原因究明していないが、とりあえず回避できたのでメモ。
ログインしようとすると、
Access denied for you LDAP account.
と出ていたので、怪しい辺りをコメントアウト・・・。
/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb#202l
def ldap_security_check if current_user && current_user.requires_ldap_check? unless Gitlab::LDAP::Access.allowed?(current_user) sign_out current_user flash[:alert] = "Access denied for your LDAP account." redirect_to new_user_session_path end end end
上記を
def ldap_security_check if current_user && current_user.requires_ldap_check? unless Gitlab::LDAP::Access.allowed?(current_user) # sign_out current_user # flash[:alert] = "Access denied for your LDAP account." # redirect_to new_user_session_path end end end
こう・・・。
/opt/gitlab/embedded/service/gitlab-rails/app/controllers/omniauth_callbacks_controller.rb#20l
def ldap @user = Gitlab::LDAP::User.new(oauth) @user.save if @user.changed? # will also save new users gl_user = @user.gl_user gl_user.remember_me = true if @user.persisted? # Do additional LDAP checks for the user filter and EE features if @user.allowed? sign_in_and_redirect(gl_user) else flash[:alert] = "Access denied for your LDAP account." redirect_to new_user_session_path end end
上記を、、、
def ldap @user = Gitlab::LDAP::User.new(oauth) @user.save if @user.changed? # will also save new users gl_user = @user.gl_user gl_user.remember_me = true if @user.persisted? # Do additional LDAP checks for the user filter and EE features #if @user.allowed? sign_in_and_redirect(gl_user) #else # flash[:alert] = "Access denied for your LDAP account." # redirect_to new_user_session_path # #end end
こう・・・。
このFilterを上手く設定すればいいのかなーとも思うが・・・・。