134 lines
6 KiB
Diff
134 lines
6 KiB
Diff
Description: This patch helps in bumping devise to 4.6.2.
|
|
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/28438
|
|
Author: Utkarsh Gupta <guptautkarsh2102@gmail.com>
|
|
---
|
|
|
|
--- gitlab-11.10.4+dfsg.orig/Gemfile
|
|
+++ gitlab-11.10.4+dfsg/Gemfile
|
|
@@ -35,7 +35,7 @@ gem 'grape-path-helpers', '~> 1.0'
|
|
gem 'faraday', '~> 0.12'
|
|
|
|
# Authentication libraries
|
|
-gem 'devise', '~> 4.4'
|
|
+gem 'devise', '~> 4.6'
|
|
gem 'doorkeeper', '~> 4.3'
|
|
gem 'doorkeeper-openid_connect', '~> 1.5'
|
|
gem 'omniauth', '~> 1.8'
|
|
--- gitlab-11.10.4+dfsg.orig/Gemfile.lock
|
|
+++ gitlab-11.10.4+dfsg/Gemfile.lock
|
|
@@ -153,7 +153,7 @@ GEM
|
|
descendants_tracker (0.0.4)
|
|
thread_safe (~> 0.3, >= 0.3.1)
|
|
device_detector (1.0.0)
|
|
- devise (4.4.3)
|
|
+ devise (4.6.2)
|
|
bcrypt (~> 3.0)
|
|
orm_adapter (~> 0.1)
|
|
railties (>= 4.1.0, < 6.0)
|
|
@@ -986,7 +986,7 @@ DEPENDENCIES
|
|
database_cleaner (~> 1.7.0)
|
|
deckar01-task_list (= 2.2.0)
|
|
device_detector
|
|
- devise (~> 4.4)
|
|
+ devise (~> 4.6)
|
|
devise-two-factor (~> 3.0.0)
|
|
diffy (~> 3.1.0)
|
|
discordrb-webhooks-blackst0ne (~> 3.3)
|
|
--- gitlab-11.10.4+dfsg.orig/app/models/user.rb
|
|
+++ gitlab-11.10.4+dfsg/app/models/user.rb
|
|
@@ -1494,15 +1494,6 @@ class User < ApplicationRecord
|
|
devise_mailer.__send__(notification, self, *args).deliver_later # rubocop:disable GitlabSecurity/PublicSend
|
|
end
|
|
|
|
- # This works around a bug in Devise 4.2.0 that erroneously causes a user to
|
|
- # be considered active in MySQL specs due to a sub-second comparison
|
|
- # issue. For more details, see: https://gitlab.com/gitlab-org/gitlab-ee/issues/2362#note_29004709
|
|
- def confirmation_period_valid?
|
|
- return false if self.class.allow_unconfirmed_access_for == 0.days
|
|
-
|
|
- super
|
|
- end
|
|
-
|
|
def ensure_user_rights_and_limits
|
|
if external?
|
|
self.can_create_group = false
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/confirmations/new.html.haml
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/confirmations/new.html.haml
|
|
@@ -3,7 +3,7 @@
|
|
.login-body
|
|
= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f|
|
|
.devise-errors
|
|
- = devise_error_messages!
|
|
+ = render "devise/shared/error_messages", resource: resource
|
|
.form-group
|
|
= f.label :email
|
|
= f.email_field :email, class: "form-control", required: true, title: 'Please provide a valid email address.'
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/passwords/edit.html.haml
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/passwords/edit.html.haml
|
|
@@ -3,7 +3,7 @@
|
|
.login-body
|
|
= form_for(resource, as: resource_name, url: password_path(:user), html: { method: :put, class: 'gl-show-field-errors' }) do |f|
|
|
.devise-errors
|
|
- = devise_error_messages!
|
|
+ = render "devise/shared/error_messages", resource: resource
|
|
= f.hidden_field :reset_password_token
|
|
.form-group
|
|
= f.label 'New password', for: "user_password"
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/passwords/new.html.haml
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/passwords/new.html.haml
|
|
@@ -3,7 +3,7 @@
|
|
.login-body
|
|
= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f|
|
|
.devise-errors
|
|
- = devise_error_messages!
|
|
+ = render "devise/shared/error_messages", resource: resource
|
|
.form-group
|
|
= f.label :email
|
|
= f.email_field :email, class: "form-control", required: true, value: params[:user_email], autofocus: true, title: 'Please provide a valid email address.'
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/registrations/edit.html.erb
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/registrations/edit.html.erb
|
|
@@ -1,7 +1,7 @@
|
|
<h2>Edit <%= resource_name.to_s.humanize %></h2>
|
|
|
|
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
|
|
- <%= devise_error_messages! %>
|
|
+ <%= render "devise/shared/error_messages", resource: resource %>
|
|
|
|
<div><%= f.label :email %><br />
|
|
<%= f.email_field :email %></div>
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/shared/_signup_box.html.haml
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/shared/_signup_box.html.haml
|
|
@@ -2,7 +2,7 @@
|
|
.login-body
|
|
= form_for(resource, as: "new_#{resource_name}", url: registration_path(resource_name), html: { class: "new_new_user gl-show-field-errors", "aria-live" => "assertive" }) do |f|
|
|
.devise-errors
|
|
- = devise_error_messages!
|
|
+ = render "devise/shared/error_messages", resource: resource
|
|
.name.form-group
|
|
= f.label :name, 'Full name', class: 'label-bold'
|
|
= f.text_field :name, class: "form-control top qa-new-user-name js-block-emoji", required: true, title: _("This field is required.")
|
|
--- gitlab-11.10.4+dfsg.orig/app/views/devise/unlocks/new.html.haml
|
|
+++ gitlab-11.10.4+dfsg/app/views/devise/unlocks/new.html.haml
|
|
@@ -3,7 +3,7 @@
|
|
.login-body
|
|
= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f|
|
|
.devise-errors
|
|
- = devise_error_messages!
|
|
+ = render "devise/shared/error_messages", resource: resource
|
|
.form-group.append-bottom-20
|
|
= f.label :email
|
|
= f.email_field :email, class: 'form-control', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off', title: 'Please provide a valid email address.'
|
|
--- gitlab-11.10.4+dfsg.orig/config/initializers/8_devise.rb
|
|
+++ gitlab-11.10.4+dfsg/config/initializers/8_devise.rb
|
|
@@ -100,6 +100,11 @@ Devise.setup do |config|
|
|
# secure: true in order to force SSL only cookies.
|
|
# config.cookie_options = {}
|
|
|
|
+ # When set to false, does not sign a user in automatically after their password is
|
|
+ # changed. Defaults to true, so a user is signed in automatically after a password
|
|
+ # is changed.
|
|
+ config.sign_in_after_change_password = false
|
|
+
|
|
# Send a notification email when the user's password is changed
|
|
config.send_password_change_notification = true
|
|
|