Do not show email address in error message

Changelog: security
EE: true

ee/app/models/ee/group_member.rb

@@ -96,8 +96,8 @@ module EE
     end
 
     def email_does_not_match_any_allowed_domains(email)
-      n_("email '%{email}' does not match the allowed domain of %{email_domains}", "email '%{email}' does not match the allowed domains: %{email_domains}", group_allowed_email_domains.size) %
-        { email: email, email_domains: group_allowed_email_domains.map(&:domain).join(', ') }
+      n_("email does not match the allowed domain of %{email_domains}", "email does not match the allowed domains: %{email_domains}", group_allowed_email_domains.size) %
+        { email_domains: group_allowed_email_domains.map(&:domain).join(', ') }
     end
 
     def email_not_verified

ee/spec/models/group_member_spec.rb

@@ -34,7 +34,7 @@ RSpec.describe GroupMember do
           group_member = build(:group_member, group: group, user: gmail_user)
 
           expect(group_member).to be_invalid
-          expect(group_member.errors[:user]).to include("email 'test@gmail.com' does not match the allowed domains: gitlab.com, acme.com")
+          expect(group_member.errors[:user]).to include("email does not match the allowed domains: gitlab.com, acme.com")
         end
 
         it 'shows proper error message for single domain limitation' do
@@ -42,7 +42,7 @@ RSpec.describe GroupMember do
           group_member = build(:group_member, group: group, user: gmail_user)
 
           expect(group_member).to be_invalid
-          expect(group_member.errors[:user]).to include("email 'test@gmail.com' does not match the allowed domain of gitlab.com")
+          expect(group_member.errors[:user]).to include("email does not match the allowed domain of gitlab.com")
         end
 
         it 'invited email must match at least one of the allowed domain emails' do

ee/spec/requests/groups/group_members_controller_spec.rb

@@ -53,7 +53,7 @@ RSpec.describe Groups::GroupMembersController do
         it 'returns error message' do
           subject
 
-          expect(json_response).to eq({ 'message' => "User email 'test@gmail.com' does not match the allowed domain of gitlab.com" })
+          expect(json_response).to eq({ 'message' => "User email does not match the allowed domain of gitlab.com" })
         end
       end
     end

locale/gitlab.pot

@@ -38648,14 +38648,14 @@ msgstr ""
 msgid "element is not a hierarchy"
 msgstr ""
 
-msgid "email '%{email}' does not match the allowed domain of %{email_domains}"
-msgid_plural "email '%{email}' does not match the allowed domains: %{email_domains}"
-msgstr[0] ""
-msgstr[1] ""
-
 msgid "email '%{email}' is not a verified email."
 msgstr ""
 
+msgid "email does not match the allowed domain of %{email_domains}"
+msgid_plural "email does not match the allowed domains: %{email_domains}"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "enabled"
 msgstr ""
 

spec/frontend/members/store/mutations_spec.js

@@ -44,8 +44,7 @@ describe('Vuex members mutations', () => {
       describe('when error has a message', () => {
         it('shows error message', () => {
           const error = new Error('Request failed with status code 422');
-          const message =
-            'User email "john.smith@gmail.com" does not match the allowed domain of example.com';
+          const message = 'User email does not match the allowed domain of example.com';
 
           error.response = {
             data: { message },
@@ -88,8 +87,7 @@ describe('Vuex members mutations', () => {
       describe('when error has a message', () => {
         it('shows error message', () => {
           const error = new Error('Request failed with status code 422');
-          const message =
-            'User email "john.smith@gmail.com" does not match the allowed domain of example.com';
+          const message = 'User email does not match the allowed domain of example.com';
 
           error.response = {
             data: { message },