diff options
author | Robin Bobbitt <ryehle@us.ibm.com> | 2017-06-27 14:02:09 -0400 |
---|---|---|
committer | Robin Bobbitt <ryehle@us.ibm.com> | 2017-07-13 10:08:27 -0400 |
commit | 672a68d3724bcae676d18244c85566e7d664a169 (patch) | |
tree | 0a80378a3d96290bda93db53bb231798f2a7ecdd /spec/lib/gitlab/auth_spec.rb | |
parent | 31ada792621f17ab7f4f7475405ddd1ec9e9673a (diff) | |
download | gitlab-ce-672a68d3724bcae676d18244c85566e7d664a169.tar.gz |
Fixes needed when GitLab sign-in is not enabled
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
Diffstat (limited to 'spec/lib/gitlab/auth_spec.rb')
-rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index d09da951869..55780518230 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -206,7 +206,7 @@ describe Gitlab::Auth, lib: true do end it 'throws an error suggesting user create a PAT when internal auth is disabled' do - allow_any_instance_of(ApplicationSetting).to receive(:signin_enabled?) { false } + allow_any_instance_of(ApplicationSetting).to receive(:password_authentication_enabled?) { false } expect { gl_auth.find_for_git_client('foo', 'bar', project: nil, ip: 'ip') }.to raise_error(Gitlab::Auth::MissingPersonalTokenError) end @@ -279,6 +279,16 @@ describe Gitlab::Auth, lib: true do gl_auth.find_with_user_password('ldap_user', 'password') end end + + context "with sign-in disabled" do + before do + stub_application_setting(password_authentication_enabled: false) + end + + it "does not find user by valid login/password" do + expect(gl_auth.find_with_user_password(username, password)).to be_nil + end + end end private |