Merge branch...

Merge branch '263106-user-admin-approval-enable-disable-toggle-require_admin_approval_after_user_signup-via-api' into 'master' Resolve "User admin approval - Enable/disable toggle `require_admin_approval_after_user_signup` via API" See merge request gitlab-org/gitlab!46851

Merge branch...
Merge branch '263106-user-admin-approval-enable-disable-toggle-require_admin_approval_after_user_signup-via-api' into 'master' Resolve "User admin approval - Enable/disable toggle `require_admin_approval_after_user_signup` via API" See merge request gitlab-org/gitlab!46851
cec6b374 · Sean McGivern · 1663c71e · 181dfa6a · cec6b374 · cec6b374
Commit cec6b374 authored Nov 06, 2020 by Sean McGivern
4 changed files
--- a/changelogs/unreleased/263106-user-admin-approval-enable-disable-toggle-require_admin_approval_a.yml
+++ b/changelogs/unreleased/263106-user-admin-approval-enable-disable-toggle-require_admin_approval_a.yml
+---
+title: Allow setting the value of 'require_admin_approval_after_user_signup' via Settings
+  API
+merge_request: 46851
+author:
+type: added
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -79,7 +79,8 @@ Example response:
   "snippet_size_limit": 52428800,
   "issues_create_limit": 300,
   "raw_blob_request_limit": 300,
-   "wiki_page_max_content_bytes": 52428800
+   "wiki_page_max_content_bytes": 52428800,
+   "require_admin_approval_after_user_signup": false
 }
 ```

@@ -170,7 +171,8 @@ Example response:
  "snippet_size_limit": 52428800,
  "issues_create_limit": 300,
  "raw_blob_request_limit": 300,
-  "wiki_page_max_content_bytes": 52428800
+  "wiki_page_max_content_bytes": 52428800,
+  "require_admin_approval_after_user_signup": false
 }
 ```

@@ -331,6 +333,7 @@ listed in the descriptions of the relevant settings.
 | `repository_size_limit`                  | integer          | no                                   | **(PREMIUM)** Size limit per repository (MB) |
 | `repository_storages_weighted`           | hash of strings to integers | no                        | (GitLab 13.1 and later) Hash of names of taken from `gitlab.yml` to [weights](../administration/repository_storage_paths.md#choose-where-new-repositories-will-be-stored). New projects are created in one of these stores, chosen by a weighted random selection. |
 | `repository_storages`                    | array of strings | no                                   | (GitLab 13.0 and earlier) List of names of enabled storage paths, taken from `gitlab.yml`. New projects are created in one of these stores, chosen at random. |
+| `require_admin_approval_after_user_signup`      | boolean          | no                                   | When enabled, any user that signs up for an account using the registration form is placed under a **Pending approval** state and has to be explicitly [approved](../user/admin_area/approving_users.md) by an administrator. |
 | `require_two_factor_authentication`      | boolean          | no                                   | (**If enabled, requires:** `two_factor_grace_period`) Require all users to set up Two-factor authentication. |
 | `restricted_visibility_levels`           | array of strings | no                                   | Selected levels cannot be used by non-admin users for groups, projects or snippets. Can take `private`, `internal` and `public` as a parameter. Default is `null` which means there is no restriction. |
 | `rsa_key_restriction`                    | integer          | no                                   | The minimum allowed bit length of an uploaded RSA key. Default is `0` (no restriction). `-1` disables RSA keys. |

--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -159,6 +159,7 @@ module API
      optional :issues_create_limit, type: Integer, desc: "Maximum number of issue creation requests allowed per minute per user. Set to 0 for unlimited requests per minute."
      optional :raw_blob_request_limit, type: Integer, desc: "Maximum number of requests per minute for each raw path. Set to 0 for unlimited requests per minute."
      optional :wiki_page_max_content_bytes, type: Integer, desc: "Maximum wiki page content size in bytes"
+      optional :require_admin_approval_after_user_signup, type: Boolean, desc: 'Require explicit admin approval for new signups'

      ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
        optional :"#{type}_key_restriction",

--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -40,6 +40,7 @@ RSpec.describe API::Settings, 'Settings' do
      expect(json_response['spam_check_endpoint_enabled']).to be_falsey
      expect(json_response['spam_check_endpoint_url']).to be_nil
      expect(json_response['wiki_page_max_content_bytes']).to be_a(Integer)
+      expect(json_response['require_admin_approval_after_user_signup']).to eq(false)
    end
  end

@@ -423,6 +424,14 @@ RSpec.describe API::Settings, 'Settings' do
      expect(json_response['abuse_notification_email']).to eq('test@example.com')
    end

+    it 'supports setting require_admin_approval_after_user_signup' do
+      put api('/application/settings', admin),
+          params: { require_admin_approval_after_user_signup: true }
+
+      expect(response).to have_gitlab_http_status(:ok)
+      expect(json_response['require_admin_approval_after_user_signup']).to eq(true)
+    end
+
    context "missing sourcegraph_url value when sourcegraph_enabled is true" do
      it "returns a blank parameter error message" do
        put api("/application/settings", admin), params: { sourcegraph_enabled: true }