Ensures that OAuth/LDAP/SAML users don't need to be confirmed

Signed-off-by: Rémy Coutable <remy@rymai.me>

1 files changed, 4 insertions, 4 deletions

diff --git a/app/services/users/build_service.rb b/app/services/users/build_service.rb
index d2a1c161026..05cdea10e96 100644
--- a/app/services/users/build_service.rb
+++ b/app/services/users/build_service.rb
@@ -9,12 +9,11 @@ module Users
     def execute(skip_authorization: false)
       raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_create_user?
 
-      user = User.new(build_user_params)
+      user = User.new(build_user_params(skip_authorization: skip_authorization))
 
       if current_user&.admin?
         if params[:reset_password]
           user.generate_reset_token
-          params[:force_random_password] = true
         end
 
         if params[:force_random_password]
@@ -81,7 +80,7 @@ module Users
       ]
     end
 
-    def build_user_params
+    def build_user_params(skip_authorization:)
       if current_user&.admin?
         user_params = params.slice(*admin_create_params)
         user_params[:created_by_id] = current_user&.id
@@ -91,7 +90,8 @@ module Users
         end
       else
         user_params = params.slice(*signup_params)
-        user_params[:skip_confirmation] = !current_application_settings.send_user_confirmation_email
+        user_params[:skip_confirmation] = params[:skip_confirmation] if skip_authorization
+        user_params[:skip_confirmation] ||= !current_application_settings.send_user_confirmation_email
       end
 
       user_params