User Admin page shows 404

I recently noticed, that for one particular user, I can not access the following pages:

  • /admin/users/<user>
  • /admin/users/<user>/projects
  • /admin/users/<user>/keys
  • /<user>

All of these pages show a 404 error and the following lines show up in the production.log (e,g. for the /admin/users/<user> page):

Started GET "/admin/users/<user>" for x.x.x.x at 2021-03-11 20:32:54 +0100
Processing by Admin::UsersController#show as HTML
  Parameters: {"id"=>"<user>"}
Filter chain halted as :user rendered or redirected
Completed 404 Not Found in 38ms (Views: 2.7ms | ActiveRecord: 5.6ms)

However I can access these:

  • /admin/users/<user>/identities
  • /admin/users/<user>/impersonation_tokens

I’m on 13.9.3, but this has already been reported with version 11.8.0 in this ticket:

Has anyone else seen this or is able to assist in debugging this?

1 Like

Yes I am seeing the exact same issues on my instances as well. The only common thread I can find is that the affected accounts are extremely old (circa 2013) and were originally local accounts that have had numerous identities assigned over the years as it migrated from auth system to auth system (local → ldap → saml). I filed a ticket with support since i have starter licenses and between the user not wanting to log in so I could capture logs and dealing with support it never got resolved. One weird thing is that when I try to view the affected user the url changes from https://gitlab/admin/users/username to https://gitlab/admin/users/username2 and its always the same username all accounts are pointing to; a long blocked user that is no longer with the company (uid is 2 though, so probably the original person that set it up). I have seen this problem since version 11 sometime and we are on 13.10.

I know this isn’t much help but maybe we can find other common pieces that can help us debug this.

Looks like the issue was caused by the use of the same name for user and group in some old version.

Can be worked around by renaming affected user to some temporary username using the rails console:

irb(main):033:0> u = User.find_by_username('<username>')
=> #<User id:580 @<username>>

irb(main):034:0> u.username = '<username1>'
=> "<username1>"

irb(main):035:0> u.save!
=> true

Then rename it back to its original username using User Admin or rails console.

If the conflict still exists, you will receive an error: Validation failed: A user, alias, or group already exists with that username.

Some details: user with a broken profile (ID: 769) was created before group with the same name typed in all caps (ID: 985) in GitLab 11.3.1.

1 Like

Wow, this actually worked! Thanks a lot! I’m not aware that such a group name conflict ever existed, but it helped anyway.