Merge branch 'ldap_password' into 'master'

Prevent LDAP users from using reset password function

Merge branch 'ldap_password' into 'master'
Prevent LDAP users from using reset password function
Dmitriy Zaporozhets
2 parents 8fa53ce4 a740e2d6
Showing 2 changed files with 19 additions and 1 deletions Show diff stats
app/controllers/passwords_controller.rb
config/routes.rb
@@ -0,0 +1,18 @@
+class PasswordsController < Devise::PasswordsController
+
+  def create
+    email = resource_params[:email]
+    resource_found = resource_class.find_by_email(email)
+    if resource_found && resource_found.ldap_user?
+      flash[:alert] = "Cannot reset password for LDAP user."
+      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name)) and return
+    end
+
+    self.resource = resource_class.send_reset_password_instructions(resource_params)
+    if successfully_sent?(resource)
+      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name))
+    else
+      respond_with(resource)
+    end
+  end
+end
@@ -167,7 +167,7 @@ Gitlab::Application.routes.draw do
   resources :projects, constraints: { id: /[^\/]+/ }, only: [:new, :create]
-  devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations }
+  devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations , passwords: :passwords}
   #
   # Project Area
@@ -0,0 +1,18 @@		@@ -0,0 +1,18 @@
	1	+class PasswordsController < Devise::PasswordsController
	2	+
	3	+ def create
	4	+ email = resource_params[:email]
	5	+ resource_found = resource_class.find_by_email(email)
	6	+ if resource_found && resource_found.ldap_user?
	7	+ flash[:alert] = "Cannot reset password for LDAP user."
	8	+ respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name)) and return
	9	+ end
	10	+
	11	+ self.resource = resource_class.send_reset_password_instructions(resource_params)
	12	+ if successfully_sent?(resource)
	13	+ respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name))
	14	+ else
	15	+ respond_with(resource)
	16	+ end
	17	+ end
	18	+end
	@@ -167,7 +167,7 @@ Gitlab::Application.routes.draw do		@@ -167,7 +167,7 @@ Gitlab::Application.routes.draw do
167		167
168	resources :projects, constraints: { id: /[^\/]+/ }, only: [:new, :create]	168	resources :projects, constraints: { id: /[^\/]+/ }, only: [:new, :create]
169		169
170	- devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations }	170	+ devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations , passwords: :passwords}
171		171
172	#	172	#
173	# Project Area	173	# Project Area