Merge branch 'inactive-devise-message' into 'master'

Pick `inactive_message` for inactive users from `devise.en.yml`

See merge request gitlab-org/gitlab!43980

app/models/user.rb

@@ -64,11 +64,6 @@ class User < ApplicationRecord
   # and should be added after Devise modules are initialized.
   include AsyncDeviseEmail
 
-  BLOCKED_MESSAGE = "Your account has been blocked. Please contact your GitLab " \
-                    "administrator if you think this is an error."
-  LOGIN_FORBIDDEN = "Your account does not have the required permission to login. Please contact your GitLab " \
-                    "administrator if you think this is an error."
-
   MINIMUM_INACTIVE_DAYS = 90
 
   # Override Devise::Models::Trackable#update_tracked_fields!
@@ -381,11 +376,12 @@ class User < ApplicationRecord
     super && can?(:log_in)
   end
 
+  # The messages for these keys are defined in `devise.en.yml`
   def inactive_message
     if blocked?
-      BLOCKED_MESSAGE
+      :blocked
     elsif internal?
-      LOGIN_FORBIDDEN
+      :forbidden
     else
       super
     end

config/locales/devise.en.yml

@@ -16,6 +16,8 @@ en:
       timeout: "Your session expired. Please sign in again to continue."
       unauthenticated: "You need to sign in or sign up before continuing."
       unconfirmed: "You have to confirm your email address before continuing. Please check your email for the link we sent you, or click 'Resend confirmation email'."
+      blocked: "Your account has been blocked. Please contact your GitLab administrator if you think this is an error."
+      forbidden: "Your account does not have the required permission to login. Please contact your GitLab administrator if you think this is an error."
     mailer:
       confirmation_instructions:
         subject: "Confirmation instructions"

spec/controllers/sessions_controller_spec.rb

@@ -78,6 +78,9 @@ RSpec.describe SessionsController do
     end
 
     context 'when using standard authentications' do
+      let(:user) { create(:user) }
+      let(:post_action) { post(:create, params: { user: { login: user.username, password: user.password } }) }
+
       context 'invalid password' do
         it 'does not authenticate user' do
           post(:create, params: { user: { login: 'invalid', password: 'invalid' } })
@@ -87,6 +90,26 @@ RSpec.describe SessionsController do
         end
       end
 
+      context 'a blocked user' do
+        it 'does not authenticate the user' do
+          user.block!
+          post_action
+
+          expect(@request.env['warden']).not_to be_authenticated
+          expect(flash[:alert]).to include('Your account has been blocked')
+        end
+      end
+
+      context 'an internal user' do
+        it 'does not authenticate the user' do
+          user.ghost!
+          post_action
+
+          expect(@request.env['warden']).not_to be_authenticated
+          expect(flash[:alert]).to include('Your account does not have the required permission to login')
+        end
+      end
+
       context 'when using valid password', :clean_gitlab_redis_shared_state do
         let(:user) { create(:user) }
         let(:user_params) { { login: user.username, password: user.password } }

spec/models/user_spec.rb

@@ -4899,7 +4899,7 @@ RSpec.describe User do
         user.block
       end
 
-      it { is_expected.to eq User::BLOCKED_MESSAGE }
+      it { is_expected.to eq :blocked }
     end
 
     context 'when user is an internal user' do
@@ -4907,7 +4907,7 @@ RSpec.describe User do
         user.update(user_type: :ghost)
       end
 
-      it { is_expected.to be User::LOGIN_FORBIDDEN }
+      it { is_expected.to be :forbidden }
     end
 
     context 'when user is locked' do