Class: Gitlab::Auth::OAuth::User

Inherits:

Object

• Object
• Gitlab::Auth::OAuth::User

Defined in:

lib/gitlab/auth/o_auth/user.rb

Direct Known Subclasses

Atlassian::User, Ldap::User, Saml::User

Constant Summary

SignupDisabledError =

Class.new(StandardError)

SigninDisabledForProviderError =

Class.new(StandardError)

Instance Attribute Summary

• #auth_hash ⇒ Object readonly

  Returns the value of attribute auth_hash.

Class Method Summary

• .find_by_uid_and_provider(uid, provider) ⇒ Object

  rubocop: disable CodeReuse/ActiveRecord.

Instance Method Summary

• #bypass_two_factor? ⇒ Boolean
• #find_and_update! ⇒ Object
• #find_user ⇒ Object
• #gl_user ⇒ Object
• #initialize(auth_hash) ⇒ User constructor

  A new instance of User.

• #new? ⇒ Boolean
• #persisted? ⇒ Boolean
• #protocol_name ⇒ Object
• #save(provider = protocol_name) ⇒ Object
• #valid? ⇒ Boolean
• #valid_sign_in? ⇒ Boolean

Constructor Details

#initialize(auth_hash) ⇒ User

Returns a new instance of User.

# File 'lib/gitlab/auth/o_auth/user.rb', line 27

def initialize(auth_hash)
  self.auth_hash = auth_hash
  update_profile
  add_or_update_user_identities
end

Instance Attribute Details

#auth_hash ⇒ Object

Returns the value of attribute auth_hash.

# File 'lib/gitlab/auth/o_auth/user.rb', line 25

def auth_hash
  @auth_hash
end

Class Method Details

.find_by_uid_and_provider(uid, provider) ⇒ Object

rubocop: disable CodeReuse/ActiveRecord

# File 'lib/gitlab/auth/o_auth/user.rb', line 14

def find_by_uid_and_provider(uid, provider)
  identity = ::Identity.with_extern_uid(provider, uid).take

  identity && identity.user
end

Instance Method Details

#bypass_two_factor? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/o_auth/user.rb', line 91

def bypass_two_factor?
  providers = Gitlab.config.omniauth.allow_bypass_two_factor
  if providers.is_a?(Array)
    providers.include?(auth_hash.provider)
  else
    providers
  end
end

#find_and_update! ⇒ Object

# File 'lib/gitlab/auth/o_auth/user.rb', line 85

def find_and_update!
  save if should_save?

  gl_user
end

#find_user ⇒ Object

# File 'lib/gitlab/auth/o_auth/user.rb', line 73

def find_user
  user = find_by_uid_and_provider

  user ||= find_by_email if auto_link_user?
  user ||= find_or_build_ldap_user if auto_link_ldap_user?
  user ||= build_new_user if signup_enabled?

  user.external = true if external_provider? && user&.new_record?

  user
end

#gl_user ⇒ Object

# File 'lib/gitlab/auth/o_auth/user.rb', line 67

def gl_user
  return @gl_user if defined?(@gl_user)

  @gl_user = find_user
end

#new? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/o_auth/user.rb', line 37

def new?
  !persisted?
end

#persisted? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/o_auth/user.rb', line 33

def persisted?
  gl_user.try(:persisted?)
end

#protocol_name ⇒ Object

# File 'lib/gitlab/auth/o_auth/user.rb', line 100

def protocol_name
  'OAuth'
end

#save(provider = protocol_name) ⇒ Object

# File 'lib/gitlab/auth/o_auth/user.rb', line 49

def save(provider = protocol_name)
  raise SigninDisabledForProviderError if oauth_provider_disabled?
  raise SignupDisabledError unless gl_user

  block_after_save = needs_blocking?

  Users::UpdateService.new(gl_user, user: gl_user).execute!

  gl_user.block_pending_approval if block_after_save
  activate_user_if_user_cap_not_reached

  log.info "(#{provider}) saving user #{auth_hash.email} from login with admin => #{gl_user.admin}, extern_uid => #{auth_hash.uid}"
  gl_user
rescue ActiveRecord::RecordInvalid => e
  log.info "(#{provider}) Error saving user #{auth_hash.uid} (#{auth_hash.email}): #{gl_user.errors.full_messages}"
  [self, e.record.errors]
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/o_auth/user.rb', line 41

def valid?
  gl_user.try(:valid?)
end

#valid_sign_in? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/auth/o_auth/user.rb', line 45

def valid_sign_in?
  valid? && persisted?
end