Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
d9ee55ee
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
d9ee55ee
编写于
1月 12, 2017
作者:
R
Reza Mohammadi
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Bypass signup domain validation for external users
Fixes #25279
上级
bbb7fbcd
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
36 addition
and
4 deletion
+36
-4
app/models/user.rb
app/models/user.rb
+1
-1
changelogs/unreleased/bypass-email-domain-validation-when-created-by-admin.yml
.../bypass-email-domain-validation-when-created-by-admin.yml
+4
-0
doc/user/admin_area/settings/sign_up_restrictions.md
doc/user/admin_area/settings/sign_up_restrictions.md
+21
-3
spec/models/user_spec.rb
spec/models/user_spec.rb
+10
-0
未找到文件。
app/models/user.rb
浏览文件 @
d9ee55ee
...
...
@@ -119,7 +119,7 @@ class User < ActiveRecord::Base
validates
:avatar
,
file_size:
{
maximum:
200
.
kilobytes
.
to_i
}
before_validation
:generate_password
,
on: :create
before_validation
:signup_domain_valid?
,
on: :create
before_validation
:signup_domain_valid?
,
on: :create
,
if:
->
(
user
)
{
!
user
.
created_by_id
}
before_validation
:sanitize_attrs
before_validation
:set_notification_email
,
if:
->
(
user
)
{
user
.
email_changed?
}
before_validation
:set_public_email
,
if:
->
(
user
)
{
user
.
public_email_changed?
}
...
...
changelogs/unreleased/bypass-email-domain-validation-when-created-by-admin.yml
0 → 100644
浏览文件 @
d9ee55ee
---
title
:
Bypass email domain validation when a user is created by an admin.
merge_request
:
8575
author
:
Reza Mohammadi @remohammadi
doc/user/admin_area/settings/sign_up_restrictions.md
浏览文件 @
d9ee55ee
# Sign-up restrictions
You can block email addresses of specific domains, or whitelist only some
specifc domains via the
**Application Settings**
in the Admin area.
>**Note**: These restrictions are only applied during sign-up. An admin is
able to add add a user through the admin panel with a disallowed domain. Also
note that the users can change their email addresses after signup to
disallowed domains.
## Whitelist email domains
> [Introduced][ce-598] in GitLab 7.11.0
You can restrict users to only signup using email addresses matching the given
domains list.
## Blacklist email domains
> [Introduced][ce-5259] in GitLab 8.10.
...
...
@@ -9,13 +24,16 @@ from creating an account on your GitLab server. This is particularly useful to
prevent spam. Disposable email addresses are usually used by malicious users to
create dummy accounts and spam issues.
## Settings
This feature can be activated via the
**Application Settings**
in the Admin area,
and you have the option of entering the list manually, or uploading a file with
the list.
The blacklist accepts wildcards, so you can use
`*.test.com`
to block every
`test.com`
subdomain, or
`*.io`
to block all domains ending in
`.io`
. Domains
should be separated by a whitespace, semicolon, comma, or a new line.
Both whitelist and blacklist accept wildcards, so for example, you can use
`*.company.com`
to accept every
`company.com`
subdomain, or
`*.io`
to block all
domains ending in
`.io`
. Domains should be separated by a whitespace,
semicolon, comma, or a new line.
![
Domain Blacklist
](
img/domain_blacklist.png
)
...
...
spec/models/user_spec.rb
浏览文件 @
d9ee55ee
...
...
@@ -141,6 +141,11 @@ describe User, models: true do
user
=
build
(
:user
,
email:
"example@test.com"
)
expect
(
user
).
to
be_invalid
end
it
'accepts example@test.com when added by another user'
do
user
=
build
(
:user
,
email:
"example@test.com"
,
created_by_id:
1
)
expect
(
user
).
to
be_valid
end
end
context
'domain blacklist'
do
...
...
@@ -159,6 +164,11 @@ describe User, models: true do
user
=
build
(
:user
,
email:
'info@example.com'
)
expect
(
user
).
not_to
be_valid
end
it
'accepts info@example.com when added by another user'
do
user
=
build
(
:user
,
email:
'info@example.com'
,
created_by_id:
1
)
expect
(
user
).
to
be_valid
end
end
context
'when a signup domain is blacklisted but a wildcard subdomain is allowed'
do
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录