Changes User.try_to_login to catch and log AuthSourceExceptions, and introduces User...

Patch by Jens Krämer.

git-svn-id: http://svn.redmine.org/redmine/trunk@20547 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index bc0792abb796a9f5d59b3d71b4a6704aaae2234c..9f46db64a1cd8bc29edec679912d2cdf168463de 100644 (file)
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -308,7 +308,7 @@ class AccountController < ApplicationController
   end
 
   def password_authentication
-    user = User.try_to_login(params[:username], params[:password], false)
+    user = User.try_to_login!(params[:username], params[:password], false)
 
     if user.nil?
       invalid_credentials

diff --git a/app/models/user.rb b/app/models/user.rb
index 2f88713ca8f36785863eb4565a861914eae6228f..82d58bc0c24e4f58e15f94d12cf327b9f35458a9 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -221,7 +221,17 @@ class User < Principal
   end
 
   # Returns the user that matches provided login and password, or nil
+  # AuthSource errors are caught, logged and nil is returned.
   def self.try_to_login(login, password, active_only=true)
+    try_to_login!(login, password, active_only)
+  rescue AuthSourceException => e
+    logger.error "An error occured when authenticating #{login}: #{e.message}"
+    nil
+  end
+
+  # Returns the user that matches provided login and password, or nil
+  # AuthSource errors are passed through.
+  def self.try_to_login!(login, password, active_only=true)
     login = login.to_s.strip
     password = password.to_s
 

diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 56e4c5ecf3002d8c8818cc7b4f57097b25783712..3e25fee1d071af03fcb7df9fe084546529ece4ac 100644 (file)
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -695,13 +695,31 @@ class UserTest < ActiveSupport::TestCase
     assert_equal "ADMIN", user.login
   end
 
-  if ldap_configured?
-    test "#try_to_login using LDAP with failed connection to the LDAP server" do
-      auth_source = AuthSourceLdap.find(1)
-      AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::Error, 'Cannot connect')
+  test "#try_to_login! using LDAP with existing user and failed connection to the LDAP server" do
+    auth_source = AuthSourceLdap.find(1)
+    user = users(:users_001)
+    user.update_column :auth_source_id, auth_source.id
+    AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::Error, 'Cannot connect')
+    assert_raise(AuthSourceException){ User.try_to_login!('admin', 'admin') }
+  end
 
-      assert_nil User.try_to_login('edavis', 'wrong')
-    end
+  test "#try_to_login using LDAP with existing user and failed connection to the LDAP server" do
+    auth_source = AuthSourceLdap.find(1)
+    user = users(:users_001)
+    user.update_column :auth_source_id, auth_source.id
+    AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::Error, 'Cannot connect')
+    assert_nil User.try_to_login('admin', 'admin')
+  end
+
+  test "#try_to_login using LDAP with new user and failed connection to the LDAP server" do
+    auth_source = AuthSourceLdap.find(1)
+    auth_source.update onthefly_register: true
+    AuthSource.any_instance.stubs(:initialize_ldap_con).raises(Net::LDAP::Error, 'Cannot connect')
+
+    assert_nil User.try_to_login('edavis', 'wrong')
+  end
+
+  if ldap_configured?
 
     test "#try_to_login using LDAP" do
       assert_nil User.try_to_login('edavis', 'wrong')