delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Merge branch 'issue_17302' into 'master'	Rémy Coutable	2016-05-18	1	-3/+64
\|\ \| \| \| \| \| \| \| \| \| \| \| \|	Fix api leaking notes when user is not authorized to read noteable fixes #17302 See merge request !4102
\| *	Fix single note api request	Felipe Artur	2016-05-16	1	-3/+14
\| \|
\| *	Fix notes API calls symbol convertions	Felipe Artur	2016-05-10	1	-0/+31
\| \|
\| *	Fix api leaking notes when user is not authorized to read noteable	Felipe Artur	2016-05-09	1	-0/+19
\| \|
* \|	Update JwtController specs	Kamil Trzcinski	2016-05-15	1	-36/+21
\| \|
* \|	Added specs for JwtController	Kamil Trzcinski	2016-05-14	1	-0/+87
\| \|
* \|	Codestyle: make sure we have space around operators	Gabriel Mazetto	2016-05-13	3	-9/+9
\| \|
* \|	Add API endpoints for un/subscribing from/to a label	Ahmad Sherif	2016-05-12	2	-0/+94
\| \| \| \| \| \| \| \|	Closes #15638
* \|	Merge branch '17249-starred' into 'master'	Robert Speicher	2016-05-11	1	-12/+9
\|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Restrict starred projects to viewable ones `User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects. Closes #17249. See merge request !4108
\| * \|	Restrict starred projects to viewable ones	Sean McGivern	2016-05-10	1	-12/+9
\| \|/ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	`User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects.
* \|	Fix a few places where autoloading would fail	Rémy Coutable	2016-05-10	1	-1/+1
\|/ \| \| \| \| \| \| \| \| \| \|	- Fix naming of API::CommitStatuses - Ensure we use require_dependency instead of require - Ensure the namespace is right in lib/api/api.rb, otherwise, we might require Grape::API::Helpers which defines the `#params` method. This is to avoid requiring a file multiple times and getting an "Already initialized constant" error. Signed-off-by: Rémy Coutable <remy@rymai.me>
*	Expose MergeRequest#user_notes_count in the API and use the method in issues ↵	Rémy Coutable	2016-05-09	2	-14/+48
\| \| \| \| \| \|	list Signed-off-by: Rémy Coutable <remy@rymai.me>
*	API: Expose Issue#user_notes_count	cnam-dep	2016-05-09	1	-0/+15
\|
*	Merge branch 'use-rugged-to-create-tag' into 'master'	Rémy Coutable	2016-05-04	1	-2/+2
\|\ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Use Rugged's TagCollection#create instead of gitlab-shell's Repository#add_tag for better performance This was originally opened at !1757 by @pcarranza but I changed it to use Rugged instead of gitlab_git, following @DouweM's request. Once this is merged, https://gitlab.com/gitlab-org/gitlab-shell/merge_requests/26 will be mergeable too. See merge request !3745
\| *	Use Rugged's TagCollection#create instead of gitlab-shell's ↵	Rémy Coutable	2016-05-04	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \|	Repository#add_tag for better performance Signed-off-by: Rémy Coutable <remy@rymai.me>
* \|	Merge branch 'pacoguzman/gitlab-ce-15001-since-and-until-operators-api-commits'	Douwe Maan	2016-05-04	1	-0/+35
\|\ \ \| \|/ \|/\| \| \| \| \|	# Conflicts: # Gemfile.lock
\| *	API support for the 'since' and 'until' operators on commit requests	Paco Guzman	2016-04-29	1	-0/+35
\| \| \| \| \| \|	- Parameter validation as ISO8601 format
* \|	Prevent privilege escalation via notes API	Robert Speicher	2016-04-26	1	-10/+31
\| \| \| \| \| \| \| \|	Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15577
* \|	Merge branch '15579-filter-milestone-confidential-issues-api' into 'master'	Robert Speicher	2016-04-26	1	-1/+30
\|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Prevent information disclosure via milestone API Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579 See merge request !1961
\| * \|	Improve Milestones API specs	Rémy Coutable	2016-04-25	1	-36/+27
\| \| \| \| \| \| \| \| \| \| \| \|	Signed-off-by: Rémy Coutable <remy@rymai.me>
\| * \|	Filter confidential issues from milestones API if user does not have access	Stan Hu	2016-04-25	1	-1/+39
\| \|/ \| \| \| \| \| \|	Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579
* \|	Prevent private snippets in public/internal projects from being leaked via API	Stan Hu	2016-04-25	2	-1/+88
\|/ \| \| \|	Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15580
*	Prevent users from deleting Webhooks via API they do not own	Stan Hu	2016-04-24	1	-2/+12
\| \| \| \|	Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15576
*	Merge branch 'ci-commit-as-pipeline' into 'master'	Kamil Trzciński	2016-04-21	4	-23/+24
\|\ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Ci::Commit becomes a Pipeline object 1. Ci::Commit receives context: ref, :tag. 1. One Ci::Commit describes a one Pipeline 1. Pipeline is created from `.gitlab-ci.yml` 1. Pipeline is a ordered group of builds 1. We test MR against Pipeline 1. Pipelines have a separate view (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3703) 1. Pipeline can be triggered from UI (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3703) 1. Later we change `Trigger -> TriggerRequest -> Build` to `Trigger -> Pipeline` (future) 1. We add a Pipeline Hook that will be triggered on Pipeline status change (future) 1. We extend notifications to use `Pipeline Hook` to send summary on pipeline changes (future) After merging that I'll prepare a separate MR that will unify naming, database columns, table names: ``` Ci::Commit -> Pipeline Ci::Build -> Build CommitStatus -> Job GenericCommitStatus -> ExternalJob ci_commits -> pipelines ci_builds -> jobs ``` This MR implements first 5 points. This is made to solve this issue https://gitlab.com/gitlab-org/gitlab-ce/issues/14149. See merge request !3653
\| *	Merge remote-tracking branch 'origin/master' into ci-commit-as-pipelineci-commit-as-pipeline	Kamil Trzcinski	2016-04-19	2	-0/+20
\| \|\ \| \| \| \| \| \| \| \| \| \| \| \|	# Conflicts: # db/schema.rb
\| * \|	Make some logic less twistable	Kamil Trzcinski	2016-04-17	1	-1/+1
\| \| \|
\| * \|	Merge remote-tracking branch 'origin/master' into ci-commit-as-pipeline	Kamil Trzcinski	2016-04-16	4	-4/+162
\| \|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	# Conflicts: # db/schema.rb
\| * \ \	Merge remote-tracking branch 'origin/master' into ci-commit-as-pipeline	Kamil Trzcinski	2016-04-13	7	-16/+229
\| \|\ \ \
\| * \| \| \|	Fix specs	Kamil Trzcinski	2016-04-11	4	-22/+23
\| \| \| \| \|
* \| \| \| \|	Make sure that appending is done on a valid length	Tomasz Maczukin	2016-04-20	1	-1/+1
\| \| \| \| \|
* \| \| \| \|	Add range checking	Tomasz Maczukin	2016-04-20	1	-7/+31
\| \| \| \| \|
* \| \| \| \|	Add incremental build trace update API	Tomasz Maczukin	2016-04-20	1	-0/+22
\| \| \| \| \|
* \| \| \| \|	Merge branch 'license-templates-and-api-12804' into 'master'	Robert Speicher	2016-04-20	1	-0/+136
\|\ \ \ \ \ \| \|_\|_\|_\|/ \|/\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	License templates when creating/editing a LICENSE file Closes #12804 See merge request !3660
\| * \| \| \|	Update to licensee 8.0.0 and fix API specs	Rémy Coutable	2016-04-18	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Signed-off-by: Rémy Coutable <remy@rymai.me>
\| * \| \| \|	Continue implementation of the license template selector and /licenses API ↵	Rémy Coutable	2016-04-18	1	-25/+115
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	endpoint Signed-off-by: Rémy Coutable <remy@rymai.me>
\| * \| \| \|	Initial implementation if license template selector and /licenses/:key API ↵	Anton Davydov	2016-04-18	1	-0/+46
\| \| \|_\|/ \| \|/\| \| \| \| \| \| \| \| \| \|	endpoint
* \| \| \|	Merge branch 'api-fix-annotated-tags' into 'master'	Rémy Coutable	2016-04-19	1	-0/+2
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	API: Present an array of Gitlab::Git::Tag instead of array of rugged tags The annotated message was always `null` because the wrong array was presented. The entity requires an array of `Gitlab::Git::Tags` instead an array of raw rugged tags was presented. Since a rugged tag does not respond to `message` to get the annotated message, this was always `null`. See merge request !3764
\| * \| \| \|	Ensure that annoation is presented properly	Robert Schilling	2016-04-18	1	-0/+2
\| \|/ / /
* \| \| \|	Insert users check into api	Felipe Artur	2016-04-18	1	-0/+18
\|/ / /
* \| \|	Allow back dating notes on creation	Michael Greene	2016-04-13	1	-0/+13
\| \| \|
* \| \|	Allow back dating issues on update	Michael Greene	2016-04-13	1	-4/+16
\| \| \|
* \| \|	Merge branch 'api-subscribe-issue-mr' into 'master'	Rémy Coutable	2016-04-13	2	-0/+85
\|\ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	API: Subscribe and unsubscribe from issues and merge requests * Closes #6024 This MR is based on !3611, which must be merged first. See merge request !3615
\| * \| \|	Ensure that issues and merge requests are found	Robert Schilling	2016-04-13	2	-3/+15
\| \| \| \|
\| * \| \|	Make subscription API more RESTful	Robert Schilling	2016-04-13	2	-14/+26
\| \| \| \|
\| * \| \|	API: Ability to subscribe and unsubscribe from a merge request	Robert Schilling	2016-04-13	1	-0/+30
\| \| \| \|
\| * \| \|	API: Ability to subscribe and unsubscribe from an issue	Robert Schilling	2016-04-13	1	-0/+31
\| \| \| \|
* \| \| \|	Merge branch 'api-star-project' into 'master'	Rémy Coutable	2016-04-13	1	-0/+48
\|\ \ \ \ \| \|_\|_\|/ \|/\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	API: Star and unstar a project Add two new endpoints `POST /projects/:id/star` and `POST /projects/:id/unstar` to star and unstar a project. * Closes #12739 See merge request !3578
\| * \| \|	Styling changes to code and docs	Robert Schilling	2016-04-13	1	-6/+4
\| \| \| \|
\| * \| \|	Make staring API more restful	Robert Schilling	2016-04-13	1	-4/+4
\| \| \| \|
\| * \| \|	API: Star and unstar a project	Robert Schilling	2016-04-13	1	-0/+50
\| \|/ /