summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Move spec/features/admin/security_spec to spec/features/securityrs-security-spec-speedRobert Speicher2015-07-221-0/+2
|
* Consolidate group access specs into one fileRobert Speicher2015-07-225-353/+284
|
* Move custom matchers to their own files under spec/support/matchersRobert Speicher2015-07-222-10/+9
|
* Remove redundant Profile access test casesRobert Speicher2015-07-221-9/+0
| | | | | | The user being created was no different than what `be_allowed_for` was doing behind the scenes so we were essentially testing all user-level accesses twice.
* Remove be_not_found_for matcherRobert Speicher2015-07-221-5/+0
| | | | It was only used in one test, and the test was kind of redundant.
* Move access-related matchers to their own moduleRobert Speicher2015-07-2211-35/+72
|
* Remove unused `be_valid_commit` matcherRobert Speicher2015-07-211-9/+0
|
* Merge branch 'fix-snippet-note-fullscreen' into 'master'Hannes Rosenögger2015-07-212-1/+5
|\ | | | | | | | | | | | | | | | | | | Fix full screen mode for snippet comments ZenMode is now initialized for snippet pages. Fixes #2036. See merge request !1016
| * Fix full screen mode for snippet commentsDaniel Gerhardt2015-07-212-1/+5
|/ | | | | | ZenMode is now initialized for snippet pages. Fixes #2036.
* Merge branch 'document-2fa-backup' into 'master' Valery Sizov2015-07-212-2/+38
|\ | | | | | | | | | | | | | | You need to store your DB encryption key You can break two-factor authentication for existing users when restoring a backup if you lost your DB encryption key. See merge request !1015
| * You need to store your DB encryption keydocument-2fa-backupJacob Vosmaer2015-07-212-2/+38
| |
* | Merge branch 'changelog_update' into 'master' Valery Sizov2015-07-211-2/+2
|\ \ | | | | | | | | | | | | | | | | | | Update changelog See merge request !1013
| * | Update changelogchangelog_updateValery Sizov2015-07-211-2/+2
|/ /
* | Merge branch 'overwrite-during-backup' into 'master' Valery Sizov2015-07-211-0/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't stop if database.sql.gz already exists The existing behavior of the backups is to overwrite whatever data was still there in the scratch directories. This broke when we added a 'gzip' step because 'gzip database.sql' will fail if 'database.sql.gz' already exists. Doing 'rm -f database.sql.gz' before the 'gzip' avoids this failure. See merge request !1011
| * | Don't stop if database.sql.gz already existsoverwrite-during-backupJacob Vosmaer2015-07-211-0/+1
|/ / | | | | | | | | | | | | | | The existing behavior of the backups is to overwrite whatever data was still there in the scratch directories. This broke when we added a 'gzip' step because 'gzip database.sql' will fail if 'database.sql.gz' already exists. Doing 'rm -f database.sql.gz' before the 'gzip' avoids this failure.
* | Merge branch 'fix-changelog-7.11-7.12' into 'master'Robert Schilling2015-07-201-3/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix change log for 7.11 and move entry to 7.12 The change log for 7.11 was accidentally split in 3865a1d92585cb31864b5d0f1b325c3585b5c681. Additionally, the change added with this commit did not make it into 7.11 according to `git branch --contains` and it has not been cherry picked to 7-11-stable so the entry is moved to 7.12. Refs GH-5625, GH-9318. See merge request !1009
| * | Fix change log for 7.11 and move entry to 7.12Daniel Gerhardt2015-07-201-3/+1
|/ / | | | | | | | | | | | | | | | | | | | | | | The change log for 7.11 was accidentally split in 3865a1d92585cb31864b5d0f1b325c3585b5c681. Additionally, the change added with this commit did not make it into 7.11 according to `git branch --contains` and it has not been cherry picked to 7-11-stable so the entry is moved to 7.12. Refs GH-5625, GH-9318. [ci skip]
* | Merge branch 'gc-images-no-casing' into 'master'Stan Hu2015-07-203-1/+7
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | GoogleCode importer: Do not care about casing of image file extensions When a GoogleCode repository contains an attached image with an UPPERCASE file extension, it's not inlined. /CC @DouweM See merge request !1003
| * | GoogleCode importer: Do not care about casing of image file extensionsSven Strickroth2015-07-203-1/+7
| | | | | | | | | | | | Signed-off-by: Sven Strickroth <email@cs-ware.de>
* | | Merge branch 'fix-disabled-feature-access' into 'master'Stan Hu2015-07-202-23/+32
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix (i.e. prevent) access to disabled features for unauthenticated users Unauthenticated users had access to disabled features of public projects. The code has been slightly refactored so that feature checks are done in a separate method and can also be applied for public access. See merge request !1006
| * | | Fix access to disabled features for unauthenticated usersDaniel Gerhardt2015-07-202-23/+32
| | | | | | | | | | | | | | | | | | | | | | | | Unauthenticated users had access to disabled features of public projects. The code has been slightly refactored so that feature checks are done in a separate method and can also be applied for public access.
* | | | Merge branch 'mr-fetch-command' into 'master'Stan Hu2015-07-202-0/+11
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | merge_requests: add fetch command to the MR page In our instance, users asked for an easy way to get the contents of the MR into their local clone. This adds a command line which can be used to fetch the contents of the MR. Screenshot: ![fetch-command](https://gitlab.com/gitlab-org/gitlab-ce/uploads/d83acfbdb69f023d13b45dff5d583ac1/fetch-command.png) See merge request !678
| * | | | merge_requests: add fetch command to the MR pageBen Boeckel2015-07-202-0/+11
| | |_|/ | |/| |
* | | | Merge branch 'fix-slow-repository-cache-update' into 'master'Valery Sizov2015-07-202-19/+2
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove repository graph log to fix slow cache updates after push event Recalculating `graph_log` took minutes on a large repository since each of the 6000 commits would need to calculate the diff. Since graph_log does not appear to be used, remove it from the list of things to update. For the Linux kernel repository, this reduced the `ProjectCacheWorker` time from 8+ minutes to 16 seconds. Closes #2016 See merge request !1005
| * | | | Remove repository graph log to fix slow cache updates after push eventStan Hu2015-07-192-19/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recalculating graph_log took minutes on a large repository since each of the 6000 commits would need to calculate the diff. Since graph_log does not appear to be used, remove it from the list of things to update. For the Linux kernel repository, this reduced the ProjectCacheWorker time from 8+ minutes to 16 seconds. Closes #2016
* | | | | Merge branch 'remove-redundant-last-push' into 'master'Valery Sizov2015-07-201-1/+3
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove redundant last push event if activity feed is set to main page ### What does this MR do? This MR eliminates a redundant last push event message if the user's preferences are set to the main activity feed. ### Why was this MR needed? Lots of wasted space was introduced as a result. ### Screenshots #### Before ![image](https://gitlab.com/stanhu/gitlab-ce/uploads/e7fdeb58b2017ec45443bf0d54a94685/image.png) #### After ![image](https://gitlab.com/stanhu/gitlab-ce/uploads/d4a15113127be119e7c33ff501020f16/image.png) ### What are the relevant issue numbers? Closes #2009 See merge request !995
| * | | | | Remove redundant last push event if activity feed is set to main pageStan Hu2015-07-181-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | Closes #2009
* | | | | | Merge branch 'activity_publicly_accessible' into 'master' Valery Sizov2015-07-201-1/+1
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Public project activity page asks for sign-in https://gitlab.com/gitlab-org/gitlab-ce/issues/2021 See merge request !1007
| * | | | | Public project activity page asks for sign-inactivity_publicly_accessibleValery Sizov2015-07-201-1/+1
| | | | | |
* | | | | | Merge branch 'master' of github.com:gitlabhq/gitlabhqMarin Jankovski2015-07-201-1/+1
|\ \ \ \ \ \
| * \ \ \ \ \ Merge pull request #9400 from tuxillo/patch-1Jacob Vosmaer2015-07-201-1/+1
| |\ \ \ \ \ \ | | |_|_|/ / / | |/| | | | | Use whoami instead of $USER
| | * | | | | Use whoami instead of $USERAntonio Huete Jimenez2015-06-191-1/+1
| | | | | | | | | | | | | | | | | | | | | - Use whoami instead of relying on the existence of $USER enviroment variable which is not always present
* | | | | | | Merge branch 'set-omniauth-full-host' into 'master'Marin Jankovski2015-07-202-0/+2
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set OmniAuth full_host parameter to ensure redirect URIs are correct ### What does this MR do? This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host. ### Why was this MR needed? [OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start. ### What are the relevant issue numbers? Closes #1967 See merge request !991
| * | | | | | Set OmniAuth full_host parameter to ensure redirect URIs are correctStan Hu2015-07-172-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #1967
* | | | | | | Merge branch 'fix-unauthenticated-label-access' into 'master'Stan Hu2015-07-203-1/+7
|\ \ \ \ \ \ \ | |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix label read access for unauthenticated users The label page was added to navigation for unauthorized users because the previously used milestone read permission was still checked. This has been fixed and read access to labels is now granted (again) for public projects. This regression has been introduced in 07efb17e10fe26a01b60d8441868f9fbda0768f2 (7.12). See also 9bcd36396b9b71467f66dd4ed79ab709bb5d027a. Refs !836, !842. See merge request !1000
| * | | | | | Fix label read access for unauthenticated usersDaniel Gerhardt2015-07-193-1/+7
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The label page was added to navigation for unauthorized users because the previously used milestone read permission was still checked. This has been fixed and read access to labels is now granted (again) for public projects. This regression has been introduced in 07efb17e10fe26a01b60d8441868f9fbda0768f2 (7.12). See also 9bcd36396b9b71467f66dd4ed79ab709bb5d027a. Refs !836, !842.
* | | | | | Merge branch 'rs-issue-2001' into 'master' Valery Sizov2015-07-191-2/+2
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dynamically check `:admin_*` ability in issuable context Closes #2001 See merge request !1002
| * | | | | Dynamically check `:admin_*` ability in issuable contextRobert Speicher2015-07-191-2/+2
|/ / / / / | | | | | | | | | | | | | | | Closes #2001
* | | | | Merge branch 'fix-mixed-color-preview' into 'master'Valery Sizov2015-07-191-1/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix bug where notes were being rendered with wrong color preferences due to caching ### What does this MR do? This MR adds the user's color preferences as part of the caching key for notes. ### Why was this MR needed? This should fix a bug introduced via 4d80360b where notes were being loaded from the cache without regard to the current user's color scheme. ### What are the relevant issue numbers? Closes #2008 See merge request !994
| * | | | | Fix bug where notes were being rendered with wrong color preferences due to ↵Stan Hu2015-07-181-1/+1
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | caching Closes #2008
* | | | | Merge branch 'fix-oauth-redirection' into 'master'Stan Hu2015-07-192-1/+3
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in ### What does this MR do? This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post. ### Why was this MR needed? If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce: 1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com). 2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab. 3. Go to the GitLab CI instance. Click the "Login with GitLab". 4. Enter in your credentials. 5. Watch your browser login to GitLab and not return to GitLab CI. ### What are the relevant issue numbers? Closes #1612 See merge request !998
| * | | | Fix OAuth provider bug where GitLab would not go return to the redirect_uri ↵Stan Hu2015-07-182-1/+3
|/ / / / | | | | | | | | | | | | | | | | | | | | after sign-in Closes #1612
* | | | Merge branch 'rs-issue-2013' into 'master' Robert Speicher2015-07-181-3/+9
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Show the first tab automatically on MergeRequests#new Closes #2013 See merge request !997
| * | | | Show the first tab automatically on MergeRequests#newrs-issue-2013Robert Speicher2015-07-181-3/+9
|/ / / / | | | | | | | | | | | | Closes #2013
* | | | Merge pull request #9452 from YorickPeterse/masterRobert Speicher2015-07-181-5/+5
|\ \ \ \ | |/ / / |/| | | Only load byebug on MRI
| * | | Only load byebug on MRIYorick Peterse2015-07-181-5/+5
| | | | | | | | | | | | | | | | | | | | This Gem relies on MRI specific debugging APIs. This at least allows installation on Rubinius/JRuby.
* | | | Merge branch 'fix-note-edit-upload-link' into 'master'Stan Hu2015-07-182-1/+2
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix file upload dialog for comment editing This fixes the file upload dialog which currently works for new comments but not for comment editing. The cause for this is a missing DOM class which causes traversal to the dropzone to fail. This is fixed by adding the expected `gfm-form` class to the edit form. It has to be added dynamically since adding it to the form template would break the form's layout and comment saving. The following screenshot illustrates the issue: ![gitlab-dropzone-upload-dialog-bug](https://gitlab.com/gitlab-org/gitlab-ce/uploads/3a9885c8ba7c07338148ec9e605e5771/gitlab-dropzone-upload-dialog-bug.png) See merge request !956
| * | | | Fix file upload dialog for comment editingDaniel Gerhardt2015-07-172-1/+2
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the file upload dialog which currently works for new comments but not for comment editing. The cause for this is a missing DOM class which causes traversal to the dropzone to fail. This is fixed by adding the expected `gfm-form` class to the edit form. It has to be added dynamically since adding it to the form template would break the form's layout and comment saving.
* | | | Merge branch 'rs-issue-988-test' into 'master' Robert Speicher2015-07-182-1/+11
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add test case for clicking line number anchor icon Follow-up to !988 See merge request !992
| * | | | Add test case for clicking line number anchor iconrs-issue-988-testRobert Speicher2015-07-172-1/+11
|/ / / /
View Lorry Controller Status