summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/assets/javascripts/branches/components/delete_merged_branches.vue1
-rw-r--r--app/controllers/application_controller.rb15
-rw-r--r--app/controllers/omniauth_callbacks_controller.rb17
-rw-r--r--app/graphql/resolvers/concerns/time_frame_arguments.rb42
-rw-r--r--app/graphql/resolvers/milestones_resolver.rb2
-rw-r--r--app/models/users/banned_user.rb2
-rw-r--r--app/models/users/credit_card_validation.rb30
-rw-r--r--app/policies/identity_provider_policy.rb4
-rw-r--r--app/services/projects/create_service.rb3
-rw-r--r--app/views/groups/new.html.haml11
10 files changed, 38 insertions, 89 deletions
diff --git a/app/assets/javascripts/branches/components/delete_merged_branches.vue b/app/assets/javascripts/branches/components/delete_merged_branches.vue
index 73d7a59e67e..d9d8f1d742d 100644
--- a/app/assets/javascripts/branches/components/delete_merged_branches.vue
+++ b/app/assets/javascripts/branches/components/delete_merged_branches.vue
@@ -102,6 +102,7 @@ export default {
category="tertiary"
no-caret
placement="right"
+ data-qa-selector="delete_merged_branches_dropdown_button"
:items="dropdownItems"
/>
<gl-modal
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 0767fadbe71..9749af08dca 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -29,7 +29,6 @@ class ApplicationController < ActionController::Base
before_action :limit_session_time, if: -> { !current_user }
before_action :authenticate_user!, except: [:route_not_found]
before_action :enforce_terms!, if: :should_enforce_terms?
- before_action :validate_user_service_ticket!
before_action :check_password_expiration, if: :html_request?
before_action :ldap_security_check
before_action :default_headers
@@ -326,20 +325,6 @@ class ApplicationController < ActionController::Base
headers['Content-Disposition'] = "attachment; filename=\"#{csv_filename}\""
end
- def validate_user_service_ticket!
- return unless signed_in? && session[:service_tickets]
-
- valid = session[:service_tickets].all? do |provider, ticket|
- Gitlab::Auth::OAuth::Session.valid?(provider, ticket)
- end
-
- unless valid
- session[:service_tickets] = nil
- sign_out current_user
- redirect_to new_user_session_path
- end
- end
-
def check_password_expiration
return if session[:impersonator_id] || !current_user&.allow_password_authentication?
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index b9964e8ca01..a2e0670d7e1 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -10,7 +10,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
after_action :verify_known_sign_in
- protect_from_forgery except: [:cas3, :failure] + AuthHelper.saml_providers, with: :exception, prepend: true
+ protect_from_forgery except: [:failure] + AuthHelper.saml_providers, with: :exception, prepend: true
feature_category :system_access
@@ -57,15 +57,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_unverified_saml_initiation
end
- def cas3
- ticket = params['ticket']
- if ticket
- handle_service_ticket oauth['provider'], ticket
- end
-
- handle_omniauth
- end
-
def auth0
if oauth['uid'].blank?
fail_auth0_login
@@ -146,12 +137,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_to profile_account_path, notice: _('Authentication method updated')
end
- def handle_service_ticket(provider, ticket)
- Gitlab::Auth::OAuth::Session.create provider, ticket
- session[:service_tickets] ||= {}
- session[:service_tickets][provider] = ticket
- end
-
def build_auth_user(auth_user_class)
auth_user_class.new(oauth)
end
diff --git a/app/graphql/resolvers/concerns/time_frame_arguments.rb b/app/graphql/resolvers/concerns/time_frame_arguments.rb
index 87b7a96045c..c26898bb2f1 100644
--- a/app/graphql/resolvers/concerns/time_frame_arguments.rb
+++ b/app/graphql/resolvers/concerns/time_frame_arguments.rb
@@ -3,51 +3,15 @@
module TimeFrameArguments
extend ActiveSupport::Concern
- OVERLAPPING_TIMEFRAME_DESC = 'List items overlapping a time frame defined by startDate..endDate (if one date is provided, both must be present)'
-
included do
- argument :start_date, Types::TimeType,
- required: false,
- description: OVERLAPPING_TIMEFRAME_DESC,
- deprecated: { reason: 'Use timeframe.start', milestone: '13.5' }
-
- argument :end_date, Types::TimeType,
- required: false,
- description: OVERLAPPING_TIMEFRAME_DESC,
- deprecated: { reason: 'Use timeframe.end', milestone: '13.5' }
-
argument :timeframe, Types::TimeframeInputType,
required: false,
description: 'List items overlapping the given timeframe.'
end
- # TODO: remove when the start_date and end_date arguments are removed
- def validate_timeframe_params!(args)
- return unless %i[start_date end_date timeframe].any? { |k| args[k].present? }
-
- # the timeframe is passed in as a TimeframeInputType
- timeframe = args[:timeframe].to_h if args[:timeframe]
- return if timeframe && %i[start_date end_date].all? { |k| args[k].nil? }
-
- error_message =
- if timeframe.present?
- "startDate and endDate are deprecated in favor of timeframe. Please use only timeframe."
- elsif args[:start_date].nil? || args[:end_date].nil?
- "Both startDate and endDate must be present."
- elsif args[:start_date] > args[:end_date]
- "startDate is after endDate"
- end
-
- if error_message
- raise Gitlab::Graphql::Errors::ArgumentError, error_message
- end
- end
-
def transform_timeframe_parameters(args)
- if args[:timeframe]
- args[:timeframe].to_h.transform_keys { |k| :"#{k}_date" }
- else
- args.slice(:start_date, :end_date)
- end
+ return {} unless args[:timeframe]
+
+ args[:timeframe].to_h.transform_keys { |k| :"#{k}_date" }
end
end
diff --git a/app/graphql/resolvers/milestones_resolver.rb b/app/graphql/resolvers/milestones_resolver.rb
index 25ff783b408..563c6594665 100644
--- a/app/graphql/resolvers/milestones_resolver.rb
+++ b/app/graphql/resolvers/milestones_resolver.rb
@@ -40,8 +40,6 @@ module Resolvers
NON_STABLE_CURSOR_SORTS = %i[expired_last_due_date_asc expired_last_due_date_desc].freeze
def resolve_with_lookahead(**args)
- validate_timeframe_params!(args)
-
milestones = apply_lookahead(MilestonesFinder.new(milestones_finder_params(args)).execute)
if non_stable_cursor_sort?(args[:sort])
diff --git a/app/models/users/banned_user.rb b/app/models/users/banned_user.rb
index 466fc71f83a..8a62744c7d6 100644
--- a/app/models/users/banned_user.rb
+++ b/app/models/users/banned_user.rb
@@ -5,6 +5,8 @@ module Users
self.primary_key = :user_id
belongs_to :user
+ has_one :credit_card_validation, class_name: '::Users::CreditCardValidation', primary_key: 'user_id',
+ foreign_key: 'user_id', inverse_of: :banned_user
validates :user, presence: true
validates :user_id, uniqueness: { message: N_("banned user already exists") }
diff --git a/app/models/users/credit_card_validation.rb b/app/models/users/credit_card_validation.rb
index 272f31aa9ce..1b0fd8682db 100644
--- a/app/models/users/credit_card_validation.rb
+++ b/app/models/users/credit_card_validation.rb
@@ -7,6 +7,8 @@ module Users
self.table_name = 'user_credit_card_validations'
belongs_to :user
+ belongs_to :banned_user, class_name: '::Users::BannedUser', foreign_key: :user_id,
+ inverse_of: :credit_card_validation
validates :holder_name, length: { maximum: 50 }
validates :network, length: { maximum: 32 }
@@ -14,18 +16,32 @@ module Users
greater_than_or_equal_to: 0, less_than_or_equal_to: 9999
}
+ scope :by_banned_user, -> { joins(:banned_user) }
+ scope :similar_by_holder_name, ->(holder_name) do
+ if holder_name.present?
+ where('lower(holder_name) = lower(:value)', value: holder_name)
+ else
+ none
+ end
+ end
+ scope :similar_to, ->(credit_card_validation) do
+ where(
+ expiration_date: credit_card_validation.expiration_date,
+ last_digits: credit_card_validation.last_digits,
+ network: credit_card_validation.network
+ )
+ end
+
def similar_records
- self.class.where(
- expiration_date: expiration_date,
- last_digits: last_digits,
- network: network
- ).order(credit_card_validated_at: :desc).includes(:user)
+ self.class.similar_to(self).order(credit_card_validated_at: :desc).includes(:user)
end
def similar_holder_names_count
- return 0 unless holder_name
+ self.class.similar_by_holder_name(holder_name).count
+ end
- self.class.where('lower(holder_name) = lower(:value)', value: holder_name).count
+ def used_by_banned_user?
+ self.class.by_banned_user.similar_to(self).similar_by_holder_name(holder_name).exists?
end
end
end
diff --git a/app/policies/identity_provider_policy.rb b/app/policies/identity_provider_policy.rb
index c539fc64d3f..1e748c78555 100644
--- a/app/policies/identity_provider_policy.rb
+++ b/app/policies/identity_provider_policy.rb
@@ -1,8 +1,8 @@
# frozen_string_literal: true
class IdentityProviderPolicy < BasePolicy
- desc "Provider is SAML or CAS3"
- condition(:protected_provider, scope: :subject, score: 0) { %w(saml cas3).include?(@subject.to_s) }
+ desc "Provider is SAML"
+ condition(:protected_provider, scope: :subject, score: 0) { @subject.to_s == 'saml' }
rule { anonymous }.prevent_all
diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index ac19f21ffc7..8ad2b0ac761 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -294,6 +294,9 @@ module Projects
return if INTERNAL_IMPORT_SOURCES.include?(import_type)
+ # Skip validation when creating project from a built in template
+ return if @params[:import_export_upload].present? && import_type == 'gitlab_project'
+
unless ::Gitlab::CurrentSettings.import_sources&.include?(import_type)
raise ImportSourceDisabledError, "#{import_type} import source is disabled"
end
diff --git a/app/views/groups/new.html.haml b/app/views/groups/new.html.haml
index 1d306d4d3b8..88cb8d989fa 100644
--- a/app/views/groups/new.html.haml
+++ b/app/views/groups/new.html.haml
@@ -16,11 +16,6 @@
= render 'new_group_fields', f: f, group_name_id: 'create-group-name'
#import-group-pane.tab-pane
- - if import_sources_enabled?
- = render 'import_group_from_another_instance_panel'
- .gl-mt-7.gl-border-b-solid.gl-border-gray-100.gl-border-1
- = render 'import_group_from_file_panel'
- - else
- .nothing-here-block
- %h4= s_('GroupsNew|No import options available')
- %p= s_('GroupsNew|Contact an administrator to enable options for importing your group.')
+ = render 'import_group_from_another_instance_panel'
+ .gl-mt-7.gl-border-b-solid.gl-border-gray-100.gl-border-1
+ = render 'import_group_from_file_panel'
View Lorry Controller Status