summaryrefslogtreecommitdiff
path: root/app/models/identity.rb
blob: 40d9f856abf6eaef1d59456e751aefa95ef5c793 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# frozen_string_literal: true

class Identity < ApplicationRecord
  include Sortable
  include CaseSensitivity

  belongs_to :user

  validates :provider, presence: true
  validates :extern_uid, allow_blank: true, uniqueness: { scope: UniquenessScopes.scopes, case_sensitive: false }
  validates :user, uniqueness: { scope: UniquenessScopes.scopes }

  before_save :ensure_normalized_extern_uid, if: :extern_uid_changed?
  after_destroy :clear_user_synced_attributes, if: :user_synced_attributes_metadata_from_provider?

  scope :for_user, ->(user) { where(user: user) }
  scope :with_provider, ->(provider) { where(provider: provider) }
  scope :with_extern_uid, ->(provider, extern_uid) do
    iwhere(extern_uid: normalize_uid(provider, extern_uid)).with_provider(provider)
  end

  def ldap?
    Gitlab::Auth::OAuth::Provider.ldap_provider?(provider)
  end

  def self.normalize_uid(provider, uid)
    if Gitlab::Auth::OAuth::Provider.ldap_provider?(provider)
      Gitlab::Auth::Ldap::Person.normalize_dn(uid)
    else
      uid.to_s
    end
  end

  private

  def ensure_normalized_extern_uid
    return if extern_uid.nil?

    self.extern_uid = Identity.normalize_uid(self.provider, self.extern_uid)
  end

  def user_synced_attributes_metadata_from_provider?
    user.user_synced_attributes_metadata&.provider == provider
  end

  def clear_user_synced_attributes
    user.user_synced_attributes_metadata&.destroy
  end
end

Identity.prepend_if_ee('EE::Identity')