delta/gitlab/gitlab-ce.git/app/controllers/profiles, branch instance_level_clusters gitlab.com: gitlab-org/gitlab-ce.git Merge branch 'forbid-the-usage-of-reload' into 'master' 2019-04-15T15:52:12+00:00 Lin Jen-Shin godfat@godfat.org 2019-04-15T15:52:12+00:00 57cdf56aa7df41b013d9c47c6b12bf5a9e20e4f4 Forbid the usage of reload Closes #60218 See merge request gitlab-org/gitlab-ce!27125 
Forbid the usage of reload

Closes #60218

See merge request gitlab-org/gitlab-ce!27125
 Added write_repository scope for personal access token 2019-04-15T13:05:55+00:00 Horatiu Eugen Vlad horatiu@vlad.eu 2019-04-15T13:05:55+00:00 0aa56d895dba21d3a01b78d35c445107e224ed0c 






Forbid the use of `#reload` and prefer `#reset`
2019-04-15T11:05:14+00:00

Kamil TrzciƄski
ayufan@ayufan.eu

2019-04-08T13:33:36+00:00

650f40865e5d8136cb366fbde689c4100aafb0c5

The `#reload` makes to load all objects into memory,
and the main purpose of `#reload` is to drop the association cache.

The `#reset` seems to solve exactly that case.





The `#reload` makes to load all objects into memory,
and the main purpose of `#reload` is to drop the association cache.

The `#reset` seems to solve exactly that case.







Externalize strings in flash messages
2019-04-08T14:17:45+00:00

Martin Wortschack
mwortschack@gitlab.com

2019-04-08T14:17:45+00:00

76e8960f4ab30e91e7e9aca0ae82e10ba23d460d

- Externalize strings in controllers
- Update PO file





- Externalize strings in controllers
- Update PO file







Merge branch 'create-identity-provider-policy' into 'master'
2019-03-20T16:08:05+00:00

Nick Thomas
nick@gitlab.com

2019-03-20T16:08:05+00:00

4249eac3058fbc57724feb04b98a547732ca5959

Move out link\unlink ability checks to a policy

See merge request gitlab-org/gitlab-ce!26278




Move out link\unlink ability checks to a policy

See merge request gitlab-org/gitlab-ce!26278






Add additional link to 2fa page
2019-03-20T08:17:11+00:00

Gosia Ksionek
mksionek@gitlab.com

2019-03-20T08:17:11+00:00

66d3354f367bd294792b199ab60fdca513e0ee92












Move out link\unlink ability checks to a policy
2019-03-19T12:38:16+00:00

Pavel Shutsin
pshutsin@gitlab.com

2019-03-18T14:36:34+00:00

8ee1927db90d43205b4e6f8bd13f209c74b41bd1

We can extend the policy in EE for additional behavior





We can extend the policy in EE for additional behavior







Remove ability to revoke active session
2019-02-27T10:45:27+00:00

Imre Farkas
ifarkas@gitlab.com

2019-02-25T13:52:40+00:00

038d530565bc64729706bbd9afad275699be459d

Session ID is used as a parameter for the revoke session endpoint but it
should never be included in the HTML as an attacker could obtain it via
XSS.





Session ID is used as a parameter for the revoke session endpoint but it
should never be included in the HTML as an attacker could obtain it via
XSS.







Filter active sessions belonging to an admin impersonating the user
2019-02-27T10:44:58+00:00

Imre Farkas
ifarkas@gitlab.com

2019-02-23T18:18:44+00:00

44c4aad983570ea1832aa08c39f46dbc1b475fd3












Move language setting to preferences
2019-02-20T22:58:53+00:00

Fabian Schneider
fabbbbbi+git@googlemail.com

2019-02-20T22:58:53+00:00

a32fd49dd87414fcb8a9c979bd19b57355758c6e