Resolve "NoMethodError: undefined method `term_agreements' for nil:NilClass"
requested to merge 204723-nomethoderror-undefined-method-term_agreements-for-nil-nilclass into master
What does this MR do?
Fixes #204723 (closed)
Sentry: https://sentry.gitlab.net/gitlab/gitlabcom/issues/1242497/?query=Users::TermsController#accept
A user session is required to accept or decline a term, and this was not being mandated since we are currently applying
skip_before_action :authenticate_user! for all actions in this controller.
Skipping this filter is necessary only for the index action, and the accept and decline actions should compulsorily mandate the presence of a logged in user to be able to accept or decline terms.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
- [-] Separation of EE specific content
Availability and Testing
- [-] Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec - [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Peter Leitzen