Merge branch 'master' of https://github.com/funglaub/gitlabhq into funglaub-master

Conflicts: Gemfile.lock app/helpers/application_helper.rb app/views/devise/sessions/new.html.erb db/schema.rb
2012-09-12 06:49:52 +03:00 · 2012-09-12 06:49:52 +03:00 · 621affecb5
commit 621affecb5
parent 40eec08c99 0dd94cd86e
18 changed files with 189 additions and 35 deletions
--- a/app/assets/stylesheets/auth_methods.scss
+++ b/app/assets/stylesheets/auth_methods.scss
@ -0,0 +1,10 @@
+.auth_methods {
+  &ul {
+    margin: 0;
+    text-align:center;
+    padding: 5px;
+    &li {
+      display: inline;
+    }
+  }
+}
--- a/app/assets/stylesheets/main.scss
+++ b/app/assets/stylesheets/main.scss
@ -134,7 +134,7 @@ $hover: #fdf5d9;
 * TODO: clean it
 */
@import "common.scss";
-
+@import "auth_methods.scss";

 /**
 * Styles related to specific part of app
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@ -9,7 +9,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
    error ||= env["omniauth.error.type"].to_s
    error.to_s.humanize if error
  end
- 
+
  def ldap
    # We only find ourselves here if the authentication to LDAP was successful.
    @user = User.find_for_ldap_auth(request.env["omniauth.auth"], current_user)
@ -19,4 +19,33 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
    sign_in_and_redirect @user
  end

+   Settings.omniauth_providers.each do |provider|
+    define_method provider['name'] do
+      handle_omniauth
+    end
+  end
+
+  private
+
+  def handle_omniauth
+    oauth = request.env['omniauth.auth']
+    provider, uid = oauth['provider'], oauth['uid']
+
+    if current_user
+      # Change a logged-in user's authentication method:
+      current_user.extern_uid = uid
+      current_user.provider = provider
+      current_user.save
+      redirect_to profile_path
+    else
+      @user = User.find_or_new_for_omniauth(oauth)
+
+      if @user
+        sign_in_and_redirect @user
+      else
+        flash[:notice] = "There's no such user!"
+        redirect_to new_user_session_path
+      end
+    end
+  end
 end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -135,4 +135,9 @@ module ApplicationHelper
      "Never"
    end
  end
+
+  def authbutton(provider, size = 64)
+    image_tag("authbuttons/#{provider.to_s.split('_').first}_#{size}.png",
+               alt: "Sign in with #{provider.to_s.titleize}" )
+  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -86,10 +86,50 @@ class User < ActiveRecord::Base
    where('id NOT IN (SELECT DISTINCT(user_id) FROM users_projects)')
  end

+  def self.create_from_omniauth(auth, ldap = false)
+    provider, uid = auth.provider, auth.uid
+    name = auth.info.name.force_encoding("utf-8")
+    email = auth.info.email.downcase unless auth.info.email.nil?
+
+    ldap_prefix = ldap ? '(LDAP) ' : ''
+    raise OmniAuth::Error, "#{ldap_prefix}#{provider} does not provide an email"\
+                           " address" if auth.info.email.blank?
+
+    logger.info "#{ldap_prefix}Creating user from #{provider} login"\
+                " {uid => #{uid}, name => #{name}, email => #{email}}"
+    password = Devise.friendly_token[0, 8].downcase
+    @user = User.new(
+      extern_uid: uid,
+      provider: provider,
+      name: name,
+      email: email,
+      password: password,
+      password_confirmation: password,
+      projects_limit: Gitlab.config.default_projects_limit,
+    )
+    if Gitlab.config.omniauth.block_auto_created_users && !ldap
+      @user.blocked = true
+    end
+    @user.save!
+    @user
+  end
+
+  def self.find_or_new_for_omniauth(auth)
+    provider, uid = auth.provider, auth.uid
+
+    if @user = User.find_by_provider_and_extern_uid(provider, uid)
+      @user
+    else
+      if Gitlab.config.omniauth.allow_single_sign_on
+        @user = User.create_from_omniauth(auth)
+        @user
+      end
+    end
+  end
+
  def self.find_for_ldap_auth(auth, signed_in_resource=nil)
    uid = auth.info.uid
    provider = auth.provider
-    name = auth.info.name.force_encoding("utf-8")
    email = auth.info.email.downcase unless auth.info.email.nil?
    raise OmniAuth::Error, "LDAP accounts must provide an uid and email address" if uid.nil? or email.nil?

@ -101,17 +141,7 @@ class User < ActiveRecord::Base
      @user.update_attributes(:extern_uid => uid, :provider => provider)
      @user
    else
-      logger.info "Creating user from LDAP login {uid => #{uid}, name => #{name}, email => #{email}}"
-      password = Devise.friendly_token[0, 8].downcase
-      @user = User.create(
-        :extern_uid => uid,
-        :provider => provider,
-        :name => name,
-        :email => email,
-        :password => password,
-        :password_confirmation => password,
-        :projects_limit => Gitlab.config.default_projects_limit
-      )
+      create_from_omniauth(auth)
    end
  end

@ -148,4 +178,3 @@ end
 #  bio                    :string(255)
 #  blocked                :boolean(1)      default(FALSE), not null
 #
-
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@ -0,0 +1,32 @@
+<% unless ldap_enable? -%>
+
+  <%= form_for(resource, :as => resource_name, :url => session_path(resource_name), :html => { :class => "login-box" }) do |f| %>
+    <%= image_tag "login-logo.png", :width => "304", :height => "66", :class => "login-logo", :alt => "Login Logo" %>
+
+    <%= f.text_field :email, :class => "text top", :placeholder => "Email" %>
+    <%= f.password_field :password, :class => "text bottom", :placeholder => "Password"  %>
+
+    <% if devise_mapping.rememberable? -%>
+      <div class="clearfix inputs-list"> <label class="checkbox remember_me" for="user_remember_me"><%= f.check_box :remember_me %><span>Remember me</span></label></div>
+    <% end -%>
+    <br/>
+    <%= f.submit "Sign in", :class => "primary btn" %>
+    <div class="right"> <%= render :partial => "devise/shared/links" %></div>
+
+    <%- if devise_mapping.omniauthable? %>
+      <hr/>
+      <div class="auth_methods">
+        <ul>
+          <%- resource_class.omniauth_providers.each do |provider| %>
+          <li><%= link_to authbutton(provider),
+                   omniauth_authorize_path(resource_name, provider) %></li>
+          <% end -%>
+        </ul>
+      </div>
+    <% end -%>
+
+  <% end %>
+
+<% else %>
+  <%= render :partial => 'devise/sessions/new_ldap' %>
+<% end %>
--- a/app/views/layouts/profile.html.haml
+++ b/app/views/layouts/profile.html.haml
@ -10,7 +10,7 @@
          = link_to "Profile", profile_path

        %li{class: tab_class(:password)}
-          = link_to "Password", profile_password_path
+          = link_to "Authentication", profile_password_path

        %li{class: tab_class(:ssh_keys)}
          = link_to keys_path do
--- a/app/views/profile/password.html.haml
+++ b/app/views/profile/password.html.haml
@ -1,19 +1,31 @@
 %h3.page_title Password
 %hr
-= form_for @user, url: profile_password_path, method: :put do |f|
-  .data
-    %p.slead After successful password update you will be redirected to login page where you should login with new password
-    -if @user.errors.any?
-      .alert-message.block-message.error
-        %ul
-          - @user.errors.full_messages.each do |msg|
-            %li= msg

-    .clearfix
-      = f.label :password
-      .input= f.password_field :password
-    .clearfix
-      = f.label :password_confirmation
-      .input= f.password_field :password_confirmation
+= form_for @user, url: profile_password_path, method: :put do |f|
+  .row
+    .span7
+      .data
+        %p.slead After successful password update you will be redirected to login page where you should login with new password
+        -if @user.errors.any?
+          .alert-message.block-message.error
+            %ul
+              - @user.errors.full_messages.each do |msg|
+                %li= msg
+
+        .clearfix
+          = f.label :password
+          .input= f.password_field :password
+        .clearfix
+          = f.label :password_confirmation
+          .input= f.password_field :password_confirmation
+
+    - if Settings.omniauth.enabled
+      .span5.right
+        .auth_methods.alert.alert-info
+          %strong Tip: Use one of the following sites to login
+          %ul
+            - User.omniauth_providers.each do |provider|
+              %li= link_to authbutton(provider), |
+                   omniauth_authorize_path(User, provider) |
  .actions
    = f.submit 'Save', class: "btn save-btn"
--- a/app/views/profile/show.html.haml
+++ b/app/views/profile/show.html.haml
@ -50,6 +50,13 @@
          %strong Tip:
          You can change your avatar at gravatar.com

+      - if Settings.omniauth.enabled && @user.provider?
+        %h4
+          Omniauth Providers:
+        = link_to "Change", profile_password_path, class: "btn small right"
+        You can login through #{@user.provider.titleize}!
+        = authbutton(@user.provider, 32)
+
      %h4
        Personal projects:
        %small.right