SONAR-3258 Support added for external security systems

+ prevent deactivated user from logging

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
index dc153eeca3faf1d9b4c960d5fb60dfff5f8b783b..9edb145c3c0689b4c0104fb6f2870cec4944bf3d 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
@@ -28,7 +28,7 @@ class SessionsController < ApplicationController
     return unless request.post?
     
     self.current_user = User.authenticate(params[:login], params[:password])
-    if logged_in? && current_user.active
+    if logged_in?
       if params[:remember_me] == '1'
         self.current_user.remember_me
         cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
index e7f4cc66dbd9e5c4f79a35e2ce2ef7f4c946d4cb..e04db76b0a33025f718c34e1b395fea8382986dc 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
@@ -96,6 +96,10 @@ class User < ActiveRecord::Base
     self.dashboards.each {|d| d.destroy}
     self.active_dashboards.each {|ad| ad.destroy}    
   end
+  
+  def self.find_active_by_login(login)
+    User.find(:first, :conditions => ["login=:login AND active=:active", {:login => login, :active => true}])
+  end
 
 
   #---------------------------------------------------------------------

diff --git a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
index daa8c4addb7998627d99846780b512431464dfc7..a1f8fcc9ccb7d7b3ad09f506e6f73f0557b49eb8 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
@@ -23,7 +23,7 @@
 #
 class DefaultRealm
   def authenticate?(username, password)
-    user = User.find_by_login(username)
+    user = User.find_active_by_login(username)
     if user && user.authenticated?(password)
       return user
     else
@@ -73,7 +73,7 @@ class PluginRealm
   # Fallback to password from Sonar Database
   #
   def fallback(username, password)
-    user = User.find_by_login(username)
+    user = User.find_active_by_login(username)
     if user && user.authenticated?(password)
       return user
     else
@@ -94,7 +94,7 @@ class PluginRealm
       else
         return nil if !status
         # Authenticated
-        return syncronize(username, password, details)
+        return synchronize(username, password, details)
       end
     else
       # No authenticator
@@ -105,7 +105,7 @@ class PluginRealm
   #
   # Authentication in external system was successful - replicate password, details and groups into Sonar
   #
-  def syncronize(username, password, details)
+  def synchronize(username, password, details)
     user = User.find_by_login(username)
     if !user
       # No such user in Sonar database
@@ -130,6 +130,8 @@ class PluginRealm
       user.password_confirmation = password
     end
     synchronize_groups(user)
+    # A user that is synchronized with an external system is always set to 'active' (see SONAR-3258 for the deactivation concept)
+    user.active=true
     # Note that validation disabled
     user.save(false)
     return user