root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
36,067 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

48 Commits

Author SHA1 Message Date
Patricio Cano 06376be56a Decouple SAML authentication from the default Omniauth logic 2016-02-18 17:01:07 -05:00
Douwe Maan 873b0db220 Revert "Merge branch 'saml-decoupling' into 'master' " 
This reverts commit c04e22fba8, reversing
changes made to 0feab326d5.
 2016-02-18 22:14:53 +01:00
Patricio Cano f014127e17 Decouple SAML authentication from the default Omniauth logic 2016-02-18 13:22:19 -05:00
Douwe Maan 98e1a5b634 Allow LDAP users to change their email if it was not set by the LDAP server 2016-01-19 16:25:38 +01:00
Douwe Maan 662aa8ec35 No mb_chars needed anymore 2015-12-24 12:37:46 +01:00
Patricio Cano 1d3889eb46 Fix identity and user retrieval when special characters are used 2015-12-22 13:23:35 -05:00
Drew Blessing b7def88c02 Fix ldap email downcasing bug 2015-10-08 14:59:46 -05:00
Петров Роман e82b37a653 Add support of multibyte characters in LDAP UID 2015-09-30 13:47:50 +03:00
Douwe Maan 909a8443c6 Shuffle config around a bit 2015-09-09 11:40:31 +01:00
Douwe Maan 0e9ba0a4fa Add attributes to LDAP::Config. 2015-09-08 17:34:18 +01:00
Douwe Maan c915e2c823 Allow configuration of LDAP attributes GitLab will use for the new user account. 2015-09-08 16:18:14 +01:00
Douwe Maan d92f428024 Minor refactor 2015-08-29 11:48:54 -07:00
Joel Koglin 4d2f36118a Issue #993: Fixed login failure when extern_uid changes 2015-08-21 09:36:27 -07:00
Douwe Maan 238e4f0295 Add config var to block auto-created LDAP users. 2015-04-14 17:09:05 +02:00
Douwe Maan c43411e97a Non-persisted users already have the identity by way of build_new_user. 2015-04-14 17:08:49 +02:00
Dmitriy Zaporozhets 4ab717ea6a
Merge branch 'ldap_migration' 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Conflicts:
	db/schema.rb
 2015-04-13 17:18:02 +03:00
Dmitriy Zaporozhets 6e88d9335b Merge branch 'skip-email-reconfirmation' into 'master' 
Skip email confirmation when set by admin or via LDAP.

Addresses private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2203.

See merge request !494
 2015-04-13 13:44:56 +00:00
Jacob Vosmaer 325b66365b Remove special cases for the 'ldap' provider 2015-04-13 11:04:31 +02:00
Robert Speicher 2cefdbb535 Move lib/gitlab/oauth to lib/gitlab/o_auth 
Lets Rails autoload these files by name
 2015-04-09 14:19:24 -04:00
Douwe Maan f2af30f195 Skip email confirmation when set by admin or via LDAP. 2015-04-06 13:27:19 +02:00
Dmitriy Zaporozhets ca701a9649 Improvements to LDAP::User model 
* method #changed? also tracks changes of identites (fixes issue with email mapping)
* find ldap identity before initialize one
 2015-01-29 13:28:41 -08:00
Valery Sizov 3a5ed5260b Supporting for multiple omniauth provider for the same user 2014-12-04 13:03:55 +02:00
Valery Sizov 1a80d13a39 Multi-provider auth. LDAP is not reworked 2014-12-04 13:01:50 +02:00
Jan-Willem van der Meer b229b0f003 Fix authorization for LDAP login 2014-10-14 09:40:35 +02:00
Jan-Willem van der Meer 93505f7d04 DRY find method to find Gitlab user 2014-10-14 09:05:29 +02:00
Jan-Willem van der Meer 01b791237c Refactor lib files for multiple LDAP groups 2014-10-13 17:24:05 +02:00
Jan-Willem van der Meer d059f50d4c Refactor OAuth refactorings to CE 2014-10-10 12:03:32 +02:00
Jan-Willem van der Meer b18d1c2786 Remove duplicated create method 2014-09-08 15:25:42 +02:00
Jan-Willem van der Meer 11bb67c3c6 Test authenticate method for Gitlab::LDAP::User 2014-09-08 14:53:59 +02:00
Jan-Willem van der Meer 5b86dab03b Move auth hash to a seperate class 2014-09-04 12:55:10 +02:00
Jan-Willem van der Meer 1bd15fa717 Use instance methods of LDAP::User as well 
Still in need of some proper cleanup
 2014-09-03 17:33:03 +02:00
Jan-Willem van der Meer 62fc80642d Refactor Oauth::User class to use instance methods 2014-09-03 15:59:50 +02:00
Jan-Willem van der Meer ca17e4b7ad Remove duplicate method 2014-09-01 14:30:31 +02:00
Jacob Vosmaer 614ca3ec65 Remove LDAP::Access#find_user 
This method existed to allow LDAP users to take over existing GitLab
accounts if the part before the '@' of their LDAP email attribute
matched the username of an existing GitLab user. I propose to disable
this behavior in order to prevent unintended GitLab account takeovers.

After this change it is still possible to take over an existing GitLab
account with your LDAP credentials, as long as the GitLab account email
address matches the LDAP user email address.
 2014-08-29 15:38:05 +02:00
Marin Jankovski 314e4736e4 Strip apostrophe from email generated usernames. 2014-06-11 17:06:28 +02:00
Dmitriy Zaporozhets fdeacf0ad1 Merge pull request #6317 from jirutka/fix-ldap-dn-case 
Fix searching by extern_uid for LDAP to be case-insensitive
 2014-03-29 14:08:31 +02:00
Jacob Vosmaer 2e6b537018 Use omniauth nickname as the username for LDAP 
Before there was a bug in omniauth-ldap which prevented samaccountname
showing up as a possible username for new LDAP users. Thanks to upstream
fixes, we no longer need to work around this bug.
 2014-03-28 13:57:52 +01:00
Dmitriy Zaporozhets daa7f077db
Port LDAP code from EE 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-03-10 14:48:08 +02:00
Jakub Jirutka 91e7692b66 Fix searching by extern_uid for LDAP to be case-insensitive 2014-02-18 19:38:22 +01:00
skv a3f645ef51 Remove deprecated finders 2014-01-19 23:39:56 +04:00
Sytse Sijbrandij 71e92681f2 We welcome everyone to contribute. 2013-12-01 11:53:00 +01:00
Elias Mårtenson bc8a875df1 When looking up a user by DN, use single scope 
The blocked? method is used to check whether a user exists in LDAP. Prior to this change, if the LDAP server had more objects below the one pointed to by the DN, those objects would also be picked up by the search, causing the method to determine the user should be blocked.

One case where this can happen is when using Active Directory and a user have a mobile phone assigned. In this case, Exchange will add an entry called ExchangeActiveSyncDevices under the users entry. The user-visible behaviour is then that a user loses Gitlab access when he enables a mobile device.

This fix sets the search scope to BaseObject in order to ensure that only the user itself is returned.
 2013-11-03 21:51:10 +08:00
Dmitriy Zaporozhets baa65e89b9 Check if LDAP user was removed or blocked when use git over ssh 2013-10-07 16:06:30 +03:00
Izaak Alpert 8a8123a3d4 Update for readability 
fixed a test a broke in the configurable theme PR
Change-Id: Id894506941bc01ab0d259d48ca7ff9b80bb2c57e
 2013-09-22 20:56:17 -04:00
Izaak Alpert 4fcc17e667 Allows username only updates to ldap properties 
-when logging in if users are allowed to login with just usernames in ldap we will update uid of the user if their uid is out of date

Conflicts:
	spec/lib/auth_spec.rb

Change-Id: Ia171b3d5133da86edc18c0d08ecfaf6a174f2574
 2013-09-22 20:25:47 -04:00
Dmitriy Zaporozhets 0df1cf7fcc Inherit Gitlab::LDAP::User from Gitlab::OAuth::User 2013-09-04 00:06:13 +03:00
Dmitriy Zaporozhets 71abf70458 Move ldap auth to LDAP::User. Removed unused code 2013-09-02 23:50:45 +03:00
Dmitriy Zaporozhets 6bf117c601 Mode User+LDAP functionality from Gitlab::Auth 2013-09-02 23:35:40 +03:00