diff options
| author | Alexander <devkral@web.de> | 2018-03-19 20:08:56 +0100 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-03-19 20:08:56 +0100 |
| commit | 0306e3e9bebe0b0d9ad7e5fe328dd3677717b7e5 (patch) | |
| tree | c766026ff276936a39c1149f7c2c8ac3c12ea1d8 /app | |
| parent | 357f9298bdb595f67b1f89292be9fa4268e1bffd (diff) | |
bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2
* fix behaviour if suffix is nil, fix environment loading, fix user email creation
* code cleanup/fix linter warning
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/user.rb | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index b716c13fd20..2d5f145fa70 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,6 +52,8 @@ class User < ApplicationRecord devise :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable + devise :pam_authenticatable if ENV['PAM_ENABLED'] == 'true' + devise :omniauthable belongs_to :account, inverse_of: :user @@ -96,7 +98,7 @@ class User < ApplicationRecord def pam_conflict? return false unless Devise.pam_authentication - encrypted_password.present? && is_pam_account? + encrypted_password.present? && pam_managed_user? end def pam_get_name @@ -267,22 +269,22 @@ class User < ApplicationRecord end def self.pam_get_user(attributes = {}) - if attributes[:email] - resource = - if Devise.check_at_sign && !attributes[:email].index('@') - joins(:account).find_by(accounts: { username: attributes[:email] }) - else - find_by(email: attributes[:email]) - end - - if resource.blank? - resource = new(email: attributes[:email]) - if Devise.check_at_sign && !resource[:email].index('@') - resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" - end + return nil unless attributes[:email] + resource = + if Devise.check_at_sign && !attributes[:email].index('@') + joins(:account).find_by(accounts: { username: attributes[:email] }) + else + find_by(email: attributes[:email]) + end + + if resource.blank? + resource = new(email: attributes[:email]) + if Devise.check_at_sign && !resource[:email].index('@') + resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false) + resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email] end - resource end + resource end def self.ldap_get_user(attributes = {}) |