Updated from opf/openproject release/8.0

Gemfile.lock

@@ -94,67 +94,67 @@ GIT
 PATH
   remote: vendored-plugins/openproject-auth_plugins
   specs:
-    openproject-auth_plugins (8.0.2)
+    openproject-auth_plugins (8.0.3)
       omniauth (~> 1.0)
       rails (~> 5.0)
 
 PATH
   remote: vendored-plugins/openproject-avatars
   specs:
-    openproject-avatars (8.0.2)
+    openproject-avatars (8.0.3)
       fastimage (~> 2.1.0)
       gravatar_image_tag (~> 1.2.0)
       rails (~> 5.0)
 
 PATH
   remote: vendored-plugins/openproject-backlogs
   specs:
-    openproject-backlogs (8.0.2)
+    openproject-backlogs (8.0.3)
       acts_as_silent_list (~> 3.0.0)
-      openproject-pdf_export (= 8.0.2)
+      openproject-pdf_export (= 8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-costs
   specs:
-    openproject-costs (8.0.2)
+    openproject-costs (8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-documents
   specs:
-    openproject-documents (8.0.2)
+    openproject-documents (8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-github_integration
   specs:
-    openproject-github_integration (8.0.2)
-      openproject-webhooks (~> 8.0.2)
+    openproject-github_integration (8.0.3)
+      openproject-webhooks (~> 8.0.3)
       rails (~> 5.0)
 
 PATH
   remote: vendored-plugins/openproject-global_roles
   specs:
-    openproject-global_roles (8.0.2)
+    openproject-global_roles (8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-ldap_groups
   specs:
-    openproject-ldap_groups (8.0.2)
+    openproject-ldap_groups (8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-meeting
   specs:
-    openproject-meeting (8.0.2)
+    openproject-meeting (8.0.3)
       icalendar (~> 2.3.0)
 
 PATH
   remote: vendored-plugins/openproject-my_project_page
   specs:
-    openproject-my_project_page (8.0.2)
+    openproject-my_project_page (8.0.3)
 
 PATH
   remote: vendored-plugins/openproject-openid_connect
   specs:
-    openproject-openid_connect (8.0.2)
+    openproject-openid_connect (8.0.3)
       lobby_boy (~> 0.1.3)
       omniauth-openid_connect-providers (~> 0.1)
       openproject-auth_plugins (~> 8.0)
@@ -163,22 +163,22 @@ PATH
 PATH
   remote: vendored-plugins/openproject-pdf_export
   specs:
-    openproject-pdf_export (8.0.2)
+    openproject-pdf_export (8.0.3)
       pdf-inspector (~> 1.3.0)
       prawn (~> 2.2)
 
 PATH
   remote: vendored-plugins/openproject-reporting
   specs:
-    openproject-reporting (8.0.2)
+    openproject-reporting (8.0.3)
       jquery-tablesorter (~> 1.25.5)
-      openproject-costs (= 8.0.2)
+      openproject-costs (= 8.0.3)
       reporting_engine (>= 1.1.0)
 
 PATH
   remote: vendored-plugins/openproject-two_factor_authentication
   specs:
-    openproject-two_factor_authentication (8.0.2)
+    openproject-two_factor_authentication (8.0.3)
       aws-sdk-sns (~> 1.1.0)
       messagebird-rest (~> 1.3.2)
       rails (~> 5)
@@ -187,19 +187,19 @@ PATH
 PATH
   remote: vendored-plugins/openproject-webhooks
   specs:
-    openproject-webhooks (8.0.2)
+    openproject-webhooks (8.0.3)
       rails (~> 5.0)
 
 PATH
   remote: vendored-plugins/openproject-xls_export
   specs:
-    openproject-xls_export (8.0.2)
+    openproject-xls_export (8.0.3)
       spreadsheet (~> 0.8.9)
 
 PATH
   remote: vendored-plugins/reporting_engine
   specs:
-    reporting_engine (8.0.2)
+    reporting_engine (8.0.3)
       json
       rails (~> 5.1.0)
 

app/models/user.rb

@@ -126,6 +126,7 @@ def self.blocked_condition(blocked)
   after_save :update_password
 
   before_create :sanitize_mail_notification_setting
+  before_create :enforce_user_limit
   before_destroy :delete_associated_private_queries
   before_destroy :reassign_associated
 
@@ -729,6 +730,20 @@ def password_meets_requirements
     end
   end
 
+  def enforce_user_limit
+    return if anonymous?
+    return unless active? && OpenProject::Enterprise.user_limit_reached?
+
+    if OpenProject::Enterprise.fail_fast?
+      errors.add :base, :user_limit_reached
+
+      throw :abort # prevent user creation
+    else
+      # allow creation but change status to registered so user cannot login
+      register!
+    end
+  end
+
   private
 
   def authorization_service

config/locales/en.yml

@@ -565,6 +565,8 @@ en:
               group_without_name: "Unnamed groups are not allowed."
         user:
           attributes:
+            base:
+              user_limit_reached: "User limit reached."
             password:
               weak: "Must contain characters of the following classes (at least %{min_count} of %{all_count}): %{rules}."
               lowercase: "lowercase (e.g. 'a')"

lib/open_project/version.rb

@@ -34,7 +34,7 @@ module OpenProject
   module VERSION #:nodoc:
     MAJOR = 8
     MINOR = 0
-    PATCH = 2
+    PATCH = 3
     TINY  = PATCH # Redmine compat
 
     # Used by semver to define the special version (if any).

packaging/conf/database.yml

@@ -1,6 +1,9 @@
 <% url = ENV.fetch('DATABASE_URL') %>
 production:
   url: <%= url %>
+  <% if encoding = ENV['DATABASE_ENCODING'] %>
+  encoding: '<%= encoding %>'
+  <% end %>
   <% if url.start_with? 'mysql' %>
   reconnect: true
   variables:

spec/controllers/users_controller_spec.rb

@@ -39,15 +39,15 @@
   end
 
   let(:user_password) {'bob!' * 4}
-  let(:user) do
+  let!(:user) do
     FactoryBot.create(:user,
                        login: 'bob',
                        password: user_password,
                        password_confirmation: user_password,
                        )
   end
-  let(:admin) { FactoryBot.create(:admin) }
-  let(:anonymous) { FactoryBot.create(:anonymous) }
+  let!(:admin) { FactoryBot.create(:admin) }
+  let!(:anonymous) { FactoryBot.create(:anonymous) }
 
   describe 'GET new' do
     context "with user limit reached" do

spec/lib/open_project/enterprise_spec.rb

@@ -54,7 +54,13 @@
         let(:num_active_users) { 0 }
 
         before do
-          FactoryBot.create_list :user, num_active_users
+          begin
+            allow(OpenProject::Enterprise).to receive(:user_limit_reached?).and_return(false)
+
+            FactoryBot.create_list :user, num_active_users
+          ensure
+            allow(OpenProject::Enterprise).to receive(:user_limit_reached?).and_call_original
+          end
 
           expect(User.active.count).to eq num_active_users
         end

spec/requests/api/v3/user/create_user_with_user_limits_spec.rb

@@ -0,0 +1,116 @@
+#-- encoding: UTF-8
+#-- copyright
+# OpenProject is a project management system.
+# Copyright (C) 2012-2015 the OpenProject Foundation (OPF)
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License version 3.
+#
+# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
+# Copyright (C) 2006-2013 Jean-Philippe Lang
+# Copyright (C) 2010-2013 the ChiliProject Team
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+# See doc/COPYRIGHT.rdoc for more details.
+
+require 'spec_helper'
+
+describe "user limits in users API", type: :request do
+  include API::V3::Utilities::PathHelper
+
+  let(:path) { api_v3_paths.users }
+  let(:admin) { FactoryBot.build(:admin) }
+
+  let(:parameters) do
+    {
+      login: "p.putzig",
+      firstName: "Peter",
+      lastName: "Putzig",
+      email: "p.putzig@openproject.com",
+      password: "hallohallo"
+    }
+  end
+
+  let(:user) { User.find_by(login: parameters[:login]) }
+
+  before do
+    login_as admin
+  end
+
+  def send_request
+    header "Content-Type", "application/json"
+
+    post path, parameters.to_json
+  end
+
+  shared_examples "creating the user" do
+    let(:response_status) { 201 }
+    let(:status) { :active }
+
+    def status_name(status)
+      User::STATUSES.find { |k, v| v == status }.first
+    end
+
+    before do
+      send_request
+
+      expect(last_response.status).to eq response_status
+    end
+
+    it "creates the new user" do
+      expect(user).to be_present
+    end
+
+    it "sets the right user status" do
+      expect(status_name(user.status)).to eq status
+    end
+  end
+
+  context "with user limit reached" do
+    before do
+      allow(OpenProject::Enterprise).to receive(:user_limit_reached?).and_return(true)
+    end
+
+    context "with fail fast (hard limit)" do
+      before do
+        allow(OpenProject::Enterprise).to receive(:fail_fast?).and_return(true)
+      end
+
+      it "does not create the user" do
+        send_request
+
+        expect(user).not_to be_present
+
+        expect(last_response.status).to eq 422
+        expect(JSON.parse(last_response.body)["message"]).to eq "User limit reached."
+      end
+    end
+
+    context "without fail fast (soft limit)" do
+      before do
+        allow(OpenProject::Enterprise).to receive(:fail_fast?).and_return(false)
+      end
+
+      it_behaves_like "creating the user" do
+        let(:status) { :registered }
+      end
+    end
+  end
+
+  context "with user limit not reached" do
+    it_behaves_like "creating the user"
+  end
+end

vendored-plugins/openproject-auth_plugins/lib/open_project/auth_plugins/version.rb

@@ -29,6 +29,6 @@
 
 module OpenProject
   module AuthPlugins
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end

vendored-plugins/openproject-avatars/lib/open_project/avatars/version.rb

@@ -1,5 +1,5 @@
 module OpenProject
   module Avatars
-    VERSION = "8.0.2".freeze
+    VERSION = "8.0.3".freeze
   end
 end

vendored-plugins/openproject-backlogs/lib/open_project/backlogs/version.rb

@@ -35,6 +35,6 @@
 
 module OpenProject
   module Backlogs
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end

vendored-plugins/openproject-costs/lib/open_project/costs/version.rb

@@ -19,6 +19,6 @@
 
 module OpenProject
   module Costs
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end

vendored-plugins/openproject-documents/lib/open_project/documents/version.rb

@@ -31,6 +31,6 @@
 
 module OpenProject
   module Documents
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end

vendored-plugins/openproject-github_integration/lib/open_project/github_integration/version.rb

@@ -14,6 +14,6 @@
 
 module OpenProject
   module GithubIntegration
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end

vendored-plugins/openproject-global_roles/lib/open_project/global_roles/version.rb

@@ -19,6 +19,6 @@
 
 module OpenProject
   module GlobalRoles
-    VERSION = "8.0.2"
+    VERSION = "8.0.3"
   end
 end