24 files changed, 81 insertions, 81 deletions

diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb
index 409cb5b924f..9fcf04efa38 100644
--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -121,7 +121,7 @@ module API
       end
 
       def oauth2_bearer_token_error_handler
-        Proc.new do |e|
+        proc do |e|
           response =
             case e
             when MissingTokenError
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index b888ede6fe8..8a54f7f3f05 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -47,6 +47,7 @@ module API
       params do
         requires :key, type: String, desc: 'The new deploy key'
         requires :title, type: String, desc: 'The name of the deploy key'
+        optional :can_push, type: Boolean, desc: "Can deploy key push to the project's repository"
       end
       post ":id/deploy_keys" do
         params[:key].strip!
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 5954aea8041..00d44821e3f 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -204,7 +204,7 @@ module API
       expose :id, :name, :type, :path
 
       expose :mode do |obj, options|
-        filemode = obj.mode.to_s(8)
+        filemode = obj.mode
         filemode = "0" + filemode if filemode.length < 6
         filemode
       end
@@ -581,6 +581,7 @@ module API
       expose :plantuml_enabled
       expose :plantuml_url
       expose :terminal_max_session_time
+      expose :polling_interval_multiplier
     end
 
     class Release < Grape::Entity
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 8f3799417e3..605769eddde 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -142,7 +142,7 @@ module API
       end
       get ":id/projects" do
         group = find_group!(params[:id])
-        projects = GroupProjectsFinder.new(group).execute(current_user)
+        projects = GroupProjectsFinder.new(group: group, current_user: current_user).execute
         projects = filter_projects(projects)
         entity = params[:simple] ? Entities::BasicProjectDetails : Entities::Project
         present paginate(projects), with: entity, current_user: current_user
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index bd22b82476b..61527c1e20b 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -90,6 +90,11 @@ module API
       MergeRequestsFinder.new(current_user, project_id: user_project.id).find_by!(iid: iid)
     end
 
+    def find_project_snippet(id)
+      finder_params = { filter: :by_project, project: user_project }
+      SnippetsFinder.new.execute(current_user, finder_params).find(id)
+    end
+
     def find_merge_request_with_access(iid, access_level = :read_merge_request)
       merge_request = user_project.merge_requests.find_by!(iid: iid)
       authorize! access_level, merge_request
diff --git a/lib/api/helpers/runner.rb b/lib/api/helpers/runner.rb
index 74848a6e144..1369b021ea4 100644
--- a/lib/api/helpers/runner.rb
+++ b/lib/api/helpers/runner.rb
@@ -50,10 +50,14 @@ module API
         forbidden!('Job has been erased!') if job.erased?
       end
 
-      def authenticate_job!(job)
+      def authenticate_job!
+        job = Ci::Build.find_by_id(params[:id])
+
         validate_job!(job) do
           forbidden! unless job_token_valid?(job)
         end
+
+        job
       end
 
       def job_token_valid?(job)
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index 7eed93aba00..56c597dffcb 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -138,8 +138,11 @@ module API
 
         return unless Gitlab::GitalyClient.enabled?
 
+        relative_path = Gitlab::RepoPath.strip_storage_path(params[:repo_path])
+        project = Project.find_by_full_path(relative_path.sub(/\.(git|wiki)\z/, ''))
+
         begin
-          Gitlab::GitalyClient::Notifications.new.post_receive(params[:repo_path])
+          Gitlab::GitalyClient::Notifications.new(project.repository_storage, relative_path).post_receive
         rescue GRPC::Unavailable => e
           render_api_error(e, 500)
         end
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index fd2674910d2..09053e615cb 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -26,6 +26,7 @@ module API
                         desc: 'Return issues sorted in `asc` or `desc` order.'
         optional :milestone, type: String, desc: 'Return issues for a specific milestone'
         optional :iids, type: Array[Integer], desc: 'The IID array of issues'
+        optional :search, type: String, desc: 'Search issues for text present in the title or description'
         use :pagination
       end
 
@@ -63,14 +64,14 @@ module API
         success Entities::IssueBasic
       end
       params do
-        optional :state, type: String, values: %w[opened closed all], default: 'opened',
+        optional :state, type: String, values: %w[opened closed all], default: 'all',
                          desc: 'Return opened, closed, or all issues'
         use :issues_params
       end
       get ":id/issues" do
         group = find_group!(params[:id])
 
-        issues = find_issues(group_id: group.id, state: params[:state] || 'opened')
+        issues = find_issues(group_id: group.id)
 
         present paginate(issues), with: Entities::IssueBasic, current_user: current_user
       end
diff --git a/lib/api/jobs.rb b/lib/api/jobs.rb
index ffab0aafe59..288b03d940c 100644
--- a/lib/api/jobs.rb
+++ b/lib/api/jobs.rb
@@ -118,7 +118,7 @@ module API
         content_type 'text/plain'
         env['api.format'] = :binary
 
-        trace = build.trace
+        trace = build.trace.raw
         body trace
       end
 
diff --git a/lib/api/labels.rb b/lib/api/labels.rb
index d9a3cb7bb6b..20b25529d0c 100644
--- a/lib/api/labels.rb
+++ b/lib/api/labels.rb
@@ -23,7 +23,7 @@ module API
       end
       params do
         requires :name, type: String, desc: 'The name of the label to be created'
-        requires :color, type: String, desc: "The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB)"
+        requires :color, type: String, desc: "The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the allowed CSS color names"
         optional :description, type: String, desc: 'The description of label to be created'
         optional :priority, type: Integer, desc: 'The priority of the label', allow_blank: true
       end
@@ -34,7 +34,7 @@ module API
         conflict!('Label already exists') if label
 
         priority = params.delete(:priority)
-        label = user_project.labels.create(declared_params(include_missing: false))
+        label = ::Labels::CreateService.new(declared_params(include_missing: false)).execute(project: user_project)
 
         if label.valid?
           label.prioritize!(user_project, priority) if priority
@@ -65,7 +65,7 @@ module API
       params do
         requires :name,  type: String, desc: 'The name of the label to be updated'
         optional :new_name, type: String, desc: 'The new name of the label'
-        optional :color, type: String, desc: "The new color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB)"
+        optional :color, type: String, desc: "The new color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the allowed CSS color names"
         optional :description, type: String, desc: 'The new description of label'
         optional :priority, type: Integer, desc: 'The priority of the label', allow_blank: true
         at_least_one_of :new_name, :color, :description, :priority
@@ -82,7 +82,8 @@ module API
         # Rename new name to the actual label attribute name
         label_params[:name] = label_params.delete(:new_name) if label_params.key?(:new_name)
 
-        render_validation_error!(label) unless label.update(label_params)
+        label = ::Labels::UpdateService.new(label_params).execute(label)
+        render_validation_error!(label) unless label.valid?
 
         if update_priority
           if priority.nil?
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 5cc807d5bff..c8033664133 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -226,41 +226,6 @@ module API
           .cancel(merge_request)
       end
 
-      desc 'Get the comments of a merge request' do
-        success Entities::MRNote
-      end
-      params do
-        use :pagination
-      end
-      get ':id/merge_requests/:merge_request_iid/comments' do
-        merge_request = find_merge_request_with_access(params[:merge_request_iid])
-        present paginate(merge_request.notes.fresh), with: Entities::MRNote
-      end
-
-      desc 'Post a comment to a merge request' do
-        success Entities::MRNote
-      end
-      params do
-        requires :note, type: String, desc: 'The text of the comment'
-      end
-      post ':id/merge_requests/:merge_request_iid/comments' do
-        merge_request = find_merge_request_with_access(params[:merge_request_iid], :create_note)
-
-        opts = {
-          note: params[:note],
-          noteable_type: 'MergeRequest',
-          noteable_id: merge_request.id
-        }
-
-        note = ::Notes::CreateService.new(user_project, current_user, opts).execute
-
-        if note.save
-          present note, with: Entities::MRNote
-        else
-          render_api_error!("Failed to save note #{note.errors.messages}", 400)
-        end
-      end
-
       desc 'List issues that will be closed on merge' do
         success Entities::MRNote
       end
diff --git a/lib/api/milestones.rb b/lib/api/milestones.rb
index e7ab82f08db..a3ea619a2fb 100644
--- a/lib/api/milestones.rb
+++ b/lib/api/milestones.rb
@@ -139,7 +139,7 @@ module API
 
         finder_params = {
           project_id: user_project.id,
-          milestone_id: milestone.id,
+          milestone_title: milestone.title,
           sort: 'position_asc'
         }
 
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index 29ceffdbd2d..de39e579ac3 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -21,7 +21,7 @@ module API
           use :pagination
         end
         get ":id/#{noteables_str}/:noteable_id/notes" do
-          noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
+          noteable = find_project_noteable(noteables_str, params[:noteable_id])
 
           if can?(current_user, noteable_read_ability_name(noteable), noteable)
             # We exclude notes that are cross-references and that cannot be viewed
@@ -49,7 +49,7 @@ module API
           requires :noteable_id, type: Integer, desc: 'The ID of the noteable'
         end
         get ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
-          noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
+          noteable = find_project_noteable(noteables_str, params[:noteable_id])
           note = noteable.notes.find(params[:note_id])
           can_read_note = can?(current_user, noteable_read_ability_name(noteable), noteable) && !note.cross_reference_not_visible_for?(current_user)
 
@@ -69,14 +69,14 @@ module API
           optional :created_at, type: String, desc: 'The creation date of the note'
         end
         post ":id/#{noteables_str}/:noteable_id/notes" do
+          noteable = find_project_noteable(noteables_str, params[:noteable_id])
+
           opts = {
             note: params[:body],
             noteable_type: noteables_str.classify,
-            noteable_id: params[:noteable_id]
+            noteable_id: noteable.id
           }
 
-          noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
-
           if can?(current_user, noteable_read_ability_name(noteable), noteable)
             if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user)
               opts[:created_at] = params[:created_at]
@@ -137,6 +137,10 @@ module API
     end
 
     helpers do
+      def find_project_noteable(noteables_str, noteable_id)
+        public_send("find_project_#{noteables_str.singularize}", noteable_id)
+      end
+
       def noteable_read_ability_name(noteable)
         "read_#{noteable.class.to_s.underscore}".to_sym
       end
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 0fbe1669d45..766fbea53e6 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -84,7 +84,7 @@ module API
       end
       get do
         entity = current_user ? Entities::ProjectWithAccess : Entities::BasicProjectDetails
-        present_projects ProjectsFinder.new.execute(current_user), with: entity, statistics: params[:statistics]
+        present_projects ProjectsFinder.new(current_user: current_user).execute, with: entity, statistics: params[:statistics]
       end
 
       desc 'Create new project' do
diff --git a/lib/api/runner.rb b/lib/api/runner.rb
index 4c9db2c8716..6fbb02cb3aa 100644
--- a/lib/api/runner.rb
+++ b/lib/api/runner.rb
@@ -113,10 +113,9 @@ module API
         optional :state, type: String, desc: %q(Job's status: success, failed)
       end
       put '/:id' do
-        job = Ci::Build.find_by_id(params[:id])
-        authenticate_job!(job)
+        job = authenticate_job!
 
-        job.update_attributes(trace: params[:trace]) if params[:trace]
+        job.trace.set(params[:trace]) if params[:trace]
 
         Gitlab::Metrics.add_event(:update_build,
                                   project: job.project.path_with_namespace)
@@ -140,23 +139,20 @@ module API
         optional :token, type: String, desc: %q(Job's authentication token)
       end
       patch '/:id/trace' do
-        job = Ci::Build.find_by_id(params[:id])
-        authenticate_job!(job)
+        job = authenticate_job!
 
         error!('400 Missing header Content-Range', 400) unless request.headers.has_key?('Content-Range')
         content_range = request.headers['Content-Range']
         content_range = content_range.split('-')
 
-        current_length = job.trace_length
-        unless current_length == content_range[0].to_i
-          return error!('416 Range Not Satisfiable', 416, { 'Range' => "0-#{current_length}" })
+        stream_size = job.trace.append(request.body.read, content_range[0].to_i)
+        if stream_size < 0
+          return error!('416 Range Not Satisfiable', 416, { 'Range' => "0-#{-stream_size}" })
         end
 
-        job.append_trace(request.body.read, content_range[0].to_i)
-
         status 202
         header 'Job-Status', job.status
-        header 'Range', "0-#{job.trace_length}"
+        header 'Range', "0-#{stream_size}"
       end
 
       desc 'Authorize artifacts uploading for job' do
@@ -175,8 +171,7 @@ module API
         require_gitlab_workhorse!
         Gitlab::Workhorse.verify_api_request!(headers)
 
-        job = Ci::Build.find_by_id(params[:id])
-        authenticate_job!(job)
+        job = authenticate_job!
         forbidden!('Job is not running') unless job.running?
 
         if params[:filesize]
@@ -212,8 +207,7 @@ module API
         not_allowed! unless Gitlab.config.artifacts.enabled
         require_gitlab_workhorse!
 
-        job = Ci::Build.find_by_id(params[:id])
-        authenticate_job!(job)
+        job = authenticate_job!
         forbidden!('Job is not running!') unless job.running?
 
         artifacts_upload_path = ArtifactUploader.artifacts_upload_path
@@ -245,8 +239,7 @@ module API
         optional :token, type: String, desc: %q(Job's authentication token)
       end
       get '/:id/artifacts' do
-        job = Ci::Build.find_by_id(params[:id])
-        authenticate_job!(job)
+        job = authenticate_job!
 
         artifacts_file = job.artifacts_file
         unless artifacts_file.file_storage?
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 4e0c9cb1f63..65f86caaa51 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -488,6 +488,14 @@ module API
           desc: 'The channel name'
         }
       ],
+      'microsoft-teams' => [
+        {
+          required: true,
+          name: :webhook,
+          type: String,
+          desc: 'The Microsoft Teams webhook. e.g. https://outlook.office.com/webhook/…'
+        }
+      ],
       'mattermost' => [
         {
           required: true,
@@ -550,6 +558,7 @@ module API
       RedmineService,
       SlackService,
       MattermostService,
+      MicrosoftTeamsService,
       TeamcityService,
     ]
 
@@ -562,8 +571,14 @@ module API
           desc: 'URL to the mock service'
         }
       ]
+      services['mock-deployment'] = []
+      services['mock-monitoring'] = []
 
-      service_classes << MockCiService
+      service_classes += [
+        MockCiService,
+        MockDeploymentService,
+        MockMonitoringService,
+      ]
     end
 
     trigger_services = {
diff --git a/lib/api/settings.rb b/lib/api/settings.rb
index d4d3229f0d1..c7f97ad2aab 100644
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -110,6 +110,7 @@ module API
         requires :housekeeping_gc_period, type: Integer, desc: "Number of Git pushes after which 'git gc' is run."
       end
       optional :terminal_max_session_time, type: Integer, desc: 'Maximum time for web terminal websocket connection (in seconds). Set to 0 for unlimited time.'
+      optional :polling_interval_multiplier, type: BigDecimal, desc: 'Interval multiplier used by endpoints that perform polling. Set to 0 to disable polling.'
       at_least_one_of :default_branch_protection, :default_project_visibility, :default_snippet_visibility,
                       :default_group_visibility, :restricted_visibility_levels, :import_sources,
                       :enabled_git_access_protocol, :gravatar_enabled, :default_projects_limit,
@@ -125,7 +126,7 @@ module API
                       :akismet_enabled, :admin_notification_email, :sentry_enabled,
                       :repository_storage, :repository_checks_enabled, :koding_enabled, :plantuml_enabled,
                       :version_check_enabled, :email_author_in_body, :html_emails_enabled,
-                      :housekeeping_enabled, :terminal_max_session_time
+                      :housekeeping_enabled, :terminal_max_session_time, :polling_interval_multiplier
     end
     put "application/settings" do
       attrs = declared_params(include_missing: false)
diff --git a/lib/api/users.rb b/lib/api/users.rb
index a4201fe6fed..992a751b37d 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -293,7 +293,7 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        ::Users::DestroyService.new(current_user).execute(user)
+        DeleteUserWorker.perform_async(current_user.id, user.id)
       end
 
       desc 'Block a user. Available only for admins.'
@@ -341,7 +341,7 @@ module API
         not_found!('User') unless user
 
         events = user.events.
-          merge(ProjectsFinder.new.execute(current_user)).
+          merge(ProjectsFinder.new(current_user: current_user).execute).
           references(:project).
           with_associations.
           recent
diff --git a/lib/api/v3/builds.rb b/lib/api/v3/builds.rb
index 6f97102c6ef..4dd03cdf24b 100644
--- a/lib/api/v3/builds.rb
+++ b/lib/api/v3/builds.rb
@@ -120,7 +120,7 @@ module API
           content_type 'text/plain'
           env['api.format'] = :binary
 
-          trace = build.trace
+          trace = build.trace.raw
           body trace
         end
 
diff --git a/lib/api/v3/groups.rb b/lib/api/v3/groups.rb
index c5b37622d79..9b27411ae21 100644
--- a/lib/api/v3/groups.rb
+++ b/lib/api/v3/groups.rb
@@ -151,7 +151,7 @@ module API
         end
         get ":id/projects" do
           group = find_group!(params[:id])
-          projects = GroupProjectsFinder.new(group).execute(current_user)
+          projects = GroupProjectsFinder.new(group: group, current_user: current_user).execute
           projects = filter_projects(projects)
           entity = params[:simple] ? ::API::Entities::BasicProjectDetails : Entities::Project
           present paginate(projects), with: entity, current_user: current_user
diff --git a/lib/api/v3/issues.rb b/lib/api/v3/issues.rb
index 54c6a8060b8..715083fc4f8 100644
--- a/lib/api/v3/issues.rb
+++ b/lib/api/v3/issues.rb
@@ -73,14 +73,14 @@ module API
           success ::API::Entities::Issue
         end
         params do
-          optional :state, type: String, values: %w[opened closed all], default: 'opened',
+          optional :state, type: String, values: %w[opened closed all], default: 'all',
                            desc: 'Return opened, closed, or all issues'
           use :issues_params
         end
         get ":id/issues" do
           group = find_group!(params[:id])
 
-          issues = find_issues(group_id: group.id, state: params[:state] || 'opened', match_all_labels: true)
+          issues = find_issues(group_id: group.id, match_all_labels: true)
 
           present paginate(issues), with: ::API::Entities::Issue, current_user: current_user
         end
diff --git a/lib/api/v3/projects.rb b/lib/api/v3/projects.rb
index b753dbab381..ba9748ada59 100644
--- a/lib/api/v3/projects.rb
+++ b/lib/api/v3/projects.rb
@@ -107,7 +107,7 @@ module API
         end
         get '/visible' do
           entity = current_user ? ::API::V3::Entities::ProjectWithAccess : ::API::Entities::BasicProjectDetails
-          present_projects ProjectsFinder.new.execute(current_user), with: entity
+          present_projects ProjectsFinder.new(current_user: current_user).execute, with: entity
         end
 
         desc 'Get a projects list for authenticated user' do
diff --git a/lib/api/v3/services.rb b/lib/api/v3/services.rb
index 3bacaeee032..bbe07ed4212 100644
--- a/lib/api/v3/services.rb
+++ b/lib/api/v3/services.rb
@@ -501,6 +501,12 @@ module API
             desc: 'The channel name'
           }
         ],
+        'microsoft-teams' => [
+          required: true,
+          name: :webhook,
+          type: String,
+          desc: 'The Microsoft Teams webhook. e.g. https://outlook.office.com/webhook/…'
+        ],
         'mattermost' => [
           {
             required: true,
diff --git a/lib/api/v3/users.rb b/lib/api/v3/users.rb
index 5e18cecc431..f4cda3b2eba 100644
--- a/lib/api/v3/users.rb
+++ b/lib/api/v3/users.rb
@@ -138,7 +138,7 @@ module API
           not_found!('User') unless user
 
           events = user.events.
-            merge(ProjectsFinder.new.execute(current_user)).
+            merge(ProjectsFinder.new(current_user: current_user).execute).
             references(:project).
             with_associations.
             recent