summaryrefslogtreecommitdiff
path: root/spec/controllers
Commit message (Collapse)AuthorAgeFilesLines
...
| * Streamline controller specsPeter Leitzen2019-04-051-83/+74
| |
| * Add a Prometheus API per environmentrpereira22019-04-051-0/+147
| | | | | | | | | | | | The api will proxy requests to the environment's prometheus server. The Prometheus::ProxyService class can be reused when we add support for group prometheus servers.
* | Autocorrect with RSpec/ExampleWording copThong Kuah2019-04-0512-32/+32
| | | | | | | | | | | | | | - rewords examples starting with 'should' - rewords examples starting with 'it' Note: I had to manually fixup "onlies" to "only"
* | Fix and expand Gitaly FindCommit cachingsh-fix-ref-name-cachingStan Hu2019-04-042-0/+4
|/ | | | | | | | | | https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26248 added support for deduplicating FindCommit requests using Gitaly ref name caching. However, not all endpoints were covered, and in one case the Gitaly wrapper wasn't actually surrounding the serialization step. We can safely cache ref names between FindCommit calls for #index and #show endpoints for merge requests and pipelines. This can significantly reduce the number of FindCommit requests.
* Renamed terminal_specification to channel_specificationFrancisco Javier López2019-04-042-2/+2
| | | | | | We're moving from using terminology related to terminals when we refer to Websockets connections in Workhorse. It's more appropiate a concept like channel.
* Merge branch 'xanf/gitlab-ce-transfer-disables-js' into 'master'Sean McGivern2019-04-041-1/+1
|\ | | | | | | | | | | | | Resolve "Failing group transfer disables expandable sections" Closes #45511 See merge request gitlab-org/gitlab-ce!26837
| * Redirect to edit page on group transfer failurexanf/gitlab-ce-transfer-disables-jsIllya Klymov2019-04-031-1/+1
| |
* | Consider array params on rendering MR list on dashboardIgor2019-04-042-2/+35
| | | | | | | | | | This fixes the bug, when approver filter is provided, but dashboard asks to enter any filter
* | Fixed test specsOswaldo Ferreira2019-04-041-0/+10
| | | | | | | | | | - added suggestions to mock data - fixed props to be not required
* | Specify time window for additional metrics apisupport-time-windows-apisyasonik2019-04-031-2/+32
|/ | | | | | | | | Adds support for start and end parameters in the #additional_metrics endpoint of the EnvironmentsController. start and end are meant to be unix timestamps, per the Prometheus API (as the consumer of this endpoint will eventually be transitioned to a prometheus endpoint). This functionality is behind the :metrics_time_window feature flag for development.
* Merge branch 'sh-cache-pipeline-find-commits' into 'master'Kamil Trzciński2019-04-021-0/+2
|\ | | | | | | | | Cache FindCommit results in pipelines view See merge request gitlab-org/gitlab-ce!26776
| * Cache FindCommit results in pipelines viewsh-cache-pipeline-find-commitsStan Hu2019-04-021-0/+2
| | | | | | | | | | | | | | | | For each pipeline, the controller will call `Pipeline#latest?` to determine if the pipeline's ref is the latest for that branch. Since it's likely that the same branches are being used in each pipeline, we can reduce Gitaly overhead by caching the results of the FindCommit call.
* | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq into ↵jarv/dev-to-gitlab-2019-04-02John Jarvis2019-04-022-0/+18
|\ \ | |/ |/| | | jarv/dev-to-gitlab-2019-04-02
| * Merge branch 'security-id-potential-denial-languages' into 'master'GitLab Release Tools Bot2019-04-021-0/+1
| |\ | | | | | | | | | | | | Return cached languages if they've been detected before See merge request gitlab/gitlabhq!2998
| | * Return cached languages if they've been detected beforeIgor Drozdov2019-03-201-0/+1
| | |
| * | Merge branch 'security-mass-assignment-on-project-update' into 'master'GitLab Release Tools Bot2019-04-021-0/+17
| |\ \ | | | | | | | | | | | | | | | | Disallow changing namespace of a project in update method See merge request gitlab/gitlabhq!3028
| | * | Refactor specs according to the code reviewMałgorzata Ksionek2019-03-261-1/+1
| | | |
| | * | Add cr remarksMałgorzata Ksionek2019-03-251-1/+1
| | | |
| | * | Disallow changing namespace of a project in update methodMałgorzata Ksionek2019-03-201-0/+17
| | |/
* | | Allow ref name caching CommitService#find_commitStan Hu2019-03-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For a given merge request, it's quite common to see duplicate FindCommit Gitaly requests because the Gitaly CommitService caches the request by the commit SHA, not by the ref name. However, most of the duplicate requests use the ref name, so the cache is never actually used in practice. This leads to unnecessary requests that slow performance. This commit allows certain callers to bypass the ref name to OID conversion in the cache. We don't do this by default because it's possible the tip of the branch changes during the commit, which would cause the caller to get stale data. This commit also forces the Ci::Pipeline to use the full ref name so that caching can work for merge requests. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/57083
* | | Add API access check to GraphqlFelipe Artur2019-03-271-0/+45
|/ / | | | | | | Check if user can access API on GraphqlController
* | Merge remote-tracking branch 'dev/master'Alex Hanselka2019-03-201-0/+31
|\ \ | | | | | | | | | | | | | | | | | | * dev/master: Update CHANGELOG.md for 11.8.3 Update CHANGELOG.md for 11.7.7 Only return `commands_changes` used in frontend
| * \ Merge branch 'security-2826-fix-project-serialization-in-quick-actions' into ↵Alex Hanselka2019-03-201-0/+31
| |\ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | 'master' Fix project serialization in quick actions response Closes #2826 See merge request gitlab/gitlabhq!3001
| | * Only return `commands_changes` used in frontendHeinrich Lee Yu2019-03-181-0/+31
| | | | | | | | | | | | | | | When executing quick actions, this limits the `commands_changes` response to only those used by the frontend
* | | Merge branch 'create-identity-provider-policy' into 'master'Nick Thomas2019-03-201-0/+27
|\ \ \ | | | | | | | | | | | | | | | | Move out link\unlink ability checks to a policy See merge request gitlab-org/gitlab-ce!26278
| * | | Move out link\unlink ability checks to a policyPavel Shutsin2019-03-191-0/+27
| | | | | | | | | | | | | | | | We can extend the policy in EE for additional behavior
* | | | Reject HEAD requests to info/refs endpointStan Hu2019-03-191-0/+15
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | In production, we see high error rates due to clients attempting to use the dumb Git HTTP protocol with HEAD /foo/bar.git/info/refs endpoint. This isn't supported and causes Error 500s because Workhorse doesn't send along its secret because it's not proxying this request. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54579
* | | Introduce ApplicationSettingImplementation yayLin Jen-Shin2019-03-191-3/+3
| | | | | | | | | | | | | | | | | | | | | So the fake can enjoy it, too. We don't use `prepend` because that'll require we change `allow_any_instance_of` to `expect_next_instance_of`, but that's not very easy to do. We can do that later.
* | | Fix undefined variable error on json project viewsAlejandro Rodríguez2019-03-183-0/+66
|/ / | | | | | | | | | | This mistake seems to have always been there, but it only resulted in errors on the `/explore*.json` since they were the one that _actually_ relied on the local variables.
* | Merge branch 'refactor-boards-actions' into 'master'Douwe Maan2019-03-152-44/+0
|\ \ | |/ |/| | | | | Refactor groups and projects boards actions See merge request gitlab-org/gitlab-ce!25568
| * Remove redirecting to last visited boardHeinrich Lee Yu2019-03-132-40/+0
| | | | | | | | Move this to EE-only. It isn't useful here since there's only one board
| * Refactor groups and projects boards actionsHeinrich Lee Yu2019-03-132-6/+2
| | | | | | | | Move common functionality to BoardsActions concern
* | Security Dashboard as default view for groupsGilbert Roulot2019-03-141-6/+31
|/ | | | | | | Add a supporting code to separate groups#show and groups#details which is required for the proper implementation of the Group Overview content and Security Dashboard option for it
* Enable/disable Auto DevOps at Group levelMayra Cabrera2019-03-121-0/+73
| | | | | | | | | | | | - Includes instance methods on Group model to detect when a group has AutoDevOps explicitly/implicitly enabled/disabled. - Includes migration to add a new column to namespaces table - Add UI necessary modifications - Add service and controller to update auto devops related instances - Updates project and groups auto devops badges Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52447
* Filter merge requests by target branchHiroyuki Sato2019-03-091-0/+31
|
* Merge branch '56937-edit-knative-domain' into 'master'Grzegorz Bizon2019-03-072-38/+159
|\ | | | | | | | | | | | | Edit Knative domain after it has been deployed Closes #56937 See merge request gitlab-org/gitlab-ce!25386
| * Rename ClusterUpdateAppWorker to ClusterPatchAppWorkerJoão Cunha2019-03-052-4/+4
| | | | | | | | - This is to avoid colision with EE ClusterUpdateAppWorker
| * Creates Clusterss::ApplciationsController update endpointJoão Cunha2019-03-052-38/+159
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Creates new route - Creates new controller action - Creates call stack: Clusterss::ApplciationsController calls --> Clusters::Applications::UpdateService calls --> Clusters::Applications::ScheduleUpdateService calls --> ClusterUpdateAppWorker calls --> Clusters::Applications::PatchService --> ClusterWaitForAppInstallationWorker DRY req params Adds gcp_cluster:cluster_update_app queue Schedule_update_service is uneeded Extract common logic to a parent class (UpdateService will need it) Introduce new UpdateService Fix rescue class namespace Fix RuboCop offenses Adds BaseService for create and update services Remove request_handler code duplication Fixes update command Move update_command to ApplicationCore so all apps can use it Adds tests for Knative update_command Adds specs for PatchService Raise error if update receives an unistalled app Adds update_service spec Fix RuboCop offense Use subject in favor of go Adds update endpoint specs for project namespace Adds update endpoint specs for group namespace
* | Merge branch 'expand-diff-to-full-file' into 'master'Douwe Maan2019-03-071-39/+19
|\ \ | | | | | | | | | | | | | | | | | | Expand diff to entire file Closes #19054 See merge request gitlab-org/gitlab-ce!24406
| * | Move diff_line preparation into presenterMark Chao2019-03-071-51/+19
| | | | | | | | | | | | Update spec
| * | Fix spec description and outdated commentsMark Chao2019-03-061-2/+2
| | |
| * | Add full option for blob diff actionMark Chao2019-03-061-0/+12
| |/ | | | | | | Returns all diff lines for frontend if full is true. Turn UnfoldForm into presenter, and move controller logic to presenter.
* | Allow GraphQL requests without CSRF tokenBob Van Landuyt2019-03-061-112/+0
| | | | | | | | | | | | | | | | | | | | | | | | With this we allow authentication using a session or using personal access token. Authentication using a session, and CSRF token makes it easy to play with GraphQL from the Graphiql endpoint we expose. But we cannot enforce CSRF validity, otherwise authentication for regular API clients would fail when they use personal access tokens to authenticate.
* | Merge dev master into GitLab.com masterYorick Peterse2019-03-047-21/+117
|\ \ | |/ |/|
| * Merge branch 'security-2773-milestones-fix' into 'master'Yorick Peterse2019-03-041-1/+1
| |\ | | | | | | | | | | | | [master] Check issue milestone availability See merge request gitlab/gitlabhq!2788
| | * Check issue milestone availabilityJarka Košanová2019-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add project when creating milestone in specs We validate milestone is from the same project/parent group as issuable -> we need to set project in specs correctly Improve methods names and specs organization
| * | Merge branch ↵Yorick Peterse2019-03-042-0/+39
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | '2802-security-add-public-internal-groups-as-members-to-your-project-idor' into 'master' Add public/internal groups as members to your Project(IDOR) See merge request gitlab/gitlabhq!2898
| | * | Change policy regarding group visibilityMałgorzata Ksionek2019-02-202-0/+39
| | | |
| * | | Merge branch 'security-kubernetes-google-login-csrf' into 'master'Yorick Peterse2019-03-041-19/+41
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Validate session key when authorizing with GCP to create a cluster Closes #2805 See merge request gitlab/gitlabhq!2902
| | * | | Validate session key when authorizing with GCP to create a clusterTiger2019-02-191-19/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was previously possible to link a GCP account to another user's GitLab account by having them visit the callback URL, as there was no check that they were the initiator of the request. We now reject the callback unless the state parameter matches the one added to the initiating user's session.
View Lorry Controller Status