From 012cbda407a30ab14e57ece581d720b22b47fe5a Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Tue, 12 Oct 2021 15:35:06 +0000 Subject: Add latest changes from gitlab-org/gitlab@14-3-stable-ee --- .../two_factor_auth/components/manage_two_factor_form.vue | 7 ++++++- .../javascripts/authentication/two_factor_auth/index.js | 5 +++++ app/controllers/profiles/two_factor_auths_controller.rb | 8 +++++++- app/models/group.rb | 2 +- app/services/merge_requests/mergeability_check_service.rb | 4 +--- app/views/profiles/two_factor_auths/show.html.haml | 13 +++++++------ 6 files changed, 27 insertions(+), 12 deletions(-) (limited to 'app') diff --git a/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue b/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue index 280c222c380..0b748f18cb2 100644 --- a/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue +++ b/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue @@ -24,6 +24,7 @@ export default { }, inject: [ 'webauthnEnabled', + 'isCurrentPasswordRequired', 'profileTwoFactorAuthPath', 'profileTwoFactorAuthMethod', 'codesProfileTwoFactorAuthPath', @@ -64,7 +65,11 @@ export default { - + { const { webauthnEnabled = false, + currentPasswordRequired, profileTwoFactorAuthPath = '', profileTwoFactorAuthMethod = '', codesProfileTwoFactorAuthPath = '', codesProfileTwoFactorAuthMethod = '', } = el.dataset; + const isCurrentPasswordRequired = parseBoolean(currentPasswordRequired); + return new Vue({ el, provide: { webauthnEnabled, + isCurrentPasswordRequired, profileTwoFactorAuthPath, profileTwoFactorAuthMethod, codesProfileTwoFactorAuthPath, diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index d1b9485f06d..de22a0e47d5 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -3,7 +3,9 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController skip_before_action :check_two_factor_requirement before_action :ensure_verified_primary_email, only: [:show, :create] - before_action :validate_current_password, only: [:create, :codes, :destroy] + before_action :validate_current_password, only: [:create, :codes, :destroy], if: :current_password_required? + + helper_method :current_password_required? before_action do push_frontend_feature_flag(:webauthn) @@ -144,6 +146,10 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController redirect_to profile_two_factor_auth_path, alert: _('You must provide a valid current password') end + def current_password_required? + !current_user.password_automatically_set? + end + def build_qr_code uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host) RQRCode.render_qrcode(uri, :svg, level: :m, unit: 3) diff --git a/app/models/group.rb b/app/models/group.rb index 437c750afa6..a667a908707 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -270,7 +270,7 @@ class Group < Namespace def dependency_proxy_image_prefix # The namespace path can include uppercase letters, which # Docker doesn't allow. The proxy expects it to be downcased. - url = "#{web_url.downcase}#{DependencyProxy::URL_SUFFIX}" + url = "#{Gitlab::Routing.url_helpers.group_url(self).downcase}#{DependencyProxy::URL_SUFFIX}" # Docker images do not include the protocol url.partition('//').last diff --git a/app/services/merge_requests/mergeability_check_service.rb b/app/services/merge_requests/mergeability_check_service.rb index c3498c5ce97..3e294aeaa07 100644 --- a/app/services/merge_requests/mergeability_check_service.rb +++ b/app/services/merge_requests/mergeability_check_service.rb @@ -157,9 +157,7 @@ module MergeRequests def merge_to_ref params = { allow_conflicts: Feature.enabled?(:display_merge_conflicts_in_diff, project) } - result = MergeRequests::MergeToRefService - .new(project: project, current_user: merge_request.author, params: params) - .execute(merge_request, true) + result = MergeRequests::MergeToRefService.new(project: project, current_user: merge_request.author, params: params).execute(merge_request) result[:status] == :success end diff --git a/app/views/profiles/two_factor_auths/show.html.haml b/app/views/profiles/two_factor_auths/show.html.haml index d1d6b6301b8..bd3cb7e60f0 100644 --- a/app/views/profiles/two_factor_auths/show.html.haml +++ b/app/views/profiles/two_factor_auths/show.html.haml @@ -17,7 +17,7 @@ = _("You've already enabled two-factor authentication using one time password authenticators. In order to register a different device, you must first disable two-factor authentication.") %p = _('If you lose your recovery codes you can generate new ones, invalidating all previous codes.') - .js-manage-two-factor-form{ data: { webauthn_enabled: webauthn_enabled, profile_two_factor_auth_path: profile_two_factor_auth_path, profile_two_factor_auth_method: 'delete', codes_profile_two_factor_auth_path: codes_profile_two_factor_auth_path, codes_profile_two_factor_auth_method: 'post' } } + .js-manage-two-factor-form{ data: { webauthn_enabled: webauthn_enabled, current_password_required: current_password_required?.to_s, profile_two_factor_auth_path: profile_two_factor_auth_path, profile_two_factor_auth_method: 'delete', codes_profile_two_factor_auth_path: codes_profile_two_factor_auth_path, codes_profile_two_factor_auth_method: 'post' } } - else %p @@ -47,11 +47,12 @@ .form-group = label_tag :pin_code, _('Pin code'), class: "label-bold" = text_field_tag :pin_code, nil, class: "form-control gl-form-input", required: true, data: { qa_selector: 'pin_code_field' } - .form-group - = label_tag :current_password, _('Current password'), class: 'label-bold' - = password_field_tag :current_password, nil, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' } - %p.form-text.text-muted - = _('Your current password is required to register a two-factor authenticator app.') + - if current_password_required? + .form-group + = label_tag :current_password, _('Current password'), class: 'label-bold' + = password_field_tag :current_password, nil, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' } + %p.form-text.text-muted + = _('Your current password is required to register a two-factor authenticator app.') .gl-mt-3 = submit_tag _('Register with two-factor app'), class: 'gl-button btn btn-confirm', data: { qa_selector: 'register_2fa_app_button' } -- cgit v1.2.3