summaryrefslogtreecommitdiff
path: root/spec/controllers
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'dev/master'Alex Hanselka2019-03-201-0/+31
|\ | | | | | | | | | | | | * dev/master: Update CHANGELOG.md for 11.8.3 Update CHANGELOG.md for 11.7.7 Only return `commands_changes` used in frontend
| * Merge branch 'security-2826-fix-project-serialization-in-quick-actions' into ↵Alex Hanselka2019-03-201-0/+31
| |\ | | | | | | | | | | | | | | | | | | | | | | | | 'master' Fix project serialization in quick actions response Closes #2826 See merge request gitlab/gitlabhq!3001
| | * Only return `commands_changes` used in frontendHeinrich Lee Yu2019-03-181-0/+31
| | | | | | | | | | | | | | | When executing quick actions, this limits the `commands_changes` response to only those used by the frontend
* | | Merge branch 'create-identity-provider-policy' into 'master'Nick Thomas2019-03-201-0/+27
|\ \ \ | | | | | | | | | | | | | | | | Move out link\unlink ability checks to a policy See merge request gitlab-org/gitlab-ce!26278
| * | | Move out link\unlink ability checks to a policyPavel Shutsin2019-03-191-0/+27
| | | | | | | | | | | | | | | | We can extend the policy in EE for additional behavior
* | | | Reject HEAD requests to info/refs endpointStan Hu2019-03-191-0/+15
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | In production, we see high error rates due to clients attempting to use the dumb Git HTTP protocol with HEAD /foo/bar.git/info/refs endpoint. This isn't supported and causes Error 500s because Workhorse doesn't send along its secret because it's not proxying this request. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54579
* | | Introduce ApplicationSettingImplementation yayLin Jen-Shin2019-03-191-3/+3
| | | | | | | | | | | | | | | | | | | | | So the fake can enjoy it, too. We don't use `prepend` because that'll require we change `allow_any_instance_of` to `expect_next_instance_of`, but that's not very easy to do. We can do that later.
* | | Fix undefined variable error on json project viewsAlejandro Rodríguez2019-03-183-0/+66
|/ / | | | | | | | | | | This mistake seems to have always been there, but it only resulted in errors on the `/explore*.json` since they were the one that _actually_ relied on the local variables.
* | Merge branch 'refactor-boards-actions' into 'master'Douwe Maan2019-03-152-44/+0
|\ \ | |/ |/| | | | | Refactor groups and projects boards actions See merge request gitlab-org/gitlab-ce!25568
| * Remove redirecting to last visited boardHeinrich Lee Yu2019-03-132-40/+0
| | | | | | | | Move this to EE-only. It isn't useful here since there's only one board
| * Refactor groups and projects boards actionsHeinrich Lee Yu2019-03-132-6/+2
| | | | | | | | Move common functionality to BoardsActions concern
* | Security Dashboard as default view for groupsGilbert Roulot2019-03-141-6/+31
|/ | | | | | | Add a supporting code to separate groups#show and groups#details which is required for the proper implementation of the Group Overview content and Security Dashboard option for it
* Enable/disable Auto DevOps at Group levelMayra Cabrera2019-03-121-0/+73
| | | | | | | | | | | | - Includes instance methods on Group model to detect when a group has AutoDevOps explicitly/implicitly enabled/disabled. - Includes migration to add a new column to namespaces table - Add UI necessary modifications - Add service and controller to update auto devops related instances - Updates project and groups auto devops badges Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52447
* Filter merge requests by target branchHiroyuki Sato2019-03-091-0/+31
|
* Merge branch '56937-edit-knative-domain' into 'master'Grzegorz Bizon2019-03-072-38/+159
|\ | | | | | | | | | | | | Edit Knative domain after it has been deployed Closes #56937 See merge request gitlab-org/gitlab-ce!25386
| * Rename ClusterUpdateAppWorker to ClusterPatchAppWorkerJoão Cunha2019-03-052-4/+4
| | | | | | | | - This is to avoid colision with EE ClusterUpdateAppWorker
| * Creates Clusterss::ApplciationsController update endpointJoão Cunha2019-03-052-38/+159
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Creates new route - Creates new controller action - Creates call stack: Clusterss::ApplciationsController calls --> Clusters::Applications::UpdateService calls --> Clusters::Applications::ScheduleUpdateService calls --> ClusterUpdateAppWorker calls --> Clusters::Applications::PatchService --> ClusterWaitForAppInstallationWorker DRY req params Adds gcp_cluster:cluster_update_app queue Schedule_update_service is uneeded Extract common logic to a parent class (UpdateService will need it) Introduce new UpdateService Fix rescue class namespace Fix RuboCop offenses Adds BaseService for create and update services Remove request_handler code duplication Fixes update command Move update_command to ApplicationCore so all apps can use it Adds tests for Knative update_command Adds specs for PatchService Raise error if update receives an unistalled app Adds update_service spec Fix RuboCop offense Use subject in favor of go Adds update endpoint specs for project namespace Adds update endpoint specs for group namespace
* | Merge branch 'expand-diff-to-full-file' into 'master'Douwe Maan2019-03-071-39/+19
|\ \ | | | | | | | | | | | | | | | | | | Expand diff to entire file Closes #19054 See merge request gitlab-org/gitlab-ce!24406
| * | Move diff_line preparation into presenterMark Chao2019-03-071-51/+19
| | | | | | | | | | | | Update spec
| * | Fix spec description and outdated commentsMark Chao2019-03-061-2/+2
| | |
| * | Add full option for blob diff actionMark Chao2019-03-061-0/+12
| |/ | | | | | | Returns all diff lines for frontend if full is true. Turn UnfoldForm into presenter, and move controller logic to presenter.
* | Allow GraphQL requests without CSRF tokenBob Van Landuyt2019-03-061-112/+0
| | | | | | | | | | | | | | | | | | | | | | | | With this we allow authentication using a session or using personal access token. Authentication using a session, and CSRF token makes it easy to play with GraphQL from the Graphiql endpoint we expose. But we cannot enforce CSRF validity, otherwise authentication for regular API clients would fail when they use personal access tokens to authenticate.
* | Merge dev master into GitLab.com masterYorick Peterse2019-03-047-21/+117
|\ \ | |/ |/|
| * Merge branch 'security-2773-milestones-fix' into 'master'Yorick Peterse2019-03-041-1/+1
| |\ | | | | | | | | | | | | [master] Check issue milestone availability See merge request gitlab/gitlabhq!2788
| | * Check issue milestone availabilityJarka Košanová2019-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add project when creating milestone in specs We validate milestone is from the same project/parent group as issuable -> we need to set project in specs correctly Improve methods names and specs organization
| * | Merge branch ↵Yorick Peterse2019-03-042-0/+39
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | '2802-security-add-public-internal-groups-as-members-to-your-project-idor' into 'master' Add public/internal groups as members to your Project(IDOR) See merge request gitlab/gitlabhq!2898
| | * | Change policy regarding group visibilityMałgorzata Ksionek2019-02-202-0/+39
| | | |
| * | | Merge branch 'security-kubernetes-google-login-csrf' into 'master'Yorick Peterse2019-03-041-19/+41
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Validate session key when authorizing with GCP to create a cluster Closes #2805 See merge request gitlab/gitlabhq!2902
| | * | | Validate session key when authorizing with GCP to create a clusterTiger2019-02-191-19/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was previously possible to link a GCP account to another user's GitLab account by having them visit the callback URL, as there was no check that they were the initiator of the request. We now reject the callback unless the state parameter matches the one added to the initiating user's session.
| * | | | Merge branch 'security-56348' into 'master'Yorick Peterse2019-03-041-0/+4
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check snippet attached file to be moved is within designated directory Closes #2806 See merge request gitlab/gitlabhq!2903
| | * | | | Check snippet attached file to be moved is within designated directoryMark Chao2019-02-211-0/+4
| | |/ / / | | | | | | | | | | | | | | | Previously one could move any temp/ sub folder around.
| * | | | Merge branch 'security-issue_54789_2' into 'master'Yorick Peterse2019-03-041-0/+31
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [master] Prevent disclosing project milestone titles Closes #2794 See merge request gitlab/gitlabhq!2965
| | * | | | Prevent disclosing project milestone titlesFelipe Artur2019-02-251-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevent unauthorized users having access to milestone titles through autocomplete endpoint.
| * | | | | Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master'Yorick Peterse2019-03-041-1/+1
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure request to link GroupSAML acount was GitLab initiated See merge request gitlab/gitlabhq!2976
| | * | | | | Backport EE GroupSAML origin verification changesJames Edwards-Jones2019-01-231-1/+1
| | | | | | |
* | | | | | | Merge branch 'sh-optimize-calendar-activities' into 'master'Robert Speicher2019-03-021-3/+31
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Eliminate most N+1 queries loading UserController#calendar_activities Closes #58392 See merge request gitlab-org/gitlab-ce!25697
| * | | | | | | Eliminate most N+1 queries loading UserController#calendar_activitiesStan Hu2019-03-011-3/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can reduce a significant number of queries by preloading the associations for events. On GitLab.com, for a date that had 456 events, this brought the load time down from 8.7 to 1.2 s. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/58392
* | | | | | | | Refactor model and specReuben Pereira2019-03-011-23/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Move some specs into contexts - Let get_slugs method take a parameter and return a specific slug. - Add rescues when using Addressable::URI.
* | | | | | | | Merge branch 'sh-bump-fog-gem' into 'master'Sean McGivern2019-03-011-1/+1
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump fog-aws to 3.3.0 and associated dependencies See merge request gitlab-org/gitlab-ce!21788
| * | | | | | | | Bump fog-aws to 3.3.0 and associated dependenciesStan Hu2019-02-281-1/+1
| |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes issue with AWS V4 signatures not working with Ceph S3: https://github.com/fog/fog-aws/issues/462
* | | | | | | | Merge branch '54643-lower_issuable_finder_complexity' into 'master'Sean McGivern2019-03-011-3/+1
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IssuableFinder - Always use CTE for group counts Closes #54643 See merge request gitlab-org/gitlab-ce!25411
| * | | | | | | Always use CTE for IssuableFinder countsMario de la Ossa2019-02-281-3/+1
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the CTE is faster than a subquery and the only reason we're using a subquery is that the CTE can't handle sorting by certain attributes, let's use the CTE always (when the feature flag is enabled) when counting, since we can ignore ordering if we just want a count of results.
* | | | | | | Show header and footer system messages in emailAlexandru Croitor2019-02-271-6/+42
| |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add email_header_and_footer_enabled flag to appearances table * Set email_header_and_footer_enabled default value to false * Add checkbox to appearance to toggle show header and footer in emails * Add email_header_and_footer_enabled to allowed params in controller * Add header and footer messages to the html and text email layouts * Remove the color styling for emails header and footer * Add empty_mailer layout for emails without layout, to have the header and footer applied
* | | | | | Remove N+1 query for tags in /admin/runners pageStan Hu2019-02-261-1/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As discussed in https://github.com/mbleigh/acts-as-taggable-on/issues/91, we can avoid N+1 queries if we use `tags` instead of `tag_list`. Seen while reviewing https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/19740.
* | | | | | Add name_without_type to environments.jsonVladimir Shushlin2019-02-261-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | It's needed to show shorter names in environments "folders"
* | | | | | Merge branch '57905-etag-caching-probably-broken-since-11-5-0' into 'master'Robert Speicher2019-02-261-0/+8
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix ETag caching not being used for AJAX requests Closes #57905 See merge request gitlab-org/gitlab-ce!25400
| * | | | | | Fix ETag caching not being used for AJAX requestsRémy Coutable2019-02-261-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | | | Merge branch 'filter-confidential-issues' into 'master'Kamil Trzciński2019-02-261-1/+3
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ability to filter confidential issues Closes #50747 See merge request gitlab-org/gitlab-ce!24960
* | | | | | Revert "Merge branch 'filter-confidential-issues' into 'master'"Michael Kozono2019-02-251-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit d133bf84c668df3dfc9938bb04150754cb873c8b, reversing changes made to 7981c0292b07a0138b096fa082341fcb13e9ce2b.
* | | | | | Merge branch 'zj-load-languages-from-database' into 'master'Nick Thomas2019-02-251-0/+16
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Load repository language from the DB if detected Closes #47390 See merge request gitlab-org/gitlab-ce!25518
View Lorry Controller Status