Add latest changes from gitlab-org/gitlab@master

1 files changed, 28 insertions, 0 deletions

diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb
index 6c5f36804e8..8b92976252c 100644
--- a/spec/controllers/omniauth_callbacks_controller_spec.rb
+++ b/spec/controllers/omniauth_callbacks_controller_spec.rb
@@ -287,6 +287,34 @@ describe OmniauthCallbacksController, type: :controller, do_not_mock_admin_mode:
       request.env['omniauth.auth'] = Rails.application.env_config['omniauth.auth']
     end
 
+    context 'sign up' do
+      before do
+        user.destroy
+      end
+
+      it 'denies login if sign up is enabled, but block_auto_created_users is set' do
+        post :saml, params: { SAMLResponse: mock_saml_response }
+
+        expect(flash[:alert]).to start_with 'Your account has been blocked.'
+      end
+
+      it 'accepts login if sign up is enabled' do
+        stub_omniauth_setting(block_auto_created_users: false)
+
+        post :saml, params: { SAMLResponse: mock_saml_response }
+
+        expect(request.env['warden']).to be_authenticated
+      end
+
+      it 'denies login if sign up is not enabled' do
+        stub_omniauth_setting(allow_single_sign_on: false, block_auto_created_users: false)
+
+        post :saml, params: { SAMLResponse: mock_saml_response }
+
+        expect(flash[:alert]).to start_with 'Signing in using your saml account without a pre-existing GitLab account is not allowed.'
+      end
+    end
+
     context 'with GitLab initiated request' do
       before do
         post :saml, params: { SAMLResponse: mock_saml_response }