Skip to content

omniauth: Terms of service are accepted automaticaly during registration

Summary

If All users must accept the Terms of Service and Privacy Policy to access Gitlab is activated in Admin-UI, it's expected that users have to accept the ToS if they logged in first time using omniauth otherwise the are logged out.

But the ToS are not displayed and the database says that the user has accepted the ToS.

It's also expected that users have to confirm the ToS whenever they are updated (#345524 (closed)).

Steps to reproduce

  1. Log in to Admin-UI an make sure user john.doe not exists
  2. Open rails console gitlab-rails console
  3. Check if user didn't accepted the ToS 
    TermAgreement.where(user_id: User.search('john.doe').first.id).first
    returns: 
    undefined method `id' for nil:NilClass (NoMethodError)
  4. Log in using omniauth-shibboleth and select a role, the ToS are not displayed
  5. Check if user accepted the ToS 
    TermAgreement.where(user_id: User.search('john.doe').first.id).first
    returns: 
    #<TermAgreement:0x00007f6d6e72bbf8
  id: 4411,
  term_id: 4,
  user_id: 6058,
  accepted: true,
  created_at: Fri, 20 Oct 2023 11:52:22.446551000 CEST +02:00,
  updated_at: Fri, 20 Oct 2023 11:52:22.446551000 CEST +02:00>

What is the current bug behavior?

The ToS are confirmed automatically if a user logged in first time (eq. registered). If the ToS has been updated, the users aren't forced to confirm again.

What is the expected correct behavior?

If the acceptance of the terms of service is mandatory:

  • new users have to accept to continue the registration process
  • if users decline they are logged off
  • users have to accept the terms whenever they are updated

If the acceptance of the terms of service is not mandatory:

  • new users don't have to accept to continue the registration process
  • users don't have to accept the terms whenever they are updated

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 
System information
System:		Debian 11
Current User:	git
Using RVM:	no
Ruby Version:	3.0.6p216
Gem Version:	3.4.19
Bundler Version:2.4.19
Rake Version:	13.0.6
Redis Version:	7.0.13
Sidekiq Version:6.5.7
Go Version:	unknown

GitLab information
Version:	16.4.1
Revision:	e6801ed8d44
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	PostgreSQL
DB Version:	13.11
Using LDAP:	no
Using Omniauth:	yes
Omniauth Providers: shibboleth

GitLab Shell
Version:	14.28.0
Repository storages:
- default: 	unix:/var/opt/gitlab/gitaly/gitaly.socket
GitLab Shell path:		/opt/gitlab/embedded/service/gitlab-shell

Gitaly
- default Address: 	unix:/var/opt/gitlab/gitaly/gitaly.socket
- default Version: 	16.4.1
- default Git Version: 	2.42.0