| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/ / / / / / / / |
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fix some N+1 queries in the GET /projects API
Closes #33748
See merge request !12679
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Backports for ee-2112
Closes #34716
See merge request !12671
|
| | |/ / / / / /
| | | | | | |
| | | | | | |
| | | | | | | |
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2112
|
| |\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Add user projects API
Closes #33657
See merge request !12596
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Introduce cache policies for CI jobs
Closes #33772
See merge request !12483
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| |_|/ / / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Resolve "Project option to allow customizing CI/CD config path"
Closes #32815 and #33130
See merge request !12509
|
| | |\ \ \ \ \ \ \
| | |/ / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
32815--Add-Custom-CI-Config-Path
* upstream/master: (149 commits)
Revert change to design. Go back to scrollable page
Fixes the column widths for the new navigation options in settings
Migrate #submodule_url_for to Gitaly
Add test example for external commit status retries
Fix invalid Rails.logger call in lib/gitlab/health_checks/fs_shards_check.rb
Fix build for !12300.
Log rescued exceptions to Sentry
Fix issues with non-UTF8 filenames by always fixing the encoding of tree and blob paths
Revert "Merge branch 'revert-12499' into 'master'"
Prevent accidental deletion of protected MR source branch by repeating checks before actual deletion
Improve the overall UX for the new monitoring dashboard
Document that GitLab 9.3 requires the TRIGGER permission on MySQL
Instrument Unicorn with Ruby exporter
Remove group modal like remove project modal. Closes #33130
Update prometheus client gem
Enables the option in user preferences to turn on the new navigation
Add Jasmine tests for `OAuthRememberMe`
Simplify authentication logic in the v4 users API for !12445.
Use stub_application_setting when testing ApplicationHelper#support_url
wait_for_requests is not needed when AJAX is not in play
...
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | |/ / / / /
| | |/| | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
32815--Add-Custom-CI-Config-Path
* upstream/master: (123 commits)
Backport changes to Projects::IssuesController and the search bar
bugfix: use `require_dependency` to bring in DeclarativePolicy
Resolve "Select branch dropdown is too close to branch name"
Clean up issuable lists
Defer project destroys within a namespace in Groups::DestroyService#async_execute
Fixed new navgiation bar logo height in Safari
Resolve "Issue dropdown persists when adding issue number to issue description"
Move verification to block level instead of paragraph
Revert "Merge branch 'dm-drop-default-scope-on-sortable-finders' into 'master'"
Added code for defining SHA attributes
Minor edits
Job details won't scroll horizontally to show long lines
Run mysql tests on stable preperation branches like 9-3-stable-patch-2
Bring back branches badge to main project page
optimize translation content based on comments
supplement traditional chinese in taiwan translation
Inserts exact matches of username, email and name to the top of the user search list
Remove Namespace model default scope override and write additional test to Project search
optimize translation content based on comments
Limit OpenGraph image size to 64x64
...
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
15041-Add-Custom-CI-Config-Path
* upstream/master: (12506 commits)
Update CHANGELOG.md for 9.3.2
Update architecture.md
Fix changelog entry file extension
Fix head pipeline stored in merge request for external pipelines
updated gitlab-ci.yml to compile locale
Ignore JSON files generated from PO files
Update mmap2 gem tha disables mmap_obj.gsub! as current implementation uses method that is no longer part of Ruby API
Disable rainbow during SimpleExecutor specs to have consistence
Slightly refactor pipeline schedules form in preparation for additions
Resolve "Submitting reply to existing diff discussion using Cmd/Ctrl+Enter submits twice and refreshes page"
Make the SimpleExecutor rescue exceptions in the executing Checks
Resolve "Unable to access edit comment from dropdown menu in certain screen sizes"
Update changelog item
revert removal of requestAnimationFrame and move to a separate MR/discussion
rename getEmojiCategoryMap and remove unnecessary parameter
Action Buttons on Prio Labels working again by setting pointer events to none on…
Remove 'contains' option from Commit.find_all
Remove Gitlab::Git::Repository#find_all
Use latest chrome and chrome driver in GitLab QA
Polish sidebar toggle
...
|
| | | | | | | | | | |
|
| | |_|_|/ / / / /
|/| | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | |_|_|_|_|_|/
| |/| | | | | |
| | | | | | | | |
# Conflicts:
# lib/api/users.rb
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Allow unauthenticated access to the `/api/v4/users` API
Closes #34141
See merge request !12445
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
- Rather than using an explicit check to turn off authentication for the
`/users` endpoint, simply call `authenticate_non_get!`.
- All `GET` endpoints we wish to restrict already call
`authenticated_as_admin!`, and so remain inacessible to anonymous users.
- This _does_ open up the `/users/:id` endpoint to anonymous access. It contains
the same access check that `/users` users, and so is safe for use here.
- More context: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12445#note_34031323
|
| | | |\ \ \ \ \ \ \
| | | | |_|/ / / /
| | | |/| | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
34141-allow-unauthenticated-access-to-the-users-api
- Modify policy code to work with the `DeclarativePolicy` refactor
in 37c401433b76170f0150d70865f1f4584db01fa8.
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can
fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC`
visibility level is not restricted.
- Further, as before, `/api/v4/users` is only accessible to unauthenticated users if
the `username` parameter is passed.
- Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual
route + method, rather than the description.
- Change the type of `current_user` check in `UsersFinder` to be more
compatible with EE.
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
- The issue filtering frontend code needs access to this API for non-logged-in
users + public projects. It uses the API to fetch information for a user by
username.
- We don't authenticate this API anymore, but instead - if the `current_user` is
not present:
- Verify that the `username` parameter has been passed. This disallows an
unauthenticated user from grabbing a list of all users on the instance. The
`UsersFinder` class performs an exact match on the `username`, so we are
guaranteed to get 0 or 1 users.
- Verify that the resulting user (if any) is accessible to be viewed publicly
by calling `can?(current_user, :read_user, user)`
|
| | | |/ / / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Repository#commits
Repository#commits is expensive because it has to use Rugged to walk the Git
tree as opposed to doing a direct ref lookup.
Improves performance in #34533
|
| | | | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
into 'master'
Allow the feature flags to be enabled/disabled with more granularity
Closes #34078
See merge request !12357
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
exclusive
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This allows to enable/disable a feature flag for a given user, or a
given Flipper group (must be declared statically in the `flipper.rb`
initializer beforehand).
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |\ \ \ \ \ \ \ \
| | |_|_|_|_|_|_|/
| |/| | | | | | |
| | | | | | | | |
| | | | | | | | | |
Refactor/declarative policy
See merge request !10515
|
| | | |/ / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | | |
since we're loading all the members anyways
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
'master'
Add group members counting related data on namespaces API
See merge request !12497
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
group admins
|
| | | | |_|_|/ / /
| | |/| | | | | |
|
| | |/ / / / / / |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- To represent an authorization scope, such as `api` or `read_user`
- This is a better abstraction than the hash we were previously using.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- Use a struct for scopes, so we can call `scope.if` instead of `scope[:if]`
- Refactor the "remove scopes whose :if condition returns false" logic to use a
`select` rather than a `reject`.
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
1. Get the spec for `lib/gitlab/auth.rb` passing.
- Make the `request` argument to `AccessTokenValidationService` optional -
`auth.rb` doesn't need to pass in a request.
- Pass in scopes in the format `[{ name: 'api' }]` rather than `['api']`, which
is what `AccessTokenValidationService` now expects.
2. Get the spec for `API::V3::Users` passing
2. Get the spec for `AccessTokenValidationService` passing
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- They are not included automatically since `API::Users` does not inherit from
`API::API`, as I initially assumed.
- Scopes declared in `API::API` are considered global (to the API), and need to
be included in all cases.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- Scope declarations of the form:
allow_access_with_scope :read_user, if: -> (request) { request.get? }
will only apply for `GET` requests
- Add a negative test to a `POST` endpoint in the `users` API to test this. Also
test for this case in the `AccessTokenValidationService` unit tests.
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Declaring an endpoint's scopes in a `before` block has proved to be
unreliable. For example, if we're accessing the `API::Users` endpoint - code
in a `before` block in `API::API` wouldn't be able to see the scopes set in
`API::Users` since the `API::API` `before` block runs first.
- This commit moves these declarations to the class level, since they don't need
to change once set.
|
| |/ / / / / |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Always use declared_params(include_missing: false)
so that we don't give nils for optional arguments
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
