summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | | | | | | | Require explicit scopes on personal access tokensMarkus Koller2017-03-074-29/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Gitlab::Auth and API::APIGuard already check for at least one valid scope on personal access tokens, so if the scopes are empty the token will always fail validation.
| * | | | | | | | | Only use API scopes for personal access tokensMarkus Koller2017-03-076-3/+64
| | | | | | | | | |
| * | | | | | | | | Don't allow blocked users to authenticate through other meansMarkus Koller2017-03-076-3/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Gitlab::Auth.find_with_user_password is currently used in these places: - resource_owner_from_credentials in config/initializers/doorkeeper.rb, which is used for the OAuth Resource Owner Password Credentials flow - the /session API call in lib/api/session.rb, which is used to reveal the user's current authentication_token In both cases users should only be authenticated if they're in the active state.
| * | | | | | | | | Make sure scopes are loaded in admin OAuth application formMarkus Koller2017-03-072-1/+66
| | | | | | | | | |
| * | | | | | | | | Remove duplicated code in Oauth::AuthorizationsControllerMarkus Koller2017-03-071-42/+2
| | | | | | | | | |
| * | | | | | | | | Implement OpenID Connect identity providerMarkus Koller2017-03-0723-9/+388
| | |/ / / / / / / | |/| | | | | | |
* | | | | | | | | Merge remote-tracking branch ↔Douwe Maan2017-03-0730-145/+1053
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'origin/personal_access_token_api_and_impersonation_token'
| * | | | | | | | | apply codestyle and implementation changes to the respective feature codepersonal_access_token_api_and_impersonation_tokenTiago Botelho2017-03-0627-649/+313
| | | | | | | | | |
| * | | | | | | | | refactors finder and correlated codeTiago Botelho2017-03-0117-202/+378
| | | | | | | | | |
| * | | | | | | | | applies relevant changes to the code and code structureTiago Botelho2017-02-2824-279/+317
| | | | | | | | | |
| * | | | | | | | | refactors documentation and personal access tokens form to not allow admins ↔Tiago Botelho2017-02-2814-127/+230
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to generate non impersionation tokens
| * | | | | | | | | add admin panel for personal access tokensSimon Vocella2017-02-287-0/+269
| | | | | | | | | |
| * | | | | | | | | add documentation and changelog entry for user personal access tokens apiSimon Vocella2017-02-284-0/+152
| | | | | | | | | |
| * | | | | | | | | Add text-warning class in profile settings if the personal_access_token ↔Simon Vocella2017-02-282-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | expires soon
| * | | | | | | | | add impersonation tokenSimon Vocella2017-02-2810-35/+116
| | | | | | | | | |
| * | | | | | | | | manage personal_access_tokens through apiSimon Vocella2017-02-2812-3/+427
| | | | | | | | | |
* | | | | | | | | | Merge branch '28559-remove-active-underline' into 'master' Annabel Dunstone Gray2017-03-071-0/+4
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | don't underline clicked links in Notes header Closes #28559 See merge request !9753
| * | | | | | | | | | don't underline clicked links in Notes header28559-remove-active-underlineSimon Knox2017-03-071-0/+4
| | |_|_|_|_|_|_|_|/ | |/| | | | | | | |
* | | | | | | | | | Merge branch '26790-label-color-todos' into 'master' Douwe Maan2017-03-073-1/+17
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | #26790 whitelist style attribute in event_note Closes #26790 See merge request !9155
| * | | | | | | | | | whitelist style attribute in event_notemhasbini2017-03-073-1/+17
| | | | | | | | | | |
* | | | | | | | | | | Merge branch '28835-jobs-head' into 'master' Annabel Dunstone Gray2017-03-072-1/+5
|\ \ \ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix Jobs header height - only set fixed size for rows Closes #28835 See merge request !9752
| * | | | | | | | | | fix Jobs header height - only set fixed size for rows28835-jobs-headSimon Knox2017-03-072-1/+5
| | |/ / / / / / / / | |/| | | | | | | |
* | | | | | | | | | Merge branch 'feature/runner-jobs-v4-api' into 'master' Kamil TrzciƄski2017-03-0714-9/+1447
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Feature/runner jobs v4 api Closes #28513 See merge request !9273
| * | | | | | | | | | Add minor refactoringfeature/runner-jobs-v4-apiTomasz Maczukin2017-03-077-47/+63
| | | | | | | | | | |
| * | | | | | | | | | Change artifacts and cache fields to arraysTomasz Maczukin2017-03-062-7/+13
| | | | | | | | | | |
| * | | | | | | | | | Fix spec for Ci::RegisterJobServiceTomasz Maczukin2017-03-061-3/+3
| | | | | | | | | | |
| * | | | | | | | | | Fix rubocop offensesTomasz Maczukin2017-03-063-3/+3
| | | | | | | | | | |
| * | | | | | | | | | Add some fixes and refactoring after reviewTomasz Maczukin2017-03-0210-115/+292
| | | | | | | | | | |
| * | | | | | | | | | Fix rubocop offensesTomasz Maczukin2017-03-024-17/+17
| | | | | | | | | | |
| * | | | | | | | | | Add artifacts downloading APITomasz Maczukin2017-03-022-0/+65
| | | | | | | | | | |
| * | | | | | | | | | Add artifacts uploading APITomasz Maczukin2017-03-022-0/+252
| | | | | | | | | | |
| * | | | | | | | | | Add artifacts uploading authorize APITomasz Maczukin2017-03-023-0/+111
| | | | | | | | | | |
| * | | | | | | | | | Add job patch trace APITomasz Maczukin2017-03-023-1/+178
| | | | | | | | | | |
| * | | | | | | | | | Add job update APITomasz Maczukin2017-03-023-3/+86
| | | | | | | | | | |
| * | | | | | | | | | Update step data namingTomasz Maczukin2017-03-023-15/+13
| | | | | | | | | | |
| * | | | | | | | | | Add missing param description for POST /api/v4/jobs/requestTomasz Maczukin2017-03-021-0/+2
| | | | | | | | | | |
| * | | | | | | | | | Add changelog entryTomasz Maczukin2017-03-021-0/+4
| | | | | | | | | | |
| * | | | | | | | | | Fix rubocop offensesTomasz Maczukin2017-03-024-19/+16
| | | | | | | | | | |
| * | | | | | | | | | Refactor JobRequest response structureTomasz Maczukin2017-03-0210-45/+233
| | | | | | | | | | |
| * | | | | | | | | | Add jobs requesting APITomasz Maczukin2017-03-024-0/+362
| | | | | | | | | | |
* | | | | | | | | | | Merge branch '28251-mr-and-issue-iids-for-api-v4' into 'master' Douwe Maan2017-03-0726-456/+1174
|\ \ \ \ \ \ \ \ \ \ \ | |_|_|_|_|/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | API routes referencing a specific issue should use the issue `iid` Closes #28251 See merge request !9530
| * | | | | | | | | | Implement review comments from @dbalexandre28251-mr-and-issue-iids-for-api-v4Timothy Andrew2017-03-074-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Typo in docs - Newline between test/expectation in `api/issues_spec` - Use `find_by` instead of `reference_by` in the structure defining awardables
| * | | | | | | | | | Add documentation for !9530.Timothy Andrew2017-03-074-226/+227
| | | | | | | | | | |
| * | | | | | | | | | Fix time tracking endpoints for API v4Timothy Andrew2017-03-075-5/+249
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Use issue/merge_request IID instead of ID - Duplicate the original `TimeTrackingEndpoints` concern (+ specs) for V3, since this is a breaking change.
| * | | | | | | | | | Migrate the Todos API to use `issuable_iid`Timothy Andrew2017-03-072-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Instead of `issuable_id`
| * | | | | | | | | | Migrate the AwardEmoji API to use `merge_request_iid` and `issue_iid`Timothy Andrew2017-03-074-37/+337
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Instead of `merge_request_id` and `issue_id` - The API also deals with `snippet_id`, which remains unchanged (since snippets don't have `iid`s - Duplicate the original `AwardEmoji` API (and spec) for use with the V3 API, since this is a breaking change.
| * | | | | | | | | | Migrate the MergeRequestDiffs API to use `merge_request_iid`Timothy Andrew2017-03-073-19/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Instead of `merge_request_id` - Duplicate the original `MergeRequestDiffs` API (and spec) for use with the V3 API, since this is a breaking change.
| * | | | | | | | | | API routes referencing a specific merge request should use the MR `iid`Timothy Andrew2017-03-074-80/+179
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - As opposed to the `id` that was previously being used. - This brings the API routes closer to the web interface's routes. - This is specific to API v4.
| * | | | | | | | | | API routes referencing a specific issue should use the issue `iid`Timothy Andrew2017-03-076-83/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - As opposed to the issue `id` that was previously being used. - This brings the API routes closer to the web interface's routes. - This is specific to API v4.
* | | | | | | | | | | Merge branch 'sort-builds-in-stage' into 'master' Sean McGivern2017-03-074-4/+29
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sort builds in stage dropdown Closes #28354 See merge request !9760
View Lorry Controller Status