Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorJacob Vosmaer <contact@jacobvosmaer.nl>2014-06-12 18:01:23 +0400
committerJacob Vosmaer <contact@jacobvosmaer.nl>2014-06-13 10:14:34 +0400
commit8761dd2a6fb2e19556fbfaa30ab211c1f09f3e29 (patch)
tree36d6dbed52a5bfd964c861fa1b9cbdcc62135a17 /app
parenta5cbb4cb82a6911b5c1de117ae6ed4cbf667a679 (diff)
Check LDAP user filter during sign-in
Diffstat (limited to 'app')
-rw-r--r--app/controllers/omniauth_callbacks_controller.rb10
1 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 7131e0fe181..0c87fe0d9ae 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -20,7 +20,15 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
# if the authentication to LDAP was successful.
@user = Gitlab::LDAP::User.find_or_create(oauth)
@user.remember_me = true if @user.persisted?
- sign_in_and_redirect(@user)
+
+ gitlab_ldap_access do |access|
+ if access.allowed?(@user)
+ sign_in_and_redirect(@user)
+ else
+ flash[:alert] = "Access denied for your LDAP account."
+ redirect_to new_user_session_path
+ end
+ end
end
private
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 14:49:32 +0300