root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

CE changes for SSO web enforcement 

Adds two methods for us to extend in EE:
- OmniauthCallbacksController#link_identity
- GroupPolicy#lookup_access_level!
This commit is contained in:
James Edwards-Jones 2019-05-06 23:18:03 +07:00
parent 8b55b794cb
commit 651cfd08ab
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/omniauth_callbacks_controller.rb
View File

@ -86,7 +86,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
log_audit_event(current_user, with: oauth['provider'])
identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth)
identity_linker.link
link_identity(identity_linker)
if identity_linker.changed?
redirect_identity_linked
@ -100,6 +101,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
end
end
def link_identity(identity_linker)
identity_linker.link
end
def redirect_identity_exists
redirect_to after_sign_in_path_for(current_user)
end

6
app/policies/group_policy.rb
View File

@ -129,6 +129,10 @@ class GroupPolicy < BasePolicy
def access_level
return GroupMember::NO_ACCESS if @user.nil?
@access_level ||= @subject.max_member_access_for_user(@user)
@access_level ||= lookup_access_level!
end
def lookup_access_level!
@subject.max_member_access_for_user(@user)
end
end