Return early if user is nil in ee/lib/ee/gitlab/auth/saml/user.rb
What does this MR do?
This MR seeks to prevent the use case which occurs with SSO when a user does not have the required group(s) and has never logged in so no GitLab profile exists. In this case, the user object is set to "nil" and then throws an NPE exception in the method 'build_user_synced_attributes_metadata' as the method cannot build metadata for nil.
It is unclear if the user object should be set to 'nil' and return called early or if the method 'build_user_synced_attributes_metadata' should check for (user == nil) and return from inside the method.
See #23688 (closed) for more details.
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team