diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/boards/issues_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/concerns/authenticates_with_two_factor.rb | 2 | ||||
-rw-r--r-- | app/controllers/dashboard_controller.rb | 19 | ||||
-rw-r--r-- | app/controllers/groups/milestones_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/groups/settings/badges_controller.rb | 13 | ||||
-rw-r--r-- | app/controllers/jwt_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/profiles_controller.rb | 18 | ||||
-rw-r--r-- | app/controllers/projects/deploy_tokens_controller.rb | 10 | ||||
-rw-r--r-- | app/controllers/projects/repositories_controller.rb | 17 | ||||
-rw-r--r-- | app/controllers/projects/settings/badges_controller.rb | 13 | ||||
-rw-r--r-- | app/controllers/projects/settings/repository_controller.rb | 30 |
11 files changed, 116 insertions, 14 deletions
diff --git a/app/controllers/boards/issues_controller.rb b/app/controllers/boards/issues_controller.rb index 19dbee84c11..7d7ff217e5d 100644 --- a/app/controllers/boards/issues_controller.rb +++ b/app/controllers/boards/issues_controller.rb @@ -96,7 +96,8 @@ module Boards resource.as_json( only: [:id, :iid, :project_id, :title, :confidential, :due_date, :relative_position], labels: true, - sidebar_endpoints: true, + issue_endpoints: true, + include_full_project_path: board.group_board?, include: { project: { only: [:id, :path] }, assignees: { only: [:id, :name, :username], methods: [:avatar_url] }, diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index 2753f83c3cf..2fdf346ef44 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -10,7 +10,7 @@ module AuthenticatesWithTwoFactor # This action comes from DeviseController, but because we call `sign_in` # manually, not skipping this action would cause a "You are already signed # in." error message to be shown upon successful login. - skip_before_action :require_no_authentication, only: [:create] + skip_before_action :require_no_authentication, only: [:create], raise: false end # Store the user's ID in the session for later retrieval and render the diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb index 280ed93faf8..68d328fa797 100644 --- a/app/controllers/dashboard_controller.rb +++ b/app/controllers/dashboard_controller.rb @@ -2,9 +2,17 @@ class DashboardController < Dashboard::ApplicationController include IssuesAction include MergeRequestsAction + FILTER_PARAMS = [ + :author_id, + :assignee_id, + :milestone_title, + :label_name + ].freeze + before_action :event_filter, only: :activity before_action :projects, only: [:issues, :merge_requests] before_action :set_show_full_reference, only: [:issues, :merge_requests] + before_action :check_filters_presence!, only: [:issues, :merge_requests] respond_to :html @@ -39,4 +47,15 @@ class DashboardController < Dashboard::ApplicationController def set_show_full_reference @show_full_reference = true end + + def check_filters_presence! + @no_filters_set = FILTER_PARAMS.none? { |k| params.key?(k) } + + return unless @no_filters_set + + respond_to do |format| + format.html + format.atom { head :bad_request } + end + end end diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index acf6aaf57f4..5903689dc62 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -12,7 +12,7 @@ class Groups::MilestonesController < Groups::ApplicationController @milestones = Kaminari.paginate_array(milestones).page(params[:page]) end format.json do - render json: milestones.map { |m| m.for_display.slice(:title, :name) } + render json: milestones.map { |m| m.for_display.slice(:id, :title, :name) } end end end diff --git a/app/controllers/groups/settings/badges_controller.rb b/app/controllers/groups/settings/badges_controller.rb new file mode 100644 index 00000000000..edb334a3d88 --- /dev/null +++ b/app/controllers/groups/settings/badges_controller.rb @@ -0,0 +1,13 @@ +module Groups + module Settings + class BadgesController < Groups::ApplicationController + include GrapeRouteHelpers::NamedRouteMatcher + + before_action :authorize_admin_group! + + def index + @badge_api_endpoint = api_v4_groups_badges_path(id: @group.id) + end + end + end +end diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb index 7d6fe6a0232..67057b5b126 100644 --- a/app/controllers/jwt_controller.rb +++ b/app/controllers/jwt_controller.rb @@ -25,8 +25,7 @@ class JwtController < ApplicationController authenticate_with_http_basic do |login, password| @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip) - if @authentication_result.failed? || - (@authentication_result.actor.present? && !@authentication_result.actor.is_a?(User)) + if @authentication_result.failed? render_unauthorized end end diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index 3d27ae18b17..ac71f72e624 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -53,13 +53,19 @@ class ProfilesController < Profiles::ApplicationController def update_username result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute - options = if result[:status] == :success - { notice: "Username successfully changed" } - else - { alert: "Username change failed - #{result[:message]}" } - end + respond_to do |format| + if result[:status] == :success + message = s_("Profiles|Username successfully changed") - redirect_back_or_default(default: { action: 'show' }, options: options) + format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) } + format.json { render json: { message: message }, status: :ok } + else + message = s_("Profiles|Username change failed - %{message}") % { message: result[:message] } + + format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: message }) } + format.json { render json: { message: message }, status: :unprocessable_entity } + end + end end private diff --git a/app/controllers/projects/deploy_tokens_controller.rb b/app/controllers/projects/deploy_tokens_controller.rb new file mode 100644 index 00000000000..2f91b8f36de --- /dev/null +++ b/app/controllers/projects/deploy_tokens_controller.rb @@ -0,0 +1,10 @@ +class Projects::DeployTokensController < Projects::ApplicationController + before_action :authorize_admin_project! + + def revoke + @token = @project.deploy_tokens.find(params[:id]) + @token.revoke! + + redirect_to project_settings_repository_path(project) + end +end diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb index d5af0341d18..a6167e9dc6c 100644 --- a/app/controllers/projects/repositories_controller.rb +++ b/app/controllers/projects/repositories_controller.rb @@ -1,6 +1,9 @@ class Projects::RepositoriesController < Projects::ApplicationController + include ExtractsPath + # Authorize before_action :require_non_empty_project, except: :create + before_action :assign_archive_vars, only: :archive before_action :authorize_download_code! before_action :authorize_admin_project!, only: :create @@ -11,9 +14,21 @@ class Projects::RepositoriesController < Projects::ApplicationController end def archive - send_git_archive @repository, ref: params[:ref], format: params[:format] + append_sha = params[:append_sha] + + shortname = "#{@project.path}-#{@ref.tr('/', '-')}" + append_sha = false if @filename == shortname + + send_git_archive @repository, ref: @ref, format: params[:format], append_sha: append_sha rescue => ex logger.error("#{self.class.name}: #{ex}") return git_not_found! end + + def assign_archive_vars + @id = params[:id] + @ref, @filename = extract_ref(@id) + rescue InvalidPathError + render_404 + end end diff --git a/app/controllers/projects/settings/badges_controller.rb b/app/controllers/projects/settings/badges_controller.rb new file mode 100644 index 00000000000..f7b70dd4b7b --- /dev/null +++ b/app/controllers/projects/settings/badges_controller.rb @@ -0,0 +1,13 @@ +module Projects + module Settings + class BadgesController < Projects::ApplicationController + include GrapeRouteHelpers::NamedRouteMatcher + + before_action :authorize_admin_project! + + def index + @badge_api_endpoint = api_v4_projects_badges_path(id: @project.id) + end + end + end +end diff --git a/app/controllers/projects/settings/repository_controller.rb b/app/controllers/projects/settings/repository_controller.rb index dd9e4a2af3e..f17056f13e0 100644 --- a/app/controllers/projects/settings/repository_controller.rb +++ b/app/controllers/projects/settings/repository_controller.rb @@ -4,13 +4,31 @@ module Projects before_action :authorize_admin_project! def show - @deploy_keys = DeployKeysPresenter.new(@project, current_user: current_user) + render_show + end - define_protected_refs + def create_deploy_token + @new_deploy_token = DeployTokens::CreateService.new(@project, current_user, deploy_token_params).execute + + if @new_deploy_token.persisted? + flash.now[:notice] = s_('DeployTokens|Your new project deploy token has been created.') + end + + render_show end private + def render_show + @deploy_keys = DeployKeysPresenter.new(@project, current_user: current_user) + @deploy_tokens = @project.deploy_tokens.active + + define_deploy_token + define_protected_refs + + render 'show' + end + def define_protected_refs @protected_branches = @project.protected_branches.order(:name).page(params[:page]) @protected_tags = @project.protected_tags.order(:name).page(params[:page]) @@ -51,6 +69,14 @@ module Projects gon.push(protectable_branches_for_dropdown) gon.push(access_levels_options) end + + def define_deploy_token + @new_deploy_token ||= DeployToken.new + end + + def deploy_token_params + params.require(:deploy_token).permit(:name, :expires_at, :read_repository, :read_registry) + end end end end |