Skip email restriction validations for placeholder and importer users
What does this MR do and why?
The sign-up email restriction validations can block placeholder and import users to be created on systems that have sign-up restrictions.
However, placeholder users and import users are necessary for the system to create during imports.
These users are created with the GitLab hostname as their email domains.
The sign-up restrictions do not need to apply to these users because they're not accounts that can be signed in by users due to being internal user types.
Other services will set a created_by_id
for the user record which
avoids the validation, but placeholder and import users are created by
the system and so there is no created_by_id
we can set.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
Restart Sidekiq after switching to this branch: gdk restart rails-background-jobs
.
- On your localhost, go
/admin/application_settings/general
and expand Sign-up restrictions. - In Allowed domains for sign-ups enter
domain.com
. - Select Save changes
Conduct a new Direct Transfer import:
- Enable both the
importer_user_mapping
andbulk_import_importer_user_mapping
flags. - Start a new Direct Transfer import.
- In the UI, click "Migration details" to see the progress of the import, or else visit
/import/bulk_imports/<BulkImport.last.id>/history
. - The import should progress without any errors. You should not see a "Show errors" link in the "View details" sections of the history page.
- There will have been placeholder users successfully created for the import. On a rails console:
group = Group.find_by_full_name(<path-of-group-imported-into>).root_ancestor Import::SourceUser.where(namespace: group).any? # => true
On master
the import will have many errors and placeholder users will not be created:
master
branch history page:
master
branch "Show errors" page:
master
branch the group should have no placeholder users created during the import:
group = Group.find_by_full_name(<path-of-group-imported-into>).root_ancestor
Import::SourceUser.where(namespace: group).any? # => false
Clean up your admin:
- In the admin's Sign-up restrictions remove
domain.com
from the Allowed domains for sign-ups and select Save changes
Related to #483639 (closed)