diff options
author | Markus Koller <markus-koller@gmx.ch> | 2016-12-12 15:13:23 +0100 |
---|---|---|
committer | Markus Koller <markus-koller@gmx.ch> | 2016-12-20 19:51:45 +0100 |
commit | e87e28059826fe0126e737ef3fea38bb34d44a78 (patch) | |
tree | a0c175cdd75c192334c207fc9b206e18bd12b011 /lib | |
parent | ad1a1d976c877eca16858368db0c5b3ef800db8b (diff) | |
download | gitlab-ce-e87e28059826fe0126e737ef3fea38bb34d44a78.tar.gz |
Log messages when blocking/unblocking LDAP accounts
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/ldap/access.rb | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb index 7e06bd2b0fb..f2e53953a37 100644 --- a/lib/gitlab/ldap/access.rb +++ b/lib/gitlab/ldap/access.rb @@ -34,21 +34,21 @@ module Gitlab def allowed? if ldap_user unless ldap_config.active_directory - user.activate if user.ldap_blocked? + unblock_user(user, 'is not in Active Directory anymore') if user.ldap_blocked? return true end # Block user in GitLab if he/she was blocked in AD if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter) - user.ldap_block + block_user(user, 'is disabled in Active Directory') false else - user.activate if user.ldap_blocked? + unblock_user(user, 'is not disabled anymore') if user.ldap_blocked? true end else # Block the user if they no longer exist in LDAP/AD - user.ldap_block + block_user(user, 'does not exist anymore') false end end @@ -64,6 +64,24 @@ module Gitlab def ldap_user @ldap_user ||= Gitlab::LDAP::Person.find_by_dn(user.ldap_identity.extern_uid, adapter) end + + def block_user(user, reason) + user.ldap_block + + Gitlab::AppLogger.info( + "LDAP account \"#{user.ldap_identity.extern_uid}\" #{reason}, " + + "blocking Gitlab user \"#{user.name}\" (#{user.email})" + ) + end + + def unblock_user(user, reason) + user.activate + + Gitlab::AppLogger.info( + "LDAP account \"#{user.ldap_identity.extern_uid}\" #{reason}, " + + "unblocking Gitlab user \"#{user.name}\" (#{user.email})" + ) + end end end end |