Add latest changes from gitlab-org/gitlab@master

17 files changed, 115 insertions, 20 deletions

diff --git a/app/assets/javascripts/pages/registrations/welcome/index.js b/app/assets/javascripts/pages/registrations/welcome/index.js
new file mode 100644
index 00000000000..2d555fa7977
--- /dev/null
+++ b/app/assets/javascripts/pages/registrations/welcome/index.js
@@ -0,0 +1,7 @@
+import LengthValidator from '~/pages/sessions/new/length_validator';
+import NoEmojiValidator from '~/emoji/no_emoji_validator';
+
+document.addEventListener('DOMContentLoaded', () => {
+  new LengthValidator(); // eslint-disable-line no-new
+  new NoEmojiValidator(); // eslint-disable-line no-new
+});
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index f5939b61948..1443a71f6b1 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -29,6 +29,7 @@ class ApplicationController < ActionController::Base
   before_action :active_user_check, unless: :devise_controller?
   before_action :set_usage_stats_consent_flag
   before_action :check_impersonation_availability
+  before_action :require_role
 
   around_action :set_locale
   around_action :set_session_storage
@@ -547,6 +548,16 @@ class ApplicationController < ActionController::Base
   def current_user_mode
     @current_user_mode ||= Gitlab::Auth::CurrentUserMode.new(current_user)
   end
+
+  # A user requires a role when they are part of the experimental signup flow (executed by the Growth team). Users
+  # are redirected to the welcome page when their role is required and the experiment is enabled for the current user.
+  def require_role
+    return unless current_user && current_user.role_required? && experiment_enabled?(:signup_flow)
+
+    store_location_for :user, request.fullpath
+
+    redirect_to users_sign_up_welcome_path
+  end
 end
 
 ApplicationController.prepend_if_ee('EE::ApplicationController')
diff --git a/app/controllers/concerns/invisible_captcha.rb b/app/controllers/concerns/invisible_captcha.rb
index 45c0a5c58ef..d56f1d7fa5f 100644
--- a/app/controllers/concerns/invisible_captcha.rb
+++ b/app/controllers/concerns/invisible_captcha.rb
@@ -8,7 +8,7 @@ module InvisibleCaptcha
   end
 
   def on_honeypot_spam_callback
-    return unless Feature.enabled?(:invisible_captcha)
+    return unless Feature.enabled?(:invisible_captcha) || experiment_enabled?(:signup_flow)
 
     invisible_captcha_honeypot_counter.increment
     log_request('Invisible_Captcha_Honeypot_Request')
@@ -17,7 +17,7 @@ module InvisibleCaptcha
   end
 
   def on_timestamp_spam_callback
-    return unless Feature.enabled?(:invisible_captcha)
+    return unless Feature.enabled?(:invisible_captcha) || experiment_enabled?(:signup_flow)
 
     invisible_captcha_timestamp_counter.increment
     log_request('Invisible_Captcha_Timestamp_Request')
diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb
index ab4ca56bb49..12dc2d1af1c 100644
--- a/app/controllers/oauth/applications_controller.rb
+++ b/app/controllers/oauth/applications_controller.rb
@@ -5,6 +5,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
   include Gitlab::Allowable
   include PageLayoutHelper
   include OauthApplications
+  include Gitlab::Experimentation::ControllerConcern
 
   before_action :verify_user_oauth_applications_enabled, except: :index
   before_action :authenticate_user!
diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb
index 705389749d8..e65726dffbf 100644
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
+  include Gitlab::Experimentation::ControllerConcern
   layout 'profile'
 
   # Overridden from Doorkeeper::AuthorizationsController to
diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
index 958a24b6c0e..2b7571e42b7 100644
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -100,6 +100,7 @@ class ProfilesController < Profiles::ApplicationController
       :avatar,
       :bio,
       :email,
+      :role,
       :hide_no_password,
       :hide_no_ssh_key,
       :hide_project_limit,
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index 3a2975e92d6..4a746fc915d 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -8,13 +8,14 @@ class RegistrationsController < Devise::RegistrationsController
 
   layout :choose_layout
 
+  skip_before_action :require_role, only: [:welcome, :update_role]
   prepend_before_action :check_captcha, only: :create
   before_action :whitelist_query_limiting, only: [:destroy]
   before_action :ensure_terms_accepted,
     if: -> { action_name == 'create' && Gitlab::CurrentSettings.current_application_settings.enforce_terms? }
 
   def new
-    if helpers.use_experimental_separate_sign_up_flow?
+    if experiment_enabled?(:signup_flow)
       @resource = build_resource
     else
       redirect_to new_user_session_path(anchor: 'register-pane')
@@ -26,8 +27,13 @@ class RegistrationsController < Devise::RegistrationsController
 
     super do |new_user|
       persist_accepted_terms_if_required(new_user)
+      set_role_required(new_user)
       yield new_user if block_given?
     end
+
+    # Do not show the signed_up notice message when the signup_flow experiment is enabled.
+    # Instead, show it after succesfully updating the role.
+    flash[:notice] = nil if experiment_enabled?(:signup_flow)
   rescue Gitlab::Access::AccessDeniedError
     redirect_to(new_user_session_path)
   end
@@ -42,6 +48,26 @@ class RegistrationsController < Devise::RegistrationsController
     end
   end
 
+  def welcome
+    return redirect_to new_user_registration_path unless current_user
+    return redirect_to stored_location_or_dashboard_or_almost_there_path(current_user) if current_user.role.present?
+
+    current_user.name = nil
+    render layout: 'devise_experimental_separate_sign_up_flow'
+  end
+
+  def update_role
+    user_params = params.require(:user).permit(:name, :role)
+    result = ::Users::UpdateService.new(current_user, user_params.merge(user: current_user)).execute
+
+    if result[:status] == :success
+      set_flash_message! :notice, :signed_up
+      redirect_to stored_location_or_dashboard_or_almost_there_path(current_user)
+    else
+      redirect_to users_sign_up_welcome_path, alert: result[:message]
+    end
+  end
+
   protected
 
   def persist_accepted_terms_if_required(new_user)
@@ -54,6 +80,10 @@ class RegistrationsController < Devise::RegistrationsController
     end
   end
 
+  def set_role_required(new_user)
+    new_user.set_role_required! if new_user.persisted? && experiment_enabled?(:signup_flow)
+  end
+
   def destroy_confirmation_valid?
     if current_user.confirm_deletion_with_password?
       current_user.valid_password?(params[:password])
@@ -76,7 +106,10 @@ class RegistrationsController < Devise::RegistrationsController
 
   def after_sign_up_path_for(user)
     Gitlab::AppLogger.info(user_created_message(confirmed: user.confirmed?))
-    confirmed_or_unconfirmed_access_allowed(user) ? stored_location_or_dashboard(user) : users_almost_there_path
+
+    return users_sign_up_welcome_path if experiment_enabled?(:signup_flow)
+
+    stored_location_or_dashboard_or_almost_there_path(user)
   end
 
   def after_inactive_sign_up_path_for(resource)
@@ -103,6 +136,7 @@ class RegistrationsController < Devise::RegistrationsController
     ensure_correct_params!
 
     return unless Feature.enabled?(:registrations_recaptcha, default_enabled: true) # reCAPTCHA on the UI will still display however
+    return if experiment_enabled?(:signup_flow) # when the experimental signup flow is enabled for the current user, disable the reCAPTCHA check
     return unless show_recaptcha_sign_up?
     return unless Gitlab::Recaptcha.load_configurations!
 
@@ -114,7 +148,13 @@ class RegistrationsController < Devise::RegistrationsController
   end
 
   def sign_up_params
-    params.require(:user).permit(:username, :email, :email_confirmation, :name, :password)
+    clean_params = params.require(:user).permit(:username, :email, :email_confirmation, :name, :password)
+
+    if experiment_enabled?(:signup_flow)
+      clean_params[:name] = clean_params[:username]
+    end
+
+    clean_params
   end
 
   def resource_name
@@ -144,17 +184,21 @@ class RegistrationsController < Devise::RegistrationsController
   end
 
   def confirmed_or_unconfirmed_access_allowed(user)
-    user.confirmed? || Feature.enabled?(:soft_email_confirmation)
+    user.confirmed? || Feature.enabled?(:soft_email_confirmation) || experiment_enabled?(:signup_flow)
   end
 
   def stored_location_or_dashboard(user)
     stored_location_for(user) || dashboard_projects_path
   end
 
+  def stored_location_or_dashboard_or_almost_there_path(user)
+    confirmed_or_unconfirmed_access_allowed(user) ? stored_location_or_dashboard(user) : users_almost_there_path
+  end
+
   # Part of an experiment to build a new sign up flow. Will be resolved
   # with https://gitlab.com/gitlab-org/growth/engineering/issues/64
   def choose_layout
-    if helpers.use_experimental_separate_sign_up_flow?
+    if experiment_enabled?(:signup_flow)
       'devise_experimental_separate_sign_up_flow'
     else
       'devise'
diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb
index 2a5a3b9eac6..af98a611b8b 100644
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@@ -4,8 +4,4 @@ module SessionsHelper
   def unconfirmed_email?
     flash[:alert] == t(:unconfirmed, scope: [:devise, :failure])
   end
-
-  def use_experimental_separate_sign_up_flow?
-    ::Gitlab.dev_env_or_com? && Feature.enabled?(:experimental_separate_sign_up_flow)
-  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index fe5c13f1c68..321a4080484 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -231,6 +231,10 @@ class User < ApplicationRecord
   # Note: When adding an option, it MUST go on the end of the array.
   enum project_view: [:readme, :activity, :files]
 
+  # User's role
+  # Note: When adding an option, it MUST go on the end of the array.
+  enum role: [:software_developer, :development_team_lead, :devops_engineer, :systems_administrator, :security_analyst, :data_analyst, :product_manager, :product_designer, :other], _suffix: true
+
   delegate :path, to: :namespace, allow_nil: true, prefix: true
   delegate :notes_filter_for, to: :user_preference
   delegate :set_notes_filter, to: :user_preference
@@ -1571,6 +1575,20 @@ class User < ApplicationRecord
     [last_activity, last_sign_in].compact.max
   end
 
+  # Below is used for the signup_flow experiment. Should be removed
+  # when experiment finishes.
+  # See https://gitlab.com/gitlab-org/growth/engineering/issues/64
+  REQUIRES_ROLE_VALUE = 99
+
+  def role_required?
+    role_before_type_cast == REQUIRES_ROLE_VALUE
+  end
+
+  def set_role_required!
+    update_column(:role, REQUIRES_ROLE_VALUE)
+  end
+  # End of signup_flow experiment methods
+
   # @deprecated
   alias_method :owned_or_masters_groups, :owned_or_maintainers_groups
 
diff --git a/app/views/devise/registrations/new.html.haml b/app/views/devise/registrations/new.html.haml
index dfdf7429dc5..5f85235e8fa 100644
--- a/app/views/devise/registrations/new.html.haml
+++ b/app/views/devise/registrations/new.html.haml
@@ -1,5 +1,5 @@
 - page_title "Sign up"
-- if use_experimental_separate_sign_up_flow?
+- if experiment_enabled?(:signup_flow)
   = render 'devise/shared/experimental_separate_sign_up_flow_box'
 - else
   = render 'devise/shared/signup_box'
diff --git a/app/views/devise/sessions/new.html.haml b/app/views/devise/sessions/new.html.haml
index 17e5da501f5..8f6c3ecbe58 100644
--- a/app/views/devise/sessions/new.html.haml
+++ b/app/views/devise/sessions/new.html.haml
@@ -4,7 +4,7 @@
   - if form_based_providers.any?
     = render 'devise/shared/tabs_ldap'
   - else
-    - unless use_experimental_separate_sign_up_flow?
+    - unless experiment_enabled?(:signup_flow)
       = render 'devise/shared/tabs_normal'
   .tab-content
     - if password_authentication_enabled_for_web? || ldap_enabled? || crowd_enabled?
diff --git a/app/views/devise/shared/_experimental_separate_sign_up_flow_box.html.haml b/app/views/devise/shared/_experimental_separate_sign_up_flow_box.html.haml
index f92c29da5e6..5d163d03c73 100644
--- a/app/views/devise/shared/_experimental_separate_sign_up_flow_box.html.haml
+++ b/app/views/devise/shared/_experimental_separate_sign_up_flow_box.html.haml
@@ -1,4 +1,4 @@
-- max_name_length = 128
+- content_for(:page_title, _('Register for GitLab'))
 - max_username_length = 255
 .signup-box.p-3.mb-2
   .signup-body
@@ -6,9 +6,6 @@
       .devise-errors.mt-0
         = render "devise/shared/error_messages", resource: resource
       = invisible_captcha
-      .name.form-group
-        = f.label :name, _('Full name'), class: 'label-bold'
-        = f.text_field :name, class: "form-control top js-block-emoji js-validate-length", :data => { :max_length => max_name_length, :max_length_message => s_("SignUp|Name is too long (maximum is %{max_length} characters).") % { max_length: max_name_length }, :qa_selector => 'new_user_name_field' }, required: true, title: _("This field is required.")
       .username.form-group
         = f.label :username, class: 'label-bold'
         = f.text_field :username, class: "form-control middle js-block-emoji js-validate-length js-validate-username", :data => { :max_length => max_username_length, :max_length_message => s_("SignUp|Username is too long (maximum is %{max_length} characters).") % { max_length: max_username_length }, :qa_selector => 'new_user_username_field' }, pattern: Gitlab::PathRegex::NAMESPACE_FORMAT_REGEX_JS, required: true, title: _("Please create a username with only alphanumeric characters.")
diff --git a/app/views/devise/shared/_signin_box.html.haml b/app/views/devise/shared/_signin_box.html.haml
index deaceccbfc7..746d43edbad 100644
--- a/app/views/devise/shared/_signin_box.html.haml
+++ b/app/views/devise/shared/_signin_box.html.haml
@@ -23,7 +23,7 @@
     .login-body
       = render 'devise/sessions/new_base'
 
-- if use_experimental_separate_sign_up_flow?
+- if experiment_enabled?(:signup_flow)
   %p.light.mt-2
     = _("Don't have an account yet?")
     = link_to _("Register now"), new_registration_path(:user)
diff --git a/app/views/layouts/_head.html.haml b/app/views/layouts/_head.html.haml
index 1efd8647a67..b8c9f0ae1e8 100644
--- a/app/views/layouts/_head.html.haml
+++ b/app/views/layouts/_head.html.haml
@@ -5,7 +5,7 @@
 -# anything from this page beforehand.
 -# Part of an experiment to build a new sign up flow. Will be removed again with
 -# https://gitlab.com/gitlab-org/growth/engineering/issues/64
-- if use_experimental_separate_sign_up_flow? && current_path?("sessions#new")
+- if experiment_enabled?(:signup_flow) && current_path?("sessions#new")
   = javascript_tag nonce: true do
     :plain
       if (window.location.hash === '#register-pane') {
diff --git a/app/views/layouts/devise_experimental_separate_sign_up_flow.html.haml b/app/views/layouts/devise_experimental_separate_sign_up_flow.html.haml
index b10145b62af..2f05717fc0e 100644
--- a/app/views/layouts/devise_experimental_separate_sign_up_flow.html.haml
+++ b/app/views/layouts/devise_experimental_separate_sign_up_flow.html.haml
@@ -14,7 +14,8 @@
               = render_if_exists 'layouts/devise_help_text'
               .text-center.signup-heading.mt-3.mb-3
                 = image_tag(image_url('logo.svg'), class: 'gitlab-logo', alt: 'GitLab Logo')
-                %h2= _('Register for GitLab.com')
+                - if content_for?(:page_title)
+                  %h2= yield :page_title
               = yield
       %hr.footer-fixed
       .footer-container
diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml
index 0576f51fa83..68b7efc6fb4 100644
--- a/app/views/profiles/show.html.haml
+++ b/app/views/profiles/show.html.haml
@@ -94,6 +94,7 @@
         - else
           = f.text_field :name, label: s_('Profiles|Full name'), required: true, title: s_("Profiles|Using emojis in names seems fun, but please try to set a status message instead"), wrapper: { class: 'col-md-9 qa-full-name rspec-full-name' }, help: s_("Profiles|Enter your name, so people you know can recognize you")
         = f.text_field :id, readonly: true, label: s_('Profiles|User ID'), wrapper: { class: 'col-md-3' }
+      = f.select :role, ::User.roles.keys.map { |role| [role.titleize, role] }, {}, class: 'input-md'
 
       = render_if_exists 'profiles/email_settings', form: f
       = f.text_field :skype, class: 'input-md', placeholder: s_("Profiles|username")
diff --git a/app/views/registrations/welcome.html.haml b/app/views/registrations/welcome.html.haml
new file mode 100644
index 00000000000..02ab974ecc0
--- /dev/null
+++ b/app/views/registrations/welcome.html.haml
@@ -0,0 +1,17 @@
+- content_for(:page_title, _('Welcome to GitLab<br>%{username}!' % { username: html_escape(current_user.username) }).html_safe)
+- max_name_length = 128
+.text-center.mb-3
+  = _('In order to tailor your experience with GitLab<br>we would like to know a bit more about you.').html_safe
+.signup-box.p-3.mb-2
+  .signup-body
+    = form_for(current_user, url: users_sign_up_update_role_path, html: { class: 'new_new_user gl-show-field-errors', 'aria-live' => 'assertive' }) do |f|
+      .devise-errors.mt-0
+        = render 'devise/shared/error_messages', resource: current_user
+      .name.form-group
+        = f.label :name, _('Full name'), class: 'label-bold'
+        = f.text_field :name, class: 'form-control top js-block-emoji js-validate-length', :data => { :max_length => max_name_length, :max_length_message => s_('Name is too long (maximum is %{max_length} characters).') % { max_length: max_name_length }, :qa_selector => 'new_user_name_field' }, required: true, title: _('This field is required.')
+      .form-group
+        = f.label :role, _('Role'), class: 'label-bold'
+        = f.select :role, ::User.roles.keys.map { |role| [role.titleize, role] }, {}, class: 'form-control'
+      .submit-container.mt-3
+        = f.submit _('Get started!'), class: 'btn-register btn btn-block mb-0 p-2'