From 0653e08efd039a5905f3fa4f6e9cef9f5d2f799c Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Mon, 20 Sep 2021 13:18:24 +0000 Subject: Add latest changes from gitlab-org/gitlab@14-3-stable-ee --- app/controllers/profiles/groups_controller.rb | 2 +- app/controllers/profiles/two_factor_auths_controller.rb | 13 +++++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) (limited to 'app/controllers/profiles') diff --git a/app/controllers/profiles/groups_controller.rb b/app/controllers/profiles/groups_controller.rb index 2571e92e071..5962b10c44b 100644 --- a/app/controllers/profiles/groups_controller.rb +++ b/app/controllers/profiles/groups_controller.rb @@ -6,7 +6,7 @@ class Profiles::GroupsController < Profiles::ApplicationController feature_category :users def update - group = find_routable!(Group, params[:id], request.path_info) + group = find_routable!(Group, params[:id], request.fullpath) notification_setting = current_user.notification_settings_for(group) if notification_setting.update(update_params) diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index effd3514c1b..5eb46421583 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -2,6 +2,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController skip_before_action :check_two_factor_requirement + before_action :ensure_verified_primary_email, only: [:show, :create] before_action do push_frontend_feature_flag(:webauthn) end @@ -57,7 +58,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController @codes = user.generate_otp_backup_codes! end - helpers.dismiss_account_recovery_regular_check + helpers.dismiss_two_factor_auth_recovery_settings_check render 'create' else @@ -108,7 +109,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController Users::UpdateService.new(current_user, user: current_user).execute! do |user| @codes = user.generate_otp_backup_codes! - helpers.dismiss_account_recovery_regular_check + helpers.dismiss_two_factor_auth_recovery_settings_check end end @@ -218,4 +219,12 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController s_(%{The group settings for %{group_links} require you to enable Two-Factor Authentication for your account. You can %{leave_group_links}.}) .html_safe % { group_links: group_links.html_safe, leave_group_links: leave_group_links.html_safe } end + + def ensure_verified_primary_email + return unless Feature.enabled?(:ensure_verified_primary_email_for_2fa, default_enabled: :yaml) + + unless current_user.two_factor_enabled? || current_user.primary_email_verified? + redirect_to profile_emails_path, notice: s_('You need to verify your primary email first before enabling Two-Factor Authentication.') + end + end end -- cgit v1.2.3