diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:14:22 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:14:35 +0000 |
commit | d547692176052bc047f36cfd1a638f1b746bfa6d (patch) | |
tree | 054a52aa507f85bf7ea04f7bbcf8394e62cf6e82 /app | |
parent | 9fdc4213b6a4bb8f45d6e65f90047ac742e1c48b (diff) | |
download | gitlab-ce-d547692176052bc047f36cfd1a638f1b746bfa6d.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-10-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/error_tracking_settings/utils.js | 3 | ||||
-rw-r--r-- | app/assets/javascripts/projects/settings/access_dropdown.js | 2 | ||||
-rw-r--r-- | app/controllers/projects/error_tracking_controller.rb | 1 | ||||
-rw-r--r-- | app/controllers/projects/settings/operations_controller.rb | 2 | ||||
-rw-r--r-- | app/helpers/integrations_helper.rb | 21 | ||||
-rw-r--r-- | app/helpers/projects_helper.rb | 1 | ||||
-rw-r--r-- | app/models/clusters/applications/runner.rb | 2 | ||||
-rw-r--r-- | app/models/error_tracking/project_error_tracking_setting.rb | 24 | ||||
-rw-r--r-- | app/policies/project_policy.rb | 2 | ||||
-rw-r--r-- | app/serializers/member_user_entity.rb | 14 | ||||
-rw-r--r-- | app/services/projects/operations/update_service.rb | 3 |
11 files changed, 47 insertions, 28 deletions
diff --git a/app/assets/javascripts/error_tracking_settings/utils.js b/app/assets/javascripts/error_tracking_settings/utils.js index 7ef5f7bbd34..47a42dc3742 100644 --- a/app/assets/javascripts/error_tracking_settings/utils.js +++ b/app/assets/javascripts/error_tracking_settings/utils.js @@ -1,4 +1,4 @@ -export const projectKeys = ['name', 'organizationName', 'organizationSlug', 'slug']; +export const projectKeys = ['id', 'name', 'organizationName', 'organizationSlug', 'slug']; export const transformFrontendSettings = ({ apiHost, @@ -9,6 +9,7 @@ export const transformFrontendSettings = ({ }) => { const project = selectedProject ? { + sentry_project_id: selectedProject.id, slug: selectedProject.slug, name: selectedProject.name, organization_name: selectedProject.organizationName, diff --git a/app/assets/javascripts/projects/settings/access_dropdown.js b/app/assets/javascripts/projects/settings/access_dropdown.js index 7fb7a416dca..79dfa166b1a 100644 --- a/app/assets/javascripts/projects/settings/access_dropdown.js +++ b/app/assets/javascripts/projects/settings/access_dropdown.js @@ -537,7 +537,7 @@ export default class AccessDropdown { return ` <li> <a href="#" class="${isActiveClass}"> - <strong>${key.title}</strong> + <strong>${escape(key.title)}</strong> <p> ${sprintf( __('Owned by %{image_tag}'), diff --git a/app/controllers/projects/error_tracking_controller.rb b/app/controllers/projects/error_tracking_controller.rb index 06383d26133..d2e36ef5496 100644 --- a/app/controllers/projects/error_tracking_controller.rb +++ b/app/controllers/projects/error_tracking_controller.rb @@ -4,6 +4,7 @@ class Projects::ErrorTrackingController < Projects::ErrorTracking::BaseControlle respond_to :json before_action :authorize_read_sentry_issue! + before_action :authorize_update_sentry_issue!, only: %i[update] before_action :set_issue_id, only: :details before_action only: [:index] do diff --git a/app/controllers/projects/settings/operations_controller.rb b/app/controllers/projects/settings/operations_controller.rb index 43c72b358db..199173cb641 100644 --- a/app/controllers/projects/settings/operations_controller.rb +++ b/app/controllers/projects/settings/operations_controller.rb @@ -143,7 +143,7 @@ module Projects :integrated, :api_host, :token, - project: [:slug, :name, :organization_slug, :organization_name] + project: [:slug, :name, :organization_slug, :organization_name, :sentry_project_id] ], grafana_integration_attributes: [:token, :grafana_url, :enabled], diff --git a/app/helpers/integrations_helper.rb b/app/helpers/integrations_helper.rb index b960ed46ba9..471ca425f83 100644 --- a/app/helpers/integrations_helper.rb +++ b/app/helpers/integrations_helper.rb @@ -159,27 +159,6 @@ module IntegrationsHelper !Gitlab.com? end - def jira_issue_breadcrumb_link(issue_reference) - link_to '', { class: 'gl-display-flex gl-align-items-center gl-white-space-nowrap' } do - icon = image_tag image_path('illustrations/logos/jira.svg'), width: 15, height: 15, class: 'gl-mr-2' - [icon, html_escape(issue_reference)].join.html_safe - end - end - - def zentao_issue_breadcrumb_link(issue) - link_to issue[:web_url], { target: '_blank', rel: 'noopener noreferrer', class: 'gl-display-flex gl-align-items-center gl-white-space-nowrap' } do - icon = image_tag image_path('logos/zentao.svg'), width: 15, height: 15, class: 'gl-mr-2' - [icon, html_escape(issue[:id])].join.html_safe - end - end - - def zentao_issues_show_data - { - issues_show_path: project_integrations_zentao_issue_path(@project, params[:id], format: :json), - issues_list_path: project_integrations_zentao_issues_path(@project) - } - end - extend self private diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index 21c7a54670c..1e427efe9d3 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -298,6 +298,7 @@ module ProjectsHelper setting.organization_slug.blank? { + sentry_project_id: setting.sentry_project_id, name: setting.project_name, organization_name: setting.organization_name, organization_slug: setting.organization_slug, diff --git a/app/models/clusters/applications/runner.rb b/app/models/clusters/applications/runner.rb index e62b6fa5fc5..74b09f935eb 100644 --- a/app/models/clusters/applications/runner.rb +++ b/app/models/clusters/applications/runner.rb @@ -3,7 +3,7 @@ module Clusters module Applications class Runner < ApplicationRecord - VERSION = '0.39.0' + VERSION = '0.39.2' self.table_name = 'clusters_applications_runners' diff --git a/app/models/error_tracking/project_error_tracking_setting.rb b/app/models/error_tracking/project_error_tracking_setting.rb index 3ecfb895dac..30382a1c205 100644 --- a/app/models/error_tracking/project_error_tracking_setting.rb +++ b/app/models/error_tracking/project_error_tracking_setting.rb @@ -125,17 +125,22 @@ module ErrorTracking def issue_details(opts = {}) with_reactive_cache('issue_details', opts.stringify_keys) do |result| + ensure_issue_belongs_to_project!(result[:issue].project_id) result end end def issue_latest_event(opts = {}) with_reactive_cache('issue_latest_event', opts.stringify_keys) do |result| + ensure_issue_belongs_to_project!(result[:latest_event].project_id) result end end def update_issue(opts = {}) + issue_to_be_updated = sentry_client.issue_details(issue_id: opts[:issue_id]) + ensure_issue_belongs_to_project!(issue_to_be_updated.project_id) + handle_exceptions do { updated: sentry_client.update_issue(opts) } end @@ -177,6 +182,25 @@ module ErrorTracking private + def ensure_issue_belongs_to_project!(project_id_from_api) + raise 'The Sentry issue appers to be outside of the configured Sentry project' if Integer(project_id_from_api) != ensure_sentry_project_id! + end + + def ensure_sentry_project_id! + return sentry_project_id if sentry_project_id.present? + + raise("Couldn't find project: #{organization_name} / #{project_name} on Sentry") if sentry_project.nil? + + update!(sentry_project_id: sentry_project.id) + sentry_project_id + end + + def sentry_project + strong_memoize(:sentry_project) do + sentry_client.projects.find { |project| project.name == project_name && project.organization_name == organization_name } + end + end + def add_gitlab_issue_details(issue) issue.gitlab_commit = match_gitlab_commit(issue.first_release_version) issue.gitlab_commit_path = project_commit_path(project, issue.gitlab_commit) if issue.gitlab_commit diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 493afd91364..517fefb2b77 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -297,7 +297,6 @@ class ProjectPolicy < BasePolicy enable :read_deployment enable :read_merge_request enable :read_sentry_issue - enable :update_sentry_issue enable :read_prometheus enable :read_metrics_dashboard_annotation enable :metrics_dashboard @@ -413,6 +412,7 @@ class ProjectPolicy < BasePolicy enable :admin_feature_flags_user_lists enable :update_escalation_status enable :read_secure_files + enable :update_sentry_issue end rule { can?(:developer_access) & user_confirmed? }.policy do diff --git a/app/serializers/member_user_entity.rb b/app/serializers/member_user_entity.rb index b3d8efc9143..6a01c5bb297 100644 --- a/app/serializers/member_user_entity.rb +++ b/app/serializers/member_user_entity.rb @@ -16,7 +16,7 @@ class MemberUserEntity < UserEntity user.blocked? end - expose :two_factor_enabled do |user| + expose :two_factor_enabled, if: -> (user) { current_user_can_manage_members? || current_user?(user) } do |user| user.two_factor_enabled? end @@ -25,6 +25,18 @@ class MemberUserEntity < UserEntity user.status.emoji end end + + private + + def current_user_can_manage_members? + return false unless options[:source] + + Ability.allowed?(options[:current_user], :"admin_#{options[:source].to_ability_name}_member", options[:source]) + end + + def current_user?(user) + options[:current_user] == user + end end MemberUserEntity.prepend_mod_with('MemberUserEntity') diff --git a/app/services/projects/operations/update_service.rb b/app/services/projects/operations/update_service.rb index b66435d013b..d8686f16dc5 100644 --- a/app/services/projects/operations/update_service.rb +++ b/app/services/projects/operations/update_service.rb @@ -90,7 +90,8 @@ module Projects api_url: api_url, enabled: settings[:enabled], project_name: settings.dig(:project, :name), - organization_name: settings.dig(:project, :organization_name) + organization_name: settings.dig(:project, :organization_name), + sentry_project_id: settings.dig(:project, :sentry_project_id) } } params[:error_tracking_setting_attributes][:token] = settings[:token] unless /\A\*+\z/.match?(settings[:token]) # Don't update token if we receive masked value |