| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
| |
This reverts merge request !11963
|
|\
| |
| |
| |
| | |
Replace 'snippets/snippets.feature' spinach with rspec
See merge request !12385
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Fix API Scoping
Closes #33580 and #33022
See merge request !12300
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- The `/users` and `/users/:id` APIs are now accessible without
authentication (!12445), and so scopes are not relevant for these endpoints.
- Previously, we were testing our scope declaration against these two methods.
This commit moves these tests to other `GET` user endpoints which still
require authentication.
|
| |\ \
| | | |
| | | |
| | | | |
# Conflicts:
# lib/api/users.rb
|
| | | |
| | | |
| | | |
| | | |
| | | | |
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
- To represent an authorization scope, such as `api` or `read_user`
- This is a better abstraction than the hash we were previously using.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Use a struct for scopes, so we can call `scope.if` instead of `scope[:if]`
- Refactor the "remove scopes whose :if condition returns false" logic to use a
`select` rather than a `reject`.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
1. Get the spec for `lib/gitlab/auth.rb` passing.
- Make the `request` argument to `AccessTokenValidationService` optional -
`auth.rb` doesn't need to pass in a request.
- Pass in scopes in the format `[{ name: 'api' }]` rather than `['api']`, which
is what `AccessTokenValidationService` now expects.
2. Get the spec for `API::V3::Users` passing
2. Get the spec for `AccessTokenValidationService` passing
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Test `GET` endpoints to check that the scope is allowed.
- Test `POST` endpoints to check that the scope is disallowed.
- Test both `v3` and `v4` endpoints.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Scope declarations of the form:
allow_access_with_scope :read_user, if: -> (request) { request.get? }
will only apply for `GET` requests
- Add a negative test to a `POST` endpoint in the `users` API to test this. Also
test for this case in the `AccessTokenValidationService` unit tests.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Declaring an endpoint's scopes in a `before` block has proved to be
unreliable. For example, if we're accessing the `API::Users` endpoint - code
in a `before` block in `API::API` wouldn't be able to see the scopes set in
`API::Users` since the `API::API` `before` block runs first.
- This commit moves these declarations to the class level, since they don't need
to change once set.
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Honor the "Remember me" parameter for OAuth-based login
Closes #18000
See merge request !11963
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Don't use `request.env['omniauth.params']` if it isn't present.
- Remove the `saml` section from the `gitlab.yml` test section. Some tests
depend on this section not being initially present, so it can be overridden
in the test. This MR doesn't add any tests for SAML, so we didn't really need
this in the first place anyway.
- Clean up the test -> omniauth section of `gitlab.yml`
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Change double quotes to single quotes.
- Why is `OmniAuth.config.full_host` being reassigned in the integration test?
- Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
- Other minor changes
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- I tried to get this to work by stubbing out portions of the config within the
test. This didn't work as expected because Devise/Omniauth loaded before the
stub could run, and the stubbed config was ignored.
- I attempted to fix this by reloading Devise/Omniauth after stubbing the
config. This successfully got Devise to load the stubbed providers, but failed
while trying to access a route such as `user_gitlab_omniauth_authorize_path`.
- I spent a while trying to figure this out (even trying
`Rails.application.reload_routes!`), but nothing seemed to work.
- I settled for adding this config directly to `gitlab.yml` rather than go down
this path any further.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Added saml, authentiq, cas3, and auth0
- Crowd seems to be a special case that will be handled separately.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- There was previously a test for `saml` login in `login_spec`, but this didn't
seem to be passing. A lot of things didn't seem right here, and I suspect that
this test hasn't been running. I'll investigate this further.
- It took almost a whole working day to figure out this line:
OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
As always, it's obvious in retrospect, but it took some digging to figure out
tests were failing and returning 404s during the callback phase.
- Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
'master'
Use stub_application_setting when testing ApplicationHelper#support_url
Closes #34648
See merge request !12627
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
'master'
Add test example for external commit status retries
See merge request !12642
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Migrate #submodule_url_for to Gitaly
See merge request !12629
|
| | |/ / / / /
| |/| | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Prevent accidental deletion of protected MR source branch by repeating checks before actual deletion
Closes #34456
See merge request !12574
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
checks before actual deletion
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Revert "Merge branch 'revert-12499' into 'master'"
See merge request !12633
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This reverts merge request !12557
|
|\ \ \ \ \ \ \ \ \
| |/ / / / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
no trailing / leading hyphens in CI_COMMIT_REF_SLUG.
Closes #32035
See merge request !11218
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| |_|_|_|_|_|/ /
|/| | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Hopefully reduce the rate of this intermittent failure in CI
Closes #31128
See merge request !12567
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
14 to 2, but these shared examples are used twice. This was already done in another context further down the file.
|
| | | | | | | | | |
|
| | |/ / / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | | |
By default it is 2 tries in CI.
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
CE counterpart of: Namespace license checks for multiple assignees
See merge request !11825
|