summaryrefslogtreecommitdiff
path: root/app/controllers/projects
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects')
-rw-r--r--app/controllers/projects/autocomplete_sources_controller.rb11
-rw-r--r--app/controllers/projects/badges_controller.rb12
-rw-r--r--app/controllers/projects/boards_controller.rb4
-rw-r--r--app/controllers/projects/branches_controller.rb19
-rw-r--r--app/controllers/projects/cluster_agents_controller.rb2
-rw-r--r--app/controllers/projects/clusters_controller.rb1
-rw-r--r--app/controllers/projects/commit_controller.rb2
-rw-r--r--app/controllers/projects/commits_controller.rb12
-rw-r--r--app/controllers/projects/compare_controller.rb21
-rw-r--r--app/controllers/projects/design_management/designs_controller.rb1
-rw-r--r--app/controllers/projects/forks_controller.rb10
-rw-r--r--app/controllers/projects/google_cloud/deployments_controller.rb55
-rw-r--r--app/controllers/projects/google_cloud_controller.rb2
-rw-r--r--app/controllers/projects/group_links_controller.rb2
-rw-r--r--app/controllers/projects/issues_controller.rb19
-rw-r--r--app/controllers/projects/merge_requests/drafts_controller.rb3
-rw-r--r--app/controllers/projects/merge_requests_controller.rb38
-rw-r--r--app/controllers/projects/packages/infrastructure_registry_controller.rb6
-rw-r--r--app/controllers/projects/pipelines_controller.rb3
-rw-r--r--app/controllers/projects/project_members_controller.rb3
-rw-r--r--app/controllers/projects/refs_controller.rb10
-rw-r--r--app/controllers/projects/repositories_controller.rb2
-rw-r--r--app/controllers/projects/runners_controller.rb2
-rw-r--r--app/controllers/projects/security/configuration_controller.rb2
-rw-r--r--app/controllers/projects/service_desk_controller.rb1
-rw-r--r--app/controllers/projects/service_ping_controller.rb8
-rw-r--r--app/controllers/projects/services_controller.rb3
-rw-r--r--app/controllers/projects/settings/ci_cd_controller.rb2
-rw-r--r--app/controllers/projects/settings/repository_controller.rb2
-rw-r--r--app/controllers/projects/tags_controller.rb12
-rw-r--r--app/controllers/projects/uploads_controller.rb2
31 files changed, 205 insertions, 67 deletions
diff --git a/app/controllers/projects/autocomplete_sources_controller.rb b/app/controllers/projects/autocomplete_sources_controller.rb
index cf432cfb429..f678e19d05d 100644
--- a/app/controllers/projects/autocomplete_sources_controller.rb
+++ b/app/controllers/projects/autocomplete_sources_controller.rb
@@ -2,8 +2,9 @@
class Projects::AutocompleteSourcesController < Projects::ApplicationController
before_action :authorize_read_milestone!, only: :milestones
+ before_action :authorize_read_crm_contact!, only: :contacts
- feature_category :team_planning, [:issues, :labels, :milestones, :commands]
+ feature_category :team_planning, [:issues, :labels, :milestones, :commands, :contacts]
feature_category :code_review, [:merge_requests]
feature_category :users, [:members]
feature_category :snippets, [:snippets]
@@ -38,6 +39,10 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController
render json: autocomplete_service.snippets
end
+ def contacts
+ render json: autocomplete_service.contacts
+ end
+
private
def autocomplete_service
@@ -49,6 +54,10 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController
.new(project, current_user)
.execute(params[:type], params[:type_id])
end
+
+ def authorize_read_crm_contact!
+ render_404 unless can?(current_user, :read_crm_contact, project.root_ancestor)
+ end
end
Projects::AutocompleteSourcesController.prepend_mod_with('Projects::AutocompleteSourcesController')
diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb
index 8023e51b552..42bd87e1c01 100644
--- a/app/controllers/projects/badges_controller.rb
+++ b/app/controllers/projects/badges_controller.rb
@@ -8,6 +8,7 @@ class Projects::BadgesController < Projects::ApplicationController
feature_category :continuous_integration, [:index, :pipeline]
feature_category :code_testing, [:coverage]
+ feature_category :release_orchestration, [:release]
def pipeline
pipeline_status = Gitlab::Ci::Badge::Pipeline::Status
@@ -34,6 +35,17 @@ class Projects::BadgesController < Projects::ApplicationController
render_badge coverage_report
end
+ def release
+ latest_release = Gitlab::Ci::Badge::Release::LatestRelease
+ .new(project, current_user, opts: {
+ key_text: params[:key_text],
+ key_width: params[:key_width],
+ order_by: params[:order_by]
+ })
+
+ render_badge latest_release
+ end
+
private
def badge_layout
diff --git a/app/controllers/projects/boards_controller.rb b/app/controllers/projects/boards_controller.rb
index adaa47b48cb..0170cff6160 100644
--- a/app/controllers/projects/boards_controller.rb
+++ b/app/controllers/projects/boards_controller.rb
@@ -11,8 +11,8 @@ class Projects::BoardsController < Projects::ApplicationController
push_frontend_feature_flag(:board_multi_select, project, default_enabled: :yaml)
push_frontend_feature_flag(:iteration_cadences, project&.group, default_enabled: :yaml)
experiment(:prominent_create_board_btn, subject: current_user) do |e|
- e.use { }
- e.try { }
+ e.control { }
+ e.candidate { }
end.run
end
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index 63ac5f97420..dad73c37fea 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -131,11 +131,28 @@ class Projects::BranchesController < Projects::ApplicationController
private
def sort_value_for_mode
- return params[:sort] if params[:sort].present?
+ custom_sort || default_sort
+ end
+
+ def custom_sort
+ sort = params[:sort].presence
+
+ unless sort.in?(supported_sort_options)
+ flash.now[:alert] = _("Unsupported sort value.")
+ sort = nil
+ end
+ sort
+ end
+
+ def default_sort
'stale' == @mode ? sort_value_oldest_updated : sort_value_recently_updated
end
+ def supported_sort_options
+ [nil, sort_value_name, sort_value_oldest_updated, sort_value_recently_updated]
+ end
+
# It can be expensive to calculate the diverging counts for each
# branch. Normally the frontend should be specifying a set of branch
# names, but prior to
diff --git a/app/controllers/projects/cluster_agents_controller.rb b/app/controllers/projects/cluster_agents_controller.rb
index 404d3907128..84bb01ee266 100644
--- a/app/controllers/projects/cluster_agents_controller.rb
+++ b/app/controllers/projects/cluster_agents_controller.rb
@@ -16,7 +16,7 @@ class Projects::ClusterAgentsController < Projects::ApplicationController
private
def authorize_can_read_cluster_agent!
- return if can?(current_user, :admin_cluster, project)
+ return if can?(current_user, :read_cluster, project)
access_denied!
end
diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb
index 8f45fa1cb9f..440375bf3c9 100644
--- a/app/controllers/projects/clusters_controller.rb
+++ b/app/controllers/projects/clusters_controller.rb
@@ -6,6 +6,7 @@ class Projects::ClustersController < Clusters::ClustersController
before_action do
push_frontend_feature_flag(:prometheus_computed_alerts)
+ push_frontend_feature_flag(:show_gitlab_agent_feedback, type: :ops, default_enabled: :yaml)
end
layout 'project'
diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb
index 62935e133c5..0ce0b8b8895 100644
--- a/app/controllers/projects/commit_controller.rb
+++ b/app/controllers/projects/commit_controller.rb
@@ -92,6 +92,8 @@ class Projects::CommitController < Projects::ApplicationController
end
def branches
+ return git_not_found! unless commit
+
# branch_names_contains/tag_names_contains can take a long time when there are thousands of
# branches/tags - each `git branch --contains xxx` request can consume a cpu core.
# so only do the query when there are a manageable number of branches/tags
diff --git a/app/controllers/projects/commits_controller.rb b/app/controllers/projects/commits_controller.rb
index 1ca35903703..82a13b60b13 100644
--- a/app/controllers/projects/commits_controller.rb
+++ b/app/controllers/projects/commits_controller.rb
@@ -67,11 +67,11 @@ class Projects::CommitsController < Projects::ApplicationController
def set_commits
render_404 unless @path.empty? || request.format == :atom || @repository.blob_at(@commit.id, @path) || @repository.tree(@commit.id, @path).entries.present?
- limit = params[:limit].to_i
+ limit = permitted_params[:limit].to_i
@limit = limit > 0 ? limit : COMMITS_DEFAULT_LIMIT # limit can only ever be a positive number
- @offset = (params[:offset] || 0).to_i
- search = params[:search]
- author = params[:author]
+ @offset = (permitted_params[:offset] || 0).to_i
+ search = permitted_params[:search]
+ author = permitted_params[:author]
@commits =
if search.present?
@@ -87,4 +87,8 @@ class Projects::CommitsController < Projects::ApplicationController
@commits = @commits.with_latest_pipeline(@ref)
@commits = set_commits_for_rendering(@commits)
end
+
+ def permitted_params
+ params.permit(:limit, :offset, :search, :author)
+ end
end
diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb
index 07f7c1cf7de..243cc7a346c 100644
--- a/app/controllers/projects/compare_controller.rb
+++ b/app/controllers/projects/compare_controller.rb
@@ -28,6 +28,7 @@ class Projects::CompareController < Projects::ApplicationController
COMMIT_DIFFS_PER_PAGE = 20
def index
+ compare_params
end
def show
@@ -44,9 +45,9 @@ class Projects::CompareController < Projects::ApplicationController
def create
from_to_vars = {
- from: params[:from].presence,
- to: params[:to].presence,
- from_project_id: params[:from_project_id].presence
+ from: compare_params[:from].presence,
+ to: compare_params[:to].presence,
+ from_project_id: compare_params[:from_project_id].presence
}
if from_to_vars[:from].blank? || from_to_vars[:to].blank?
@@ -87,10 +88,10 @@ class Projects::CompareController < Projects::ApplicationController
# target == start_ref == from
def target_project
strong_memoize(:target_project) do
- next source_project unless params.key?(:from_project_id)
- next source_project if params[:from_project_id].to_i == source_project.id
+ next source_project unless compare_params.key?(:from_project_id)
+ next source_project if compare_params[:from_project_id].to_i == source_project.id
- target_project = target_projects(source_project).find_by_id(params[:from_project_id])
+ target_project = target_projects(source_project).find_by_id(compare_params[:from_project_id])
# Just ignore the field if it points at a non-existent or hidden project
next source_project unless target_project && can?(current_user, :download_code, target_project)
@@ -111,13 +112,13 @@ class Projects::CompareController < Projects::ApplicationController
end
def start_ref
- @start_ref ||= Addressable::URI.unescape(params[:from])
+ @start_ref ||= Addressable::URI.unescape(compare_params[:from])
end
def head_ref
return @ref if defined?(@ref)
- @ref = @head_ref = Addressable::URI.unescape(params[:to])
+ @ref = @head_ref = Addressable::URI.unescape(compare_params[:to])
end
def define_commits
@@ -146,4 +147,8 @@ class Projects::CompareController < Projects::ApplicationController
.find_by(source_project: source_project, source_branch: head_ref, target_branch: start_ref)
end
# rubocop: enable CodeReuse/ActiveRecord
+
+ def compare_params
+ @compare_params ||= params.permit(:from, :to, :from_project_id)
+ end
end
diff --git a/app/controllers/projects/design_management/designs_controller.rb b/app/controllers/projects/design_management/designs_controller.rb
index 550d8578396..2aa48249c0e 100644
--- a/app/controllers/projects/design_management/designs_controller.rb
+++ b/app/controllers/projects/design_management/designs_controller.rb
@@ -4,6 +4,7 @@ class Projects::DesignManagement::DesignsController < Projects::ApplicationContr
before_action :authorize_read_design!
feature_category :design_management
+ urgency :low
private
diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb
index ba83f8dad35..475c41eec9c 100644
--- a/app/controllers/projects/forks_controller.rb
+++ b/app/controllers/projects/forks_controller.rb
@@ -22,14 +22,14 @@ class Projects::ForksController < Projects::ApplicationController
end
def index
- @sort = params[:sort]
+ @sort = forks_params[:sort]
@total_forks_count = project.forks.size
@public_forks_count = project.forks.public_only.size
@private_forks_count = @total_forks_count - project.forks.public_and_internal_only.size
@internal_forks_count = @total_forks_count - @public_forks_count - @private_forks_count
- @forks = load_forks.page(params[:page])
+ @forks = load_forks.page(forks_params[:page])
prepare_projects_for_rendering(@forks)
@@ -98,7 +98,7 @@ class Projects::ForksController < Projects::ApplicationController
def load_forks
forks = ForkProjectsFinder.new(
project,
- params: params.merge(search: params[:filter_projects]),
+ params: forks_params.merge(search: forks_params[:filter_projects]),
current_user: current_user
).execute
@@ -117,6 +117,10 @@ class Projects::ForksController < Projects::ApplicationController
end
end
+ def forks_params
+ params.permit(:filter_projects, :sort, :page)
+ end
+
def fork_params
params.permit(:path, :name, :description, :visibility).tap do |param|
param[:namespace] = fork_namespace
diff --git a/app/controllers/projects/google_cloud/deployments_controller.rb b/app/controllers/projects/google_cloud/deployments_controller.rb
index 4e7fd73e378..1941eb8a5f9 100644
--- a/app/controllers/projects/google_cloud/deployments_controller.rb
+++ b/app/controllers/projects/google_cloud/deployments_controller.rb
@@ -4,10 +4,63 @@ class Projects::GoogleCloud::DeploymentsController < Projects::GoogleCloud::Base
before_action :validate_gcp_token!
def cloud_run
- render json: "Placeholder"
+ params = { token_in_session: token_in_session }
+ enable_cloud_run_response = GoogleCloud::EnableCloudRunService
+ .new(project, current_user, params).execute
+
+ if enable_cloud_run_response[:status] == :error
+ flash[:error] = enable_cloud_run_response[:message]
+ redirect_to project_google_cloud_index_path(project)
+ else
+ params = { action: GoogleCloud::GeneratePipelineService::ACTION_DEPLOY_TO_CLOUD_RUN }
+ generate_pipeline_response = GoogleCloud::GeneratePipelineService
+ .new(project, current_user, params).execute
+
+ if generate_pipeline_response[:status] == :error
+ flash[:error] = 'Failed to generate pipeline'
+ redirect_to project_google_cloud_index_path(project)
+ else
+ cloud_run_mr_params = cloud_run_mr_params(generate_pipeline_response[:branch_name])
+ redirect_to project_new_merge_request_path(project, merge_request: cloud_run_mr_params)
+ end
+ end
+ rescue Google::Apis::ClientError => error
+ handle_gcp_error(error, project)
end
def cloud_storage
render json: "Placeholder"
end
+
+ private
+
+ def cloud_run_mr_params(branch_name)
+ {
+ title: cloud_run_mr_title,
+ description: cloud_run_mr_description(branch_name),
+ source_project_id: project.id,
+ target_project_id: project.id,
+ source_branch: branch_name,
+ target_branch: project.default_branch
+ }
+ end
+
+ def cloud_run_mr_title
+ 'Enable deployments to Cloud Run'
+ end
+
+ def cloud_run_mr_description(branch_name)
+ <<-TEXT
+This merge request includes a Cloud Run deployment job in the pipeline definition (.gitlab-ci.yml).
+
+The `deploy-to-cloud-run` job:
+* Requires the following environment variables
+ * `GCP_PROJECT_ID`
+ * `GCP_SERVICE_ACCOUNT_KEY`
+* Job definition can be found at: https://gitlab.com/gitlab-org/incubation-engineering/five-minute-production/library
+
+This pipeline definition has been committed to the branch `#{branch_name}`.
+You may modify the pipeline definition further or accept the changes as-is if suitable.
+ TEXT
+ end
end
diff --git a/app/controllers/projects/google_cloud_controller.rb b/app/controllers/projects/google_cloud_controller.rb
index 1fa8ae60376..206a8c7e391 100644
--- a/app/controllers/projects/google_cloud_controller.rb
+++ b/app/controllers/projects/google_cloud_controller.rb
@@ -6,6 +6,8 @@ class Projects::GoogleCloudController < Projects::GoogleCloud::BaseController
screen: 'home',
serviceAccounts: GoogleCloud::ServiceAccountsService.new(project).find_for_project,
createServiceAccountUrl: project_google_cloud_service_accounts_path(project),
+ enableCloudRunUrl: project_google_cloud_deployments_cloud_run_path(project),
+ enableCloudStorageUrl: project_google_cloud_deployments_cloud_storage_path(project),
emptyIllustrationUrl: ActionController::Base.helpers.image_path('illustrations/pipelines_empty.svg')
}.to_json
end
diff --git a/app/controllers/projects/group_links_controller.rb b/app/controllers/projects/group_links_controller.rb
index 27893fe510d..6bc81381d92 100644
--- a/app/controllers/projects/group_links_controller.rb
+++ b/app/controllers/projects/group_links_controller.rb
@@ -28,7 +28,7 @@ class Projects::GroupLinksController < Projects::ApplicationController
if group_link.expires?
render json: {
- expires_in: helpers.distance_of_time_in_words_to_now(group_link.expires_at),
+ expires_in: helpers.time_ago_with_tooltip(group_link.expires_at),
expires_soon: group_link.expires_soon?
}
else
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 785fbdaa611..1b98810b09b 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -10,7 +10,7 @@ class Projects::IssuesController < Projects::ApplicationController
include RecordUserLastActivity
ISSUES_EXCEPT_ACTIONS = %i[index calendar new create bulk_update import_csv export_csv service_desk].freeze
- SET_ISSUABLES_INDEX_ONLY_ACTIONS = %i[index calendar service_desk].freeze
+ SET_ISSUABLES_INDEX_ONLY_ACTIONS = %i[calendar service_desk].freeze
prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:rss) }
prepend_before_action(only: [:calendar]) { authenticate_sessionless_user!(:ics) }
@@ -42,18 +42,20 @@ class Projects::IssuesController < Projects::ApplicationController
if: -> { Feature.disabled?('rate_limited_service_issues_create', project, default_enabled: :yaml) }
before_action do
- push_frontend_feature_flag(:tribute_autocomplete, @project)
push_frontend_feature_flag(:improved_emoji_picker, project, default_enabled: :yaml)
push_frontend_feature_flag(:vue_issues_list, project&.group, default_enabled: :yaml)
push_frontend_feature_flag(:iteration_cadences, project&.group, default_enabled: :yaml)
+ push_frontend_feature_flag(:contacts_autocomplete, project&.group, default_enabled: :yaml)
+ push_frontend_feature_flag(:markdown_continue_lists, project, default_enabled: :yaml)
end
before_action only: :show do
- push_frontend_feature_flag(:real_time_issue_sidebar, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:real_time_issue_sidebar, project, default_enabled: :yaml)
push_frontend_feature_flag(:confidential_notes, project&.group, default_enabled: :yaml)
- push_frontend_feature_flag(:issue_assignees_widget, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:paginated_issue_discussions, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:fix_comment_scroll, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:issue_assignees_widget, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:paginated_issue_discussions, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:fix_comment_scroll, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:work_items, project, default_enabled: :yaml)
end
around_action :allow_gitaly_ref_name_caching, only: [:discussions]
@@ -71,11 +73,14 @@ class Projects::IssuesController < Projects::ApplicationController
]
feature_category :service_desk, [:service_desk]
+ urgency :low, [:service_desk]
feature_category :importers, [:import_csv, :export_csv]
attr_accessor :vulnerability_id
def index
+ set_issuables_index if !html_request? || Feature.disabled?(:vue_issues_list, project&.group, default_enabled: :yaml)
+
@issues = @issuables
respond_to do |format|
@@ -317,7 +322,7 @@ class Projects::IssuesController < Projects::ApplicationController
end
def reorder_params
- params.permit(:move_before_id, :move_after_id, :group_full_path)
+ params.permit(:move_before_id, :move_after_id)
end
def store_uri
diff --git a/app/controllers/projects/merge_requests/drafts_controller.rb b/app/controllers/projects/merge_requests/drafts_controller.rb
index 645720a0889..686d2c1dc1f 100644
--- a/app/controllers/projects/merge_requests/drafts_controller.rb
+++ b/app/controllers/projects/merge_requests/drafts_controller.rb
@@ -92,7 +92,8 @@ class Projects::MergeRequests::DraftsController < Projects::MergeRequests::Appli
:commit_id,
:note,
:position,
- :resolve_discussion
+ :resolve_discussion,
+ :line_code
).tap do |h|
# Old FE version will still be sending `draft_note[commit_id]` as 'undefined'.
# That can result to having a note linked to a commit with 'undefined' ID
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index f936aeb0084..6445f920db5 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -30,24 +30,31 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
before_action :set_issuables_index, only: [:index]
before_action :authenticate_user!, only: [:assign_related_issues]
before_action :check_user_can_push_to_source_branch!, only: [:rebase]
+ before_action only: [:index, :show] do
+ push_frontend_feature_flag(:mr_attention_requests, project, default_enabled: :yaml)
+ end
+
before_action only: [:show] do
push_frontend_feature_flag(:file_identifier_hash)
- push_frontend_feature_flag(:merge_request_widget_graphql, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:default_merge_ref_for_diffs, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:core_security_mr_widget_counts, @project)
- push_frontend_feature_flag(:paginated_notes, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:confidential_notes, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:merge_request_widget_graphql, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:default_merge_ref_for_diffs, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:core_security_mr_widget_counts, project)
+ push_frontend_feature_flag(:paginated_notes, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:confidential_notes, project, default_enabled: :yaml)
push_frontend_feature_flag(:improved_emoji_picker, project, default_enabled: :yaml)
- push_frontend_feature_flag(:diffs_virtual_scrolling, project, default_enabled: :yaml)
push_frontend_feature_flag(:restructured_mr_widget, project, default_enabled: :yaml)
- push_frontend_feature_flag(:mr_changes_fluid_layout, project, default_enabled: :yaml)
- push_frontend_feature_flag(:mr_attention_requests, project, default_enabled: :yaml)
- push_frontend_feature_flag(:refactor_mr_widgets_extensions, @project, default_enabled: :yaml)
- push_frontend_feature_flag(:rebase_without_ci_ui, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:refactor_mr_widgets_extensions, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:rebase_without_ci_ui, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:rearrange_pipelines_table, project, default_enabled: :yaml)
+ push_frontend_feature_flag(:markdown_continue_lists, project, default_enabled: :yaml)
# Usage data feature flags
- push_frontend_feature_flag(:users_expanding_widgets_usage_data, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:users_expanding_widgets_usage_data, project, default_enabled: :yaml)
push_frontend_feature_flag(:diff_settings_usage_data, default_enabled: :yaml)
- push_frontend_feature_flag(:diff_searching_usage_data, @project, default_enabled: :yaml)
+ push_frontend_feature_flag(:usage_data_diff_searches, project, default_enabled: :yaml)
+ end
+
+ before_action do
+ push_frontend_feature_flag(:permit_all_shared_groups_for_approval, @project, default_enabled: :yaml)
end
around_action :allow_gitaly_ref_name_caching, only: [:index, :show, :discussions]
@@ -100,10 +107,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
# rubocop:disable Metrics/AbcSize
def show
close_merge_request_if_no_source_project
-
- if Feature.disabled?(:check_mergeability_async_in_widget, @project, default_enabled: :yaml)
- @merge_request.check_mergeability(async: true)
- end
+ @merge_request.check_mergeability(async: true)
respond_to do |format|
format.html do
@@ -504,6 +508,8 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
.can_push_to_branch?(@merge_request.source_branch)
access_denied! unless access_check
+
+ access_denied! unless merge_request.permits_force_push?
end
def merge_access_check
diff --git a/app/controllers/projects/packages/infrastructure_registry_controller.rb b/app/controllers/projects/packages/infrastructure_registry_controller.rb
index c02a0a56e03..2fe353b7acb 100644
--- a/app/controllers/projects/packages/infrastructure_registry_controller.rb
+++ b/app/controllers/projects/packages/infrastructure_registry_controller.rb
@@ -9,11 +9,7 @@ module Projects
def show
@package = project.packages.find(params[:id])
- @package_files = if Feature.enabled?(:packages_installable_package_files, default_enabled: :yaml)
- @package.installable_package_files.recent
- else
- @package.package_files.recent
- end
+ @package_files = @package.installable_package_files.recent
end
end
end
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index 71dc67bb6dc..7f680bbf121 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -13,6 +13,9 @@ class Projects::PipelinesController < Projects::ApplicationController
before_action :authorize_create_pipeline!, only: [:new, :create, :config_variables]
before_action :authorize_update_pipeline!, only: [:retry, :cancel]
before_action :ensure_pipeline, only: [:show, :downloadable_artifacts]
+ before_action do
+ push_frontend_feature_flag(:rearrange_pipelines_table, project, default_enabled: :yaml)
+ end
before_action do
push_frontend_feature_flag(:jobs_tab_vue, @project, default_enabled: :yaml)
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb
index e8074f7d793..dc0614c6bdd 100644
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@@ -13,8 +13,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def index
@sort = params[:sort].presence || sort_value_name
- @skip_groups = @project.invited_group_ids
- @skip_groups += @project.group.self_and_ancestors_ids if @project.group
+ @skip_groups = @project.related_group_ids
@group_links = @project.project_group_links
@group_links = @group_links.search(params[:search_groups]) if params[:search_groups].present?
diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb
index 73eb6bb2bf2..b070f9419fc 100644
--- a/app/controllers/projects/refs_controller.rb
+++ b/app/controllers/projects/refs_controller.rb
@@ -18,7 +18,7 @@ class Projects::RefsController < Projects::ApplicationController
respond_to do |format|
format.html do
new_path =
- case params[:destination]
+ case permitted_params[:destination]
when "tree"
project_tree_path(@project, @id)
when "blob"
@@ -45,7 +45,7 @@ class Projects::RefsController < Projects::ApplicationController
def logs_tree
tree_summary = ::Gitlab::TreeSummary.new(
@commit, @project, current_user,
- path: @path, offset: params[:offset], limit: 25)
+ path: @path, offset: permitted_params[:offset], limit: 25)
respond_to do |format|
format.html { render_404 }
@@ -62,6 +62,10 @@ class Projects::RefsController < Projects::ApplicationController
private
def validate_ref_id
- return not_found! if params[:id].present? && params[:id] !~ Gitlab::PathRegex.git_reference_regex
+ return not_found if permitted_params[:id].present? && permitted_params[:id] !~ Gitlab::PathRegex.git_reference_regex
+ end
+
+ def permitted_params
+ params.permit(:id, :offset, :destination)
end
end
diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index 77826a2f789..9fc75fff807 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -23,7 +23,7 @@ class Projects::RepositoriesController < Projects::ApplicationController
feature_category :source_code_management
def create
- @project.create_repository
+ @project.create_repository unless @project.repository_exists?
redirect_to project_path(@project)
end
diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb
index 62a9f8a4625..192a29730d9 100644
--- a/app/controllers/projects/runners_controller.rb
+++ b/app/controllers/projects/runners_controller.rb
@@ -23,7 +23,7 @@ class Projects::RunnersController < Projects::ApplicationController
def destroy
if @runner.only_for?(project)
- @runner.destroy
+ Ci::UnregisterRunnerService.new(@runner).execute
end
redirect_to project_runners_path(@project), status: :found
diff --git a/app/controllers/projects/security/configuration_controller.rb b/app/controllers/projects/security/configuration_controller.rb
index 14f765814e6..7b799cc0aa6 100644
--- a/app/controllers/projects/security/configuration_controller.rb
+++ b/app/controllers/projects/security/configuration_controller.rb
@@ -10,6 +10,8 @@ module Projects
def show
render_403 unless can?(current_user, :read_security_configuration, project)
+ @configuration ||= configuration_presenter
+
respond_to do |format|
format.html
format.json do
diff --git a/app/controllers/projects/service_desk_controller.rb b/app/controllers/projects/service_desk_controller.rb
index 1fb07c3a903..aa0e70121df 100644
--- a/app/controllers/projects/service_desk_controller.rb
+++ b/app/controllers/projects/service_desk_controller.rb
@@ -4,6 +4,7 @@ class Projects::ServiceDeskController < Projects::ApplicationController
before_action :authorize_admin_project!
feature_category :service_desk
+ urgency :low
def show
json_response
diff --git a/app/controllers/projects/service_ping_controller.rb b/app/controllers/projects/service_ping_controller.rb
index 00530c09be8..368da8d1ef2 100644
--- a/app/controllers/projects/service_ping_controller.rb
+++ b/app/controllers/projects/service_ping_controller.rb
@@ -13,6 +13,14 @@ class Projects::ServicePingController < Projects::ApplicationController
head(200)
end
+ def web_ide_clientside_preview_success
+ return render_404 unless Gitlab::CurrentSettings.web_ide_clientside_preview_enabled?
+
+ Gitlab::UsageDataCounters::WebIdeCounter.increment_previews_success_count
+
+ head(200)
+ end
+
def web_ide_pipelines_count
Gitlab::UsageDataCounters::WebIdeCounter.increment_pipelines_count
diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb
index 9896f75c099..1321111faaf 100644
--- a/app/controllers/projects/services_controller.rb
+++ b/app/controllers/projects/services_controller.rb
@@ -12,9 +12,6 @@ class Projects::ServicesController < Projects::ApplicationController
before_action :web_hook_logs, only: [:edit, :update]
before_action :set_deprecation_notice_for_prometheus_integration, only: [:edit, :update]
before_action :redirect_deprecated_prometheus_integration, only: [:update]
- before_action do
- push_frontend_feature_flag(:vue_integration_form, current_user, default_enabled: :yaml)
- end
respond_to :html
diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index c71134e0547..dd2fb57f7ac 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -160,6 +160,8 @@ module Projects
@badges.map! do |badge|
badge.new(@project, @ref).metadata
end
+
+ @badges.append(Gitlab::Ci::Badge::Release::LatestRelease.new(@project, current_user).metadata)
end
def define_auto_devops_variables
diff --git a/app/controllers/projects/settings/repository_controller.rb b/app/controllers/projects/settings/repository_controller.rb
index d750bd201e2..a28c08e87cb 100644
--- a/app/controllers/projects/settings/repository_controller.rb
+++ b/app/controllers/projects/settings/repository_controller.rb
@@ -25,7 +25,7 @@ module Projects
if result[:status] == :success
flash[:notice] = _('Repository cleanup has started. You will receive an email once the cleanup operation is complete.')
else
- flash[:alert] = status.fetch(:message, _('Failed to upload object map file'))
+ flash[:alert] = result.fetch(:message, _('Failed to upload object map file'))
end
redirect_to project_settings_repository_path(project)
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index de0faaca9c0..6472d3c3454 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -16,13 +16,16 @@ class Projects::TagsController < Projects::ApplicationController
# rubocop: disable CodeReuse/ActiveRecord
def index
begin
- params[:sort] = params[:sort].presence || sort_value_recently_updated
+ tags_params = params
+ .permit(:search, :sort, :per_page, :page_token, :page)
+ .with_defaults(sort: sort_value_recently_updated)
- @sort = params[:sort]
+ @sort = tags_params[:sort]
+ @search = tags_params[:search]
- @tags = TagsFinder.new(@repository, params).execute
+ @tags = TagsFinder.new(@repository, tags_params).execute
- @tags = Kaminari.paginate_array(@tags).page(params[:page])
+ @tags = Kaminari.paginate_array(@tags).page(tags_params[:page])
tag_names = @tags.map(&:name)
@tags_pipelines = @project.ci_pipelines.latest_successful_for_refs(tag_names)
@@ -31,6 +34,7 @@ class Projects::TagsController < Projects::ApplicationController
rescue Gitlab::Git::CommandError => e
@tags = []
+ @releases = []
@tags_loading_error = e
end
diff --git a/app/controllers/projects/uploads_controller.rb b/app/controllers/projects/uploads_controller.rb
index c15768e7bbb..ed5bd73d6d1 100644
--- a/app/controllers/projects/uploads_controller.rb
+++ b/app/controllers/projects/uploads_controller.rb
@@ -6,7 +6,7 @@ class Projects::UploadsController < Projects::ApplicationController
# These will kick you out if you don't have access.
skip_before_action :project, :repository,
- if: -> { action_name == 'show' && embeddable? }
+ if: -> { bypass_auth_checks_on_uploads? }
before_action :authorize_upload_file!, only: [:create, :authorize]
before_action :verify_workhorse_api!, only: [:authorize]