diff options
-rw-r--r-- | app/assets/javascripts/filtered_search/dropdown_user.js | 14 | ||||
-rw-r--r-- | app/controllers/concerns/enforces_two_factor_authentication.rb | 2 | ||||
-rw-r--r-- | app/views/admin/users/_form.html.haml | 6 | ||||
-rw-r--r-- | app/views/devise/shared/_signin_box.html.haml | 8 | ||||
-rw-r--r-- | app/views/shared/_import_form.html.haml | 3 | ||||
-rw-r--r-- | app/views/shared/_label_row.html.haml | 1 | ||||
-rw-r--r-- | changelogs/unreleased/61441.yml | 5 | ||||
-rw-r--r-- | spec/controllers/application_controller_spec.rb | 21 | ||||
-rw-r--r-- | spec/javascripts/api_spec.js | 2 |
9 files changed, 55 insertions, 7 deletions
diff --git a/app/assets/javascripts/filtered_search/dropdown_user.js b/app/assets/javascripts/filtered_search/dropdown_user.js index f1e7be6bde1..a65c0012b4d 100644 --- a/app/assets/javascripts/filtered_search/dropdown_user.js +++ b/app/assets/javascripts/filtered_search/dropdown_user.js @@ -18,6 +18,7 @@ export default class DropdownUser extends DropdownAjaxFilter { group_id: this.getGroupId(), project_id: this.getProjectId(), current_user: true, + ...this.projectOrGroupId(), }, onLoadingFinished: () => { this.hideCurrentUser(); @@ -36,4 +37,17 @@ export default class DropdownUser extends DropdownAjaxFilter { getProjectId() { return this.input.getAttribute('data-project-id'); } + + projectOrGroupId() { + const projectId = this.getProjectId(); + const groupId = this.getGroupId(); + if (groupId) { + return { + group_id: groupId, + }; + } + return { + project_id: projectId, + }; + } } diff --git a/app/controllers/concerns/enforces_two_factor_authentication.rb b/app/controllers/concerns/enforces_two_factor_authentication.rb index 71bdef8ce03..0fddf15d197 100644 --- a/app/controllers/concerns/enforces_two_factor_authentication.rb +++ b/app/controllers/concerns/enforces_two_factor_authentication.rb @@ -16,7 +16,7 @@ module EnforcesTwoFactorAuthentication end def check_two_factor_requirement - if two_factor_authentication_required? && current_user && !current_user.two_factor_enabled? && !skip_two_factor? + if two_factor_authentication_required? && current_user && !current_user.temp_oauth_email? && !current_user.two_factor_enabled? && !skip_two_factor? redirect_to profile_two_factor_auth_path end end diff --git a/app/views/admin/users/_form.html.haml b/app/views/admin/users/_form.html.haml index 296ef073144..0656feb79cb 100644 --- a/app/views/admin/users/_form.html.haml +++ b/app/views/admin/users/_form.html.haml @@ -48,6 +48,10 @@ = render partial: 'access_levels', locals: { f: f } + = render_if_exists 'admin/users/namespace_plan_fieldset', f: f + + = render_if_exists 'admin/users/limits', f: f + %fieldset %legend Profile .form-group.row @@ -73,6 +77,8 @@ = f.label :website_url, 'Website', class: 'col-form-label' .col-sm-10= f.text_field :website_url, class: 'form-control' + = render_if_exists 'admin/users/admin_notes', f: f + .form-actions - if @user.new_record? = f.submit 'Create user', class: "btn btn-success" diff --git a/app/views/devise/shared/_signin_box.html.haml b/app/views/devise/shared/_signin_box.html.haml index ec968e435cd..f8f36a8bfff 100644 --- a/app/views/devise/shared/_signin_box.html.haml +++ b/app/views/devise/shared/_signin_box.html.haml @@ -3,17 +3,21 @@ .login-box.tab-pane{ id: "crowd", role: 'tabpanel', class: active_when(form_based_auth_provider_has_active_class?(:crowd)) } .login-body = render 'devise/sessions/new_crowd' + + = render_if_exists 'devise/sessions/new_kerberos_tab' + - @ldap_servers.each_with_index do |server, i| .login-box.tab-pane{ id: "#{server['provider_name']}", role: 'tabpanel', class: active_when(i.zero? && form_based_auth_provider_has_active_class?(:ldapmain)) } .login-body = render 'devise/sessions/new_ldap', server: server + + = render_if_exists 'devise/sessions/new_smartcard' + - if password_authentication_enabled_for_web? .login-box.tab-pane{ id: 'login-pane', role: 'tabpanel' } .login-body = render 'devise/sessions/new_base' - = render_if_exists 'devise/sessions/new_smartcard' - - elsif password_authentication_enabled_for_web? .login-box.tab-pane.active{ id: 'login-pane', role: 'tabpanel' } .login-body diff --git a/app/views/shared/_import_form.html.haml b/app/views/shared/_import_form.html.haml index 7b593ca4f76..3ee713cf499 100644 --- a/app/views/shared/_import_form.html.haml +++ b/app/views/shared/_import_form.html.haml @@ -18,3 +18,6 @@ = import_will_timeout_message(ci_cd_only) %li = import_svn_message(ci_cd_only) + = render_if_exists 'shared/ci_cd_only_link', ci_cd_only: ci_cd_only + += render_if_exists 'shared/ee/import_form', f: f, ci_cd_only: ci_cd_only diff --git a/app/views/shared/_label_row.html.haml b/app/views/shared/_label_row.html.haml index a1aab2e6a08..af11ce94ec5 100644 --- a/app/views/shared/_label_row.html.haml +++ b/app/views/shared/_label_row.html.haml @@ -22,3 +22,4 @@ · %li.label-link-item.priority-badge.js-priority-badge.inline.prepend-left-10 .label-badge.label-badge-blue= _('Prioritized label') + = render_if_exists 'shared/label_row_epics_link', label: label diff --git a/changelogs/unreleased/61441.yml b/changelogs/unreleased/61441.yml new file mode 100644 index 00000000000..2ad0c6f62d3 --- /dev/null +++ b/changelogs/unreleased/61441.yml @@ -0,0 +1,5 @@ +--- +title: Allow user to set primary email first when 2FA is required +merge_request: 28097 +author: Kartikey Tanna +type: fixed diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 7296a4b4526..5ecd1b6b7c8 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -206,8 +206,19 @@ describe ApplicationController do describe '#check_two_factor_requirement' do subject { controller.send :check_two_factor_requirement } + it 'does not redirect if user has temporary oauth email' do + oauth_user = create(:user, email: 'temp-email-for-oauth@email.com') + allow(controller).to receive(:two_factor_authentication_required?).and_return(true) + allow(controller).to receive(:current_user).and_return(oauth_user) + + expect(controller).not_to receive(:redirect_to) + + subject + end + it 'does not redirect if 2FA is not required' do allow(controller).to receive(:two_factor_authentication_required?).and_return(false) + expect(controller).not_to receive(:redirect_to) subject @@ -216,6 +227,7 @@ describe ApplicationController do it 'does not redirect if user is not logged in' do allow(controller).to receive(:two_factor_authentication_required?).and_return(true) allow(controller).to receive(:current_user).and_return(nil) + expect(controller).not_to receive(:redirect_to) subject @@ -223,8 +235,9 @@ describe ApplicationController do it 'does not redirect if user has 2FA enabled' do allow(controller).to receive(:two_factor_authentication_required?).and_return(true) - allow(controller).to receive(:current_user).twice.and_return(user) + allow(controller).to receive(:current_user).thrice.and_return(user) allow(user).to receive(:two_factor_enabled?).and_return(true) + expect(controller).not_to receive(:redirect_to) subject @@ -232,9 +245,10 @@ describe ApplicationController do it 'does not redirect if 2FA setup can be skipped' do allow(controller).to receive(:two_factor_authentication_required?).and_return(true) - allow(controller).to receive(:current_user).twice.and_return(user) + allow(controller).to receive(:current_user).thrice.and_return(user) allow(user).to receive(:two_factor_enabled?).and_return(false) allow(controller).to receive(:skip_two_factor?).and_return(true) + expect(controller).not_to receive(:redirect_to) subject @@ -242,10 +256,11 @@ describe ApplicationController do it 'redirects to 2FA setup otherwise' do allow(controller).to receive(:two_factor_authentication_required?).and_return(true) - allow(controller).to receive(:current_user).twice.and_return(user) + allow(controller).to receive(:current_user).thrice.and_return(user) allow(user).to receive(:two_factor_enabled?).and_return(false) allow(controller).to receive(:skip_two_factor?).and_return(false) allow(controller).to receive(:profile_two_factor_auth_path) + expect(controller).to receive(:redirect_to) subject diff --git a/spec/javascripts/api_spec.js b/spec/javascripts/api_spec.js index 494b3b934a8..805bb10bda6 100644 --- a/spec/javascripts/api_spec.js +++ b/spec/javascripts/api_spec.js @@ -288,7 +288,7 @@ describe('Api', () => { it('creates a group label', done => { const namespace = 'group/subgroup'; const labelData = { some: 'data' }; - const expectedUrl = `${dummyUrlRoot}/groups/${namespace}/-/labels`; + const expectedUrl = Api.buildUrl(Api.groupLabelsPath).replace(':namespace_path', namespace); const expectedData = { label: labelData, }; |