User admin approval - Email admin the access request
What does this MR do?
Send an email to up to the first 10 active instance admins when a user makes an account request.
Sanity testing:
- Enable 'Require admin approval for new sign-ups' in Admin > Settings > General > Sign-up restrictions
- Log out of
root
- Make sure
rails-background-jobs
andrails-web
aren't stale-- could be good to do agdk restart rails
here just to be safe - Click 'Register now' and sign up with a new fake user. You'll see the notice "You have signed up successfully. However, we could not sign you in because your account is awaiting approval from your GitLab administrator"
- You'll see the job enqueued at
http://127.0.0.1:3000/admin/sidekiq/queues/mailers
, and after a few seconds it'll show up inhttp://localhost:3000/rails/letter_opener/
- Check that the html and plaintext emails have the correct information
Screenshots (strongly suggested)
Sends an email to each of the first 10 active admins.
There are 13 admins, but NotificationService only sent 10 jobs to Sidekiq and 10 emails to LetterOpener:
Email format-
Root:
HTML:
Plaintext:
Other admin:
This admin has a weird name/email combo, but it is them:
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Related to #257879 (closed)
Edited by Serena Fang