Improve blocked user tracking and fire some events only once
What does this MR do?
- Do not fire warden events twice when user is not fully authenticated
- Do not use
BlockerUserTracker
to track blocked users since we can usebefore_logout
for this.
Are there points in the code the reviewer needs to double check?
Is that okay to use warden.authenticated?(:user)
in the use case in the application controller?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Tests added for this feature/bug -
Has been reviewed by a Backend maintainer -
End-to-end tests pass ( package-and-qa
manual pipeline job)
What are the relevant issue numbers?
Closes gitlab-org/gitlab-ce#49784
Edited by Grzegorz Bizon