Merge branch 'master' into improve-user-tabs

5 files changed, 29 insertions, 24 deletions

diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index f3bfede4354..8f83fdd02bc 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -12,11 +12,13 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
 
     current_user.save! if current_user.changed?
 
-    if two_factor_grace_period_expired?
-      flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
-    else
-      grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
-      flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
+    if two_factor_authentication_required?
+      if two_factor_grace_period_expired?
+        flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
+      else
+        grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
+        flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
+      end
     end
 
     @qr_code = build_qr_code
diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb
index f7e6bb34443..b64dbbd89ce 100644
--- a/app/controllers/projects/avatars_controller.rb
+++ b/app/controllers/projects/avatars_controller.rb
@@ -1,4 +1,6 @@
 class Projects::AvatarsController < Projects::ApplicationController
+  include BlobHelper
+
   before_action :project
 
   def show
@@ -7,7 +9,7 @@ class Projects::AvatarsController < Projects::ApplicationController
       headers['X-Content-Type-Options'] = 'nosniff'
       headers.store(*Gitlab::Workhorse.send_git_blob(@repository, @blob))
       headers['Content-Disposition'] = 'inline'
-      headers['Content-Type'] = @blob.content_type
+      headers['Content-Type'] = safe_content_type(@blob)
       head :ok # 'render nothing: true' messes up the Content-Type
     else
       render_404
diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb
index 0c551501ca4..a0835c9aad0 100644
--- a/app/controllers/projects/forks_controller.rb
+++ b/app/controllers/projects/forks_controller.rb
@@ -4,12 +4,22 @@ class Projects::ForksController < Projects::ApplicationController
   before_action :authorize_download_code!
 
   def index
-    @sort = params[:sort] || 'id_desc'
-    @all_forks = project.forks.includes(:creator).order_by(@sort)
-
-    @public_forks, @protected_forks = @all_forks.partition do |project|
-      can?(current_user, :read_project, project)
-    end
+    base_query = project.forks.includes(:creator)
+
+    @forks = if current_user
+               base_query.where('projects.visibility_level IN (?) OR projects.id IN (?)',
+                                Project.public_and_internal_levels,
+                                current_user.authorized_projects.pluck(:id))
+             else
+               base_query.where('projects.visibility_level = ?', Project::PUBLIC)
+             end
+
+    @total_forks_count   = base_query.size
+    @private_forks_count = @total_forks_count - @forks.size
+    @public_forks_count  = @total_forks_count - @private_forks_count
+
+    @sort  = params[:sort] || 'id_desc'
+    @forks = @forks.order_by(@sort).page(params[:page]).per(PER_PAGE)
   end
 
   def new
diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 87b4d08da0e..d9723acb1d9 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -1,6 +1,7 @@
 # Controller for viewing a file's raw
 class Projects::RawController < Projects::ApplicationController
   include ExtractsPath
+  include BlobHelper
 
   before_action :require_non_empty_project
   before_action :assign_ref_vars
@@ -17,7 +18,7 @@ class Projects::RawController < Projects::ApplicationController
       else
         headers.store(*Gitlab::Workhorse.send_git_blob(@repository, @blob))
         headers['Content-Disposition'] = 'inline'
-        headers['Content-Type'] = get_blob_type
+        headers['Content-Type'] = safe_content_type(@blob)
         head :ok # 'render nothing: true' messes up the Content-Type
       end
     else
@@ -27,16 +28,6 @@ class Projects::RawController < Projects::ApplicationController
 
   private
 
-  def get_blob_type
-    if @blob.text?
-      'text/plain; charset=utf-8'
-    elsif @blob.image?
-      @blob.content_type
-    else
-      'application/octet-stream'
-    end
-  end
-
   def send_lfs_object
     lfs_object = find_lfs_object
 
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index eae19214bf5..4b1cf242885 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -89,7 +89,7 @@ class UsersController < ApplicationController
 
   def contributions_calendar
     @contributions_calendar ||= Gitlab::ContributionsCalendar.
-      new(contributed_projects.reject(&:forked?), @user)
+      new(contributed_projects, @user)
   end
 
   def load_events