Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-01 03:09:55 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-01 03:09:55 +0000
commit: 4ed4dc08a806773e5dc326fc0c18bda6f6ea7af7 (patch)
tree: 6b68c951a0fa49efd7bab988fd740012cbe5443b /lib
parent: 186e045e14c941ac0b8490a0ff92694b186990ad (diff)
download: gitlab-ce-4ed4dc08a806773e5dc326fc0c18bda6f6ea7af7.tar.gz
3 files changed, 25 insertions, 15 deletions
diff --git a/lib/api/search.rb b/lib/api/search.rb
index b9c6a823f4f..8b6569dd57d 100644
--- a/lib/api/search.rb
+++ b/lib/api/search.rb
@@ -62,12 +62,6 @@ module API
         # Defining this method here as a noop allows us to easily extend it in
         # EE, without having to modify this file directly.
       end
-
-      def check_users_search_allowed!
-        if params[:scope].to_sym == :users && Feature.disabled?(:users_search, default_enabled: true)
-          render_api_error!({ error: _("Scope not supported with disabled 'users_search' feature!") }, 400)
-        end
-      end
     end
 
     resource :search do
@@ -85,7 +79,6 @@ module API
       end
       get do
         verify_search_scope!(resource: nil)
-        check_users_search_allowed!
 
         present search, with: entity
       end
@@ -107,7 +100,6 @@ module API
       end
       get ':id/(-/)search' do
         verify_search_scope!(resource: user_group)
-        check_users_search_allowed!
 
         present search(group_id: user_group.id), with: entity
       end
@@ -129,8 +121,6 @@ module API
         use :pagination
       end
       get ':id/(-/)search' do
-        check_users_search_allowed!
-
         present search({ project_id: user_project.id, repository_ref: params[:ref] }), with: entity
       end
     end
diff --git a/lib/gitlab/git_access_snippet.rb b/lib/gitlab/git_access_snippet.rb
index ae83e45f2b3..b4ccca9df07 100644
--- a/lib/gitlab/git_access_snippet.rb
+++ b/lib/gitlab/git_access_snippet.rb
@@ -60,13 +60,17 @@ module Gitlab
     def check_valid_actor!
       # TODO: Investigate if expanding actor/authentication types are needed.
       # https://gitlab.com/gitlab-org/gitlab/issues/202190
-      if actor && !actor.is_a?(User) && !actor.instance_of?(Key)
+      if actor && !allowed_actor?
         raise ForbiddenError, ERROR_MESSAGES[:authentication_mechanism]
       end
 
       super
     end
 
+    def allowed_actor?
+      actor.is_a?(User) || actor.instance_of?(Key)
+    end
+
     def project_snippet?
       snippet.is_a?(ProjectSnippet)
     end
@@ -138,3 +142,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::GitAccessSnippet.prepend_if_ee('EE::Gitlab::GitAccessSnippet')
diff --git a/lib/gitlab/search_results.rb b/lib/gitlab/search_results.rb
index 3500af51373..1e78464ddf8 100644
--- a/lib/gitlab/search_results.rb
+++ b/lib/gitlab/search_results.rb
@@ -7,7 +7,7 @@ module Gitlab
     DEFAULT_PAGE = 1
     DEFAULT_PER_PAGE = 20
 
-    attr_reader :current_user, :query, :filters
+    attr_reader :current_user, :query, :sort, :filters
 
     # Limit search results by passed projects
     # It allows us to search only for projects user has access to
@@ -19,11 +19,12 @@ module Gitlab
     # query
     attr_reader :default_project_filter
 
-    def initialize(current_user, query, limit_projects = nil, default_project_filter: false, filters: {})
+    def initialize(current_user, query, limit_projects = nil, sort: nil, default_project_filter: false, filters: {})
       @current_user = current_user
       @query = query
       @limit_projects = limit_projects || Project.all
       @default_project_filter = default_project_filter
+      @sort = sort
       @filters = filters
     end
 
@@ -124,6 +125,19 @@ module Gitlab
       end
     end
 
+    # rubocop: disable CodeReuse/ActiveRecord
+    def apply_sort(scope)
+      case sort
+      when 'oldest'
+        scope.reorder('created_at ASC')
+      when 'newest'
+        scope.reorder('created_at DESC')
+      else
+        scope
+      end
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+
     def projects
       limit_projects.search(query)
     end
@@ -135,7 +149,7 @@ module Gitlab
         issues = issues.where(project_id: project_ids_relation) # rubocop: disable CodeReuse/ActiveRecord
       end
 
-      issues
+      apply_sort(issues)
     end
 
     # rubocop: disable CodeReuse/ActiveRecord
@@ -155,7 +169,7 @@ module Gitlab
         merge_requests = merge_requests.in_projects(project_ids_relation)
       end
 
-      merge_requests
+      apply_sort(merge_requests)
     end
 
     def default_scope
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-01 03:09:55 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-01 03:09:55 +0000
commit	4ed4dc08a806773e5dc326fc0c18bda6f6ea7af7 (patch)
tree	6b68c951a0fa49efd7bab988fd740012cbe5443b /lib
parent	186e045e14c941ac0b8490a0ff92694b186990ad (diff)
download	gitlab-ce-4ed4dc08a806773e5dc326fc0c18bda6f6ea7af7.tar.gz