Inherit Gitlab::LDAP::User from Gitlab::OAuth::User

Dmitriy Zaporozhets
1 parent b45e9264
Showing 1 changed file with 33 additions and 67 deletions Show diff stats
lib/gitlab/ldap/user.rb
+require 'gitlab/oauth/user'
+
 # LDAP extension for User model
 #
 # * Find or create user from omniauth.auth data
 # * Links LDAP account with existing user
+# * Auth LDAP user with login and password
 #
 module Gitlab
   module LDAP
-    class User
+    class User < Gitlab::OAuth::User
       class << self
-        def find(uid, email)
-          # Look for user with ldap provider and same uid
-          user = find_by_uid(uid)
-          return user if user
-
-          # Look for user with same emails
-          #
-          # Possible cases:
-          # * When user already has account and need to link his LDAP account.
-          # * LDAP uid changed for user with same email and we need to update his uid
-          #
-          user = model.find_by_email(email)
-
-          if user
-            user.update_attributes(extern_uid: uid, provider: 'ldap')
-            log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
-          end
-
-          user
-        end
-
-        def create(uid, email, name)
-          password = Devise.friendly_token[0, 8].downcase
-          username = email.match(/^[^@]*/)[0]
-
-          opts = {
-            extern_uid: uid,
-            provider: 'ldap',
-            name: name,
-            username: username,
-            email: email,
-            password: password,
-            password_confirmation: password,
-          }
-
-          user = model.new(opts, as: :admin).with_defaults
-          user.save!
-          log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
-
-          user
-        end
-
         def find_or_create(auth)
-          uid, email, name = uid(auth), email(auth), name(auth)
+          @auth = auth
  
           if uid.blank? || email.blank?
             raise_error("Account must provide an uid and email address")
           end
  
-          user = find(uid, email)
-          user = create(uid, email, name) unless user
-          user
-        end
+          user = find(auth)
+
+          unless user
+            # Look for user with same emails
+            #
+            # Possible cases:
+            # * When user already has account and need to link his LDAP account.
+            # * LDAP uid changed for user with same email and we need to update his uid
+            #
+            user = model.find_by_email(email)
+
+            if user
+              user.update_attributes(extern_uid: uid, provider: provider)
+              log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
+            else
+              # Create a new user inside GitLab database
+              # based on LDAP credentials
+              #
+              #
+              user = create(auth)
+            end
+          end
  
-        def find_by_uid(uid)
-          model.ldap.where(extern_uid: uid).last
+          user
         end
  
-        def auth(login, password)
+        def authenticate(login, password)
           # Check user against LDAP backend if user is not authenticated
           # Only check with valid login and password to prevent anonymous bind results
           return nil unless ldap_conf.enabled && login.present? && password.present?
@@ -82,30 +60,18 @@ module Gitlab
  
         private
  
-        def uid(auth)
-          auth.info.uid
-        end
-
-        def email(auth)
-          auth.info.email.downcase unless auth.info.email.nil?
-        end
-
-        def name(auth)
-          auth.info.name.to_s.force_encoding("utf-8")
+        def find_by_uid(uid)
+          model.where(provider: provider, extern_uid: uid).last
         end
  
-        def log
-          Gitlab::AppLogger
+        def provider
+          'ldap'
         end
  
         def raise_error(message)
           raise OmniAuth::Error, "(LDAP) " + message
         end
  
-        def model
-          ::User
-        end
-
         def ldap_conf
           Gitlab.config.ldap
         end
	1	+require 'gitlab/oauth/user'
	2	+
1	3	# LDAP extension for User model
2	4	#
3	5	# * Find or create user from omniauth.auth data
4	6	# * Links LDAP account with existing user
	7	+# * Auth LDAP user with login and password
5	8	#
6	9	module Gitlab
7	10	module LDAP
8		- class User
	11	+ class User < Gitlab::OAuth::User
9	12	class << self
10		- def find(uid, email)
11		- # Look for user with ldap provider and same uid
12		- user = find_by_uid(uid)
13		- return user if user
14		-
15		- # Look for user with same emails
16		- #
17		- # Possible cases:
18		- # * When user already has account and need to link his LDAP account.
19		- # * LDAP uid changed for user with same email and we need to update his uid
20		- #
21		- user = model.find_by_email(email)
22		-
23		- if user
24		- user.update_attributes(extern_uid: uid, provider: 'ldap')
25		- log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
26		- end
27		-
28		- user
29		- end
30		-
31		- def create(uid, email, name)
32		- password = Devise.friendly_token[0, 8].downcase
33		- username = email.match(/^[^@]*/)[0]
34		-
35		- opts = {
36		- extern_uid: uid,
37		- provider: 'ldap',
38		- name: name,
39		- username: username,
40		- email: email,
41		- password: password,
42		- password_confirmation: password,
43		- }
44		-
45		- user = model.new(opts, as: :admin).with_defaults
46		- user.save!
47		- log.info "(LDAP) Creating user #{email} from login with extern_uid => #{uid}"
48		-
49		- user
50		- end
51		-
52	13	def find_or_create(auth)
53		- uid, email, name = uid(auth), email(auth), name(auth)
	14	+ @auth = auth
54	15
55	16	if uid.blank? \|\| email.blank?
56	17	raise_error("Account must provide an uid and email address")
57	18	end
58	19
59		- user = find(uid, email)
60		- user = create(uid, email, name) unless user
61		- user
62		- end
	20	+ user = find(auth)
	21	+
	22	+ unless user
	23	+ # Look for user with same emails
	24	+ #
	25	+ # Possible cases:
	26	+ # * When user already has account and need to link his LDAP account.
	27	+ # * LDAP uid changed for user with same email and we need to update his uid
	28	+ #
	29	+ user = model.find_by_email(email)
	30	+
	31	+ if user
	32	+ user.update_attributes(extern_uid: uid, provider: provider)
	33	+ log.info("(LDAP) Updating legacy LDAP user #{email} with extern_uid => #{uid}")
	34	+ else
	35	+ # Create a new user inside GitLab database
	36	+ # based on LDAP credentials
	37	+ #
	38	+ #
	39	+ user = create(auth)
	40	+ end
	41	+ end
63	42
64		- def find_by_uid(uid)
65		- model.ldap.where(extern_uid: uid).last
	43	+ user
66	44	end
67	45
68		- def auth(login, password)
	46	+ def authenticate(login, password)
69	47	# Check user against LDAP backend if user is not authenticated
70	48	# Only check with valid login and password to prevent anonymous bind results
71	49	return nil unless ldap_conf.enabled && login.present? && password.present?
...	...	@@ -82,30 +60,18 @@ module Gitlab
82	60
83	61	private
84	62
85		- def uid(auth)
86		- auth.info.uid
87		- end
88		-
89		- def email(auth)
90		- auth.info.email.downcase unless auth.info.email.nil?
91		- end
92		-
93		- def name(auth)
94		- auth.info.name.to_s.force_encoding("utf-8")
	63	+ def find_by_uid(uid)
	64	+ model.where(provider: provider, extern_uid: uid).last
95	65	end
96	66
97		- def log
98		- Gitlab::AppLogger
	67	+ def provider
	68	+ 'ldap'
99	69	end
100	70
101	71	def raise_error(message)
102	72	raise OmniAuth::Error, "(LDAP) " + message
103	73	end
104	74
105		- def model
106		- ::User
107		- end
108		-
109	75	def ldap_conf
110	76	Gitlab.config.ldap
111	77	end
...	...