Skip to content
Snippets Groups Projects

Ensures that OAuth/LDAP/SAML users don't need to be confirmed

Merged Ensures that OAuth/LDAP/SAML users don't need to be confirmed
31294-fix-oauth-users-do-not-need-to-be-confirmed into 9-1-stable
All threads resolved!
Merged username-removed-128633 requested to merge 31294-fix-oauth-users-do-not-need-to-be-confirmed into 9-1-stable
All threads resolved!

What does this MR do?

This ensures user created via OAuth/LDAP/SAML don't need to confirm their email.

In some cases, OAuth generated users get an auto-generated email (https://gitlab.com/gitlab-org/gitlab-ce/blob/cc52dfab92116ca91fda37e07ad9cef21a62ce69/lib/gitlab/o_auth/auth_hash.rb#L57), and the Users::CreateService wasn't taking in account the skip_confirmation param if the current_user wasn't an admin (it would set it to !current_application_settings.send_user_confirmation_email in that case.

This MR fixes that by whitelisting :skip_confirmation when skip_authorization is true.

Why was this MR needed?

This caused bad LDAP regressions in 9.1.

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Closes #31294 (closed)

/cc @stanhu @felipe_artur @godfat

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • username-removed-128633 mentioned in merge request !10926 (merged)

    mentioned in merge request !10926 (merged)

  • username-removed-128633
    username-removed-128633 @rymai ·
    Author Maintainer

    master backport MR: !10926 (merged)

  • username-removed-128633 mentioned in issue #31285 (closed)

    mentioned in issue #31285 (closed)

  • username-removed-128633 mentioned in issue #31294 (closed)

    mentioned in issue #31294 (closed)

  • username-removed-128633
  • username-removed-128633 assigned to @rymai

    assigned to @rymai

  • username-removed-128633 mentioned in merge request !10675 (merged)

    mentioned in merge request !10675 (merged)

  • username-removed-128633 added 1 commit

    added 1 commit

    • 6cd9285f - Ensures that OAuth/LDAP/SAML users don't need to be confirmed

    Compare with previous version

  • username-removed-128633
    username-removed-128633 @rymai ·
    Author Maintainer

    @rspeicher I've reduced the change to the minimum.

  • username-removed-128633 assigned to @rspeicher

    assigned to @rspeicher

  • Robert Speicher resolved all discussions

    resolved all discussions

  • Robert Speicher approved this merge request

    approved this merge request

  • Robert Speicher enabled an automatic merge when the pipeline for 6cd9285f succeeds

    enabled an automatic merge when the pipeline for 6cd9285f succeeds

  • username-removed-128633 added 4 commits

    added 4 commits

    • 6cd9285f...4aec52ea - 2 commits from branch 9-1-stable
    • 03940fb1 - Ensures that OAuth/LDAP/SAML users don't need to be confirmed
    • 3e10797d - Fix logic in Users::CreateService broken by the fix for OAuth users

    Compare with previous version

  • username-removed-128633
  • username-removed-128633 assigned to @smcgivern

    assigned to @smcgivern

  • username-removed-443319 resolved all discussions

    resolved all discussions

  • username-removed-443319 approved this merge request

    approved this merge request

  • username-removed-443319 enabled an automatic merge when the pipeline for 3e10797d succeeds

    enabled an automatic merge when the pipeline for 3e10797d succeeds

  • username-removed-443319 mentioned in commit ad571dc4

    mentioned in commit ad571dc4

  • username-removed-443319 merged

    merged

  • username-removed-423915
    username-removed-423915 @godfat ·
    Maintainer

    @smcgivern I don't think we need to Pick into Stable because it's merged into 9-1-stable directly.

  • username-removed-443319
    username-removed-443319 @smcgivern ·
    Contributor

    Oh, so it is! :blush: /cc @dblessing

    • Please register or sign in to reply