diff --git a/app/models/user.rb b/app/models/user.rb index 5dc1b7177..bb73a34b5 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -317,12 +317,12 @@ class User < ApplicationRecord # existing user, we'll update them if (user = unscoped.find_by_login(attrs[:login])) - unless user.auth_source.is_a? AuthSourceExternal + unless user.auth_source.is_a? AuthSourceExternal or user.auth_source.is_a? AuthSourceLdap logger.info "Failed to log in external user: Username '#{attrs[:login]}' already exists in a different authentication source" return nil end # we know this auth source and it's user's auth source, we'll update user attributes - if auth_source && (user.auth_source_id == auth_source.id) + if auth_source && (user.auth_source.is_a? AuthSourceExternal) && (user.auth_source_id == auth_source.id) auth_source_external_groups = auth_source.external_usergroups.pluck(:usergroup_id) new_usergroups = user.usergroups.includes(:external_usergroups).where.not('usergroups.id' => auth_source_external_groups)