Fixes needed when GitLab sign-in is not enabled
What does this MR do?
Fixes a number of bugs when GitLab sign-in is disabled.
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
Are there points in the code the reviewer needs to double check?
No.
Why was this MR needed?
We have sign-in disabled on our instance and use a CAS server for authentication, and we needed the fixes described above to ensure our users were not prompted to update expired passwords, didn't see a confusing Password tab, etc.
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together
What are the relevant issue numbers?
Issue https://gitlab.com/gitlab-org/gitlab-ce/issues/25557 was originally intended to capture these problems.
Edited by Robin Bobbitt