diff options
author | Stan Hu <stanhu@gmail.com> | 2018-01-14 21:10:48 -0800 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-01-14 22:22:06 -0800 |
commit | 0d187a9a65c5a8eae4bcb09228270cb974abd466 (patch) | |
tree | 7a958c51641edb5c8606380d673587f35deeeb8f /spec/lib | |
parent | 74f2f9b30fb1972a26481072486b358eb943309f (diff) | |
download | gitlab-ce-0d187a9a65c5a8eae4bcb09228270cb974abd466.tar.gz |
Log and send a system hook if a blocked user fails to loginsh-log-when-user-blocked
Closes #41633
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/auth/blocked_user_tracker_spec.rb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb b/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb new file mode 100644 index 00000000000..726a3c1c83a --- /dev/null +++ b/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +describe Gitlab::Auth::BlockedUserTracker do + set(:user) { create(:user) } + + describe '.log_if_user_blocked' do + it 'does not log if user failed to login due to undefined reason' do + expect_any_instance_of(SystemHooksService).not_to receive(:execute_hooks_for) + + expect(described_class.log_if_user_blocked({})).to be_nil + end + + it 'gracefully handles malformed environment variables' do + env = { 'warden.options' => 'test' } + + expect(described_class.log_if_user_blocked(env)).to be_nil + end + + context 'failed login due to blocked user' do + let(:env) do + { + 'warden.options' => { message: User::BLOCKED_MESSAGE }, + described_class::ACTIVE_RECORD_REQUEST_PARAMS => { 'user' => { 'login' => user.username } } + } + end + + subject { described_class.log_if_user_blocked(env) } + + before do + expect_any_instance_of(SystemHooksService).to receive(:execute_hooks_for).with(user, :failed_login) + end + + it 'logs a blocked user' do + user.block! + + expect(subject).to be_truthy + end + + it 'logs a blocked user by e-mail' do + user.block! + env[described_class::ACTIVE_RECORD_REQUEST_PARAMS]['user']['login'] = user.email + + expect(subject).to be_truthy + end + + it 'logs a LDAP blocked user' do + user.ldap_block! + + expect(subject).to be_truthy + end + end + end +end |