root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
93,867 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

106 Commits

Author SHA1 Message Date
Stan Hu f93b2e02a5 Run rubocop -a on CE files 2019-05-05 03:24:28 -07:00
Rémy Coutable 45da7dd306
Backport 'Update user name upon LDAP sync' from EE 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2019-03-25 11:16:01 +01:00
Rémy Coutable 8018bc96a3
Handle nil name in Gitlab::Auth::LDAP::Person#name 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2019-03-20 14:59:07 +01:00
Andrew Newdigate 3288e1a874 Adds the Rubocop ReturnNil cop 
This style change enforces `return if ...` instead of
`return nil if ...` to save maintainers a few minor review points
 2019-03-06 17:51:56 +02:00
Douwe Maan ed41f4e6ea Merge branch 'add_ldap_tls_options' into 'master' 
Allow raw `tls_options` to be passed in LDAP configuration

Closes #46391

See merge request gitlab-org/gitlab-ce!20678
 2019-03-05 13:17:23 +00:00
Yorick Peterse 040e6e72bf Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master' 
Ensure request to link GroupSAML acount was GitLab initiated

See merge request gitlab/gitlabhq!2976
 2019-03-04 18:36:26 +00:00
Drew Blessing f6350faca1 Allow raw `tls_options` to be passed in LDAP configuration 
We've previously exposed ca_file and ssl_version but there are many
possible options that can be used inside tls_options. Instead of
exposing individual ones, simply expose the entire hash so it can
be passed in and we won't have to add things in the future.
 2019-03-04 10:27:43 -06:00
Imre Farkas b57cf4ae3f
Backport of ee/9235: Add LDAP integration to smartcard authentication 2019-01-27 22:26:32 +01:00
James Edwards-Jones 104c8b890d Backport EE GroupSAML origin verification changes 2019-01-23 19:42:16 +00:00
Imre Farkas 157b385411
Log admin status of user when OAuth::User is saved 2019-01-23 14:26:15 +01:00
Semyon Pupkov c379973bce chore(rubocop): fix Style/TrivialAccessors issues 2019-01-16 13:53:04 +05:00
Imre Farkas bd3a484032
Add config to disable impersonation 
Adds gitlab.impersonation_enabled config option defaulting to true to
keep the current default behaviour.

Only the act of impersonation is modified, impersonation token
management is not affected.
 2018-11-29 09:37:16 +01:00
Cindy Pallares fe5f75930e
Merge branch 'security-fix-pat-web-access' into 'master' 
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request"

See merge request gitlab/gitlabhq!2583
 2018-11-28 19:13:59 -05:00
Douwe Maan 6f0ff56ef8 Merge branch 'fix/allow-saml2-for-2fa-bypass' into 'master' 
saml/auth_hash: Allow 2FA bypass for SAML 2.0 responses

See merge request gitlab-org/gitlab-ce!22568
 2018-11-20 11:07:59 +00:00
George Tsiolis 733ae94921 Fix typos in comments and specs 2018-11-01 08:59:20 +02:00
Imre Farkas b9652d8e4d [master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00
115100 2a8a4897ff
saml/auth_hash: Allow 2FA bypass for SAML 2.0 responses 
Closes gitlab-org/gitlab-ce/#53102.
 2018-10-25 12:08:07 +01:00
gfyoung e166e5747c Enable some frozen string in lib/gitlab 
Enable frozen string for the following files:

* lib/gitlab/auth/**/*.rb
* lib/gitlab/badge/**/*.rb
* lib/gitlab/bare_repository_import/**/*.rb
* lib/gitlab/bitbucket_import/**/*.rb
* lib/gitlab/bitbucket_server_import/**/*.rb
* lib/gitlab/cache/**/*.rb
* lib/gitlab/checks/**/*.rb

Partially addresses #47424.
 2018-10-13 02:31:31 -07:00
Marcel Amirault eb640eded7 Correct Gitlab Capitalization in code files 2018-09-21 12:05:37 +00:00
Yorick Peterse 2039c8280d
Disable existing offenses for the CodeReuse cops 
This whitelists all existing offenses for the various CodeReuse cops, of
which most are triggered by the CodeReuse/ActiveRecord cop.
 2018-09-11 17:32:00 +02:00
Douglas Barbosa Alexandre 5894dfabc5
Backport LDAP changes to CE 2018-08-23 15:46:45 +02:00
Stan Hu 7486d424b9 Fix broken Git over HTTP clones with LDAP users 
Due to a regression in !20608, the LDAP authenticator was not being used
unless OmniAuth was enabled. This change allows the LDAP provider to be used
if it is configured regardless of the OmniAuth setting.

Closes #50579
 2018-08-22 13:07:14 -07:00
Grzegorz Bizon 98e9f52cf4 Improve blocked user tracking code readability 2018-08-03 12:58:00 +02:00
Grzegorz Bizon 5bbd3a93e9 Remove an empty line from blocker user tracker class 2018-08-02 15:41:14 +02:00
Grzegorz Bizon c2a5bbc295 Remove an empty line from the end of blocked_user_tracker.rb 2018-08-02 07:04:12 +00:00
Grzegorz Bizon 9c6aa0a0a6 Improve authentication events-related code readability 2018-08-01 17:08:59 +02:00
Grzegorz Bizon 2b05562c5b Simplify blocked user tracking during authentication 2018-08-01 15:56:44 +02:00
Grzegorz Bizon 4bcf72e734 Improve blocked user tracking and fire some events only once 2018-08-01 14:23:06 +02:00
Sean McGivern e6dd3c5276 Merge branch 'feature/gb/login-activity-metrics' into 'master' 
Add user authentication activity metrics

Closes #47789

See merge request gitlab-org/gitlab-ce!20668
 2018-07-31 10:44:22 +00:00
Grzegorz Bizon de8f8cdf06 Improve authentication activity code readability 2018-07-31 09:24:19 +02:00
Grzegorz Bizon 5f66d1de09 Improve specs for blocked user tracker class 2018-07-27 13:54:31 +02:00
Grzegorz Bizon 00e4d918a3 Add authentication metrics for sessionless sign in 2018-07-27 12:56:34 +02:00
Grzegorz Bizon c44541a506 Improve readability and move custom matchers to better place 2018-07-27 12:29:49 +02:00
Grzegorz Bizon ede8c0ced4 Catch custom warden events too to increment metrics 2018-07-27 12:19:34 +02:00
Grzegorz Bizon 656985bf75 Make authentication metrics events explicit is specs 2018-07-26 18:36:04 +02:00
Grzegorz Bizon 0da5c588b1 Fix activity metric name that need to be symbols 2018-07-24 08:20:48 +00:00
Grzegorz Bizon 01cac53d71 Make it easier to stub authentication metrics 2018-07-23 17:20:24 +02:00
Grzegorz Bizon 68547bc0e0 Track blocked users and two factor authentications 2018-07-23 15:13:11 +02:00
Grzegorz Bizon 1a39d24d20 Refactor blocked user tracker class 2018-07-20 16:00:28 +02:00
Grzegorz Bizon 33e11345e0 Add custom expectations for authentication activity metrics 2018-07-20 15:06:11 +02:00
Lin Jen-Shin d0afab482f Disable SAML if OmniAuth is disabled 
We also try to unify the way we setup OmniAuth, and how we check
if it's enabled or not.
 2018-07-20 18:54:46 +08:00
Grzegorz Bizon ac4b954c5f Rename authentication activity observer methods 2018-07-19 10:34:58 +02:00
Grzegorz Bizon 416076610e Implement scaffold of authentication activity metrics 2018-07-17 14:50:04 +02:00
Lin Jen-Shin 4ee08b77bc Updates from `rubocop -a` 2018-07-09 21:13:08 +08:00
Roger Rüttimann 2efe27ba18 Honor saml assurance level to allow 2FA bypassing 2018-06-25 15:32:03 +00:00
Imre Farkas 20dfe25c15 Export assigned issues in iCalendar feed 2018-05-31 14:01:04 +00:00
Bob Van Landuyt 7a139c1602 Add username to terms message in git and API calls 
This will make it clearer to users which account is being used to make
the API/git call. So they know which account needs to be used to
accept the terms.

Closes #46649
 2018-05-24 18:19:48 +02:00
Rémy Coutable 6226d19c71
Minimize CE/EE difference in Gitlab::Auth::LDAP::Config 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2018-05-18 16:30:53 +02:00
Rémy Coutable 8b287679a1
Minimize CE/EE difference in Gitlab::Auth::LDAP::Access 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2018-05-18 16:30:53 +02:00
Rémy Coutable dfdbf198b3
Minimize CE/EE difference in Gitlab::Auth::UserAuthFinders 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2018-05-18 16:30:53 +02:00