forked from cybrespace/mastodon
bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2 * fix behaviour if suffix is nil, fix environment loading, fix user email creation * code cleanup/fix linter warning
This commit is contained in:
parent
357f9298bd
commit
0306e3e9be
4
Gemfile
4
Gemfile
|
@ -32,7 +32,9 @@ gem 'cld3', '~> 3.2.0'
|
||||||
gem 'devise', '~> 4.4'
|
gem 'devise', '~> 4.4'
|
||||||
gem 'devise-two-factor', '~> 3.0'
|
gem 'devise-two-factor', '~> 3.0'
|
||||||
|
|
||||||
gem 'devise_pam_authenticatable2', '~> 8.0', install_if: -> { ENV['PAM_ENABLED'] == 'true' }
|
group :pam_authentication, optional: true do
|
||||||
|
gem 'devise_pam_authenticatable2', '~> 9.0'
|
||||||
|
end
|
||||||
gem 'net-ldap', '~> 0.10'
|
gem 'net-ldap', '~> 0.10'
|
||||||
gem 'omniauth-cas', '~> 1.1'
|
gem 'omniauth-cas', '~> 1.1'
|
||||||
gem 'omniauth-saml', '~> 1.10'
|
gem 'omniauth-saml', '~> 1.10'
|
||||||
|
|
|
@ -141,7 +141,7 @@ GEM
|
||||||
devise (~> 4.0)
|
devise (~> 4.0)
|
||||||
railties (< 5.2)
|
railties (< 5.2)
|
||||||
rotp (~> 2.0)
|
rotp (~> 2.0)
|
||||||
devise_pam_authenticatable2 (8.0.1)
|
devise_pam_authenticatable2 (9.0.0)
|
||||||
devise (>= 4.0.0)
|
devise (>= 4.0.0)
|
||||||
rpam2 (~> 3.0)
|
rpam2 (~> 3.0)
|
||||||
diff-lcs (1.3)
|
diff-lcs (1.3)
|
||||||
|
@ -631,7 +631,7 @@ DEPENDENCIES
|
||||||
climate_control (~> 0.2)
|
climate_control (~> 0.2)
|
||||||
devise (~> 4.4)
|
devise (~> 4.4)
|
||||||
devise-two-factor (~> 3.0)
|
devise-two-factor (~> 3.0)
|
||||||
devise_pam_authenticatable2 (~> 8.0)
|
devise_pam_authenticatable2 (~> 9.0)
|
||||||
doorkeeper (~> 4.2)
|
doorkeeper (~> 4.2)
|
||||||
dotenv-rails (~> 2.2)
|
dotenv-rails (~> 2.2)
|
||||||
fabrication (~> 2.18)
|
fabrication (~> 2.18)
|
||||||
|
|
|
@ -52,6 +52,8 @@ class User < ApplicationRecord
|
||||||
devise :registerable, :recoverable, :rememberable, :trackable, :validatable,
|
devise :registerable, :recoverable, :rememberable, :trackable, :validatable,
|
||||||
:confirmable
|
:confirmable
|
||||||
|
|
||||||
|
devise :pam_authenticatable if ENV['PAM_ENABLED'] == 'true'
|
||||||
|
|
||||||
devise :omniauthable
|
devise :omniauthable
|
||||||
|
|
||||||
belongs_to :account, inverse_of: :user
|
belongs_to :account, inverse_of: :user
|
||||||
|
@ -96,7 +98,7 @@ class User < ApplicationRecord
|
||||||
|
|
||||||
def pam_conflict?
|
def pam_conflict?
|
||||||
return false unless Devise.pam_authentication
|
return false unless Devise.pam_authentication
|
||||||
encrypted_password.present? && is_pam_account?
|
encrypted_password.present? && pam_managed_user?
|
||||||
end
|
end
|
||||||
|
|
||||||
def pam_get_name
|
def pam_get_name
|
||||||
|
@ -267,7 +269,7 @@ class User < ApplicationRecord
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.pam_get_user(attributes = {})
|
def self.pam_get_user(attributes = {})
|
||||||
if attributes[:email]
|
return nil unless attributes[:email]
|
||||||
resource =
|
resource =
|
||||||
if Devise.check_at_sign && !attributes[:email].index('@')
|
if Devise.check_at_sign && !attributes[:email].index('@')
|
||||||
joins(:account).find_by(accounts: { username: attributes[:email] })
|
joins(:account).find_by(accounts: { username: attributes[:email] })
|
||||||
|
@ -278,12 +280,12 @@ class User < ApplicationRecord
|
||||||
if resource.blank?
|
if resource.blank?
|
||||||
resource = new(email: attributes[:email])
|
resource = new(email: attributes[:email])
|
||||||
if Devise.check_at_sign && !resource[:email].index('@')
|
if Devise.check_at_sign && !resource[:email].index('@')
|
||||||
resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}"
|
resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false)
|
||||||
|
resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
resource
|
resource
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
def self.ldap_get_user(attributes = {})
|
def self.ldap_get_user(attributes = {})
|
||||||
resource = joins(:account).find_by(accounts: { username: attributes[Devise.ldap_uid.to_sym].first })
|
resource = joins(:account).find_by(accounts: { username: attributes[Devise.ldap_uid.to_sym].first })
|
||||||
|
|
|
@ -16,6 +16,8 @@ require_relative '../lib/devise/ldap_authenticatable'
|
||||||
|
|
||||||
Dotenv::Railtie.load
|
Dotenv::Railtie.load
|
||||||
|
|
||||||
|
Bundler.require(:pam_authentication) if ENV['PAM_ENABLED'] == 'true'
|
||||||
|
|
||||||
require_relative '../lib/mastodon/redis_config'
|
require_relative '../lib/mastodon/redis_config'
|
||||||
|
|
||||||
module Mastodon
|
module Mastodon
|
||||||
|
|
Loading…
Reference in New Issue