Add latest changes from gitlab-org/gitlab@master

4 files changed, 48 insertions, 10 deletions

diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 845d402f550..47ba96e238e 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -253,7 +253,8 @@ module ApplicationSettingImplementation
         user_defaults_to_private_profile: false,
         projects_api_rate_limit_unauthenticated: 400,
         gitlab_dedicated_instance: false,
-        ci_max_includes: 150
+        ci_max_includes: 150,
+        allow_account_deletion: true
       }.tap do |hsh|
         hsh.merge!(non_production_defaults) unless Rails.env.production?
       end
diff --git a/app/models/concerns/recoverable_by_any_email.rb b/app/models/concerns/recoverable_by_any_email.rb
new file mode 100644
index 00000000000..aaea7707d51
--- /dev/null
+++ b/app/models/concerns/recoverable_by_any_email.rb
@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+# Concern that overrides the Devise methods
+# to send reset password instructions to any verified user email
+module RecoverableByAnyEmail
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def send_reset_password_instructions(attributes = {})
+      return super unless Feature.enabled?(:password_reset_any_verified_email)
+
+      email = attributes.delete(:email)
+      super unless email
+
+      recoverable = by_email_with_errors(email)
+      recoverable.send_reset_password_instructions(to: email) if recoverable&.persisted?
+      recoverable
+    end
+
+    private
+
+    def by_email_with_errors(email)
+      record = find_by_any_email(email, confirmed: true) || new
+      record.errors.add(:email, :invalid) unless record.persisted?
+      record
+    end
+  end
+
+  def send_reset_password_instructions(opts = {})
+    return super() unless Feature.enabled?(:password_reset_any_verified_email)
+
+    token = set_reset_password_token
+    send_reset_password_instructions_notification(token, opts)
+
+    token
+  end
+
+  private
+
+  def send_reset_password_instructions_notification(token, opts = {})
+    return super(token) unless Feature.enabled?(:password_reset_any_verified_email)
+
+    send_devise_notification(:reset_password_instructions, token, opts)
+  end
+end
diff --git a/app/models/namespaces/traversal/linear_scopes.rb b/app/models/namespaces/traversal/linear_scopes.rb
index 792964a6c7f..c50d3dd1de6 100644
--- a/app/models/namespaces/traversal/linear_scopes.rb
+++ b/app/models/namespaces/traversal/linear_scopes.rb
@@ -25,8 +25,6 @@ module Namespaces
         end
 
         def self_and_ancestors(include_self: true, upto: nil, hierarchy_order: nil)
-          return super unless use_traversal_ids_for_ancestor_scopes?
-
           self_and_ancestors_from_inner_join(
             include_self: include_self,
             upto: upto, hierarchy_order:
@@ -35,8 +33,6 @@ module Namespaces
         end
 
         def self_and_ancestor_ids(include_self: true)
-          return super unless use_traversal_ids_for_ancestor_scopes?
-
           self_and_ancestors(include_self: include_self).as_ids
         end
 
@@ -87,11 +83,6 @@ module Namespaces
           use_traversal_ids?
         end
 
-        def use_traversal_ids_for_ancestor_scopes?
-          Feature.enabled?(:use_traversal_ids_for_ancestor_scopes) &&
-          use_traversal_ids?
-        end
-
         def use_traversal_ids_for_descendants_scopes?
           Feature.enabled?(:use_traversal_ids_for_descendants_scopes) &&
           use_traversal_ids?
diff --git a/app/models/user.rb b/app/models/user.rb
index dc70ff2e232..0c8ff873ba6 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -91,6 +91,7 @@ class User < ApplicationRecord
 
   # Must be included after `devise`
   include EncryptedUserPassword
+  include RecoverableByAnyEmail
 
   include AdminChangedPasswordNotifier