delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add latest changes from gitlab-org/gitlab@15-3-stable-eev15.3.0-rc42	GitLab Bot	2022-08-18	1	-1/+3
\|
*	Add latest changes from gitlab-org/gitlab@13-11-stable-eev13.11.0-rc43	GitLab Bot	2021-04-20	1	-2/+2
\|
*	Add latest changes from gitlab-org/gitlab@13-8-stable-eev13.8.0-rc42	Robert Speicher	2021-01-20	1	-4/+9
\|
*	Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42	GitLab Bot	2020-10-21	1	-0/+39
\|
*	Add latest changes from gitlab-org/security/gitlab@13-4-stable-ee	GitLab Bot	2020-09-30	1	-2/+4
\|
*	Add latest changes from gitlab-org/security/gitlab@13-3-stable-ee	GitLab Bot	2020-09-01	1	-1/+20
\|
*	Add latest changes from gitlab-org/gitlab@13-3-stable-ee	GitLab Bot	2020-08-20	1	-4/+7
\|
*	Add latest changes from gitlab-org/gitlab@13-2-stable-ee	GitLab Bot	2020-07-20	1	-3/+9
\|
*	Add latest changes from gitlab-org/gitlab@13-0-stable-ee	GitLab Bot	2020-05-20	1	-2/+7
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2020-04-01	1	-0/+4
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2020-03-02	1	-19/+9
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-12-11	1	-2/+4
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-12-10	1	-1/+3
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-26	1	-0/+24
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-13	1	-0/+1
\|
*	Add config to disable impersonation	Imre Farkas	2018-11-29	1	-0/+6
\| \| \| \| \| \| \| \|	Adds gitlab.impersonation_enabled config option defaulting to true to keep the current default behaviour. Only the act of impersonation is modified, impersonation token management is not affected.
*	Enable frozen string in lib/api and lib/backup	gfyoung	2018-09-29	1	-0/+2
\| \| \| \| \| \| \| \| \| \|	Partially addresses #47424. Had to make changes to spec files because stubbing methods on frozen objects is a mess in RSpec and leads to failures: https://github.com/rspec/rspec-mocks/issues/1190
*	Updates code using class_methods over module ClassMethods	Jacopo	2018-08-29	1	-1/+1
\|
*	Block access to API & git when terms are enforced	Bob Van Landuyt	2018-05-10	1	-1/+11
\| \| \| \| \| \|	When terms are enforced, but the user has not accepted the terms access to the API & git is rejected with a message directing the user to the web app to accept the terms.
*	Make find_user_from_sources extensible for EE	Lin Jen-Shin	2018-02-05	1	-1/+5
\|
*	Changes after rebase	Francisco Lopez	2017-11-17	1	-20/+1
\|
*	Moved Exceptions to Gitlab::Auth	Francisco Lopez	2017-11-17	1	-10/+10
\|
*	Moving exceptions to UserAuthFinders	Francisco Lopez	2017-11-17	1	-25/+10
\|
*	Added some more comments	Francisco Lopez	2017-11-17	1	-7/+8
\|
*	Homogenising the type of the request handled by UserAuthFinder. Also tests fixed	Francisco Lopez	2017-11-17	1	-3/+0
\|
*	Applied some code review comments	Francisco Lopez	2017-11-17	1	-5/+0
\|
*	Removing private token	Francisco Lopez	2017-11-17	1	-6/+1
\|
*	Some fixes after rebase	Francisco Lopez	2017-11-17	1	-24/+7
\|
*	Updated refactor and pushing to see if test fails	Francisco Lopez	2017-11-17	1	-2/+0
\|
*	First refactor	Francisco Lopez	2017-11-17	1	-39/+19
\|
*	Add Gitlab::Utils::StrongMemoize	Lin Jen-Shin (godfat)	2017-11-13	1	-3/+5
\|
*	Add sudo API scope	Douwe Maan	2017-11-02	1	-66/+38
\|
*	Remove authentication using user.private_token	Douwe Maan	2017-11-02	1	-16/+6
\|
*	Move all API authentication code to APIGuard	Douwe Maan	2017-10-12	1	-41/+92
\|
*	Make sure API responds with 401 when invalid authentication info is provideddm-api-unauthorized	Douwe Maan	2017-09-28	1	-6/+18
\|
*	Whitelist or fix additional `Gitlab/PublicSend` cop violationsrs-more-public-send-whitelists	Robert Speicher	2017-08-14	1	-1/+1
\| \| \| \| \|	An upcoming update to rubocop-gitlab-security added additional violations.
*	Extract a `Gitlab::Scope` class.	Timothy Andrew	2017-06-29	1	-1/+1
\| \| \| \| \|	- To represent an authorization scope, such as `api` or `read_user` - This is a better abstraction than the hash we were previously using.
*	Implement review comments from @DouweM for !12300.	Timothy Andrew	2017-06-28	1	-1/+1
\| \| \| \| \| \| \|	- Use a struct for scopes, so we can call `scope.if` instead of `scope[:if]` - Refactor the "remove scopes whose :if condition returns false" logic to use a `select` rather than a `reject`.
*	Implement review comments from @dbalexandre for !12300.	Timothy Andrew	2017-06-28	1	-7/+5
\|
*	Fix remaining spec failures for !12300.	Timothy Andrew	2017-06-28	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	1. Get the spec for `lib/gitlab/auth.rb` passing. - Make the `request` argument to `AccessTokenValidationService` optional - `auth.rb` doesn't need to pass in a request. - Pass in scopes in the format `[{ name: 'api' }]` rather than `['api']`, which is what `AccessTokenValidationService` now expects. 2. Get the spec for `API::V3::Users` passing 2. Get the spec for `AccessTokenValidationService` passing
*	When verifying scopes, manually include scopes from `API::API`.	Timothy Andrew	2017-06-28	1	-6/+4
\| \| \| \| \| \| \| \|	- They are not included automatically since `API::Users` does not inherit from `API::API`, as I initially assumed. - Scopes declared in `API::API` are considered global (to the API), and need to be included in all cases.
*	Allow API scope declarations to be applied conditionally.	Timothy Andrew	2017-06-28	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	- Scope declarations of the form: allow_access_with_scope :read_user, if: -> (request) { request.get? } will only apply for `GET` requests - Add a negative test to a `POST` endpoint in the `users` API to test this. Also test for this case in the `AccessTokenValidationService` unit tests.
*	Initial attempt at refactoring API scope declarations.	Timothy Andrew	2017-06-28	1	-12/+21
\| \| \| \| \| \| \| \| \| \|	- Declaring an endpoint's scopes in a `before` block has proved to be unreliable. For example, if we're accessing the `API::Users` endpoint - code in a `before` block in `API::API` wouldn't be able to see the scopes set in `API::Users` since the `API::API` `before` block runs first. - This commit moves these declarations to the class level, since they don't need to change once set.
*	Enable Style/Proc cop for rubocop	mhasbini	2017-04-02	1	-1/+1
\|
*	Enable and autocorrect the CustomErrorClass cop	Sean McGivern	2017-03-01	1	-7/+4
\|
*	Fix code for cops	Douwe Maan	2017-02-23	1	-1/+1
\|
*	Enable Style/SpaceInsideBrackets	Douwe Maan	2017-02-23	1	-1/+1
\|
*	Enable Style/MutableConstant	Douwe Maan	2017-02-23	1	-1/+1
\|
*	Convert AccessTokenValidationService into a class.	Timothy Andrew	2016-12-16	1	-2/+2
\| \| \| \| \| \| \| \| \| \|	- Previously, AccessTokenValidationService was a module, and all its public methods accepted a token. It makes sense to convert it to a class which accepts a token during initialization. - Also rename the `sufficient_scope?` method to `include_any_scope?` - Based on feedback from @rymai
*	Implement minor changes from @dbalexandre's review.	Timothy Andrew	2016-12-16	1	-11/+15
\| \| \| \| \| \| \| \| \| \| \|	- Mainly whitespace changes. - Require the migration adding the `scope` column to the `personal_access_tokens` table to have downtime, since API calls will fail if the new code is in place, but the migration hasn't run. - Minor refactoring - load `@scopes` in a `before_action`, since we're doing it in three different places.