapter.bind_as( + filter: user_filter(login), size: 1, password: password ) @@ -59,6 +50,10 @@ module Gitlab find_by_uid(ldap_user.dn) if ldap_user end + def adapter + @adapter ||= OmniAuth::LDAP::Adaptor.new(ldap_conf) + end + protected def find_by_uid_and_provider @@ -81,6 +76,16 @@ module Gitlab def ldap_conf Gitlab.config.ldap end + + def user_filter(login) + filter = Net::LDAP::Filter.eq(adapter.uid, login) + # Apply LDAP user filter if present + if ldap_conf['user_filter'].present? + user_filter = Net::LDAP::Filter.construct(ldap_conf['user_filter']) + filter = Net::LDAP::Filter.join(filter, user_filter) + end + filter + end end def needs_blocking? |