-
Stan Hu authored
When a LDAP user signs in the for the first time and if there is an `Identity` object with `user_id` of `nil`, new users will not be able to be register until that entry is cleared because of the way identities are created: 1. First, the User object is built but not saved, so it has no `id`. 2. Then, `user.identities.build(provider: 'ldapmain')` is called, but it does not have an associated `user_id` as a result. 3. `User#save` is called, but the `Identity` validation fails if an existing entry with `user_id` of `nil` already exists. The uniqueness validation for `nil` values doesn't make any sense in this case. We should be enforcing this at the database level with a foreign key constraint. To work around the issue we can validate against the user instead, which does the right thing even when the user isn't saved yet. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56734
ab4aba70