BigW Consortium Gitlab

  1. 18 Feb, 2016 3 commits
  2. 19 Jan, 2016 1 commit
  3. 24 Dec, 2015 1 commit
  4. 22 Dec, 2015 1 commit
  5. 08 Oct, 2015 1 commit
  6. 30 Sep, 2015 1 commit
  7. 09 Sep, 2015 1 commit
  8. 08 Sep, 2015 2 commits
  9. 29 Aug, 2015 1 commit
  10. 21 Aug, 2015 1 commit
  11. 14 Apr, 2015 2 commits
  12. 13 Apr, 2015 1 commit
  13. 09 Apr, 2015 1 commit
  14. 06 Apr, 2015 1 commit
  15. 29 Jan, 2015 1 commit
  16. 04 Dec, 2014 2 commits
  17. 14 Oct, 2014 2 commits
  18. 13 Oct, 2014 1 commit
  19. 10 Oct, 2014 1 commit
  20. 08 Sep, 2014 2 commits
  21. 04 Sep, 2014 1 commit
  22. 03 Sep, 2014 2 commits
  23. 01 Sep, 2014 1 commit
  24. 29 Aug, 2014 1 commit
    • Remove LDAP::Access#find_user · 614ca3ec
      Jacob Vosmaer authored
      This method existed to allow LDAP users to take over existing GitLab
      accounts if the part before the '@' of their LDAP email attribute
      matched the username of an existing GitLab user. I propose to disable
      this behavior in order to prevent unintended GitLab account takeovers.
      
      After this change it is still possible to take over an existing GitLab
      account with your LDAP credentials, as long as the GitLab account email
      address matches the LDAP user email address.
  25. 11 Jun, 2014 1 commit
  26. 28 Mar, 2014 1 commit
    • Use omniauth nickname as the username for LDAP · 2e6b5370
      Jacob Vosmaer authored
      Before there was a bug in omniauth-ldap which prevented samaccountname
      showing up as a possible username for new LDAP users. Thanks to upstream
      fixes, we no longer need to work around this bug.
  27. 10 Mar, 2014 1 commit
  28. 18 Feb, 2014 1 commit
  29. 19 Jan, 2014 1 commit
  30. 01 Dec, 2013 1 commit
  31. 03 Nov, 2013 1 commit
    • When looking up a user by DN, use single scope · bc8a875d
      Elias Mårtenson authored
      The blocked? method is used to check whether a user exists in LDAP. Prior to this change, if the LDAP server had more objects below the one pointed to by the DN, those objects would also be picked up by the search, causing the method to determine the user should be blocked.
      
      One case where this can happen is when using Active Directory and a user have a mobile phone assigned. In this case, Exchange will add an entry called ExchangeActiveSyncDevices under the users entry. The user-visible behaviour is then that a user loses Gitlab access when he enables a mobile device.
      
      This fix sets the search scope to BaseObject in order to ensure that only the user itself is returned.
  32. 07 Oct, 2013 1 commit