| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
Revert "Merge branch '18000-remember-me-for-oauth-login' into 'master'"
See merge request !12660
|
| | |
| |
| | |
This reverts merge request !11963
|
| |\ \
| |/
|/|
| |
| |
| |
| | |
fix sidebar padding for full-width items (Time Tracking help)
Closes #34578
See merge request !12650
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
32838 Add wells to admin dashboard overview to fix spacing problems
Closes #32838
See merge request !12467
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix API Scoping
Closes #33580 and #33022
See merge request !12300
|
| | |\ \ \
| | | | |
| | | | |
| | | | | |
# Conflicts:
# lib/api/users.rb
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- To represent an authorization scope, such as `api` or `read_user`
- This is a better abstraction than the hash we were previously using.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Use a struct for scopes, so we can call `scope.if` instead of `scope[:if]`
- Refactor the "remove scopes whose :if condition returns false" logic to use a
`select` rather than a `reject`.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
1. Get the spec for `lib/gitlab/auth.rb` passing.
- Make the `request` argument to `AccessTokenValidationService` optional -
`auth.rb` doesn't need to pass in a request.
- Pass in scopes in the format `[{ name: 'api' }]` rather than `['api']`, which
is what `AccessTokenValidationService` now expects.
2. Get the spec for `API::V3::Users` passing
2. Get the spec for `AccessTokenValidationService` passing
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Scope declarations of the form:
allow_access_with_scope :read_user, if: -> (request) { request.get? }
will only apply for `GET` requests
- Add a negative test to a `POST` endpoint in the `users` API to test this. Also
test for this case in the `AccessTokenValidationService` unit tests.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Declaring an endpoint's scopes in a `before` block has proved to be
unreliable. For example, if we're accessing the `API::Users` endpoint - code
in a `before` block in `API::API` wouldn't be able to see the scopes set in
`API::Users` since the `API::API` `before` block runs first.
- This commit moves these declarations to the class level, since they don't need
to change once set.
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Honor the "Remember me" parameter for OAuth-based login
Closes #18000
See merge request !11963
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Don't use `request.env['omniauth.params']` if it isn't present.
- Remove the `saml` section from the `gitlab.yml` test section. Some tests
depend on this section not being initially present, so it can be overridden
in the test. This MR doesn't add any tests for SAML, so we didn't really need
this in the first place anyway.
- Clean up the test -> omniauth section of `gitlab.yml`
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Disable an ESLint check rather than work around it (by
converting `OAuthRememberMe` from a regular class to a
static class.
- Scope `$` calls inside `OAuthRememberMe`
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Change double quotes to single quotes.
- Why is `OmniAuth.config.full_host` being reassigned in the integration test?
- Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
- Other minor changes
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- There was previously a test for `saml` login in `login_spec`, but this didn't
seem to be passing. A lot of things didn't seem right here, and I suspect that
this test hasn't been running. I'll investigate this further.
- It took almost a whole working day to figure out this line:
OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
As always, it's obvious in retrospect, but it took some digging to figure out
tests were failing and returning 404s during the callback phase.
- Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Pass a `remember_me` query parameter along with the initial OAuth request, and
pick this parameter up during the omniauth callback from
request.env['omniauth.params']`
- For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
`params`, which the 2FA process will pick up.
- For non-2FA-based login, simply call the `remember_me` devise method to set
the session cookie.
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Fixes the column widths for the new navigation option
See merge request !12644
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Log rescued exceptions to Sentry
See merge request !12638
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Support noticed that a number of exceptions, such as
"Encoding::CompatibilityError (incompatible character encodings: UTF-8 and
ASCII-8BIT)", failed to report to Sentry. The `rescue_from` in the
ApplicationController prevented these exceptions from being recorded.
This change ensures that these exceptions are properly captured.
|
| | |/ / / / / /
|/| | | | | | |
|
| |\ \ \ \ \ \ \
| |_|_|_|_|_|/
|/| | | | | |
| | | | | | |
| | | | | | | |
Improve the overall UX for the new monitoring dashboard
See merge request !12616
|
| | | |/ / / /
| |/| | | | |
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Prevent accidental deletion of protected MR source branch by repeating checks before actual deletion
Closes #34456
See merge request !12574
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
checks before actual deletion
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Revert "Merge branch 'revert-12499' into 'master'"
See merge request !12633
|
| | | | | | | | |
| | | | | | | |
| | | | | | | | |
This reverts merge request !12557
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
no trailing / leading hyphens in CI_COMMIT_REF_SLUG.
Closes #32035
See merge request !11218
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \
| |_|/ / / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Enables the option in user preferences to turn on the new navigation
See merge request !12630
|
| | | | | | | | | | |
|
| | |_|_|_|_|_|/ /
|/| | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Strings ready for translation; Pipeline charts
See merge request !12480
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Earlier, this was part of another MR, but that got split. Didn't pick
that commit, as there were many merge conflicts. Vim macros seemed faster.
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
CE counterpart of: Namespace license checks for multiple assignees
See merge request !11825
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Set the assignee to last user in the array if multiple assignees aren't
allowed.
Also, use `parse_params` where possible.
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
To make it simpler to assign users to an Issuable, make MergeRequest
support the attribute `assignee_ids`.
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
The /reassign quick command works even when no multiple assignees are allowed of
there isn't any assignee yet. So for consistency, it's also be backported to
CE. But it functions the same as the /assign quick action.
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Avoid conflicts when merge CE to EE by backporting code from EE.
Instead of checking in `SlashCommands::InterpretService` what the issuable the
type of the issuable is, ask the issuable if it is capable to do those thing and
implement it in the issuable itself. The issuable will check if it's possible
and if the licensed feature is available.
This should also make it easier to ever add multiple assignees to MergeRequests.
|
