delta/gitlab/gitlab-ce.git/lib/api, branch 25264-ref-commit gitlab.com: gitlab-org/gitlab-ce.git Allow public access to some Project API endpoints 2016-12-01T15:39:42+00:00 Rémy Coutable remy@rymai.me 2016-11-30T14:48:19+00:00 d757247247ea6015d560eacd29ec7be564e332bf Signed-off-by: Rémy Coutable <remy@rymai.me> 
Signed-off-by: Rémy Coutable <remy@rymai.me>
Merge branch 'api-branch-status' into 'master' 2016-11-30T17:40:39+00:00 Rémy Coutable remy@rymai.me 2016-11-30T17:40:39+00:00 467b44cbbfd70c627dca0a8f57966bc5ba0999c3 API: Expose branch status Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24938 See merge request !7796 

API: Expose branch status

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24938

See merge request !7796
 Merge branch 'grapify-files-api' into 'master' 2016-11-30T15:10:56+00:00 Rémy Coutable remy@rymai.me 2016-11-30T15:10:56+00:00 2c0d9890e675c8799e76a69f7e432463fa06f996 Grapify the files API Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/22928 See merge request !7806 

Grapify the files API

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/22928

See merge request !7806
 API: Expose branch status 2016-11-30T12:13:50+00:00 Robert Schilling rschilling@student.tugraz.at 2016-11-28T18:16:15+00:00 2ce66c071fc7ab2b8ca881223321a3927ec7d61e 






Grapify the files API
2016-11-30T11:48:10+00:00

Robert Schilling
rschilling@student.tugraz.at

2016-11-28T21:15:12+00:00

dd5f71138ce98522b1324319fbd60f665b3d1337












Merge branch 'grapify-projects-api' into 'master'

2016-11-30T11:32:32+00:00

Rémy Coutable
remy@rymai.me

2016-11-30T11:32:32+00:00

43c8788e7bd4c705bc8215ea2409b21a19d090f7


Grapify the projects API

Related to #22928 

See merge request !7456





Grapify the projects API

Related to #22928 

See merge request !7456






Rename `MergeRequest#pipeline` to `head_pipeline`
2016-11-29T13:12:49+00:00

Grzegorz Bizon
grzesiek.bizon@gmail.com

2016-11-28T10:13:32+00:00

a49e9949c6bc474c8bfd4016d9c6c3b59776772f












Merge branch 'jej-use-issuable-finder-instead-of-access-check' into 'security'

2016-11-29T00:26:23+00:00

Douwe Maan
douwe@gitlab.com

2016-11-22T10:25:04+00:00

3bf34face4cacf07ca973705c261369b1f596626


Replace issue access checks with use of IssuableFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Issue lookup with access check

Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).

- [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`]
  - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`]

### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87

See merge request !2031





Replace issue access checks with use of IssuableFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Issue lookup with access check

Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).

- [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`]
  - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`]

### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87

See merge request !2031






Merge branch 'zj-fix-label-creation-non-members' into 'security'
2016-11-29T00:24:19+00:00

Douwe Maan
douwe@gitlab.com

2016-11-10T10:23:44+00:00

3d7704ae5f62446b8b399c796c64d1f527666376

Fix label creation non members

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416

See merge request !2006





Fix label creation non members

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416

See merge request !2006







Grapify the projects API
2016-11-28T20:01:43+00:00

Robert Schilling
rschilling@student.tugraz.at

2016-11-09T14:51:27+00:00

7c607a55ab339293b0e67eeb33439d5407e22aad