Bug 248301 - www/gitlab-ce: upgrading to gitlab 13.2.1 may prevent users from logging in
Summary: www/gitlab-ce: upgrading to gitlab 13.2.1 may prevent users from logging in
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Matthias Fechner
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-27 17:19 UTC by gwright
Modified: 2020-07-28 06:14 UTC (History)
2 users (show)

See Also:
linimon: maintainer-feedback? (mfechner)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description gwright 2020-07-27 17:19:47 UTC

    
Comment 1 gwright 2020-07-27 17:22:54 UTC
An upstream bug fix in gitlab-ce 13.2.1 requires users to revalidate their email addresses.  What is supposed to happen is that gitlab automatically generates an email to each user, and by responding, the user's account is reenabled.  If a user attempts to log in before reenabling his/her account, a 422 error is generated.

The issue is described here:
https://docs.gitlab.com/ee/user/upgrade_email_bypass.html

When I upgraded from 13.1.4 to 13.2.1, my user account was locked out (generating a 422 error) but it was still possible to log into the administrator account.  No email message was sent asking me to reconfirm my account, even though I used the administrator's console to run all the delayed tasks.

In my case, the workaround that succeeded was to log into the rails console and force reconfirmation of all users.  This is what I did:

root@gitlab:/usr/local/www/gitlab-ce # su -l git -c "cd /usr/local/www/gitlab-ce && rails console -e production"
--------------------------------------------------------------------------------
 GitLab:       13.2.1 (Unknown) FOSS
 GitLab Shell: 13.3.0
 PostgreSQL:   11.8
--------------------------------------------------------------------------------

Loading production environment (Rails 6.0.3.2)
irb(main):001:0> User.all.each  {|u| u.confirmed_at = Time.now; u.save}
=> [#<User id:1 @root>, #<User id:6 @alert-bot>, #<User id:5 @ghost>, #<User id:4 @gwright>]
irb(main):002:0> exit

The command that I entered at the prompt was `User.all.each {|u| u.confirmed_at = Time.now; u.save}`.  Once that ran and the prompt returned, I was able to type `exit`.  I could then log on to my non-adminstrator account.

The documentation for upgrading should probably include the above link to the gitlab documentation, which describes the issue and gives instructions for what to do if your situation is even worse than mine, e.g., you are locked out of the administrator account.
Comment 2 Matthias Fechner freebsd_committer 2020-07-28 06:14:27 UTC
(In reply to gwright from comment #1)
Thanks!
I added a link in the manual to this comment.