BigW Consortium Gitlab

Unverified Commit f4b30c6d by Douwe Maan Committed by Rémy Coutable

Fix OAuth, LDAP and SAML SSO when regular sign-ups are disabled

Signed-off-by: 's avatarRémy Coutable <remy@rymai.me>
parent 7d10817c
......@@ -6,8 +6,8 @@ module Users
@params = params.dup
end
def build
raise Gitlab::Access::AccessDeniedError unless can_create_user?
def build(skip_authorization: false)
raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user?
user = User.new(build_user_params)
......@@ -32,8 +32,8 @@ module Users
user
end
def execute
user = build
def execute(skip_authorization: false)
user = build(skip_authorization: skip_authorization)
if user.save
log_info("User \"#{user.name}\" (#{user.email}) was created")
......
---
title: Fix OAuth, LDAP and SAML SSO when regular sign-ups are disabled
merge_request:
author:
......@@ -148,7 +148,7 @@ module Gitlab
def build_new_user
user_params = user_attributes.merge(extern_uid: auth_hash.uid, provider: auth_hash.provider, skip_confirmation: true)
Users::CreateService.new(nil, user_params).build
Users::CreateService.new(nil, user_params).build(skip_authorization: true)
end
def user_attributes
......
......@@ -108,6 +108,18 @@ describe Gitlab::LDAP::User, lib: true do
it "creates a new user if not found" do
expect{ ldap_user.save }.to change{ User.count }.by(1)
end
context 'when signup is disabled' do
before do
stub_application_setting signup_enabled: false
end
it 'creates the user' do
ldap_user.save
expect(gl_user).to be_persisted
end
end
end
describe 'updating email' do
......
......@@ -40,6 +40,20 @@ describe Gitlab::OAuth::User, lib: true do
let(:provider) { 'twitter' }
describe 'signup' do
context 'when signup is disabled' do
before do
stub_application_setting signup_enabled: false
end
it 'creates the user' do
stub_omniauth_config(allow_single_sign_on: ['twitter'])
oauth_user.save
expect(gl_user).to be_persisted
end
end
it 'marks user as having password_automatically_set' do
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['twitter'])
......
......@@ -211,6 +211,18 @@ describe Gitlab::Saml::User, lib: true do
end
end
end
context 'when signup is disabled' do
before do
stub_application_setting signup_enabled: false
end
it 'creates the user' do
saml_user.save
expect(gl_user).to be_persisted
end
end
end
describe 'blocking' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment