Commit 314e4736e485ef00092ff7248503b439fac5c490
1 parent
d1f3643c
Exists in
spb-stable
and in
2 other branches
Strip apostrophe from email generated usernames.
Showing
2 changed files
with
6 additions
and
2 deletions
Show diff stats
lib/gitlab/ldap/user.rb
| @@ -50,7 +50,9 @@ module Gitlab | @@ -50,7 +50,9 @@ module Gitlab | ||
| 50 | # we look for user by extracting part of their email | 50 | # we look for user by extracting part of their email |
| 51 | if !user && email && ldap_conf['allow_username_or_email_login'] | 51 | if !user && email && ldap_conf['allow_username_or_email_login'] |
| 52 | uname = email.partition('@').first | 52 | uname = email.partition('@').first |
| 53 | - user = model.find_by(username: uname) | 53 | + # Strip apostrophes since they are disallowed as part of username |
| 54 | + username = uname.gsub("'", "") | ||
| 55 | + user = model.find_by(username: username) | ||
| 54 | end | 56 | end |
| 55 | 57 | ||
| 56 | user | 58 | user |
lib/gitlab/oauth/user.rb
| @@ -39,7 +39,9 @@ module Gitlab | @@ -39,7 +39,9 @@ module Gitlab | ||
| 39 | # So we use part of email as username for new user | 39 | # So we use part of email as username for new user |
| 40 | # For LDAP, username is already set to the user's | 40 | # For LDAP, username is already set to the user's |
| 41 | # uid/userid/sAMAccountName. | 41 | # uid/userid/sAMAccountName. |
| 42 | - user.username = email.match(/^[^@]*/)[0] | 42 | + email_username = email.match(/^[^@]*/)[0] |
| 43 | + # Strip apostrophes since they are disallowed as part of username | ||
| 44 | + user.username = email_username.gsub("'", "") | ||
| 43 | end | 45 | end |
| 44 | 46 | ||
| 45 | user.save! | 47 | user.save! |