Commit e4eb5dce authored by Michael Kozono's avatar Michael Kozono

Merge branch '198289-unable-to-sign-out-from-secondary-geo-node' into 'master'

Allow users to sign-out on a read-only instance

See merge request gitlab-org/gitlab!23545
parents dec0c7a9 352abacf
---
title: Allow users to sign out on a read-only instance
merge_request: 23545
author:
type: fixed
......@@ -24,6 +24,10 @@ module Gitlab
'projects/compare' => %w{create}
}.freeze
WHITELISTED_LOGOUT_ROUTES = {
'sessions' => %w{destroy}
}.freeze
GRAPHQL_URL = '/api/graphql'
def initialize(app, env)
......@@ -85,7 +89,7 @@ module Gitlab
# Overridden in EE module
def whitelisted_routes
grack_route? || internal_route? || lfs_route? || compare_git_revisions_route? || sidekiq_route? || graphql_query?
grack_route? || internal_route? || lfs_route? || compare_git_revisions_route? || sidekiq_route? || logout_route? || graphql_query?
end
def grack_route?
......@@ -118,6 +122,13 @@ module Gitlab
WHITELISTED_GIT_LFS_ROUTES[route_hash[:controller]]&.include?(route_hash[:action])
end
def logout_route?
# Calling route_hash may be expensive. Only do it if we think there's a possible match
return false unless request.post? && request.path.end_with?('/users/sign_out')
WHITELISTED_LOGOUT_ROUTES[route_hash[:controller]]&.include?(route_hash[:action])
end
def sidekiq_route?
request.path.start_with?("#{relative_url}/admin/sidekiq")
end
......
......@@ -21,4 +21,16 @@ describe 'Logout/Sign out', :js do
expect(page).not_to have_selector('.flash-notice')
end
context 'on a read-only instance' do
before do
allow(Gitlab::Database).to receive(:read_only?).and_return(true)
end
it 'sign out redirects to sign in page' do
gitlab_sign_out
expect(current_path).to eq new_user_session_path
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment