Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-06-30 15:08:57 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-06-30 15:08:57 +0300
commit: 1e254d9f5a46a85c9bb6f24da8265a30fd388db4 (patch)
tree: 7f9d414ae2256d96ee3d3ced3305da9507561c0c /app/services
parent: e860bae967a4fa90213ff1980fac0bea8f894366 (diff)
2 files changed, 7 insertions, 5 deletions
diff --git a/app/services/projects/update_repository_storage_service.rb b/app/services/projects/update_repository_storage_service.rb
index f1a58562190..769c779d2dc 100644
--- a/app/services/projects/update_repository_storage_service.rb
+++ b/app/services/projects/update_repository_storage_service.rb
@@ -79,8 +79,6 @@ module Projects
         full_path
       )
 
-      new_repository.create_repository
-
       new_repository.replicate(raw_repository)
       new_checksum = new_repository.checksum
 
diff --git a/app/services/resource_access_tokens/create_service.rb b/app/services/resource_access_tokens/create_service.rb
index c8e86e68383..2d0a78feb8e 100644
--- a/app/services/resource_access_tokens/create_service.rb
+++ b/app/services/resource_access_tokens/create_service.rb
@@ -13,8 +13,6 @@ module ResourceAccessTokens
       return unless feature_enabled?
       return error("User does not have permission to create #{resource_type} Access Token") unless has_permission_to_create?
 
-      # We skip authorization by default, since the user creating the bot is not an admin
-      # and project/group bot users are not created via sign-up
       user = create_user
 
       return error(user.errors.full_messages.to_sentence) unless user.persisted?
@@ -49,6 +47,11 @@ module ResourceAccessTokens
     end
 
     def create_user
+      # Even project maintainers can create project access tokens, which in turn
+      # creates a bot user, and so it becomes necessary to  have `skip_authorization: true`
+      # since someone like a project maintainer does not inherently have the ability
+      # to create a new user in the system.
+
       Users::CreateService.new(current_user, default_user_params).execute(skip_authorization: true)
     end
 
@@ -57,7 +60,8 @@ module ResourceAccessTokens
         name: params[:name] || "#{resource.name.to_s.humanize} bot",
         email: generate_email,
         username: generate_username,
-        user_type: "#{resource_type}_bot".to_sym
+        user_type: "#{resource_type}_bot".to_sym,
+        skip_confirmation: true # Bot users should always have their emails confirmed.
       }
     end
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-06-30 15:08:57 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-06-30 15:08:57 +0300
commit	1e254d9f5a46a85c9bb6f24da8265a30fd388db4 (patch)
tree	7f9d414ae2256d96ee3d3ced3305da9507561c0c /app/services
parent	e860bae967a4fa90213ff1980fac0bea8f894366 (diff)