From ec67e9be1d7486199b47e19c766202a8bfdefe93 Mon Sep 17 00:00:00 2001
From: Gabriel Mazetto <gabriel@gitlab.com>
Date: Wed, 6 Jan 2016 05:38:52 -0200
Subject: Repair ldap_blocked state when no ldap identity exist anymore

---
 app/controllers/admin/identities_controller.rb   |  2 ++
 app/models/identity.rb                           |  4 ++++
 app/models/user.rb                               |  1 +
 app/services/repair_ldap_blocked_user_service.rb | 15 +++++++++++++++
 4 files changed, 22 insertions(+)
 create mode 100644 app/services/repair_ldap_blocked_user_service.rb

(limited to 'app')

diff --git a/app/controllers/admin/identities_controller.rb b/app/controllers/admin/identities_controller.rb
index e383fe38ea6..9ba10487512 100644
--- a/app/controllers/admin/identities_controller.rb
+++ b/app/controllers/admin/identities_controller.rb
@@ -26,6 +26,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
 
   def update
     if @identity.update_attributes(identity_params)
+      RepairLdapBlockedUserService.new(@user, @identity).execute
       redirect_to admin_user_identities_path(@user), notice: 'User identity was successfully updated.'
     else
       render :edit
@@ -34,6 +35,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
 
   def destroy
     if @identity.destroy
+      RepairLdapBlockedUserService.new(@user, @identity).execute
       redirect_to admin_user_identities_path(@user), notice: 'User identity was successfully removed.'
     else
       redirect_to admin_user_identities_path(@user), alert: 'Failed to remove user identity.'
diff --git a/app/models/identity.rb b/app/models/identity.rb
index 8bcdc194953..830b99fa3f2 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -18,4 +18,8 @@ class Identity < ActiveRecord::Base
   validates :provider, presence: true
   validates :extern_uid, allow_blank: true, uniqueness: { scope: :provider }
   validates :user_id, uniqueness: { scope: :provider }
+
+  def is_ldap?
+    provider.starts_with?('ldap')
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 67b47b0f329..5eed9cf91c7 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -196,6 +196,7 @@ class User < ActiveRecord::Base
   state_machine :state, initial: :active do
     event :block do
       transition active: :blocked
+      transition ldap_blocked: :blocked
     end
 
     event :ldap_block do
diff --git a/app/services/repair_ldap_blocked_user_service.rb b/app/services/repair_ldap_blocked_user_service.rb
new file mode 100644
index 00000000000..ceca15414e0
--- /dev/null
+++ b/app/services/repair_ldap_blocked_user_service.rb
@@ -0,0 +1,15 @@
+class RepairLdapBlockedUserService
+  attr_accessor :user, :identity
+
+  def initialize(user, identity)
+    @user, @identity = user, identity
+  end
+
+  def execute
+    if identity.destroyed?
+      user.block if identity.is_ldap? && user.ldap_blocked? && !user.ldap_user?
+    else
+      user.block if !identity.is_ldap? && user.ldap_blocked? && !user.ldap_user?
+    end
+  end
+end
-- 
cgit v1.2.1