summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/models/audit_event.rb16
-rw-r--r--app/services/audit_event_service.rb10
-rw-r--r--app/services/snippets/create_service.rb59
-rw-r--r--changelogs/unreleased/212223-snippet-creation-bug.yml5
-rw-r--r--changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml5
-rw-r--r--db/fixtures/development/17_cycle_analytics.rb2
-rw-r--r--doc/user/project/integrations/custom_issue_tracker.md9
-rw-r--r--lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml1
-rw-r--r--qa/qa/page/project/settings/members.rb4
-rw-r--r--spec/features/snippets/user_creates_snippet_spec.rb5
-rw-r--r--spec/services/snippets/create_service_spec.rb4
11 files changed, 85 insertions, 35 deletions
diff --git a/app/models/audit_event.rb b/app/models/audit_event.rb
index 03841917bbf..7ff0076c3e3 100644
--- a/app/models/audit_event.rb
+++ b/app/models/audit_event.rb
@@ -30,12 +30,26 @@ class AuditEvent < ApplicationRecord
end
def author_name
- self.user.name
+ lazy_author.name
end
def formatted_details
details.merge(details.slice(:from, :to).transform_values(&:to_s))
end
+
+ def lazy_author
+ BatchLoader.for(author_id).batch(default_value: default_author_value) do |author_ids, loader|
+ User.where(id: author_ids).find_each do |user|
+ loader.call(user.id, user)
+ end
+ end
+ end
+
+ private
+
+ def default_author_value
+ ::Gitlab::Audit::NullAuthor.for(author_id, details[:author_name])
+ end
end
AuditEvent.prepend_if_ee('EE::AuditEvent')
diff --git a/app/services/audit_event_service.rb b/app/services/audit_event_service.rb
index 42ed5f17d8d..d9e40c456aa 100644
--- a/app/services/audit_event_service.rb
+++ b/app/services/audit_event_service.rb
@@ -13,7 +13,7 @@ class AuditEventService
#
# @return [AuditEventService]
def initialize(author, entity, details = {})
- @author = author
+ @author = build_author(author)
@entity = entity
@details = details
end
@@ -49,6 +49,14 @@ class AuditEventService
private
+ def build_author(author)
+ if author.is_a?(User)
+ author
+ else
+ Gitlab::Audit::UnauthenticatedAuthor.new(name: author)
+ end
+ end
+
def base_payload
{
author_id: @author.id,
diff --git a/app/services/snippets/create_service.rb b/app/services/snippets/create_service.rb
index 389d4819c68..0b74bd77e28 100644
--- a/app/services/snippets/create_service.rb
+++ b/app/services/snippets/create_service.rb
@@ -9,72 +9,77 @@ module Snippets
def execute
filter_spam_check_params
- snippet = if project
- project.snippets.build(params)
- else
- PersonalSnippet.new(params)
- end
+ @snippet = if project
+ project.snippets.build(params)
+ else
+ PersonalSnippet.new(params)
+ end
- unless Gitlab::VisibilityLevel.allowed_for?(current_user, snippet.visibility_level)
- deny_visibility_level(snippet)
+ unless Gitlab::VisibilityLevel.allowed_for?(current_user, @snippet.visibility_level)
+ deny_visibility_level(@snippet)
- return snippet_error_response(snippet, 403)
+ return snippet_error_response(@snippet, 403)
end
- snippet.author = current_user
+ @snippet.author = current_user
- spam_check(snippet, current_user)
+ spam_check(@snippet, current_user)
- if save_and_commit(snippet)
- UserAgentDetailService.new(snippet, @request).create
+ if save_and_commit
+ UserAgentDetailService.new(@snippet, @request).create
Gitlab::UsageDataCounters::SnippetCounter.count(:create)
- ServiceResponse.success(payload: { snippet: snippet } )
+ ServiceResponse.success(payload: { snippet: @snippet } )
else
- snippet_error_response(snippet, 400)
+ snippet_error_response(@snippet, 400)
end
end
private
- def save_and_commit(snippet)
- snippet_saved = snippet.with_transaction_returning_status do
- snippet.save && snippet.store_mentions!
+ def save_and_commit
+ snippet_saved = @snippet.with_transaction_returning_status do
+ @snippet.save && @snippet.store_mentions!
end
if snippet_saved && Feature.enabled?(:version_snippets, current_user)
- create_repository_for(snippet)
- create_commit(snippet)
+ create_repository
+ create_commit
end
snippet_saved
rescue => e # Rescuing all because we can receive Creation exceptions, GRPC exceptions, Git exceptions, ...
- snippet.errors.add(:base, e.message)
log_error(e.message)
# If the commit action failed we need to remove the repository if exists
- snippet.repository.remove if snippet.repository_exists?
+ @snippet.repository.remove if @snippet.repository_exists?
# If the snippet was created, we need to remove it as we
# would do like if it had had any validation error
- snippet.delete if snippet.persisted?
+ # and reassign a dupe so we don't return the deleted snippet
+ if @snippet.persisted?
+ @snippet.delete
+ @snippet = @snippet.dup
+ end
+
+ @snippet.errors.add(:base, e.message)
false
end
- def create_repository_for(snippet)
- snippet.create_repository
+ def create_repository
+ @snippet.create_repository
- raise CreateRepositoryError, 'Repository could not be created' unless snippet.repository_exists?
+ raise CreateRepositoryError, 'Repository could not be created' unless @snippet.repository_exists?
end
- def create_commit(snippet)
+ def create_commit
commit_attrs = {
branch_name: 'master',
message: 'Initial commit'
}
- snippet.snippet_repository.multi_files_action(current_user, snippet_files, commit_attrs)
+ @snippet.snippet_repository.multi_files_action(current_user, snippet_files, commit_attrs)
end
def snippet_files
diff --git a/changelogs/unreleased/212223-snippet-creation-bug.yml b/changelogs/unreleased/212223-snippet-creation-bug.yml
new file mode 100644
index 00000000000..88427466778
--- /dev/null
+++ b/changelogs/unreleased/212223-snippet-creation-bug.yml
@@ -0,0 +1,5 @@
+---
+title: Resolve Snippet creation failure bug
+merge_request: 27891
+author:
+type: fixed
diff --git a/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml b/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml
new file mode 100644
index 00000000000..8b866c07039
--- /dev/null
+++ b/changelogs/unreleased/33720-add-ds-tpl-remediate-var.yml
@@ -0,0 +1,5 @@
+---
+title: Add DS_REMEDIATE env var to dependency scanning template
+merge_request: 27947
+author:
+type: added
diff --git a/db/fixtures/development/17_cycle_analytics.rb b/db/fixtures/development/17_cycle_analytics.rb
index 958412f30ed..f5dc2b558d4 100644
--- a/db/fixtures/development/17_cycle_analytics.rb
+++ b/db/fixtures/development/17_cycle_analytics.rb
@@ -160,7 +160,7 @@ class Gitlab::Seeder::CycleAnalytics
creator: admin,
namespace: FactoryBot.create(
:group,
- name: "Value Stream Management Group (#{suffix})",
+ name: "Value Stream Management Group #{suffix}",
path: "vsmg-#{suffix}"
)
)
diff --git a/doc/user/project/integrations/custom_issue_tracker.md b/doc/user/project/integrations/custom_issue_tracker.md
index 7c7263704f9..99f80aea8d1 100644
--- a/doc/user/project/integrations/custom_issue_tracker.md
+++ b/doc/user/project/integrations/custom_issue_tracker.md
@@ -3,7 +3,7 @@
To enable the Custom Issue Tracker integration in a project, navigate to the
[Integrations page](project_services.md#accessing-the-project-services), click
the **Customer Issue Tracker** service, and fill in the required details on the page as described
-in the table below.
+in the table below. You will be able to edit the title and description later as well.
| Field | Description |
| ----- | ----------- |
@@ -17,6 +17,9 @@ Once you have configured and enabled Custom Issue Tracker Service you'll see a l
## Referencing issues
-- Issues are referenced with `ANYTHING-<ID>`, where `ANYTHING` can be any string and `<ID>` is a number used in the target project of the custom integration (example `PROJECT-143`).
+- Issues are referenced with `ANYTHING-<ID>`, where `ANYTHING` can be any string in CAPS and `<ID>`
+is a number used in the target project of the custom integration (for example, `PROJECT-143`).
- `ANYTHING` is a placeholder to differentiate against GitLab issues, which are referenced with `#<ID>`. You can use a project name or project key to replace it for example.
-- So with the example above, `PROJECT-143` would refer to `https://customissuetracker.com/project-name/143`.
+- When building the hyperlink, the `ANYTHING` part is ignored, and links always point to the address
+specified in `issues_url`, so in the example above, `PROJECT-143` would refer to
+`https://customissuetracker.com/project-name/143`.
diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
index 3200220a332..b4a24b813da 100644
--- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
@@ -62,6 +62,7 @@ dependency_scanning:
BUNDLER_AUDIT_ADVISORY_DB_REF_NAME \
RETIREJS_JS_ADVISORY_DB \
RETIREJS_NODE_ADVISORY_DB \
+ DS_REMEDIATE \
) \
--volume "$PWD:/code" \
--volume /var/run/docker.sock:/var/run/docker.sock \
diff --git a/qa/qa/page/project/settings/members.rb b/qa/qa/page/project/settings/members.rb
index fd3e0add2a6..5dc873750b0 100644
--- a/qa/qa/page/project/settings/members.rb
+++ b/qa/qa/page/project/settings/members.rb
@@ -5,7 +5,6 @@ module QA
module Project
module Settings
class Members < Page::Base
- include Page::Component::UsersSelect
include QA::Page::Component::Select2
view 'app/views/shared/members/_invite_member.html.haml' do
@@ -43,7 +42,8 @@ module QA
end
def add_member(username)
- select_user :member_select_field, username
+ click_element :member_select_field
+ search_and_select username
click_element :invite_member_button
end
diff --git a/spec/features/snippets/user_creates_snippet_spec.rb b/spec/features/snippets/user_creates_snippet_spec.rb
index f200355c6d2..93da976dee0 100644
--- a/spec/features/snippets/user_creates_snippet_spec.rb
+++ b/spec/features/snippets/user_creates_snippet_spec.rb
@@ -99,6 +99,11 @@ shared_examples_for 'snippet editor' do
it 'renders new page' do
expect(page).to have_content('New Snippet')
end
+
+ it 'has the correct action path' do
+ action = find('form.snippet-form')['action']
+ expect(action).to match(%r{/snippets\z})
+ end
end
it 'validation fails for the first time' do
diff --git a/spec/services/snippets/create_service_spec.rb b/spec/services/snippets/create_service_spec.rb
index 4cf574ed567..8c91763cc48 100644
--- a/spec/services/snippets/create_service_spec.rb
+++ b/spec/services/snippets/create_service_spec.rb
@@ -172,6 +172,10 @@ describe Snippets::CreateService do
it 'returns the error' do
expect(snippet.errors.full_messages).to include('Repository could not be created')
end
+
+ it 'does not return a snippet with an id' do
+ expect(snippet.id).to be_nil
+ end
end
context 'when the commit action fails' do