diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/profile/profile.js | 4 | ||||
-rw-r--r-- | app/controllers/projects/deploy_keys_controller.rb | 8 | ||||
-rw-r--r-- | app/models/notification_setting.rb | 8 | ||||
-rw-r--r-- | app/models/user.rb | 20 | ||||
-rw-r--r-- | app/views/profiles/_email_settings.html.haml | 2 | ||||
-rw-r--r-- | app/views/profiles/notifications/_email_settings.html.haml | 2 | ||||
-rw-r--r-- | app/views/profiles/notifications/_group_settings.html.haml | 2 | ||||
-rw-r--r-- | app/views/projects/deploy_keys/edit.html.haml | 4 |
8 files changed, 33 insertions, 17 deletions
diff --git a/app/assets/javascripts/profile/profile.js b/app/assets/javascripts/profile/profile.js index 8dd37aee7e1..21cc27cb1ce 100644 --- a/app/assets/javascripts/profile/profile.js +++ b/app/assets/javascripts/profile/profile.js @@ -40,7 +40,9 @@ export default class Profile { bindEvents() { $('.js-preferences-form').on('change.preference', 'input[type=radio]', this.submitForm); $('.js-group-notification-email').on('change', this.submitForm); - $('#user_notification_email').on('change', this.submitForm); + $('#user_notification_email').on('select2-selecting', event => { + setTimeout(this.submitForm.bind(event.currentTarget)); + }); $('#user_notified_of_own_activity').on('change', this.submitForm); this.form.on('submit', this.onSubmitForm); } diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 761225e897f..4f4adaea56e 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -37,6 +37,8 @@ class Projects::DeployKeysController < Projects::ApplicationController end def update + access_denied! unless deploy_key + if deploy_key.update(update_params) flash[:notice] = _('Deploy key was successfully updated.') redirect_to_repository @@ -85,10 +87,12 @@ class Projects::DeployKeysController < Projects::ApplicationController end def update_params - permitted_params = [deploy_keys_projects_attributes: [:id, :can_push]] + permitted_params = [deploy_keys_projects_attributes: [:can_push]] permitted_params << :title if can?(current_user, :update_deploy_key, deploy_key) - params.require(:deploy_key).permit(*permitted_params) + key_update_params = params.require(:deploy_key).permit(*permitted_params) + key_update_params.dig(:deploy_keys_projects_attributes, '0')&.merge!(id: deploy_keys_project.id) + key_update_params end def authorize_update_deploy_key! diff --git a/app/models/notification_setting.rb b/app/models/notification_setting.rb index 38bd95e6a20..c8c1f47c182 100644 --- a/app/models/notification_setting.rb +++ b/app/models/notification_setting.rb @@ -14,6 +14,7 @@ class NotificationSetting < ApplicationRecord validates :user_id, uniqueness: { scope: [:source_type, :source_id], message: "already exists in source", allow_nil: true } + validate :owns_notification_email, if: :notification_email_changed? scope :for_groups, -> { where(source_type: 'Namespace') } @@ -97,6 +98,13 @@ class NotificationSetting < ApplicationRecord def event_enabled?(event) respond_to?(event) && !!public_send(event) # rubocop:disable GitlabSecurity/PublicSend end + + def owns_notification_email + return if user.temp_oauth_email? + return if notification_email.empty? + + errors.add(:notification_email, _("is not an email you own")) unless user.verified_emails.include?(notification_email) + end end NotificationSetting.prepend_if_ee('EE::NotificationSetting') diff --git a/app/models/user.rb b/app/models/user.rb index 81316f81818..927ffa4d12b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -756,15 +756,15 @@ class User < ApplicationRecord end def owns_notification_email - return if temp_oauth_email? + return if new_record? || temp_oauth_email? - errors.add(:notification_email, _("is not an email you own")) unless all_emails.include?(notification_email) + errors.add(:notification_email, _("is not an email you own")) unless verified_emails.include?(notification_email) end def owns_public_email return if public_email.blank? - errors.add(:public_email, _("is not an email you own")) unless all_emails.include?(public_email) + errors.add(:public_email, _("is not an email you own")) unless verified_emails.include?(public_email) end def owns_commit_email @@ -1212,18 +1212,20 @@ class User < ApplicationRecord all_emails end - def all_public_emails - all_emails(include_private_email: false) - end - - def verified_emails + def verified_emails(include_private_email: true) verified_emails = [] verified_emails << email if primary_email_verified? - verified_emails << private_commit_email + verified_emails << private_commit_email if include_private_email verified_emails.concat(emails.confirmed.pluck(:email)) verified_emails end + def public_verified_emails + emails = verified_emails(include_private_email: false) + emails << email unless temp_oauth_email? + emails.uniq + end + def any_email?(check_email) downcased = check_email.downcase diff --git a/app/views/profiles/_email_settings.html.haml b/app/views/profiles/_email_settings.html.haml index beda6f05f88..c05d42a5846 100644 --- a/app/views/profiles/_email_settings.html.haml +++ b/app/views/profiles/_email_settings.html.haml @@ -5,7 +5,7 @@ - help_text = email_change_disabled ? s_("Your account uses dedicated credentials for the \"%{group_name}\" group and can only be updated through SSO.") % { group_name: @user.managing_group.name } : read_only_help_text = form.text_field :email, required: true, class: 'input-lg', value: (@user.email unless @user.temp_oauth_email?), help: help_text.html_safe, readonly: readonly || email_change_disabled -= form.select :public_email, options_for_select(@user.all_public_emails, selected: @user.public_email), += form.select :public_email, options_for_select(@user.public_verified_emails, selected: @user.public_email), { help: s_("Profiles|This email will be displayed on your public profile"), include_blank: s_("Profiles|Do not show on profile") }, control_class: 'select2 input-lg', disabled: email_change_disabled - commit_email_link_url = help_page_path('user/profile/index', anchor: 'commit-email', target: '_blank') diff --git a/app/views/profiles/notifications/_email_settings.html.haml b/app/views/profiles/notifications/_email_settings.html.haml index d2c62d3d006..7ac3ef9b141 100644 --- a/app/views/profiles/notifications/_email_settings.html.haml +++ b/app/views/profiles/notifications/_email_settings.html.haml @@ -1,6 +1,6 @@ - form = local_assigns.fetch(:form) .form-group = form.label :notification_email, class: "label-bold" - = form.select :notification_email, @user.all_public_emails, { include_blank: false }, class: "select2", disabled: local_assigns.fetch(:email_change_disabled, nil) + = form.select :notification_email, @user.public_verified_emails, { include_blank: false }, class: "select2", disabled: local_assigns.fetch(:email_change_disabled, nil) .help-block = local_assigns.fetch(:help_text, nil) diff --git a/app/views/profiles/notifications/_group_settings.html.haml b/app/views/profiles/notifications/_group_settings.html.haml index 5be086948e7..a25cd78fb0b 100644 --- a/app/views/profiles/notifications/_group_settings.html.haml +++ b/app/views/profiles/notifications/_group_settings.html.haml @@ -13,4 +13,4 @@ .table-section.section-30 = form_for setting, url: profile_notifications_group_path(group), method: :put, html: { class: 'update-notifications' } do |f| - = f.select :notification_email, @user.all_public_emails, { include_blank: 'Global notification email' }, class: 'select2 js-group-notification-email' + = f.select :notification_email, @user.public_verified_emails, { include_blank: 'Global notification email' }, class: 'select2 js-group-notification-email' diff --git a/app/views/projects/deploy_keys/edit.html.haml b/app/views/projects/deploy_keys/edit.html.haml index 3e7872ebc1c..0ce93eef369 100644 --- a/app/views/projects/deploy_keys/edit.html.haml +++ b/app/views/projects/deploy_keys/edit.html.haml @@ -1,9 +1,9 @@ - page_title 'Edit Deploy Key' -%h3.page-title Edit Deploy Key +%h3.page-title= _('Edit Deploy Key') %hr %div - = form_for [@project.namespace.becomes(Namespace), @project, @deploy_key], html: { class: 'js-requires-input' } do |f| + = form_for [@project.namespace.becomes(Namespace), @project, @deploy_key], include_id: false, html: { class: 'js-requires-input' } do |f| = render partial: 'shared/deploy_keys/form', locals: { form: f, deploy_key: @deploy_key } .form-actions = f.submit 'Save changes', class: 'btn-success btn' |