summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Improve how we calculate detailed status group nameGrzegorz Bizon2016-12-161-1/+1
|
* Update status group name for success with warningsGrzegorz Bizon2016-12-161-1/+1
|
* Make CI/CD detailed status group concept explicitGrzegorz Bizon2016-12-163-8/+9
|
* Merge branch '20492-access-token-scopes' into 'master' Rémy Coutable2016-12-165-25/+72
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolve "Add a doorkeeper scope suitable for authentication" ## What does this MR do? - Add a single new scope (in addition to the `api` scope we've had) - `read_user` - Allow creating OAuth applications and Personal access tokens with a scope selected - Enforce scopes in the API ## What are the relevant issue numbers? - Closes #20492 - EE counterpart for this MR: gitlab-org/gitlab-ee!946 See merge request !5951
| * Rename the `token_has_scope?` method.Timothy Andrew2016-12-161-3/+3
| | | | | | | | | | `valid_api_token?` is a better name. Scopes are just (potentially) one facet of a "valid" token.
| * Convert AccessTokenValidationService into a class.Timothy Andrew2016-12-162-3/+3
| | | | | | | | | | | | | | | | | | | | - Previously, AccessTokenValidationService was a module, and all its public methods accepted a token. It makes sense to convert it to a class which accepts a token during initialization. - Also rename the `sufficient_scope?` method to `include_any_scope?` - Based on feedback from @rymai
| * Refactor access token validation in `Gitlab::Auth`Timothy Andrew2016-12-161-2/+10
| | | | | | | | | | | | - Based on @dbalexandre's review - Extract token validity conditions into two separate methods, for personal access tokens and OAuth tokens.
| * Implement minor changes from @dbalexandre's review.Timothy Andrew2016-12-162-12/+15
| | | | | | | | | | | | | | | | | | | | | | - Mainly whitespace changes. - Require the migration adding the `scope` column to the `personal_access_tokens` table to have downtime, since API calls will fail if the new code is in place, but the migration hasn't run. - Minor refactoring - load `@scopes` in a `before_action`, since we're doing it in three different places.
| * Validate access token scopes in `Gitlab::Auth`Timothy Andrew2016-12-161-3/+11
| | | | | | | | | | | | - This module is used for git-over-http, as well as JWT. - The only valid scope here is `api`, currently.
| * Calls to the API are checked for scope.Timothy Andrew2016-12-165-30/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Move the `Oauth2::AccessTokenValidationService` class to `AccessTokenValidationService`, since it is now being used for personal access token validation as well. - Each API endpoint declares the scopes it accepts (if any). Currently, the top level API module declares the `api` scope, and the `Users` API module declares the `read_user` scope (for GET requests). - Move the `find_user_by_private_token` from the API `Helpers` module to the `APIGuard` module, to avoid littering `Helpers` with more auth-related methods to support `find_user_by_private_token`
* | Merge branch 'issue_22269' into 'master' Kamil Trzciński2016-12-161-1/+9
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mattermost Notifications Service ## What does this MR do? closes #22269 ## Screenshots ![mattermost](/uploads/de71c121f544a91305b6dfa6dc4c5738/mattermost.png) ![slack](/uploads/081d75d49239319d94332abda214fb98/slack.png) ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !7764
| * Change SlackService to SlackNotificationsServiceissue_22269_fix_eeissue_22269Felipe Artur2016-12-151-1/+9
| |
* | Merge branch 'katex-math-fixup' into 'master' Sean McGivern2016-12-161-4/+0
|\ \ | | | | | | | | | | | | Don't open Asciidoc module twice See merge request !8119
| * | Don't open Asciidoc module twiceMunken2016-12-151-4/+0
| | |
* | | Merge branch ↵Kamil Trzciński2016-12-151-1/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '25144-gitlab-ce-mattermost-slash-command-for-issue-create-needs-better-documentation' into 'master' Resolve "gitlab-ce mattermost slash command for issue create needs better documentation" ## What does this MR do? Updates the documentation and the <kbd>help</kbd> command to be clearer, having the keys used to add a newline in chat clients (both Mattermost and Slack). ## Are there points in the code the reviewer needs to double check? * Are the available commands (via <kbd>help</kbd>) being formatted as `<code>` ? ## Why was this MR needed? `\n` represents a new line character and doesn't communicate how the user should input the command. Also, to be correct, the documentation should use `<kbd>` instead of `<code>` for user input ([see HTML5 specification](https://www.w3.org/TR/html5/text-level-semantics.html#the-kbd-element)) ## Screenshots (if relevant) | Mattermost | Docs | | --- | --- | | ![image](/uploads/539526a14bfd551b7e732dd96c5b7581/image.png) | ![image](/uploads/e3eb099f86c5a32ce3b8954e72c29848/image.png) | ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - Tests - [ ] All builds are passing ## What are the relevant issue numbers? Closes #25144 See merge request !7850
| * | | Rename `issue create` slash command to `issue new`25144-gitlab-ce-mattermost-slash-command-for-issue-create-needs-better-documentationPedro Moreira da Silva2016-12-151-1/+1
| | | |
| * | | Improve `issue create …` slash command with user input keys to create a ↵Pedro Moreira da Silva2016-12-151-1/+1
| | |/ | |/| | | | | | | newline in chat clients.
* | | Merge branch 'show-commit-status-from-latest-pipeline' into 'master' Grzegorz Bizon2016-12-151-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Show commit status from latest pipeline Show commit status from latest pipeline rather than compound status from all pipelines. Closes #20560 See merge request !7333
| * | | Also use latest_status, feedback:Lin Jen-Shin2016-12-151-2/+1
| | | | | | | | | | | | | | | | https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7333#note_20058857
| * | | Merge remote-tracking branch 'upstream/master' into ↵Lin Jen-Shin2016-12-1416-43/+284
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | show-commit-status-from-latest-pipeline * upstream/master: (39 commits) Improve build status specs contexts descriptions Add some missing tests for detailed status methods Remove trailing blank line from Allowable module Update manual build icon SVG Make it possible to mix `Gitlab::Routing` in Extract abilities checking module from ability model Extend tests for pipeline detailed status helpers Add tests for common build detailed status helpers Add missing tests for build `cancelable?` method Add tests for detailed build statuses factory Make it possible to retry build that was canceled Make build retryable only if complete and executed Improve readability in methods for detailed status Add tests for build cancelable/retryable statuses Extend specs for build play/stop detailed statuses Refine build stop/play extended status specs Use manual build icon in play/stop build statuses Adds manual action icon and case to show it Fix detailed status specs for pipeline stage model Fix detailed status badge for generic commit status ...
| * \ \ \ Merge remote-tracking branch 'upstream/master' into ↵Lin Jen-Shin2016-12-1479-1121/+2212
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | show-commit-status-from-latest-pipeline * upstream/master: (557 commits) Fix wrong error message expectation in API::Commits spec Move admin settings spinach feature to rspec Encode when migrating ProcessCommitWorker jobs Prevent overflow with vertical scroll when we have space to show content Make rubocop happy API: Ability to cherry-pick a commit Be smarter when finding a sudoed user in API::Helpers Backport hooks on group policies for the EE-specific implementation API: Ability to get group's project in simple representation Add AddLowerPathIndexToRoutes to setup_postgresql.rake For single line git commit messages, the close quote should be on the same line as the open quote added border-radius and padding to labels Allow all alphanumeric characters in file names (!8002) Add failing test for #20190 Don't allow blank MR titles in API Replace static fixture for awards_handler_spec (!7661) Crontab typo '* */6' -> '0 */6' (4x/day not 1x-per-min-for-1h 4x/day) Fix test Tweak style and add back wording Clean up commit copy to clipboard and make consistent ...
| * | | | | Use Ci::Pipeline#latest for finding pipelinesLin Jen-Shin2016-11-241-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Feedback: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7333#note_18861407
* | | | | | Merge branch '22864-add-clean-environment-name' into 'master' Kamil Trzciński2016-12-154-1/+27
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a slug to environments ## What does this MR do? Adds a `slug` field to the `environments` table, populating existing rows and ensuring that new rows will get an entry. Cleaning examples: * `review/foo` => `review-foo-5gghdf` * `review-foo` => `review-foo` * `1-foo` => `env-1-foo-e2hx12` * `production` => `production` * `Production` => `production-f8ddlz` ## Are there points in the code the reviewer needs to double check? This migration requires downtime. I don't see a way to avoid it. ## Why was this MR needed? External services often have more restrictive rules on naming than those enforced for `environments.name`. In particular, forward slashes and names longer than 24 characters causes problems on OpenShift. `slug` is designed to be an acceptable alternative to `name` in these situations. Since forward slashes are a documented part of environment names, to set environment types, we need an envionmnent slug, not just a slug for the branch name. ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [X] API support added - Tests - [X] Added for this feature/bug - [x] All builds are passing - [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if it does - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Part of #22864 See merge request !7983
| * | | | | | Add an environment slugNick Thomas2016-12-154-1/+27
| | |_|_|/ / | |/| | | |
* | | | | | Merge branch 'jej-note-search-uses-finder' into 'security' Douwe Maan2016-12-152-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix missing Note access checks in by moving Note#search to updated NoteFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR? :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested ### Note lookup without access check - [x] :white_check_mark: app/finders/notes_finder.rb:13 :download_code check - [x] :white_check_mark: app/finders/notes_finder.rb:19 `SnippetsFinder` - [x] :white_check_mark: app/models/note.rb:121 [`Issue#visible_to_user`] - [x] :white_check_mark: lib/gitlab/project_search_results.rb:113 - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`. - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked. ### Previous discussions - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223 ### Acceptance criteria met? - [x] Tests added for new code - [x] TODO comments removed - [x] Squashed and removed skipped tests - [x] Changelog entry - [ ] State Gitlab versions affected and issue severity in description - [ ] Create technical debt issue for NotesFinder. - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two. - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)` - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes` See merge request !2035
* | | | | | Merge branch 'katex-math' into 'master' Sean McGivern2016-12-155-1/+105
|\ \ \ \ \ \ | |/ / / / / |/| | | | / | | |_|_|/ | |/| | | | | | | | | | | | | Render math in Asciidoc and Markdown with KaTeX using code blocks Closes #13690 and #13180 See merge request !8003
| * | | | Render math in Asciidoc and Markdown with KaTeX using code blocksMunken2016-12-147-35/+87
| | | | |
| * | | | Better location for math lexerMunken2016-12-082-22/+21
| | | | |
| * | | | Removed alias and filenamesMunken2016-12-081-2/+0
| | | | |
| * | | | Hacked in Math LexerMunken2016-12-081-0/+27
| | | | |
| * | | | Math works for inline syntaxMunken2016-12-081-2/+0
| | | | |
| * | | | Working inline math filterMunken2016-12-082-0/+30
| | | | |
* | | | | Add Gitlab::Middleware::MultipartJacob Vosmaer2016-12-153-2/+122
| | | | |
* | | | | Introduce deployment services, starting with a KubernetesServiceNick Thomas2016-12-142-0/+36
| |_|_|/ |/| | |
* | | | Merge branch 'build-statuses' into 'master' Rémy Coutable2016-12-1416-43/+284
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Detailed build statuses ## What does this MR do? Implements detailed statuses for `Ci::Builds` and `CommitStatus`. It also adds a new icon for manual build. ## Screenshots ![manual_builds_icon](/uploads/22b5c594350856c85398ef705a635f8b/manual_builds_icon.png) ## What are the relevant issue numbers? See #24273, closes #22642 See merge request !7989
| * | | Remove trailing blank line from Allowable moduleGrzegorz Bizon2016-12-141-1/+0
| | | |
| * | | Make it possible to mix `Gitlab::Routing` inGrzegorz Bizon2016-12-132-1/+7
| | | |
| * | | Extract abilities checking module from ability modelGrzegorz Bizon2016-12-132-1/+9
| | | |
| * | | Refine build stop/play extended status specsGrzegorz Bizon2016-12-131-4/+4
| | | |
| * | | Use manual build icon in play/stop build statusesGrzegorz Bizon2016-12-132-4/+12
| | | |
| * | | Add specs for build stop extended detailed statusGrzegorz Bizon2016-12-121-4/+0
| | | |
| * | | Fix build stop extended status CSS classGrzegorz Bizon2016-12-121-4/+0
| | | |
| * | | Fix path to build status details in common helpersGrzegorz Bizon2016-12-121-1/+1
| | | |
| * | | Add action_class/action_titleKamil Trzcinski2016-12-125-3/+30
| | | |
| * | | Fix auto loading of constants for Ci StatusesKamil Trzcinski2016-12-124-5/+5
| | | |
| * | | Fix some detailed statuses specs related to abilitiesGrzegorz Bizon2016-12-122-1/+2
| | | |
| * | | Incorporate permission checks into new CI statusesGrzegorz Bizon2016-12-1211-49/+60
| | | | | | | | | | | | | | | | [ci skip]
| * | | Refactor ci status factories to DRY code a littleGrzegorz Bizon2016-12-125-29/+28
| | | |
| * | | Check permission of detailsKamil Trzcinski2016-12-124-7/+7
| | | |
| * | | Introduce `cancelable` and `returnable` [ci skip]Kamil Trzcinski2016-12-125-35/+64
| | | |
View Lorry Controller Status