diff options
| author | Jenkins <jenkins@jenkins.ninjawedding.org> | 2018-03-19 20:17:18 +0000 |
|---|---|---|
| committer | Jenkins <jenkins@jenkins.ninjawedding.org> | 2018-03-19 20:17:18 +0000 |
| commit | df70571bfe8aa18cfb44661fb02cc1e2e256c4e8 (patch) | |
| tree | cf6269fa490b4533999d68acb969a1a86447666b /app/models | |
| parent | ab04be2f84132e6b6a83ca86cbabf2cdf13f5894 (diff) | |
| parent | ff6b8a6443c2c97d185927053bdc8816e0e03434 (diff) | |
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/user.rb | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 0346cf8ae..803eb8a33 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,6 +52,8 @@ class User < ApplicationRecord devise :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable + devise :pam_authenticatable if ENV['PAM_ENABLED'] == 'true' + devise :omniauthable belongs_to :account, inverse_of: :user @@ -96,7 +98,7 @@ class User < ApplicationRecord def pam_conflict? return false unless Devise.pam_authentication - encrypted_password.present? && is_pam_account? + encrypted_password.present? && pam_managed_user? end def pam_get_name @@ -267,22 +269,22 @@ class User < ApplicationRecord end def self.pam_get_user(attributes = {}) - if attributes[:email] - resource = - if Devise.check_at_sign && !attributes[:email].index('@') - joins(:account).find_by(accounts: { username: attributes[:email] }) - else - find_by(email: attributes[:email]) - end - - if resource.blank? - resource = new(email: attributes[:email]) - if Devise.check_at_sign && !resource[:email].index('@') - resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" - end + return nil unless attributes[:email] + resource = + if Devise.check_at_sign && !attributes[:email].index('@') + joins(:account).find_by(accounts: { username: attributes[:email] }) + else + find_by(email: attributes[:email]) + end + + if resource.blank? + resource = new(email: attributes[:email]) + if Devise.check_at_sign && !resource[:email].index('@') + resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false) + resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email] end - resource end + resource end def self.ldap_get_user(attributes = {}) |