Update no password message shown when logged in via OAuth
What does this MR do and why?
When a user creates an account with a OmniAuth provider (Google, Facebook, etc) their account doesn't have a password set because they use the OmniAuth provider to login. This means that they can not clone a repository over HTTP(S) with a password because there isn't one set. Currently there is an alert explaining to users that they do not have a password set but it is a little confusing. This MR updates this message to hopefully make more sense. The message that is shown to users depends on the value of Allow password authentication for Git over HTTP(S)
setting which is set in Admin
-> Settings
-> General
-> Sign-in restrictions
.
This MR also takes the opportunity to refactor the no password alert and the no SSH key alerts to use the app/views/shared/_global_alert.html.haml shared partial. This helps create consistency between all the global alerts in GitLab.
Screenshots or screen recordings
Allow password authentication for Git over HTTP(S) value |
Before | After |
---|---|---|
true |
||
false |
How to set up and validate locally
Normally a user would see this alert if they created their account via an OmniAuth provider. That is a little hard to setup locally but it isn't too hard to fake for local testing.
- Open the rails console.
bin/rails console
- Find a user that has access to a project by username.
user = User.find_by_username('user44')
- Update the
password_automatically_set
column.user.update_column(:password_automatically_set, true)
- Login as an admin and navigate to
/admin/users/user44
. ClickImpersonate
in the upper right corner. - Navigate to a project
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #38061 (closed)