| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Gitlab::Auth.find_with_user_password is currently used in these places:
- resource_owner_from_credentials in config/initializers/doorkeeper.rb,
which is used for the OAuth Resource Owner Password Credentials flow
- the /session API call in lib/api/session.rb, which is used to reveal
the user's current authentication_token
In both cases users should only be authenticated if they're in the
active state.
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | |/ / / / / / /
| |/| | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
'origin/personal_access_token_api_and_impersonation_token'
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
to generate non impersionation tokens
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
expires soon
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
don't underline clicked links in Notes header
Closes #28559
See merge request !9753
|
| | |_|_|_|_|_|_|_|/
| |/| | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
#26790 whitelist style attribute in event_note
Closes #26790
See merge request !9155
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / / / /
|/| | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
fix Jobs header height - only set fixed size for rows
Closes #28835
See merge request !9752
|
| | |/ / / / / / / /
| |/| | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Feature/runner jobs v4 api
Closes #28513
See merge request !9273
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / / / /
|/| | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
API routes referencing a specific issue should use the issue `iid`
Closes #28251
See merge request !9530
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- Typo in docs
- Newline between test/expectation in `api/issues_spec`
- Use `find_by` instead of `reference_by` in the structure defining awardables
|
| | | | | | | | | | | |
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- Use issue/merge_request IID instead of ID
- Duplicate the original `TimeTrackingEndpoints` concern (+ specs) for V3, since
this is a breaking change.
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- Instead of `issuable_id`
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- Instead of `merge_request_id` and `issue_id`
- The API also deals with `snippet_id`, which remains unchanged (since snippets
don't have `iid`s
- Duplicate the original `AwardEmoji` API (and spec) for use with the V3
API, since this is a breaking change.
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- Instead of `merge_request_id`
- Duplicate the original `MergeRequestDiffs` API (and spec) for use with the V3
API, since this is a breaking change.
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- As opposed to the `id` that was previously being used.
- This brings the API routes closer to the web interface's routes.
- This is specific to API v4.
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
- As opposed to the issue `id` that was previously being used.
- This brings the API routes closer to the web interface's routes.
- This is specific to API v4.
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Sort builds in stage dropdown
Closes #28354
See merge request !9760
|