summaryrefslogtreecommitdiff
path: root/spec/lib/gitlab/auth
Commit message (Collapse)AuthorAgeFilesLines
* Export assigned issues in iCalendar feedImre Farkas2018-05-312-18/+38
|
* Add username to terms message in git and API callsbvl-add-username-to-terms-messageBob Van Landuyt2018-05-241-1/+2
| | | | | | | | This will make it clearer to users which account is being used to make the API/git call. So they know which account needs to be used to accept the terms. Closes #46649
* Minimize CE/EE difference in Gitlab::Auth::LDAP::User5913-extract-ee-specific-lines-for-lib-gitlab-authRémy Coutable2018-05-181-2/+3
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Minimize CE/EE difference in Gitlab::Auth::LDAP::ConfigRémy Coutable2018-05-181-1/+35
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Minimize CE/EE difference in Gitlab::Auth::LDAP::AccessRémy Coutable2018-05-181-1/+12
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Fix system hook not firing for blocked users when LDAP sign-in is usedStan Hu2018-05-121-17/+27
| | | | | | | | | An LDAP sign-in request results in a different request parameter than a standard GitLab sign-in. Since Warden doesn't pass us the user that was blocked, we first search for a `username` in the request parameters and then look for `user.login`. Closes #46307
* Block access to API & git when terms are enforcedBob Van Landuyt2018-05-101-0/+34
| | | | | | When terms are enforced, but the user has not accepted the terms access to the API & git is rejected with a message directing the user to the web app to accept the terms.
* Auth::User classes refactor adds should_save?James Edwards-Jones2018-04-231-4/+4
|
* Unify Saml::IdentityLinker and OAuth::IdentityLinkerJames Edwards-Jones2018-04-232-23/+23
|
* Show error on failed OAuth account linkJames Edwards-Jones2018-04-221-0/+20
|
* Refactor OmniauthCallbacksController to remove duplicationJames Edwards-Jones2018-04-222-0/+90
| | | | | Moves LDAP to its own controller with tests Provides path forward for implementing GroupSaml
* Add better LDAP connection handlingFrancisco Javier López2018-04-043-19/+99
|
* Moved o_auth/saml/ldap modules under gitlab/authHoratiu Eugen Vlad2018-02-2813-0/+2814
|
* Fixing request json mime typeFrancisco Javier López2018-01-151-0/+10
|
* Log and send a system hook if a blocked user fails to loginsh-log-when-user-blockedStan Hu2018-01-141-0/+53
| | | | Closes #41633
* Renaming AuthenticationException to AuthenticationErrormk-add-user-rate-limitsFrancisco Lopez2017-11-171-1/+1
|
* Moved Exceptions to Gitlab::AuthFrancisco Lopez2017-11-172-12/+12
|
* Moving exceptions to UserAuthFindersFrancisco Lopez2017-11-172-12/+12
|
* Added some more commentsFrancisco Lopez2017-11-171-1/+1
|
* Added UserAuthFinders specFrancisco Lopez2017-11-172-2/+196
|
* Added RequestAuthenticator specFrancisco Lopez2017-11-171-0/+67
|
* `current_application_settings` belongs on `Gitlab::CurrentSettings`Sean McGivern2017-08-311-1/+1
| | | | | | | | | | | | | | | | The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form.
* Remove superfluous lib: true, type: redis, service: true, models: true, ↵Rémy Coutable2017-07-271-1/+1
| | | | | | services: true, no_db: true, api: true Signed-off-by: Rémy Coutable <remy@rymai.me>
* Support multiple Redis instances based on queue typePaul Charlton2017-07-111-1/+1
|
* Correct RSpec/SingleLineHook cop offensesRobert Speicher2017-06-141-1/+3
|
* Make Warden set_user hook validate user ip uniqunessPawel Chojnacki2017-03-061-1/+1
| | | | + rename shared context
* Remove unecessary calls to limit_user!, UniqueIps Middleware, and address MR ↵Pawel Chojnacki2017-03-061-18/+17
| | | | | | | | | | review - cleanup formating in haml - clarify time window is in seconds - cleanup straneous chunks in db/schema - rename count_uniqe_ips to update_and_return_ips_count - other
* Cleanup common code in Unique Ips testsPawel Chojnacki2017-03-061-44/+22
|
* Test various login scenarios if the limit gets enforcedPawel Chojnacki2017-03-061-14/+8
|
* Cleanup formattingPawel Chojnacki2017-03-061-2/+0
|
* Allow limiting logging in users from too many different IPs.Pawel Chojnacki2017-03-061-0/+88
View Lorry Controller Status