Merge remote-tracking branch 'upstream/master' into test-pg-mysql

* upstream/master: (238 commits)
  Periodically clean up temporary upload files to recover storage space
  Add a name field to the group edit form
  Remove the User#is_admin? method
  Fix specs
  Enable RSpec/DescribeSymbol; update .rubocop_todo.yml
  Update rubocop-rspec 1.12.0 -> 1.15.0
  Rename displaying_blame to blame
  Actually include WaitForAjax!
  Don't show Copy contents button on Blame page
  alfredo review changes
  Give explicit height to SVG icons for Safari
  Update MR title change icon
  Put back usernames in activity and profile feed
  Wait for AJAX requests to complete so they don't blow up if they are only handled after DatabaseCleaner has already run
  Revert yarn.lock changes
  add CHANGELOG.md entry for !10522
  upgrade webpack-dev-server to fix issues with SockJS causing odd reload behavior in firefox
  upgrade webpack to v2.3.3 to resolve sourcemap issues
  Rever yarn.lock changes
  Revert yarn.lock file changes
  ...

12 files changed, 24 insertions, 28 deletions

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 00d44821e3f..9919762cd82 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -14,7 +14,7 @@ module API
 
     class User < UserBasic
       expose :created_at
-      expose :is_admin?, as: :is_admin
+      expose :admin?, as: :is_admin
       expose :bio, :location, :skype, :linkedin, :twitter, :website_url, :organization
     end
 
@@ -184,19 +184,15 @@ module API
       end
 
       expose :protected do |repo_branch, options|
-        options[:project].protected_branch?(repo_branch.name)
+        ProtectedBranch.protected?(options[:project], repo_branch.name)
       end
 
       expose :developers_can_push do |repo_branch, options|
-        project = options[:project]
-        access_levels = project.protected_branches.matching(repo_branch.name).map(&:push_access_levels).flatten
-        access_levels.any? { |access_level| access_level.access_level == Gitlab::Access::DEVELOPER }
+        options[:project].protected_branches.developers_can?(:push, repo_branch.name)
       end
 
       expose :developers_can_merge do |repo_branch, options|
-        project = options[:project]
-        access_levels = project.protected_branches.matching(repo_branch.name).map(&:merge_access_levels).flatten
-        access_levels.any? { |access_level| access_level.access_level == Gitlab::Access::DEVELOPER }
+        options[:project].protected_branches.developers_can?(:merge, repo_branch.name)
       end
     end
 
@@ -615,9 +611,9 @@ module API
       expose :locked
       expose :version, :revision, :platform, :architecture
       expose :contacted_at
-      expose :token, if: lambda { |runner, options| options[:current_user].is_admin? || !runner.is_shared? }
+      expose :token, if: lambda { |runner, options| options[:current_user].admin? || !runner.is_shared? }
       expose :projects, with: Entities::BasicProjectDetails do |runner, options|
-        if options[:current_user].is_admin?
+        if options[:current_user].admin?
           runner.projects
         else
           options[:current_user].authorized_projects.where(id: runner.projects)
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 605769eddde..32bbf956d7f 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -56,7 +56,7 @@ module API
         groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
         groups = groups.reorder(params[:order_by] => params[:sort])
 
-        present_groups groups, statistics: params[:statistics] && current_user.is_admin?
+        present_groups groups, statistics: params[:statistics] && current_user.admin?
       end
 
       desc 'Create a group. Available only for users who can create groups.' do
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 61527c1e20b..ddff3c8c1e8 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -118,7 +118,7 @@ module API
 
     def authenticated_as_admin!
       authenticate!
-      forbidden! unless current_user.is_admin?
+      forbidden! unless current_user.admin?
     end
 
     def authorize!(action, subject = :global)
@@ -358,7 +358,7 @@ module API
       return unless sudo_identifier
       return unless initial_current_user
 
-      unless initial_current_user.is_admin?
+      unless initial_current_user.admin?
         forbidden!('Must be admin to use sudo')
       end
 
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index 56c597dffcb..70d0d57204d 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -142,7 +142,7 @@ module API
         project = Project.find_by_full_path(relative_path.sub(/\.(git|wiki)\z/, ''))
 
         begin
-          Gitlab::GitalyClient::Notifications.new(project.repository_storage, relative_path).post_receive
+          Gitlab::GitalyClient::Notifications.new(project.repository).post_receive
         rescue GRPC::Unavailable => e
           render_api_error(e, 500)
         end
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index de39e579ac3..e281e3230fd 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -78,7 +78,7 @@ module API
           }
 
           if can?(current_user, noteable_read_ability_name(noteable), noteable)
-            if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user)
+            if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
               opts[:created_at] = params[:created_at]
             end
 
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index a77c876a749..db6c7c59092 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -161,18 +161,18 @@ module API
       end
 
       def authenticate_show_runner!(runner)
-        return if runner.is_shared || current_user.is_admin?
+        return if runner.is_shared || current_user.admin?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
       def authenticate_update_runner!(runner)
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
       def authenticate_delete_runner!(runner)
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner associated with more than one project") if runner.projects.count > 1
         forbidden!("No access granted") unless user_can_access_runner?(runner)
@@ -181,7 +181,7 @@ module API
       def authenticate_enable_runner!(runner)
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner is locked") if runner.locked?
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 65f86caaa51..23ef62c2258 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -642,7 +642,7 @@ module API
           service_params = declared_params(include_missing: false).merge(active: true)
 
           if service.update_attributes(service_params)
-            present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+            present service, with: Entities::ProjectService, include_passwords: current_user.admin?
           else
             render_api_error!('400 Bad Request', 400)
           end
@@ -673,7 +673,7 @@ module API
       end
       get ":id/services/:service_slug" do
         service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-        present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+        present service, with: Entities::ProjectService, include_passwords: current_user.admin?
       end
     end
 
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 992a751b37d..6f40f92240a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -56,10 +56,10 @@ module API
           users = users.active if params[:active]
           users = users.search(params[:search]) if params[:search].present?
           users = users.blocked if params[:blocked]
-          users = users.external if params[:external] && current_user.is_admin?
+          users = users.external if params[:external] && current_user.admin?
         end
 
-        entity = current_user.is_admin? ? Entities::UserPublic : Entities::UserBasic
+        entity = current_user.admin? ? Entities::UserPublic : Entities::UserBasic
         present paginate(users), with: entity
       end
 
@@ -73,7 +73,7 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        if current_user && current_user.is_admin?
+        if current_user && current_user.admin?
           present user, with: Entities::UserPublic
         elsif can?(current_user, :read_user, user)
           present user, with: Entities::User
diff --git a/lib/api/v3/groups.rb b/lib/api/v3/groups.rb
index 9b27411ae21..63d464b926b 100644
--- a/lib/api/v3/groups.rb
+++ b/lib/api/v3/groups.rb
@@ -54,7 +54,7 @@ module API
           groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
           groups = groups.reorder(params[:order_by] => params[:sort])
 
-          present_groups groups, statistics: params[:statistics] && current_user.is_admin?
+          present_groups groups, statistics: params[:statistics] && current_user.admin?
         end
 
         desc 'Get list of owned groups for authenticated user' do
diff --git a/lib/api/v3/notes.rb b/lib/api/v3/notes.rb
index 4f8e0eff4ff..009ec5c6bbd 100644
--- a/lib/api/v3/notes.rb
+++ b/lib/api/v3/notes.rb
@@ -79,7 +79,7 @@ module API
             noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
 
             if can?(current_user, noteable_read_ability_name(noteable), noteable)
-              if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user)
+              if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
                 opts[:created_at] = params[:created_at]
               end
 
diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb
index 1934d6e578c..faa265f3314 100644
--- a/lib/api/v3/runners.rb
+++ b/lib/api/v3/runners.rb
@@ -50,7 +50,7 @@ module API
 
       helpers do
         def authenticate_delete_runner!(runner)
-          return if current_user.is_admin?
+          return if current_user.admin?
           forbidden!("Runner is shared") if runner.is_shared?
           forbidden!("Runner associated with more than one project") if runner.projects.count > 1
           forbidden!("No access granted") unless user_can_access_runner?(runner)
diff --git a/lib/api/v3/services.rb b/lib/api/v3/services.rb
index bbe07ed4212..61629a04174 100644
--- a/lib/api/v3/services.rb
+++ b/lib/api/v3/services.rb
@@ -602,7 +602,7 @@ module API
         end
         get ":id/services/:service_slug" do
           service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-          present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+          present service, with: Entities::ProjectService, include_passwords: current_user.admin?
         end
       end