Merge branch 'master' into ce-to-ee-2018-06-08

app/controllers/registrations_controller.rb

@@ -5,6 +5,9 @@ class RegistrationsController < Devise::RegistrationsController
   prepend EE::RegistrationsController
 
   before_action :whitelist_query_limiting, only: [:destroy]
+  before_action :ensure_terms_accepted,
+                if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? },
+                only: [:create]
 
   def new
     redirect_to(new_user_session_path)
@@ -20,7 +23,9 @@ class RegistrationsController < Devise::RegistrationsController
 
     if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha
       accept_pending_invitations
-      super
+      super do |new_user|
+        persist_accepted_terms_if_required(new_user)
+      end
     else
       flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.'
       flash.delete :recaptcha_error
@@ -42,6 +47,16 @@ class RegistrationsController < Devise::RegistrationsController
 
   protected
 
+  def persist_accepted_terms_if_required(new_user)
+    return unless new_user.persisted?
+    return unless Gitlab::CurrentSettings.current_application_settings.enforce_terms?
+
+    if terms_accepted?
+      terms = ApplicationSetting::Term.latest
+      Users::RespondToTermsService.new(new_user, terms).execute(accepted: true)
+    end
+  end
+
   def destroy_confirmation_valid?
     if current_user.confirm_deletion_with_password?
       current_user.valid_password?(params[:password])
@@ -93,4 +108,14 @@ class RegistrationsController < Devise::RegistrationsController
   def whitelist_query_limiting
     Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42380')
   end
+
+  def ensure_terms_accepted
+    return if terms_accepted?
+
+    redirect_to new_user_session_path, alert: _('You must accept our Terms of Service and privacy policy in order to register an account')
+  end
+
+  def terms_accepted?
+    Gitlab::Utils.to_boolean(params[:terms_opt_in])
+  end
 end

app/controllers/users/terms_controller.rb

@@ -2,6 +2,7 @@ module Users
   class TermsController < ApplicationController
     include InternalRedirect
 
+    skip_before_action :authenticate_user!
     skip_before_action :enforce_terms!
     skip_before_action :check_password_expiration
     skip_before_action :check_two_factor_requirement
@@ -14,7 +15,7 @@ module Users
     def index
       @redirect = redirect_path
 
-      if @term.accepted_by_user?(current_user)
+      if current_user && @term.accepted_by_user?(current_user)
         flash.now[:notice] = "You have already accepted the Terms of Service as #{current_user.to_reference}"
       end
     end

app/views/admin/application_settings/_terms.html.haml

-= form_for @application_setting, url: admin_application_settings_path do |f|
+= form_for @application_setting, url: admin_application_settings_path, html: { class: 'fieldset-form' } do |f|
   = form_errors(@application_setting)
 
   %fieldset
@@ -7,13 +7,13 @@
         .form-check
           = f.check_box :enforce_terms, class: 'form-check-input'
           = f.label :enforce_terms, class: 'form-check-label' do
-            = _("Require all users to accept Terms of Service when they access GitLab.")
+            = _("Require all users to accept Terms of Service and Privacy Policy when they access GitLab.")
           .form-text.text-muted
             = _("When enabled, users cannot use GitLab until the terms have been accepted.")
     .form-group.row
       .col-sm-12
         = f.label :terms do
-          = _("Terms of Service Agreement")
+          = _("Terms of Service Agreement and Privacy Policy")
       .col-sm-12
         = f.text_area :terms, class: 'form-control', rows: 8
         .form-text.text-muted

app/views/admin/application_settings/show.html.haml

@@ -50,11 +50,11 @@
 %section.settings.as-terms.no-animate#js-terms-settings{ class: ('expanded' if expanded) }
   .settings-header
     %h4
-      = _('Terms of Service')
+      = _('Terms of Service and Privacy Policy')
     %button.btn.btn-default.js-settings-toggle{ type: 'button' }
       = expanded ? _('Collapse') : _('Expand')
     %p
-      = _('Include a Terms of Service agreement that all users must accept.')
+      = _('Include a Terms of Service agreement and Privacy Policy that all users must accept.')
   .settings-content
     = render 'terms'
 

app/views/devise/shared/_signup_box.html.haml

@@ -22,6 +22,13 @@
         = f.label :password
         = f.password_field :password, class: "form-control bottom", required: true, pattern: ".{#{@minimum_password_length},}", title: "Minimum length is #{@minimum_password_length} characters."
         %p.gl-field-hint Minimum length is #{@minimum_password_length} characters
+      - if Gitlab::CurrentSettings.current_application_settings.enforce_terms?
+        .form-group
+          = check_box_tag :terms_opt_in, '1', false, required: true
+          = label_tag :terms_opt_in do
+            - terms_link = link_to s_("I accept the|Terms of Service and Privacy Policy"), terms_path, target: "_blank"
+            - accept_terms_label = _("I accept the %{terms_link}") % { terms_link: terms_link }
+            = accept_terms_label.html_safe
       = render 'devise/shared/ee/email_opted_in', f: f
       %div
       - if Gitlab::Recaptcha.enabled?

app/views/users/terms/index.html.haml

@@ -2,7 +2,8 @@
 
 .card-body.rendered-terms
   = markdown_field(@term, :terms)
-.card-footer.footer-block.clearfix
+- if current_user
+  .card-footer.footer-block.clearfix
     - if can?(current_user, :accept_terms, @term)
       .float-right
         = button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do

changelogs/unreleased/bvl-terms-on-registration.yml

+---
+title: Users can accept terms during registration
+merge_request: 19583
+author:
+type: other

doc/user/admin_area/settings/terms.md

@@ -20,6 +20,19 @@ When an admin enables this feature, they will automattically be
 directed to the page to accept the terms themselves. After they
 accept, they will be directed back to the settings page.
 
+## New registrations
+
+When this feature is enabled, a checkbox will be available in the
+sign-up form.
+
+![Sign up form](img/sign_up_terms.png)
+
+This checkbox will be required during sign up.
+
+Users can review the terms entered in the admin panel before
+accepting. The page will be opened in a new window so they can
+continue their registration afterwards.
+
 ## Accepting terms
 
 When this feature was enabled, the users that have not accepted the

ee/app/assets/javascripts/vue_shared/security_reports/components/help_popover.vue

@@ -28,7 +28,7 @@ export default {
       container: 'body',
       placement: 'top',
       template:
-        '<div class="popover" role="tooltip"><div class="arrow"></div><p class="popover-title"></p><div class="popover-content"></div></div>',
+        '<div class="popover" role="tooltip"><div class="arrow"></div><p class="popover-header"></p><div class="popover-body"></div></div>',
       ...this.options,
     })
     .on('mouseenter', mouseenter)

ee/app/helpers/ee/application_helper.rb

@@ -11,11 +11,18 @@ module EE
     end
 
     def render_ce(partial, locals = {})
-      render template: find_ce_partial(partial), locals: locals
+      render template: find_ce_template(partial), locals: locals
     end
 
-    def find_ce_partial(partial)
-      ce_lookup_context.find(partial, [], true)
+    # Tries to find a matching partial first, if there is none, we try to find a matching view
+    def find_ce_template(name)
+      prefixes = [] # So don't create extra [] garbage
+
+      if ce_lookup_context.exists?(name, prefixes, true)
+        ce_lookup_context.find(name, prefixes, true)
+      else
+        ce_lookup_context.find(name, prefixes, false)
+      end
     end
 
     def ce_lookup_context

ee/app/views/projects/merge_requests/show.html.haml

-= render :file => "/app/views/projects/merge_requests/show"
+= render_ce "projects/merge_requests/show"
 
 -# haml-lint:disable InlineJavaScript
 :javascript

ee/spec/helpers/application_helper_spec.rb

@@ -15,6 +15,7 @@ describe ApplicationHelper do
 
   context 'when both CE and EE has partials with the same name' do
     let(:partial) { 'shared/issuable/form/default_templates' }
+    let(:view) { 'projects/merge_requests/show' }
     let(:project) { build_stubbed(:project) }
 
     describe '#render_ce' do
@@ -31,13 +32,16 @@ describe ApplicationHelper do
       end
     end
 
-    describe '#find_ce_partial' do
+    describe '#find_ce_template' do
       let(:expected_partial_path) do
         "app/views/#{File.dirname(partial)}/_#{File.basename(partial)}.html.haml"
       end
+      let(:expected_view_path) do
+        "app/views/#{File.dirname(view)}/#{File.basename(view)}.html.haml"
+      end
 
       it 'finds the CE partial' do
-        ce_partial = helper.find_ce_partial(partial)
+        ce_partial = helper.find_ce_template(partial)
 
         expect(ce_partial.inspect).to eq(expected_partial_path)
 
@@ -45,6 +49,16 @@ describe ApplicationHelper do
         ee_partial = helper.lookup_context.find(partial, [], true)
         expect(ee_partial.inspect).to eq("ee/#{expected_partial_path}")
       end
+
+      it 'finds the CE view' do
+        ce_view = helper.find_ce_template(view)
+
+        expect(ce_view.inspect).to eq(expected_view_path)
+
+        # And it could still find the EE view
+        ee_view = helper.lookup_context.find(view, [], false)
+        expect(ee_view.inspect).to eq("ee/#{expected_view_path}")
+      end
     end
   end
 end

locale/gitlab.pot

@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gitlab 1.0.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-06-07 19:35+0200\n"
-"PO-Revision-Date: 2018-06-07 19:35+0200\n"
+"POT-Creation-Date: 2018-06-08 18:27+0200\n"
+"PO-Revision-Date: 2018-06-08 18:27+0200\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -108,6 +108,9 @@ msgstr ""
 msgid "%{lock_path} is locked by GitLab User %{lock_user_id}"
 msgstr ""
 
+msgid "%{name}'s avatar"
+msgstr ""
+
 msgid "%{nip_domain} can be used as an alternative to a custom domain."
 msgstr ""
 
@@ -563,6 +566,12 @@ msgstr ""
 msgid "Assignee"
 msgstr ""
 
+msgid "Assignee boards not available with your current license"
+msgstr ""
+
+msgid "Assignee lists show all issues assigned to the selected user."
+msgstr ""
+
 msgid "Assignee(s)"
 msgstr ""
 
@@ -949,9 +958,6 @@ msgstr ""
 msgid "CI/CD settings"
 msgstr ""
 
-msgid "CICD|A domain is required to use Auto Review Apps and Auto Deploy Stages."
-msgstr ""
-
 msgid "CICD|An explicit %{ci_file} needs to be specified before you can begin using Continuous Integration and Delivery."
 msgstr ""
 
@@ -961,9 +967,24 @@ msgstr ""
 msgid "CICD|Auto DevOps will automatically build, test, and deploy your application based on a predefined Continuous Integration and Delivery configuration."
 msgstr ""
 
+msgid "CICD|Automatic deployment to staging, manual deployment to production"
+msgstr ""
+
+msgid "CICD|Continuous deployment to production"
+msgstr ""
+
+msgid "CICD|Deployment strategy"
+msgstr ""
+
+msgid "CICD|Deployment strategy needs a domain name to work correctly."
+msgstr ""
+
 msgid "CICD|Disable Auto DevOps"
 msgstr ""
 
+msgid "CICD|Do not set up a domain here if you are setting up multiple Kubernetes clusters with Auto DevOps."
+msgstr ""
+
 msgid "CICD|Enable Auto DevOps"
 msgstr ""
 
@@ -982,6 +1003,9 @@ msgstr ""
 msgid "CICD|The Auto DevOps pipeline configuration will be used when there is no %{ci_file} in the project."
 msgstr ""
 
+msgid "CICD|You need to specify a domain if you want to use Auto Review Apps and Auto Deploy stages."
+msgstr ""
+
 msgid "Can run untagged jobs"
 msgstr ""
 
@@ -1312,6 +1336,9 @@ msgstr ""
 msgid "ClusterIntegration|Helm Tiller"
 msgstr ""
 
+msgid "ClusterIntegration|If you are setting up multiple clusters and are using Auto DevOps, %{docs_link}."
+msgstr ""
+
 msgid "ClusterIntegration|In order to show the health of the cluster, we'll need to provision your cluster with Prometheus to collect the required data."
 msgstr ""
 
@@ -1892,6 +1919,9 @@ msgstr ""
 msgid "Created"
 msgstr ""
 
+msgid "Created by me"
+msgstr ""
+
 msgid "Creating epic"
 msgstr ""
 
@@ -2098,6 +2128,9 @@ msgstr ""
 msgid "DeployTokens|Your new project deploy token has been created."
 msgstr ""
 
+msgid "Deprioritize label"
+msgstr ""
+
 msgid "Descending"
 msgstr ""
 
@@ -2473,6 +2506,9 @@ msgstr ""
 msgid "Failed to update issues, please try again."
 msgstr ""
 
+msgid "Failure"
+msgstr ""
+
 msgid "Feb"
 msgstr ""
 
@@ -2829,10 +2865,22 @@ msgstr ""
 msgid "GroupRoadmap|The roadmap shows the progress of your epics along a timeline"
 msgstr ""
 
-msgid "GroupRoadmap|To view the roadmap, add a planned start or finish date to one of your epics in this group or its subgroups. Only epics in the past 3 months and the next 3 months are shown &ndash; from %{startDate} to %{endDate}."
+msgid "GroupRoadmap|To view the roadmap, add a planned start or finish date to one of your epics in this group or its subgroups. In the months view, only epics in the past month, current month, and next 5 months are shown &ndash; from %{startDate} to %{endDate}."
+msgstr ""
+
+msgid "GroupRoadmap|To view the roadmap, add a planned start or finish date to one of your epics in this group or its subgroups. In the quarters view, only epics in the past quarter, current quarter, and next 4 quarters are shown &ndash; from %{startDate} to %{endDate}."
+msgstr ""
+
+msgid "GroupRoadmap|To view the roadmap, add a planned start or finish date to one of your epics in this group or its subgroups. In the weeks view, only epics in the past week, current week, and next 4 weeks are shown &ndash; from %{startDate} to %{endDate}."
 msgstr ""
 
-msgid "GroupRoadmap|To widen your search, change or remove filters. Only epics in the past 3 months and the next 3 months are shown &ndash; from %{startDate} to %{endDate}."
+msgid "GroupRoadmap|To widen your search, change or remove filters. In the months view, only epics in the past month, current month, and next 5 months are shown &ndash; from %{startDate} to %{endDate}."
+msgstr ""
+
+msgid "GroupRoadmap|To widen your search, change or remove filters. In the quarters view, only epics in the past quarter, current quarter, and next 4 quarters are shown &ndash; from %{startDate} to %{endDate}."
+msgstr ""
+
+msgid "GroupRoadmap|To widen your search, change or remove filters. In the weeks view, only epics in the past week, current week, and next 4 weeks are shown &ndash; from %{startDate} to %{endDate}."
 msgstr ""
 
 msgid "GroupRoadmap|Until %{dateWord}"
@@ -2945,6 +2993,12 @@ msgstr ""
 msgid "Housekeeping successfully started"
 msgstr ""
 
+msgid "I accept the %{terms_link}"
+msgstr ""
+
+msgid "I accept the|Terms of Service and Privacy Policy"
+msgstr ""
+
 msgid "IDE|Commit"
 msgstr ""
 
@@ -2972,6 +3026,9 @@ msgstr ""
 msgid "If you already have files you can push them using the %{link_to_cli} below."
 msgstr ""
 
+msgid "If you are setting up multiple clusters and are using Auto DevOps,|read this first"
+msgstr ""
+
 msgid "If your HTTP repository is not publicly accessible, add authentication information to the URL: <code>https://username:password@gitlab.company.com/group/project.git</code>."
 msgstr ""
 
@@ -3002,7 +3059,7 @@ msgstr ""
 msgid "Improve search with Advanced Global Search and GitLab Enterprise Edition."
 msgstr ""
 
-msgid "Include a Terms of Service agreement that all users must accept."
+msgid "Include a Terms of Service agreement and Privacy Policy that all users must accept."
 msgstr ""
 
 msgid "Install Runner on Kubernetes"
@@ -3118,6 +3175,9 @@ msgstr ""
 msgid "Label actions dropdown"
 msgstr ""
 
+msgid "Label lists show all issues with the selected label."
+msgstr ""
+
 msgid "LabelSelect|%{firstLabelName} +%{remainingLabelCount} more"
 msgstr ""
 
@@ -3438,6 +3498,9 @@ msgstr ""
 msgid "Monitoring"
 msgstr ""
 
+msgid "Months"
+msgstr ""
+
 msgid "More info"
 msgstr ""
 
@@ -3725,6 +3788,9 @@ msgstr ""
 msgid "Options"
 msgstr ""
 
+msgid "Other Labels"
+msgstr ""
+
 msgid "Other information"
 msgstr ""
 
@@ -4304,6 +4370,9 @@ msgstr ""
 msgid "Pushed"
 msgstr ""
 
+msgid "Quarters"
+msgstr ""
+
 msgid "Quick actions can be used in the issues description and comment boxes."
 msgstr ""
 
@@ -4403,7 +4472,7 @@ msgstr ""
 msgid "Request Access"
 msgstr ""
 
-msgid "Require all users to accept Terms of Service when they access GitLab."
+msgid "Require all users to accept Terms of Service and Privacy Policy when they access GitLab."
 msgstr ""
 
 msgid "Reset git storage health information"
@@ -4695,10 +4764,10 @@ msgstr[1] ""
 msgid "Sidebar|Change weight"
 msgstr ""
 
-msgid "Sidebar|No"
+msgid "Sidebar|None"
 msgstr ""
 
-msgid "Sidebar|None"
+msgid "Sidebar|Only numeral characters allowed"
 msgstr ""
 
 msgid "Sidebar|Weight"
@@ -4737,6 +4806,9 @@ msgstr ""
 msgid "Something went wrong when toggling the button"
 msgstr ""
 
+msgid "Something went wrong while fetching assignees list"
+msgstr ""
+
 msgid "Something went wrong while fetching group member contributions"
 msgstr ""
 
@@ -4878,6 +4950,9 @@ msgstr ""
 msgid "Squash commits"
 msgstr ""
 
+msgid "Stage"
+msgstr ""
+
 msgid "Stage all"
 msgstr ""
 
@@ -5048,10 +5123,10 @@ msgstr ""
 msgid "Team"
 msgstr ""
 
-msgid "Terms of Service"
+msgid "Terms of Service Agreement and Privacy Policy"
 msgstr ""
 
-msgid "Terms of Service Agreement"
+msgid "Terms of Service and Privacy Policy"
 msgstr ""
 
 msgid "Thanks! Don't show me this again"
@@ -5727,6 +5802,9 @@ msgstr ""
 msgid "Webhooks allow you to trigger a URL if, for example, new code is pushed or a new issue is created. You can configure webhooks to listen for specific events like pushes, issues or merge requests. Group webhooks will apply to all projects in a group, allowing you to standardize webhook functionality across your entire group."
 msgstr ""
 
+msgid "Weeks"
+msgstr ""
+
 msgid "Weight"
 msgstr ""
 
@@ -5937,6 +6015,9 @@ msgstr ""
 msgid "You cannot write to this read-only GitLab instance."
 msgstr ""
 
+msgid "You do not have any assigned merge requests"
+msgstr ""
+
 msgid "You do not have the correct permissions to override the settings from the LDAP group sync."
 msgstr ""
 
@@ -5952,6 +6033,9 @@ msgstr ""
 msgid "You have reached your project limit"
 msgstr ""
 
+msgid "You must accept our Terms of Service and privacy policy in order to register an account"
+msgstr ""
+
 msgid "You must have maintainer access to force delete a lock"
 msgstr ""
 
@@ -6528,6 +6612,9 @@ msgstr ""
 msgid "remove due date"
 msgstr ""
 
+msgid "remove weight"
+msgstr ""
+
 msgid "source"
 msgstr ""
 

spec/controllers/registrations_controller_spec.rb

 require 'spec_helper'
 
 describe RegistrationsController do
+  include TermsHelper
+
   describe '#create' do
     let(:user_params) { { user: { name: 'new_user', username: 'new_username', email: 'new@user.com', password: 'Any_password' } } }
 
@@ -67,6 +69,25 @@ describe RegistrationsController do
         expect(flash[:notice]).to include 'Welcome! You have signed up successfully.'
       end
     end
+
+    context 'when terms are enforced' do
+      before do
+        enforce_terms
+      end
+
+      it 'redirects back with a notice when the checkbox was not checked' do
+        post :create, user_params
+
+        expect(flash[:alert]).to match /you must accept our terms/i
+      end
+
+      it 'creates the user with agreement when terms are accepted' do
+        post :create, user_params.merge(terms_opt_in: '1')
+
+        expect(subject.current_user).to be_present
+        expect(subject.current_user.terms_accepted?).to be(true)
+      end
+    end
   end
 
   describe '#destroy' do

spec/features/admin/admin_settings_spec.rb

@@ -119,7 +119,7 @@ feature 'Admin updates settings' do
     accept_terms(admin)
 
     page.within('.as-terms') do
-      check 'Require all users to accept Terms of Service when they access GitLab.'
+      check 'Require all users to accept Terms of Service and Privacy Policy when they access GitLab.'
       fill_in 'Terms of Service Agreement', with: 'Be nice!'
       click_button 'Save changes'
     end

spec/features/users/signup_spec.rb

@@ -140,7 +140,7 @@ describe 'Signup' do
       enforce_terms
     end
 
-    it 'asks the user to accept terms before going to the dashboard' do
+    it 'requires the user to check the checkbox' do
       visit root_path
 
       fill_in 'new_user_name',                with: new_user.name
@@ -148,11 +148,24 @@ describe 'Signup' do
       fill_in 'new_user_email',               with: new_user.email
       fill_in 'new_user_email_confirmation',  with: new_user.email
       fill_in 'new_user_password',            with: new_user.password
-      click_button "Register"
 
-      expect_to_be_on_terms_page
+      click_button 'Register'
+
+      expect(current_path).to eq new_user_session_path
+      expect(page).to have_content(/you must accept our terms of service/i)
+    end
+
+    it 'asks the user to accept terms before going to the dashboard' do
+      visit root_path
+
+      fill_in 'new_user_name',                with: new_user.name
+      fill_in 'new_user_username',            with: new_user.username
+      fill_in 'new_user_email',               with: new_user.email
+      fill_in 'new_user_email_confirmation',  with: new_user.email
+      fill_in 'new_user_password',            with: new_user.password
+      check :terms_opt_in
 
-      click_button 'Accept terms'
+      click_button "Register"
 
       expect(current_path).to eq dashboard_projects_path
     end

spec/features/users/terms_spec.rb

@@ -3,12 +3,10 @@ require 'spec_helper'
 describe 'Users > Terms' do
   include TermsHelper
 
-  let(:user) { create(:user) }
   let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') }
 
   before do
     stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
-    sign_in(user)
   end
 
   it 'shows the terms' do
@@ -17,6 +15,22 @@ describe 'Users > Terms' do
     expect(page).to have_content('By accepting, you promise to be nice!')
   end
 
+  it 'does not show buttons to accept, decline or sign out', :aggregate_failures do
+    visit terms_path
+
+    expect(page).not_to have_css('.footer-block')
+    expect(page).not_to have_content('Accept terms')
+    expect(page).not_to have_content('Decline and sign out')
+    expect(page).not_to have_content('Continue')
+  end
+
+  context 'when signed in' do
+    let(:user) { create(:user) }
+
+    before do
+      sign_in(user)
+    end
+
     context 'declining the terms' do
       it 'returns the user to the app' do
         visit terms_path
@@ -116,4 +130,5 @@ describe 'Users > Terms' do
         end
       end
     end
+  end
 end

spec/migrations/active_record/schema_spec.rb

@@ -5,10 +5,10 @@ require 'spec_helper'
 
 describe ActiveRecord::Schema do
   let(:latest_migration_timestamp) do
-    migrations_paths =
-      %w[db ee/db].product(%w[migrate post_migrate]).each_with_object([]) do |migration_dir, memo|
-        memo << Rails.root.join(*migration_dir, '*')
-      end
+    migrations_paths = %w[db ee/db]
+      .product(%w[migrate post_migrate])
+      .map { |path| Rails.root.join(*path, '*') }
+
     migrations = Dir[*migrations_paths]
     migrations.map { |migration| File.basename(migration).split('_').first.to_i }.max
   end