[33445] Ensure user is activated if invited and accessing auth source

https://community.openproject.com/wp/33445
pull/8405/head
Oliver Günther 4 years ago
parent 0b3ada608a
commit 70acb4c80f
No known key found for this signature in database
GPG Key ID: A3A8BDAD7C0C552C
  1. 11
      app/controllers/concerns/auth_source_sso.rb
  2. 10
      spec/controllers/concerns/auth_source_sso_spec.rb

@ -123,13 +123,16 @@ module AuthSourceSSO
end
def sso_login_failed?(user)
user.nil? || user.new_record? || !user.active?
user.nil? || user.new_record? || !(user.active? || user.invited?)
end
def handle_sso_for!(user, login)
if sso_login_failed?(user)
handle_sso_failure!({ user: user, login: login })
else # valid user
# If a user is invited, ensure it gets activated
activate_user_if_invited! user
handle_sso_success user
end
end
@ -141,6 +144,12 @@ module AuthSourceSSO
user
end
def activate_user_if_invited!(user)
return unless user.invited?
user.activate!
end
def perform_post_logout(prev_session)
if prev_session[:user_from_auth_header] && header_slo_url.present?
redirect_to header_slo_url

@ -109,6 +109,16 @@ describe MyController, type: :controller do
end
end
context 'when the user is invited' do
let!(:user) {
FactoryBot.create :user, login: login, status: Principal::STATUSES[:invited], auth_source_id: auth_source.id
}
it "should log in given user and activate it" do
expect(response.body.squish).to have_content("Username h.wurst")
expect(user.reload).to be_active
end
end
context "with no auth source sso configured" do
let(:sso_config) { nil }

Loading…
Cancel
Save