diff options
author | Roger Meier <r.meier@siemens.com> | 2019-06-13 12:36:54 +0000 |
---|---|---|
committer | Roger Meier <r.meier@siemens.com> | 2019-06-13 14:57:18 +0200 |
commit | 7bfc4f999231385f2dc24cbb2d34b09cf5ae96c1 (patch) | |
tree | a0a01d2daa479943f5a9cdca946a666bd4d50cc6 | |
parent | 35d928c4a9fe7c8545f2ad1866a45ff28c1ef5d3 (diff) | |
download | gitlab-ce-7bfc4f999231385f2dc24cbb2d34b09cf5ae96c1.tar.gz |
refactor: do not apply setting "require 2FA" for ancestor group members
-rw-r--r-- | app/models/group.rb | 2 | ||||
-rw-r--r-- | changelogs/unreleased/feature-require-2fa-for-all-entities-in-group.yml | 2 | ||||
-rw-r--r-- | spec/models/group_spec.rb | 4 |
3 files changed, 4 insertions, 4 deletions
diff --git a/app/models/group.rb b/app/models/group.rb index ba9f6221567..dbec211935d 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -423,7 +423,7 @@ class Group < Namespace def update_two_factor_requirement return unless saved_change_to_require_two_factor_authentication? || saved_change_to_two_factor_grace_period? - direct_and_indirect_members.find_each(&:update_two_factor_requirement) + members_with_descendants.find_each(&:update_two_factor_requirement) end def path_changed_hook diff --git a/changelogs/unreleased/feature-require-2fa-for-all-entities-in-group.yml b/changelogs/unreleased/feature-require-2fa-for-all-entities-in-group.yml index ff04f99c1bb..0abe777fb69 100644 --- a/changelogs/unreleased/feature-require-2fa-for-all-entities-in-group.yml +++ b/changelogs/unreleased/feature-require-2fa-for-all-entities-in-group.yml @@ -1,4 +1,4 @@ -title: Apply the group setting "require 2FA" across all subgroup and ancestor group members as well when changing the group setting +title: Apply the group setting "require 2FA" across all subgroup members as well when changing the group setting merge_request: 24965 author: rroger type: changed diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb index 074aec3eb07..d7accbef6bd 100644 --- a/spec/models/group_spec.rb +++ b/spec/models/group_spec.rb @@ -662,14 +662,14 @@ describe Group do expect(indirect_user.reload.require_two_factor_authentication_from_group).to be_truthy end - it 'enables two_factor_requirement for ancestor group member' do + it 'does not enable two_factor_requirement for ancestor group member' do ancestor_group = create(:group) ancestor_group.add_user(indirect_user, GroupMember::OWNER) group.update!(parent: ancestor_group) group.update!(require_two_factor_authentication: true) - expect(indirect_user.reload.require_two_factor_authentication_from_group).to be_truthy + expect(indirect_user.reload.require_two_factor_authentication_from_group).to be_falsey end end |