diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 7131e0fe181..0c87fe0d9ae 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -20,7 +20,15 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController # if the authentication to LDAP was successful. @user = Gitlab::LDAP::User.find_or_create(oauth) @user.remember_me = true if @user.persisted? - sign_in_and_redirect(@user) + + gitlab_ldap_access do |access| + if access.allowed?(@user) + sign_in_and_redirect(@user) + else + flash[:alert] = "Access denied for your LDAP account." + redirect_to new_user_session_path + end + end end private |