Commit 8dd9a8b6 authored by Oren Kanner's avatar Oren Kanner

Allow admins to stop impersonating users without e-mail addresses

Resolves #24576

Modify the guard clause of the `ApplicationController#require_email`
before action to skip requests where an admin is impersonating the
current user.
parent 694b55c8
......@@ -224,7 +224,7 @@ class ApplicationController < ActionController::Base
end
def require_email
if current_user && current_user.temp_oauth_email?
if current_user && current_user.temp_oauth_email? && session[:impersonator_id].nil?
redirect_to profile_path, notice: 'Please complete your profile with email address' and return
end
end
......
---
title: Allow admins to stop impersonating users without e-mail addresses
merge_request: 7550
author: Oren Kanner
......@@ -76,6 +76,7 @@ describe Admin::ImpersonationsController do
end
context "when the impersonator is not blocked" do
shared_examples_for "successfully stops impersonating" do
it "redirects to the impersonated user's page" do
expect(Gitlab::AppLogger).to receive(:info).with("User #{impersonator.username} has stopped impersonating #{user.username}").and_call_original
......@@ -90,6 +91,19 @@ describe Admin::ImpersonationsController do
expect(warden.user).to eq(impersonator)
end
end
# base case
it_behaves_like "successfully stops impersonating"
context "and the user has a temporary oauth e-mail address" do
before do
allow(user).to receive(:temp_oauth_email?).and_return(true)
allow(controller).to receive(:current_user).and_return(user)
end
it_behaves_like "successfully stops impersonating"
end
end
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment