diff options
-rw-r--r-- | Gemfile | 5 | ||||
-rw-r--r-- | Gemfile.lock | 8 | ||||
-rw-r--r-- | app/assets/javascripts/api.js | 12 | ||||
-rw-r--r-- | app/assets/javascripts/groups_select.js | 7 | ||||
-rw-r--r-- | app/assets/javascripts/project_select.js | 4 | ||||
-rw-r--r-- | app/assets/javascripts/search.js | 2 | ||||
-rw-r--r-- | app/controllers/projects/group_links_controller.rb | 2 | ||||
-rw-r--r-- | app/views/projects/show.html.haml | 2 | ||||
-rw-r--r-- | changelogs/unreleased/23961-can-t-share-project-with-groups.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/24056-guest-sees-some-project-details-and-gets-404.yml | 4 | ||||
-rw-r--r-- | doc/api/groups.md | 8 | ||||
-rw-r--r-- | doc/development/rake_tasks.md | 8 | ||||
-rw-r--r-- | lib/api/groups.rb | 3 | ||||
-rw-r--r-- | lib/tasks/gitlab/generate_docs.rake | 7 | ||||
-rw-r--r-- | spec/features/projects/features_visibility_spec.rb | 15 | ||||
-rw-r--r-- | spec/requests/api/groups_spec.rb | 13 |
16 files changed, 61 insertions, 43 deletions
@@ -104,7 +104,7 @@ gem 'deckar01-task_list', '1.0.5', require: 'task_list/railtie' gem 'gitlab-markup', '~> 1.5.0' gem 'redcarpet', '~> 3.3.3' gem 'RedCloth', '~> 4.3.2' -gem 'rdoc', '~>3.6' +gem 'rdoc', '~> 4.2' gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' gem 'wikicloth', '0.8.1' @@ -260,9 +260,6 @@ group :development do gem 'better_errors', '~> 1.0.1' gem 'binding_of_caller', '~> 0.7.2' - # Docs generator - gem 'sdoc', '~> 0.3.20' - # thin instead webrick gem 'thin', '~> 1.7.0' end diff --git a/Gemfile.lock b/Gemfile.lock index 888fa6b2bf5..3ecff5f6a68 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -567,7 +567,7 @@ GEM ffi (>= 0.5.0) rblineprof (0.3.6) debugger-ruby_core_source (~> 1.3) - rdoc (3.12.2) + rdoc (4.2.2) json (~> 1.4) recaptcha (3.0.0) json @@ -663,9 +663,6 @@ GEM scss_lint (0.47.1) rake (>= 0.9, < 11) sass (~> 3.4.15) - sdoc (0.3.20) - json (>= 1.1.3) - rdoc (~> 3.10) seed-fu (2.3.6) activerecord (>= 3.1) activesupport (>= 3.1) @@ -936,7 +933,7 @@ DEPENDENCIES rails-deprecated_sanitizer (~> 1.0.3) rainbow (~> 2.1.0) rblineprof (~> 0.3.6) - rdoc (~> 3.6) + rdoc (~> 4.2) recaptcha (~> 3.0) redcarpet (~> 3.3.3) redis (~> 3.2) @@ -956,7 +953,6 @@ DEPENDENCIES sanitize (~> 2.0) sass-rails (~> 5.0.6) scss_lint (~> 0.47.0) - sdoc (~> 0.3.20) seed-fu (~> 2.3.5) select2-rails (~> 3.5.9) sentry-raven (~> 2.0.0) diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 7ebe1599fca..1cab66e109e 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -22,16 +22,14 @@ }); }, // Return groups list. Filtered by query - // Only active groups retrieved - groups: function(query, skip_ldap, skip_groups, callback) { + groups: function(query, options, callback) { var url = Api.buildUrl(Api.groupsPath); return $.ajax({ url: url, - data: { - search: query, - skip_groups: skip_groups, - per_page: 20 - }, + data: $.extend({ + search: query, + per_page: 20 + }, options), dataType: "json" }).done(function(groups) { return callback(groups); diff --git a/app/assets/javascripts/groups_select.js b/app/assets/javascripts/groups_select.js index b275620c799..e3c39c895ba 100644 --- a/app/assets/javascripts/groups_select.js +++ b/app/assets/javascripts/groups_select.js @@ -6,15 +6,16 @@ function GroupsSelect() { $('.ajax-groups-select').each((function(_this) { return function(i, select) { - var skip_ldap, skip_groups; - skip_ldap = $(select).hasClass('skip_ldap'); + var all_available, skip_groups; + all_available = $(select).data('all-available'); skip_groups = $(select).data('skip-groups') || []; return $(select).select2({ placeholder: "Search for a group", multiple: $(select).hasClass('multiselect'), minimumInputLength: 0, query: function(query) { - return Api.groups(query.term, skip_ldap, skip_groups, function(groups) { + options = { all_available: all_available, skip_groups: skip_groups }; + return Api.groups(query.term, options, function(groups) { var data; data = { results: groups diff --git a/app/assets/javascripts/project_select.js b/app/assets/javascripts/project_select.js index b74b4ae68ff..e1acf3c8232 100644 --- a/app/assets/javascripts/project_select.js +++ b/app/assets/javascripts/project_select.js @@ -24,7 +24,7 @@ data = groups.concat(projects); return finalCallback(data); }; - return Api.groups(term, false, false, groupsCallback); + return Api.groups(term, {}, groupsCallback); }; } else { projectsCallback = finalCallback; @@ -73,7 +73,7 @@ data = groups.concat(projects); return finalCallback(data); }; - return Api.groups(query.term, false, false, groupsCallback); + return Api.groups(query.term, {}, groupsCallback); }; } else { projectsCallback = finalCallback; diff --git a/app/assets/javascripts/search.js b/app/assets/javascripts/search.js index 6c2389f202f..d79e6f014f6 100644 --- a/app/assets/javascripts/search.js +++ b/app/assets/javascripts/search.js @@ -11,7 +11,7 @@ filterable: true, fieldName: 'group_id', data: function(term, callback) { - return Api.groups(term, false, false, function(data) { + return Api.groups(term, {}, function(data) { data.unshift({ name: 'Any' }); diff --git a/app/controllers/projects/group_links_controller.rb b/app/controllers/projects/group_links_controller.rb index ae060abee5c..9eaf26a0dbf 100644 --- a/app/controllers/projects/group_links_controller.rb +++ b/app/controllers/projects/group_links_controller.rb @@ -7,7 +7,7 @@ class Projects::GroupLinksController < Projects::ApplicationController @group_links = project.project_group_links.all @skip_groups = @group_links.pluck(:group_id) - @skip_groups << project.group.try(:id) + @skip_groups << project.namespace_id unless project.personal? end def create diff --git a/app/views/projects/show.html.haml b/app/views/projects/show.html.haml index ba16c641462..d2570598501 100644 --- a/app/views/projects/show.html.haml +++ b/app/views/projects/show.html.haml @@ -12,7 +12,7 @@ = render 'projects/last_push' = render "home_panel" -- if @project.feature_available?(:repository, current_user) +- if current_user && can?(current_user, :download_code, @project) %nav.project-stats{ class: container_class } %ul.nav %li diff --git a/changelogs/unreleased/23961-can-t-share-project-with-groups.yml b/changelogs/unreleased/23961-can-t-share-project-with-groups.yml new file mode 100644 index 00000000000..b3bfcbda4b7 --- /dev/null +++ b/changelogs/unreleased/23961-can-t-share-project-with-groups.yml @@ -0,0 +1,4 @@ +--- +title: Only skip group when it's actually a group in the "Share with group" select +merge_request: 7262 +author: diff --git a/changelogs/unreleased/24056-guest-sees-some-project-details-and-gets-404.yml b/changelogs/unreleased/24056-guest-sees-some-project-details-and-gets-404.yml new file mode 100644 index 00000000000..8ca0c5beab3 --- /dev/null +++ b/changelogs/unreleased/24056-guest-sees-some-project-details-and-gets-404.yml @@ -0,0 +1,4 @@ +--- +title: 'Fix: Guest sees some repository details and gets 404' +merge_request: +author: diff --git a/doc/api/groups.md b/doc/api/groups.md index e81d6f9de4b..b56d74d25e0 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -2,7 +2,12 @@ ## List groups -Get a list of groups. (As user: my groups, as admin: all groups) +Get a list of groups. (As user: my groups or all available, as admin: all groups). + +Parameters: + +- `all_available` (optional) - if passed, show all groups you have access to +- `skip_groups` (optional)(array of group IDs) - if passed, skip groups ``` GET /groups @@ -21,7 +26,6 @@ GET /groups You can search for groups by name or path, see below. - ## List a group's projects Get a list of projects in this group. diff --git a/doc/development/rake_tasks.md b/doc/development/rake_tasks.md index a7175f3f87e..827db7e99b8 100644 --- a/doc/development/rake_tasks.md +++ b/doc/development/rake_tasks.md @@ -42,14 +42,6 @@ To run several tests inside one directory: If you want to use [Spring](https://github.com/rails/spring) set `ENABLE_SPRING=1` in your environment. -## Generate searchable docs for source code - -You can find results under the `doc/code` directory. - -``` -bundle exec rake gitlab:generate_docs -``` - ## Generate API documentation for project services (e.g. Slack) ``` diff --git a/lib/api/groups.rb b/lib/api/groups.rb index bfb89475025..a13e353b7f5 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -8,11 +8,14 @@ module API # # Parameters: # skip_groups (optional) - Array of group ids to exclude from list + # all_available (optional, boolean) - Show all group that you have access to # Example Request: # GET /groups get do @groups = if current_user.admin Group.all + elsif params[:all_available] + GroupsFinder.new.execute(current_user) else current_user.groups end diff --git a/lib/tasks/gitlab/generate_docs.rake b/lib/tasks/gitlab/generate_docs.rake deleted file mode 100644 index f6448c38e10..00000000000 --- a/lib/tasks/gitlab/generate_docs.rake +++ /dev/null @@ -1,7 +0,0 @@ -namespace :gitlab do - desc "GitLab | Generate sdocs for project" - task generate_docs: :environment do - system(*%W(bundle exec sdoc -o doc/code app lib)) - end -end - diff --git a/spec/features/projects/features_visibility_spec.rb b/spec/features/projects/features_visibility_spec.rb index e796ee570b7..09aa6758b5c 100644 --- a/spec/features/projects/features_visibility_spec.rb +++ b/spec/features/projects/features_visibility_spec.rb @@ -183,4 +183,19 @@ describe 'Edit Project Settings', feature: true do end end end + + # Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/24056 + describe 'project statistic visibility' do + let!(:project) { create(:project, :private) } + + before do + project.team << [member, :guest] + login_as(member) + visit namespace_project_path(project.namespace, project) + end + + it "does not show project statistic for guest" do + expect(page).not_to have_selector('.project-stats') + end + end end diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb index 3ba257256a0..7b47bf5afc1 100644 --- a/spec/requests/api/groups_spec.rb +++ b/spec/requests/api/groups_spec.rb @@ -37,7 +37,7 @@ describe API::API, api: true do end end - context "when authenticated as admin" do + context "when authenticated as admin" do it "admin: returns an array of all groups" do get api("/groups", admin) expect(response).to have_http_status(200) @@ -55,6 +55,17 @@ describe API::API, api: true do expect(json_response.length).to eq(1) end end + + context "when using all_available in request" do + it "returns all groups you have access to" do + public_group = create :group, :public + get api("/groups", user1), all_available: true + + expect(response).to have_http_status(200) + expect(json_response).to be_an Array + expect(json_response.first['name']).to eq(public_group.name) + end + end end describe "GET /groups/:id" do |