diff options
author | Yorick Peterse <yorickpeterse@gmail.com> | 2019-03-04 18:36:26 +0000 |
---|---|---|
committer | Yorick Peterse <yorickpeterse@gmail.com> | 2019-03-04 18:36:26 +0000 |
commit | 040e6e72bfc0a40c0a133d07a4619597cf6b4675 (patch) | |
tree | b43b938c91a465b8bc55ac00e5bcabe3a7f21e8a /lib | |
parent | 4c887a1975e453afe27e536d73175e2d89f6a8b5 (diff) | |
parent | 104c8b890dbca25a0d08b2567d003f02953a0fc1 (diff) | |
download | gitlab-ce-040e6e72bfc0a40c0a133d07a4619597cf6b4675.tar.gz |
Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master'
Ensure request to link GroupSAML acount was GitLab initiated
See merge request gitlab/gitlabhq!2976
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/auth/omniauth_identity_linker_base.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/gitlab/auth/omniauth_identity_linker_base.rb b/lib/gitlab/auth/omniauth_identity_linker_base.rb index 253445570f2..c620fc5d6bd 100644 --- a/lib/gitlab/auth/omniauth_identity_linker_base.rb +++ b/lib/gitlab/auth/omniauth_identity_linker_base.rb @@ -12,7 +12,7 @@ module Gitlab end def link - save if identity.new_record? + save if unlinked? end def changed? @@ -35,6 +35,10 @@ module Gitlab @changed = identity.save end + def unlinked? + identity.new_record? + end + # rubocop: disable CodeReuse/ActiveRecord def identity @identity ||= current_user.identities |