summaryrefslogtreecommitdiff
path: root/app/services/auth
Commit message (Collapse)AuthorAgeFilesLines
* use Gitlab::UserSettings directly as a singleton instead of ↵Mario de la Ossa2018-02-021-3/+1
| | | | including/extending it
* refactor access handlingVratislav Kalenda2017-10-101-5/+12
|
* remove whitespaceVratislav Kalenda2017-10-081-1/+0
|
* Issue JWT token with registry:catalog:* scope when requested by GitLab adminVratislav Kalenda2017-10-081-0/+5
|
* `current_application_settings` belongs on `Gitlab::CurrentSettings`Sean McGivern2017-08-311-1/+1
| | | | | | | | | | | | | | | | The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form.
* Rename user_can_admin? because it's more accurateadd-star-for-action-scopeLin Jen-Shin2017-08-071-2/+2
| | | | | Also fix the test because we no longer have :empty_project, just use :project is the same as before
* fix typo and checkJean Praloran2017-05-301-1/+1
|
* add test and rebaseJean Praloran2017-05-301-1/+6
|
* change ability requirementJean Praloran2017-05-301-1/+1
|
* add star for action scope, in order to delete image from registryjean2017-05-301-0/+2
|
* Add test example for invalid registry access requestGrzegorz Bizon2017-03-311-2/+0
|
* Add specs for container repository factory methodGrzegorz Bizon2017-03-311-1/+1
|
* Do not allow registry requests for invalid repositoriesGrzegorz Bizon2017-03-301-0/+4
|
* Create container repository on successful push authGrzegorz Bizon2017-03-301-0/+16
| | | | | | | Because we do not have yet two way communication between container registry and GitLab, we need to eagerly create a new container repository objects in database. We now do that after user/build successfully authenticates a push action using auth service.
* Add comment to container registry auth serviceGrzegorz Bizon2017-03-291-5/+7
| | | | | Comment explains why we still have authentication without user object there. The legacy authentication mechanism should be removed in 10.0.
* Use container repository path inside auth serviceGrzegorz Bizon2017-03-291-4/+8
|
* Rename container image model to container repositoryGrzegorz Bizon2017-03-231-1/+1
|
* Fix communication between GitLab and Container RegistryGrzegorz Bizon2017-03-231-8/+9
|
* Refactor splitting container image full pathGrzegorz Bizon2017-03-221-6/+1
| | | | [ci skip]
* Makes ContainerImages RoutableAndre Guedes2017-03-211-1/+1
| | | | | Conflicts: db/schema.rb
* Merge branch 'master' into feature/multi-level-container-registry-imagesGrzegorz Bizon2017-03-211-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (1327 commits) Merge branch 'render-json-leak' into 'security' Merge branch 'ssrf' into 'security' Merge branch 'ssrf' into 'security' Merge branch 'fix-links-target-blank' into 'security' Merge branch '28058-hide-emails-in-atom-feeds' into 'security' Fix karma test Reset filters after click Handle Route#name being nil after an update Only add frontend code coverage instrumentation when generating coverage report fix recompile assets step in 9.0 upgrade guide to use yarn Undo explicit conversion to Integer Make level_value accept string integers Make feature spec more robust Removed d3.js from the main application.js bundle Extend compound status for manual actions specs Update css to be nice and tidy. Fix pipeline status for transition between stages add an index to the ghost column Return 404 in project issues API endpoint when project cannot be found Improve rename projects migration ... Conflicts: doc/ci/docker/using_docker_build.md spec/lib/gitlab/import_export/all_models.yml
| * Enable Style/MutableConstantDouwe Maan2017-02-231-1/+1
| |
* | Fixes broken and missing testsAndre Guedes2017-02-221-1/+2
| |
* | Multi-level container image names backend implementationAndre Guedes2017-02-221-2/+7
|/ | | | | | | - Adds Registry events API endpoint - Adds container_images_repository and container_images models - Changes JWT authentication to allow multi-level scopes - Adds services for container image maintenance
* replace `find_with_namespace` with `find_by_full_path`Adam Pahlevi2017-02-031-1/+1
| | | | add complete changelog for !8949
* Merge branch 'unauthenticated-container-registry-access' into 'security'Alejandro Rodriguez2016-11-091-6/+10
| | | | | | | | | | Restore unauthenticated access to public container registries Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24284 See merge request !2025 Signed-off-by: Rémy Coutable <remy@rymai.me>
* Merge branch 'fix-unathorized-cloning' into 'security'Douwe Maan2016-11-091-1/+1
| | | | | | | | | | Ensure external users are not able to clone disabled repositories. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788 See merge request !2017 Signed-off-by: Rémy Coutable <remy@rymai.me>
* Be nice to Docker Clients talking to JWT/authKamil Trzcinski2016-09-271-2/+9
|
* Improve JwtController implementationpost-merge-improve-of-ci-permissionsKamil Trzcinski2016-09-201-1/+1
|
* Improve code commentsKamil Trzcinski2016-09-161-2/+2
|
* Rename capabilities to authentication_abilitiesKamil Trzcinski2016-09-161-6/+6
|
* Fix existing authorization specsKamil Trzcinski2016-09-151-5/+3
|
* Use `build_read_container_image` and use `build_download_code`Kamil Trzcinski2016-09-151-18/+17
|
* Make result to return project and capabilities grantedKamil Trzcinski2016-09-131-14/+9
|
* Use a permissions of user to access all dependent projects from CI jobs ↵Kamil Trzcinski2016-09-131-3/+37
| | | | (this also includes a container images, and in future LFS files)
* Fix private method visibility in container registryGrzegorz Bizon2016-07-191-6/+6
|
* Services: code style fixes, minor refactoringservices_refactoring1Valery Sizov2016-07-061-0/+2
|
* Fix the use of CurrentSettings in ContainerRegistryAuthenticationServiceKamil Trzcinski2016-05-311-2/+7
|
* Add Application Setting to configure Container Registry token expire delay ↵Kamil Trzcinski2016-05-311-0/+3
| | | | (default 5min)
* Make authentication service for Container Registry to be compatible with < ↵make-container-registry-authentication-service-compatible-with-older-dockerKamil Trzcinski2016-05-301-3/+1
| | | | Docker 1.11
* Fix the CI login to Container Registry (the gitlab-ci-token user)Kamil Trzcinski2016-05-231-1/+1
|
* Fix container deletion permission issueKamil Trzcinski2016-05-201-1/+1
|
* Fix 401 messageKamil Trzcinski2016-05-161-1/+1
|
* Fix http status codes for container registry authentication serviceKamil Trzcinski2016-05-151-2/+2
|
* Merge branch 'docker-registry' into docker-registry-viewKamil Trzcinski2016-05-151-3/+3
|\
| * Improve authentication service specsKamil Trzcinski2016-05-151-3/+3
| |
* | Fix Container Service full access tokenKamil Trzcinski2016-05-151-1/+1
| |
* | Merge branch 'docker-registry' into docker-registry-viewKamil Trzcinski2016-05-141-16/+11
|\ \ | |/
| * Rename JWT to JSONWebTokenKamil Trzcinski2016-05-141-16/+11
| |
* | Merge branch 'docker-registry' into docker-registry-viewKamil Trzcinski2016-05-141-0/+2
|\ \ | |/
View Lorry Controller Status