Merge branch 'master' into feature/runner-lock-on-project

* master: (147 commits)
  Update CHANGELOG
  Remove deprecated issues_tracker and issues_tracker_id from project
  Schema doesn’t reflect the changes of the last 3 migrations
  Revert CHANGELOG
  Also rename "find" in the specs
  Change to new Notes styleguide
  Add guide on changing a document's location
  Change logs.md location in README
  Move logs/logs.md to administration/logs.md
  Make "four phase test"
  Only show branches for revert / cherry-pick
  Instrument all Banzai::ReferenceParser classes
  Removed old comment from update_column_in_batches
  Update columns in batches until no rows are left
  Remove counters from Pipeline navigation
  Handle NULL migration errors in migration helpers
  Fix typo causing related branches to Error 500
  Improved SVG sanitizer specs to include smoke tests for clean.
  Refactored SVG sanitizer
  Added SVG sanitizer fix to the changelog
  ...

11 files changed, 29 insertions, 25 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 62f63701799..cd6ae507cf1 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -6,6 +6,7 @@ class ApplicationController < ActionController::Base
   include Gitlab::GonHelper
   include GitlabRoutingHelper
   include PageLayoutHelper
+  include WorkhorseHelper
 
   before_action :authenticate_user_from_token!
   before_action :authenticate_user!
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 131a16dad9b..014b9b43ff2 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -42,7 +42,7 @@ class JwtController < ApplicationController
   end
 
   def authenticate_user(login, password)
-    user = Gitlab::Auth.find_in_gitlab_or_ldap(login, password)
+    user = Gitlab::Auth.find_with_user_password(login, password)
     Gitlab::Auth.rate_limit!(request.ip, success: user.present?, login: login)
     user
   end
diff --git a/app/controllers/profiles/notifications_controller.rb b/app/controllers/profiles/notifications_controller.rb
index 18ee55c839a..40d1906a53f 100644
--- a/app/controllers/profiles/notifications_controller.rb
+++ b/app/controllers/profiles/notifications_controller.rb
@@ -1,12 +1,13 @@
 class Profiles::NotificationsController < Profiles::ApplicationController
   def show
-    @user = current_user
-    @group_notifications = current_user.notification_settings.for_groups
-    @project_notifications = current_user.notification_settings.for_projects
+    @user                        = current_user
+    @group_notifications         = current_user.notification_settings.for_groups
+    @project_notifications       = current_user.notification_settings.for_projects
+    @global_notification_setting = current_user.global_notification_setting
   end
 
   def update
-    if current_user.update_attributes(user_params)
+    if current_user.update_attributes(user_params) && update_notification_settings
       flash[:notice] = "Notification settings saved"
     else
       flash[:alert] = "Failed to save new settings"
@@ -16,6 +17,18 @@ class Profiles::NotificationsController < Profiles::ApplicationController
   end
 
   def user_params
-    params.require(:user).permit(:notification_email, :notification_level)
+    params.require(:user).permit(:notification_email)
+  end
+
+  def global_notification_setting_params
+    params.require(:global_notification_setting).permit(:level)
+  end
+
+  private
+
+  def update_notification_settings
+    return true unless global_notification_setting_params
+
+    current_user.global_notification_setting.update_attributes(global_notification_setting_params)
   end
 end
diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb
index 72921b3aa14..5962f74c39b 100644
--- a/app/controllers/projects/avatars_controller.rb
+++ b/app/controllers/projects/avatars_controller.rb
@@ -10,10 +10,7 @@ class Projects::AvatarsController < Projects::ApplicationController
 
       return if cached_blob?
 
-      headers.store(*Gitlab::Workhorse.send_git_blob(@repository, @blob))
-      headers['Content-Disposition'] = 'inline'
-      headers['Content-Type'] = safe_content_type(@blob)
-      head :ok # 'render nothing: true' messes up the Content-Type
+      send_git_blob @repository, @blob
     else
       render_404
     end
diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb
index 9b80efa5f11..14c82826342 100644
--- a/app/controllers/projects/builds_controller.rb
+++ b/app/controllers/projects/builds_controller.rb
@@ -41,7 +41,7 @@ class Projects::BuildsController < Projects::ApplicationController
   def trace
     respond_to do |format|
       format.json do
-        render json: @build.trace_with_state(params[:state]).merge!(id: @build.id, status: @build.status)
+        render json: @build.trace_with_state(params[:state].presence).merge!(id: @build.id, status: @build.status)
       end
     end
   end
diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index 348d6cf4d96..f907d63258b 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -43,7 +43,7 @@ class Projects::GitHttpController < Projects::ApplicationController
     return if project && project.public? && upload_pack?
 
     authenticate_or_request_with_http_basic do |login, password|
-      auth_result = Gitlab::Auth.find(login, password, project: project, ip: request.ip)
+      auth_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
 
       if auth_result.type == :ci && upload_pack?
         @ci = true
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 06a114dcbe8..67e7187c10d 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -61,12 +61,9 @@ class Projects::MergeRequestsController < Projects::ApplicationController
       format.json   { render json: @merge_request }
       format.patch  { render text: @merge_request.to_patch }
       format.diff do
-        headers.store(*Gitlab::Workhorse.send_git_diff(@project.repository,
-                                                        @merge_request.diff_base_commit.id,
-                                                        @merge_request.last_commit.id))
-        headers['Content-Disposition'] = 'inline'
+        return render_404 unless @merge_request.diff_refs
 
-        head :ok
+        send_git_diff @project.repository, @merge_request.diff_refs
       end
     end
   end
diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 10de0e60530..10d24da16d7 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -18,10 +18,7 @@ class Projects::RawController < Projects::ApplicationController
       if @blob.lfs_pointer?
         send_lfs_object
       else
-        headers.store(*Gitlab::Workhorse.send_git_blob(@repository, @blob))
-        headers['Content-Disposition'] = 'inline'
-        headers['Content-Type'] = safe_content_type(@blob)
-        head :ok # 'render nothing: true' messes up the Content-Type
+        send_git_blob @repository, @blob
       end
     else
       render_404
diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index bb7a6b6a5ab..d5af0341d18 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -11,8 +11,7 @@ class Projects::RepositoriesController < Projects::ApplicationController
   end
 
   def archive
-    headers.store(*Gitlab::Workhorse.send_git_archive(@project, params[:ref], params[:format]))
-    head :ok
+    send_git_archive @repository, ref: params[:ref], format: params[:format]
   rescue => ex
     logger.error("#{self.class.name}: #{ex}")
     return git_not_found!
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index 4b404eb03fa..2aa6bed0724 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -95,7 +95,7 @@ class Projects::WikisController < Projects::ApplicationController
     ext.analyze(text, author: current_user)
 
     render json: {
-      body: view_context.markdown(text, pipeline: :wiki, project_wiki: @project_wiki),
+      body: view_context.markdown(text, pipeline: :wiki, project_wiki: @project_wiki, page_slug: params[:id]),
       references: {
         users: ext.users.map(&:username)
       }
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 3af62c7696c..a6479c42d94 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -234,7 +234,7 @@ class ProjectsController < Projects::ApplicationController
       :issues_tracker_id, :default_branch,
       :wiki_enabled, :visibility_level, :import_url, :last_activity_at, :namespace_id, :avatar,
       :builds_enabled, :build_allow_git_fetch, :build_timeout_in_minutes, :build_coverage_regex,
-      :public_builds,
+      :public_builds, :only_allow_merge_if_build_succeeds
     )
   end