Add latest changes from gitlab-org/gitlab@14-9-stable-eev14.9.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-03-18 20:02:30 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-03-18 20:02:30 +0000
commit: 41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch)
tree: 9c8d89a8624828992f06d892cd2f43818ff5dcc8 /app/controllers/groups
parent: 0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff)
download: gitlab-ce-41fe97390ceddf945f3d967b8fdb3de4c66b7dea.tar.gz
13 files changed, 57 insertions, 22 deletions
diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb
index f9c875b80b2..bf72ade32d0 100644
--- a/app/controllers/groups/application_controller.rb
+++ b/app/controllers/groups/application_controller.rb
@@ -82,6 +82,10 @@ class Groups::ApplicationController < ApplicationController
   def has_project_list?
     false
   end
+
+  def validate_root_group!
+    render_404 unless group.root?
+  end
 end
 
 Groups::ApplicationController.prepend_mod_with('Groups::ApplicationController')
diff --git a/app/controllers/groups/boards_controller.rb b/app/controllers/groups/boards_controller.rb
index 6fac6fcf426..641b3adb12b 100644
--- a/app/controllers/groups/boards_controller.rb
+++ b/app/controllers/groups/boards_controller.rb
@@ -7,7 +7,6 @@ class Groups::BoardsController < Groups::ApplicationController
 
   before_action :assign_endpoint_vars
   before_action do
-    push_frontend_feature_flag(:issue_boards_filtered_search, group, default_enabled: :yaml)
     push_frontend_feature_flag(:board_multi_select, group, default_enabled: :yaml)
     push_frontend_feature_flag(:iteration_cadences, group, default_enabled: :yaml)
     experiment(:prominent_create_board_btn, subject: current_user) do |e|
diff --git a/app/controllers/groups/clusters_controller.rb b/app/controllers/groups/clusters_controller.rb
index 666a96d6fc0..2fe9faa252f 100644
--- a/app/controllers/groups/clusters_controller.rb
+++ b/app/controllers/groups/clusters_controller.rb
@@ -3,6 +3,7 @@
 class Groups::ClustersController < Clusters::ClustersController
   include ControllerWithCrossProjectAccessCheck
 
+  before_action :ensure_feature_enabled!
   prepend_before_action :group
   requires_cross_project_access
 
diff --git a/app/controllers/groups/crm/contacts_controller.rb b/app/controllers/groups/crm/contacts_controller.rb
index f00f4d1df25..b59e20d9cea 100644
--- a/app/controllers/groups/crm/contacts_controller.rb
+++ b/app/controllers/groups/crm/contacts_controller.rb
@@ -3,6 +3,7 @@
 class Groups::Crm::ContactsController < Groups::ApplicationController
   feature_category :team_planning
 
+  before_action :validate_root_group!
   before_action :authorize_read_crm_contact!
 
   def new
diff --git a/app/controllers/groups/crm/organizations_controller.rb b/app/controllers/groups/crm/organizations_controller.rb
index ab720f490be..f8536b4f538 100644
--- a/app/controllers/groups/crm/organizations_controller.rb
+++ b/app/controllers/groups/crm/organizations_controller.rb
@@ -3,6 +3,7 @@
 class Groups::Crm::OrganizationsController < Groups::ApplicationController
   feature_category :team_planning
 
+  before_action :validate_root_group!
   before_action :authorize_read_crm_organization!
 
   def new
diff --git a/app/controllers/groups/deploy_tokens_controller.rb b/app/controllers/groups/deploy_tokens_controller.rb
index 79152bf2695..9ef22aa33dc 100644
--- a/app/controllers/groups/deploy_tokens_controller.rb
+++ b/app/controllers/groups/deploy_tokens_controller.rb
@@ -6,8 +6,7 @@ class Groups::DeployTokensController < Groups::ApplicationController
   feature_category :continuous_delivery
 
   def revoke
-    @token = @group.deploy_tokens.find(params[:id])
-    @token.revoke!
+    Groups::DeployTokens::RevokeService.new(@group, current_user, params).execute
 
     redirect_to group_settings_repository_path(@group, anchor: 'js-deploy-tokens')
   end
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb
index 6e59f159636..ece1083d4d1 100644
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -16,7 +16,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
   before_action :authorize_admin_group_member!, except: admin_not_required_endpoints
 
   skip_before_action :check_two_factor_requirement, only: :leave
-  skip_cross_project_access_check :index, :create, :update, :destroy, :request_access,
+  skip_cross_project_access_check :index, :update, :destroy, :request_access,
                                   :approve_access_request, :leave, :resend_invite,
                                   :override
 
@@ -26,8 +26,6 @@ class Groups::GroupMembersController < Groups::ApplicationController
     @sort = params[:sort].presence || sort_value_name
 
     if can?(current_user, :admin_group_member, @group)
-      @skip_groups = @group.related_group_ids
-
       @invited_members = invited_members
       @invited_members = @invited_members.search_invite_email(params[:search_invited]) if params[:search_invited].present?
       @invited_members = present_invited_members(@invited_members)
@@ -38,8 +36,6 @@ class Groups::GroupMembersController < Groups::ApplicationController
     @requesters = present_members(
       AccessRequestsFinder.new(@group).execute(current_user)
     )
-
-    @group_member = @group.group_members.new
   end
 
   # MembershipActions concern
diff --git a/app/controllers/groups/harbor/repositories_controller.rb b/app/controllers/groups/harbor/repositories_controller.rb
new file mode 100644
index 00000000000..364607f9b20
--- /dev/null
+++ b/app/controllers/groups/harbor/repositories_controller.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Groups
+  module Harbor
+    class RepositoriesController < Groups::ApplicationController
+      feature_category :integrations
+
+      before_action :harbor_registry_enabled!
+      before_action do
+        push_frontend_feature_flag(:harbor_registry_integration)
+      end
+
+      def show
+        render :index
+      end
+
+      private
+
+      def harbor_registry_enabled!
+        render_404 unless Feature.enabled?(:harbor_registry_integration)
+      end
+    end
+  end
+end
diff --git a/app/controllers/groups/releases_controller.rb b/app/controllers/groups/releases_controller.rb
index 6a42f30b847..db5385ecc71 100644
--- a/app/controllers/groups/releases_controller.rb
+++ b/app/controllers/groups/releases_controller.rb
@@ -15,11 +15,17 @@ module Groups
     private
 
     def releases
-      ReleasesFinder
-        .new(@group, current_user, { include_subgroups: true })
-        .execute(preload: false)
-        .page(params[:page])
-        .per(30)
+      if Feature.enabled?(:group_releases_finder_inoperator)
+        Releases::GroupReleasesFinder
+          .new(@group, current_user, { include_subgroups: true, page: params[:page], per: 30 })
+          .execute(preload: false)
+      else
+        ReleasesFinder
+          .new(@group, current_user, { include_subgroups: true })
+          .execute(preload: false)
+          .page(params[:page])
+          .per(30)
+      end
     end
   end
 end
diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb
index b194aeff80d..dabef978ee1 100644
--- a/app/controllers/groups/runners_controller.rb
+++ b/app/controllers/groups/runners_controller.rb
@@ -24,7 +24,7 @@ class Groups::RunnersController < Groups::ApplicationController
   end
 
   def update
-    if Ci::UpdateRunnerService.new(@runner).update(runner_params)
+    if Ci::Runners::UpdateRunnerService.new(@runner).update(runner_params)
       redirect_to group_runner_path(@group, @runner), notice: _('Runner was successfully updated.')
     else
       render 'edit'
@@ -32,17 +32,17 @@ class Groups::RunnersController < Groups::ApplicationController
   end
 
   def destroy
-    if @runner.belongs_to_more_than_one_project?
-      redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found, alert: _('Runner was not deleted because it is assigned to multiple projects.')
-    else
-      Ci::UnregisterRunnerService.new(@runner).execute
+    if can?(current_user, :delete_runner, @runner)
+      Ci::Runners::UnregisterRunnerService.new(@runner, current_user).execute
 
       redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found
+    else
+      redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found, alert: _('Runner cannot be deleted, please contact your administrator.')
     end
   end
 
   def resume
-    if Ci::UpdateRunnerService.new(@runner).update(active: true)
+    if Ci::Runners::UpdateRunnerService.new(@runner).update(active: true)
       redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), notice: _('Runner was successfully updated.')
     else
       redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), alert: _('Runner was not updated.')
@@ -50,7 +50,7 @@ class Groups::RunnersController < Groups::ApplicationController
   end
 
   def pause
-    if Ci::UpdateRunnerService.new(@runner).update(active: false)
+    if Ci::Runners::UpdateRunnerService.new(@runner).update(active: false)
       redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), notice: _('Runner was successfully updated.')
     else
       redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), alert: _('Runner was not updated.')
diff --git a/app/controllers/groups/settings/ci_cd_controller.rb b/app/controllers/groups/settings/ci_cd_controller.rb
index a290ef9b5e7..9b9e3f7b0bc 100644
--- a/app/controllers/groups/settings/ci_cd_controller.rb
+++ b/app/controllers/groups/settings/ci_cd_controller.rb
@@ -36,7 +36,7 @@ module Groups
       end
 
       def reset_registration_token
-        @group.reset_runners_token!
+        ::Ci::Runners::ResetRegistrationTokenService.new(@group, current_user).execute
 
         flash[:notice] = _('GroupSettings|New runners registration token has been generated!')
         redirect_to group_settings_ci_cd_path
diff --git a/app/controllers/groups/settings/integrations_controller.rb b/app/controllers/groups/settings/integrations_controller.rb
index 0a63c3d304b..ec64e75a68e 100644
--- a/app/controllers/groups/settings/integrations_controller.rb
+++ b/app/controllers/groups/settings/integrations_controller.rb
@@ -7,6 +7,10 @@ module Groups
 
       before_action :authorize_admin_group!
 
+      before_action do
+        push_frontend_feature_flag(:integration_form_sections, group, default_enabled: :yaml)
+      end
+
       feature_category :integrations
 
       layout 'group_settings'
diff --git a/app/controllers/groups/uploads_controller.rb b/app/controllers/groups/uploads_controller.rb
index 387f7be56cd..49249f87d31 100644
--- a/app/controllers/groups/uploads_controller.rb
+++ b/app/controllers/groups/uploads_controller.rb
@@ -4,7 +4,7 @@ class Groups::UploadsController < Groups::ApplicationController
   include UploadsActions
   include WorkhorseRequest
 
-  skip_before_action :group, if: -> { bypass_auth_checks_on_uploads? }
+  skip_before_action :group, if: -> { action_name == 'show' && embeddable? }
 
   before_action :authorize_upload_file!, only: [:create, :authorize]
   before_action :verify_workhorse_api!, only: [:authorize]
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-03-18 20:02:30 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-03-18 20:02:30 +0000
commit	41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch)
tree	9c8d89a8624828992f06d892cd2f43818ff5dcc8 /app/controllers/groups
parent	0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff)
download	gitlab-ce-41fe97390ceddf945f3d967b8fdb3de4c66b7dea.tar.gz