diff options
| -rw-r--r-- | app/controllers/profiles_controller.rb | 15 | ||||
| -rw-r--r-- | app/models/user.rb | 4 | ||||
| -rw-r--r-- | app/views/profiles/account.html.haml | 63 |
3 files changed, 48 insertions, 34 deletions
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index f0d69f11184..686edd8af80 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -2,6 +2,9 @@ class ProfilesController < ApplicationController include ActionView::Helpers::SanitizeHelper before_filter :user + before_filter :authorize_change_password!, only: :update_password + before_filter :authorize_change_username!, only: :update_username + layout 'profile' def show @@ -53,9 +56,7 @@ class ProfilesController < ApplicationController end def update_username - if @user.can_change_username? - @user.update_attributes(username: params[:user][:username]) - end + @user.update_attributes(username: params[:user][:username]) respond_to do |format| format.js @@ -80,4 +81,12 @@ class ProfilesController < ApplicationController user_attributes end + + def authorize_change_password! + return render_404 if @user.ldap_user? + end + + def authorize_change_username! + return render_404 unless @user.can_change_username? + end end diff --git a/app/models/user.rb b/app/models/user.rb index 55aa5b563c5..255a5ebd2a9 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -340,4 +340,8 @@ class User < ActiveRecord::Base nil end end + + def ldap_user? + extern_uid && provider == 'ldap' + end end diff --git a/app/views/profiles/account.html.haml b/app/views/profiles/account.html.haml index 16d26c0d8e1..9bba73a080a 100644 --- a/app/views/profiles/account.html.haml +++ b/app/views/profiles/account.html.haml @@ -1,11 +1,35 @@ -- if Gitlab.config.omniauth.enabled - %fieldset - %legend Social Accounts - .oauth_select_holder - %p.hint Tip: Click on icon to activate sigin with one of the following services - - User.omniauth_providers.each do |provider| - %span{class: oauth_active_class(provider) } - = link_to authbutton(provider, 32), omniauth_authorize_path(User, provider) +- unless current_user.ldap_user? + - if Gitlab.config.omniauth.enabled + %fieldset + %legend Social Accounts + .oauth_select_holder + %p.hint Tip: Click on icon to activate sigin with one of the following services + - User.omniauth_providers.each do |provider| + %span{class: oauth_active_class(provider) } + = link_to authbutton(provider, 32), omniauth_authorize_path(User, provider) + + + %fieldset.update-password + %legend Password + = form_for @user, url: update_password_profile_path, method: :put do |f| + .padded + %p.slead After successful password update you will be redirected to login page where you should login with new password + -if @user.errors.any? + .alert.alert-error + %ul + - @user.errors.full_messages.each do |msg| + %li= msg + + .clearfix + = f.label :password + .input= f.password_field :password, required: true + .clearfix + = f.label :password_confirmation + .input + = f.password_field :password_confirmation, required: true + .clearfix + .input + = f.submit 'Save password', class: "btn btn-save" @@ -29,29 +53,6 @@ %span You don`t have one yet. Click generate to fix it. = f.submit 'Generate', class: "btn success btn-build-token" -%fieldset.update-password - %legend Password - = form_for @user, url: update_password_profile_path, method: :put do |f| - .padded - %p.slead After successful password update you will be redirected to login page where you should login with new password - -if @user.errors.any? - .alert.alert-error - %ul - - @user.errors.full_messages.each do |msg| - %li= msg - - .clearfix - = f.label :password - .input= f.password_field :password, required: true - .clearfix - = f.label :password_confirmation - .input - = f.password_field :password_confirmation, required: true - .clearfix - .input - = f.submit 'Save password', class: "btn btn-save" - - - if current_user.can_change_username? %fieldset.update-username |