Merge branch 'Feature/password_expiration_migration' into 'master'

Feature password expiration migration See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/100519 Merged-by: Tiger Watson <twatson@gitlab.com> Approved-by: Omar Qunsul <oqunsul@gitlab.com> Approved-by: Tiger Watson <twatson@gitlab.com> Approved-by: Dominic Couture <dcouture@gitlab.com> Co-authored-by: chenqiting <qtchen@jihulab.com>

Merge branch 'Feature/password_expiration_migration' into 'master'
d21a6c5d · Tiger Watson · bff42fed · 4ab12e85 · d21a6c5d · d21a6c5d
--- a/db/migrate/20221008032350_add_password_expiration_migration.rb
+++ b/db/migrate/20221008032350_add_password_expiration_migration.rb
+# frozen_string_literal: true
+class AddPasswordExpirationMigration < Gitlab::Database::Migration[2.0]
+  def change
+    add_column :application_settings, :password_expiration_enabled, :boolean, default: false, null: false,
+                                                                              comment: 'JiHu-specific column'
+    add_column :application_settings, :password_expires_in_days, :integer, default: 90, null: false,
+                                                                           comment: 'JiHu-specific column'
+    add_column :application_settings, :password_expires_notice_before_days, :integer, default: 7, null: false,
+                                                                                      comment: 'JiHu-specific column'
+  end
+end
--- a/db/migrate/20221012033107_add_password_last_changed_at_to_user_details.rb
+++ b/db/migrate/20221012033107_add_password_last_changed_at_to_user_details.rb
+# frozen_string_literal: true
+class AddPasswordLastChangedAtToUserDetails < Gitlab::Database::Migration[2.0]
+  enable_lock_retries!
+  def change
+    add_column :user_details, :password_last_changed_at, :datetime_with_timezone, comment: 'JiHu-specific column'
+  end
+end
--- a/db/schema_migrations/20221008032350
+++ b/db/schema_migrations/20221008032350
+c5e373b1b416455b67b7bc0affe244295e1f1a2f105fe8ef6efddf8b07da2a86
\ No newline at end of file
--- a/db/schema_migrations/20221012033107
+++ b/db/schema_migrations/20221012033107
+23252a63b8aab6a062cf22db563f8518213d40110449732866e6d8d5092d369e
\ No newline at end of file
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -11488,6 +11488,9 @@ CREATE TABLE application_settings (
    lock_maven_package_requests_forwarding boolean DEFAULT false NOT NULL,
    lock_pypi_package_requests_forwarding boolean DEFAULT false NOT NULL,
    lock_npm_package_requests_forwarding boolean DEFAULT false NOT NULL,
+    password_expiration_enabled boolean DEFAULT false NOT NULL,
+    password_expires_in_days integer DEFAULT 90 NOT NULL,
+    password_expires_notice_before_days integer DEFAULT 7 NOT NULL,
    CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
    CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)),
    CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)),
@@ -11570,6 +11573,12 @@ COMMENT ON COLUMN application_settings.encrypted_feishu_app_secret IS 'JiHu-spec
 COMMENT ON COLUMN application_settings.encrypted_feishu_app_secret_iv IS 'JiHu-specific column';
+COMMENT ON COLUMN application_settings.password_expiration_enabled IS 'JiHu-specific column';
+COMMENT ON COLUMN application_settings.password_expires_in_days IS 'JiHu-specific column';
+COMMENT ON COLUMN application_settings.password_expires_notice_before_days IS 'JiHu-specific column';
 CREATE SEQUENCE application_settings_id_seq
    START WITH 1
    INCREMENT BY 1
@@ -22079,6 +22088,7 @@ CREATE TABLE user_details (
    registration_objective smallint,
    phone text,
    requires_credit_card_verification boolean DEFAULT false NOT NULL,
+    password_last_changed_at timestamp with time zone,
    CONSTRAINT check_245664af82 CHECK ((char_length(webauthn_xid) <= 100)),
    CONSTRAINT check_a73b398c60 CHECK ((char_length(phone) <= 50)),
    CONSTRAINT check_eeeaf8d4f0 CHECK ((char_length(pronouns) <= 50)),
@@ -22087,6 +22097,8 @@ CREATE TABLE user_details (
 COMMENT ON COLUMN user_details.phone IS 'JiHu-specific column';
+COMMENT ON COLUMN user_details.password_last_changed_at IS 'JiHu-specific column';
 CREATE SEQUENCE user_details_user_id_seq
    START WITH 1
    INCREMENT BY 1
--- a/spec/migrations/20221008032350_add_password_expiration_migration_spec.rb
+++ b/spec/migrations/20221008032350_add_password_expiration_migration_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+require_migration!
+RSpec.describe AddPasswordExpirationMigration do
+  let(:application_setting) { table(:application_settings).create! }
+  describe "#up" do
+    it 'allows to read password expiration fields' do
+      migrate!
+      expect(application_setting.password_expiration_enabled).to eq false
+      expect(application_setting.password_expires_in_days).to eq 90
+      expect(application_setting.password_expires_notice_before_days).to eq 7
+    end
+  end
+end
--- a/spec/migrations/20221012033107_add_password_last_changed_at_to_user_details_spec.rb
+++ b/spec/migrations/20221012033107_add_password_last_changed_at_to_user_details_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+require_migration!
+RSpec.describe AddPasswordLastChangedAtToUserDetails do
+  let_it_be(:namespace) { table(:namespaces).create!(name: 'user', path: 'user') }
+  let_it_be(:users) { table(:users) }
+  let_it_be(:user) { create_user! }
+  let(:user_detail) { table(:user_details).create!(user_id: user.id, provisioned_by_group_id: namespace.id) }
+  describe "#up" do
+    it 'allows to read password_last_changed_at' do
+      migrate!
+      expect(user_detail.password_last_changed_at).to eq nil
+    end
+  end
+  private
+  def create_user!(name: "Example User", email: "user@example.com", user_type: nil)
+    users.create!(
+      name: name,
+      email: email,
+      username: name,
+      projects_limit: 0,
+      user_type: user_type,
+      confirmed_at: Time.current
+    )
+  end
+end