Commit 48e9054056db7f14bdef0d2d5c859f357110ed95
1 parent
56df3dbf
Exists in
spb-stable
and in
3 other branches
Open/close LDAP in ApplicationController
By opening the LDAP connection at the controller level we can reuse it for all LDAP queries during the request.
Showing
2 changed files
with
12 additions
and
9 deletions
Show diff stats
CHANGELOG
| @@ -17,6 +17,7 @@ v 6.7.0 | @@ -17,6 +17,7 @@ v 6.7.0 | ||
| 17 | - Add GFM autocompletion for MergeRequests (Robert Speicher) | 17 | - Add GFM autocompletion for MergeRequests (Robert Speicher) |
| 18 | - Add webhook when a new tag is pushed (Jeroen van Baarsen) | 18 | - Add webhook when a new tag is pushed (Jeroen van Baarsen) |
| 19 | - Add button for toggling inline comments in diff view | 19 | - Add button for toggling inline comments in diff view |
| 20 | + - Reuse the GitLab LDAP connection within each request | ||
| 20 | 21 | ||
| 21 | v 6.6.2 | 22 | v 6.6.2 |
| 22 | - Fix 500 error on branch/tag create or remove via UI | 23 | - Fix 500 error on branch/tag create or remove via UI |
app/controllers/application_controller.rb
| @@ -182,13 +182,15 @@ class ApplicationController < ActionController::Base | @@ -182,13 +182,15 @@ class ApplicationController < ActionController::Base | ||
| 182 | 182 | ||
| 183 | def ldap_security_check | 183 | def ldap_security_check |
| 184 | if current_user && current_user.requires_ldap_check? | 184 | if current_user && current_user.requires_ldap_check? |
| 185 | - if gitlab_ldap_access.allowed?(current_user) | ||
| 186 | - current_user.last_credential_check_at = Time.now | ||
| 187 | - current_user.save | ||
| 188 | - else | ||
| 189 | - sign_out current_user | ||
| 190 | - flash[:alert] = "Access denied for your LDAP account." | ||
| 191 | - redirect_to new_user_session_path | 185 | + gitlab_ldap_access do |access| |
| 186 | + if access.allowed?(current_user) | ||
| 187 | + current_user.last_credential_check_at = Time.now | ||
| 188 | + current_user.save | ||
| 189 | + else | ||
| 190 | + sign_out current_user | ||
| 191 | + flash[:alert] = "Access denied for your LDAP account." | ||
| 192 | + redirect_to new_user_session_path | ||
| 193 | + end | ||
| 192 | end | 194 | end |
| 193 | end | 195 | end |
| 194 | end | 196 | end |
| @@ -198,8 +200,8 @@ class ApplicationController < ActionController::Base | @@ -198,8 +200,8 @@ class ApplicationController < ActionController::Base | ||
| 198 | @event_filter ||= EventFilter.new(filters) | 200 | @event_filter ||= EventFilter.new(filters) |
| 199 | end | 201 | end |
| 200 | 202 | ||
| 201 | - def gitlab_ldap_access | ||
| 202 | - Gitlab::LDAP::Access.new | 203 | + def gitlab_ldap_access(&block) |
| 204 | + Gitlab::LDAP::Access.open { |access| block.call(access) } | ||
| 203 | end | 205 | end |
| 204 | 206 | ||
| 205 | # JSON for infinite scroll via Pager object | 207 | # JSON for infinite scroll via Pager object |