summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorGrzegorz Bizon <grzesiek.bizon@gmail.com>2017-03-27 12:35:10 +0200
committerGrzegorz Bizon <grzesiek.bizon@gmail.com>2017-03-27 12:35:10 +0200
commit1a4c60ef57d047dab6aa823f7cc50548897b74f6 (patch)
tree92bbccd1e1850837da5c7b10344ff77f0be0e7be /app/controllers
parent7ada193e0fd28b4a6eca1fda7dda6f0ebe6b2d72 (diff)
parent7324d6713262d7f9c563d48b82934c4a8eb72a52 (diff)
downloadgitlab-ce-1a4c60ef57d047dab6aa823f7cc50548897b74f6.tar.gz
Merge branch 'master' into feature/multi-level-container-registry-images
* master: (192 commits) Implement new service for creating user Update sentry-raven 2.0.2 -> 2.4.0 Update webmock 1.21.0 -> 1.24.6 Update spring 1.7.2 -> 2.0.1 Update simplecov 0.12.0 -> 0.14.1 Update pry-rails 0.3.4 -> 0.3.5 Update pry-byebug 3.4.1 -> 3.4.2 Update flay 2.6.1 -> 2.8.1 Remove Tags filter from Projects Explore dropdown Update capybara-screenshot 1.0.11 -> 1.0.14 Update bullet 5.2.0 -> 5.5.1 Update brakeman 3.4.1 -> 3.6.1 Remove web-console gem Update better_errors 1.0.1 -> 2.1.1 Display flash message to unauthenticated user when creating new issue Fix up emoji tests that should have failed :/ Fix RSpec/DescribeSymbol cop violations Add event limit warning all tabs Cycle Analytics Adding non_archived scope for counting projects Resolve "Gitlab administrator cannot create projects in every group" ... Conflicts: db/schema.rb
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/admin/users_controller.rb12
-rw-r--r--app/controllers/application_controller.rb7
-rw-r--r--app/controllers/dashboard/todos_controller.rb2
-rw-r--r--app/controllers/import/bitbucket_controller.rb8
-rw-r--r--app/controllers/projects/application_controller.rb5
-rw-r--r--app/controllers/projects/blob_controller.rb5
-rw-r--r--app/controllers/projects/builds_controller.rb2
-rw-r--r--app/controllers/projects/deploy_keys_controller.rb4
-rw-r--r--app/controllers/projects/issues_controller.rb18
-rwxr-xr-x[-rw-r--r--]app/controllers/projects/merge_requests_controller.rb4
-rw-r--r--app/controllers/projects/milestones_controller.rb9
-rw-r--r--app/controllers/projects/settings/members_controller.rb1
-rw-r--r--app/controllers/projects/tree_controller.rb1
-rw-r--r--app/controllers/registrations_controller.rb11
-rw-r--r--app/controllers/users_controller.rb4
15 files changed, 55 insertions, 38 deletions
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 24504685e48..563bcc65bd6 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -95,18 +95,14 @@ class Admin::UsersController < Admin::ApplicationController
def create
opts = {
- force_random_password: true,
- password_expires_at: nil
+ reset_password: true,
+ skip_confirmation: true
}
- @user = User.new(user_params.merge(opts))
- @user.created_by_id = current_user.id
- @user.generate_password
- @user.generate_reset_token
- @user.skip_confirmation!
+ @user = Users::CreateService.new(current_user, user_params.merge(opts)).execute
respond_to do |format|
- if @user.save
+ if @user.persisted?
format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
format.json { render json: @user, status: :created, location: @user }
else
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b7ce081a5cd..6a6e335d314 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -64,8 +64,11 @@ class ApplicationController < ActionController::Base
# This filter handles both private tokens and personal access tokens
def authenticate_user_from_private_token!
- token_string = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence
- user = User.find_by_authentication_token(token_string) || User.find_by_personal_access_token(token_string)
+ token = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence
+
+ return unless token.present?
+
+ user = User.find_by_authentication_token(token) || User.find_by_personal_access_token(token)
if user && can?(user, :log_in)
# Notice we are passing store false, so the user is not
diff --git a/app/controllers/dashboard/todos_controller.rb b/app/controllers/dashboard/todos_controller.rb
index 096de8032ae..498690e8f11 100644
--- a/app/controllers/dashboard/todos_controller.rb
+++ b/app/controllers/dashboard/todos_controller.rb
@@ -51,7 +51,7 @@ class Dashboard::TodosController < Dashboard::ApplicationController
private
def find_todos
- @todos ||= TodosFinder.new(current_user, params.merge(include_associations: true)).execute
+ @todos ||= TodosFinder.new(current_user, params).execute
end
def todos_counts
diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb
index 8e42cdf415f..5ad1e116e4e 100644
--- a/app/controllers/import/bitbucket_controller.rb
+++ b/app/controllers/import/bitbucket_controller.rb
@@ -44,15 +44,15 @@ class Import::BitbucketController < Import::BaseController
repo_owner = repo.owner
repo_owner = current_user.username if repo_owner == bitbucket_client.user.username
- @target_namespace = params[:new_namespace].presence || repo_owner
+ namespace_path = params[:new_namespace].presence || repo_owner
- namespace = find_or_create_namespace(@target_namespace, current_user)
+ @target_namespace = find_or_create_namespace(namespace_path, current_user)
- if current_user.can?(:create_projects, namespace)
+ if current_user.can?(:create_projects, @target_namespace)
# The token in a session can be expired, we need to get most recent one because
# Bitbucket::Connection class refreshes it.
session[:bitbucket_token] = bitbucket_client.connection.token
- @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, namespace, current_user, credentials).execute
+ @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, @target_namespace, current_user, credentials).execute
else
render 'unauthorized'
end
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb
index e2f81b09adc..f1a93ccb3ad 100644
--- a/app/controllers/projects/application_controller.rb
+++ b/app/controllers/projects/application_controller.rb
@@ -89,4 +89,9 @@ class Projects::ApplicationController < ApplicationController
def builds_enabled
return render_404 unless @project.feature_available?(:builds, current_user)
end
+
+ def update_ref
+ branch_exists = @repository.find_branch(@target_branch)
+ @ref = @target_branch if branch_exists
+ end
end
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb
index 52fc67d162c..80a95c6158b 100644
--- a/app/controllers/projects/blob_controller.rb
+++ b/app/controllers/projects/blob_controller.rb
@@ -89,11 +89,6 @@ class Projects::BlobController < Projects::ApplicationController
private
- def update_ref
- branch_exists = @repository.find_branch(@target_branch)
- @ref = @target_branch if branch_exists
- end
-
def blob
@blob ||= Blob.decorate(@repository.blob_at(@commit.id, @path))
diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb
index 886934a3f67..f1e4246e7fb 100644
--- a/app/controllers/projects/builds_controller.rb
+++ b/app/controllers/projects/builds_controller.rb
@@ -1,7 +1,7 @@
class Projects::BuildsController < Projects::ApplicationController
before_action :build, except: [:index, :cancel_all]
before_action :authorize_read_build!, except: [:cancel, :cancel_all, :retry, :play]
- before_action :authorize_update_build!, except: [:index, :show, :status, :raw]
+ before_action :authorize_update_build!, except: [:index, :show, :status, :raw, :trace]
layout 'project'
def index
diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb
index 1502b734f37..d0c44e297e3 100644
--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
@@ -31,8 +31,10 @@ class Projects::DeployKeysController < Projects::ApplicationController
end
def disable
- @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]).destroy
+ deploy_key_project = @project.deploy_keys_projects.find_by(deploy_key_id: params[:id])
+ return render_404 unless deploy_key_project
+ deploy_key_project.destroy!
redirect_to_repository_settings(@project)
end
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index cdb5b4173d3..d984e6d3918 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -148,7 +148,14 @@ class Projects::IssuesController < Projects::ApplicationController
end
format.json do
- render json: @issue.to_json(include: { milestone: {}, assignee: { only: [:name, :username], methods: [:avatar_url] }, labels: { methods: :text_color } }, methods: [:task_status, :task_status_short])
+ if @issue.valid?
+ render json: @issue.to_json(methods: [:task_status, :task_status_short],
+ include: { milestone: {},
+ assignee: { only: [:name, :username], methods: [:avatar_url] },
+ labels: { methods: :text_color } })
+ else
+ render json: { errors: @issue.errors.full_messages }, status: :unprocessable_entity
+ end
end
end
@@ -253,4 +260,13 @@ class Projects::IssuesController < Projects::ApplicationController
:milestone_id, :due_date, :state_event, :task_num, :lock_version, label_ids: []
)
end
+
+ def authenticate_user!
+ return if current_user
+
+ notice = "Please sign in to create the new issue."
+
+ store_location_for :user, request.fullpath
+ redirect_to new_user_session_path, notice: notice
+ end
end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 677a8a1a73a..2fadf7c8c81 100644..100755
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -402,7 +402,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
if params[:ref].present?
@ref = params[:ref]
- @commit = @repository.commit(@ref)
+ @commit = @repository.commit("refs/heads/#{@ref}")
end
render layout: false
@@ -413,7 +413,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
if params[:ref].present?
@ref = params[:ref]
- @commit = @target_project.commit(@ref)
+ @commit = @target_project.commit("refs/heads/#{@ref}")
end
render layout: false
diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb
index be52b0fa7cf..5922e686cd0 100644
--- a/app/controllers/projects/milestones_controller.rb
+++ b/app/controllers/projects/milestones_controller.rb
@@ -13,11 +13,14 @@ class Projects::MilestonesController < Projects::ApplicationController
def index
@milestones =
case params[:state]
- when 'all' then @project.milestones.reorder(due_date: :desc, title: :asc)
- when 'closed' then @project.milestones.closed.reorder(due_date: :desc, title: :asc)
- else @project.milestones.active.reorder(due_date: :asc, title: :asc)
+ when 'all' then @project.milestones
+ when 'closed' then @project.milestones.closed
+ else @project.milestones.active
end
+ @sort = params[:sort] || 'due_date_asc'
+ @milestones = @milestones.sort(@sort)
+
@milestones = @milestones.includes(:project)
respond_to do |format|
format.html do
diff --git a/app/controllers/projects/settings/members_controller.rb b/app/controllers/projects/settings/members_controller.rb
index cbfa2afa959..54f9dceddef 100644
--- a/app/controllers/projects/settings/members_controller.rb
+++ b/app/controllers/projects/settings/members_controller.rb
@@ -9,6 +9,7 @@ module Projects
@skip_groups = @group_links.pluck(:group_id)
@skip_groups << @project.namespace_id unless @project.personal?
+ @skip_groups += @project.group.ancestors.pluck(:id) if @project.group
@project_members = MembersFinder.new(@project, current_user).execute
diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb
index 4f094146348..637b61504d8 100644
--- a/app/controllers/projects/tree_controller.rb
+++ b/app/controllers/projects/tree_controller.rb
@@ -34,6 +34,7 @@ class Projects::TreeController < Projects::ApplicationController
def create_dir
return render_404 unless @commit_params.values.all?
+ update_ref
create_commit(Files::CreateDirService, success_notice: "The directory has been successfully created.",
success_path: namespace_project_tree_path(@project.namespace, @project, File.join(@target_branch, @dir_name)),
failure_path: namespace_project_tree_path(@project.namespace, @project, @ref))
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index b44f38d4a0c..a49a1f50a81 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -1,5 +1,4 @@
class RegistrationsController < Devise::RegistrationsController
- before_action :signup_enabled?
include Recaptcha::Verify
def new
@@ -21,6 +20,8 @@ class RegistrationsController < Devise::RegistrationsController
flash.delete :recaptcha_error
render action: 'new'
end
+ rescue Gitlab::Access::AccessDeniedError
+ redirect_to(new_user_session_path)
end
def destroy
@@ -50,12 +51,6 @@ class RegistrationsController < Devise::RegistrationsController
private
- def signup_enabled?
- unless current_application_settings.signup_enabled?
- redirect_to(new_user_session_path)
- end
- end
-
def sign_up_params
params.require(:user).permit(:username, :email, :email_confirmation, :name, :password)
end
@@ -65,7 +60,7 @@ class RegistrationsController < Devise::RegistrationsController
end
def resource
- @resource ||= User.new(sign_up_params)
+ @resource ||= Users::CreateService.new(current_user, sign_up_params).build
end
def devise_mapping
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 6e29f1e8a65..2683614d2e8 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -39,7 +39,7 @@ class UsersController < ApplicationController
format.html { render 'show' }
format.json do
render json: {
- html: view_to_html_string("shared/projects/_list", projects: @projects, remote: true)
+ html: view_to_html_string("shared/projects/_list", projects: @projects)
}
end
end
@@ -65,7 +65,7 @@ class UsersController < ApplicationController
format.html { render 'show' }
format.json do
render json: {
- html: view_to_html_string("snippets/_snippets", collection: @snippets, remote: true)
+ html: view_to_html_string("snippets/_snippets", collection: @snippets)
}
end
end