summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* API: Ability to remove source branchapi-remove-source-branchRobert Schilling2016-12-041-2/+6
|
* Merge branch 'api-expose-commiter-details' into 'master' Rémy Coutable2016-12-041-0/+1
|\ | | | | | | | | | | | | API: Expose committer details for a commit Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22312 See merge request !7849
| * API: Expose committer details for a commitapi-expose-commiter-detailsRobert Schilling2016-12-011-0/+1
| |
* | Fixes ActionView::Template::Error: undefined method `text?` for nil:NilClass25251-actionview-template-error-undefined-method-text-for-nil-nilclassValery Sizov2016-12-021-1/+1
| |
* | Merge branch 'remove-gitlab-workhorse-version-option-from-install-task' into ↵Robert Speicher2016-12-021-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | 'master' Don't allow to specify a repo or version when installing Workhorse I've also updated the "patch version upgrade" doc since I did forget to update it in !6574. See merge request !7879
| * | Don't allow to specify a repo or version when installing Workhorseremove-gitlab-workhorse-version-option-from-install-taskRémy Coutable2016-12-011-2/+2
| |/ | | | | | | | | | | The task will use the canonical repo and the required version. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Merge branch '4269-public-api' into 'master' Douwe Maan2016-12-022-10/+23
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow public access to some Project API endpoints ## What does this MR do? This opens up a few endpoints in the Project API: - `GET /projects/visible` (returns public projects only) - `GET /projects/search/:query` (returns results only for public projects) - `GET /projects/:id` (only if the project is public) - `GET /projects/:id/events` (only if the project is public) - `GET /projects/:id/users` (only if the project is public) ## Are there points in the code the reviewer needs to double check? I've chosen to explicitly add `authenticate!` to GET methods that still need a current user. ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [ ] All builds are passing Part of #4269 See merge request !7843
| * | Allow public access to some Project API endpoints4269-public-apiRémy Coutable2016-12-012-10/+23
| |/ | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Merge branch '22781-user-generated-permalinks' into 'master' Fatih Acet2016-12-011-3/+5
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolve "User-generated permalink IDs collide with GitLab interface" ## What does this MR do? Prevents ID values automatically generated by headers in [GitLab Flavored Markdown](https://github.com/gitlabhq/gitlabhq/blob/master/doc/user/markdown.md#header-ids-and-links) from colliding with IDs used elsewhere in the GitLab interface. This can cause confusion when, for instance, a selector looks for a merge request tab with `id="pipelines"` and there is a header with the same ID earlier in the DOM. How this works: * All header IDs generated with GitLab Flavored Markdown are namespaced with `id="user-content_foo"` * All anchor links which point to these IDs continue to use the non-namespaced hash `<a href="#foo">...</a>` * When a page is loaded or when the `hashchange` event is triggered, javascript will automatically search for `#user-content_foo` if `#foo` cannot be found, and scroll to that position instead. ## Before ![2016-11-21-13.00.28](/uploads/e3be2cd6a9142dfd6e64db5462a6aa76/2016-11-21-13.00.28.gif) ## After: ![2016-11-21-13.12.45](/uploads/f7ae3f3a30c91325eaa3665591b6a850/2016-11-21-13.12.45.gif) ![2016-11-21-13.03.00](/uploads/3a6a782c081ecaa05b8781548d794909/2016-11-21-13.03.00.gif) ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #22781 See also prior attempts to address this issue: #3908, !2023, !2024 See merge request !7631
| * | remove underscore from user-content id namespace22781-user-generated-permalinksMike Greiling2016-11-301-1/+1
| | |
| * | add transparent namespace to all user-generated anchors in GitLab flavored ↵Mike Greiling2016-11-301-3/+5
| | | | | | | | | | | | markdown
* | | Merge branch 'fix/github-importer' into 'master' Sean McGivern2016-12-011-1/+1
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | Fix GitHub importer to import PR where source repo/fork was renamed/deleted Closes #24594 See merge request !7865
| * | Fix branch validation for GitHub PR where repo/fork was renamed/deletedDouglas Barbosa Alexandre2016-12-011-1/+1
| |/
* | Merge branch 'improve_oauth_user_error' into 'master' Rémy Coutable2016-12-011-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve the `Gitlab::OAuth::User` error message ## What does this MR do? Fixes a logging issue submitted by a customer at https://gitlab.zendesk.com/agent/tickets/50728. The error saving the user is logged to application.log. Previously, the entry had no context and was unusable - `Error saving user: [Email address already taken]`. Adding the auth hash UID and email makes the error more helpful. For such a small logging change, do we need a changelog entry? See merge request !7851
| * | Improve the `Gitlab::OAuth::User` error messageDrew Blessing2016-11-301-1/+1
| | | | | | | | | | | | | | | | | | | | | The error saving the user is logged to application.log. Previously, the entry had no context and was unusable - 'Error saving user: [Email address already taken]'. Adding the auth hash UID and email makes the error more helpful.
* | | Merge branch '23718/backup-rake-task-human-readable' into 'master' Douwe Maan2016-12-011-7/+11
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 23718/backup rake task human readable ## What does this MR do? Add the human readable format to the backup tar file. From `1477317140_gitlab_backup.tar` to `1477317140_2016_10_24_gitlab_backup.tar`. ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? #23718 issue ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? 23718 See merge request !7188
| * | | Add Human Readable Timestamp to backup tar fileDavid Gerő2016-11-301-7/+11
| | | |
* | | | Merge branch ↵Robert Speicher2016-12-015-176/+227
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '22719-provide-a-new-gitlab-workhorse-install-rake-task-similar-to-gitlab-shell-install' into 'master' New `gitlab:workhorse:install` rake task ## Why was this MR needed? Because with this we can remove the "Ensure the gitlab-workhorse version in Install gitlab-workhorse matches the required version." step from https://gitlab.com/gitlab-org/release-tools/blob/master/doc/release-candidates.md#creating-rc1! MR is ready: gitlab-org/release-tools!57 Closes #22719 See merge request !6574
| * | | Move task helpers to a module22719-provide-a-new-gitlab-workhorse-install-rake-task-similar-to-gitlab-shell-installRémy Coutable2016-11-304-192/+199
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | Add #run_command! to task helpers to raise a TaskFailedError if status is not 0Rémy Coutable2016-11-302-10/+28
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | New `gitlab:workhorse:install` rake taskRémy Coutable2016-11-303-37/+63
| |/ / | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Allow access to the wiki with git when repository feature disabledDouglas Barbosa Alexandre2016-11-302-1/+13
| | |
* | | Merge branch 'api-branch-status' into 'master' Rémy Coutable2016-11-301-1/+5
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | API: Expose branch status Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24938 See merge request !7796
| * | API: Expose branch statusapi-branch-statusRobert Schilling2016-11-301-1/+5
| | |
* | | Merge branch 'grapify-files-api' into 'master' Rémy Coutable2016-11-301-93/+60
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Grapify the files API Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/22928 See merge request !7806
| * | | Grapify the files APIgrapify-files-apiRobert Schilling2016-11-301-93/+60
| |/ /
* | | Merge branch 'grapify-projects-api' into 'master' Rémy Coutable2016-11-302-337/+267
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Grapify the projects API Related to #22928 See merge request !7456
| * | | Grapify the projects APIgrapify-projects-apiRobert Schilling2016-11-282-337/+267
| |/ /
* | | Rename `MergeRequest#pipeline` to `head_pipeline`fix/rename-merge-request-head-pipelineGrzegorz Bizon2016-11-291-1/+1
| |/ |/|
* | Merge branch '24880-configurable-plaintext-emails' into 'master' Sean McGivern2016-11-291-0/+13
|\ \ | | | | | | | | | | | | | | | | | | Add setting to enable/disable HTML emails Closes #24880 See merge request !7749
| * | Add new configuration setting to enable/disable HTML emails.24880-configurable-plaintext-emailsRuben Davila2016-11-281-0/+13
| | | | | | | | | | | | | | | | | | This new global setting will allow admins to specify if HTML emails should be sent or not, this is basically useful when system administrators want to save some disk space by avoiding emails in HTML format and using only the Plain Text version.
* | | Merge branch 'zj-issue-search-slash-command' into 'master' Kamil Trzciński2016-11-294-8/+20
|\ \ \ | | | | | | | | | | | | | | | | Add issue search slash command See merge request !7752
| * | | Add issue search slash commandzj-issue-search-slash-commandZ.J. van de Weg2016-11-254-8/+20
| | | | | | | | | | | | | | | | One of many requested in: gitlab-org/gitlab-ce#24768
* | | | Merge branch 'jej-use-issuable-finder-instead-of-access-check' into 'security' Douwe Maan2016-11-283-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace issue access checks with use of IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR? :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested ### Issue lookup with access check Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells). - [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`] - [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`] - [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`] - [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`] - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone - [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too? - [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`] ### Previous discussions - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126 - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87 See merge request !2031
* | | | Merge branch 'zj-fix-label-creation-non-members' into 'security'Douwe Maan2016-11-283-61/+37
| |_|/ |/| | | | | | | | | | | | | | | | | | | | Fix label creation non members Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416 See merge request !2006
* | | Merge branch 'refresh-authorizations-with-lease' into 'master' Douwe Maan2016-11-281-7/+0
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Refresh project authorizations using a Redis lease This MR changes `User#refresh_authorized_projects` so it uses a Redis lease instead of relying on serializable transactions. See the commit message(s) for more details. See merge request !7733
| * | | Refresh project authorizations using a Redis leaserefresh-authorizations-with-leaseYorick Peterse2016-11-251-7/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When I proposed using serializable transactions I was hoping we would be able to refresh data of individual users concurrently. Unfortunately upon closer inspection it was revealed this was not the case. This could result in a lot of queries failing due to serialization errors, overloading the database in the process (given enough workers trying to update the target table). To work around this we're now using a Redis lease that is cancelled upon completion. This ensures we can update the data of different users concurrently without overloading the database. The code will try to obtain the lease until it succeeds, waiting at least 1 second between retries. This is necessary as we may otherwise end up _not_ updating the data which is not an option.
* | | | Merge branch 'zj-expose-coverage-pipelines' into 'master' Rémy Coutable2016-11-251-0/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expose coverage on GET pipelines/:id Closes gitlab-org/gitlab-ce#24801 See merge request !7670
| * | | | Expose coverage on GET pipelines/:idzj-expose-coverage-pipelinesZ.J. van de Weg2016-11-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | The coverage wasn't exposed yet, now it is but only for detailed requests to save queries on the database.
* | | | | Merge branch 'timeout-merge-request-for-binary-file' into 'master' Yorick Peterse2016-11-251-3/+3
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Fix: Timeout creating and viewing merge request for binary file See merge request !7713
| * | | | | Fix: Timeout creating and viewing merge request for binary filetimeout-merge-request-for-binary-fileValery Sizov2016-11-251-3/+3
| | | | | |
* | | | | | Merge branch 'zj-slash-commands-improvements' into 'master' 24769-make-mattermost-command-easier-to-configureKamil Trzciński2016-11-251-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Slash commands improvements See merge request !7638
| * | | | | | Accept a valid ref for issue showZ.J. van de Weg2016-11-251-1/+1
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | For example, now we support `/gitlab issue show #1`. Where the # used to trip the regex.
* | | | | | Merge branch '22373-reduce-queries-in-api-helpers-find_project' into 'master' Yorick Peterse2016-11-257-12/+28
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | Resolve "Reduce queries in API::Helpers#find_project" See merge request !7714
| * | | | | API: Introduce `#find_group!` which also check access permission22373-reduce-queries-in-api-helpers-find_projectRémy Coutable2016-11-244-7/+15
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | | | API: Introduce `#find_project!` which also check access permissionRémy Coutable2016-11-242-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | | | API: Use `#find_project` in API::Triggers and API::ServicesRémy Coutable2016-11-242-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | | | Make API::Helpers find a project with only one queryRémy Coutable2016-11-241-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | | Merge branch 'api-no-convert' into 'master' Rémy Coutable2016-11-244-4/+4
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't convert data which already is the target type With Grape's DSL we already enforce data types. We don't need to explicitly convert to string if there is already one. See merge request !7740
| * | | | | Don't convert data which already is the target typeapi-no-convertRobert Schilling2016-11-244-4/+4
| |/ / / /
View Lorry Controller Status