diff --git a/app/controllers/concerns/skips_already_signed_in_message.rb b/app/controllers/concerns/skips_already_signed_in_message.rb new file mode 100644 index 0000000000000000000000000000000000000000..7630cf4f4e1bbe2fbe66ba8832e73e2f094be84e --- /dev/null +++ b/app/controllers/concerns/skips_already_signed_in_message.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +# This concern can be included in devise controllers to skip showing an "already signed in" +# warning on registrations and logins +module SkipsAlreadySignedInMessage + extend ActiveSupport::Concern + + included do + # replaced with :require_no_authentication_without_flash + # rubocop: disable Rails/LexicallyScopedActionFilter + # The actions are defined in Devise + skip_before_action :require_no_authentication, only: [:new, :create] + before_action :require_no_authentication_without_flash, only: [:new, :create] + # rubocop: enable Rails/LexicallyScopedActionFilter + end + + def require_no_authentication_without_flash + require_no_authentication + + return unless flash[:alert] == I18n.t('devise.failure.already_authenticated') + + flash[:alert] = nil + end +end diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index 3e6683fc86705a68729f1e3a862d9cc17221af9a..f481681da0210e1688345f73e0fbb35978ec1c2d 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -10,6 +10,7 @@ class RegistrationsController < Devise::RegistrationsController include GoogleAnalyticsCSP include PreferredLanguageSwitcher include Gitlab::Tracking::Helpers::WeakPasswordErrorEvent + include SkipsAlreadySignedInMessage layout 'devise' diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 8a79353f490c75b7e2dce8a59f410177446c7acb..a9972cbd8857202099d4df096a5afff444eb0635 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -14,13 +14,11 @@ class SessionsController < Devise::SessionsController include VerifiesWithEmail include GoogleAnalyticsCSP include PreferredLanguageSwitcher + include SkipsAlreadySignedInMessage skip_before_action :check_two_factor_requirement, only: [:destroy] skip_before_action :check_password_expiration, only: [:destroy] - # replaced with :require_no_authentication_without_flash - skip_before_action :require_no_authentication, only: [:new, :create] - prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :authenticate_with_two_factor, if: -> { action_name == 'create' && two_factor_enabled? } @@ -29,7 +27,6 @@ class SessionsController < Devise::SessionsController prepend_before_action :require_no_authentication_without_flash, only: [:new, :create] prepend_before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? } prepend_before_action :ensure_password_authentication_enabled!, if: -> { action_name == 'create' && password_based_login? } - before_action :auto_sign_in_with_provider, only: [:new] before_action :init_preferred_language, only: :new before_action :store_unauthenticated_sessions, only: [:new] @@ -96,14 +93,6 @@ def destroy private - def require_no_authentication_without_flash - require_no_authentication - - if flash[:alert] == I18n.t('devise.failure.already_authenticated') - flash[:alert] = nil - end - end - def captcha_enabled? request.headers[CAPTCHA_HEADER] && helpers.recaptcha_enabled? end diff --git a/ee/app/controllers/trial_registrations_controller.rb b/ee/app/controllers/trial_registrations_controller.rb index f58edf97c433be672d18f82d722504207edd81be..f0c21b78dc60c53bad304d5de93f4fdd58aa840a 100644 --- a/ee/app/controllers/trial_registrations_controller.rb +++ b/ee/app/controllers/trial_registrations_controller.rb @@ -11,7 +11,7 @@ class TrialRegistrationsController < RegistrationsController layout 'minimal' - skip_before_action :require_no_authentication + skip_before_action :require_no_authentication_without_flash before_action :check_if_gl_com_or_dev before_action :redirect_to_trial, only: [:new], if: :user_signed_in? diff --git a/spec/features/oauth_registration_spec.rb b/spec/features/registrations/oauth_registration_spec.rb similarity index 100% rename from spec/features/oauth_registration_spec.rb rename to spec/features/registrations/oauth_registration_spec.rb diff --git a/spec/features/registrations/registration_spec.rb b/spec/features/registrations/registration_spec.rb new file mode 100644 index 0000000000000000000000000000000000000000..7a409b3934e0a3ebbc020442b86a130fc0374ba7 --- /dev/null +++ b/spec/features/registrations/registration_spec.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Registrations', feature_category: :system_access do + context 'when the user visits the registration page when already signed in', :clean_gitlab_redis_sessions do + let_it_be(:current_user) { create(:user) } + + before do + sign_in(current_user) + end + + it 'does not show an "You are already signed in" error message' do + visit new_user_registration_path + + wait_for_requests + + expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) + end + end +end