diff options
Diffstat (limited to 'app/controllers/projects')
20 files changed, 135 insertions, 67 deletions
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb index 028b7af02c9..2256471047d 100644 --- a/app/controllers/projects/application_controller.rb +++ b/app/controllers/projects/application_controller.rb @@ -39,8 +39,8 @@ class Projects::ApplicationController < ApplicationController access_denied!( _('You must have developer or higher permissions in the associated project to view job logs when debug trace ' \ "is enabled. To disable debug trace, set the 'CI_DEBUG_TRACE' variable to 'false' in your pipeline " \ - 'configuration or CI/CD settings. If you need to view this job log, a project maintainer must add you to ' \ - 'the project with developer permissions or higher.') + 'configuration or CI/CD settings. If you need to view this job log, a project maintainer or owner must add ' \ + 'you to the project with developer permissions or higher.') ) else access_denied!(_('The current user is not authorized to access the job log.')) diff --git a/app/controllers/projects/autocomplete_sources_controller.rb b/app/controllers/projects/autocomplete_sources_controller.rb index 9dbf989ca3f..7755effe1da 100644 --- a/app/controllers/projects/autocomplete_sources_controller.rb +++ b/app/controllers/projects/autocomplete_sources_controller.rb @@ -41,7 +41,7 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController end def contacts - render json: autocomplete_service.contacts + render json: autocomplete_service.contacts(target) end private @@ -51,9 +51,12 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController end def target + # type_id is not required in general + target_type = params.require(:type) + QuickActions::TargetService .new(project, current_user) - .execute(params[:type], params[:type_id]) + .execute(target_type, params[:type_id]) end def authorize_read_crm_contact! diff --git a/app/controllers/projects/blame_controller.rb b/app/controllers/projects/blame_controller.rb index 2a20c67a23d..01ed5473b41 100644 --- a/app/controllers/projects/blame_controller.rb +++ b/app/controllers/projects/blame_controller.rb @@ -26,7 +26,10 @@ class Projects::BlameController < Projects::ApplicationController blame_service = Projects::BlameService.new(@blob, @commit, params.permit(:page, :no_pagination)) @blame = Gitlab::View::Presenter::Factory.new(blame_service.blame, project: @project, path: @path, page: blame_service.page).fabricate! + @blame_pagination = blame_service.pagination + + @blame_per_page = blame_service.per_page end end diff --git a/app/controllers/projects/boards_controller.rb b/app/controllers/projects/boards_controller.rb index 82b35a22669..6a6701ead15 100644 --- a/app/controllers/projects/boards_controller.rb +++ b/app/controllers/projects/boards_controller.rb @@ -1,11 +1,10 @@ # frozen_string_literal: true class Projects::BoardsController < Projects::ApplicationController - include MultipleBoardsActions + include BoardsActions include IssuableCollections before_action :check_issues_available! - before_action :assign_endpoint_vars before_action do push_frontend_feature_flag(:board_multi_select, project) push_frontend_feature_flag(:realtime_labels, project&.group) @@ -20,16 +19,6 @@ class Projects::BoardsController < Projects::ApplicationController private - def board_klass - Board - end - - def boards_finder - strong_memoize :boards_finder do - Boards::BoardsFinder.new(parent, current_user) - end - end - def board_finder strong_memoize :board_finder do Boards::BoardsFinder.new(parent, current_user, board_id: params[:id]) @@ -42,11 +31,6 @@ class Projects::BoardsController < Projects::ApplicationController end end - def assign_endpoint_vars - @boards_endpoint = project_boards_path(project) - @bulk_issues_path = bulk_update_project_issues_path(project) - end - def authorize_read_board! access_denied! unless can?(current_user, :read_issue_board, project) end diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb index d7fd65f02a8..61308f24412 100644 --- a/app/controllers/projects/compare_controller.rb +++ b/app/controllers/projects/compare_controller.rb @@ -47,7 +47,8 @@ class Projects::CompareController < Projects::ApplicationController from_to_vars = { from: compare_params[:from].presence, to: compare_params[:to].presence, - from_project_id: compare_params[:from_project_id].presence + from_project_id: compare_params[:from_project_id].presence, + straight: compare_params[:straight].presence } if from_to_vars[:from].blank? || from_to_vars[:to].blank? @@ -112,7 +113,11 @@ class Projects::CompareController < Projects::ApplicationController def compare return @compare if defined?(@compare) - @compare = CompareService.new(source_project, head_ref).execute(target_project, start_ref) + @compare = CompareService.new(source_project, head_ref).execute(target_project, start_ref, straight: straight) + end + + def straight + compare_params[:straight] == "true" end def start_ref @@ -160,6 +165,6 @@ class Projects::CompareController < Projects::ApplicationController # rubocop: enable CodeReuse/ActiveRecord def compare_params - @compare_params ||= params.permit(:from, :to, :from_project_id) + @compare_params ||= params.permit(:from, :to, :from_project_id, :straight) end end diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 96afe9dbb9f..22a42d22914 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -27,11 +27,9 @@ class Projects::DeployKeysController < Projects::ApplicationController end def create - @key = DeployKeys::CreateService.new(current_user, create_params).execute(project: @project) + @key = DeployKeys::CreateService.new(current_user, create_params).execute(project: @project).present - unless @key.valid? - flash[:alert] = @key.errors.full_messages.join(', ').html_safe - end + flash[:alert] = @key.humanized_error_message unless @key.valid? redirect_to_repository end diff --git a/app/controllers/projects/google_cloud/databases_controller.rb b/app/controllers/projects/google_cloud/databases_controller.rb index 8f7554f248b..77ee830fd24 100644 --- a/app/controllers/projects/google_cloud/databases_controller.rb +++ b/app/controllers/projects/google_cloud/databases_controller.rb @@ -50,16 +50,15 @@ module Projects track_event(:error_enable_cloudsql_services) flash[:error] = error_message(enable_response[:message]) else - permitted_params = params.permit(:gcp_project, :ref, :database_version, :tier) create_response = ::GoogleCloud::CreateCloudsqlInstanceService - .new(project, current_user, create_service_params(permitted_params)) + .new(project, current_user, create_service_params) .execute if create_response[:status] == :error track_event(:error_create_cloudsql_instance) flash[:warning] = error_message(create_response[:message]) else - track_event(:create_cloudsql_instance, permitted_params.to_s) + track_event(:create_cloudsql_instance, permitted_params_create.to_s) flash[:notice] = success_message end end @@ -69,17 +68,25 @@ module Projects private + def permitted_params_create + params.permit(:gcp_project, :ref, :database_version, :tier) + end + def enable_service_params - { google_oauth2_token: token_in_session } + { + google_oauth2_token: token_in_session, + gcp_project_id: permitted_params_create[:gcp_project], + environment_name: permitted_params_create[:ref] + } end - def create_service_params(permitted_params) + def create_service_params { google_oauth2_token: token_in_session, - gcp_project_id: permitted_params[:gcp_project], - environment_name: permitted_params[:ref], - database_version: permitted_params[:database_version], - tier: permitted_params[:tier] + gcp_project_id: permitted_params_create[:gcp_project], + environment_name: permitted_params_create[:ref], + database_version: permitted_params_create[:database_version], + tier: permitted_params_create[:tier] } end diff --git a/app/controllers/projects/incident_management/timeline_events_controller.rb b/app/controllers/projects/incident_management/timeline_events_controller.rb new file mode 100644 index 00000000000..7e7a4758e48 --- /dev/null +++ b/app/controllers/projects/incident_management/timeline_events_controller.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +module Projects + module IncidentManagement + class TimelineEventsController < Projects::ApplicationController + include PreviewMarkdown + + before_action :authenticate_user! + + respond_to :json + + feature_category :incident_management + urgency :low + end + end +end diff --git a/app/controllers/projects/incidents_controller.rb b/app/controllers/projects/incidents_controller.rb index cbf0c756e1e..089ee860ea6 100644 --- a/app/controllers/projects/incidents_controller.rb +++ b/app/controllers/projects/incidents_controller.rb @@ -7,11 +7,9 @@ class Projects::IncidentsController < Projects::ApplicationController before_action :authorize_read_issue! before_action :load_incident, only: [:show] before_action do - push_frontend_feature_flag(:incident_timeline, @project) push_force_frontend_feature_flag(:work_items, @project&.work_items_feature_flag_enabled?) push_force_frontend_feature_flag(:work_items_mvc_2, @project&.work_items_mvc_2_feature_flag_enabled?) push_frontend_feature_flag(:work_items_hierarchy, @project) - push_frontend_feature_flag(:remove_user_attributes_projects, @project) end feature_category :incident_management diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 800a7df2566..5b1117c0224 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -41,8 +41,8 @@ class Projects::IssuesController < Projects::ApplicationController before_action :authorize_download_code!, only: [:related_branches] before_action do - push_frontend_feature_flag(:incident_timeline, project) - push_frontend_feature_flag(:remove_user_attributes_projects, project) + push_frontend_feature_flag(:preserve_unchanged_markdown, project) + push_frontend_feature_flag(:content_editor_on_issues, project) end before_action only: [:index, :show] do @@ -147,19 +147,26 @@ class Projects::IssuesController < Projects::ApplicationController spam_params = ::Spam::SpamParams.new_from_request(request: request) service = ::Issues::CreateService.new(project: project, current_user: current_user, params: create_params, spam_params: spam_params) - @issue = service.execute + result = service.execute - create_vulnerability_issue_feedback(issue) - - if service.discussions_to_resolve.count(&:resolved?) > 0 - flash[:notice] = if service.discussion_to_resolve_id - _("Resolved 1 discussion.") - else - _("Resolved all discussions.") - end + # Only irrecoverable errors such as unauthorized user won't contain an issue in the response + if result.error? && result[:issue].blank? + render_by_create_result_error(result) && return end - if @issue.valid? + @issue = result[:issue] + + if result.success? + create_vulnerability_issue_feedback(@issue) + + if service.discussions_to_resolve.count(&:resolved?) > 0 + flash[:notice] = if service.discussion_to_resolve_id + _("Resolved 1 discussion.") + else + _("Resolved all discussions.") + end + end + redirect_to project_issue_path(@project, @issue) else # NOTE: this CAPTCHA support method is indirectly included via IssuableActions @@ -372,6 +379,21 @@ class Projects::IssuesController < Projects::ApplicationController private + def render_by_create_result_error(result) + Gitlab::AppLogger.warn( + message: 'Cannot create issue', + errors: result.errors, + http_status: result.http_status + ) + error_method_name = "render_#{result.http_status}".to_sym + + if respond_to?(error_method_name, true) + send(error_method_name) # rubocop:disable GitlabSecurity/PublicSend + else + render_404 + end + end + def clean_params(all_params) issue_type = all_params[:issue_type].to_s all_params.delete(:issue_type) unless WorkItems::Type.allowed_types_for_issues.include?(issue_type) @@ -383,6 +405,7 @@ class Projects::IssuesController < Projects::ApplicationController options = super options[:issue_types] = Issue::TYPES_FOR_LIST + options[:issue_types] = options[:issue_types].excluding('task') unless project.work_items_feature_flag_enabled? if service_desk? options.reject! { |key| key == 'author_username' || key == 'author_id' } diff --git a/app/controllers/projects/merge_requests/diffs_controller.rb b/app/controllers/projects/merge_requests/diffs_controller.rb index a68c2ffa06d..418e7233e21 100644 --- a/app/controllers/projects/merge_requests/diffs_controller.rb +++ b/app/controllers/projects/merge_requests/diffs_controller.rb @@ -4,6 +4,7 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic include DiffHelper include RendersNotes include Gitlab::Cache::Helpers + include Gitlab::Tracking::Helpers before_action :commit before_action :define_diff_vars diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 5a212e9a152..9c139733248 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -34,7 +34,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo before_action only: [:show] do push_frontend_feature_flag(:merge_request_widget_graphql, project) push_frontend_feature_flag(:core_security_mr_widget_counts, project) - push_frontend_feature_flag(:refactor_mr_widgets_extensions, project) push_frontend_feature_flag(:refactor_code_quality_extension, project) push_frontend_feature_flag(:refactor_mr_widget_test_summary, project) push_frontend_feature_flag(:issue_assignees_widget, @project) @@ -45,7 +44,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo push_frontend_feature_flag(:paginated_mr_discussions, project) push_frontend_feature_flag(:mr_review_submit_comment, project) push_frontend_feature_flag(:mr_experience_survey, project) - push_frontend_feature_flag(:remove_user_attributes_projects, @project) end before_action do @@ -451,15 +449,16 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo return :failed end + squashing = params.fetch(:squash, false) merge_service = ::MergeRequests::MergeService.new(project: @project, current_user: current_user, params: merge_params) - unless merge_service.hooks_validation_pass?(@merge_request) + unless merge_service.hooks_validation_pass?(@merge_request, validate_squash_message: squashing) return :hook_validation_error end return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha - @merge_request.update(merge_error: nil, squash: params.fetch(:squash, false)) + @merge_request.update(merge_error: nil, squash: squashing) if auto_merge_requested? if merge_request.auto_merge_enabled? @@ -555,7 +554,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo end def endpoint_metadata_url(project, merge_request) - params = request.query_parameters.merge(view: 'inline', diff_head: true) + params = request.query_parameters.merge(view: 'inline', diff_head: true, w: current_user&.show_whitespace_in_diffs ? '0' : '1') diffs_metadata_project_json_merge_request_path(project, merge_request, 'json', params) end diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index cfb67b7b4ff..78108cf3478 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -4,8 +4,11 @@ class Projects::MilestonesController < Projects::ApplicationController include Gitlab::Utils::StrongMemoize include MilestoneActions + REDIRECT_TARGETS = [:new_release].freeze + before_action :check_issuables_available! before_action :milestone, only: [:edit, :update, :destroy, :show, :issues, :merge_requests, :participants, :labels, :promote] + before_action :redirect_path, only: [:new, :create] # Allow read any milestone before_action :authorize_read_milestone! @@ -59,7 +62,11 @@ class Projects::MilestonesController < Projects::ApplicationController @milestone = Milestones::CreateService.new(project, current_user, milestone_params).execute if @milestone.valid? - redirect_to project_milestone_path(@project, @milestone) + if @redirect_path == :new_release + redirect_to new_project_release_path(@project) + else + redirect_to project_milestone_path(@project, @milestone) + end else render "new" end @@ -113,6 +120,11 @@ class Projects::MilestonesController < Projects::ApplicationController protected + def redirect_path + path = params[:redirect_path]&.to_sym + @redirect_path = path if REDIRECT_TARGETS.include?(path) + end + def project_group strong_memoize(:project_group) do project.group diff --git a/app/controllers/projects/pages_domains_controller.rb b/app/controllers/projects/pages_domains_controller.rb index a6b22a28b17..43952a2efe4 100644 --- a/app/controllers/projects/pages_domains_controller.rb +++ b/app/controllers/projects/pages_domains_controller.rb @@ -41,9 +41,9 @@ class Projects::PagesDomainsController < Projects::ApplicationController end def create - @domain = @project.pages_domains.create(create_params) + @domain = PagesDomains::CreateService.new(@project, current_user, create_params).execute - if @domain.valid? + if @domain&.persisted? redirect_to project_pages_domain_path(@project, @domain) else render 'new' @@ -51,7 +51,9 @@ class Projects::PagesDomainsController < Projects::ApplicationController end def update - if @domain.update(update_params) + service = ::PagesDomains::UpdateService.new(@project, current_user, update_params) + + if service.execute(@domain) redirect_to project_pages_path(@project), status: :found, notice: 'Domain was updated' @@ -61,7 +63,9 @@ class Projects::PagesDomainsController < Projects::ApplicationController end def destroy - @domain.destroy + PagesDomains::DeleteService + .new(@project, current_user) + .execute(@domain) respond_to do |format| format.html do @@ -74,9 +78,10 @@ class Projects::PagesDomainsController < Projects::ApplicationController end def clean_certificate - unless @domain.update(user_provided_certificate: nil, user_provided_key: nil) - flash[:alert] = @domain.errors.full_messages.join(', ') - end + update_params = { user_provided_certificate: nil, user_provided_key: nil } + service = ::PagesDomains::UpdateService.new(@project, current_user, update_params) + + flash[:alert] = @domain.errors.full_messages.join(', ') unless service.execute(@domain) redirect_to project_pages_domain_path(@project, @domain) end diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb index a23d7fb3e6b..ca787785901 100644 --- a/app/controllers/projects/pipeline_schedules_controller.rb +++ b/app/controllers/projects/pipeline_schedules_controller.rb @@ -10,6 +10,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController before_action :authorize_update_pipeline_schedule!, only: [:edit, :update] before_action :authorize_take_ownership_pipeline_schedule!, only: [:take_ownership] before_action :authorize_admin_pipeline_schedule!, only: [:destroy] + before_action :push_schedule_feature_flag, only: [:index, :new, :edit] feature_category :continuous_integration urgency :low @@ -115,4 +116,8 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController def authorize_admin_pipeline_schedule! return access_denied! unless can?(current_user, :admin_pipeline_schedule, schedule) end + + def push_schedule_feature_flag + push_frontend_feature_flag(:pipeline_schedules_vue, @project) + end end diff --git a/app/controllers/projects/product_analytics_controller.rb b/app/controllers/projects/product_analytics_controller.rb index c89cd52530a..8085b0a6334 100644 --- a/app/controllers/projects/product_analytics_controller.rb +++ b/app/controllers/projects/product_analytics_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Projects::ProductAnalyticsController < Projects::ApplicationController - before_action :feature_enabled! + before_action :feature_enabled!, only: [:index, :setup, :test, :graphs] before_action :authorize_read_product_analytics! before_action :tracker_variables, only: [:setup, :test] @@ -57,3 +57,5 @@ class Projects::ProductAnalyticsController < Projects::ApplicationController render_404 unless Feature.enabled?(:product_analytics, @project) end end + +Projects::ProductAnalyticsController.prepend_mod_with('Projects::ProductAnalyticsController') diff --git a/app/controllers/projects/protected_refs_controller.rb b/app/controllers/projects/protected_refs_controller.rb index abbfe9ce22a..69a540158c6 100644 --- a/app/controllers/projects/protected_refs_controller.rb +++ b/app/controllers/projects/protected_refs_controller.rb @@ -4,7 +4,6 @@ class Projects::ProtectedRefsController < Projects::ApplicationController include RepositorySettingsRedirect # Authorize - before_action :require_non_empty_project before_action :authorize_admin_project! before_action :load_protected_ref, only: [:show, :update, :destroy] diff --git a/app/controllers/projects/settings/access_tokens_controller.rb b/app/controllers/projects/settings/access_tokens_controller.rb index 32916831ecd..bac35583a97 100644 --- a/app/controllers/projects/settings/access_tokens_controller.rb +++ b/app/controllers/projects/settings/access_tokens_controller.rb @@ -13,6 +13,12 @@ module Projects def resource_access_tokens_path namespace_project_settings_access_tokens_path end + + private + + def represent(tokens) + ::ProjectAccessTokenSerializer.new.represent(tokens, project: resource) + end end end end diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index c861b24d9ec..76e2da6eb57 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -14,7 +14,7 @@ class Projects::SnippetsController < Projects::Snippets::ApplicationController before_action :authorize_read_snippet!, except: [:new, :index] before_action :authorize_update_snippet!, only: :edit - urgency :low, [:index] + urgency :low, [:index, :show] def index @snippet_counts = ::Snippets::CountService diff --git a/app/controllers/projects/web_ide_terminals_controller.rb b/app/controllers/projects/web_ide_terminals_controller.rb index 350b091edfa..cfccc949244 100644 --- a/app/controllers/projects/web_ide_terminals_controller.rb +++ b/app/controllers/projects/web_ide_terminals_controller.rb @@ -10,6 +10,8 @@ class Projects::WebIdeTerminalsController < Projects::ApplicationController feature_category :web_ide + urgency :low, [:check_config] + def check_config return respond_422 unless branch_sha |