diff options
| author | Fabrice Bellingard <bellingard@gmail.com> | 2012-02-13 16:44:22 +0100 |
|---|---|---|
| committer | Fabrice Bellingard <bellingard@gmail.com> | 2012-02-13 16:45:52 +0100 |
| commit | 6c8f70c624e7180070e03d9f95106e2c097ee1a6 (patch) | |
| tree | d47e9fe227b324676836b7057e9c0282ce13df92 /sonar-server | |
| parent | f1e00ac2b15e46588f33b3f7fbd9530e6dfd8804 (diff) | |
| download | sonarqube-6c8f70c624e7180070e03d9f95106e2c097ee1a6.tar.gz sonarqube-6c8f70c624e7180070e03d9f95106e2c097ee1a6.zip | |
SONAR-3258 Support added for external security systems
+ prevent deactivated user from logging
Diffstat (limited to 'sonar-server')
3 files changed, 11 insertions, 5 deletions
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb index dc153eeca3f..9edb145c3c0 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb @@ -28,7 +28,7 @@ class SessionsController < ApplicationController return unless request.post? self.current_user = User.authenticate(params[:login], params[:password]) - if logged_in? && current_user.active + if logged_in? if params[:remember_me] == '1' self.current_user.remember_me cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at } diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb index e7f4cc66dbd..e04db76b0a3 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb @@ -96,6 +96,10 @@ class User < ActiveRecord::Base self.dashboards.each {|d| d.destroy} self.active_dashboards.each {|ad| ad.destroy} end + + def self.find_active_by_login(login) + User.find(:first, :conditions => ["login=:login AND active=:active", {:login => login, :active => true}]) + end #--------------------------------------------------------------------- diff --git a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb index daa8c4addb7..a1f8fcc9ccb 100644 --- a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb +++ b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb @@ -23,7 +23,7 @@ # class DefaultRealm def authenticate?(username, password) - user = User.find_by_login(username) + user = User.find_active_by_login(username) if user && user.authenticated?(password) return user else @@ -73,7 +73,7 @@ class PluginRealm # Fallback to password from Sonar Database # def fallback(username, password) - user = User.find_by_login(username) + user = User.find_active_by_login(username) if user && user.authenticated?(password) return user else @@ -94,7 +94,7 @@ class PluginRealm else return nil if !status # Authenticated - return syncronize(username, password, details) + return synchronize(username, password, details) end else # No authenticator @@ -105,7 +105,7 @@ class PluginRealm # # Authentication in external system was successful - replicate password, details and groups into Sonar # - def syncronize(username, password, details) + def synchronize(username, password, details) user = User.find_by_login(username) if !user # No such user in Sonar database @@ -130,6 +130,8 @@ class PluginRealm user.password_confirmation = password end synchronize_groups(user) + # A user that is synchronized with an external system is always set to 'active' (see SONAR-3258 for the deactivation concept) + user.active=true # Note that validation disabled user.save(false) return user |