Merge branch '325288-send-invited-users-to-correct-page-sign-in-or-sign-up' into 'master'

Send invited users to sign up instead of sign in when possible See merge request gitlab-org/gitlab!57240

Merge branch '325288-send-invited-users-to-correct-page-sign-in-or-sign-up' into 'master'
Send invited users to sign up instead of sign in when possible See merge request gitlab-org/gitlab!57240
9954291a · Stan Hu · fad86683 · d2b6122b · 9954291a · 9954291a
Commit 9954291a authored Mar 30, 2021 by Stan Hu
7 changed files
--- a/app/controllers/invites_controller.rb
+++ b/app/controllers/invites_controller.rb
@@ -91,15 +91,29 @@ class InvitesController < ApplicationController
  def authenticate_user!
    return if current_user

-    notice = ["To accept this invitation, sign in"]
-    notice << "or create an account" if Gitlab::CurrentSettings.allow_signup?
-    notice = notice.join(' ') + "."
+    store_location_for :user, request.fullpath

-    redirect_params = member ? { invite_email: member.invite_email } : {}
+    if user_sign_up?
+      redirect_to new_user_registration_path(invite_email: member.invite_email), notice: _("To accept this invitation, create an account or sign in.")
+    else
+      redirect_to new_user_session_path(sign_in_redirect_params), notice: sign_in_notice
+    end
+  end

-    store_location_for :user, request.fullpath
+  def sign_in_redirect_params
+    member ? { invite_email: member.invite_email } : {}
+  end
+
+  def user_sign_up?
+    Gitlab::CurrentSettings.allow_signup? && member && !User.find_by_any_email(member.invite_email)
+  end

-    redirect_to new_user_session_path(redirect_params), notice: notice
+  def sign_in_notice
+    if Gitlab::CurrentSettings.allow_signup?
+      _("To accept this invitation, sign in or create an account.")
+    else
+      _("To accept this invitation, sign in.")
+    end
  end

  def invite_details

--- a/app/views/devise/shared/_sign_in_link.html.haml
+++ b/app/views/devise/shared/_sign_in_link.html.haml
 %p.text-center
  %span.light
    Already have login and password?
-    = link_to "Sign in", new_session_path(:user, redirect_to_referer: 'yes')
+    - path_params = { redirect_to_referer: 'yes' }
+    - path_params[:invite_email] = @invite_email if @invite_email.present?
+    = link_to "Sign in", new_session_path(:user, path_params)
--- a/changelogs/unreleased/325288-send-invited-users-to-correct-page-sign-in-or-sign-up.yml
+++ b/changelogs/unreleased/325288-send-invited-users-to-correct-page-sign-in-or-sign-up.yml
+---
+title: Send invited users to sign up instead of sign in when possible
+merge_request: 57240
+author:
+type: other
--- a/ee/spec/features/invites_spec.rb
+++ b/ee/spec/features/invites_spec.rb
@@ -14,7 +14,6 @@ RSpec.describe 'Group or Project invitations' do
    allow(::Gitlab).to receive(:dev_env_or_com?).and_return(dev_env_or_com)

    visit invite_path(group_invite.raw_invite_token)
-    click_link 'Register now'
  end

  def fill_in_sign_up_form(user)

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -31825,6 +31825,15 @@ msgstr ""
 msgid "To GitLab"
 msgstr ""

+msgid "To accept this invitation, create an account or sign in."
+msgstr ""
+
+msgid "To accept this invitation, sign in or create an account."
+msgstr ""
+
+msgid "To accept this invitation, sign in."
+msgstr ""
+
 msgid "To access this domain create a new DNS record"
 msgstr ""


--- a/spec/controllers/invites_controller_spec.rb
+++ b/spec/controllers/invites_controller_spec.rb
@@ -4,7 +4,7 @@ require 'spec_helper'

 RSpec.describe InvitesController do
  let_it_be(:user) { create(:user) }
-  let(:member) { create(:project_member, :invited, invite_email: user.email) }
+  let_it_be(:member, reload: true) { create(:project_member, :invited, invite_email: user.email) }
  let(:raw_invite_token) { member.raw_invite_token }
  let(:project_members) { member.source.users }
  let(:md5_member_global_id) { Digest::MD5.hexdigest(member.to_global_id.to_s) }
@@ -77,6 +77,27 @@ RSpec.describe InvitesController do

    context 'when not logged in' do
      context 'when inviter is a member' do
+        context 'when instance allows sign up' do
+          it 'indicates an account can be created in notice' do
+            request
+
+            expect(flash[:notice]).to include('or create an account')
+          end
+
+          context 'when user exists with the invited email' do
+            it 'is redirected to a new session with invite email param' do
+              request
+
+              expect(response).to redirect_to(new_user_session_path(invite_email: member.invite_email))
+            end
+          end
+
+          context 'when user exists with the invited email as secondary email' do
+            before do
+              secondary_email = create(:email, user: user, email: 'foo@example.com')
+              member.update!(invite_email: secondary_email.email)
+            end
+
            it 'is redirected to a new session with invite email param' do
              request

@@ -84,6 +105,58 @@ RSpec.describe InvitesController do
            end
          end

+          context 'when user does not exist with the invited email' do
+            before do
+              member.update!(invite_email: 'bogus_email@example.com')
+            end
+
+            it 'indicates an account can be created in notice' do
+              request
+
+              expect(flash[:notice]).to include('create an account or sign in')
+            end
+
+            it 'is redirected to a new registration with invite email param' do
+              request
+
+              expect(response).to redirect_to(new_user_registration_path(invite_email: member.invite_email))
+            end
+          end
+        end
+
+        context 'when instance does not allow sign up' do
+          before do
+            stub_application_setting(allow_signup?: false)
+          end
+
+          it 'does not indicate an account can be created in notice' do
+            request
+
+            expect(flash[:notice]).not_to include('or create an account')
+          end
+
+          context 'when user exists with the invited email' do
+            it 'is redirected to a new session with invite email param' do
+              request
+
+              expect(response).to redirect_to(new_user_session_path(invite_email: member.invite_email))
+            end
+          end
+
+          context 'when user does not exist with the invited email' do
+            before do
+              member.update!(invite_email: 'bogus_email@example.com')
+            end
+
+            it 'is redirected to a new session with invite email param' do
+              request
+
+              expect(response).to redirect_to(new_user_session_path(invite_email: member.invite_email))
+            end
+          end
+        end
+      end
+
      context 'when inviter is not a member' do
        let(:params) { { id: '_bogus_token_' } }


--- a/spec/features/invites_spec.rb
+++ b/spec/features/invites_spec.rb
@@ -50,21 +50,23 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures do
    end

    it 'renders sign in page with sign in notice' do
-      expect(current_path).to eq(new_user_session_path)
-      expect(page).to have_content('To accept this invitation, sign in')
+      expect(current_path).to eq(new_user_registration_path)
+      expect(page).to have_content('To accept this invitation, create an account or sign in')
    end

    it 'pre-fills the "Username or email" field on the sign in box with the invite_email from the invite' do
+      click_link 'Sign in'
+
      expect(find_field('Username or email').value).to eq(group_invite.invite_email)
    end

    it 'pre-fills the Email field on the sign up box  with the invite_email from the invite' do
-      click_link 'Register now'
-
      expect(find_field('Email').value).to eq(group_invite.invite_email)
    end

    it 'sign in, grants access and redirects to group page' do
+      click_link 'Sign in'
+
      fill_in_sign_in_form(user)

      expect(current_path).to eq(group_path(group))
@@ -85,20 +87,19 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures do
    end
  end

-  context 'when inviting a user' do
+  context 'when inviting an unregistered user' do
    let(:new_user) { build_stubbed(:user) }
    let(:invite_email) { new_user.email }
    let(:group_invite) { create(:group_member, :invited, group: group, invite_email: invite_email, created_by: owner) }
    let!(:project_invite) { create(:project_member, :invited, project: project, invite_email: invite_email) }

-    context 'when user has not signed in yet' do
+    context 'when registering using invitation email' do
      before do
        stub_application_setting(send_user_confirmation_email: send_email_confirmation)
        visit invite_path(group_invite.raw_invite_token)
-        click_link 'Register now'
      end

-      context 'with admin appoval required enabled' do
+      context 'with admin approval required enabled' do
        before do
          stub_application_setting(require_admin_approval_after_user_signup: true)
        end