summaryrefslogtreecommitdiff
path: root/app/controllers/dashboard
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge branch '28810-projectfinder-should-handle-more-options' into 'master' Rémy Coutable2017-04-061-12/+15
|\ | | | | | | | | | | | | ProjectsFinder should handle more options Closes #28810 See merge request !9682
| * ProjectsFinder should handle more optionsJacopo2017-04-061-12/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Extended ProjectFinder in order to handle the following options: - current_user - which user use - project_ids_relation: int[] - project ids to use - params: - trending: boolean - non_public: boolean - starred: boolean - sort: string - visibility_level: int - tags: string[] - personal: boolean - search: string - non_archived: boolean GroupProjectsFinder now inherits from ProjectsFinder. Changed the code in order to use the new available options.
* | Merge branch 'open-redirect-host-fix' into 'security' Sean McGivern2017-04-051-1/+1
|/ | | | | Fix for three open redirect vulns using redirect_to url_for(params.merge))) See merge request !2082
* Revert "Merge branch '29534-todos-performance' into 'master'"Sean McGivern2017-03-211-1/+1
| | | This reverts merge request !10076
* Todos performance: Include associations in FinderJarka Kadlecova2017-03-201-1/+1
|
* Merge branch '27376-cache-default-branch-pipeline-on-project' into 'master' Yorick Peterse2017-03-161-1/+1
|\ | | | | | | | | Speed up several project lists See merge request !9903
| * Eager load route for project & namespaceBob Van Landuyt2017-03-161-1/+1
| |
* | Add 'Undo mark all as done' to TodosJacopo2017-03-161-2/+8
|/ | | | | | Added the ability to 'Undo mark all as done' todos marked as complete with 'Mark all as done' in the 'Todo' tab of the Todo dashboard. The operation undos only the todo previously marked as done with the 'Mark al as done' button.
* Add count badges to both dashboard and group milestonesadam-count-badges-group-dashboard-milestonesAlex Braha Stoll2017-03-101-0/+1
|
* Add filter and sorting to dashboard groups pageDmitriy Zaporozhets2017-03-011-1/+13
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* fixes delimiter removes when todo marked as doneNur Rony2017-02-221-2/+4
|
* change todos counter position & format ( for large counts )mhasbini2017-02-211-0/+5
|
* Todo done clicking is kind of unusable.Jacopo2017-02-171-0/+6
| | | | | | The Done button will change to an Undo button and the line item will be greyed out. Bold links will be unbolded. The user can undo the task by clicking the Undo button.
* Use preload for Event#target since it's a polymorphic association27395-reduce-group-activity-sql-queriesRémy Coutable2017-02-131-12/+11
| | | | | | Also, don't use limit in subquery, MySQL don't like that. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Store group and project full name and full path in routes tabledz-refactor-full-pathDmitriy Zaporozhets2017-02-081-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Remove unnecessary queries for .atom and .json in ↵Oswaldo Ferreira2017-02-031-3/+1
| | | | Dashboard::ProjectsController#index
* Speed up dashboard milestone index by scoping IssuesFinder to user ↵speed-up-dashboard-milestone-indexAdam Niedzielski2017-01-161-2/+2
| | | | | | | | | | | authorized projects It improves performance in dashboard milestone index page by passing a hint to "IssuesFinder". "IssuesFinder" generates a more performant query when it is limited to authorized projects for user. In the dashboard we already limit the projects to these authorized for user (see "Dashboard::ApplicationController#projects"), so we can safely pass this option to "IssuesFinder".
* Speed up group milestone index by passing group_id to IssuesFinderAdam Niedzielski2017-01-061-2/+11
|
* applies url_for so that we dont lose filters when redirecting19988-prevent-empty-pagination-when-list-not-emptyTiago Botelho2016-12-231-1/+1
|
* adds specs for respective behaviourTiago Botelho2016-12-211-3/+4
|
* Prevent empty pagination when list is not emptyTiago Botelho2016-12-211-1/+3
|
* Limit what label fields we expose on Dashboard::LabelsController#indexDouglas Barbosa Alexandre2016-10-191-1/+3
|
* List only labels that belongs to the group on the group issues pageDouglas Barbosa Alexandre2016-10-191-6/+1
|
* Allow users to apply group labels on Issues/MRsDouglas Barbosa Alexandre2016-10-191-1/+4
|
* Merge branch 'issue_18135' into 'master' Douwe Maan2016-08-191-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Todos sorting dropdown Implements #18135 ![todos_sorting](/uploads/bff76827c421628134dfb8b864e47c74/todos_sorting.png) - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5691
| * Todos sorting dropdownissue_18135Felipe Artur2016-08-191-0/+1
| |
* | Rename TodoService#mark_todos_as_done_by_id{,s}Ahmad Sherif2016-08-181-1/+1
| |
* | Implement TodoService#mark_todos_as_done_by_idAhmad Sherif2016-08-181-3/+1
| | | | | | | | Follow-up on 52b0c26
* | Simplify SQL queries of marking a todo as doneAhmad Sherif2016-08-181-4/+2
|/
* Recover usage of Todos counter cache20842-todos-queries-cachePaco Guzman2016-08-121-2/+2
| | | | | | | We’re being kept up to date the counter data but we’re not using it. The only thing which is not real if is the number of projects that the user read changes the number of todos can be stale for some time. The counters will be sync just after the user receives a new todo or mark any as done
* Cache todos pending/done dashboard query countsPaco Guzman2016-07-121-4/+9
|
* Fix an information disclosure when requesting access to a group containing ↵Rémy Coutable2016-06-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | private projects The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Ensure Todos counters doesn't count Todos for projects pending deleteDouglas Barbosa Alexandre2016-06-171-13/+8
|
* Cache todo counters (pending/done)18034-cache-todo-counterPaco Guzman2016-06-171-4/+4
| | | | | | | - As todos are created/updated inside the TodoService we repopulate the cache just there for both pending/done todos - Todos as mark as done from the TodosController we update cache there too - All the added methods are kept in the User class for cohesion
* Merge branch 'meinac/gitlab-ce-change_deprecated_render_usage'Dmitriy Zaporozhets2016-05-181-2/+2
|\ | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Change deprecated usage of rendering without response bodyMehmet Emin İNAÇ2016-03-161-2/+2
| | | | | | | | | | `render nothing: true` has been deprecated. For more information see [pr](https://github.com/rails/rails/pull/20336)
* | Merge branch '17249-starred' into 'master' Robert Speicher2016-05-111-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restrict starred projects to viewable ones `User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects. Closes #17249. See merge request !4108
| * | Restrict starred projects to viewable onesSean McGivern2016-05-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects.
* | | Add to label :id to responseissue_15673Alfredo Sumaran2016-05-031-1/+1
|/ /
* | Add missing Dashboard::LabelsControllerRémy Coutable2016-03-231-0/+9
| |
* | Use respond_to instead of a conditional to paginate milestonesRémy Coutable2016-03-231-3/+4
| |
* | Fix an issue causing the Dashboard/Milestones page to be blankRémy Coutable2016-03-232-6/+12
| |
* | Use the configured Kaminari "per page" defaultrs-use-kaminari-defaultRobert Speicher2016-03-194-5/+5
| |
* | Use todo.done without ! in the controller to mark todo as doneDouglas Barbosa Alexandre2016-03-181-2/+2
| |
* | Mark all as done through AJAXPhil Hughes2016-03-171-0/+4
| |
* | Removed the flash success messagePhil Hughes2016-03-171-2/+2
| | | | | | | | Removes the group if empty
* | Adds small AJAX optimistic functionality to todos.Jacob Schatz2016-03-171-1/+6
|/ | | | | Fixes #13656 A good first step and boring solution.
* Allow filtered dashboard/explore results to be paged. Fixes #14104fix-filtered-paginationJosh Frye2016-03-091-2/+2
|
* Add option to show archived projects on dahsboardDmitriy Zaporozhets2016-03-041-16/+8
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Revert "Revert "Sort starred projects on dashboard based on last activity by ↵sort-starred-projectsDmitriy Zaporozhets2016-03-031-1/+1
| | | | | | default"" This reverts commit 617bb1096deb1fb5dea66d04b9bbd7da0dfb57ba.
View Lorry Controller Status