Add latest changes from gitlab-org/gitlab@12-4-stable-ee

4 files changed, 54 insertions, 3 deletions

diff --git a/db/migrate/20191016072826_replace_ci_trigger_requests_index.rb b/db/migrate/20191016072826_replace_ci_trigger_requests_index.rb
index d7c9524806e..8faa6c3847f 100644
--- a/db/migrate/20191016072826_replace_ci_trigger_requests_index.rb
+++ b/db/migrate/20191016072826_replace_ci_trigger_requests_index.rb
@@ -10,7 +10,12 @@ class ReplaceCiTriggerRequestsIndex < ActiveRecord::Migration[5.2]
   def up
     add_concurrent_index :ci_trigger_requests, [:trigger_id, :id], order: { id: :desc }
 
-    remove_concurrent_index :ci_trigger_requests, [:trigger_id]
+    # Some installations have legacy, duplicate indexes on
+    # ci_trigger_requests.trigger_id. Rails won't drop them without an
+    # explicit name: https://gitlab.com/gitlab-org/gitlab/issues/34818
+    old_index_names.each do |name|
+      remove_concurrent_index :ci_trigger_requests, [:trigger_id], name: name
+    end
   end
 
   def down
@@ -18,4 +23,10 @@ class ReplaceCiTriggerRequestsIndex < ActiveRecord::Migration[5.2]
 
     remove_concurrent_index :ci_trigger_requests, [:trigger_id, :id], order: { id: :desc }
   end
+
+  private
+
+  def old_index_names
+    indexes(:ci_trigger_requests).select { |i| i.columns == ['trigger_id'] }.map(&:name)
+  end
 end
diff --git a/db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb b/db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb
new file mode 100644
index 00000000000..dd79fb217ef
--- /dev/null
+++ b/db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+class ChangeDefaultValueOfThrottleProtectedPaths < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    change_column_default :application_settings, :throttle_protected_paths_enabled, false
+
+    # Because we already set the value to true in the previous
+    # migration, this feature was switched on inadvertently in GitLab
+    # 12.4. This migration toggles it back off to ensure we don't
+    # inadvertently block legitimate users. The admin will have to
+    # re-enable it in the application settings.
+    unless omnibus_protected_paths_present?
+      execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{false_value}"
+    end
+  end
+
+  def down
+    change_column_default :application_settings, :throttle_protected_paths_enabled, true
+
+    execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{true_value}"
+  end
+
+  private
+
+  def omnibus_protected_paths_present?
+    Rack::Attack.throttles.key?('protected paths')
+  rescue e
+    say "Error while checking if Omnibus protected paths were already enabled: #{e.message}"
+    say 'Continuing. Protected paths will remain enabled.'
+
+    # Return true so we don't take a risk
+    true
+  end
+end
diff --git a/db/post_migrate/20190911251732_sync_issuables_state_id.rb b/db/post_migrate/20190911251732_sync_issuables_state_id.rb
index 4865e98a75e..031837122fb 100644
--- a/db/post_migrate/20190911251732_sync_issuables_state_id.rb
+++ b/db/post_migrate/20190911251732_sync_issuables_state_id.rb
@@ -62,6 +62,7 @@ class SyncIssuablesStateId < ActiveRecord::Migration[5.2]
       CASE state
       WHEN 'opened' THEN 1
       WHEN 'closed' THEN 2
+      ELSE 2
       END
     SQL
   end
@@ -73,6 +74,7 @@ class SyncIssuablesStateId < ActiveRecord::Migration[5.2]
       WHEN 'closed' THEN 2
       WHEN 'merged' THEN 3
       WHEN 'locked' THEN 4
+      ELSE 2
       END
     SQL
   end
diff --git a/db/schema.rb b/db/schema.rb
index f3a2b4608f5..95a4efb7e2a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_10_16_220135) do
+ActiveRecord::Schema.define(version: 2019_10_26_041447) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -331,7 +331,7 @@ ActiveRecord::Schema.define(version: 2019_10_16_220135) do
     t.string "encrypted_asset_proxy_secret_key_iv"
     t.string "static_objects_external_storage_url", limit: 255
     t.string "static_objects_external_storage_auth_token", limit: 255
-    t.boolean "throttle_protected_paths_enabled", default: true, null: false
+    t.boolean "throttle_protected_paths_enabled", default: false, null: false
     t.integer "throttle_protected_paths_requests_per_period", default: 10, null: false
     t.integer "throttle_protected_paths_period_in_seconds", default: 60, null: false
     t.string "protected_paths", limit: 255, default: ["/users/password", "/users/sign_in", "/api/v3/session.json", "/api/v3/session", "/api/v4/session.json", "/api/v4/session", "/users", "/users/confirmation", "/unsubscribes/", "/import/github/personal_access_token"], array: true