summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Removed usage of normilizeEmojiName methodemoji-unicode-fixPhil Hughes2016-04-222-7/+1
| | | | Fixed some Ruby based on feedback
* Fixes issue with emoji comments not showing correct emoji imagePhil Hughes2016-04-223-13/+10
| | | | | | | | Previously it would look for the unicode character inside the award menu. But this menu might not always be there. Now, the unicode characters are loaded onto the page in an array which the award emoji that looks in to get the correct emoji unicode character Fixes #15512
* Merge branch 'issue_3799' into 'master' Rémy Coutable2016-04-224-1/+43
|\ | | | | | | | | | | | | | | | | Allow filtering by Owned projects on dashboard page Closes #3799 ![Screen_Shot_2016-04-15_at_9.40.52_PM](/uploads/440498c5647bda282304891307931a02/Screen_Shot_2016-04-15_at_9.40.52_PM.png) See merge request !3762
| * Merge remote-tracking branch 'origin/master' into issue_3799Alfredo Sumaran2016-04-21309-1422/+4992
| |\
| * | Update CHANGELOGAlfredo Sumaran2016-04-211-0/+1
| | |
| * | Do not display filters if user if there's no current_userAlfredo Sumaran2016-04-211-7/+8
| | |
| * | Use compact syntaxAlfredo Sumaran2016-04-211-4/+1
| | |
| * | Add testsAlfredo Sumaran2016-04-181-0/+30
| | |
| * | Remove Spinach featureAlfredo Sumaran2016-04-182-19/+0
| | |
| * | Allow filtering by Owned projectsAlfredo Sumaran2016-04-184-1/+33
| | |
* | | Merge branch 'doc-gh-import-additions' into 'master' Achilleas Pipinellis2016-04-221-5/+9
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Add newest enhancements to GH importer docs [ci skip] See merge request !3867
| * | | Add newest enhancements to GH importer docsAchilleas Pipinellis2016-04-221-5/+9
| | | | | | | | | | | | | | | | [ci skip]
* | | | Merge branch 'confirmation-screen' into 'master' Robert Speicher2016-04-229-4/+64
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improved email confirmation UX Closes #4228 See merge request !3184
| * | | | Improved confirmation UXconfirmation-screenPhil Hughes2016-04-219-4/+64
| |/ / / | | | | | | | | | | | | Closes #4228
* | | | Merge branch 'doc_note_cherry_pick' into 'master' Achilleas Pipinellis2016-04-221-1/+2
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use new Note styleguide See merge request !3866
| * | | | Use new Note styleguideAchilleas Pipinellis2016-04-221-1/+2
| |/ / / | | | | | | | | | | | | [ci skip]
* | | | Merge branch 'rs-diff_view' into 'master' Rémy Coutable2016-04-225-12/+29
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Always read diff_view setting from the cookie Prior, when the user had their view set to "parallel" and then visited a merge request's changes tab _without_ passing the `view` parameter via query string, the view would be parallel but the `Notes` class was always instantiated with the default value from `diff_view` ("inline"), resulting in broken markup when the form to add a line note was dynamically inserted. The cookie is set whenever the view is changed, so this value should always be up-to-date. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14557 and https://gitlab.com/gitlab-org/gitlab-ce/issues/15285 See merge request !3732
| * | | | Clarify that the diff view setting always comes from the cookiers-diff_viewRobert Speicher2016-04-192-10/+1
| | | | | | | | | | | | | | | | | | | | This invalidates one test, which we've removed.
| * | | | Always read diff_view setting from the cookieRobert Speicher2016-04-143-2/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior, when the user had their view set to "parallel" and then visited a merge request's changes tab _without_ passing the `view` parameter via query string, the view would be parallel but the `Notes` class was always instantiated with the default value from `diff_view` ("inline"), resulting in broken markup when the form to add a line note was dynamically inserted. The cookie is set whenever the view is changed, so this value should always be up-to-date. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14557
* | | | | Merge branch 'fix/private-labels-permissions' into 'master' Grzegorz Bizon2016-04-226-23/+93
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix vulnerability that leaks private labels and milestones ## Summary This fixes vulnerability that leaks information about private labels and milestones because of insecure direct object reference in issueable create service. This affects merge requests and issues. See https://gitlab.com/gitlab-org/gitlab-ce/issues/15439 ## Fix This MR introduces additional check that rejects labels and milestone that does not belong to the same project issue/merg request does. ## Further work `IssuableBaseService` may benefit from encapsulating filters in separate class/module, which then may improve coherency in this class. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15439 See merge request !1954
| * | | | Add Changelog entry for private labels security fixGrzegorz Bizon2016-04-221-0/+1
| | | | |
| * | | | Use association search in issuable create serviceGrzegorz Bizon2016-04-222-12/+12
| | | | |
| * | | | Add affinity checks in issue create serviceGrzegorz Bizon2016-04-221-2/+9
| | | | |
| * | | | Update specs to accomodate issuable assign changesGrzegorz Bizon2016-04-224-21/+31
| | | | |
| * | | | Verify label affiliation before assigning to issueGrzegorz Bizon2016-04-222-2/+54
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | This also verify if milestone belongs to correct project before creating a new issue. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15439
* | | | Merge branch 'label-text-color-sidebar' into 'master' Robert Speicher2016-04-213-3/+3
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes text color on labels in sidebar Previously the labels in the sidebar would just have `#FFF` text color which could cause problems with a light background color. With this, the text color comes from the JSON. See merge request !3846
| * | | | Reverted label link helperlabel-text-color-sidebarPhil Hughes2016-04-211-1/+1
| | | | |
| * | | | Reverted link changesPhil Hughes2016-04-212-5/+5
| | | | |
| * | | | Removed console.logPhil Hughes2016-04-211-1/+0
| | | | |
| * | | | Updated testsPhil Hughes2016-04-211-4/+4
| | | | |
| * | | | Fixes text color on labels in sidebarPhil Hughes2016-04-214-5/+6
| | | | |
* | | | | Merge branch '15465-fix-sort-by-due-date' into 'master' Yorick Peterse2016-04-212-3/+14
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Remove the `.distinct` when finding issues See merge request !3858
| * | | | | Remove the `.distinct` when finding issues15465-fix-sort-by-due-dateRémy Coutable2016-04-212-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is not needed anymore after !3815. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | | Merge branch 'repository-checks-default-off' into 'master' Yorick Peterse2016-04-214-4/+16
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Disable 'repository check' feature in 8.7.0 See merge request !3856
| * | | | | | Disable 'repository check' feature in 8.7.0Jacob Vosmaer2016-04-214-4/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It still causes too many false alarms.
* | | | | | | Merge branch 'remove-update-files' into 'master' Yorick Peterse2016-04-215-3/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removed JS update templates See merge request !3814
| * | | | | | | Removed JS update templatesremove-update-filesPhil Hughes2016-04-195-3/+1
| | | | | | | |
* | | | | | | | Merge branch '15413-firefox-line-numbers' into 'master' Jacob Schatz2016-04-211-0/+5
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove float from blame link icon Closes #15413 <img src="/uploads/af6aea9102e1b42e5e92783ce818863c/Screen_Shot_2016-04-21_at_1.57.56_PM.png" width="200px"> See merge request !3861
| * | | | | | | | Remove float from iconAnnabel Dunstone2016-04-211-0/+5
| | |_|_|_|_|_|/ | |/| | | | | |
* | | | | | | | Merge remote-tracking branch 'dev/master' into 'master'Robert Speicher2016-04-213-5/+17
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | |
| * | | | | | | Merge branch 'dev_issue_15331' into 'master' Robert Speicher2016-04-213-5/+17
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes window.opener bug Adds `noreferrer` value to rel attribute for external links REF: https://gitlab.com/gitlab-org/gitlab-ce/issues/15331 See merge request !1953
| | * | | | | | | Fix failing specAlfredo Sumaran2016-04-213-4/+16
| | | | | | | | |
| | * | | | | | | Add noreferrer value to rel attribute for external linksAlfredo Sumaran2016-04-201-1/+1
| | | | | | | | |
* | | | | | | | | Merge branch 'doc-updating-gitlab' into 'master' Achilleas Pipinellis2016-04-212-8/+167
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the update documentation See merge request !3822
| * | | | | | | | | Split into sections, port `downgrade_ee_to_ce` doc from EEdoc-updating-gitlabAchilleas Pipinellis2016-04-212-8/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip]
| * | | | | | | | | Fix links in update READMEAchilleas Pipinellis2016-04-191-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip]
* | | | | | | | | | Merge branch 'test-db-migrate' into 'master' Stan Hu2016-04-211-0/+5
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add db:migrate:reset task to CI Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> cc @DouweM @stanhu See merge request !3788
| * | | | | | | | | | Add db:migrate task to CIDmitriy Zaporozhets2016-04-211-0/+5
| | |/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | | | | | | | | | Merge branch 'instrument-gitlab-access' into 'master' Rémy Coutable2016-04-212-0/+5
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instrument Gitlab::GitAccess/GitAccessWiki See merge request !3859
| * | | | | | | | | Instrument Gitlab::GitAccess/GitAccessWikiYorick Peterse2016-04-212-0/+5
| | |_|_|_|/ / / / | |/| | | | | | |
View Lorry Controller Status