Add User#requires_ldap_check? method

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Add User#requires_ldap_check? method
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Dmitriy Zaporozhets
1 parent cf890b22
Showing 2 changed files with 13 additions and 3 deletions Show diff stats
app/controllers/application_controller.rb
app/models/user.rb
@@ -181,7 +181,7 @@ class ApplicationController &lt; ActionController::Base
   end
  
   def ldap_security_check
-    if current_user && current_user.ldap_user? && current_user.requires_ldap_check?
+    if current_user && current_user.requires_ldap_check?
       if gitlab_ldap_access.allowed?(current_user)
         current_user.last_credential_check_at = Time.now
         current_user.save
@@ -185,7 +185,7 @@ class User &lt; ActiveRecord::Base
         where(conditions).first
       end
     end
-    
+
     def find_for_commit(email, name)
       # Prefer email match over name match
       User.where(email: email).first ||
@@ -275,7 +275,9 @@ class User &lt; ActiveRecord::Base
   # Projects user has access to
   def authorized_projects
     @authorized_projects ||= begin
-                               project_ids = (personal_projects.pluck(:id) + groups_projects.pluck(:id) + projects.pluck(:id)).uniq
+                               project_ids = personal_projects.pluck(:id)
+                               project_ids += groups_projects.pluck(:id)
+                               project_ids += projects.pluck(:id).uniq
                                Project.where(id: project_ids).joins(:namespace).order('namespaces.name ASC')
                              end
   end
@@ -406,6 +408,14 @@ class User &lt; ActiveRecord::Base
     end
   end
  
+  def requires_ldap_check?
+    if ldap_user?
+      !last_credential_check_at || (last_credential_check_at + 1.hour) < Time.now
+    else
+      false
+    end
+  end
+
   def solo_owned_groups
     @solo_owned_groups ||= owned_groups.select do |group|
       group.owners == [self]
...	...	@@ -181,7 +181,7 @@ class ApplicationController < ActionController::Base
181	181	end
182	182
183	183	def ldap_security_check
184		- if current_user && current_user.ldap_user? && current_user.requires_ldap_check?
	184	+ if current_user && current_user.requires_ldap_check?
185	185	if gitlab_ldap_access.allowed?(current_user)
186	186	current_user.last_credential_check_at = Time.now
187	187	current_user.save
...	...
...	...	@@ -185,7 +185,7 @@ class User < ActiveRecord::Base
185	185	where(conditions).first
186	186	end
187	187	end
188		-
	188	+
189	189	def find_for_commit(email, name)
190	190	# Prefer email match over name match
191	191	User.where(email: email).first \|\|
...	...	@@ -275,7 +275,9 @@ class User < ActiveRecord::Base
275	275	# Projects user has access to
276	276	def authorized_projects
277	277	@authorized_projects \|\|= begin
278		- project_ids = (personal_projects.pluck(:id) + groups_projects.pluck(:id) + projects.pluck(:id)).uniq
	278	+ project_ids = personal_projects.pluck(:id)
	279	+ project_ids += groups_projects.pluck(:id)
	280	+ project_ids += projects.pluck(:id).uniq
279	281	Project.where(id: project_ids).joins(:namespace).order('namespaces.name ASC')
280	282	end
281	283	end
...	...	@@ -406,6 +408,14 @@ class User < ActiveRecord::Base
406	408	end
407	409	end
408	410
	411	+ def requires_ldap_check?
	412	+ if ldap_user?
	413	+ !last_credential_check_at \|\| (last_credential_check_at + 1.hour) < Time.now
	414	+ else
	415	+ false
	416	+ end
	417	+ end
	418	+
409	419	def solo_owned_groups
410	420	@solo_owned_groups \|\|= owned_groups.select do \|group\|
411	421	group.owners == [self]
...	...