From 7cad597f6c8ba794c6852e23d718ed7827da35c6 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Thu, 16 Mar 2017 20:18:57 -0700 Subject: Revert "Merge branch '8836-mr-revert' into 'master' This reverts commit 68e40bd49fde7b790bb31b9ac85a249bedd817d2, reversing changes made to 2d1f823b4c8b60cee525384cb52e547d2be8925a. --- app/controllers/profiles/notifications_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/profiles/notifications_controller.rb b/app/controllers/profiles/notifications_controller.rb index b8b71d295f6..a271e2dfc4b 100644 --- a/app/controllers/profiles/notifications_controller.rb +++ b/app/controllers/profiles/notifications_controller.rb @@ -17,6 +17,6 @@ class Profiles::NotificationsController < Profiles::ApplicationController end def user_params - params.require(:user).permit(:notification_email) + params.require(:user).permit(:notification_email, :notified_of_own_activity) end end -- cgit v1.2.1 From 652d80458af1ea4552ae5095e212ef770a6b229d Mon Sep 17 00:00:00 2001 From: Phil Hughes Date: Fri, 17 Mar 2017 15:38:41 +0000 Subject: Fixed pagination in projects & snippets on user page Changed it from being json links to normal links & then doing a AJAX request to get the content. Closes #29624 --- app/controllers/users_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 6e29f1e8a65..2683614d2e8 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -39,7 +39,7 @@ class UsersController < ApplicationController format.html { render 'show' } format.json do render json: { - html: view_to_html_string("shared/projects/_list", projects: @projects, remote: true) + html: view_to_html_string("shared/projects/_list", projects: @projects) } end end @@ -65,7 +65,7 @@ class UsersController < ApplicationController format.html { render 'show' } format.json do render json: { - html: view_to_html_string("snippets/_snippets", collection: @snippets, remote: true) + html: view_to_html_string("snippets/_snippets", collection: @snippets) } end end -- cgit v1.2.1 From 07415e474ed4dc3b6bd1bcfa874c8cdb393855f4 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 20 Mar 2017 22:17:46 -0700 Subject: Fix Error 500 when Bitbucket importer does not have authorization Closes #29739 --- app/controllers/import/bitbucket_controller.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb index 8e42cdf415f..5ad1e116e4e 100644 --- a/app/controllers/import/bitbucket_controller.rb +++ b/app/controllers/import/bitbucket_controller.rb @@ -44,15 +44,15 @@ class Import::BitbucketController < Import::BaseController repo_owner = repo.owner repo_owner = current_user.username if repo_owner == bitbucket_client.user.username - @target_namespace = params[:new_namespace].presence || repo_owner + namespace_path = params[:new_namespace].presence || repo_owner - namespace = find_or_create_namespace(@target_namespace, current_user) + @target_namespace = find_or_create_namespace(namespace_path, current_user) - if current_user.can?(:create_projects, namespace) + if current_user.can?(:create_projects, @target_namespace) # The token in a session can be expired, we need to get most recent one because # Bitbucket::Connection class refreshes it. session[:bitbucket_token] = bitbucket_client.connection.token - @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, namespace, current_user, credentials).execute + @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, @target_namespace, current_user, credentials).execute else render 'unauthorized' end -- cgit v1.2.1 From e8942846c656d95d58d283db88c481a6a97face4 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 15 Mar 2017 16:09:53 +0200 Subject: Hide ancestor groups in the share group dropdown list Signed-off-by: Dmitriy Zaporozhets --- app/controllers/projects/settings/members_controller.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/settings/members_controller.rb b/app/controllers/projects/settings/members_controller.rb index cbfa2afa959..54f9dceddef 100644 --- a/app/controllers/projects/settings/members_controller.rb +++ b/app/controllers/projects/settings/members_controller.rb @@ -9,6 +9,7 @@ module Projects @skip_groups = @group_links.pluck(:group_id) @skip_groups << @project.namespace_id unless @project.personal? + @skip_groups += @project.group.ancestors.pluck(:id) if @project.group @project_members = MembersFinder.new(@project, current_user).execute -- cgit v1.2.1 From 7b04b63eeb8e3d6730acec3045a54f95968b3dac Mon Sep 17 00:00:00 2001 From: Jacopo Date: Tue, 14 Mar 2017 07:29:49 +0100 Subject: New directory from interface on existing branch The user can create a new directory on a different branch than the source branch when the branch already exists. --- app/controllers/projects/application_controller.rb | 5 +++++ app/controllers/projects/blob_controller.rb | 5 ----- app/controllers/projects/tree_controller.rb | 1 + 3 files changed, 6 insertions(+), 5 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb index e2f81b09adc..f1a93ccb3ad 100644 --- a/app/controllers/projects/application_controller.rb +++ b/app/controllers/projects/application_controller.rb @@ -89,4 +89,9 @@ class Projects::ApplicationController < ApplicationController def builds_enabled return render_404 unless @project.feature_available?(:builds, current_user) end + + def update_ref + branch_exists = @repository.find_branch(@target_branch) + @ref = @target_branch if branch_exists + end end diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index 52fc67d162c..80a95c6158b 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -89,11 +89,6 @@ class Projects::BlobController < Projects::ApplicationController private - def update_ref - branch_exists = @repository.find_branch(@target_branch) - @ref = @target_branch if branch_exists - end - def blob @blob ||= Blob.decorate(@repository.blob_at(@commit.id, @path)) diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb index 4f094146348..637b61504d8 100644 --- a/app/controllers/projects/tree_controller.rb +++ b/app/controllers/projects/tree_controller.rb @@ -34,6 +34,7 @@ class Projects::TreeController < Projects::ApplicationController def create_dir return render_404 unless @commit_params.values.all? + update_ref create_commit(Files::CreateDirService, success_notice: "The directory has been successfully created.", success_path: namespace_project_tree_path(@project.namespace, @project, File.join(@target_branch, @dir_name)), failure_path: namespace_project_tree_path(@project.namespace, @project, @ref)) -- cgit v1.2.1 From 1974691bfe372f805a635319a8f7dbd6e0537485 Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Tue, 21 Mar 2017 15:25:00 +0000 Subject: Revert "Merge branch '29534-todos-performance' into 'master'" This reverts merge request !10076 --- app/controllers/dashboard/todos_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/dashboard/todos_controller.rb b/app/controllers/dashboard/todos_controller.rb index 096de8032ae..498690e8f11 100644 --- a/app/controllers/dashboard/todos_controller.rb +++ b/app/controllers/dashboard/todos_controller.rb @@ -51,7 +51,7 @@ class Dashboard::TodosController < Dashboard::ApplicationController private def find_todos - @todos ||= TodosFinder.new(current_user, params.merge(include_associations: true)).execute + @todos ||= TodosFinder.new(current_user, params).execute end def todos_counts -- cgit v1.2.1 From 86ef67eee559c536e159673b26fb524c92d2eb82 Mon Sep 17 00:00:00 2001 From: Oswaldo Ferreira Date: Mon, 20 Mar 2017 23:36:53 -0300 Subject: Present ajax call errors when failing to update an Issue --- app/controllers/projects/issues_controller.rb | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index cdb5b4173d3..0d6d9f492c1 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -148,7 +148,14 @@ class Projects::IssuesController < Projects::ApplicationController end format.json do - render json: @issue.to_json(include: { milestone: {}, assignee: { only: [:name, :username], methods: [:avatar_url] }, labels: { methods: :text_color } }, methods: [:task_status, :task_status_short]) + if @issue.valid? + render json: @issue.to_json(methods: [:task_status, :task_status_short], + include: { milestone: {}, + assignee: { only: [:name, :username], methods: [:avatar_url] }, + labels: { methods: :text_color } }) + else + render json: { errors: @issue.errors.full_messages }, status: :unprocessable_entity + end end end -- cgit v1.2.1 From 8b6041bce31750aeffbaca70950c36188b6639d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Wed, 22 Mar 2017 15:59:03 +0100 Subject: Don't try to find a user by personal_access_token if the token is nil MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémy Coutable --- app/controllers/application_controller.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b7ce081a5cd..6a6e335d314 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -64,8 +64,11 @@ class ApplicationController < ActionController::Base # This filter handles both private tokens and personal access tokens def authenticate_user_from_private_token! - token_string = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence - user = User.find_by_authentication_token(token_string) || User.find_by_personal_access_token(token_string) + token = params[:private_token].presence || request.headers['PRIVATE-TOKEN'].presence + + return unless token.present? + + user = User.find_by_authentication_token(token) || User.find_by_personal_access_token(token) if user && can?(user, :log_in) # Notice we are passing store false, so the user is not -- cgit v1.2.1 From 0e06cfc059af0b70b366ab1eaf75f7601fdcb5e1 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 28 Feb 2017 04:17:21 +0900 Subject: Add api points for ci cd status. Add favicon. --- app/controllers/projects/builds_controller.rb | 6 ++++++ app/controllers/projects/merge_requests_controller.rb | 8 +++++++- app/controllers/projects/pipelines_controller.rb | 6 ++++++ 3 files changed, 19 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index 886934a3f67..54650bc37a2 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -91,6 +91,12 @@ class Projects::BuildsController < Projects::ApplicationController end end + def ci_cd_status + render json: BuildSerializer + .new(project: @project, user: @current_user) + .represent(@build) + end + private def build diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 677a8a1a73a..18b1a5cb395 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -10,7 +10,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController before_action :module_enabled before_action :merge_request, only: [ :edit, :update, :show, :diffs, :commits, :conflicts, :conflict_for_path, :pipelines, :merge, :merge_check, - :ci_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues + :ci_status, :ci_cd_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues ] before_action :validates_merge_request, only: [:show, :diffs, :commits, :pipelines] before_action :define_show_vars, only: [:show, :diffs, :commits, :conflicts, :conflict_for_path, :builds, :pipelines] @@ -473,6 +473,12 @@ class Projects::MergeRequestsController < Projects::ApplicationController render json: response end + def ci_cd_status + render json: PipelineSerializer + .new(project: @project, user: @current_user) + .represent(@merge_request.head_pipeline) + end + def ci_environments_status environments = begin diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 718d9e86bea..508d627889c 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -72,6 +72,12 @@ class Projects::PipelinesController < Projects::ApplicationController end end + def ci_cd_status + render json: PipelineSerializer + .new(project: @project, user: @current_user) + .represent(@pipeline) + end + def stage @stage = pipeline.stage(params[:stage]) return not_found unless @stage -- cgit v1.2.1 From ba27f1b954e79713ec1905b46ee5ba1b940418f0 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 3 Mar 2017 15:59:25 +0900 Subject: Expose only status. ci_cd_status to status. Support abstract class. --- app/controllers/projects/builds_controller.rb | 14 +++++++------- app/controllers/projects/merge_requests_controller.rb | 5 +++-- app/controllers/projects/pipelines_controller.rb | 3 ++- 3 files changed, 12 insertions(+), 10 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index 54650bc37a2..8d00f2bf1b2 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -73,8 +73,14 @@ class Projects::BuildsController < Projects::ApplicationController redirect_to build_path(@build) end + # def status + # render json: @build.to_json(only: [:status, :id, :sha, :coverage], methods: :sha) + # end def status - render json: @build.to_json(only: [:status, :id, :sha, :coverage], methods: :sha) + render json: BuildSerializer + .new(project: @project, user: @current_user) + .with_status + .represent(@build) end def erase @@ -91,12 +97,6 @@ class Projects::BuildsController < Projects::ApplicationController end end - def ci_cd_status - render json: BuildSerializer - .new(project: @project, user: @current_user) - .represent(@build) - end - private def build diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 18b1a5cb395..5087abedf40 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -10,7 +10,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController before_action :module_enabled before_action :merge_request, only: [ :edit, :update, :show, :diffs, :commits, :conflicts, :conflict_for_path, :pipelines, :merge, :merge_check, - :ci_status, :ci_cd_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues + :ci_status, :status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues ] before_action :validates_merge_request, only: [:show, :diffs, :commits, :pipelines] before_action :define_show_vars, only: [:show, :diffs, :commits, :conflicts, :conflict_for_path, :builds, :pipelines] @@ -473,9 +473,10 @@ class Projects::MergeRequestsController < Projects::ApplicationController render json: response end - def ci_cd_status + def status render json: PipelineSerializer .new(project: @project, user: @current_user) + .with_status .represent(@merge_request.head_pipeline) end diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 508d627889c..976827040ac 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -72,9 +72,10 @@ class Projects::PipelinesController < Projects::ApplicationController end end - def ci_cd_status + def status render json: PipelineSerializer .new(project: @project, user: @current_user) + .with_status .represent(@pipeline) end -- cgit v1.2.1 From 0191455471a977a9c7aac5de5574f6826c9bd2d1 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Mon, 6 Mar 2017 21:01:58 +0900 Subject: Remove legacy def status from builds_controller --- app/controllers/projects/builds_controller.rb | 3 --- 1 file changed, 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index 8d00f2bf1b2..f141cd6c3be 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -73,9 +73,6 @@ class Projects::BuildsController < Projects::ApplicationController redirect_to build_path(@build) end - # def status - # render json: @build.to_json(only: [:status, :id, :sha, :coverage], methods: :sha) - # end def status render json: BuildSerializer .new(project: @project, user: @current_user) -- cgit v1.2.1 From 2b33e9eeb68199f7085102a85c06821b991ecd4d Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 10 Mar 2017 18:30:39 +0900 Subject: with_status to only_status --- app/controllers/projects/builds_controller.rb | 2 +- app/controllers/projects/merge_requests_controller.rb | 2 +- app/controllers/projects/pipelines_controller.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index f141cd6c3be..caa3d335765 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -76,7 +76,7 @@ class Projects::BuildsController < Projects::ApplicationController def status render json: BuildSerializer .new(project: @project, user: @current_user) - .with_status + .only_status .represent(@build) end diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 5087abedf40..c873d06de5a 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -476,7 +476,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController def status render json: PipelineSerializer .new(project: @project, user: @current_user) - .with_status + .only_status .represent(@merge_request.head_pipeline) end diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 976827040ac..12ab43665f2 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -75,7 +75,7 @@ class Projects::PipelinesController < Projects::ApplicationController def status render json: PipelineSerializer .new(project: @project, user: @current_user) - .with_status + .only_status .represent(@pipeline) end -- cgit v1.2.1 From 38b1ec2cc04e850ff4898615cf9596de0f6235e1 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Sat, 11 Mar 2017 02:44:41 +0900 Subject: Fix rspec failure --- app/controllers/projects/builds_controller.rb | 3 +-- app/controllers/projects/merge_requests_controller.rb | 3 +-- app/controllers/projects/pipelines_controller.rb | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index caa3d335765..3441d3919e2 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -76,8 +76,7 @@ class Projects::BuildsController < Projects::ApplicationController def status render json: BuildSerializer .new(project: @project, user: @current_user) - .only_status - .represent(@build) + .represent_status(@build) end def erase diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index c873d06de5a..a20334757e0 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -476,8 +476,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController def status render json: PipelineSerializer .new(project: @project, user: @current_user) - .only_status - .represent(@merge_request.head_pipeline) + .represent_status(@merge_request.head_pipeline) end def ci_environments_status diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 12ab43665f2..43a1abaa662 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -75,8 +75,7 @@ class Projects::PipelinesController < Projects::ApplicationController def status render json: PipelineSerializer .new(project: @project, user: @current_user) - .only_status - .represent(@pipeline) + .represent_status(@pipeline) end def stage -- cgit v1.2.1 From 361f85122b4d226224e6fc8c9e4beac940ff10bf Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 17 Mar 2017 15:58:12 +0900 Subject: Rename endpoints 'status' to 'pipeline_status' in merge_requests --- app/controllers/projects/merge_requests_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index a20334757e0..165035285f4 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -10,7 +10,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController before_action :module_enabled before_action :merge_request, only: [ :edit, :update, :show, :diffs, :commits, :conflicts, :conflict_for_path, :pipelines, :merge, :merge_check, - :ci_status, :status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues + :ci_status, :pipeline_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues ] before_action :validates_merge_request, only: [:show, :diffs, :commits, :pipelines] before_action :define_show_vars, only: [:show, :diffs, :commits, :conflicts, :conflict_for_path, :builds, :pipelines] @@ -473,7 +473,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController render json: response end - def status + def pipeline_status render json: PipelineSerializer .new(project: @project, user: @current_user) .represent_status(@merge_request.head_pipeline) -- cgit v1.2.1 From a375d80eb072d62962af9b6f2decf9782cd7ee1f Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 21 Mar 2017 22:21:13 +0900 Subject: Use detailed_status effectively. Remove unnecesarry context(nest). Add new context in merge_requests_controller_spec.rb and fix a bug. Correct description of spec. --- app/controllers/projects/merge_requests_controller.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 165035285f4..6a116f99f13 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -474,6 +474,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController end def pipeline_status + render json: {} and return unless @merge_request.head_pipeline.present? render json: PipelineSerializer .new(project: @project, user: @current_user) .represent_status(@merge_request.head_pipeline) -- cgit v1.2.1 From 1d75989551090ce1f21984cb2630e29493d9065b Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Thu, 23 Mar 2017 17:18:11 +0900 Subject: Move conditional statement to PipelineSerializer#represent_status --- app/controllers/projects/merge_requests_controller.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 6a116f99f13..165035285f4 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -474,7 +474,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController end def pipeline_status - render json: {} and return unless @merge_request.head_pipeline.present? render json: PipelineSerializer .new(project: @project, user: @current_user) .represent_status(@merge_request.head_pipeline) -- cgit v1.2.1 From 68aae3ab9e69d7baabe31d01a071e1911c6b8a0a Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 8 Mar 2017 15:37:39 +0900 Subject: No need to authorize_update_build! if 'trace' requested (as same as 'raw') --- app/controllers/projects/builds_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index 886934a3f67..f1e4246e7fb 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -1,7 +1,7 @@ class Projects::BuildsController < Projects::ApplicationController before_action :build, except: [:index, :cancel_all] before_action :authorize_read_build!, except: [:cancel, :cancel_all, :retry, :play] - before_action :authorize_update_build!, except: [:index, :show, :status, :raw] + before_action :authorize_update_build!, except: [:index, :show, :status, :raw, :trace] layout 'project' def index -- cgit v1.2.1 From 5058fc67acdde120e673c24555908394c72a343b Mon Sep 17 00:00:00 2001 From: Toon Claes Date: Thu, 23 Mar 2017 15:25:42 +0100 Subject: Remove redundant code to convert restricted_levels to integers The ApplicationSetting#restricted_visibility_levels= now takes care of converting string formatted levels to integers. --- app/controllers/admin/application_settings_controller.rb | 9 --------- 1 file changed, 9 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 8d831ffdd70..0bfbe47eb4f 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -45,15 +45,6 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController end def application_setting_params - restricted_levels = params[:application_setting][:restricted_visibility_levels] - if restricted_levels.nil? - params[:application_setting][:restricted_visibility_levels] = [] - else - restricted_levels.map! do |level| - level.to_i - end - end - import_sources = params[:application_setting][:import_sources] if import_sources.nil? params[:application_setting][:import_sources] = [] -- cgit v1.2.1 From e0d2f249b4884f9525c44119680bf804e8a7ff20 Mon Sep 17 00:00:00 2001 From: Adam Niedzielski Date: Thu, 23 Mar 2017 15:45:25 +0100 Subject: Return 404 if deploy key cannot be found in Projects::DeployKeysController#disable Closes #29633 --- app/controllers/projects/deploy_keys_controller.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 1502b734f37..d0c44e297e3 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -31,8 +31,10 @@ class Projects::DeployKeysController < Projects::ApplicationController end def disable - @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]).destroy + deploy_key_project = @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]) + return render_404 unless deploy_key_project + deploy_key_project.destroy! redirect_to_repository_settings(@project) end -- cgit v1.2.1 From 4d6e377cd9929be7826614dc986deba4ad03438c Mon Sep 17 00:00:00 2001 From: Sanster Date: Fri, 24 Feb 2017 20:13:42 +0800 Subject: fix new MR form erroneously selects tag as source when branch of same name exists #23237 --- app/controllers/projects/merge_requests_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 app/controllers/projects/merge_requests_controller.rb (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb old mode 100644 new mode 100755 index 677a8a1a73a..2fadf7c8c81 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -402,7 +402,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController if params[:ref].present? @ref = params[:ref] - @commit = @repository.commit(@ref) + @commit = @repository.commit("refs/heads/#{@ref}") end render layout: false @@ -413,7 +413,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController if params[:ref].present? @ref = params[:ref] - @commit = @target_project.commit(@ref) + @commit = @target_project.commit("refs/heads/#{@ref}") end render layout: false -- cgit v1.2.1 From e118d48df91ba04a9cba3ddb90ef20166ff8d9b8 Mon Sep 17 00:00:00 2001 From: George Andrinopoulos Date: Fri, 24 Mar 2017 00:39:12 +0000 Subject: Add dropdown sort to project milestones --- app/controllers/projects/milestones_controller.rb | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index be52b0fa7cf..5922e686cd0 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -13,11 +13,14 @@ class Projects::MilestonesController < Projects::ApplicationController def index @milestones = case params[:state] - when 'all' then @project.milestones.reorder(due_date: :desc, title: :asc) - when 'closed' then @project.milestones.closed.reorder(due_date: :desc, title: :asc) - else @project.milestones.active.reorder(due_date: :asc, title: :asc) + when 'all' then @project.milestones + when 'closed' then @project.milestones.closed + else @project.milestones.active end + @sort = params[:sort] || 'due_date_asc' + @milestones = @milestones.sort(@sort) + @milestones = @milestones.includes(:project) respond_to do |format| format.html do -- cgit v1.2.1 From 97941d2cf5e3ef79198a7c39ca829fb038e23a64 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 23 Mar 2017 13:43:47 -0400 Subject: Display flash message to unauthenticated user when creating new issue --- app/controllers/projects/issues_controller.rb | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 0d6d9f492c1..d984e6d3918 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -260,4 +260,13 @@ class Projects::IssuesController < Projects::ApplicationController :milestone_id, :due_date, :state_event, :task_num, :lock_version, label_ids: [] ) end + + def authenticate_user! + return if current_user + + notice = "Please sign in to create the new issue." + + store_location_for :user, request.fullpath + redirect_to new_user_session_path, notice: notice + end end -- cgit v1.2.1 From ddd97f3c91c880d78846b72f7d9cb6c6a5dda5e7 Mon Sep 17 00:00:00 2001 From: Keifer Furzland Date: Sun, 26 Mar 2017 01:47:10 +0000 Subject: Update wikis_controller.rb to use strong params --- app/controllers/projects/wikis_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb index f210f7e61d2..c5e24b9e365 100644 --- a/app/controllers/projects/wikis_controller.rb +++ b/app/controllers/projects/wikis_controller.rb @@ -124,6 +124,6 @@ class Projects::WikisController < Projects::ApplicationController end def wiki_params - params[:wiki].slice(:title, :content, :format, :message) + params.require(:wiki).permit(:title, :content, :format, :message) end end -- cgit v1.2.1 From 7c74a0209b2354ee9260bfebe9bbde5cd0c141bf Mon Sep 17 00:00:00 2001 From: George Andrinopoulos Date: Mon, 27 Mar 2017 09:37:24 +0000 Subject: Implement new service for creating user --- app/controllers/admin/users_controller.rb | 12 ++++-------- app/controllers/registrations_controller.rb | 11 +++-------- 2 files changed, 7 insertions(+), 16 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 24504685e48..563bcc65bd6 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -95,18 +95,14 @@ class Admin::UsersController < Admin::ApplicationController def create opts = { - force_random_password: true, - password_expires_at: nil + reset_password: true, + skip_confirmation: true } - @user = User.new(user_params.merge(opts)) - @user.created_by_id = current_user.id - @user.generate_password - @user.generate_reset_token - @user.skip_confirmation! + @user = Users::CreateService.new(current_user, user_params.merge(opts)).execute respond_to do |format| - if @user.save + if @user.persisted? format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' } format.json { render json: @user, status: :created, location: @user } else diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index b44f38d4a0c..a49a1f50a81 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -1,5 +1,4 @@ class RegistrationsController < Devise::RegistrationsController - before_action :signup_enabled? include Recaptcha::Verify def new @@ -21,6 +20,8 @@ class RegistrationsController < Devise::RegistrationsController flash.delete :recaptcha_error render action: 'new' end + rescue Gitlab::Access::AccessDeniedError + redirect_to(new_user_session_path) end def destroy @@ -50,12 +51,6 @@ class RegistrationsController < Devise::RegistrationsController private - def signup_enabled? - unless current_application_settings.signup_enabled? - redirect_to(new_user_session_path) - end - end - def sign_up_params params.require(:user).permit(:username, :email, :email_confirmation, :name, :password) end @@ -65,7 +60,7 @@ class RegistrationsController < Devise::RegistrationsController end def resource - @resource ||= User.new(sign_up_params) + @resource ||= Users::CreateService.new(current_user, sign_up_params).build end def devise_mapping -- cgit v1.2.1 From 0344e0838d2ae6fae483bafed2be70808b731010 Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Mon, 27 Mar 2017 10:46:14 +0100 Subject: Only load what we need when visiting MR diffs page The instance variables set in this action are only used by the JSON response. Visiting `merge_requests/:iid/diffs` in a browser always loads the `show` action, so we don't need to find an MR diff, or an environment, in that case. --- .../projects/merge_requests_controller.rb | 44 +++++++++++----------- 1 file changed, 22 insertions(+), 22 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 2fadf7c8c81..c12e65e794b 100755 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -97,31 +97,31 @@ class Projects::MergeRequestsController < Projects::ApplicationController def diffs apply_diff_view_cookie! - @merge_request_diff = - if params[:diff_id] - @merge_request.merge_request_diffs.viewable.find(params[:diff_id]) - else - @merge_request.merge_request_diff - end - - @merge_request_diffs = @merge_request.merge_request_diffs.viewable.select_without_diff - @comparable_diffs = @merge_request_diffs.select { |diff| diff.id < @merge_request_diff.id } - - if params[:start_sha].present? - @start_sha = params[:start_sha] - @start_version = @comparable_diffs.find { |diff| diff.head_commit_sha == @start_sha } - - unless @start_version - @start_sha = @merge_request_diff.head_commit_sha - @start_version = @merge_request_diff - end - end - - @environment = @merge_request.environments_for(current_user).last - respond_to do |format| format.html { define_discussion_vars } format.json do + @merge_request_diff = + if params[:diff_id] + @merge_request.merge_request_diffs.viewable.find(params[:diff_id]) + else + @merge_request.merge_request_diff + end + + @merge_request_diffs = @merge_request.merge_request_diffs.viewable.select_without_diff + @comparable_diffs = @merge_request_diffs.select { |diff| diff.id < @merge_request_diff.id } + + if params[:start_sha].present? + @start_sha = params[:start_sha] + @start_version = @comparable_diffs.find { |diff| diff.head_commit_sha == @start_sha } + + unless @start_version + @start_sha = @merge_request_diff.head_commit_sha + @start_version = @merge_request_diff + end + end + + @environment = @merge_request.environments_for(current_user).last + if @start_sha compared_diff_version else -- cgit v1.2.1 From d8569440b5008f9cd383515d5dce3bf8730bbef6 Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Sun, 26 Mar 2017 08:58:49 +0200 Subject: There might be ps utilities out there, that assume 80chars instead of unlimited width if they cannot detect terminal size, therefore force unlimited terminal size when checking processes via ps. --- app/controllers/admin/background_jobs_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/background_jobs_controller.rb b/app/controllers/admin/background_jobs_controller.rb index c09095b9849..87eb7ff4c93 100644 --- a/app/controllers/admin/background_jobs_controller.rb +++ b/app/controllers/admin/background_jobs_controller.rb @@ -1,6 +1,6 @@ class Admin::BackgroundJobsController < Admin::ApplicationController def show - ps_output, _ = Gitlab::Popen.popen(%W(ps -U #{Gitlab.config.gitlab.user} -o pid,pcpu,pmem,stat,start,command)) + ps_output, _ = Gitlab::Popen.popen(%W(ps ww -U #{Gitlab.config.gitlab.user} -o pid,pcpu,pmem,stat,start,command)) @sidekiq_processes = ps_output.split("\n").grep(/sidekiq/) @concurrency = Sidekiq.options[:concurrency] end -- cgit v1.2.1 From 6dd76954443180e8fe97950e230ea6d1e2400d65 Mon Sep 17 00:00:00 2001 From: Dongqing Hu Date: Wed, 29 Mar 2017 11:45:15 +0000 Subject: Labels support color names in backend --- app/controllers/admin/labels_controller.rb | 9 +++++---- app/controllers/groups/labels_controller.rb | 6 ++++-- app/controllers/projects/labels_controller.rb | 6 ++++-- 3 files changed, 13 insertions(+), 8 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/labels_controller.rb b/app/controllers/admin/labels_controller.rb index d496f08a598..4531657268c 100644 --- a/app/controllers/admin/labels_controller.rb +++ b/app/controllers/admin/labels_controller.rb @@ -16,10 +16,9 @@ class Admin::LabelsController < Admin::ApplicationController end def create - @label = Label.new(label_params) - @label.template = true + @label = Labels::CreateService.new(label_params).execute(template: true) - if @label.save + if @label.persisted? redirect_to admin_labels_url, notice: "Label was created" else render :new @@ -27,7 +26,9 @@ class Admin::LabelsController < Admin::ApplicationController end def update - if @label.update(label_params) + @label = Labels::UpdateService.new(label_params).execute(@label) + + if @label.valid? redirect_to admin_labels_path, notice: 'label was successfully updated.' else render :edit diff --git a/app/controllers/groups/labels_controller.rb b/app/controllers/groups/labels_controller.rb index 587898a8634..facb25525b5 100644 --- a/app/controllers/groups/labels_controller.rb +++ b/app/controllers/groups/labels_controller.rb @@ -26,7 +26,7 @@ class Groups::LabelsController < Groups::ApplicationController end def create - @label = @group.labels.create(label_params) + @label = Labels::CreateService.new(label_params).execute(group: group) if @label.valid? redirect_to group_labels_path(@group) @@ -40,7 +40,9 @@ class Groups::LabelsController < Groups::ApplicationController end def update - if @label.update_attributes(label_params) + @label = Labels::UpdateService.new(label_params).execute(@label) + + if @label.valid? redirect_back_or_group_labels_path else render :edit diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb index 1593b5c1afb..2f55ba4e700 100644 --- a/app/controllers/projects/labels_controller.rb +++ b/app/controllers/projects/labels_controller.rb @@ -29,7 +29,7 @@ class Projects::LabelsController < Projects::ApplicationController end def create - @label = @project.labels.create(label_params) + @label = Labels::CreateService.new(label_params).execute(project: @project) if @label.valid? respond_to do |format| @@ -48,7 +48,9 @@ class Projects::LabelsController < Projects::ApplicationController end def update - if @label.update_attributes(label_params) + @label = Labels::UpdateService.new(label_params).execute(@label) + + if @label.valid? redirect_to namespace_project_labels_path(@project.namespace, @project) else render :edit -- cgit v1.2.1 From 9bac3bfc587466a42194350ae51d2e9ad74a7627 Mon Sep 17 00:00:00 2001 From: Douglas Barbosa Alexandre Date: Thu, 30 Mar 2017 21:24:49 +0000 Subject: Allow users to import GitHub projects to subgroups --- app/controllers/import/base_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb index 256c41e6145..eeee027ef2d 100644 --- a/app/controllers/import/base_controller.rb +++ b/app/controllers/import/base_controller.rb @@ -11,7 +11,7 @@ class Import::BaseController < ApplicationController namespace.add_owner(current_user) namespace rescue ActiveRecord::RecordNotUnique, ActiveRecord::RecordInvalid - Namespace.find_by_path_or_name(name) + Namespace.find_by_full_path(name) end end end -- cgit v1.2.1 From fd097fa9e12a403d5f56d24b68df9a3ea5ace25c Mon Sep 17 00:00:00 2001 From: Sebastian Reitenbach Date: Tue, 28 Mar 2017 23:29:49 +0200 Subject: Handle parsing OpenBSD ps output properly to display sidekiq infos on admin->monitoring->background --- app/controllers/admin/background_jobs_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/background_jobs_controller.rb b/app/controllers/admin/background_jobs_controller.rb index 87eb7ff4c93..5f90ad7137d 100644 --- a/app/controllers/admin/background_jobs_controller.rb +++ b/app/controllers/admin/background_jobs_controller.rb @@ -1,7 +1,7 @@ class Admin::BackgroundJobsController < Admin::ApplicationController def show ps_output, _ = Gitlab::Popen.popen(%W(ps ww -U #{Gitlab.config.gitlab.user} -o pid,pcpu,pmem,stat,start,command)) - @sidekiq_processes = ps_output.split("\n").grep(/sidekiq/) + @sidekiq_processes = ps_output.split("\n").grep(/sidekiq \d+\.\d+\.\d+/) @concurrency = Sidekiq.options[:concurrency] end end -- cgit v1.2.1 From b0ab0e4eff22ad35fcbad12c3feac6e8ac8b3822 Mon Sep 17 00:00:00 2001 From: Dongqing Hu Date: Fri, 31 Mar 2017 13:03:55 +0000 Subject: Refactor SearchController#show --- app/controllers/search_controller.rb | 40 +++++++----------------------------- 1 file changed, 7 insertions(+), 33 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index 612d69cf557..4a579601785 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -6,45 +6,19 @@ class SearchController < ApplicationController layout 'search' def show - if params[:project_id].present? - @project = Project.find_by(id: params[:project_id]) - @project = nil unless can?(current_user, :download_code, @project) - end + search_service = SearchService.new(current_user, params) - if params[:group_id].present? - @group = Group.find_by(id: params[:group_id]) - @group = nil unless can?(current_user, :read_group, @group) - end + @project = search_service.project + @group = search_service.group return if params[:search].blank? @search_term = params[:search] - @scope = params[:scope] - @show_snippets = params[:snippets].eql? 'true' - - @search_results = - if @project - unless %w(blobs notes issues merge_requests milestones wiki_blobs - commits).include?(@scope) - @scope = 'blobs' - end - - Search::ProjectService.new(@project, current_user, params).execute - elsif @show_snippets - unless %w(snippet_blobs snippet_titles).include?(@scope) - @scope = 'snippet_blobs' - end - - Search::SnippetService.new(current_user, params).execute - else - unless %w(projects issues merge_requests milestones).include?(@scope) - @scope = 'projects' - end - Search::GlobalService.new(current_user, params).execute - end - - @search_objects = @search_results.objects(@scope, params[:page]) + @scope = search_service.scope + @show_snippets = search_service.show_snippets? + @search_results = search_service.search_results + @search_objects = search_service.search_objects check_single_commit_result end -- cgit v1.2.1 From b9adf92f3c96d5f24fa413944dff3b932740a613 Mon Sep 17 00:00:00 2001 From: Tiago Botelho Date: Tue, 28 Mar 2017 11:33:51 +0100 Subject: Prevent users from disconnecting gitlab account from CAS --- app/controllers/profiles/accounts_controller.rb | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/profiles/accounts_controller.rb b/app/controllers/profiles/accounts_controller.rb index 69959fe3687..7d1aa8d1ce0 100644 --- a/app/controllers/profiles/accounts_controller.rb +++ b/app/controllers/profiles/accounts_controller.rb @@ -1,11 +1,22 @@ class Profiles::AccountsController < Profiles::ApplicationController + include AuthHelper + def show @user = current_user end def unlink provider = params[:provider] - current_user.identities.find_by(provider: provider).destroy unless provider.to_s == 'saml' + identity = current_user.identities.find_by(provider: provider) + + return render_404 unless identity + + if unlink_allowed?(provider) + identity.destroy + else + flash[:alert] = "You are not allowed to unlink your primary login account" + end + redirect_to profile_account_path end end -- cgit v1.2.1 From 6a2d022d1d578f8957736de2fb895069c24c072b Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Fri, 31 Mar 2017 21:29:51 -0700 Subject: Delete users asynchronously --- app/controllers/registrations_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index a49a1f50a81..8109427a45f 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -25,12 +25,12 @@ class RegistrationsController < Devise::RegistrationsController end def destroy - Users::DestroyService.new(current_user).execute(current_user) + DeleteUserWorker.perform_async(current_user.id, current_user.id) respond_to do |format| format.html do session.try(:destroy) - redirect_to new_user_session_path, notice: "Account successfully removed." + redirect_to new_user_session_path, notice: "Account scheduled for removal." end end end -- cgit v1.2.1 From 38a108cac9b95860eef261c01588c9c5a4c5db5c Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Thu, 30 Mar 2017 21:47:22 -0700 Subject: Fix a few N+1 queries identified by Bullet See !10263 --- app/controllers/admin/abuse_reports_controller.rb | 1 + app/controllers/groups/group_members_controller.rb | 1 + app/controllers/projects/merge_requests_controller.rb | 1 + app/controllers/projects/milestones_controller.rb | 2 +- 4 files changed, 4 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/abuse_reports_controller.rb b/app/controllers/admin/abuse_reports_controller.rb index 5055c318a5f..dc9a6df5f75 100644 --- a/app/controllers/admin/abuse_reports_controller.rb +++ b/app/controllers/admin/abuse_reports_controller.rb @@ -1,6 +1,7 @@ class Admin::AbuseReportsController < Admin::ApplicationController def index @abuse_reports = AbuseReport.order(id: :desc).page(params[:page]) + @abuse_reports.includes(:reporter, :user) end def destroy diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 0cbf3eb58a3..00c50f9d0ad 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -14,6 +14,7 @@ class Groups::GroupMembersController < Groups::ApplicationController @members = @members.search(params[:search]) if params[:search].present? @members = @members.sort(@sort) @members = @members.page(params[:page]).per(50) + @members.includes(:user) @requesters = AccessRequestsFinder.new(@group).execute(current_user) diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 9621b30b251..37e3ac05916 100755 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -39,6 +39,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController @collection_type = "MergeRequest" @merge_requests = merge_requests_collection @merge_requests = @merge_requests.page(params[:page]) + @merge_requests = @merge_requests.includes(merge_request_diff: :merge_request) @issuable_meta_data = issuable_meta_data(@merge_requests, @collection_type) if @merge_requests.out_of_range? && @merge_requests.total_pages != 0 diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index 5922e686cd0..408c0c60cb0 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -21,9 +21,9 @@ class Projects::MilestonesController < Projects::ApplicationController @sort = params[:sort] || 'due_date_asc' @milestones = @milestones.sort(@sort) - @milestones = @milestones.includes(:project) respond_to do |format| format.html do + @milestones = @milestones.includes(:project) @milestones = @milestones.page(params[:page]) end format.json do -- cgit v1.2.1 From af0c08b6f92a0933e24414bea11344162cda6c43 Mon Sep 17 00:00:00 2001 From: mhasbini Date: Sun, 2 Apr 2017 18:54:19 +0300 Subject: Fix redirection after login when the referer have params --- app/controllers/sessions_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 7d81c96262f..d8561871098 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -79,7 +79,7 @@ class SessionsController < Devise::SessionsController if request.referer.present? && (params['redirect_to_referer'] == 'yes') referer_uri = URI(request.referer) if referer_uri.host == Gitlab.config.gitlab.host - referer_uri.path + referer_uri.request_uri else request.fullpath end -- cgit v1.2.1 From 9543025e88d3d0fe298e95330b8d38802da50cc6 Mon Sep 17 00:00:00 2001 From: Adam Niedzielski Date: Mon, 3 Apr 2017 15:17:04 +0200 Subject: Introduce "polling_interval_multiplier" as application setting Implement module for setting "Poll-Interval" response header. Return 429 in ETag caching middleware when polling is disabled. --- app/controllers/admin/application_settings_controller.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/controllers') diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 0bfbe47eb4f..515d8e1523b 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -134,6 +134,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController :unique_ips_limit_enabled, :version_check_enabled, :terminal_max_session_time, + :polling_interval_multiplier, disabled_oauth_sign_in_sources: [], import_sources: [], -- cgit v1.2.1 From 39753bfb9cdd77ed7fc1458afc202b126ea6984d Mon Sep 17 00:00:00 2001 From: Ahmad Sherif Date: Thu, 30 Mar 2017 17:24:36 +0200 Subject: Add feature flags for enabling (Upload|Receive)Pack for Gitaly Closes gitaly#168 --- app/controllers/projects/git_http_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb index 278098fcc58..37f6f637ff0 100644 --- a/app/controllers/projects/git_http_controller.rb +++ b/app/controllers/projects/git_http_controller.rb @@ -57,7 +57,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController def render_ok set_workhorse_internal_api_content_type - render json: Gitlab::Workhorse.git_http_ok(repository, user) + render json: Gitlab::Workhorse.git_http_ok(repository, user, action_name) end def render_http_not_allowed -- cgit v1.2.1 From e52b1df1d5391f0fa0b9ec7eb2d3492b05f64ba4 Mon Sep 17 00:00:00 2001 From: mhasbini Date: Tue, 4 Apr 2017 13:54:58 +0300 Subject: Remove useless queries with false conditions (e.g 1=0) --- app/controllers/concerns/issuable_collections.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/concerns/issuable_collections.rb b/app/controllers/concerns/issuable_collections.rb index 85ae4985e58..c8a501d7319 100644 --- a/app/controllers/concerns/issuable_collections.rb +++ b/app/controllers/concerns/issuable_collections.rb @@ -15,6 +15,9 @@ module IssuableCollections # a new order into the collection. # We cannot use reorder to not mess up the paginated collection. issuable_ids = issuable_collection.map(&:id) + + return {} if issuable_ids.empty? + issuable_note_count = Note.count_for_collection(issuable_ids, @collection_type) issuable_votes_count = AwardEmoji.votes_for_collection(issuable_ids, @collection_type) issuable_merge_requests_count = -- cgit v1.2.1 From bdcd23b297a0234afcb8aae32bc215e827da09fc Mon Sep 17 00:00:00 2001 From: James Lopez Date: Wed, 5 Apr 2017 10:09:31 +0000 Subject: Create subgroups if they don't exist while importing projects --- app/controllers/import/base_controller.rb | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb index eeee027ef2d..9de0297ecfd 100644 --- a/app/controllers/import/base_controller.rb +++ b/app/controllers/import/base_controller.rb @@ -1,17 +1,27 @@ class Import::BaseController < ApplicationController private - def find_or_create_namespace(name, owner) - return current_user.namespace if name == owner + def find_or_create_namespace(names, owner) + return current_user.namespace if names == owner return current_user.namespace unless current_user.can_create_group? - begin - name = params[:target_namespace].presence || name - namespace = Group.create!(name: name, path: name, owner: current_user) - namespace.add_owner(current_user) - namespace - rescue ActiveRecord::RecordNotUnique, ActiveRecord::RecordInvalid - Namespace.find_by_full_path(name) + names = params[:target_namespace].presence || names + full_path_namespace = Namespace.find_by_full_path(names) + + return full_path_namespace if full_path_namespace + + names.split('/').inject(nil) do |parent, name| + begin + namespace = Group.create!(name: name, + path: name, + owner: current_user, + parent: parent) + namespace.add_owner(current_user) + + namespace + rescue ActiveRecord::RecordNotUnique, ActiveRecord::RecordInvalid + Namespace.where(parent: parent).find_by_path_or_name(name) + end end end end -- cgit v1.2.1 From 7c5198219aacaf18bfc7e8c523dcfa15d013139a Mon Sep 17 00:00:00 2001 From: "Luke \"Jared\" Bennett" Date: Wed, 5 Apr 2017 12:43:03 +0000 Subject: MR empty state --- app/controllers/groups/application_controller.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/controllers') diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb index c411c21bb80..8b69c18d689 100644 --- a/app/controllers/groups/application_controller.rb +++ b/app/controllers/groups/application_controller.rb @@ -10,6 +10,7 @@ class Groups::ApplicationController < ApplicationController unless @group id = params[:group_id] || params[:id] @group = Group.find_by_full_path(id) + @group_merge_requests = MergeRequestsFinder.new(current_user, group_id: @group.id).execute unless @group && can?(current_user, :read_group, @group) @group = nil -- cgit v1.2.1 From 1c783007e6e2db25623eac3b3b1ef15bfdf95193 Mon Sep 17 00:00:00 2001 From: Regis Boudinot Date: Thu, 6 Apr 2017 01:13:06 +0000 Subject: Issue title realtime --- app/controllers/projects/issues_controller.rb | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index d984e6d3918..3a870ae4241 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -11,10 +11,10 @@ class Projects::IssuesController < Projects::ApplicationController before_action :redirect_to_external_issue_tracker, only: [:index, :new] before_action :module_enabled before_action :issue, only: [:edit, :update, :show, :referenced_merge_requests, - :related_branches, :can_create_branch] + :related_branches, :can_create_branch, :rendered_title] # Allow read any issue - before_action :authorize_read_issue!, only: [:show] + before_action :authorize_read_issue!, only: [:show, :rendered_title] # Allow write(create) issue before_action :authorize_create_issue!, only: [:new, :create] @@ -200,6 +200,11 @@ class Projects::IssuesController < Projects::ApplicationController end end + def rendered_title + Gitlab::PollingInterval.set_header(response, interval: 3_000) + render json: { title: view_context.markdown_field(@issue, :title) } + end + protected def issue -- cgit v1.2.1 From b80653bb6aa8518e0a61e85cae4430928078c092 Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Wed, 5 Apr 2017 22:52:19 +0000 Subject: Merge branch 'open-redirect-host-fix' into 'security' Fix for three open redirect vulns using redirect_to url_for(params.merge))) See merge request !2082 --- app/controllers/dashboard/todos_controller.rb | 2 +- app/controllers/projects/issues_controller.rb | 2 +- app/controllers/projects/merge_requests_controller.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/dashboard/todos_controller.rb b/app/controllers/dashboard/todos_controller.rb index 498690e8f11..4d7d45787fc 100644 --- a/app/controllers/dashboard/todos_controller.rb +++ b/app/controllers/dashboard/todos_controller.rb @@ -7,7 +7,7 @@ class Dashboard::TodosController < Dashboard::ApplicationController @sort = params[:sort] @todos = @todos.page(params[:page]) if @todos.out_of_range? && @todos.total_pages != 0 - redirect_to url_for(params.merge(page: @todos.total_pages)) + redirect_to url_for(params.merge(page: @todos.total_pages, only_path: true)) end end diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index d984e6d3918..83f05e3e350 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -31,7 +31,7 @@ class Projects::IssuesController < Projects::ApplicationController @issuable_meta_data = issuable_meta_data(@issues, @collection_type) if @issues.out_of_range? && @issues.total_pages != 0 - return redirect_to url_for(params.merge(page: @issues.total_pages)) + return redirect_to url_for(params.merge(page: @issues.total_pages, only_path: true)) end if params[:label_name].present? diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 37e3ac05916..a79d801991a 100755 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -43,7 +43,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController @issuable_meta_data = issuable_meta_data(@merge_requests, @collection_type) if @merge_requests.out_of_range? && @merge_requests.total_pages != 0 - return redirect_to url_for(params.merge(page: @merge_requests.total_pages)) + return redirect_to url_for(params.merge(page: @merge_requests.total_pages, only_path: true)) end if params[:label_name].present? -- cgit v1.2.1 From d687f6436a14c8b36f1a560ee95222bb2d4fb63f Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Wed, 5 Apr 2017 21:17:49 +0000 Subject: Merge branch 'open-redirect-fix-continue-to' into 'security' Fix for open redirect vuln involving continue[to] params See merge request !2083 --- app/controllers/concerns/continue_params.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/controllers') diff --git a/app/controllers/concerns/continue_params.rb b/app/controllers/concerns/continue_params.rb index 0a995c45bdf..eb3a623acdd 100644 --- a/app/controllers/concerns/continue_params.rb +++ b/app/controllers/concerns/continue_params.rb @@ -7,6 +7,7 @@ module ContinueParams continue_params = continue_params.permit(:to, :notice, :notice_now) return unless continue_params[:to] && continue_params[:to].start_with?('/') + return if continue_params[:to].start_with?('//') continue_params end -- cgit v1.2.1