Setting 'User cap' causes password reset email to not be sent on user create

Summary

When creating a user in the UI, GitLab sends a welcome mail to the user containing a password reset link. If you have a user cap set, either the cap is exceeded and the user must be approved first, or the cap is not exceeded and the user is automatically approved. Either way, on approval, the user gets a welcome mail that does not contain a password reset link. The admin must then generate passwords for users which is cumbersome.

Steps to reproduce

  • On a test server, go to Admin Area > Settings > General > Sign-up Restrictions > User cap
  • Make sure it's not set
  • Go to Admin Area > Users > New User
  • Create a test user with a valid test email address
  • On the UI it displays that a password reset email will be sent. e.g:

Screenshot_2022-09-26_at_22.42.15

  • Check the test account's email and you'll have received an email link this:

Screenshot_2022-09-26_at_22.37.51

  • Now visit Admin Area > Settings > General > Sign-up Restrictions > User cap again and set a user cap to a number higher than your current user count
  • Create a test user with a valid test email address (again)
  • On the UI it displays that a password reset email will be sent.

Screenshot_2022-09-26_at_22.42.15

  • Check the test account's email and you'll have received an email link this:

Screenshot_2022-09-26_at_22.41.07

... but with the user cap set, no password reset mail is sent.

What is the current bug behavior?

When a user cap is set, the expected password reset link is not sent to the user, and the administrator has to set passwords for users to be able to sign in the first time and reset their passwords. This is cumbersome and unnecessary.

What is the expected correct behavior?

The behaviour should be same as for user creation without the user cap set. The cap shouldn't change the behaviour. Users should receive a welcome mail with a valid password reset link.

Results of GitLab environment info

Expand for output related to GitLab environment info 
System information
System:		Ubuntu 20.04
Proxy:		no
Current User:	git
Using RVM:	no
Ruby Version:	2.7.5p203
Gem Version:	3.1.6
Bundler Version:2.3.15
Rake Version:	13.0.6
Redis Version:	6.2.7
Sidekiq Version:6.4.2
Go Version:	unknown

GitLab information
Version:	15.4.0-ee
Revision:	abbda55531f
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	PostgreSQL
DB Version:	12.10
URL:		https://gitlab.soulsociety.net
HTTP Clone URL:	https://gitlab.soulsociety.net/some-group/some-project.git
SSH Clone URL:	git@gitlab.soulsociety.net:some-group/some-project.git
Elasticsearch:	yes
Geo:		no
Using LDAP:	yes
Using Omniauth:	yes
Omniauth Providers: saml, openid_connect, crowd

GitLab Shell
Version:	14.10.0
Repository storage paths:
- default: 	/var/opt/gitlab/git-data/repositories
GitLab Shell path:		/opt/gitlab/embedded/service/gitlab-shell

Results of GitLab application Check

Expand for output related to the GitLab application check 
Checking GitLab subtasks ...


Checking GitLab Shell ...


GitLab Shell: ... GitLab Shell version >= 14.10.0 ? ... OK (14.10.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful


Checking GitLab Shell ... Finished


Checking Gitaly ...


Gitaly: ... default ... OK


Checking Gitaly ... Finished


Checking Sidekiq ...


Sidekiq: ... Running? ... yes
Number of Sidekiq processes (cluster/worker) ... 1/1


Checking Sidekiq ... Finished


Checking Incoming Email ...


Incoming Email: ... Checking Reply by email ...


IMAP server credentials are correct? ... Checking gitlab@soulsociety.net
yes
Mailroom enabled? ... skipped
MailRoom running? ... skipped


Checking Reply by email ... Finished


Checking Incoming Email ... Finished


Checking LDAP ...


LDAP: ... Server: ldapmain
LDAP authentication... Success
LDAP users with access to your GitLab server (only showing the first 100 results)
User output sanitized. Found 2 users of 100 limit.


Checking LDAP ... Finished


Checking GitLab App ...


Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... skipped (no tmp uploads folder yet)
Systemd unit files or init script exist? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Systemd unit files or init script up-to-date? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Projects have namespace: ...
2/1 ... yes
5/3 ... yes
Redis version >= 6.0.0? ... yes
Ruby version >= 2.7.2 ? ... yes (2.7.5)
Git user has default SSH configuration? ... yes
Active users: ... 3
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Elasticsearch version 7.x-8.x or OpenSearch version 1.x ... no ( Unknown)
For more information see:
doc/integration/advanced_search/elasticsearch.md


Checking GitLab App ... Finished


Checking GitLab subtasks ... Finished

This was reported by a customer here: (Internal link) https://gitlab.zendesk.com/agent/tickets/316753.

I was able to reproduce this on my test instance running GitLab 15.4.0.