Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

User admin approval - Approve users pending approval via admin UI

Review changes
Download
Patches
Plain diff

Manoj M J requested to merge 257886-user-admin-approval-approve-user-via-admin-ui into master Oct 12, 2020

Overview 72
Commits 7
Pipelines 15
Changes 21

What does this MR do?

For #257886 (closed)

This is part of an epic and a good bunch of work on this feature has already been merged - &4491

**A short walkthru video explaining the change is available here ** (Update: This is slightly outdated now, as the approval flow does not include force confirming the user anymore)

This change allows the following operations via the admin UI.

Shows the users pending approval under "Pending approval" tab.
Allows to approve a pending user. This step
- activates the user
- send confirmation instruction to the users email if they are not confirmed yet
- accepts their pending invitations, if the user satisfies all prerequisites for a successful login and has their email confirmed.
Allows to block a pending user.
Allows to delete a pending user.

Everything is behind a feature flag, which will be removed soon with #258980 (closed), hence there is no changelog.

I will ask for review of UI text from Technical Writing & add documentation for the feature in a different MR (as this is behind a feature flag now, these will not be shown anyway)

Screenshots

New "Pending approval" tab shows users pending approval:

Operations available on pending users - they can be approved, blocked or deleted:

Show pending user page - has the same operations available: (this is for a user that does not have their email confirmed yet)

Show pending user page - has the same operations available: (this is for a user that hash their email confirmed already)

After approving a user:

Does this MR meet the acceptance criteria?

Conformity

Changelog entry
Documentation (if required)
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers
Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited Oct 14, 2020 by Manoj M J

Merge request reports

Assignee

Reviewers

Request review from

Time tracking