BigW Consortium Gitlab

  1. 08 Sep, 2014 2 commits
  2. 04 Sep, 2014 1 commit
  3. 03 Sep, 2014 2 commits
  4. 01 Sep, 2014 1 commit
  5. 29 Aug, 2014 1 commit
    • Remove LDAP::Access#find_user · 614ca3ec
      Jacob Vosmaer authored
      This method existed to allow LDAP users to take over existing GitLab
      accounts if the part before the '@' of their LDAP email attribute
      matched the username of an existing GitLab user. I propose to disable
      this behavior in order to prevent unintended GitLab account takeovers.
      
      After this change it is still possible to take over an existing GitLab
      account with your LDAP credentials, as long as the GitLab account email
      address matches the LDAP user email address.
  6. 11 Jun, 2014 1 commit
  7. 28 Mar, 2014 1 commit
    • Use omniauth nickname as the username for LDAP · 2e6b5370
      Jacob Vosmaer authored
      Before there was a bug in omniauth-ldap which prevented samaccountname
      showing up as a possible username for new LDAP users. Thanks to upstream
      fixes, we no longer need to work around this bug.
  8. 10 Mar, 2014 1 commit
  9. 18 Feb, 2014 1 commit
  10. 19 Jan, 2014 1 commit
  11. 01 Dec, 2013 1 commit
  12. 03 Nov, 2013 1 commit
    • When looking up a user by DN, use single scope · bc8a875d
      Elias Mårtenson authored
      The blocked? method is used to check whether a user exists in LDAP. Prior to this change, if the LDAP server had more objects below the one pointed to by the DN, those objects would also be picked up by the search, causing the method to determine the user should be blocked.
      
      One case where this can happen is when using Active Directory and a user have a mobile phone assigned. In this case, Exchange will add an entry called ExchangeActiveSyncDevices under the users entry. The user-visible behaviour is then that a user loses Gitlab access when he enables a mobile device.
      
      This fix sets the search scope to BaseObject in order to ensure that only the user itself is returned.
  13. 07 Oct, 2013 1 commit
  14. 23 Sep, 2013 2 commits
    • Update for readability · 8a8123a3
      Izaak Alpert authored
      fixed a test a broke in the configurable theme PR
      Change-Id: Id894506941bc01ab0d259d48ca7ff9b80bb2c57e
    • Allows username only updates to ldap properties · 4fcc17e6
      Izaak Alpert authored
      -when logging in if users are allowed to login with just usernames in ldap we will update uid of the user if their uid is out of date
      
      Conflicts:
      	spec/lib/auth_spec.rb
      
      Change-Id: Ia171b3d5133da86edc18c0d08ecfaf6a174f2574
  15. 03 Sep, 2013 1 commit
  16. 02 Sep, 2013 2 commits