Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Export assigned issues in iCalendar feed | Imre Farkas | 2018-05-31 | 2 | -18/+38 |
| | |||||
* | Add username to terms message in git and API callsbvl-add-username-to-terms-message | Bob Van Landuyt | 2018-05-24 | 1 | -1/+2 |
| | | | | | | | | This will make it clearer to users which account is being used to make the API/git call. So they know which account needs to be used to accept the terms. Closes #46649 | ||||
* | Minimize CE/EE difference in Gitlab::Auth::LDAP::User5913-extract-ee-specific-lines-for-lib-gitlab-auth | Rémy Coutable | 2018-05-18 | 1 | -2/+3 |
| | | | | Signed-off-by: Rémy Coutable <remy@rymai.me> | ||||
* | Minimize CE/EE difference in Gitlab::Auth::LDAP::Config | Rémy Coutable | 2018-05-18 | 1 | -1/+35 |
| | | | | Signed-off-by: Rémy Coutable <remy@rymai.me> | ||||
* | Minimize CE/EE difference in Gitlab::Auth::LDAP::Access | Rémy Coutable | 2018-05-18 | 1 | -1/+12 |
| | | | | Signed-off-by: Rémy Coutable <remy@rymai.me> | ||||
* | Fix system hook not firing for blocked users when LDAP sign-in is used | Stan Hu | 2018-05-12 | 1 | -17/+27 |
| | | | | | | | | | An LDAP sign-in request results in a different request parameter than a standard GitLab sign-in. Since Warden doesn't pass us the user that was blocked, we first search for a `username` in the request parameters and then look for `user.login`. Closes #46307 | ||||
* | Block access to API & git when terms are enforced | Bob Van Landuyt | 2018-05-10 | 1 | -0/+34 |
| | | | | | | When terms are enforced, but the user has not accepted the terms access to the API & git is rejected with a message directing the user to the web app to accept the terms. | ||||
* | Auth::User classes refactor adds should_save? | James Edwards-Jones | 2018-04-23 | 1 | -4/+4 |
| | |||||
* | Unify Saml::IdentityLinker and OAuth::IdentityLinker | James Edwards-Jones | 2018-04-23 | 2 | -23/+23 |
| | |||||
* | Show error on failed OAuth account link | James Edwards-Jones | 2018-04-22 | 1 | -0/+20 |
| | |||||
* | Refactor OmniauthCallbacksController to remove duplication | James Edwards-Jones | 2018-04-22 | 2 | -0/+90 |
| | | | | | Moves LDAP to its own controller with tests Provides path forward for implementing GroupSaml | ||||
* | Add better LDAP connection handling | Francisco Javier López | 2018-04-04 | 3 | -19/+99 |
| | |||||
* | Moved o_auth/saml/ldap modules under gitlab/auth | Horatiu Eugen Vlad | 2018-02-28 | 13 | -0/+2814 |
| | |||||
* | Fixing request json mime type | Francisco Javier López | 2018-01-15 | 1 | -0/+10 |
| | |||||
* | Log and send a system hook if a blocked user fails to loginsh-log-when-user-blocked | Stan Hu | 2018-01-14 | 1 | -0/+53 |
| | | | | Closes #41633 | ||||
* | Renaming AuthenticationException to AuthenticationErrormk-add-user-rate-limits | Francisco Lopez | 2017-11-17 | 1 | -1/+1 |
| | |||||
* | Moved Exceptions to Gitlab::Auth | Francisco Lopez | 2017-11-17 | 2 | -12/+12 |
| | |||||
* | Moving exceptions to UserAuthFinders | Francisco Lopez | 2017-11-17 | 2 | -12/+12 |
| | |||||
* | Added some more comments | Francisco Lopez | 2017-11-17 | 1 | -1/+1 |
| | |||||
* | Added UserAuthFinders spec | Francisco Lopez | 2017-11-17 | 2 | -2/+196 |
| | |||||
* | Added RequestAuthenticator spec | Francisco Lopez | 2017-11-17 | 1 | -0/+67 |
| | |||||
* | `current_application_settings` belongs on `Gitlab::CurrentSettings` | Sean McGivern | 2017-08-31 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form. | ||||
* | Remove superfluous lib: true, type: redis, service: true, models: true, ↵ | Rémy Coutable | 2017-07-27 | 1 | -1/+1 |
| | | | | | | services: true, no_db: true, api: true Signed-off-by: Rémy Coutable <remy@rymai.me> | ||||
* | Support multiple Redis instances based on queue type | Paul Charlton | 2017-07-11 | 1 | -1/+1 |
| | |||||
* | Correct RSpec/SingleLineHook cop offenses | Robert Speicher | 2017-06-14 | 1 | -1/+3 |
| | |||||
* | Make Warden set_user hook validate user ip uniquness | Pawel Chojnacki | 2017-03-06 | 1 | -1/+1 |
| | | | | + rename shared context | ||||
* | Remove unecessary calls to limit_user!, UniqueIps Middleware, and address MR ↵ | Pawel Chojnacki | 2017-03-06 | 1 | -18/+17 |
| | | | | | | | | | | review - cleanup formating in haml - clarify time window is in seconds - cleanup straneous chunks in db/schema - rename count_uniqe_ips to update_and_return_ips_count - other | ||||
* | Cleanup common code in Unique Ips tests | Pawel Chojnacki | 2017-03-06 | 1 | -44/+22 |
| | |||||
* | Test various login scenarios if the limit gets enforced | Pawel Chojnacki | 2017-03-06 | 1 | -14/+8 |
| | |||||
* | Cleanup formatting | Pawel Chojnacki | 2017-03-06 | 1 | -2/+0 |
| | |||||
* | Allow limiting logging in users from too many different IPs. | Pawel Chojnacki | 2017-03-06 | 1 | -0/+88 |