diff options
| author | David Yip <yipdw@member.fsf.org> | 2018-03-19 15:41:59 -0500 |
|---|---|---|
| committer | David Yip <yipdw@member.fsf.org> | 2018-03-19 15:41:59 -0500 |
| commit | 0fa0836e63674104cea5095c5336bab8587d8634 (patch) | |
| tree | bcafd10ffe52f32b95c470c59bdb83309a0f6ce9 /app/models/user.rb | |
| parent | c074b226b68d81b0503f935dc81b74cd11b11d67 (diff) | |
| parent | df70571bfe8aa18cfb44661fb02cc1e2e256c4e8 (diff) | |
Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 0346cf8ae..803eb8a33 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,6 +52,8 @@ class User < ApplicationRecord devise :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable + devise :pam_authenticatable if ENV['PAM_ENABLED'] == 'true' + devise :omniauthable belongs_to :account, inverse_of: :user @@ -96,7 +98,7 @@ class User < ApplicationRecord def pam_conflict? return false unless Devise.pam_authentication - encrypted_password.present? && is_pam_account? + encrypted_password.present? && pam_managed_user? end def pam_get_name @@ -267,22 +269,22 @@ class User < ApplicationRecord end def self.pam_get_user(attributes = {}) - if attributes[:email] - resource = - if Devise.check_at_sign && !attributes[:email].index('@') - joins(:account).find_by(accounts: { username: attributes[:email] }) - else - find_by(email: attributes[:email]) - end - - if resource.blank? - resource = new(email: attributes[:email]) - if Devise.check_at_sign && !resource[:email].index('@') - resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" - end + return nil unless attributes[:email] + resource = + if Devise.check_at_sign && !attributes[:email].index('@') + joins(:account).find_by(accounts: { username: attributes[:email] }) + else + find_by(email: attributes[:email]) + end + + if resource.blank? + resource = new(email: attributes[:email]) + if Devise.check_at_sign && !resource[:email].index('@') + resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false) + resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email] end - resource end + resource end def self.ldap_get_user(attributes = {}) |