diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2017-12-15 15:46:22 +0300 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2017-12-15 15:46:22 +0300 |
commit | d39d968ba4100be3e77e9d02af6ce10ff18ca508 (patch) | |
tree | 9d4d9f4b756d4607cbd93b5bf4f74c0cdce06be7 /app/models | |
parent | 3a19e532f51b4b52ec3e292921106f43f8db948e (diff) | |
parent | 481b8a71f8ee63758d26a57a6367c091d4b76b09 (diff) |
Merge branch 'dm-ldap-email-readonly' into 'master'
Make sure user email is read only when synced with LDAP
Closes #41033
See merge request gitlab-org/gitlab-ce!15915
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/identity.rb | 4 | ||||
-rw-r--r-- | app/models/user.rb | 2 | ||||
-rw-r--r-- | app/models/user_synced_attributes_metadata.rb | 10 |
3 files changed, 11 insertions, 5 deletions
diff --git a/app/models/identity.rb b/app/models/identity.rb index ff811e19f8a..99d99bc6deb 100644 --- a/app/models/identity.rb +++ b/app/models/identity.rb @@ -14,11 +14,11 @@ class Identity < ActiveRecord::Base end def ldap? - provider.starts_with?('ldap') + Gitlab::OAuth::Provider.ldap_provider?(provider) end def self.normalize_uid(provider, uid) - if provider.to_s.starts_with?('ldap') + if Gitlab::OAuth::Provider.ldap_provider?(provider) Gitlab::LDAP::Person.normalize_dn(uid) else uid.to_s diff --git a/app/models/user.rb b/app/models/user.rb index 92b461ce3ed..51941f43919 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -738,7 +738,7 @@ class User < ActiveRecord::Base def ldap_user? if identities.loaded? - identities.find { |identity| identity.provider.start_with?('ldap') && !identity.extern_uid.nil? } + identities.find { |identity| Gitlab::OAuth::Provider.ldap_provider?(identity.provider) && !identity.extern_uid.nil? } else identities.exists?(["provider LIKE ? AND extern_uid IS NOT NULL", "ldap%"]) end diff --git a/app/models/user_synced_attributes_metadata.rb b/app/models/user_synced_attributes_metadata.rb index 9f374304164..548b99b69d9 100644 --- a/app/models/user_synced_attributes_metadata.rb +++ b/app/models/user_synced_attributes_metadata.rb @@ -6,11 +6,11 @@ class UserSyncedAttributesMetadata < ActiveRecord::Base SYNCABLE_ATTRIBUTES = %i[name email location].freeze def read_only?(attribute) - Gitlab.config.omniauth.sync_profile_from_provider && synced?(attribute) + sync_profile_from_provider? && synced?(attribute) end def read_only_attributes - return [] unless Gitlab.config.omniauth.sync_profile_from_provider + return [] unless sync_profile_from_provider? SYNCABLE_ATTRIBUTES.select { |key| synced?(key) } end @@ -22,4 +22,10 @@ class UserSyncedAttributesMetadata < ActiveRecord::Base def set_attribute_synced(attribute, value) write_attribute("#{attribute}_synced", value) end + + private + + def sync_profile_from_provider? + Gitlab::OAuth::Provider.sync_profile_from_provider?(provider) + end end |