Class: Gitlab::Auth::OAuth::User

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/auth/o_auth/user.rb

Direct Known Subclasses

Atlassian::User, Ldap::User, Saml::User

Constant Summary collapse

SignupDisabledError =
Class.new(StandardError)
SigninDisabledForProviderError =
Class.new(StandardError)

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(auth_hash) ⇒ User

Returns a new instance of User.


27
28
29
30
31
# File 'lib/gitlab/auth/o_auth/user.rb', line 27

def initialize(auth_hash)
  self.auth_hash = auth_hash
  update_profile
  add_or_update_user_identities
end

Instance Attribute Details

#auth_hashObject

Returns the value of attribute auth_hash.


25
26
27
# File 'lib/gitlab/auth/o_auth/user.rb', line 25

def auth_hash
  @auth_hash
end

Class Method Details

.find_by_uid_and_provider(uid, provider) ⇒ Object

rubocop: disable CodeReuse/ActiveRecord


14
15
16
17
18
# File 'lib/gitlab/auth/o_auth/user.rb', line 14

def find_by_uid_and_provider(uid, provider)
  identity = ::Identity.with_extern_uid(provider, uid).take

  identity && identity.user
end

Instance Method Details

#bypass_two_factor?Boolean

Returns:

  • (Boolean)

91
92
93
94
95
96
97
98
# File 'lib/gitlab/auth/o_auth/user.rb', line 91

def bypass_two_factor?
  providers = Gitlab.config.omniauth.allow_bypass_two_factor
  if providers.is_a?(Array)
    providers.include?(auth_hash.provider)
  else
    providers
  end
end

#find_and_update!Object


85
86
87
88
89
# File 'lib/gitlab/auth/o_auth/user.rb', line 85

def find_and_update!
  save if should_save?

  gl_user
end

#find_userObject


73
74
75
76
77
78
79
80
81
82
83
# File 'lib/gitlab/auth/o_auth/user.rb', line 73

def find_user
  user = find_by_uid_and_provider

  user ||= find_by_email if auto_link_user?
  user ||= find_or_build_ldap_user if auto_link_ldap_user?
  user ||= build_new_user if 

  user.external = true if external_provider? && user&.new_record?

  user
end

#gl_userObject


67
68
69
70
71
# File 'lib/gitlab/auth/o_auth/user.rb', line 67

def gl_user
  return @gl_user if defined?(@gl_user)

  @gl_user = find_user
end

#new?Boolean

Returns:

  • (Boolean)

37
38
39
# File 'lib/gitlab/auth/o_auth/user.rb', line 37

def new?
  !persisted?
end

#persisted?Boolean

Returns:

  • (Boolean)

33
34
35
# File 'lib/gitlab/auth/o_auth/user.rb', line 33

def persisted?
  gl_user.try(:persisted?)
end

#protocol_nameObject


100
101
102
# File 'lib/gitlab/auth/o_auth/user.rb', line 100

def protocol_name
  'OAuth'
end

#save(provider = protocol_name) ⇒ Object


49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'lib/gitlab/auth/o_auth/user.rb', line 49

def save(provider = protocol_name)
  raise SigninDisabledForProviderError if oauth_provider_disabled?
  raise SignupDisabledError unless gl_user

  block_after_save = needs_blocking?

  Users::UpdateService.new(gl_user, user: gl_user).execute!

  gl_user.block_pending_approval if block_after_save
  activate_user_if_user_cap_not_reached

  log.info "(#{provider}) saving user #{auth_hash.email} from login with admin => #{gl_user.admin}, extern_uid => #{auth_hash.uid}"
  gl_user
rescue ActiveRecord::RecordInvalid => e
  log.info "(#{provider}) Error saving user #{auth_hash.uid} (#{auth_hash.email}): #{gl_user.errors.full_messages}"
  [self, e.record.errors]
end

#valid?Boolean

Returns:

  • (Boolean)

41
42
43
# File 'lib/gitlab/auth/o_auth/user.rb', line 41

def valid?
  gl_user.try(:valid?)
end

#valid_sign_in?Boolean

Returns:

  • (Boolean)

45
46
47
# File 'lib/gitlab/auth/o_auth/user.rb', line 45

def valid_sign_in?
  valid? && persisted?
end