Add cr remarks

c2725384 · Małgorzata Ksionek · fb43a606 · c2725384 · c2725384 · c2725384
Commit c2725384 authored May 07, 2021 by Małgorzata Ksionek
3 changed files
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -22,6 +22,7 @@ class SessionsController < Devise::SessionsController
  prepend_before_action :check_captcha, only: [:create]
  prepend_before_action :store_redirect_uri, only: [:new]
  prepend_before_action :require_no_authentication_without_flash, only: [:new, :create]
+  prepend_before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? }
  prepend_before_action :ensure_password_authentication_enabled!, if: -> { action_name == 'create' && password_based_login? }

  before_action :auto_sign_in_with_provider, only: [:new]
@@ -313,6 +314,13 @@ class SessionsController < Devise::SessionsController
  def set_invite_params
    @invite_email = ActionController::Base.helpers.sanitize(params[:invite_email])
  end
+
+  def check_forbidden_password_based_login
+    if find_user&.password_based_login_forbidden?
+      flash[:alert] = _('You are not allowed to log in using password')
+      redirect_to new_user_session_path
+    end
+  end
 end

 SessionsController.prepend_mod_with('SessionsController')
--- a/ee/app/controllers/ee/sessions_controller.rb
+++ b/ee/app/controllers/ee/sessions_controller.rb
@@ -7,7 +7,6 @@ module EE

    prepended do
      before_action :gitlab_geo_logout, only: [:destroy]
-      before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? }
    end

    override :new
@@ -70,12 +69,5 @@ module EE

      super
    end
-
-    def check_forbidden_password_based_login
-      if find_user&.password_based_login_forbidden?
-        flash[:alert] = _('You are not allowed to log in using password')
-        redirect_to new_user_session_path
-      end
-    end
  end
 end
--- a/ee/spec/requests/git_http_spec.rb
+++ b/ee/spec/requests/git_http_spec.rb
@@ -158,10 +158,10 @@ RSpec.describe 'Git HTTP requests' do
    let_it_be(:group) { create(:group) }
    let_it_be(:project) { create(:project, :repository, :private, group: group) }
    let_it_be(:user) { create(:user, provisioned_by_group: group) }
+
    let(:env) { { user: user.username, password: user.password } }
    let(:path) { "#{project.full_path}.git" }

-
    before do
      project.add_developer(user)
    end