diff options
| -rw-r--r-- | app/models/audit_event.rb | 16 | ||||
| -rw-r--r-- | app/services/audit_event_service.rb | 10 | ||||
| -rw-r--r-- | app/services/snippets/create_service.rb | 59 | ||||
| -rw-r--r-- | changelogs/unreleased/212223-snippet-creation-bug.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml | 5 | ||||
| -rw-r--r-- | db/fixtures/development/17_cycle_analytics.rb | 2 | ||||
| -rw-r--r-- | doc/user/project/integrations/custom_issue_tracker.md | 9 | ||||
| -rw-r--r-- | lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 1 | ||||
| -rw-r--r-- | qa/qa/page/project/settings/members.rb | 4 | ||||
| -rw-r--r-- | spec/features/snippets/user_creates_snippet_spec.rb | 5 | ||||
| -rw-r--r-- | spec/services/snippets/create_service_spec.rb | 4 |
11 files changed, 85 insertions, 35 deletions
diff --git a/app/models/audit_event.rb b/app/models/audit_event.rb index 03841917bbf..7ff0076c3e3 100644 --- a/app/models/audit_event.rb +++ b/app/models/audit_event.rb @@ -30,12 +30,26 @@ class AuditEvent < ApplicationRecord end def author_name - self.user.name + lazy_author.name end def formatted_details details.merge(details.slice(:from, :to).transform_values(&:to_s)) end + + def lazy_author + BatchLoader.for(author_id).batch(default_value: default_author_value) do |author_ids, loader| + User.where(id: author_ids).find_each do |user| + loader.call(user.id, user) + end + end + end + + private + + def default_author_value + ::Gitlab::Audit::NullAuthor.for(author_id, details[:author_name]) + end end AuditEvent.prepend_if_ee('EE::AuditEvent') diff --git a/app/services/audit_event_service.rb b/app/services/audit_event_service.rb index 42ed5f17d8d..d9e40c456aa 100644 --- a/app/services/audit_event_service.rb +++ b/app/services/audit_event_service.rb @@ -13,7 +13,7 @@ class AuditEventService # # @return [AuditEventService] def initialize(author, entity, details = {}) - @author = author + @author = build_author(author) @entity = entity @details = details end @@ -49,6 +49,14 @@ class AuditEventService private + def build_author(author) + if author.is_a?(User) + author + else + Gitlab::Audit::UnauthenticatedAuthor.new(name: author) + end + end + def base_payload { author_id: @author.id, diff --git a/app/services/snippets/create_service.rb b/app/services/snippets/create_service.rb index 389d4819c68..0b74bd77e28 100644 --- a/app/services/snippets/create_service.rb +++ b/app/services/snippets/create_service.rb @@ -9,72 +9,77 @@ module Snippets def execute filter_spam_check_params - snippet = if project - project.snippets.build(params) - else - PersonalSnippet.new(params) - end + @snippet = if project + project.snippets.build(params) + else + PersonalSnippet.new(params) + end - unless Gitlab::VisibilityLevel.allowed_for?(current_user, snippet.visibility_level) - deny_visibility_level(snippet) + unless Gitlab::VisibilityLevel.allowed_for?(current_user, @snippet.visibility_level) + deny_visibility_level(@snippet) - return snippet_error_response(snippet, 403) + return snippet_error_response(@snippet, 403) end - snippet.author = current_user + @snippet.author = current_user - spam_check(snippet, current_user) + spam_check(@snippet, current_user) - if save_and_commit(snippet) - UserAgentDetailService.new(snippet, @request).create + if save_and_commit + UserAgentDetailService.new(@snippet, @request).create Gitlab::UsageDataCounters::SnippetCounter.count(:create) - ServiceResponse.success(payload: { snippet: snippet } ) + ServiceResponse.success(payload: { snippet: @snippet } ) else - snippet_error_response(snippet, 400) + snippet_error_response(@snippet, 400) end end private - def save_and_commit(snippet) - snippet_saved = snippet.with_transaction_returning_status do - snippet.save && snippet.store_mentions! + def save_and_commit + snippet_saved = @snippet.with_transaction_returning_status do + @snippet.save && @snippet.store_mentions! end if snippet_saved && Feature.enabled?(:version_snippets, current_user) - create_repository_for(snippet) - create_commit(snippet) + create_repository + create_commit end snippet_saved rescue => e # Rescuing all because we can receive Creation exceptions, GRPC exceptions, Git exceptions, ... - snippet.errors.add(:base, e.message) log_error(e.message) # If the commit action failed we need to remove the repository if exists - snippet.repository.remove if snippet.repository_exists? + @snippet.repository.remove if @snippet.repository_exists? # If the snippet was created, we need to remove it as we # would do like if it had had any validation error - snippet.delete if snippet.persisted? + # and reassign a dupe so we don't return the deleted snippet + if @snippet.persisted? + @snippet.delete + @snippet = @snippet.dup + end + + @snippet.errors.add(:base, e.message) false end - def create_repository_for(snippet) - snippet.create_repository + def create_repository + @snippet.create_repository - raise CreateRepositoryError, 'Repository could not be created' unless snippet.repository_exists? + raise CreateRepositoryError, 'Repository could not be created' unless @snippet.repository_exists? end - def create_commit(snippet) + def create_commit commit_attrs = { branch_name: 'master', message: 'Initial commit' } - snippet.snippet_repository.multi_files_action(current_user, snippet_files, commit_attrs) + @snippet.snippet_repository.multi_files_action(current_user, snippet_files, commit_attrs) end def snippet_files diff --git a/changelogs/unreleased/212223-snippet-creation-bug.yml b/changelogs/unreleased/212223-snippet-creation-bug.yml new file mode 100644 index 00000000000..88427466778 --- /dev/null +++ b/changelogs/unreleased/212223-snippet-creation-bug.yml @@ -0,0 +1,5 @@ +--- +title: Resolve Snippet creation failure bug +merge_request: 27891 +author: +type: fixed diff --git a/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml b/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml new file mode 100644 index 00000000000..8b866c07039 --- /dev/null +++ b/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml @@ -0,0 +1,5 @@ +--- +title: Add DS_REMEDIATE env var to dependency scanning template +merge_request: 27947 +author: +type: added diff --git a/db/fixtures/development/17_cycle_analytics.rb b/db/fixtures/development/17_cycle_analytics.rb index 958412f30ed..f5dc2b558d4 100644 --- a/db/fixtures/development/17_cycle_analytics.rb +++ b/db/fixtures/development/17_cycle_analytics.rb @@ -160,7 +160,7 @@ class Gitlab::Seeder::CycleAnalytics creator: admin, namespace: FactoryBot.create( :group, - name: "Value Stream Management Group (#{suffix})", + name: "Value Stream Management Group #{suffix}", path: "vsmg-#{suffix}" ) ) diff --git a/doc/user/project/integrations/custom_issue_tracker.md b/doc/user/project/integrations/custom_issue_tracker.md index 7c7263704f9..99f80aea8d1 100644 --- a/doc/user/project/integrations/custom_issue_tracker.md +++ b/doc/user/project/integrations/custom_issue_tracker.md @@ -3,7 +3,7 @@ To enable the Custom Issue Tracker integration in a project, navigate to the [Integrations page](project_services.md#accessing-the-project-services), click the **Customer Issue Tracker** service, and fill in the required details on the page as described -in the table below. +in the table below. You will be able to edit the title and description later as well. | Field | Description | | ----- | ----------- | @@ -17,6 +17,9 @@ Once you have configured and enabled Custom Issue Tracker Service you'll see a l ## Referencing issues -- Issues are referenced with `ANYTHING-<ID>`, where `ANYTHING` can be any string and `<ID>` is a number used in the target project of the custom integration (example `PROJECT-143`). +- Issues are referenced with `ANYTHING-<ID>`, where `ANYTHING` can be any string in CAPS and `<ID>` +is a number used in the target project of the custom integration (for example, `PROJECT-143`). - `ANYTHING` is a placeholder to differentiate against GitLab issues, which are referenced with `#<ID>`. You can use a project name or project key to replace it for example. -- So with the example above, `PROJECT-143` would refer to `https://customissuetracker.com/project-name/143`. +- When building the hyperlink, the `ANYTHING` part is ignored, and links always point to the address +specified in `issues_url`, so in the example above, `PROJECT-143` would refer to +`https://customissuetracker.com/project-name/143`. diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml index 3200220a332..b4a24b813da 100644 --- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml @@ -62,6 +62,7 @@ dependency_scanning: BUNDLER_AUDIT_ADVISORY_DB_REF_NAME \ RETIREJS_JS_ADVISORY_DB \ RETIREJS_NODE_ADVISORY_DB \ + DS_REMEDIATE \ ) \ --volume "$PWD:/code" \ --volume /var/run/docker.sock:/var/run/docker.sock \ diff --git a/qa/qa/page/project/settings/members.rb b/qa/qa/page/project/settings/members.rb index fd3e0add2a6..5dc873750b0 100644 --- a/qa/qa/page/project/settings/members.rb +++ b/qa/qa/page/project/settings/members.rb @@ -5,7 +5,6 @@ module QA module Project module Settings class Members < Page::Base - include Page::Component::UsersSelect include QA::Page::Component::Select2 view 'app/views/shared/members/_invite_member.html.haml' do @@ -43,7 +42,8 @@ module QA end def add_member(username) - select_user :member_select_field, username + click_element :member_select_field + search_and_select username click_element :invite_member_button end diff --git a/spec/features/snippets/user_creates_snippet_spec.rb b/spec/features/snippets/user_creates_snippet_spec.rb index f200355c6d2..93da976dee0 100644 --- a/spec/features/snippets/user_creates_snippet_spec.rb +++ b/spec/features/snippets/user_creates_snippet_spec.rb @@ -99,6 +99,11 @@ shared_examples_for 'snippet editor' do it 'renders new page' do expect(page).to have_content('New Snippet') end + + it 'has the correct action path' do + action = find('form.snippet-form')['action'] + expect(action).to match(%r{/snippets\z}) + end end it 'validation fails for the first time' do diff --git a/spec/services/snippets/create_service_spec.rb b/spec/services/snippets/create_service_spec.rb index 4cf574ed567..8c91763cc48 100644 --- a/spec/services/snippets/create_service_spec.rb +++ b/spec/services/snippets/create_service_spec.rb @@ -172,6 +172,10 @@ describe Snippets::CreateService do it 'returns the error' do expect(snippet.errors.full_messages).to include('Repository could not be created') end + + it 'does not return a snippet with an id' do + expect(snippet.id).to be_nil + end end context 'when the commit action fails' do |