| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
| |
[ci skip]
|
|
|
|
|
|
|
|
|
|
|
| |
Allow commit note to be visible if repo is visible
## What does this MR do?
It enforces the `:download_code` permission in `Event#visible_to_user?` for commit notes.
Closes #23824
See merge request !7504
|
|
|
|
|
|
|
| |
Limit labels returned for a specific project as an administrator
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24527
See merge request !7496
|
|
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the `objects` method to `LfsHelper` so that it is also available to `LfsStorageController`
## What does this MR do?
Move the `objects` method to `LfsHelper` so that it is also available to `LfsStorageController`
It is needed for the `lfs_check_access!` callback when the repository size limit is enabled (EE only).
cc @stanhu @ahanselka
## Why was this MR needed?
Errors shown here: gitlab-org/gitlab-ce#24392
Discovered thanks to gitlab-com/infrastructure#302
## What are the relevant issue numbers?
Fixes #24392
Fixes gitlab-com/support-forum#1280
See merge request !7417
|
|
|
|
|
|
|
| |
Ensure labels are loaded for all "show" methods of MR Controller
Closes #24397
See merge request !7416
|
|
|
|
|
|
|
|
|
| |
Fix cache for commit status in commits list to respect branches
Fix cache for commit status in commits list to respect branches
Closes #24324
See merge request !7372
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'master'
Clicking "force remove source branch" label now toggles the checkbox again
We remove the ID from the hidden tag for `merge_request[force_remove_source_branch]`
in order to fix the checkbox toggling when the associated label is clicked.
The issue was introduced by !7267 and discovered in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7267#note_18028311.
See merge request !7356
|
|
|
|
|
| |
Split out markdown cache storage into a separate method
See merge request !7277
|
|
|
|
|
|
|
| |
Fix no "Register" tab if ldap auth is enabled (#24038)
Closes #24038
See merge request !7274
|
|
|
|
|
|
|
| |
Fix project Visibility level selector not using default values
closes #20245
See merge request !7264
|
|
|
|
|
|
|
| |
Fix relative links in Markdown wiki when displayed in "Project" tab
Refers to #23806
See merge request !7218
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add test for refs dropdown selection with special chars
## What does this MR do?
## Are there points in the code the reviewer needs to double check?
## Why was this MR needed?
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
- [ ] Added for this feature/bug
- [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
See merge request !7175
|
|
|
|
|
|
|
|
|
|
| |
Milestone dropdown does not stay selected
Closes #23713
See merge request !7117
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Account for fixed position MR when scrolling to elements
This MR accounts for the new merge request fixed affix bar when scrolling to an element on the MR page.
The fixed MR tabs bar was not being taken into account when shifting permalink scroll targets so that they are unobscured by navigation elements.
Closes #23520
See merge request !7051
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
| |
Omniauth auto link LDAP user falls back to find by DN when user cannot be found by uid
Unfortunately, SAML IDs can be an LDAP UID, DN, or something else entirely. UID and DN are most common, though. This adds a fallback scenario so we first try to find a matching LDAP user by UID, then by DN. This will fix a problem for the customer in https://gitlab.zendesk.com/agent/tickets/43298
See merge request !7002
|
|
|
|
|
|
| |
[ci skip]
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
Restore unauthenticated access to public container registries
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24284
/cc @stanhu @kamil @pablo
See merge request !2025
|
|
|
|
|
|
| |
[ci skip]
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
|
| |
[ci skip]
|
|
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix for HackerOne XSS vulnerability in markdown
This is an updated blacklist patch to fix https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2007. No text is removed. Dangerous schemes/protocols and invalid URIs are left intact but not linked.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23153
See merge request !2015
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixups to "Round-robin repository storage"
## What does this MR do?
* Simplifies a method in application_settings.rb
* Correctly marks a migration as needing downtime
* Documents the requirement for renamed columns to be
## Are there points in the code the reviewer needs to double check?
Should any of these changes be split out? Ideally we'd get this into the same point release as !7273
## Why was this MR needed?
Post-facto review of !7273
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added
- [X] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [X] API support added
- Tests
- [X] Added for this feature/bug
- [x] All builds are passing
- [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [X] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
Related to #24059
/cc @yorickpeterse @rspeicher
See merge request !7287
|
|
|
|
|
|
|
|
|
|
| |
Show pipeline status from branch and commit than only commit
Closes #23615
See merge request !7034
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resolve "Introduce round-robin project creation to spread load over multiple shards"
Allow multiple shards to be enabled in the admin settings page, balancing project creation across all enabled shards.
* `f.select ..., multiple: true` isn't the most beautiful UI in the world, but switching to `collection_check_boxes` (or a facsimile thereof) isn't trivial
* Should `pick_repository_storage` be a method of `ApplicationSetting`, or `Project`? It's going to accrete logic over time so perhaps it should be its own class already?
* This is written to avoid the need for a database migration, so it is`serialize :repository_storage` without `, Array`. This is tested, but alternatives include:
* Add a database migration
* Write a custom Coder that will accept a String or Array in `load` and always `dump an Array.
Closes #24059
See merge request !7273
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
| |
See merge request !7014
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
| |
Fix lightweight tags not processed correctly by GitTagPushService
Closes #22271
See merge request !6532
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
| |
'24102-cannot-unselect-remove-source-branch-when-editing-merge-request' into 'master'
Fixes #24102
See merge request !7267
|
|
|
|
|
|
|
| |
Only skip group when it's actually a group in the "Share with group" select
Fixes #23961
See merge request !7262
|
|
|
|
|
|
|
|
|
|
| |
Fix project features default values
closes #23242
See merge request !7181
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
| |
Fix builds tab visibility
closes #23951
See merge request !7178
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Optimize group labels page
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23684
Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/1148
See merge request !7123
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow owners to fetch source code in CI builds
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
This adds a separate code path for handling owners, that are not admins.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23437
See merge request !6943
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
| |
Respect project visibility settings in the contributions calendar
This MR fixes a number of bugs relating to access controls and date selection of events for the contributions calendar
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23403
See merge request !2019
|
|
|
|
|
|
|
| |
Ensure external users are not able to clone disabled repositories.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788
See merge request !2017
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
disable markdown in comments when referencing disabled features
fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548
This MR prevents the following references when tool is disabled:
- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones
This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.
See merge request !2011
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Honour issue and merge request visibility in their respective finders
This MR fixes a security issue with the IssuesFinder and MergeRequestFinder where they would return items the user did not have permission to see. This was most visible on the issue and merge requests page for a group containing projects that had set their issues or merge requests to "private".
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22481
See merge request !2000
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
| |
|
|
|
|
| |
relevant spec.
|
| |
|
|
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
'23872-members-of-group-that-has-project-access-getting-404-on-accessing-a-project-issue' into 'master'
Fix project member access for group links
Closes #23872.
See merge request !7144
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Increase z index on fixed mr tabs
Before:
<img src="/uploads/e890a4f185af87b66251d744fbe840d5/Screen_Shot_2016-10-26_at_11.58.45_AM.png" width="400px">
After:
<img src="/uploads/0bbf72888f6a47bd3027ee7dfff542da/Screen_Shot_2016-10-26_at_11.58.28_AM.png" width="400px">
Closes #23866
See merge request !7124
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass user instance to Labels::FindOrCreateService or skip_authorization: true
It fixes a bug described in #23694 when `project.owner` was passed to `Labels::FindOrCreateService`. `Labels::FindOrCreateService` expected a user instance and `project.owner` may return a group as well. This MR makes sure that we either pass a user instance or `skip_authorization: true`.
Fixes #23694
See merge request !7093
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'23661-lacking-padding-on-syntax-highlight-blocks-in-diff-comments' into 'master'
Resolve "Lacking padding on syntax highlight blocks in diff comments"
Enforces horizontal padding on highlight block.
There was no horizontal padding on diff comment highlight blocks.
Closes #23661
See merge request !7062
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'21248-wrong-urlencoding-when-switching-branch-in-graphs-contributers' into 'master'
Fix refs dropdown selection with special characters
Remove unneeded encode from the project-refs-dropdown renderRow method.
Closes #21248
See merge request !7061
Signed-off-by: Rémy Coutable <remy@rymai.me>
|