diff options
author | Robert Speicher <robert@gitlab.com> | 2016-01-19 19:15:23 +0000 |
---|---|---|
committer | Robert Speicher <robert@gitlab.com> | 2016-01-19 19:15:23 +0000 |
commit | b9fca47854dd92415e2d4d3b68e2e967fee2d67b (patch) | |
tree | efb3672cf53834d5fa71d44d3ac72edf4846466f /lib/gitlab/ldap | |
parent | 20cc4bc47533f34b62b7c8283e8de4eee8c5b852 (diff) | |
parent | 4f44455626a567c939bf6f84684e8879ce2db829 (diff) | |
download | gitlab-ce-b9fca47854dd92415e2d4d3b68e2e967fee2d67b.tar.gz |
Merge branch 'user-ldap-email' into 'master'
Allow LDAP users to change their email if it was not set by the LDAP
server
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/3054
See merge request !2502
Diffstat (limited to 'lib/gitlab/ldap')
-rw-r--r-- | lib/gitlab/ldap/user.rb | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb index aef08c97d1d..e044f0ecc6d 100644 --- a/lib/gitlab/ldap/user.rb +++ b/lib/gitlab/ldap/user.rb @@ -30,28 +30,31 @@ module Gitlab end def find_by_uid_and_provider - self.class.find_by_uid_and_provider( - auth_hash.uid, auth_hash.provider) + self.class.find_by_uid_and_provider(auth_hash.uid, auth_hash.provider) end def find_by_email - ::User.find_by(email: auth_hash.email.downcase) + ::User.find_by(email: auth_hash.email.downcase) if auth_hash.has_email? end def update_user_attributes - return unless persisted? + if persisted? + if auth_hash.has_email? + gl_user.skip_reconfirmation! + gl_user.email = auth_hash.email + end - gl_user.skip_reconfirmation! - gl_user.email = auth_hash.email + # find_or_initialize_by doesn't update `gl_user.identities`, and isn't autosaved. + identity = gl_user.identities.find { |identity| identity.provider == auth_hash.provider } + identity ||= gl_user.identities.build(provider: auth_hash.provider) - # find_or_initialize_by doesn't update `gl_user.identities`, and isn't autosaved. - identity = gl_user.identities.find { |identity| identity.provider == auth_hash.provider } - identity ||= gl_user.identities.build(provider: auth_hash.provider) + # For a new identity set extern_uid to the LDAP DN + # For an existing identity with matching email but changed DN, update the DN. + # For an existing identity with no change in DN, this line changes nothing. + identity.extern_uid = auth_hash.uid + end - # For a new user set extern_uid to the LDAP DN - # For an existing user with matching email but changed DN, update the DN. - # For an existing user with no change in DN, this line changes nothing. - identity.extern_uid = auth_hash.uid + gl_user.ldap_email = auth_hash.has_email? gl_user end |