Class: Gitlab::LDAP::User

Inherits:
OAuth::User show all
Defined in:
lib/gitlab/ldap/user.rb

Instance Attribute Summary

Attributes inherited from OAuth::User

#auth_hash

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from OAuth::User

#new?, #persisted?, #valid?

Constructor Details

#initialize(auth_hash) ⇒ User


22
23
24
25
# File 'lib/gitlab/ldap/user.rb', line 22

def initialize(auth_hash)
  super
  update_user_attributes
end

Class Method Details

.find_by_uid_and_provider(uid, provider) ⇒ Object


13
14
15
16
17
18
19
# File 'lib/gitlab/ldap/user.rb', line 13

def find_by_uid_and_provider(uid, provider)
  # LDAP distinguished name is case-insensitive
  identity = ::Identity.
    where(provider: provider).
    iwhere(extern_uid: uid).last
  identity && identity.user
end

Instance Method Details

#allowed?Boolean


74
75
76
# File 'lib/gitlab/ldap/user.rb', line 74

def allowed?
  Gitlab::LDAP::Access.allowed?(gl_user)
end

#auth_hash=(auth_hash) ⇒ Object


82
83
84
# File 'lib/gitlab/ldap/user.rb', line 82

def auth_hash=(auth_hash)
  @auth_hash = Gitlab::LDAP::AuthHash.new(auth_hash)
end

#block_after_signup?Boolean


70
71
72
# File 'lib/gitlab/ldap/user.rb', line 70

def block_after_signup?
  ldap_config.block_auto_created_users
end

#changed?Boolean


66
67
68
# File 'lib/gitlab/ldap/user.rb', line 66

def changed?
  gl_user.changed? || gl_user.identities.any?(&:changed?)
end

#find_by_emailObject


40
41
42
# File 'lib/gitlab/ldap/user.rb', line 40

def find_by_email
  ::User.find_by(email: auth_hash.email.downcase) if auth_hash.has_email?
end

#find_by_uid_and_providerObject


36
37
38
# File 'lib/gitlab/ldap/user.rb', line 36

def find_by_uid_and_provider
  self.class.find_by_uid_and_provider(auth_hash.uid, auth_hash.provider)
end

#gl_userObject

instance methods


32
33
34
# File 'lib/gitlab/ldap/user.rb', line 32

def gl_user
  @gl_user ||= find_by_uid_and_provider || find_by_email || build_new_user
end

#ldap_configObject


78
79
80
# File 'lib/gitlab/ldap/user.rb', line 78

def ldap_config
  Gitlab::LDAP::Config.new(auth_hash.provider)
end

#saveObject


27
28
29
# File 'lib/gitlab/ldap/user.rb', line 27

def save
  super('LDAP')
end

#update_user_attributesObject


44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# File 'lib/gitlab/ldap/user.rb', line 44

def update_user_attributes
  if persisted?
    if auth_hash.has_email?
      gl_user.skip_reconfirmation!
      gl_user.email = auth_hash.email
    end

    # find_or_initialize_by doesn't update `gl_user.identities`, and isn't autosaved.
    identity = gl_user.identities.find { |identity|  identity.provider == auth_hash.provider }
    identity ||= gl_user.identities.build(provider: auth_hash.provider)

    # For a new identity set extern_uid to the LDAP DN
    # For an existing identity with matching email but changed DN, update the DN.
    # For an existing identity with no change in DN, this line changes nothing.
    identity.extern_uid = auth_hash.uid
  end

  gl_user.ldap_email = auth_hash.has_email?

  gl_user
end