Add latest changes from gitlab-org/gitlab@master

9 files changed, 97 insertions, 28 deletions

diff --git a/app/assets/stylesheets/pages/experimental_separate_sign_up.scss b/app/assets/stylesheets/pages/experimental_separate_sign_up.scss
index 53dfdd10788..5a80ea79600 100644
--- a/app/assets/stylesheets/pages/experimental_separate_sign_up.scss
+++ b/app/assets/stylesheets/pages/experimental_separate_sign_up.scss
@@ -23,7 +23,7 @@
 
   .signup-heading h2 {
     font-weight: $gl-font-weight-bold;
-    padding: 0 10px;
+    padding: 0 $gl-padding;
 
     @include media-breakpoint-down(md) {
       font-size: $gl-font-size-large;
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7329753ac54..c85b192b34a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -17,7 +17,7 @@ class ApplicationController < ActionController::Base
   include Gitlab::Tracking::ControllerConcern
   include Gitlab::Experimentation::ControllerConcern
 
-  before_action :authenticate_user!
+  before_action :authenticate_user!, except: [:route_not_found]
   before_action :enforce_terms!, if: :should_enforce_terms?
   before_action :validate_user_service_ticket!
   before_action :check_password_expiration
@@ -30,7 +30,7 @@ class ApplicationController < ActionController::Base
   before_action :active_user_check, unless: :devise_controller?
   before_action :set_usage_stats_consent_flag
   before_action :check_impersonation_availability
-  before_action :require_role
+  before_action :required_signup_info
 
   around_action :set_locale
   around_action :set_session_storage
@@ -95,11 +95,13 @@ class ApplicationController < ActionController::Base
   end
 
   def route_not_found
-    # We need to call #authenticate_user! here because sometimes this is called from another action
-    # and not from our wildcard fallback route
-    authenticate_user!
+    if current_user
+      not_found
+    else
+      store_location_for(:user, request.fullpath) unless request.xhr?
 
-    not_found
+      redirect_to new_user_session_path, alert: I18n.t('devise.failure.unauthenticated')
+    end
   end
 
   def render(*args)
@@ -536,10 +538,13 @@ class ApplicationController < ActionController::Base
     @current_user_mode ||= Gitlab::Auth::CurrentUserMode.new(current_user)
   end
 
-  # A user requires a role when they are part of the experimental signup flow (executed by the Growth team). Users
-  # are redirected to the welcome page when their role is required and the experiment is enabled for the current user.
-  def require_role
-    return unless current_user && current_user.role_required? && experiment_enabled?(:signup_flow)
+  # A user requires a role and have the setup_for_company attribute set when they are part of the experimental signup
+  # flow (executed by the Growth team). Users are redirected to the welcome page when their role is required and the
+  # experiment is enabled for the current user.
+  def required_signup_info
+    return unless current_user
+    return unless current_user.role_required?
+    return unless experiment_enabled?(:signup_flow)
 
     store_location_for :user, request.fullpath
 
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index e55156c619b..84011e7643d 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -8,7 +8,7 @@ class RegistrationsController < Devise::RegistrationsController
 
   layout :choose_layout
 
-  skip_before_action :require_role, only: [:welcome, :update_role]
+  skip_before_action :required_signup_info, only: [:welcome, :update_registration]
   prepend_before_action :check_captcha, only: :create
   before_action :whitelist_query_limiting, only: [:destroy]
   before_action :ensure_terms_accepted,
@@ -53,22 +53,22 @@ class RegistrationsController < Devise::RegistrationsController
 
   def welcome
     return redirect_to new_user_registration_path unless current_user
-    return redirect_to stored_location_or_dashboard_or_almost_there_path(current_user) if current_user.role.present?
+    return redirect_to stored_location_or_dashboard_or_almost_there_path(current_user) if current_user.role.present? && !current_user.setup_for_company.nil?
 
-    current_user.name = nil
+    current_user.name = nil if current_user.name == current_user.username
     render layout: 'devise_experimental_separate_sign_up_flow'
   end
 
-  def update_role
-    user_params = params.require(:user).permit(:name, :role)
-    result = ::Users::UpdateService.new(current_user, user_params.merge(user: current_user)).execute
+  def update_registration
+    user_params = params.require(:user).permit(:name, :role, :setup_for_company)
+    result = ::Users::SignupService.new(current_user, user_params).execute
 
     if result[:status] == :success
       track_experiment_event(:signup_flow, 'end') # We want this event to be tracked when the user is _in_ the experimental group
       set_flash_message! :notice, :signed_up
       redirect_to stored_location_or_dashboard_or_almost_there_path(current_user)
     else
-      redirect_to users_sign_up_welcome_path, alert: result[:message]
+      render :welcome, layout: 'devise_experimental_separate_sign_up_flow'
     end
   end
 
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 0005206970b..dfddd32d7df 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -385,6 +385,9 @@ class IssuableFinder
   end
 
   def count_key(value)
+    # value may be an array if the finder used in `count_by_state` added an
+    # additional `group by`. Anyway we are sure that state will be always the
+    # last item because it's added as the last one to the query.
     value = Array(value).last
     klass.available_states.key(value)
   end
diff --git a/app/models/lfs_object.rb b/app/models/lfs_object.rb
index 535c3cf2ba1..48c971194c6 100644
--- a/app/models/lfs_object.rb
+++ b/app/models/lfs_object.rb
@@ -18,6 +18,11 @@ class LfsObject < ApplicationRecord
 
   after_save :update_file_store, if: :saved_change_to_file?
 
+  def self.not_linked_to_project(project)
+    where('NOT EXISTS (?)',
+          project.lfs_objects_projects.select(1).where('lfs_objects_projects.lfs_object_id = lfs_objects.id'))
+  end
+
   def update_file_store
     # The file.object_store is set during `uploader.store!`
     # which happens after object is inserted/updated
diff --git a/app/models/user.rb b/app/models/user.rb
index 07cd8431d1a..f704589ad80 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -240,6 +240,7 @@ class User < ApplicationRecord
   delegate :time_display_relative, :time_display_relative=, to: :user_preference
   delegate :time_format_in_24h, :time_format_in_24h=, to: :user_preference
   delegate :show_whitespace_in_diffs, :show_whitespace_in_diffs=, to: :user_preference
+  delegate :setup_for_company, :setup_for_company=, to: :user_preference
 
   accepts_nested_attributes_for :user_preference, update_only: true
 
diff --git a/app/services/projects/lfs_pointers/lfs_link_service.rb b/app/services/projects/lfs_pointers/lfs_link_service.rb
index 38de2af9c1e..a05c76f5e85 100644
--- a/app/services/projects/lfs_pointers/lfs_link_service.rb
+++ b/app/services/projects/lfs_pointers/lfs_link_service.rb
@@ -4,6 +4,9 @@
 module Projects
   module LfsPointers
     class LfsLinkService < BaseService
+      TooManyOidsError = Class.new(StandardError)
+
+      MAX_OIDS = 100_000
       BATCH_SIZE = 1000
 
       # Accept an array of oids to link
@@ -12,6 +15,10 @@ module Projects
       def execute(oids)
         return [] unless project&.lfs_enabled?
 
+        if oids.size > MAX_OIDS
+          raise TooManyOidsError, 'Too many LFS object ids to link, please push them manually'
+        end
+
         # Search and link existing LFS Object
         link_existing_lfs_objects(oids)
       end
@@ -20,22 +27,27 @@ module Projects
 
       # rubocop: disable CodeReuse/ActiveRecord
       def link_existing_lfs_objects(oids)
-        all_existing_objects = []
+        linked_existing_objects = []
         iterations = 0
 
-        LfsObject.where(oid: oids).each_batch(of: BATCH_SIZE) do |existent_lfs_objects|
+        oids.each_slice(BATCH_SIZE) do |oids_batch|
+          # Load all existing LFS Objects immediately so we don't issue an extra
+          # query for the `.any?`
+          existent_lfs_objects = LfsObject.where(oid: oids_batch).load
           next unless existent_lfs_objects.any?
 
+          rows = existent_lfs_objects
+                   .not_linked_to_project(project)
+                   .map { |existing_lfs_object| { project_id: project.id, lfs_object_id: existing_lfs_object.id } }
+          Gitlab::Database.bulk_insert(:lfs_objects_projects, rows)
           iterations += 1
-          not_linked_lfs_objects = existent_lfs_objects.where.not(id: project.all_lfs_objects)
-          project.all_lfs_objects << not_linked_lfs_objects
 
-          all_existing_objects += existent_lfs_objects.pluck(:oid)
+          linked_existing_objects += existent_lfs_objects.map(&:oid)
         end
 
-        log_lfs_link_results(all_existing_objects.count, iterations)
+        log_lfs_link_results(linked_existing_objects.count, iterations)
 
-        all_existing_objects
+        linked_existing_objects
       end
       # rubocop: enable CodeReuse/ActiveRecord
 
diff --git a/app/services/users/signup_service.rb b/app/services/users/signup_service.rb
new file mode 100644
index 00000000000..1031cec44cb
--- /dev/null
+++ b/app/services/users/signup_service.rb
@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Users
+  class SignupService < BaseService
+    def initialize(current_user, params = {})
+      @user = current_user
+      @params = params.dup
+    end
+
+    def execute
+      assign_attributes
+      inject_validators
+
+      if @user.save
+        success
+      else
+        error(@user.errors.full_messages.join('. '))
+      end
+    end
+
+    private
+
+    def assign_attributes
+      @user.assign_attributes(params) unless params.empty?
+    end
+
+    def inject_validators
+      class << @user
+        validates :role, presence: true
+        validates :setup_for_company, inclusion: { in: [true, false], message: :blank }
+      end
+    end
+  end
+end
diff --git a/app/views/registrations/welcome.html.haml b/app/views/registrations/welcome.html.haml
index 76c4a935584..7b92f5070df 100644
--- a/app/views/registrations/welcome.html.haml
+++ b/app/views/registrations/welcome.html.haml
@@ -1,10 +1,10 @@
-- content_for(:page_title, _('Welcome to GitLab %{username}!') % { username: current_user.username })
+- content_for(:page_title, _('Welcome to GitLab @%{username}!') % { username: current_user.username })
 - max_name_length = 128
 .text-center.mb-3
-  = _('In order to tailor your experience with GitLab<br>we would like to know a bit more about you.').html_safe
+  = _('In order to tailor your experience with GitLab we<br>would like to know a bit more about you.').html_safe
 .signup-box.p-3.mb-2
   .signup-body
-    = form_for(current_user, url: users_sign_up_update_role_path, html: { class: 'new_new_user gl-show-field-errors', 'aria-live' => 'assertive' }) do |f|
+    = form_for(current_user, url: users_sign_up_update_registration_path, html: { class: 'new_new_user gl-show-field-errors', 'aria-live' => 'assertive' }) do |f|
       .devise-errors.mt-0
         = render 'devise/shared/error_messages', resource: current_user
       .name.form-group
@@ -13,5 +13,14 @@
       .form-group
         = f.label :role, _('Role'), class: 'label-bold'
         = f.select :role, ::User.roles.keys.map { |role| [role.titleize, role] }, {}, class: 'form-control'
+      .form-group
+        = f.label :setup_for_company, _('Are you setting up GitLab for a company?'), class: 'label-bold'
+        .d-flex.justify-content-center
+          .w-25
+            = f.radio_button :setup_for_company, true
+            = f.label :setup_for_company, _('Yes'), value: 'true'
+          .w-25
+            = f.radio_button :setup_for_company, false
+            = f.label :setup_for_company, _('No'), value: 'false'
       .submit-container.mt-3
         = f.submit _('Get started!'), class: 'btn-register btn btn-block mb-0 p-2'