Add provider context to Ldap::Access

2014-10-03 17:27:35 +02:00 · 2014-10-03 17:27:35 +02:00 · e23a26aea0
parent 0e276f9cbf
commit e23a26aea0
2 changed files with 13 additions and 7 deletions
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@ -1,16 +1,21 @@
+# LDAP authorization model
+#
+# * Check if we are allowed access (not blocked)
+# * Update authorizations and associations
+#
 module Gitlab
  module LDAP
    class Access
-      attr_reader :adapter
+      attr_reader :adapter, :provider

-      def self.open(&block)
-        Gitlab::LDAP::Adapter.open do |adapter|
-          block.call(self.new(adapter))
+      def self.open(provider, &block)
+        Gitlab::LDAP::Adapter.open(provider) do |adapter|
+          block.call(self.new(provider, adapter))
        end
      end

      def self.allowed?(user)
-        self.open do |access|
+        self.open(user.provider) do |access|
          if access.allowed?(user)
            access.update_permissions(user)
            access.update_email(user)
@ -23,7 +28,8 @@ module Gitlab
        end
      end

-      def initialize(adapter=nil)
+      def initialize(provider, adapter=nil)
+        @provider = provider
        @adapter = adapter
      end

--- a/lib/gitlab/ldap/user.rb
+++ b/lib/gitlab/ldap/user.rb
@ -66,7 +66,7 @@ module Gitlab
      def find_by_uid_and_provider
        # LDAP distinguished name is case-insensitive
        model.
-          where(provider: auth_hash.provider).
+          where(provider: [auth_hash.provider, :ldap]).
          where('lower(extern_uid) = ?', auth_hash.uid.downcase).last
      end