Ignore legacy moderator and admin columns on User model (#29188)

main-rebase-security-fix
Emelia Smith 2024-02-13 18:14:49 +01:00 committed by GitHub
parent 476a043fc5
commit e8b66a0525
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 11 additions and 2 deletions

View File

@ -25,7 +25,15 @@ module User::LdapAuthenticable
resource = joins(:account).find_by(accounts: { username: safe_username })
if resource.blank?
resource = new(email: attributes[Devise.ldap_mail.to_sym].first, agreement: true, account_attributes: { username: safe_username }, admin: false, external: true, confirmed_at: Time.now.utc)
resource = new(
email: attributes[Devise.ldap_mail.to_sym].first,
agreement: true,
account_attributes: {
username: safe_username,
},
external: true,
confirmed_at: Time.now.utc
)
resource.save!
end

View File

@ -32,7 +32,6 @@ module User::PamAuthenticable
self.email = "#{account.username}@#{find_pam_suffix}" if email.nil? && find_pam_suffix
self.confirmed_at = Time.now.utc
self.admin = false
self.account = account
self.external = true

View File

@ -51,6 +51,8 @@ class User < ApplicationRecord
last_sign_in_ip
skip_sign_in_token
filtered_languages
admin
moderator
)
include LanguagesHelper