Fixing imports to only match confirmed public email users
What does this MR do and why?
See https://gitlab.com/gitlab-org/gitlab/-/issues/427211#note_1617345081 for details.
Basically, importing can cause users to be associated with MRs/Issues even when their profile is set to private. We want to only link users who have made their emails public.
Screenshots or screen recordings
See related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427211#note_1617345081
Before | After |
---|---|
How to set up and validate locally
- Github import / Direct transfer (using dev.gitlab.org) / Bitbucket Server should all behave the same
- Set up a user on the source instance
- Set up a user on the destination with same email, but not a public one
- Imports should not map this user when FF
restrict_import_to_public_emails
is enabled
- Imports should not map this user when FF
- Set a public email for the the user on destination to
- Imports should map to this user accordingly
There's a bunch of caching in play here, so once a user is correctly mapped the first time; you'll need to clear cache for any subsequent runs
Gitlab::Redis::Cache.with(){ |r| r.keys('cache:gitlab:github-import/*') }
keys.each do |k| Gitlab::Redis::Cache.with(){ |r| r.del(k) } end
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #427211
Edited by Max Fan