Repair ldap_blocked state when no ldap identity exist anymore

author: Gabriel Mazetto <gabriel@gitlab.com> 2016-01-06 10:38:52 +0300
committer: Gabriel Mazetto <gabriel@gitlab.com> 2016-01-08 21:26:04 +0300
commit: ec67e9be1d7486199b47e19c766202a8bfdefe93 (patch)
tree: 2499ddcd631bb0935b77d510a6a137ba4b2b1ac4 /app
parent: d6dc088affeee4568e771e1d7894e0bcdb955af8 (diff)
4 files changed, 22 insertions, 0 deletions
diff --git a/app/controllers/admin/identities_controller.rb b/app/controllers/admin/identities_controller.rb
index e383fe38ea6..9ba10487512 100644
--- a/app/controllers/admin/identities_controller.rb
+++ b/app/controllers/admin/identities_controller.rb
@@ -26,6 +26,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
 
   def update
     if @identity.update_attributes(identity_params)
+      RepairLdapBlockedUserService.new(@user, @identity).execute
       redirect_to admin_user_identities_path(@user), notice: 'User identity was successfully updated.'
     else
       render :edit
@@ -34,6 +35,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
 
   def destroy
     if @identity.destroy
+      RepairLdapBlockedUserService.new(@user, @identity).execute
       redirect_to admin_user_identities_path(@user), notice: 'User identity was successfully removed.'
     else
       redirect_to admin_user_identities_path(@user), alert: 'Failed to remove user identity.'
diff --git a/app/models/identity.rb b/app/models/identity.rb
index 8bcdc194953..830b99fa3f2 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -18,4 +18,8 @@ class Identity < ActiveRecord::Base
   validates :provider, presence: true
   validates :extern_uid, allow_blank: true, uniqueness: { scope: :provider }
   validates :user_id, uniqueness: { scope: :provider }
+
+  def is_ldap?
+    provider.starts_with?('ldap')
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 67b47b0f329..5eed9cf91c7 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -196,6 +196,7 @@ class User < ActiveRecord::Base
   state_machine :state, initial: :active do
     event :block do
       transition active: :blocked
+      transition ldap_blocked: :blocked
     end
 
     event :ldap_block do
diff --git a/app/services/repair_ldap_blocked_user_service.rb b/app/services/repair_ldap_blocked_user_service.rb
new file mode 100644
index 00000000000..ceca15414e0
--- /dev/null
+++ b/app/services/repair_ldap_blocked_user_service.rb
@@ -0,0 +1,15 @@
+class RepairLdapBlockedUserService
+  attr_accessor :user, :identity
+
+  def initialize(user, identity)
+    @user, @identity = user, identity
+  end
+
+  def execute
+    if identity.destroyed?
+      user.block if identity.is_ldap? && user.ldap_blocked? && !user.ldap_user?
+    else
+      user.block if !identity.is_ldap? && user.ldap_blocked? && !user.ldap_user?
+    end
+  end
+end
author	Gabriel Mazetto <gabriel@gitlab.com>	2016-01-06 10:38:52 +0300
committer	Gabriel Mazetto <gabriel@gitlab.com>	2016-01-08 21:26:04 +0300
commit	ec67e9be1d7486199b47e19c766202a8bfdefe93 (patch)
tree	2499ddcd631bb0935b77d510a6a137ba4b2b1ac4 /app
parent	d6dc088affeee4568e771e1d7894e0bcdb955af8 (diff)