Merge branch 'fix-actioncable-empty-session-cookie' into 'master'

Fix exception when session cookie is not present

See merge request gitlab-org/gitlab!44113

app/channels/application_cable/connection.rb

@@ -15,12 +15,14 @@ module ApplicationCable
     private
 
     def find_user_from_session_store
-      session = ActiveSession.sessions_from_ids([session_id.private_id]).first
+      session = ActiveSession.sessions_from_ids(Array.wrap(session_id)).first
       Warden::SessionSerializer.new('rack.session' => session).fetch(:user)
     end
 
     def session_id
-      Rack::Session::SessionId.new(cookies[Gitlab::Application.config.session_options[:key]])
+      session_cookie = cookies[Gitlab::Application.config.session_options[:key]]
+
+      Rack::Session::SessionId.new(session_cookie).private_id if session_cookie.present?
     end
 
     def notification_payload(_)

spec/channels/application_cable/connection_spec.rb

@@ -5,6 +5,7 @@ require 'spec_helper'
 RSpec.describe ApplicationCable::Connection, :clean_gitlab_redis_shared_state do
   let(:session_id) { Rack::Session::SessionId.new('6919a6f1bb119dd7396fadc38fd18d0d') }
 
+  context 'when session cookie is set' do
     before do
       Gitlab::Redis::SharedState.with do |redis|
         redis.set("session:gitlab:#{session_id.private_id}", Marshal.dump(session_hash))
@@ -41,6 +42,25 @@ RSpec.describe ApplicationCable::Connection, :clean_gitlab_redis_shared_state do
       it 'sets current_user to nil' do
         connect
 
+        expect(connection.current_user).to be_nil
+      end
+    end
+  end
+
+  context 'when session cookie is not set' do
+    it 'sets current_user to nil' do
+      connect
+
+      expect(connection.current_user).to be_nil
+    end
+  end
+
+  context 'when session cookie is an empty string' do
+    it 'sets current_user to nil' do
+      cookies[Gitlab::Application.config.session_options[:key]] = ''
+
+      connect
+
       expect(connection.current_user).to be_nil
     end
   end