Skip to content

Resolve "Execute member hooks only if an associated user is present"

What does this MR do?

Related to #330722 (closed)

From !30355 (comment 579555374), we can see that there are some Member records that do not have an associated user, and hence the callbacks on the member.rb model are failing.

Since this data issue persists, we need a workaround to prevent firing these hooks in case a member object does not have an associated user.

I have also made sure that all the 3 callbacks, ie post_create_hook, post_update_hook & post_destroy_hook in all the files, ie, member.rb, ee/member.rb, project_member.rb, ee/project_member.rb, group_member.rb, ee/group_member.rb, expects the associated user to be present. (ie, there are no cases where one of these hooks would have worked successfully in of these places without errors even if the user record wasn't present)

Screenshots (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Manoj M J

Merge request reports

Loading