diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-14 18:08:31 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-14 18:08:31 +0000 |
commit | 92f95ccac81911d1fcc32e999a7f1ce04624a56c (patch) | |
tree | ad207e86b7858ae93a085fbdc04155f5cd469620 /app | |
parent | 85e494935a8726dc98bb19ffa584488420e5011e (diff) | |
download | gitlab-ce-92f95ccac81911d1fcc32e999a7f1ce04624a56c.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/clusters/components/applications.vue | 4 | ||||
-rw-r--r-- | app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue | 23 | ||||
-rw-r--r-- | app/assets/javascripts/registry/list/components/collapsible_container.vue | 9 | ||||
-rw-r--r-- | app/controllers/clusters/clusters_controller.rb | 1 | ||||
-rw-r--r-- | app/controllers/search_controller.rb | 17 | ||||
-rw-r--r-- | app/helpers/application_settings_helper.rb | 1 | ||||
-rw-r--r-- | app/helpers/projects_helper.rb | 1 | ||||
-rw-r--r-- | app/models/project_feature.rb | 10 | ||||
-rw-r--r-- | app/services/clusters/applications/base_service.rb | 2 | ||||
-rw-r--r-- | app/services/search_service.rb | 11 | ||||
-rw-r--r-- | app/views/admin/application_settings/_pages.html.haml | 9 |
11 files changed, 63 insertions, 25 deletions
diff --git a/app/assets/javascripts/clusters/components/applications.vue b/app/assets/javascripts/clusters/components/applications.vue index b37e644b503..704515cf70c 100644 --- a/app/assets/javascripts/clusters/components/applications.vue +++ b/app/assets/javascripts/clusters/components/applications.vue @@ -129,9 +129,6 @@ export default { crossplaneInstalled() { return this.applications.crossplane.status === APPLICATION_STATUS.INSTALLED; }, - enableClusterApplicationCrossplane() { - return gon.features && gon.features.enableClusterApplicationCrossplane; - }, enableClusterApplicationElasticStack() { return gon.features && gon.features.enableClusterApplicationElasticStack; }, @@ -519,7 +516,6 @@ Crossplane runs inside your Kubernetes cluster and supports secure connectivity </div> </application-row> <application-row - v-if="enableClusterApplicationCrossplane" id="crossplane" :logo-url="crossplaneLogo" :title="applications.crossplane.title" diff --git a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue index 4802cc2ad25..0883b89d75b 100644 --- a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue +++ b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue @@ -82,6 +82,11 @@ export default { required: false, default: false, }, + pagesAccessControlForced: { + type: Boolean, + required: false, + default: false, + }, pagesHelpPath: { type: String, required: false, @@ -130,10 +135,22 @@ export default { }, pagesFeatureAccessLevelOptions() { - if (this.visibilityLevel !== visibilityOptions.PUBLIC) { - return this.featureAccessLevelOptions.concat([[30, PAGE_FEATURE_ACCESS_LEVEL]]); + const options = [featureAccessLevelMembers]; + + if (this.pagesAccessControlForced) { + if (this.visibilityLevel === visibilityOptions.INTERNAL) { + options.push(featureAccessLevelEveryone); + } + } else { + if (this.visibilityLevel !== visibilityOptions.PRIVATE) { + options.push(featureAccessLevelEveryone); + } + + if (this.visibilityLevel !== visibilityOptions.PUBLIC) { + options.push([30, PAGE_FEATURE_ACCESS_LEVEL]); + } } - return this.featureAccessLevelOptions; + return options; }, repositoryEnabled() { diff --git a/app/assets/javascripts/registry/list/components/collapsible_container.vue b/app/assets/javascripts/registry/list/components/collapsible_container.vue index 86bb2d8092e..9786a1a3f75 100644 --- a/app/assets/javascripts/registry/list/components/collapsible_container.vue +++ b/app/assets/javascripts/registry/list/components/collapsible_container.vue @@ -14,7 +14,7 @@ import ClipboardButton from '~/vue_shared/components/clipboard_button.vue'; import Icon from '~/vue_shared/components/icon.vue'; import TableRegistry from './table_registry.vue'; import { DELETE_REPO_ERROR_MESSAGE } from '../constants'; -import { __ } from '~/locale'; +import { __, sprintf } from '~/locale'; export default { name: 'CollapsibeContainerRegisty', @@ -55,6 +55,11 @@ export default { canDeleteRepo() { return this.repo.canDelete && !this.isDeleteDisabled; }, + deleteImageConfirmationMessage() { + return sprintf(__('Image %{imageName} was scheduled for deletion from the registry.'), { + imageName: this.repo.name, + }); + }, }, methods: { ...mapActions(['fetchRepos', 'fetchList', 'deleteItem']), @@ -69,7 +74,7 @@ export default { this.track('confirm_delete'); return this.deleteItem(this.repo) .then(() => { - createFlash(__('This container registry has been scheduled for deletion.'), 'notice'); + createFlash(this.deleteImageConfirmationMessage, 'notice'); this.fetchRepos(); }) .catch(() => createFlash(DELETE_REPO_ERROR_MESSAGE)); diff --git a/app/controllers/clusters/clusters_controller.rb b/app/controllers/clusters/clusters_controller.rb index f4b74b14c0b..52a5f801bad 100644 --- a/app/controllers/clusters/clusters_controller.rb +++ b/app/controllers/clusters/clusters_controller.rb @@ -14,7 +14,6 @@ class Clusters::ClustersController < Clusters::BaseController before_action :update_applications_status, only: [:cluster_status] before_action only: [:show] do push_frontend_feature_flag(:enable_cluster_application_elastic_stack) - push_frontend_feature_flag(:enable_cluster_application_crossplane) end helper_method :token_in_session diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index b6e24a450e8..04d2b3068da 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -5,9 +5,6 @@ class SearchController < ApplicationController include SearchHelper include RendersCommits - NON_ES_SEARCH_TERM_LIMIT = 64 - NON_ES_SEARCH_CHAR_LIMIT = 4096 - around_action :allow_gitaly_ref_name_caching skip_before_action :authenticate_user! @@ -68,19 +65,13 @@ class SearchController < ApplicationController private def search_term_valid? - return true if Gitlab::CurrentSettings.elasticsearch_search? - - chars_count = params[:search].length - if chars_count > NON_ES_SEARCH_CHAR_LIMIT - flash[:alert] = t('errors.messages.search_chars_too_long', count: NON_ES_SEARCH_CHAR_LIMIT) - + unless search_service.valid_query_length? + flash[:alert] = t('errors.messages.search_chars_too_long', count: SearchService::SEARCH_CHAR_LIMIT) return false end - search_terms_count = params[:search].split.count { |word| word.length >= 3 } - if search_terms_count > NON_ES_SEARCH_TERM_LIMIT - flash[:alert] = t('errors.messages.search_terms_too_long', count: NON_ES_SEARCH_TERM_LIMIT) - + unless search_service.valid_terms_count? + flash[:alert] = t('errors.messages.search_terms_too_long', count: SearchService::SEARCH_TERM_LIMIT) return false end diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index 7115fd834fd..077035a49ed 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -202,6 +202,7 @@ module ApplicationSettingsHelper :enabled_git_access_protocol, :enforce_terms, :first_day_of_week, + :force_pages_access_control, :gitaly_timeout_default, :gitaly_timeout_medium, :gitaly_timeout_fast, diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index d683faf6a20..7bd6c6670c1 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -587,6 +587,7 @@ module ProjectsHelper lfsHelpPath: help_page_path('workflow/lfs/manage_large_binaries_with_git_lfs'), pagesAvailable: Gitlab.config.pages.enabled, pagesAccessControlEnabled: Gitlab.config.pages.access_control, + pagesAccessControlForced: ::Gitlab::Pages.access_control_is_forced?, pagesHelpPath: help_page_path('user/project/pages/introduction', anchor: 'gitlab-pages-access-control-core') } end diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb index 4973c7761c1..ec097844499 100644 --- a/app/models/project_feature.rb +++ b/app/models/project_feature.rb @@ -97,7 +97,13 @@ class ProjectFeature < ApplicationRecord default_value_for :wiki_access_level, value: ENABLED, allows_nil: false default_value_for :repository_access_level, value: ENABLED, allows_nil: false - default_value_for(:pages_access_level, allows_nil: false) { |feature| feature.project&.public? ? ENABLED : PRIVATE } + default_value_for(:pages_access_level, allows_nil: false) do |feature| + if ::Gitlab::Pages.access_control_is_forced? + PRIVATE + else + feature.project&.public? ? ENABLED : PRIVATE + end + end def feature_available?(feature, user) # This feature might not be behind a feature flag at all, so default to true @@ -137,6 +143,8 @@ class ProjectFeature < ApplicationRecord def public_pages? return true unless Gitlab.config.pages.access_control + return false if ::Gitlab::Pages.access_control_is_forced? + pages_access_level == PUBLIC || pages_access_level == ENABLED && project.public? end diff --git a/app/services/clusters/applications/base_service.rb b/app/services/clusters/applications/base_service.rb index 89b8163f798..844da11e5cb 100644 --- a/app/services/clusters/applications/base_service.rb +++ b/app/services/clusters/applications/base_service.rb @@ -68,7 +68,7 @@ module Clusters end def invalid_application? - unknown_application? || (application_name == Applications::ElasticStack.application_name && !Feature.enabled?(:enable_cluster_application_elastic_stack)) || (application_name == Applications::Crossplane.application_name && !Feature.enabled?(:enable_cluster_application_crossplane)) + unknown_application? || (application_name == Applications::ElasticStack.application_name && !Feature.enabled?(:enable_cluster_application_elastic_stack)) end def unknown_application? diff --git a/app/services/search_service.rb b/app/services/search_service.rb index 91c0f9ba104..fe5e823b56c 100644 --- a/app/services/search_service.rb +++ b/app/services/search_service.rb @@ -3,6 +3,9 @@ class SearchService include Gitlab::Allowable + SEARCH_TERM_LIMIT = 64 + SEARCH_CHAR_LIMIT = 4096 + def initialize(current_user, params = {}) @current_user = current_user @params = params.dup @@ -42,6 +45,14 @@ class SearchService @show_snippets = params[:snippets] == 'true' end + def valid_query_length? + params[:search].length <= SEARCH_CHAR_LIMIT + end + + def valid_terms_count? + params[:search].split.count { |word| word.length >= 3 } <= SEARCH_TERM_LIMIT + end + delegate :scope, to: :search_service def search_results diff --git a/app/views/admin/application_settings/_pages.html.haml b/app/views/admin/application_settings/_pages.html.haml index b15afb3b806..8214cf8ce9f 100644 --- a/app/views/admin/application_settings/_pages.html.haml +++ b/app/views/admin/application_settings/_pages.html.haml @@ -15,6 +15,15 @@ .form-text.text-muted = _("Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled") = link_to icon('question-circle'), help_page_path('user/project/pages/custom_domains_ssl_tls_certification/index.md', anchor: '4-verify-the-domains-ownership') + - if Gitlab.config.pages.access_control + .form-group + .form-check + = f.check_box :force_pages_access_control, class: 'form-check-input' + = f.label :force_pages_access_control, class: 'form-check-label' do + = _("Disable public access to Pages sites") + .form-text.text-muted + = _("Access to Pages websites are controlled based on the user's membership to a given project. By checking this box, users will be required to be logged in to have access to all Pages websites in your instance.") + = link_to icon('question-circle'), help_page_path('administration/pages/index.md', anchor: 'disabling-public-access-to-all-pages-websites') %h5 = _("Configure Let's Encrypt") %p |