Extend `blocked_pending_approval` status for OmniAuth, SAML and LDAP users
What does this MR do and why?
For #285124 (closed) & https://gitlab.com/gitlab-org/gitlab/-/issues/281691
This MR puts new users created via LDAP/Omniauth in a blocked_pending_approval
state, if the application setting require_admin_approval_after_user_signup
is set to TRUE
. This setting comes from the Users Pending Approval feature, and it is a setting that is TRUE
by default.
This application setting is already used to place the user in a blocked_pending_approval
state when the user is signing up via the normal registration flow (introduced in !44398 (merged)), and we are now extending this to Omniauth/LDAP user creation.
Some context
Recently, with !63650 (merged), we have already been putting new registrations via Omniauth/LDAP in the blocked_pending_approval
state if the Omniauth/LDAP configuration had block_auto_created_users
setting set to true
.
So, because of the changes in !63650 (merged), this MR turned out to be quite easy to implement code-wise, as we already had the pieces in place which set the user to the desired state of blocked_pending_approval
when certain conditions were met.
If we turn the state of the user to a truth table, based on the 2 settings, it would be
require_admin_approval_after_user_signup | block_auto_created_users (LDAP/OAuth) | State of the newly created user via LDAP/Omniauth |
---|---|---|
false | false | active |
true | false | blocked_pending_approval |
false | true | blocked_pending_approval |
true | true | blocked_pending_approval |
Here, the 2nd row of the truth table is what this MR implements. The rest of the rows are unchanged from the changes in !63650 (merged).
Documentation
Regarding documentation, I do not think this change requires a new documentation update since the docs at https://docs.gitlab.com/ee/user/admin_area/moderate_users.html#users-pending-approval already covers the case in this MR too.
Screenshots or screen recordings
How to set up and validate locally
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.