Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 16:00:00 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-09-29 16:00:19 +0300
commit: 95328dd30a55cb66da05352131e7a981b44e1348 (patch)
tree: 0777a77e26ce6cc0ced4536914fd49408df59eeb /app/controllers/profiles
parent: 77e5b153659e884a5fa8442d675f2b88e9de2dd2 (diff)
1 files changed, 0 insertions, 8 deletions
diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb
index c8c2dd1c7d6..85e901eb3eb 100644
--- a/app/controllers/profiles/passwords_controller.rb
+++ b/app/controllers/profiles/passwords_controller.rb
@@ -47,8 +47,6 @@ class Profiles::PasswordsController < Profiles::ApplicationController
     password_attributes[:password_automatically_set] = false
 
     unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password])
-      handle_invalid_current_password_attempt!
-
       redirect_to edit_profile_password_path, alert: _('You must provide a valid current password')
       return
     end
@@ -87,12 +85,6 @@ class Profiles::PasswordsController < Profiles::ApplicationController
     render_404 unless @user.allow_password_authentication?
   end
 
-  def handle_invalid_current_password_attempt!
-    Gitlab::AppLogger.info(message: 'Invalid current password when attempting to update user password', username: @user.username, ip: request.remote_ip)
-
-    @user.increment_failed_attempts!
-  end
-
   def user_params
     params.require(:user).permit(:current_password, :password, :password_confirmation)
   end
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 16:00:00 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-09-29 16:00:19 +0300
commit	95328dd30a55cb66da05352131e7a981b44e1348 (patch)
tree	0777a77e26ce6cc0ced4536914fd49408df59eeb /app/controllers/profiles
parent	77e5b153659e884a5fa8442d675f2b88e9de2dd2 (diff)