diff options
29 files changed, 374 insertions, 26 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6a5050b553f..5710effc39d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -453,6 +453,7 @@ db:migrate:reset-mysql: stage: test variables: SETUP_DB: "false" + CREATE_DB_USER: "true" script: - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0 - git checkout -f FETCH_HEAD @@ -497,6 +498,7 @@ db:rollback-mysql: variables: SIZE: "1" SETUP_DB: "false" + CREATE_DB_USER: "true" script: - git clone https://gitlab.com/gitlab-org/gitlab-test.git /home/git/repositories/gitlab-org/gitlab-test.git @@ -532,7 +534,6 @@ gitlab:assets:compile: NODE_ENV: "production" RAILS_ENV: "production" SETUP_DB: "false" - USE_DB: "false" SKIP_STORAGE_VALIDATION: "true" WEBPACK_REPORT: "true" NO_COMPRESSION: "true" diff --git a/app/assets/stylesheets/pages/settings.scss b/app/assets/stylesheets/pages/settings.scss index 8b9b47a41bc..5d630c7d61e 100644 --- a/app/assets/stylesheets/pages/settings.scss +++ b/app/assets/stylesheets/pages/settings.scss @@ -249,3 +249,22 @@ } } } + +.modal-doorkeepr-auth, +.doorkeeper-app-form { + .scope-description { + color: $theme-gray-700; + } +} + +.modal-doorkeepr-auth { + .modal-body { + padding: $gl-padding; + } +} + +.doorkeeper-app-form { + .scope-description { + margin: 0 0 5px 17px; + } +} diff --git a/app/helpers/icons_helper.rb b/app/helpers/icons_helper.rb index ec779c1c447..c6a83f21ceb 100644 --- a/app/helpers/icons_helper.rb +++ b/app/helpers/icons_helper.rb @@ -23,10 +23,17 @@ module IconsHelper render "shared/icons/#{icon_name}.svg", size: size end + def sprite_icon_path + # SVG Sprites currently don't work across domains, so in the case of a CDN + # we have to set the current path deliberately to prevent addition of asset_host + sprite_base_url = Gitlab.config.gitlab.url if ActionController::Base.asset_host + ActionController::Base.helpers.image_path('icons.svg', host: sprite_base_url) + end + def sprite_icon(icon_name, size: nil, css_class: nil) css_classes = size ? "s#{size}" : "" css_classes << " #{css_class}" unless css_class.blank? - content_tag(:svg, content_tag(:use, "", { "xlink:href" => "#{image_path('icons.svg')}##{icon_name}" } ), class: css_classes.empty? ? nil : css_classes) + content_tag(:svg, content_tag(:use, "", { "xlink:href" => "#{sprite_icon_path}##{icon_name}" } ), class: css_classes.empty? ? nil : css_classes) end def audit_icon(names, options = {}) diff --git a/app/serializers/issue_entity.rb b/app/serializers/issue_entity.rb index 5f47592e4ad..9d52b8d9752 100644 --- a/app/serializers/issue_entity.rb +++ b/app/serializers/issue_entity.rb @@ -3,7 +3,6 @@ class IssueEntity < IssuableEntity expose :state expose :deleted_at - expose :branch_name expose :confidential expose :discussion_locked expose :assignees, using: API::Entities::UserBasic diff --git a/app/views/doorkeeper/applications/_form.html.haml b/app/views/doorkeeper/applications/_form.html.haml index b3313c7c985..cf0e0de1ca4 100644 --- a/app/views/doorkeeper/applications/_form.html.haml +++ b/app/views/doorkeeper/applications/_form.html.haml @@ -1,4 +1,4 @@ -= form_for application, url: doorkeeper_submit_path(application), html: {role: 'form'} do |f| += form_for application, url: doorkeeper_submit_path(application), html: { role: 'form', class: 'doorkeeper-app-form' } do |f| = form_errors(application) .form-group diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml index 8ba88906714..85e4170aee9 100644 --- a/app/views/doorkeeper/authorizations/new.html.haml +++ b/app/views/doorkeeper/authorizations/new.html.haml @@ -1,5 +1,7 @@ +- auth_app_owner = @pre_auth.client.application.owner + %main{ :role => "main" } - .modal-no-backdrop + .modal-no-backdrop.modal-doorkeepr-auth .modal-content .modal-header %h3.page-title @@ -16,14 +18,21 @@ %strong= @pre_auth.client.name will allow them to interact with GitLab as an admin as well. Proceed with caution. %p - You are about to authorize + An application called = link_to @pre_auth.client.name, @pre_auth.redirect_uri, target: '_blank', rel: 'noopener noreferrer' - to use your account. - - if @pre_auth.scopes + is requesting access to your GitLab account. This application was created by + = succeed "." do + = link_to auth_app_owner.name, user_path(auth_app_owner) + Please note that this application is not provided by GitLab and you should verify its authenticity before + allowing access. + - if @pre_auth.scopes + %p This application will be able to: %ul - @pre_auth.scopes.each do |scope| - %li= t scope, scope: [:doorkeeper, :scopes] + %li + %strong= t scope, scope: [:doorkeeper, :scopes] + .scope-description= t scope, scope: [:doorkeeper, :scope_desc] .form-actions.text-right = form_tag oauth_authorization_path, method: :delete, class: 'inline' do = hidden_field_tag :client_id, @pre_auth.client.uid diff --git a/app/views/shared/tokens/_scopes_form.html.haml b/app/views/shared/tokens/_scopes_form.html.haml index 8bbaf431536..ae437dd16d6 100644 --- a/app/views/shared/tokens/_scopes_form.html.haml +++ b/app/views/shared/tokens/_scopes_form.html.haml @@ -7,3 +7,4 @@ = check_box_tag "#{prefix}[scopes][]", scope, token.scopes.include?(scope), id: "#{prefix}_scopes_#{scope}" = label_tag ("#{prefix}_scopes_#{scope}"), scope %span= t(scope, scope: [:doorkeeper, :scopes]) + .scope-description= t scope, scope: [:doorkeeper, :scope_desc] diff --git a/changelogs/unreleased/32059-fix-oauth-phishing.yml b/changelogs/unreleased/32059-fix-oauth-phishing.yml new file mode 100644 index 00000000000..1aaa7285309 --- /dev/null +++ b/changelogs/unreleased/32059-fix-oauth-phishing.yml @@ -0,0 +1,6 @@ +--- +title: Prevent OAuth phishing attack by presenting detailed wording about app to user + during authorization +merge_request: +author: +type: security diff --git a/changelogs/unreleased/cleanup-issues-schema.yml b/changelogs/unreleased/cleanup-issues-schema.yml new file mode 100644 index 00000000000..9f5fb0bdf82 --- /dev/null +++ b/changelogs/unreleased/cleanup-issues-schema.yml @@ -0,0 +1,5 @@ +--- +title: Clean up schema of the "issues" table +merge_request: +author: +type: other diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index 0da6b14c29e..b1c71095d4f 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -62,7 +62,15 @@ en: read_user: Read the authenticated user's personal information openid: Authenticate using OpenID Connect sudo: Perform API actions as any user in the system (if the authenticated user is an admin) - + scope_desc: + api: + Full access to GitLab as the user, including read/write on all their groups and projects + read_user: + Read-only access to the user's profile information, like username, public email and full name + openid: + The ability to authenticate using GitLab, and read-only access to the user's profile information + sudo: + Access to the Sudo feature, to perform API actions as any user in the system (only available for admins) flash: applications: create: diff --git a/db/migrate/20171106132212_issues_confidential_not_null.rb b/db/migrate/20171106132212_issues_confidential_not_null.rb new file mode 100644 index 00000000000..c959d2dd938 --- /dev/null +++ b/db/migrate/20171106132212_issues_confidential_not_null.rb @@ -0,0 +1,23 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class IssuesConfidentialNotNull < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + class Issue < ActiveRecord::Base + self.table_name = 'issues' + end + + def up + Issue.where('confidential IS NULL').update_all(confidential: false) + + change_column_null :issues, :confidential, false + end + + def down + # There's no way / point to revert this. + end +end diff --git a/db/migrate/20171106135924_issues_milestone_id_foreign_key.rb b/db/migrate/20171106135924_issues_milestone_id_foreign_key.rb new file mode 100644 index 00000000000..e6a780d0964 --- /dev/null +++ b/db/migrate/20171106135924_issues_milestone_id_foreign_key.rb @@ -0,0 +1,38 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class IssuesMilestoneIdForeignKey < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + class Issue < ActiveRecord::Base + include EachBatch + + self.table_name = 'issues' + + def self.with_orphaned_milestones + where('NOT EXISTS (SELECT true FROM milestones WHERE milestones.id = issues.milestone_id)') + end + end + + def up + Issue.with_orphaned_milestones.each_batch(of: 100) do |batch| + batch.update_all(milestone_id: nil) + end + + add_concurrent_foreign_key( + :issues, + :milestones, + column: :milestone_id, + on_delete: :nullify + ) + end + + def down + remove_foreign_key_without_error(:issues, column: :milestone_id) + end +end diff --git a/db/migrate/20171106150657_issues_updated_by_id_foreign_key.rb b/db/migrate/20171106150657_issues_updated_by_id_foreign_key.rb new file mode 100644 index 00000000000..3b8844d7d9f --- /dev/null +++ b/db/migrate/20171106150657_issues_updated_by_id_foreign_key.rb @@ -0,0 +1,45 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class IssuesUpdatedByIdForeignKey < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + class Issue < ActiveRecord::Base + include EachBatch + + self.table_name = 'issues' + + def self.with_orphaned_updaters + where('NOT EXISTS (SELECT true FROM users WHERE users.id = issues.updated_by_id)') + .where('updated_by_id IS NOT NULL') + end + end + + def up + Issue.with_orphaned_updaters.each_batch(of: 100) do |batch| + batch.update_all(updated_by_id: nil) + end + + # This index is only used for foreign keys, and those in turn will always + # specify a value. As such we can add a WHERE condition to make the index + # smaller. + add_concurrent_index(:issues, :updated_by_id, where: 'updated_by_id IS NOT NULL') + + add_concurrent_foreign_key( + :issues, + :users, + column: :updated_by_id, + on_delete: :nullify + ) + end + + def down + remove_foreign_key_without_error(:issues, column: :updated_by_id) + remove_concurrent_index(:issues, :updated_by_id) + end +end diff --git a/db/migrate/20171106151218_issues_moved_to_id_foreign_key.rb b/db/migrate/20171106151218_issues_moved_to_id_foreign_key.rb new file mode 100644 index 00000000000..8d2ceb8cc18 --- /dev/null +++ b/db/migrate/20171106151218_issues_moved_to_id_foreign_key.rb @@ -0,0 +1,44 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class IssuesMovedToIdForeignKey < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + class Issue < ActiveRecord::Base + include EachBatch + + self.table_name = 'issues' + + def self.with_orphaned_moved_to_issues + where('NOT EXISTS (SELECT true FROM issues WHERE issues.id = issues.moved_to_id)') + .where('moved_to_id IS NOT NULL') + end + end + + def up + Issue.with_orphaned_moved_to_issues.each_batch(of: 100) do |batch| + batch.update_all(moved_to_id: nil) + end + + add_concurrent_foreign_key( + :issues, + :issues, + column: :moved_to_id, + on_delete: :nullify + ) + + # We're using a partial index here so we only index the data we actually + # care about. + add_concurrent_index(:issues, :moved_to_id, where: 'moved_to_id IS NOT NULL') + end + + def down + remove_foreign_key_without_error(:issues, column: :moved_to_id) + remove_concurrent_index(:issues, :moved_to_id) + end +end diff --git a/db/migrate/20171106154015_remove_issues_branch_name.rb b/db/migrate/20171106154015_remove_issues_branch_name.rb new file mode 100644 index 00000000000..3d08225c96d --- /dev/null +++ b/db/migrate/20171106154015_remove_issues_branch_name.rb @@ -0,0 +1,13 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class RemoveIssuesBranchName < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + def change + remove_column :issues, :branch_name, :string + end +end diff --git a/db/migrate/20171106155656_turn_issues_due_date_index_to_partial_index.rb b/db/migrate/20171106155656_turn_issues_due_date_index_to_partial_index.rb new file mode 100644 index 00000000000..e4bed778695 --- /dev/null +++ b/db/migrate/20171106155656_turn_issues_due_date_index_to_partial_index.rb @@ -0,0 +1,37 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class TurnIssuesDueDateIndexToPartialIndex < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + NEW_INDEX_NAME = 'idx_issues_on_project_id_and_due_date_and_id_and_state_partial' + OLD_INDEX_NAME = 'index_issues_on_project_id_and_due_date_and_id_and_state' + + disable_ddl_transaction! + + def up + add_concurrent_index( + :issues, + [:project_id, :due_date, :id, :state], + where: 'due_date IS NOT NULL', + name: NEW_INDEX_NAME + ) + + # We set the column name to nil as otherwise Rails will ignore the custom + # index name and remove the wrong index. + remove_concurrent_index(:issues, nil, name: OLD_INDEX_NAME) + end + + def down + add_concurrent_index( + :issues, + [:project_id, :due_date, :id, :state], + name: OLD_INDEX_NAME + ) + + remove_concurrent_index(:issues, nil, name: NEW_INDEX_NAME) + end +end diff --git a/db/migrate/20171106171453_add_timezone_to_issues_closed_at.rb b/db/migrate/20171106171453_add_timezone_to_issues_closed_at.rb new file mode 100644 index 00000000000..ad540b1e509 --- /dev/null +++ b/db/migrate/20171106171453_add_timezone_to_issues_closed_at.rb @@ -0,0 +1,19 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddTimezoneToIssuesClosedAt < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + def up + change_column_type_concurrently(:issues, :closed_at, :datetime_with_timezone) + end + + def down + cleanup_concurrent_column_type_change(:issues, :closed_at) + end +end diff --git a/db/post_migrate/20171106180641_cleanup_add_timezone_to_issues_closed_at.rb b/db/post_migrate/20171106180641_cleanup_add_timezone_to_issues_closed_at.rb new file mode 100644 index 00000000000..88dd8f89ba6 --- /dev/null +++ b/db/post_migrate/20171106180641_cleanup_add_timezone_to_issues_closed_at.rb @@ -0,0 +1,19 @@ +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class CleanupAddTimezoneToIssuesClosedAt < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + cleanup_concurrent_column_type_change(:issues, :closed_at) + end + + # rubocop:disable Migration/Datetime + def down + change_column_type_concurrently(:issues, :closed_at, :datetime) + end +end diff --git a/db/schema.rb b/db/schema.rb index c60cb729b75..37e08d453c8 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20171106101200) do +ActiveRecord::Schema.define(version: 20171106180641) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -817,13 +817,12 @@ ActiveRecord::Schema.define(version: 20171106101200) do t.integer "project_id" t.datetime "created_at" t.datetime "updated_at" - t.string "branch_name" t.text "description" t.integer "milestone_id" t.string "state" t.integer "iid" t.integer "updated_by_id" - t.boolean "confidential", default: false + t.boolean "confidential", default: false, null: false t.datetime "deleted_at" t.date "due_date" t.integer "moved_to_id" @@ -832,11 +831,11 @@ ActiveRecord::Schema.define(version: 20171106101200) do t.text "description_html" t.integer "time_estimate" t.integer "relative_position" - t.datetime "closed_at" t.integer "cached_markdown_version" t.datetime "last_edited_at" t.integer "last_edited_by_id" t.boolean "discussion_locked" + t.datetime_with_timezone "closed_at" end add_index "issues", ["assignee_id"], name: "index_issues_on_assignee_id", using: :btree @@ -845,13 +844,15 @@ ActiveRecord::Schema.define(version: 20171106101200) do add_index "issues", ["deleted_at"], name: "index_issues_on_deleted_at", using: :btree add_index "issues", ["description"], name: "index_issues_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"} add_index "issues", ["milestone_id"], name: "index_issues_on_milestone_id", using: :btree + add_index "issues", ["moved_to_id"], name: "index_issues_on_moved_to_id", where: "(moved_to_id IS NOT NULL)", using: :btree add_index "issues", ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state", using: :btree - add_index "issues", ["project_id", "due_date", "id", "state"], name: "index_issues_on_project_id_and_due_date_and_id_and_state", using: :btree + add_index "issues", ["project_id", "due_date", "id", "state"], name: "idx_issues_on_project_id_and_due_date_and_id_and_state_partial", where: "(due_date IS NOT NULL)", using: :btree add_index "issues", ["project_id", "iid"], name: "index_issues_on_project_id_and_iid", unique: true, using: :btree add_index "issues", ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state", using: :btree add_index "issues", ["relative_position"], name: "index_issues_on_relative_position", using: :btree add_index "issues", ["state"], name: "index_issues_on_state", using: :btree add_index "issues", ["title"], name: "index_issues_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"} + add_index "issues", ["updated_by_id"], name: "index_issues_on_updated_by_id", where: "(updated_by_id IS NOT NULL)", using: :btree create_table "keys", force: :cascade do |t| t.integer "user_id" @@ -1937,8 +1938,11 @@ ActiveRecord::Schema.define(version: 20171106101200) do add_foreign_key "issue_assignees", "issues", name: "fk_b7d881734a", on_delete: :cascade add_foreign_key "issue_assignees", "users", name: "fk_5e0c8d9154", on_delete: :cascade add_foreign_key "issue_metrics", "issues", on_delete: :cascade + add_foreign_key "issues", "issues", column: "moved_to_id", name: "fk_a194299be1", on_delete: :nullify + add_foreign_key "issues", "milestones", name: "fk_96b1dd429c", on_delete: :nullify add_foreign_key "issues", "projects", name: "fk_899c8f3231", on_delete: :cascade add_foreign_key "issues", "users", column: "author_id", name: "fk_05f1e72feb", on_delete: :nullify + add_foreign_key "issues", "users", column: "updated_by_id", name: "fk_ffed080f01", on_delete: :nullify add_foreign_key "label_priorities", "labels", on_delete: :cascade add_foreign_key "label_priorities", "projects", on_delete: :cascade add_foreign_key "labels", "namespaces", column: "group_id", on_delete: :cascade diff --git a/lib/gitlab/gon_helper.rb b/lib/gitlab/gon_helper.rb index 3a666c2268b..dfcdfc307b6 100644 --- a/lib/gitlab/gon_helper.rb +++ b/lib/gitlab/gon_helper.rb @@ -20,7 +20,7 @@ module Gitlab gon.gitlab_url = Gitlab.config.gitlab.url gon.revision = Gitlab::REVISION gon.gitlab_logo = ActionController::Base.helpers.asset_path('gitlab_logo.png') - gon.sprite_icons = ActionController::Base.helpers.asset_path('icons.svg') + gon.sprite_icons = IconsHelper.sprite_icon_path if current_user gon.current_user_id = current_user.id diff --git a/lib/gitlab/hook_data/issue_builder.rb b/lib/gitlab/hook_data/issue_builder.rb index de9cab80a02..196f2b6b34c 100644 --- a/lib/gitlab/hook_data/issue_builder.rb +++ b/lib/gitlab/hook_data/issue_builder.rb @@ -4,7 +4,6 @@ module Gitlab SAFE_HOOK_ATTRIBUTES = %i[ assignee_id author_id - branch_name closed_at confidential created_at diff --git a/qa/bin/qa b/qa/bin/qa index f1704dc54e9..6a772e93cee 100755 --- a/qa/bin/qa +++ b/qa/bin/qa @@ -4,4 +4,4 @@ require_relative '../qa' QA::Scenario .const_get(ARGV.shift) - .launch!(*ARGV) + .launch!(ARGV) diff --git a/scripts/create_mysql_user.sh b/scripts/create_mysql_user.sh new file mode 100644 index 00000000000..28f6cfb50ae --- /dev/null +++ b/scripts/create_mysql_user.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +mysql --user=root --host=mysql <<EOF +CREATE DATABASE IF NOT EXISTS gitlabhq_test; +CREATE USER IF NOT EXISTS 'gitlab'@'%'; +GRANT ALL PRIVILEGES ON gitlabhq_test.* TO 'gitlab'@'%'; +FLUSH PRIVILEGES; +EOF diff --git a/scripts/create_postgres_user.sh b/scripts/create_postgres_user.sh new file mode 100644 index 00000000000..8a744df3226 --- /dev/null +++ b/scripts/create_postgres_user.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +psql -h postgres -U postgres postgres <<EOF +DROP DATABASE IF EXISTS gitlabhq_test; +CREATE DATABASE gitlabhq_test; +CREATE USER gitlab; +GRANT ALL PRIVILEGES ON DATABASE gitlabhq_test TO gitlab; +EOF diff --git a/scripts/prepare_build.sh b/scripts/prepare_build.sh index 7abadef5e89..36bcf087cd9 100644 --- a/scripts/prepare_build.sh +++ b/scripts/prepare_build.sh @@ -1,6 +1,7 @@ . scripts/utils.sh export SETUP_DB=${SETUP_DB:-true} +export CREATE_DB_USER=${CREATE_DB_USER:-$SETUP_DB} export USE_BUNDLE_INSTALL=${USE_BUNDLE_INSTALL:-true} export BUNDLE_INSTALL_FLAGS="--without production --jobs $(nproc) --path vendor --retry 3 --quiet" @@ -26,6 +27,9 @@ fi cp config/database.yml.$GITLAB_DATABASE config/database.yml +# Set user to a non-superuser to ensure we test permissions +sed -i 's/username: root/username: gitlab/g' config/database.yml + if [ "$GITLAB_DATABASE" = 'postgresql' ]; then sed -i 's/localhost/postgres/g' config/database.yml else # Assume it's mysql @@ -44,6 +48,16 @@ sed -i 's/localhost/redis/g' config/redis.queues.yml cp config/redis.shared_state.yml.example config/redis.shared_state.yml sed -i 's/localhost/redis/g' config/redis.shared_state.yml +# Some tasks (e.g. db:seed_fu) need to have a properly-configured database +# user but not necessarily a full schema loaded +if [ "$CREATE_DB_USER" != "false" ]; then + if [ "$GITLAB_DATABASE" = 'postgresql' ]; then + . scripts/create_postgres_user.sh + else + . scripts/create_mysql_user.sh + fi +fi + if [ "$SETUP_DB" != "false" ]; then bundle exec rake db:drop db:create db:schema:load db:migrate diff --git a/spec/features/issues/issue_detail_spec.rb b/spec/features/issues/issue_detail_spec.rb index 6fbee0ebcb5..4224a8fe5d4 100644 --- a/spec/features/issues/issue_detail_spec.rb +++ b/spec/features/issues/issue_detail_spec.rb @@ -1,9 +1,9 @@ require 'rails_helper' feature 'Issue Detail', :js do - let(:user) { create(:user) } - let(:project) { create(:project, :public) } - let(:issue) { create(:issue, project: project, author: user) } + let(:user) { create(:user) } + let(:project) { create(:project, :public) } + let(:issue) { create(:issue, project: project, author: user) } context 'when user displays the issue' do before do @@ -27,6 +27,7 @@ feature 'Issue Detail', :js do click_link 'Edit' fill_in 'issuable-title', with: 'issue title' click_button 'Save' + wait_for_requests Users::DestroyService.new(user).execute(user) diff --git a/spec/helpers/icons_helper_spec.rb b/spec/helpers/icons_helper_spec.rb index 3d79dac284f..2f23ed55d99 100644 --- a/spec/helpers/icons_helper_spec.rb +++ b/spec/helpers/icons_helper_spec.rb @@ -1,6 +1,8 @@ require 'spec_helper' describe IconsHelper do + let(:icons_path) { ActionController::Base.helpers.image_path("icons.svg") } + describe 'icon' do it 'returns aria-hidden by default' do star = icon('star') @@ -16,22 +18,42 @@ describe IconsHelper do end end + describe 'sprite_icon_path' do + it 'returns relative path' do + expect(sprite_icon_path) + .to eq icons_path + end + + context 'when an asset_host is set in the config it will return an absolute local URL' do + let(:asset_host) { 'http://assets' } + + before do + allow(ActionController::Base).to receive(:asset_host).and_return(asset_host) + end + + it 'returns an absolute URL on that asset host' do + expect(sprite_icon_path) + .to eq ActionController::Base.helpers.image_path("icons.svg", host: Gitlab.config.gitlab.url) + end + end + end + describe 'sprite_icon' do icon_name = 'clock' it 'returns svg icon html' do expect(sprite_icon(icon_name).to_s) - .to eq "<svg><use xlink:href=\"/images/icons.svg##{icon_name}\"></use></svg>" + .to eq "<svg><use xlink:href=\"#{icons_path}##{icon_name}\"></use></svg>" end it 'returns svg icon html + size classes' do expect(sprite_icon(icon_name, size: 72).to_s) - .to eq "<svg class=\"s72\"><use xlink:href=\"/images/icons.svg##{icon_name}\"></use></svg>" + .to eq "<svg class=\"s72\"><use xlink:href=\"#{icons_path}##{icon_name}\"></use></svg>" end it 'returns svg icon html + size classes + additional class' do expect(sprite_icon(icon_name, size: 72, css_class: 'icon-danger').to_s) - .to eq "<svg class=\"s72 icon-danger\"><use xlink:href=\"/images/icons.svg##{icon_name}\"></use></svg>" + .to eq "<svg class=\"s72 icon-danger\"><use xlink:href=\"#{icons_path}##{icon_name}\"></use></svg>" end end diff --git a/spec/lib/gitlab/hook_data/issue_builder_spec.rb b/spec/lib/gitlab/hook_data/issue_builder_spec.rb index 6c529cdd051..aeacd577d18 100644 --- a/spec/lib/gitlab/hook_data/issue_builder_spec.rb +++ b/spec/lib/gitlab/hook_data/issue_builder_spec.rb @@ -11,7 +11,6 @@ describe Gitlab::HookData::IssueBuilder do %w[ assignee_id author_id - branch_name closed_at confidential created_at diff --git a/spec/services/milestones/destroy_service_spec.rb b/spec/services/milestones/destroy_service_spec.rb index 5739386dd0d..16e288b3148 100644 --- a/spec/services/milestones/destroy_service_spec.rb +++ b/spec/services/milestones/destroy_service_spec.rb @@ -4,7 +4,7 @@ describe Milestones::DestroyService do let(:user) { create(:user) } let(:project) { create(:project) } let(:milestone) { create(:milestone, title: 'Milestone v1.0', project: project) } - let(:issue) { create(:issue, project: project, milestone: milestone) } + let!(:issue) { create(:issue, project: project, milestone: milestone) } let(:merge_request) { create(:merge_request, source_project: project, milestone: milestone) } before do |