Merge branch '267118-migrate-delete-user-to-confirm-modal' into 'master'

Migrate user admin deactivate user modal to GlModal

See merge request gitlab-org/gitlab!47949

.rubocop_manual_todo.yml

@@ -228,7 +228,6 @@ Rails/SaveBang:
     - 'spec/features/admin/admin_sees_project_statistics_spec.rb'
     - 'spec/features/admin/admin_sees_projects_statistics_spec.rb'
     - 'spec/features/admin/admin_users_impersonation_tokens_spec.rb'
-    - 'spec/features/admin/admin_users_spec.rb'
     - 'spec/features/boards/sidebar_spec.rb'
     - 'spec/features/calendar_spec.rb'
     - 'spec/features/commits_spec.rb'

app/assets/javascripts/pages/admin/users/components/user_operation_confirmation_modal.vue

-<script>
-/* eslint-disable vue/no-v-html */
-import { GlModal } from '@gitlab/ui';
-import { sprintf } from '~/locale';
-
-export default {
-  components: {
-    GlModal,
-  },
-  props: {
-    title: {
-      type: String,
-      required: true,
-    },
-    content: {
-      type: String,
-      required: true,
-    },
-    action: {
-      type: String,
-      required: true,
-    },
-    url: {
-      type: String,
-      required: true,
-    },
-    username: {
-      type: String,
-      required: true,
-    },
-    csrfToken: {
-      type: String,
-      required: true,
-    },
-    method: {
-      type: String,
-      required: false,
-      default: 'put',
-    },
-  },
-  computed: {
-    modalTitle() {
-      return sprintf(this.title, { username: this.username });
-    },
-  },
-  methods: {
-    show() {
-      this.$refs.modal.show();
-    },
-    submit() {
-      this.$refs.form.submit();
-    },
-  },
-};
-</script>
-<template>
-  <gl-modal
-    ref="modal"
-    modal-id="user-operation-modal"
-    :title="modalTitle"
-    ok-variant="warning"
-    :ok-title="action"
-    @ok="submit"
-  >
-    <form ref="form" :action="url" method="post">
-      <span v-html="content"></span>
-      <input ref="method" type="hidden" name="_method" :value="method" />
-      <input :value="csrfToken" type="hidden" name="authenticity_token" />
-    </form>
-  </gl-modal>
-</template>

app/assets/javascripts/pages/admin/users/index.js

@@ -3,14 +3,12 @@ import Vue from 'vue';
 import Translate from '~/vue_shared/translate';
 import ModalManager from './components/user_modal_manager.vue';
 import DeleteUserModal from './components/delete_user_modal.vue';
-import UserOperationConfirmationModal from './components/user_operation_confirmation_modal.vue';
 import csrf from '~/lib/utils/csrf';
 import initConfirmModal from '~/confirm_modal';
 
 const MODAL_TEXTS_CONTAINER_SELECTOR = '#modal-texts';
 const MODAL_MANAGER_SELECTOR = '#user-modal';
 const ACTION_MODALS = {
-  deactivate: UserOperationConfirmationModal,
   delete: DeleteUserModal,
   'delete-with-contributions': DeleteUserModal,
 };

app/helpers/users_helper.rb

@@ -149,6 +149,35 @@ module UsersHelper
     header + list
   end
 
+  def user_deactivation_data(user, message)
+    {
+      path: deactivate_admin_user_path(user),
+      method: 'put',
+      modal_attributes: {
+        title: s_('AdminUsers|Deactivate user %{username}?') % { username: sanitize_name(user.name) },
+        messageHtml: message,
+        okVariant: 'warning',
+        okTitle: s_('AdminUsers|Deactivate')
+      }.to_json
+    }
+  end
+
+  def user_deactivation_effects
+    header = tag.p s_('AdminUsers|Deactivating a user has the following effects:')
+
+    list = tag.ul do
+      concat tag.li s_('AdminUsers|The user will be logged out')
+      concat tag.li s_('AdminUsers|The user will not be able to access git repositories')
+      concat tag.li s_('AdminUsers|The user will not be able to access the API')
+      concat tag.li s_('AdminUsers|The user will not receive any notifications')
+      concat tag.li s_('AdminUsers|The user will not be able to use slash commands')
+      concat tag.li s_('AdminUsers|When the user logs back in, their account will reactivate as a fully active account')
+      concat tag.li s_('AdminUsers|Personal projects, group and user history will be left intact')
+    end
+
+    header + list
+  end
+
   private
 
   def blocked_user_badge(user)

app/views/admin/users/_modals.html.haml

 #user-modal
 #modal-texts.hidden{ "hidden": true, "aria-hidden": true }
-  %div{ data: { modal: "deactivate",
-    title: s_("AdminUsers|Deactivate User %{username}?"),
-    action: s_("AdminUsers|Deactivate") } }
-    = render partial: 'admin/users/user_deactivation_effects'
-
   %div{ data: { modal: "delete",
     title: s_("AdminUsers|Delete User %{username}?"),
     action: s_('AdminUsers|Delete user'),

app/views/admin/users/_user.html.haml

@@ -47,9 +47,7 @@
                     = s_('AdminUsers|Block')
               - if user.can_be_deactivated?
                 %li
-                  %button.btn.btn-default-tertiary{ data: { 'gl-modal-action': 'deactivate',
-                    url: deactivate_admin_user_path(user),
-                    username: sanitize_name(user.name) } }
+                  %button.btn.btn-default-tertiary.js-confirm-modal-button{ data: user_deactivation_data(user, user_deactivation_effects) }
                     = s_('AdminUsers|Deactivate')
               - elsif user.deactivated?
                 %li

app/views/admin/users/_user_deactivation_effects.html.haml

-%p
-  = s_('AdminUsers|Deactivating a user has the following effects:')
-%ul
-  %li
-    = s_('AdminUsers|The user will be logged out')
-  %li
-    = s_('AdminUsers|The user will not be able to access git repositories')
-  %li
-    = s_('AdminUsers|The user will not be able to access the API')
-  %li
-    = s_('AdminUsers|The user will not receive any notifications')
-  %li
-    = s_('AdminUsers|The user will not be able to use slash commands')
-  %li
-    = s_('AdminUsers|When the user logs back in, their account will reactivate as a fully active account')
-  %li
-    = s_('AdminUsers|Personal projects, group and user history will be left intact')
-  = render_if_exists 'admin/users/user_deactivation_effects_on_seats'

app/views/admin/users/show.html.haml

@@ -164,14 +164,10 @@
             .card-header.bg-warning.text-white
               Deactivate this user
             .card-body
-              = render partial: 'admin/users/user_deactivation_effects'
+              = user_deactivation_effects
               %br
-              %button.btn.gl-button.btn-warning{ data: { 'gl-modal-action': 'deactivate',
-                content: 'You can always re-activate their account, their data will remain intact.',
-                url: deactivate_admin_user_path(@user),
-                username: sanitize_name(@user.name) } }
+              %button.btn.gl-button.btn-warning.js-confirm-modal-button{ data: user_deactivation_data(@user, s_('AdminUsers|You can always re-activate their account, their data will remain intact.')) }
                 = s_('AdminUsers|Deactivate user')
-
       - if @user.blocked?
         - if @user.blocked_pending_approval?
           = render 'admin/users/approve_user', user: @user

locale/gitlab.pot

@@ -2142,10 +2142,10 @@ msgstr ""
 msgid "AdminUsers|Deactivate"
 msgstr ""
 
-msgid "AdminUsers|Deactivate User %{username}?"
+msgid "AdminUsers|Deactivate user"
 msgstr ""
 
-msgid "AdminUsers|Deactivate user"
+msgid "AdminUsers|Deactivate user %{username}?"
 msgstr ""
 
 msgid "AdminUsers|Deactivated"
@@ -2277,6 +2277,9 @@ msgstr ""
 msgid "AdminUsers|You can always block their account again if needed."
 msgstr ""
 
+msgid "AdminUsers|You can always re-activate their account, their data will remain intact."
+msgstr ""
+
 msgid "AdminUsers|You can always unblock their account, their data will remain intact."
 msgstr ""
 

spec/features/admin/users/user_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Admin::Users::User' do
+  let_it_be(:user) { create(:omniauth_user, provider: 'twitter', extern_uid: '123456') }
+  let_it_be(:current_user) { create(:admin, last_activity_on: 5.days.ago) }
+
+  before do
+    sign_in(current_user)
+    gitlab_enable_admin_mode_sign_in(current_user)
+  end
+
+  describe 'GET /admin/users/:id' do
+    it 'has user info', :aggregate_failures do
+      visit admin_users_path
+      click_link user.name
+
+      expect(page).to have_content(user.email)
+      expect(page).to have_content(user.name)
+      expect(page).to have_content("ID: #{user.id}")
+      expect(page).to have_content("Namespace ID: #{user.namespace_id}")
+      expect(page).to have_button('Deactivate user')
+      expect(page).to have_button('Block user')
+      expect(page).to have_button('Delete user')
+      expect(page).to have_button('Delete user and contributions')
+    end
+
+    context 'user pending approval' do
+      it 'shows user info', :aggregate_failures do
+        user = create(:user, :blocked_pending_approval)
+
+        visit admin_users_path
+        click_link 'Pending approval'
+        click_link user.name
+
+        expect(page).to have_content(user.name)
+        expect(page).to have_content('Pending approval')
+        expect(page).to have_link('Approve user')
+        expect(page).to have_button('Block user')
+        expect(page).to have_button('Delete user')
+        expect(page).to have_button('Delete user and contributions')
+      end
+    end
+
+    context 'when blocking/unblocking the user' do
+      it 'shows confirmation and allows blocking and unblocking', :js do
+        visit admin_user_path(user)
+
+        find('button', text: 'Block user').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Block user')
+        expect(page).to have_content('You can always unblock their account, their data will remain intact.')
+
+        find('.modal-footer button', text: 'Block').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Successfully blocked')
+        expect(page).to have_content('This user is blocked')
+
+        find('button', text: 'Unblock user').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Unblock user')
+        expect(page).to have_content('You can always block their account again if needed.')
+
+        find('.modal-footer button', text: 'Unblock').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Successfully unblocked')
+        expect(page).to have_content('Block this user')
+      end
+    end
+
+    context 'when deactivating the user' do
+      it 'shows confirmation and allows blocking', :js do
+        visit admin_user_path(user)
+
+        find('button', text: 'Deactivate user').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Deactivate user')
+        expect(page).to have_content('You can always re-activate their account, their data will remain intact.')
+
+        find('.modal-footer button', text: 'Deactivate').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Successfully deactivated')
+        expect(page).to have_content('Reactivate this user')
+      end
+    end
+
+    describe 'Impersonation' do
+      let_it_be(:another_user) { create(:user) }
+
+      context 'before impersonating' do
+        subject { visit admin_user_path(user_to_visit) }
+
+        let(:user_to_visit) { another_user }
+
+        context 'for other users' do
+          it 'shows impersonate button for other users' do
+            subject
+
+            expect(page).to have_content('Impersonate')
+          end
+        end
+
+        context 'for admin itself' do
+          let(:user_to_visit) { current_user }
+
+          it 'does not show impersonate button for admin itself' do
+            subject
+
+            expect(page).not_to have_content('Impersonate')
+          end
+        end
+
+        context 'for blocked user' do
+          before do
+            another_user.block
+          end
+
+          it 'does not show impersonate button for blocked user' do
+            subject
+
+            expect(page).not_to have_content('Impersonate')
+          end
+        end
+
+        context 'when impersonation is disabled' do
+          before do
+            stub_config_setting(impersonation_enabled: false)
+          end
+
+          it 'does not show impersonate button' do
+            subject
+
+            expect(page).not_to have_content('Impersonate')
+          end
+        end
+      end
+
+      context 'when impersonating' do
+        subject { click_link 'Impersonate' }
+
+        before do
+          visit admin_user_path(another_user)
+        end
+
+        it 'logs in as the user when impersonate is clicked' do
+          subject
+
+          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(another_user.username)
+        end
+
+        it 'sees impersonation log out icon' do
+          subject
+
+          icon = first('[data-testid="incognito-icon"]')
+          expect(icon).not_to be nil
+        end
+
+        context 'a user with an expired password' do
+          before do
+            another_user.update!(password_expires_at: Time.now - 5.minutes)
+          end
+
+          it 'does not redirect to password change page' do
+            subject
+
+            expect(current_path).to eq('/')
+          end
+        end
+      end
+
+      context 'ending impersonation' do
+        subject { find(:css, 'li.impersonation a').click }
+
+        before do
+          visit admin_user_path(another_user)
+          click_link 'Impersonate'
+        end
+
+        it 'logs out of impersonated user back to original user' do
+          subject
+
+          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eq(current_user.username)
+        end
+
+        it 'is redirected back to the impersonated users page in the admin after stopping' do
+          subject
+
+          expect(current_path).to eq("/admin/users/#{another_user.username}")
+        end
+
+        context 'a user with an expired password' do
+          before do
+            another_user.update!(password_expires_at: Time.now - 5.minutes)
+          end
+
+          it 'is redirected back to the impersonated users page in the admin after stopping' do
+            subject
+
+            expect(current_path).to eq("/admin/users/#{another_user.username}")
+          end
+        end
+      end
+    end
+
+    describe 'Two-factor Authentication status' do
+      it 'shows when enabled' do
+        user.update!(otp_required_for_login: true)
+
+        visit admin_user_path(user)
+
+        expect_two_factor_status('Enabled')
+      end
+
+      it 'shows when disabled' do
+        visit admin_user_path(user)
+
+        expect_two_factor_status('Disabled')
+      end
+
+      def expect_two_factor_status(status)
+        page.within('.two-factor-status') do
+          expect(page).to have_content(status)
+        end
+      end
+    end
+
+    describe 'Email verification status' do
+      let!(:secondary_email) do
+        create :email, email: 'secondary@example.com', user: user
+      end
+
+      it 'displays the correct status for an unverified email address', :aggregate_failures do
+        user.update!(confirmed_at: nil, unconfirmed_email: user.email)
+        visit admin_user_path(user)
+
+        expect(page).to have_content("#{user.email} Unverified")
+        expect(page).to have_content("#{secondary_email.email} Unverified")
+      end
+
+      it 'displays the correct status for a verified email address' do
+        visit admin_user_path(user)
+        expect(page).to have_content("#{user.email} Verified")
+
+        secondary_email.confirm
+        expect(secondary_email.confirmed?).to be_truthy
+
+        visit admin_user_path(user)
+        expect(page).to have_content("#{secondary_email.email} Verified")
+      end
+    end
+  end
+
+  describe 'show user attributes' do
+    it 'has expected attributes', :aggregate_failures do
+      visit admin_users_path
+
+      click_link user.name
+
+      expect(page).to have_content 'Account'
+      expect(page).to have_content 'Personal projects limit'
+    end
+  end
+
+  describe 'remove users secondary email', :js do
+    let!(:secondary_email) do
+      create :email, email: 'secondary@example.com', user: user
+    end
+
+    it do
+      visit admin_user_path(user.username)
+
+      expect(page).to have_content("Secondary email: #{secondary_email.email}")
+
+      accept_confirm { find("#remove_email_#{secondary_email.id}").click }
+
+      expect(page).not_to have_content(secondary_email.email)
+    end
+  end
+
+  describe 'show user keys', :js do
+    it do
+      key1 = create(:key, user: user, title: 'ssh-rsa Key1', key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4FIEBXGi4bPU8kzxMefudPIJ08/gNprdNTaO9BR/ndy3+58s2HCTw2xCHcsuBmq+TsAqgEidVq4skpqoTMB+Uot5Uzp9z4764rc48dZiI661izoREoKnuRQSsRqUTHg5wrLzwxlQbl1MVfRWQpqiz/5KjBC7yLEb9AbusjnWBk8wvC1bQPQ1uLAauEA7d836tgaIsym9BrLsMVnR4P1boWD3Xp1B1T/ImJwAGHvRmP/ycIqmKdSpMdJXwxcb40efWVj0Ibbe7ii9eeoLdHACqevUZi6fwfbymdow+FeqlkPoHyGg3Cu4vD/D8+8cRc7mE/zGCWcQ15Var83Tczour Key1')
+      key2 = create(:key, user: user, title: 'ssh-rsa Key2', key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQSTWXhJAX/He+nG78MiRRRn7m0Pb0XbcgTxE0etArgoFoh9WtvDf36HG6tOSg/0UUNcp0dICsNAmhBKdncp6cIyPaXJTURPRAGvhI0/VDk4bi27bRnccGbJ/hDaUxZMLhhrzY0r22mjVf8PF6dvv5QUIQVm1/LeaWYsHHvLgiIjwrXirUZPnFrZw6VLREoBKG8uWvfSXw1L5eapmstqfsME8099oi+vWLR8MgEysZQmD28M73fgW4zek6LDQzKQyJx9nB+hJkKUDvcuziZjGmRFlNgSA2mguERwL1OXonD8WYUrBDGKroIvBT39zS5d9tQDnidEJZ9Y8gv5ViYP7x Key2')
+
+      visit admin_users_path
+
+      click_link user.name
+      click_link 'SSH keys'
+
+      expect(page).to have_content(key1.title)
+      expect(page).to have_content(key2.title)
+
+      click_link key2.title
+
+      expect(page).to have_content(key2.title)
+      expect(page).to have_content(key2.key)
+
+      click_button 'Delete'
+
+      page.within('.modal') do
+        page.click_button('Delete')
+      end
+
+      expect(page).not_to have_content(key2.title)
+    end
+  end
+
+  describe 'show user identities' do
+    it 'shows user identities', :aggregate_failures do
+      visit admin_user_identities_path(user)
+
+      expect(page).to have_content(user.name)
+      expect(page).to have_content('twitter')
+    end
+  end
+
+  describe 'update user identities' do
+    before do
+      allow(Gitlab::Auth::OAuth::Provider).to receive(:providers).and_return([:twitter, :twitter_updated])
+    end
+
+    it 'modifies twitter identity', :aggregate_failures do
+      visit admin_user_identities_path(user)
+
+      find('.table').find(:link, 'Edit').click
+      fill_in 'identity_extern_uid', with: '654321'
+      select 'twitter_updated', from: 'identity_provider'
+      click_button 'Save changes'
+
+      expect(page).to have_content(user.name)
+      expect(page).to have_content('twitter_updated')
+      expect(page).to have_content('654321')
+    end
+  end
+
+  describe 'remove user with identities' do
+    it 'removes user with twitter identity', :aggregate_failures do
+      visit admin_user_identities_path(user)
+
+      click_link 'Delete'
+
+      expect(page).to have_content(user.name)
+      expect(page).not_to have_content('twitter')
+    end
+  end
+end

spec/features/admin/admin_users_spec.rb → spec/features/admin/users/users_spec.rb

@@ -2,21 +2,18 @@
 
 require 'spec_helper'
 
-RSpec.describe "Admin::Users" do
+RSpec.describe 'Admin::Users' do
   include Spec::Support::Helpers::Features::ResponsiveTableHelpers
 
-  let!(:user) do
-    create(:omniauth_user, provider: 'twitter', extern_uid: '123456')
-  end
-
-  let!(:current_user) { create(:admin, last_activity_on: 5.days.ago) }
+  let_it_be(:user, reload: true) { create(:omniauth_user, provider: 'twitter', extern_uid: '123456') }
+  let_it_be(:current_user) { create(:admin, last_activity_on: 5.days.ago) }
 
   before do
     sign_in(current_user)
     gitlab_enable_admin_mode_sign_in(current_user)
   end
 
-  describe "GET /admin/users" do
+  describe 'GET /admin/users' do
     before do
       visit admin_users_path
     end
@@ -28,8 +25,8 @@ RSpec.describe "Admin::Users" do
     it "has users list" do
       expect(page).to have_content(current_user.email)
       expect(page).to have_content(current_user.name)
-      expect(page).to have_content(current_user.created_at.strftime("%e %b, %Y"))
-      expect(page).to have_content(current_user.last_activity_on.strftime("%e %b, %Y"))
+      expect(page).to have_content(current_user.created_at.strftime('%e %b, %Y'))
+      expect(page).to have_content(current_user.last_activity_on.strftime('%e %b, %Y'))
       expect(page).to have_content(user.email)
       expect(page).to have_content(user.name)
       expect(page).to have_content('Projects')
@@ -39,7 +36,7 @@ RSpec.describe "Admin::Users" do
       expect(page).to have_button('Delete user and contributions')
     end
 
-    describe "view extra user information" do
+    describe 'view extra user information' do
       it 'shows the user popover on hover', :js, quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/11290' do
         expect(page).not_to have_selector('#__BV_popover_1__')
 
@@ -87,7 +84,7 @@ RSpec.describe "Admin::Users" do
     end
 
     describe 'search and sort' do
-      before do
+      before_all do
         create(:user, name: 'Foo Bar', last_activity_on: 3.days.ago)
         create(:user, name: 'Foo Baz', last_activity_on: 2.days.ago)
         create(:user, name: 'Dmitriy')
@@ -255,24 +252,50 @@ RSpec.describe "Admin::Users" do
         expect(page).not_to have_content(user.email)
       end
     end
+
+    context 'when deactivating a user' do
+      it 'shows confirmation and allows deactivating', :js do
+        expect(page).to have_content(user.email)
+
+        find("[data-testid='user-action-button-#{user.id}']").click
+
+        within find("[data-testid='user-action-dropdown-#{user.id}']") do
+          find('li button', text: 'Deactivate').click
+        end
+
+        wait_for_requests
+
+        expect(page).to have_content('Deactivate user')
+        expect(page).to have_content('Deactivating a user has the following effects')
+        expect(page).to have_content('The user will be logged out')
+        expect(page).to have_content('Personal projects, group and user history will be left intact')
+
+        find('.modal-footer button', text: 'Deactivate').click
+
+        wait_for_requests
+
+        expect(page).to have_content('Successfully deactivated')
+        expect(page).not_to have_content(user.email)
+      end
+    end
   end
 
-  describe "GET /admin/users/new" do
+  describe 'GET /admin/users/new' do
     let(:user_username) { 'bang' }
 
     before do
       visit new_admin_user_path
-      fill_in "user_name", with: "Big Bang"
-      fill_in "user_username", with: user_username
-      fill_in "user_email", with: "bigbang@mail.com"
+      fill_in 'user_name', with: 'Big Bang'
+      fill_in 'user_username', with: user_username
+      fill_in 'user_email', with: 'bigbang@mail.com'
     end
 
-    it "creates new user" do
-      expect { click_button "Create user" }.to change {User.count}.by(1)
+    it 'creates new user' do
+      expect { click_button 'Create user' }.to change {User.count}.by(1)
     end
 
-    it "applies defaults to user" do
-      click_button "Create user"
+    it 'applies defaults to user' do
+      click_button 'Create user'
       user = User.find_by(username: 'bang')
       expect(user.projects_limit)
         .to eq(Gitlab.config.gitlab.default_projects_limit)
@@ -280,24 +303,24 @@ RSpec.describe "Admin::Users" do
         .to eq(Gitlab.config.gitlab.default_can_create_group)
     end
 
-    it "creates user with valid data" do
-      click_button "Create user"
+    it 'creates user with valid data' do
+      click_button 'Create user'
       user = User.find_by(username: 'bang')
       expect(user.name).to eq('Big Bang')
       expect(user.email).to eq('bigbang@mail.com')
     end
 
-    it "calls send mail" do
+    it 'calls send mail' do
       expect_next_instance_of(NotificationService) do |instance|
         expect(instance).to receive(:new_user)
       end
 
-      click_button "Create user"
+      click_button 'Create user'
     end
 
-    it "sends valid email to user with email & password" do
+    it 'sends valid email to user with email & password' do
       perform_enqueued_jobs do
-        click_button "Create user"
+        click_button 'Create user'
       end
 
       user = User.find_by(username: 'bang')
@@ -311,7 +334,7 @@ RSpec.describe "Admin::Users" do
       let(:user_username) { 'Bing bang' }
 
       it "doesn't create the user and shows an error message" do
-        expect { click_button "Create user" }.to change {User.count}.by(0)
+        expect { click_button 'Create user' }.to change {User.count}.by(0)
 
         expect(page).to have_content('The form contains the following error')
         expect(page).to have_content('Username can contain only letters, digits')
@@ -381,266 +404,33 @@ RSpec.describe "Admin::Users" do
     end
   end
 
-  describe "GET /admin/users/:id" do
-    it "has user info" do
-      visit admin_users_path
-      click_link user.name
-
-      expect(page).to have_content(user.email)
-      expect(page).to have_content(user.name)
-      expect(page).to have_content("ID: #{user.id}")
-      expect(page).to have_content("Namespace ID: #{user.namespace_id}")
-      expect(page).to have_button('Deactivate user')
-      expect(page).to have_button('Block user')
-      expect(page).to have_button('Delete user')
-      expect(page).to have_button('Delete user and contributions')
-    end
-
-    context 'user pending approval' do
-      it 'shows user info' do
-        user = create(:user, :blocked_pending_approval)
-
-        visit admin_users_path
-        click_link 'Pending approval'
-        click_link user.name
-
-        expect(page).to have_content(user.name)
-        expect(page).to have_content('Pending approval')
-        expect(page).to have_link('Approve user')
-        expect(page).to have_button('Block user')
-        expect(page).to have_button('Delete user')
-        expect(page).to have_button('Delete user and contributions')
-      end
-    end
-
-    context 'when blocking/unblocking the user' do
-      it 'shows confirmation and allows blocking and unblocking', :js do
-        visit admin_user_path(user)
-
-        find('button', text: 'Block user').click
-
-        wait_for_requests
-
-        expect(page).to have_content('Block user')
-        expect(page).to have_content('You can always unblock their account, their data will remain intact.')
-
-        find('.modal-footer button', text: 'Block').click
-
-        wait_for_requests
-
-        expect(page).to have_content('Successfully blocked')
-        expect(page).to have_content('This user is blocked')
-
-        find('button', text: 'Unblock user').click
-
-        wait_for_requests
-
-        expect(page).to have_content('Unblock user')
-        expect(page).to have_content('You can always block their account again if needed.')
-
-        find('.modal-footer button', text: 'Unblock').click
-
-        wait_for_requests
-
-        expect(page).to have_content('Successfully unblocked')
-        expect(page).to have_content('Block this user')
-      end
-    end
-
-    describe 'Impersonation' do
-      let(:another_user) { create(:user) }
-
-      context 'before impersonating' do
-        subject { visit admin_user_path(user_to_visit) }
-
-        let(:user_to_visit) { another_user }
-
-        context 'for other users' do
-          it 'shows impersonate button for other users' do
-            subject
-
-            expect(page).to have_content('Impersonate')
-          end
-        end
-
-        context 'for admin itself' do
-          let(:user_to_visit) { current_user }
-
-          it 'does not show impersonate button for admin itself' do
-            subject
-
-            expect(page).not_to have_content('Impersonate')
-          end
-        end
-
-        context 'for blocked user' do
-          before do
-            another_user.block
-          end
-
-          it 'does not show impersonate button for blocked user' do
-            subject
-
-            expect(page).not_to have_content('Impersonate')
-          end
-        end
-
-        context 'when impersonation is disabled' do
-          before do
-            stub_config_setting(impersonation_enabled: false)
-          end
-
-          it 'does not show impersonate button' do
-            subject
-
-            expect(page).not_to have_content('Impersonate')
-          end
-        end
-      end
-
-      context 'when impersonating' do
-        subject { click_link 'Impersonate' }
-
-        before do
-          visit admin_user_path(another_user)
-        end
-
-        it 'logs in as the user when impersonate is clicked' do
-          subject
-
-          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eql(another_user.username)
-        end
-
-        it 'sees impersonation log out icon' do
-          subject
-
-          icon = first('[data-testid="incognito-icon"]')
-          expect(icon).not_to be nil
-        end
-
-        context 'a user with an expired password' do
-          before do
-            another_user.update(password_expires_at: Time.now - 5.minutes)
-          end
-
-          it 'does not redirect to password change page' do
-            subject
-
-            expect(current_path).to eq('/')
-          end
-        end
-      end
-
-      context 'ending impersonation' do
-        subject { find(:css, 'li.impersonation a').click }
-
-        before do
-          visit admin_user_path(another_user)
-          click_link 'Impersonate'
-        end
-
-        it 'logs out of impersonated user back to original user' do
-          subject
-
-          expect(page.find(:css, '.header-user .profile-link')['data-user']).to eq(current_user.username)
-        end
-
-        it 'is redirected back to the impersonated users page in the admin after stopping' do
-          subject
-
-          expect(current_path).to eq("/admin/users/#{another_user.username}")
-        end
-
-        context 'a user with an expired password' do
-          before do
-            another_user.update(password_expires_at: Time.now - 5.minutes)
-          end
-
-          it 'is redirected back to the impersonated users page in the admin after stopping' do
-            subject
-
-            expect(current_path).to eq("/admin/users/#{another_user.username}")
-          end
-        end
-      end
-    end
-
-    describe 'Two-factor Authentication status' do
-      it 'shows when enabled' do
-        user.update_attribute(:otp_required_for_login, true)
-
-        visit admin_user_path(user)
-
-        expect_two_factor_status('Enabled')
-      end
-
-      it 'shows when disabled' do
-        visit admin_user_path(user)
-
-        expect_two_factor_status('Disabled')
-      end
-
-      def expect_two_factor_status(status)
-        page.within('.two-factor-status') do
-          expect(page).to have_content(status)
-        end
-      end
-    end
-
-    describe 'Email verification status' do
-      let!(:secondary_email) do
-        create :email, email: 'secondary@example.com', user: user
-      end
-
-      it 'displays the correct status for an unverified email address' do
-        user.update(confirmed_at: nil, unconfirmed_email: user.email)
-        visit admin_user_path(user)
-
-        expect(page).to have_content("#{user.email} Unverified")
-
-        expect(page).to have_content("#{secondary_email.email} Unverified")
-      end
-
-      it 'displays the correct status for a verified email address' do
-        visit admin_user_path(user)
-        expect(page).to have_content("#{user.email} Verified")
-
-        secondary_email.confirm
-        expect(secondary_email.confirmed?).to be_truthy
-
-        visit admin_user_path(user)
-        expect(page).to have_content("#{secondary_email.email} Verified")
-      end
-    end
-  end
-
-  describe "GET /admin/users/:id/edit" do
+  describe 'GET /admin/users/:id/edit' do
     before do
       visit admin_users_path
       click_link "edit_user_#{user.id}"
     end
 
-    it "has user edit page" do
+    it 'has user edit page' do
       expect(page).to have_content('Name')
       expect(page).to have_content('Password')
     end
 
-    describe "Update user" do
+    describe 'Update user' do
       before do
-        fill_in "user_name", with: "Big Bang"
-        fill_in "user_email", with: "bigbang@mail.com"
-        fill_in "user_password", with: "AValidPassword1"
-        fill_in "user_password_confirmation", with: "AValidPassword1"
-        choose "user_access_level_admin"
-        click_button "Save changes"
+        fill_in 'user_name', with: 'Big Bang'
+        fill_in 'user_email', with: 'bigbang@mail.com'
+        fill_in 'user_password', with: 'AValidPassword1'
+        fill_in 'user_password_confirmation', with: 'AValidPassword1'
+        choose 'user_access_level_admin'
+        click_button 'Save changes'
       end
 
-      it "shows page with new data" do
+      it 'shows page with new data' do
         expect(page).to have_content('bigbang@mail.com')
         expect(page).to have_content('Big Bang')
       end
 
-      it "changes user entry" do
+      it 'changes user entry' do
         user.reload
         expect(user.name).to eq('Big Bang')
         expect(user.admin?).to be_truthy
@@ -662,9 +452,9 @@ RSpec.describe "Admin::Users" do
     end
   end
 
-  describe "GET /admin/users/:id/projects" do
-    let(:group) { create(:group) }
-    let!(:project) { create(:project, group: group) }
+  describe 'GET /admin/users/:id/projects' do
+    let_it_be(:group) { create(:group) }
+    let_it_be(:project) { create(:project, group: group) }
 
     before do
       group.add_developer(user)
@@ -672,7 +462,7 @@ RSpec.describe "Admin::Users" do
       visit projects_admin_user_path(user)
     end
 
-    it "lists group projects" do
+    it 'lists group projects' do
       within(:css, '.gl-mb-3 + .card') do
         expect(page).to have_content 'Group projects'
         expect(page).to have_link group.name, href: admin_group_path(group)
@@ -729,112 +519,13 @@ RSpec.describe "Admin::Users" do
 
       visit new_admin_user_identity_path(user)
 
-      check_breadcrumb("New Identity")
-
-      visit admin_user_identities_path(user)
-
-      find('.table').find(:link, 'Edit').click
-
-      check_breadcrumb("Edit Identity")
-    end
-  end
-
-  describe 'show user attributes' do
-    it do
-      visit admin_users_path
-
-      click_link user.name
-
-      expect(page).to have_content 'Account'
-      expect(page).to have_content 'Personal projects limit'
-    end
-  end
-
-  describe 'remove users secondary email', :js do
-    let!(:secondary_email) do
-      create :email, email: 'secondary@example.com', user: user
-    end
-
-    it do
-      visit admin_user_path(user.username)
-
-      expect(page).to have_content("Secondary email: #{secondary_email.email}")
-
-      accept_confirm { find("#remove_email_#{secondary_email.id}").click }
-
-      expect(page).not_to have_content(secondary_email.email)
-    end
-  end
-
-  describe 'show user keys', :js do
-    let!(:key1) do
-      create(:key, user: user, title: "ssh-rsa Key1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4FIEBXGi4bPU8kzxMefudPIJ08/gNprdNTaO9BR/ndy3+58s2HCTw2xCHcsuBmq+TsAqgEidVq4skpqoTMB+Uot5Uzp9z4764rc48dZiI661izoREoKnuRQSsRqUTHg5wrLzwxlQbl1MVfRWQpqiz/5KjBC7yLEb9AbusjnWBk8wvC1bQPQ1uLAauEA7d836tgaIsym9BrLsMVnR4P1boWD3Xp1B1T/ImJwAGHvRmP/ycIqmKdSpMdJXwxcb40efWVj0Ibbe7ii9eeoLdHACqevUZi6fwfbymdow+FeqlkPoHyGg3Cu4vD/D8+8cRc7mE/zGCWcQ15Var83Tczour Key1")
-    end
-
-    let!(:key2) do
-      create(:key, user: user, title: "ssh-rsa Key2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQSTWXhJAX/He+nG78MiRRRn7m0Pb0XbcgTxE0etArgoFoh9WtvDf36HG6tOSg/0UUNcp0dICsNAmhBKdncp6cIyPaXJTURPRAGvhI0/VDk4bi27bRnccGbJ/hDaUxZMLhhrzY0r22mjVf8PF6dvv5QUIQVm1/LeaWYsHHvLgiIjwrXirUZPnFrZw6VLREoBKG8uWvfSXw1L5eapmstqfsME8099oi+vWLR8MgEysZQmD28M73fgW4zek6LDQzKQyJx9nB+hJkKUDvcuziZjGmRFlNgSA2mguERwL1OXonD8WYUrBDGKroIvBT39zS5d9tQDnidEJZ9Y8gv5ViYP7x Key2")
-    end
-
-    it do
-      visit admin_users_path
-
-      click_link user.name
-      click_link 'SSH keys'
-
-      expect(page).to have_content(key1.title)
-      expect(page).to have_content(key2.title)
-
-      click_link key2.title
+      check_breadcrumb('New Identity')
 
-      expect(page).to have_content(key2.title)
-      expect(page).to have_content(key2.key)
-
-      click_button 'Delete'
-
-      page.within('.modal') do
-        page.click_button('Delete')
-      end
-
-      expect(page).not_to have_content(key2.title)
-    end
-  end
-
-  describe 'show user identities' do
-    it 'shows user identities' do
-      visit admin_user_identities_path(user)
-
-      expect(page).to have_content(user.name)
-      expect(page).to have_content('twitter')
-    end
-  end
-
-  describe 'update user identities' do
-    before do
-      allow(Gitlab::Auth::OAuth::Provider).to receive(:providers).and_return([:twitter, :twitter_updated])
-    end
-
-    it 'modifies twitter identity' do
       visit admin_user_identities_path(user)
 
       find('.table').find(:link, 'Edit').click
-      fill_in 'identity_extern_uid', with: '654321'
-      select 'twitter_updated', from: 'identity_provider'
-      click_button 'Save changes'
-
-      expect(page).to have_content(user.name)
-      expect(page).to have_content('twitter_updated')
-      expect(page).to have_content('654321')
-    end
-  end
-
-  describe 'remove user with identities' do
-    it 'removes user with twitter identity' do
-      visit admin_user_identities_path(user)
-
-      click_link 'Delete'
 
-      expect(page).to have_content(user.name)
-      expect(page).not_to have_content('twitter')
+      check_breadcrumb('Edit Identity')
     end
   end
 

spec/frontend/pages/admin/users/components/__snapshots__/user_operation_confirmation_modal_spec.js.snap

-// Jest Snapshot v1, https://goo.gl/fbAQLP
-
-exports[`User Operation confirmation modal renders modal with form included 1`] = `
-<gl-modal-stub
-  modalclass=""
-  modalid="user-operation-modal"
-  ok-title="action"
-  ok-variant="warning"
-  size="md"
-  title="title"
-  titletag="h4"
->
-  <form
-    action="/url"
-    method="post"
-  >
-    <span>
-      content
-    </span>
-     
-    <input
-      name="_method"
-      type="hidden"
-      value="method"
-    />
-     
-    <input
-      name="authenticity_token"
-      type="hidden"
-      value="csrf"
-    />
-  </form>
-</gl-modal-stub>
-`;

spec/frontend/pages/admin/users/components/user_operation_confirmation_modal_spec.js

-import { shallowMount } from '@vue/test-utils';
-import { GlModal } from '@gitlab/ui';
-import UserOperationConfirmationModal from '~/pages/admin/users/components/user_operation_confirmation_modal.vue';
-
-describe('User Operation confirmation modal', () => {
-  let wrapper;
-
-  const createComponent = (props = {}) => {
-    wrapper = shallowMount(UserOperationConfirmationModal, {
-      propsData: {
-        title: 'title',
-        content: 'content',
-        action: 'action',
-        url: '/url',
-        username: 'username',
-        csrfToken: 'csrf',
-        method: 'method',
-        ...props,
-      },
-    });
-  };
-
-  afterEach(() => {
-    wrapper.destroy();
-    wrapper = null;
-  });
-
-  it('renders modal with form included', () => {
-    createComponent();
-    expect(wrapper.element).toMatchSnapshot();
-  });
-
-  it('closing modal with ok button triggers form submit', () => {
-    createComponent();
-    const form = wrapper.find('form');
-    jest.spyOn(form.element, 'submit').mockReturnValue();
-    wrapper.find(GlModal).vm.$emit('ok');
-    return wrapper.vm.$nextTick().then(() => {
-      expect(form.element.submit).toHaveBeenCalled();
-      expect(form.element.action).toContain(wrapper.props('url'));
-      expect(new FormData(form.element).get('authenticity_token')).toEqual(
-        wrapper.props('csrfToken'),
-      );
-    });
-  });
-});