Merge branch 'patch/fix-ldap-unblock-user-logic' into 'master'

Unblocks user when active_directory is disabled and it can be found We implemented a specific block state to handle user blocking that originates from LDAP filtering rules / directory state in !2242. That introduced a regression in LDAP authentication when Active Directory support was disabled. You could have a scenario where the user would not be temporarily found (like a filtering rule), that would mark the user as `ldap_blocked`, but will never unblock it automatically when that state changed. Fixes #14253, #13179, #13259, #13959 See merge request !3550
author: Robert Speicher <robert@gitlab.com> 2016-04-07 00:50:40 +0300
committer: Robert Speicher <robert@gitlab.com> 2016-04-07 00:50:40 +0300
commit: 5bdc18c5b39590717f67cf7154e242d26e5787b9 (patch)
tree: 9fe076270dbd6ab3b4a9455fc0172c0dac7ae1fa /lib
parent: b6d5fcd4775718676f1a11ddb6a88a08c67c9d0a (diff)
parent: 5ee6badade3c453c7090e9c1f1f4d636c5bb068e (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb
index da4435c7308..f2b649e50a2 100644
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -33,7 +33,10 @@ module Gitlab
 
       def allowed?
         if ldap_user
-          return true unless ldap_config.active_directory
+          unless ldap_config.active_directory
+            user.activate if user.ldap_blocked?
+            return true
+          end
 
           # Block user in GitLab if he/she was blocked in AD
           if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter)
author	Robert Speicher <robert@gitlab.com>	2016-04-07 00:50:40 +0300
committer	Robert Speicher <robert@gitlab.com>	2016-04-07 00:50:40 +0300
commit	5bdc18c5b39590717f67cf7154e242d26e5787b9 (patch)
tree	9fe076270dbd6ab3b4a9455fc0172c0dac7ae1fa /lib
parent	b6d5fcd4775718676f1a11ddb6a88a08c67c9d0a (diff)
parent	5ee6badade3c453c7090e9c1f1f4d636c5bb068e (diff)