Commit graph

9 commits

Author SHA1 Message Date
Rémy Coutable
f1ace97f8b Backport avatar-related spec changes from gitlab-org/gitlab-ee@4b464eaaee
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-05-04 17:04:36 +02:00
Rémy Coutable
4e3516788f Don't use FFaker in factories, use sequences instead
FFaker can generate data that randomly break our test suite. This
simplifies our factories and use sequences which are more predictive.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-04-03 18:54:48 +02:00
Timothy Andrew
6fdb17cbbe
Don't allow deleting a ghost user.
- Add a `destroy_user` ability. This didn't exist before, and was implicit in
  other abilities (only admins could access the admin area, so only they could
  destroy all users; a user can only access their own account page, and so can
  destroy only themselves).

- Grant this ability to admins, and when the current user is trying to destroy
  themselves. Disallow destroying ghost users in all cases.

- Modify the `Users::DestroyService` to check this ability. Also check it in
  views to decide whether or not to show the "Delete User" button.

- Add a short summary of the Ghost User to the bio.
2017-02-24 16:50:20 +05:30
Timothy Andrew
8e68480976
Use a ghost boolean to track ghost users.
Rather than using a separate `ghost` state. This lets us have the benefits of
both ghost and blocked users (ghost: true, state: blocked) without having to
rewrite a number of queries to include cases for `state: ghost`.
2017-02-24 16:50:20 +05:30
Robert Speicher
191bcb4d1b Don't perform Devise trackable updates on blocked User records 2017-02-10 11:51:14 -05:00
Timothy Andrew
791cc9138b Add a U2fRegistrations table/model.
- To hold registrations from U2F devices, and to authenticate them.
- Previously, `User#two_factor_enabled` was aliased to the
  `otp_required_for_login` column on `users`.
- This commit changes things a bit:
    - `User#two_factor_enabled` is not a method anymore
    - `User#two_factor_enabled?` checks both the
      `otp_required_for_login` column, as well as `U2fRegistration`s
    - Change all instances of `User#two_factor_enabled` to
      `User#two_factor_enabled?`
- Add the `u2f` gem, and implement registration/authentication at the
  model level.
2016-06-06 12:50:31 +05:30
Stan Hu
c7e384aab2 Add spec for deletion of authorized OAuth2 application
Closes #14370

Move gon function into its own helper
2016-04-14 07:24:58 -07:00
Rémy Coutable
1714883107 Revert "Merge branch 'avatar-cropping' into 'master' "
This reverts commit 01160fc061, reversing
changes made to 4bff9daf8b.
2016-03-15 14:55:40 +01:00
Robert Speicher
6df45eb463 Move all factory definitions to their own file 2016-03-04 15:26:51 -05:00