diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2017-05-08 11:06:54 +0000 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2017-05-09 03:44:44 +0000 |
commit | 848466ee6c42186b4e8a3c49027438254c476ae4 (patch) | |
tree | 0d5fcb8d6797b19fc032a6c88f5c150f90261681 | |
parent | 5c03b64b9d22f0d521b77389349caf0268f6e85c (diff) | |
download | gitlab-ce-848466ee6c42186b4e8a3c49027438254c476ae4.tar.gz |
Merge branch 'sh-fix-almost-there-spec-mysql' into 'master'
Fix sub-second timing comparison error for Devise confirmation period
Closes gitlab-ee#2362
See merge request !11156
-rw-r--r-- | app/models/user.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index accaa91b805..4e5f94683b8 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1000,6 +1000,15 @@ class User < ActiveRecord::Base devise_mailer.send(notification, self, *args).deliver_later end + # This works around a bug in Devise 4.2.0 that erroneously causes a user to + # be considered active in MySQL specs due to a sub-second comparison + # issue. For more details, see: https://gitlab.com/gitlab-org/gitlab-ee/issues/2362#note_29004709 + def confirmation_period_valid? + return false if self.class.allow_unconfirmed_access_for == 0.days + + super + end + def ensure_external_user_rights return unless external? |