summaryrefslogtreecommitdiff
path: root/app/policies
Commit message (Collapse)AuthorAgeFilesLines
* bugfix: use `require_dependency` to bring in DeclarativePolicybugfix/declarative-policy-reloadinghttp://jneen.net/2017-06-291-1/+1
|
* convert all the policies to DeclarativePolicyhttp://jneen.net/2017-06-2725-641/+603
|
* Rename "Slash commands" to "Quick actions"Eric Eastwood2017-06-151-1/+1
| | | | | | | | | | | | | Fix https://gitlab.com/gitlab-org/gitlab-ce/issues/27070 Deprecate "chat commands" in favor of "slash commands" We looked for things like: - `slash commmand` - `slash_command` - `slash-command` - `SlashCommand`
* Allow to access pipelines even if they are disabled, but only present jobs ↵Kamil Trzcinski2017-06-131-1/+1
| | | | and commit statuses without giving ability to access them
* Merge branch '25934-project-snippet-vis' into 'security-9-2'DJ Mountney2017-06-081-0/+5
| | | | | | Fix visibility when referencing snippets See merge request !2101
* Merge branch '3191-deploy-keys-update' into 'master'Rémy Coutable2017-06-071-0/+11
|\ | | | | | | | | | | | | Implement ability to update deploy keys Closes #3191 See merge request !10383
| * Implement ability to update deploy keysAlexander Randa2017-06-021-0/+11
| |
* | Allow group reporters to manage group labels33154-permissions-for-project-labels-and-group-labelsSean McGivern2017-06-051-7/+10
|/ | | | | | | | | Previously, only group masters could do this. However, project reporters can manage project labels, so there doesn't seem to be any need to restrict group labels further. Also, save a query or two by getting a single GroupMember object to find out if the user is a master or not.
* Check only a merge ability for protected actionsGrzegorz Bizon2017-05-311-1/+1
|
* Merge branch 'snippets-finder-visibility' into 'security'Douwe Maan2017-05-101-1/+1
| | | | | | Refactor snippets finder & dont return internal snippets for external users See merge request !2094
* Add confirm delete protected branch modalSam Rose2017-05-081-3/+3
|
* Add Pipeline Schedules that supersedes experimental Trigger ScheduleZeger-Jan van de Weg2017-05-072-0/+12
|
* Use update build policy instead of new play policyGrzegorz Bizon2017-05-052-6/+8
|
* Merge commit '3a2b60f7' from 'master'Grzegorz Bizon2017-05-051-0/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '3a2b60f7a0109cdb84e8727a2625318a746e84dc': (151 commits) Fixed Karma spec Reject EE reserved namespace paths in CE as well Updated webpack config Include the bundler:audit job into the static-analysis job Document serializers Add artifact file page that uses the blob viewer Pipeline table mini graph dropdown remains open when table is refreshed Adds off for event hub Compile gitlab-shell go executables Allow to create new branch and empty WIP merge request from issue page Moved to a view spec Improving copy of CONTRIBUTING.md, PROCESS.md, and code_review.md Convert seconds to minutes and hours on chat notifations Disable navigation to Pages config if Pages is disabled Sort the network graph both by commit date and topographically. Add tooltips to note action buttons Add breadcrumb, build header and pipelines submenu to artifacts browser Update todos screenshots removes the possibility of commit messages having carriage returns Handle incoming emails from aliases correctly ...
| * Support uploaders for personal snippets comments12910-uploader-pers-snippetJarka Kadlecova2017-05-021-0/+6
| |
* | Improve environment policy classGrzegorz Bizon2017-05-031-5/+7
| |
* | Merge branch 'master' into ↵Grzegorz Bizon2017-05-021-18/+26
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/gb/manual-actions-protected-branches-permissions * master: (314 commits) Better Explore Groups view Update Carrierwave and fog-core Add specs for Gitlab::RequestProfiler Add scripts/static-analysis to run all the static analysers in one go Shorten and improve some job names Group static-analysis jobs into a single job Don't blow up when email has no References header Update CHANGELOG.md for 9.1.2 Add changelog Add changelog Show Raw button as Download for binary files Use blob viewers for snippets Fix typo Fixed transient failure related to dropdown animations Revert "Merge branch 'tc-no-todo-service-select' into 'master'" fix link to MR 10416 Another change from .click -> .trigger('click') to make spec pass Change from .click -> .trigger('click') to make spec pass Disable AddColumnWithDefaultToLargeTable cop for pre-existing migrations Add AddColumnWithDefaultToLargeTable cop ... Conflicts: spec/requests/api/jobs_spec.rb
| * Fix Rubocop CyclomaticComplexity offensebackport-cyclomatic_complexity-fixRémy Coutable2017-04-261-18/+26
| | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Fix Rubocop offense in environments policy classGrzegorz Bizon2017-05-011-1/+0
| |
* | Add new ability check for stopping environmentGrzegorz Bizon2017-05-011-1/+12
| |
* | Merge branch 'master' into ↵Grzegorz Bizon2017-04-133-1/+3
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | feature/gb/manual-actions-protected-branches-permissions * master: (641 commits) Revert "Fix registry for projects with uppercases in path" Fix registry for projects with uppercases in path Move event icons into events_helper Reset New branch button when issue state changes Add link to environments on kubernetes.md Indent system notes on desktop screens Improve webpack-dev-server compatibility with non-localhost setups. Add changelog entry Fix recent searches icon alignment in Safari Use preload to avoid Rails using JOIN Fix NUMBER_OF_TRUNCATED_DIFF_LINES re-definition error Prepare for zero downtime migrations Fix filtered search input width for IE Fix the `gitlab:gitlab_shell:check` task Fixed random failures with Poll spec Include CONTRIBUTING.md file when importing .gitlab-ci.yml templates Let uses hide verbose output by default Separate examples for each other Collapse similar sibling scenarios Use empty_project for resources that are independent of the repo ... Conflicts: app/views/projects/ci/builds/_build.html.haml
| * Merge branch 'siemens/gitlab-ce-fix/subgroup-hide-button' into 'master' Rémy Coutable2017-04-121-0/+1
| |\ | | | | | | | | | | | | | | | | | | Hide new subgroup button if user has no permission to create one Closes #30139 See merge request !10627
| | * Move permission to create subgroup into GroupPolicyDmitriy Zaporozhets2017-04-111-0/+1
| | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * | Remove the User#is_admin? methodblackst0ne2017-04-091-1/+1
| | |
| * | Merge branch 'feature/service-desk-be-backport' into 'master' Sean McGivern2017-04-071-0/+1
| |\ \ | | | | | | | | | | | | | | | | Backport permissions and multi-line array to CE See merge request !10507
| | * | Backport permissions and multi-line array to CEFelipe Artur2017-04-071-0/+1
| | |/
* | | Do not inherit build policy in pipeline policyGrzegorz Bizon2017-04-122-1/+8
| | |
* | | Move code for playing an action to separate serviceGrzegorz Bizon2017-04-121-1/+1
| | |
* | | Implement new rule for manual actions in policiesGrzegorz Bizon2017-04-121-0/+14
|/ /
* | ProjectsFinder should handle more optionsJacopo2017-04-061-2/+2
|/ | | | | | | | | | | | | | | | | | | Extended ProjectFinder in order to handle the following options: - current_user - which user use - project_ids_relation: int[] - project ids to use - params: - trending: boolean - non_public: boolean - starred: boolean - sort: string - visibility_level: int - tags: string[] - personal: boolean - search: string - non_archived: boolean GroupProjectsFinder now inherits from ProjectsFinder. Changed the code in order to use the new available options.
* use policies to protect sending emailhttp://jneen.net/2017-03-091-0/+1
|
* use the policy stack to protect loginshttp://jneen.net/2017-03-091-1/+1
|
* add User#internal? and some global permissionshttp://jneen.net/2017-03-091-0/+6
|
* use a magic default :global symbol instead of nilhttp://jneen.net/2017-03-091-2/+7
| | | | to make sure we mean the global permissions
* Improve pipeline triggers UIKamil Trzciński2017-03-071-0/+13
|
* Merge branch 'remove_group_policy_add_rules' into 'master' Douwe Maan2017-03-021-6/+0
|\ | | | | | | | | Remove now unnecessary `additional_rules!` method from GroupPolicy See merge request !9595
| * Remove now unnecessary `additional_rules!` method from GroupPolicyDrew Blessing2017-02-281-6/+0
| | | | | | | | | | | | | | | | | | The intention was for this to be used to override group policy in EE. This led to all sort of strange problems in practice - for example, https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1025 needed to override `owner` permissions, but `additional_rules!` passed `master` only. The better solution is to use an EE module to override the policy. Removing this now defunct method.
* | Don't allow deleting a ghost user.Timothy Andrew2017-02-241-0/+8
|/ | | | | | | | | | | | | | | - Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio.
* Enable Rails/DelegateDouwe Maan2017-02-231-3/+1
|
* Merge branch 'ee-1439-read-only-user' into 'master' Douwe Maan2017-02-072-20/+29
|\ | | | | | | | | Backport changes from gitlab-org/gitlab-ee!998 See merge request !8984
| * Backport changes from gitlab-org/gitlab-ee!998Timothy Andrew2017-02-062-20/+29
| | | | | | | | | | | | Some changes in EE for the auditor user feature need to be backported to CE to avoid merge conflicts. This commit encapsulates all these backports.
* | Fix pages abilitiesKamil Trzcinski2017-01-311-0/+2
| |
* | Initial work on GitLab Pages updateKamil Trzcinski2017-01-311-0/+1
| |
* | Add GitLab PagesKamil Trzcinski2017-01-311-0/+1
|/ | | | | | | | | | | | | | | | - The pages are created when build artifacts for `pages` job are uploaded - Pages serve the content under: http://group.pages.domain.com/project - Pages can be used to serve the group page, special project named as host: group.pages.domain.com - User can provide own 403 and 404 error pages by creating 403.html and 404.html in group page project - Pages can be explicitly removed from the project by clicking Remove Pages in Project Settings - The size of pages is limited by Application Setting: max pages size, which limits the maximum size of unpacked archive (default: 100MB) - The public/ is extracted from artifacts and content is served as static pages - Pages asynchronous worker use `dd` to limit the unpacked tar size - Pages needs to be explicitly enabled and domain needs to be specified in gitlab.yml - Pages are part of backups - Pages notify the deployment status using Commit Status API - Pages use a new sidekiq queue: pages - Pages use a separate nginx config which needs to be explicitly added
* Fix build access policies when pipelines are publicGrzegorz Bizon2017-01-231-2/+0
|
* More improvements to presenters23563-document-presentersRémy Coutable2017-01-181-1/+1
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Handle presenters in BasePolicyRémy Coutable2017-01-181-0/+4
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Merge branch 'issue_25682' into 'master' Sean McGivern2016-12-291-3/+10
|\ | | | | | | | | | | | | Parse JIRA issue references even if Issue Tracker is disabled Closes #25682 See merge request !8238
| * Parse JIRA issue references even if Issue Tracker is disabledFelipe Artur2016-12-291-3/+10
| |
* | Include group parents into read access for project and groupDmitriy Zaporozhets2016-12-262-2/+2
|/ | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
View Lorry Controller Status