Commit Graph

45 Commits

Author SHA1 Message Date
Sam fe37ce165d correct issue where groups was never being blanked 2018-04-10 15:30:18 +10:00
Sam afaeb20f27 FEATURE: Add option to have sso synchronize group membership
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.

When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Michael Brown 6f40037ba5 Add test guarding against the SSO logic I broke 2018-03-13 18:39:39 -04:00
Michael Brown 3c3d205180 FIX: sso_overrides_username may inappropriately change the username if the case changed 2018-03-09 16:06:55 -05:00
Arpit Jalan ef4c6c67ba fix the build 2017-12-23 14:42:40 +05:30
Arpit Jalan b21d5d3633 FIX: SSO email match should be case insensitive 2017-11-08 20:37:41 +05:30
Neil Lalonde 9813f9f0f8 FIX: more cases of case sensitive group membership in sso 2017-08-11 18:09:29 -04:00
Neil Lalonde 3de45ce0cd FIX: use case insensitive group name search when applying group rules from SSO 2017-08-02 11:30:37 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Leo McArdle d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Guo Xiang Tan a338a7a53e Fix the build. 2017-07-10 11:12:21 +09:00
Guo Xiang Tan 80e348d226 PERF: Speed up slow tests in our test suite.
Before

```
Finished in 7 minutes 23 seconds (files took 4.15 seconds to load)
7145 examples, 0 failures, 10 pending
```

After

```
Finished in 6 minutes 12 seconds (files took 4.41 seconds to load)
7145 examples, 0 failures, 10 pending
```
2017-06-22 11:23:31 +09:00
Sam 763f156d91 FIX: require re-activation if SSO changes email and updates it 2017-05-16 16:18:18 -04:00
Sam 27362c5a4b improve spec 2017-05-10 15:47:11 -04:00
Guo Xiang Tan 7cf0f39066 Require `Sidekiq::Testing` in rails helper. 2017-03-29 11:10:25 +08:00
Sam 49e7124a5e clarify override semantics in spec 2017-02-07 10:41:27 -05:00
Viet Hoang 40164ccd4a Add user title to SSO payload 2017-01-31 16:42:27 -08:00
Sam 3d76ce1421 FEATURE: SSO support for adding and removing a user to groups
Use: add_groups with a comma delimited list to ensure a user is in groups (using group names)

Use: remove_groups with a comma delimited list to ensure a user is removed from groups (using group names)
2016-11-11 16:57:31 +11:00
Régis Hanol 750338954c FIX: download SSO avatars in a background job to prevent hangs when avatars are huge 2016-10-24 19:55:30 +02:00
Sam 33578a2c17 FIX: always import avatars during SSO if they are missing 2016-09-16 09:45:00 +10:00
Sam 0a39ba43ed FIX: always respect avatar_force_update 2016-09-02 12:04:22 +10:00
Erick Guan 0217973374
FIX: Importing user avatar when new user login by SSO 2016-08-29 20:47:19 +08:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Régis Hanol 874c18cbc1 FIX: unstage users when using SSO 2016-06-21 11:28:58 +02:00
Sam b04ab83f12 FIX: refresh automatic group if SSO specifies admin/mod 2016-05-17 17:31:34 +10:00
Andy Waite 3e50313fdc Prepare for separation of RSpec helper files
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`

`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).

For more information:

https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files

In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.

This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.

At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
Paul Kaplan 1c926d22c6 Correctly parse `require_activation` field of SSO 2015-05-21 16:50:54 -05:00
Paul Kaplan 1c34341f31 Replace site setting with a payload attribute 2015-05-19 11:16:02 -05:00
Paul Kaplan 4c26c4d9bc Add a SiteSetting to not trust sso emails by default 2015-05-15 12:15:06 -05:00
Sam 05737effef FIX: stop stripping dots from SSO names
This could upset Louis C.K.
2015-03-27 10:25:51 +11:00
Sam 0c287d7d6b ensure usernames do not keep cycling 2015-03-27 10:04:16 +11:00
Sam 4566a1e30a FIX: sso override code not triggered when attaching to existing user 2015-03-27 09:39:35 +11:00
Dan Singerman e8648350eb Add an sso option to suppress welcome emails
As discussed here: https://meta.discourse.org/t/create-new-sso-users-without-sending-welcome-emails/24894
2015-03-20 17:04:52 +00:00
Robin Ward ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
Dan Singerman 64c4bd5dbf Fix force_avatar_update.to_i error as force_avatar_update is a boolean
If force_avatar_update is passed in sso attributes it errors on
force_avatar_update.to_i. The SingleSignOn class forces avatar_force_update
to a boolean, so it should be treated as such.
2015-01-30 09:51:38 +00:00
Dan Singerman dbf2f4efec Fix bug when sso_overrides_avatar is true but no avatar_url is passed
If a user has a current avatar, and sso_overrides_avatar is true, but no avatar_url is
passed in the sso attributes, the current code errors, as it tries to parse a nil
as a URL. It seems to me valid that a third party system may not pass an avatar_url in
some cases (e.g. avatars may not be mandatory, so not all users may have them)

This might warrant a discussion about what should happen in this case; maybe the current
avatar in discourse should be removed? This branch merely stops the login process erroring.
2015-01-28 16:01:39 +00:00
Luciano Sousa b3d769ff4f Update rspec syntax to v3
update rspec syntax to v3

change syntax to rspec v3

oops. fix typo

mailers classes with rspec3 syntax

helpers with rspec3 syntax

jobs with rspec3 syntax

serializers with rspec3 syntax

views with rspec3 syntax

support to rspec3 syntax

category spec with rspec3 syntax
2015-01-05 11:59:30 -03:00
Sam ef62933034 Ruby 2.2 fixes 2014-12-29 13:31:15 +11:00
Sam c10e3df012 FEATURE: implement SSO provider on Discourse so Auth can be farmed to it
FEATURE: pass return_sso_url to SSO endpoints, for easier return
2014-11-26 17:26:27 +11:00
Régis Hanol de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Sam e087e37907 BUGFIX: blank name causes SSO to explode 2014-06-02 17:32:39 +10:00
Sam a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Neil Lalonde 342d09bc34 FIX: support sso_url that has query params 2014-03-19 17:14:31 -04:00
Sam 6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00