diff options
author | Markus Koller <markus-koller@gmx.ch> | 2017-11-23 16:16:14 +0300 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2017-11-23 16:16:14 +0300 |
commit | 257fd5713485a05460a9170190100643199a7e48 (patch) | |
tree | afaaddcdc16ac407d72b7b4c0e96d951a141c268 /app/controllers/passwords_controller.rb | |
parent | a6cafbcbe8d6802a81055c3469312f889cd73c9a (diff) |
Allow password authentication to be disabled entirely
Diffstat (limited to 'app/controllers/passwords_controller.rb')
-rw-r--r-- | app/controllers/passwords_controller.rb | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index fda944adecd..68a52f40342 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -1,6 +1,8 @@ class PasswordsController < Devise::PasswordsController + include Gitlab::CurrentSettings + before_action :resource_from_email, only: [:create] - before_action :prevent_ldap_reset, only: [:create] + before_action :check_password_authentication_available, only: [:create] before_action :throttle_reset, only: [:create] def edit @@ -25,7 +27,7 @@ class PasswordsController < Devise::PasswordsController def update super do |resource| - if resource.valid? && resource.require_password_creation? + if resource.valid? && resource.password_automatically_set? resource.update_attribute(:password_automatically_set, false) end end @@ -38,11 +40,15 @@ class PasswordsController < Devise::PasswordsController self.resource = resource_class.find_by_email(email) end - def prevent_ldap_reset - return unless resource&.ldap_user? + def check_password_authentication_available + if resource + return if resource.allow_password_authentication? + else + return if current_application_settings.password_authentication_enabled? + end redirect_to after_sending_reset_password_instructions_path_for(resource_name), - alert: "Cannot reset password for LDAP user." + alert: "Password authentication is unavailable." end def throttle_reset |