Skip to content

Check user cap was reached before blocking user pending approval

Mohamed Moustafa requested to merge mtimoustafa/341320-correctly-apply-user-cap-on-signup into master

What does this MR do and why?

Resolves #341320 (closed).

As part of the user cap, we expect that any new user sign-ups over the cap would be blocked from logging in, pending admin approval. Currently however, when the user cap is set, all new user sign-ups are blocked pending admin approval, regardless of whether the cap was reached or not.

Our current approach is to activate users right after creation, if a cap is set but not reached. However, that exposes the user to confusing UI, since they are not logged in and told to wait for admin approval. However, they get an email right after telling them their account has been approved, and they can log in normally.

This MR corrects this behaviour to be in line with feature expectations, which is that users would be logged in automatically right after creation.

Screenshots or screen recordings

No visual changes expected

Screenshots of expected cases:

Case Screenshot
New user signed up, but administrator approval is required before they can log in Screenshot_2023-06-15_at_12.35.54

How to set up and validate locally

  1. Run GDK on your local machine.
  2. Log in to GDK as root.

With administrator approval for new sign-ups disabled:

  1. As root, remove the user cap.
  2. Log out of root and sign up as a new user. After completing sign-up, you should automatically be logged in without needing administrator approval.
  3. Log out of the new user, log back into root. Enable the user cap and set it to a number higher than the number of users on your instance. (A very high number should work, e.g. 10000.)
  4. Log out of root and sign up as a new user. After completing sign-up, you should automatically be logged in without needing administrator approval.
  5. Repeat step 3, but set the user cap to a number lower than the number of users on your instance. (A very low number should work, e.g. 1.)
  6. Log out of root and sign up as a new user. After completing sign-up, you should not be logged in. Rather, you'll be moved back to the sign-in screen with a message saying administrator approval is required. You will also not be able to log in with that new user.

With administrator approval for new sign-ups enabled:

  1. Repeat the steps above, but for every new sign-up, you won't be able to log in and admin approval will be required, like in step 6.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Mohamed Moustafa

Merge request reports