summaryrefslogtreecommitdiff
path: root/spec/helpers
Commit message (Collapse)AuthorAgeFilesLines
* Avoid exposing unaccessible repo data upon GFM processingOswaldo Ferreira2019-08-261-0/+6
| | | | | | | | | | | | | | | | | | When post-processing relative links to absolute links RelativeLinkFilter didn't take into consideration that internal repository data could be exposed for users that do not have repository access to the project. This commit solves that by checking whether the user can `download_code` at this repository, avoiding any processing of this filter if the user can't. Additionally, if we're processing for a group ( no project was given), we check if the user can read it in order to expand the href as an extra. That doesn't seem necessarily a breach now, but an extra check doesn't hurt as after all the user needs to be able to `read_group`.
* Merge branch 'security-hide_merge_request_ids_on_emails-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-12/+44
|\ | | | | | | | | Prevent disclosure of merge request id via email See merge request gitlab/gitlabhq!3350
| * Prevent disclosure of merge request id via emailFelipe Artur2019-08-211-12/+44
| | | | | | | | | | Do not disclosure merge request id via email for unauthorized users when closing issues.
* | Fix html injection for label descriptionPatrick Derichs2019-08-191-0/+10
|/
* UI for disabling group/project email notificationBrett Walker2019-08-173-0/+76
| | | | | | - Adds UI to configure in group and project settings - Removes notification configuration for users when disabled at group or project level
* Add link to resend confirmation emailAlex Buijs2019-08-141-0/+17
| | | | | This link is shown when a user tries to login with an unconfirmed email address and the grace period has expired
* Migrates Snowplow backend from EE to CEJeremy Jackson2019-08-141-2/+26
| | | | | This introduces several changes, but these are all just ported from the EE project.
* Revert "Merge branch '64341-data-and-privacy-agreement-for-gitlab-users' ↵Kushal Pandya2019-08-141-20/+0
| | | | | | into 'master'" This reverts merge request !30808
* Add notification for updated privacy policyDennis Tang2019-08-141-0/+20
| | | | | | | | This adds a notification to let users know of our updated privacy policy. Users can dismiss the notification either by following the link or closing the notification via an "x" icon.
* Load search result counts asynchronouslyMarkus Koller2019-08-121-0/+44
| | | | | | Querying all counts for the different search results in the same request led to timeouts, so we now only calculate the count for the *current* search results, and request the others in separate asynchronous calls.
* Add tests for starrers viewsCamil Staps2019-08-071-1/+1
|
* Add top navigation analytics linkanalytics-top-navLuke Bennett2019-08-061-1/+1
|
* Change qa-reverse-sort class references to rspec-reverse-sortTanya Pazitny2019-07-291-1/+1
|
* Merge branch 'remove-nested-groups-checks' into 'master'Lin Jen-Shin2019-07-263-8/+8
|\ | | | | | | | | | | | | Remove code related to object hierarchy and MySQL Closes #65056 and #65055 See merge request gitlab-org/gitlab-ce!31095
| * Remove code related to object hierarchy in MySQLremove-nested-groups-checksHeinrich Lee Yu2019-07-253-8/+8
| | | | | | | | | | These are not required because MySQL is not supported anymore
* | Fix error rendering submodules in MR diffs when there is no .gitmodulesdm-submodule-links-nilDouwe Maan2019-07-261-0/+13
|/ | | | Without this change, we get a NoMethodError on nil
* Merge branch '62217-follow-up-from-fix-display-of-promote-to-group-label' ↵Douwe Maan2019-07-241-21/+3
|\ | | | | | | | | | | | | | | | | into 'master' Remove project param from `#show_label_issuables_link?` Closes #62217 See merge request gitlab-org/gitlab-ce!31038
| * Remove project from show_label_issuables_link?62217-follow-up-from-fix-display-of-promote-to-group-labelHeinrich Lee Yu2019-07-231-21/+3
| | | | | | | | The project param is unnecessary here
* | Add links in admin area overviewce-xanf-add-admin-area-linksIllya Klymov2019-07-241-0/+37
|/ | | | | | Introduces new `feature_entry` helper for dashboard. This helper reduces code duplication when listing available features and relevant links to configuration sections
* Ensure SubmoduleHelper works outside view contextdm-submodule-helper-routingDouwe Maan2019-07-221-36/+45
|
* Fetch latest link in the description for zoom link, add more tests and ↵Rajendra kadam2019-07-171-0/+41
| | | | remove frontend spec unnecessary tests
* Hide restricted and disallowed visibility radioshide-restricted-visibility-radioLuke Bennett2019-07-151-26/+46
| | | | | Show a message if many levels are restricted and a different message if all levels are restricted.
* Add more file extentions to file type icon classPeter Dave Hello2019-07-151-0/+20
|
* Open WebIDE in fork when user doesn't have access51952-redirect-to-webide-in-forkMarkus Koller2019-07-121-7/+31
| | | | | | | When opening the IDE on a project where the user doesn't have push access, we create a fork and then redirect back to the IDE. To make sure the user can actually commit, we need to open the IDE in the forked project rather than the upstream project.
* Merge branch 'upgrade-rails-5-2-ce' into 'master'Bob Van Landuyt2019-07-122-2/+2
|\ | | | | | | | | [CE] Upgrade to Rails 5.2 See merge request gitlab-org/gitlab-ce!30052
| * Upgrade to Rails 5.2upgrade-rails-5-2-ceHeinrich Lee Yu2019-07-122-2/+2
| | | | | | | | Updates changed method names and fixes spec failures
* | Merge branch '60798-follow-up-simplify-sort-direction-logic' into 'master'Sean McGivern2019-07-121-1/+147
|\ \ | | | | | | | | | | | | | | | | | | Resolve "Follow up: Simplify sort direction logic" Closes #60798 See merge request gitlab-org/gitlab-ce!30443
| * | Minor review cleanup60798-follow-up-simplify-sort-direction-logicEzekiel Kigbo2019-07-121-61/+47
| | | | | | | | | | | | Minor refactor specs
| * | Added tests for sort icon currentEzekiel Kigbo2019-07-121-63/+37
| | | | | | | | | | | | Refactor sort direction icon
| * | Added test for admin/projectsEzekiel Kigbo2019-07-121-39/+111
| | | | | | | | | | | | | | | | | | | | | | | | Added tests with project_list_filter_bar set to off Added tests for projects_sort_option_titles Refactor project sort options hash
| * | Added tests for current behaviourEzekiel Kigbo2019-07-121-0/+114
| |/
* | Split and prepend CurrentBoardEntityWinnie Hellmann2019-07-121-2/+14
|/ | | | (cherry picked from commit 1e8bdd01bff96122fe80c51fa8f024f18675b58b)
* Merge branch 'fix_simple_format_undefined' into 'master'Robert Speicher2019-07-101-1/+72
|\ | | | | | | | | | | | | Fix `simple_format` undefined error #60179 Closes #60179 See merge request gitlab-org/gitlab-ce!30366
| * Fix undefined method `simple_format for MarkupHelper:ModuleVasiliy Yakliushin2019-07-071-1/+72
| | | | | | | | | | | | | | | | | | `simple_format` is not defined in ActionView::Helpers::TagHelper, but it is actually located in ActionView::Helpers::TextHelper. The solution is to include the correct helper. I've also added tests for `#markup_unsafe` because they were missing.
* | Implemented frontend suggestionsNick Kipling2019-07-091-1/+1
|/ | | | | | Converted storage details into a small partial Reworded the storage details summary as suggested Updated pot file
* Change 'Todo' to 'To Do'Christie Lenneville2019-07-041-1/+1
| | | | | | | | | | | | | | | | Currently, we label items to be done as "Todo." This is grammatically incorrect and (therefore) confusing—especially to our Spanish-speaking users for whom "todo" has a specific and unrelated meaning. We should use "To Do" and always use it as singular (not "To Dos"). Updates to wording in a few places per MR (ee) discussion Updating locale/gitlab.pot Updates to wording in a few places per MR (ee) discussion Updating locale/gitlab.pot
* Merge branch '82-add-new-onboarding-to-flipper-a-b-testing' into 'master'Nick Thomas2019-07-011-0/+38
|\ | | | | | | | | Add new onboarding to flipper A/B testing See merge request gitlab-org/gitlab-ce!30125
| * Add new OnboardingExperimentHelper modulesAsh McKenzie2019-06-281-0/+38
| | | | | | | | | | | | OnboardingExperimentHelpers take care of determining if the current_user should or should not see the new onboarding feature.
* | Fix attachments using the wrong URLs in e-mailssh-fix-issue-63910Stan Hu2019-06-281-0/+37
|/ | | | | | | | | | | | | | | | | | | | | Prior to https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/29889, only the project context were set for the Markdown renderer. For a note on an issuable, the group context was set to `nil` because `note.noteable.try(:group)` attempted to get the issuable's group, which doesn't exist. To make group notifications work, now both the project and group context are set. The context gets passed to `RelativeLinkFilter`, which previously assumed that it wasn't possible to have both a group and a project in the Markdown context. However, if a group were defined, it would take precedence, and the URL rendered for uploads would be `/group/-/uploads` instead of `/group/project/uploads/`. This led to 404s in e-mails. However, now that we have both project and group in the context, we render the Markdown giving priority to the project context if is set. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63910
* New RecaptchaExperimentHelper modulesAsh McKenzie2019-06-251-0/+23
| | | | | RecaptchaExperimentHelper contains helper methods to assist in the controller and view layers.
* Remove baseEndpoint from search dropdwon63177-follow-up-from-use-scoped-routes-for-labels-and-milestonesDmitriy Zaporozhets2019-06-241-3/+3
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Memoize non-existent custom appearancessh-strong-memoize-appearancesStan Hu2019-06-231-0/+16
| | | | | This saves about 5 SQL calls per page if no custom appearance is specified.
* Fix missing deployment rockets in monitor dashboardDhiraj Bodicherla2019-06-141-1/+1
| | | | | | Fixed inconsistencies in variable names for deployment endpoints for monitoring dashboard which causes deployment rocket icons to disappear
* Use scoped routes for labels and milestonesDmitriy Zaporozhets2019-06-131-3/+9
| | | | | | Update frontend code to use /-/ scope for milestones and labels routes Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Set project default visibility to max allowedStan Hu2019-06-051-0/+45
| | | | | | | | | | If the default, instance-wide visibility were set to internal but a group were private, the radio button would be set on internal even though that setting were not allowed. We now consider the allowed visibility setting for the group in determining what the default should be. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62298
* Merge branch '54140-non-ar-cache-commit-markdown' into 'master'Douwe Maan2019-06-051-1/+2
|\ | | | | | | | | | | | | Use Redis for CacheMarkDownField on non AR models Closes #54140 See merge request gitlab-org/gitlab-ce!29054
| * Use Redis for CacheMarkDownField on non AR modelsPatrick Bajao2019-06-051-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows using `CacheMarkdownField` for models that are not backed by ActiveRecord. When the including class inherits `ActiveRecord::Base` we include `Gitlab::MarkdownCache::ActiveRecord::Extension`. This will cause the markdown fields to be rendered and the generated HTML stored in a `<field>_html` attribute on the record. We also store the version used for generating the markdown. All other classes that include this model will include the `Gitlab::MarkdownCache::Redis::Extension`. This add the `<field>_html` attributes to that model and will generate the html in them. The generated HTML will be cached in redis under the key `markdown_cache:<class>:<id>`. The class this included in must therefore respond to `id`.
* | Add snowplow haml attr helperLuke Bennett2019-06-051-0/+11
|/ | | | | Helps build a hash of snowplow tracking data attrs. Updates import project pane to use new helper.
* Change s_() calls to _() callsMichał Zając2019-06-041-4/+4
| | | | There are no namespaces in the strings so we don't need those
* Merge branch 'dz-scope-project-routes-3' into 'master'Lin Jen-Shin2019-05-311-1/+1
|\ | | | | | | | | Move some project routes under - scope See merge request gitlab-org/gitlab-ce!28830
View Lorry Controller Status