| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Set OmniAuth full_host parameter to ensure redirect URIs are correct
### What does this MR do?
This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host.
### Why was this MR needed?
[OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start.
### What are the relevant issue numbers?
Closes #1967
See merge request !991
|
| |
| |
| |
| | |
Closes #1967
|
|/
|
|
|
|
| |
after sign-in
Closes #1612
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for destroying project milestones
### What does this MR do?
This MR adds a "Remove" button to the project milestones page and the milestone page itself.
### Why was this MR needed?
Because lots of people talked about needing to clean their toilets. :)
### What are the relevant issue numbers?
Closes https://github.com/gitlabhq/gitlabhq/issues/1504
### Screenshots
![image](https://gitlab.com/gitlab-org/gitlab-ce/uploads/ef8c7a3ea1db7b37cccae3869ac4de0a/image.png)
![image](https://gitlab.com/gitlab-org/gitlab-ce/uploads/33eb01c7bc30fb235de96db5efb8746d/image.png)
See merge request !980
|
| |
| |
| |
| | |
Closes https://github.com/gitlabhq/gitlabhq/issues/1504
|
|/
|
|
| |
This should help prevent endless Redis growth.
|
| |
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|\
| |
| |
| |
| |
| |
| |
| | |
Audit log for user authentication
https://dev.gitlab.org/gitlab/gitlabhq/issues/2318
See merge request !931
|
| | |
|
|/
|
|
| |
Closes https://github.com/gitlabhq/gitlabhq/issues/9381
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |
|
| |
|
|
|
|
|
|
| |
This controller is now the target for `root_url`. It sub-classes
DashboardController so we can render the old default without a redirect
if the user hasn't customized their dashboard location.
|
| |
|
|
|
|
|
|
|
| |
Now we can simply loop through all themes, among other things.
This also removes the `dark_theme` / `light_theme` classes and the
`theme_type` helper, since they weren't used anywhere.
|
| |
|
| |
|
|
|
|
| |
Closes #1798
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add session expiration delay configuration through UI application
Setting is accessible by the administrator through the UI and defaults to 1 week (the current setting)
Answers the following suggestions:
* http://feedback.gitlab.com/forums/176466-general/suggestions/6210719-make-session-length-configurable
* http://feedback.gitlab.com/forums/176466-general/suggestions/6730512-automatic-logout-after-a-time-being-idle
See merge request !774
|
| |
| |
| |
| |
| | |
delay is in seconds
more legible code in session_store
Added `GitLab restart required` help block to session_expire_delay
|
| |
| |
| | |
settings
|
| |
| |
| |
| | |
omnibus-gitlab.
|
| | |
|
| | |
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Until now, a user needed to first sign in with his LDAP identity and then manually
link his/her account with an omniauth identity from their profile.
Only when this is done can the user authenticate with the omniauth provider and at
the same time benefit from the LDAP integration (HTTPS authentication with LDAP
username/password and in EE: LDAP groups, SSH keys etc.).
This feature automates the process by looking up a corresponding LDAP person when a
user connects with omniauth for the first time and then automatically linking the LDAP
and omniauth identities (of course, like the existing allow_single_sign_on setting,
this is meant to be used with trusted omniauth providers).
The result is identical to a manual account link.
Add config initializers for other omniauth settings.
|
|/ |
|
|
|
|
|
|
|
| |
showing the GitLab sign-in page
This is useful when integrating with existing SSO environments and we want to use a single Omniauth provider for
all user authentication.
|
|\
| |
| |
| |
| |
| |
| |
| | |
Add SAML support via Omniauth
Split of !669, with doc
See merge request !722
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add Teaspoon for Javascript testing
Looking to expand our Javascript unit tests, and this gem makes things a bit better in that respect.
See https://github.com/modeset/teaspoon
See merge request !715
|
| | | |
|
| |/ |
|
|/
|
|
| |
/:namespace_id/:project_id/merge_requests/:id/commits(.:format)
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| | |
Protect OmniAuth request phase against CSRF.
Addresses #2268.
See merge request !1793
|
| | |
|
| | |
|
| | |
|