delta/gitlab/gitlab-ce.git/app/finders, branch fix-include-description-commit-message gitlab.com: gitlab-org/gitlab-ce.git Add comments to issuable finder 2017-01-11T01:51:57+00:00 Clement Ho ClemMakesApps@gmail.com 2017-01-11T01:51:57+00:00 044a195b1e8ca854e67f8e2782bc69c345bf0df6 






Make sure we could query against no one
2017-01-09T22:01:35+00:00

Lin Jen-Shin
godfat@godfat.org

2016-12-16T14:28:18+00:00

f7f9e58092892e5bae0887aa2c0ee9f699085aad

We should separate the idea of not finding anyone,
and the idea of against no one.





We should separate the idea of not finding anyone,
and the idea of against no one.







Show no issues if author/assignee cannot be found
2017-01-09T22:01:35+00:00

Lin Jen-Shin
godfat@godfat.org

2016-12-16T12:12:59+00:00

464dddf4d0b54085c10ecb8b62aa7816ed7ba8a3

Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7345/diffs#note_19994225





Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7345/diffs#note_19994225







Check if it's not NONE too
2017-01-09T22:01:34+00:00

Lin Jen-Shin
godfat@godfat.org

2016-12-16T11:58:59+00:00

866bb202f29b8f5ad52563dd48ae57168dc6df77

So that we don't have to check it again in somewhere else,
and we don't really need to know if it's presented as NONE

Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7345/diffs#note_20123999





So that we don't have to check it again in somewhere else,
and we don't really need to know if it's presented as NONE

Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7345/diffs#note_20123999







Add author_username and assignee_username
2017-01-09T22:00:49+00:00

Clement Ho
ClemMakesApps@gmail.com

2016-11-07T22:33:51+00:00

d0165c82877cbc0ddd939713e7365337e0e5478f












Removed the "Groups" option from the settings gear
2017-01-03T16:52:14+00:00

Jose Ivan Vargas
jvargas@gitlab.com

2016-12-26T16:12:24+00:00

57b5612aaa6fd243f18587acbf0a8ebbb37551f2

Fixed more tests





Fixed more tests







Added groups to members section, added a members finder
2017-01-03T16:52:14+00:00

Jose Ivan Vargas
jvargas@gitlab.com

2016-12-23T22:29:00+00:00

ad58dec2e1564e9c2d23dd32e5da8b12eeba965d












Merge branch 'jej-24637-move-issue-visible_to_user-to-finder' into 'security'

2016-12-15T14:41:04+00:00

Sean McGivern
sean@gitlab.com

2016-12-12T08:43:56+00:00

4bf61b8bd4b04eace6d0f205573f15fc9d981682


Issue#visible_to_user moved to IssuesFinder

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24637.

See merge request !2039





Issue#visible_to_user moved to IssuesFinder

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24637.

See merge request !2039






Merge branch 'jej-note-search-uses-finder' into 'security'

2016-12-15T14:40:12+00:00

Douwe Maan
douwe@gitlab.com

2016-12-09T01:56:31+00:00

12db4cc0e70d3e249f3bf9fde85e336839422319


Fix missing Note access checks in by moving Note#search to updated NoteFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Note lookup without access check

- [x] :white_check_mark: app/finders/notes_finder.rb:13 :download_code check
- [x] :white_check_mark: app/finders/notes_finder.rb:19 `SnippetsFinder`
- [x] :white_check_mark: app/models/note.rb:121 [`Issue#visible_to_user`]
- [x] :white_check_mark: lib/gitlab/project_search_results.rb:113
  - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`.
  - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked.

### Previous discussions
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used
  - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223

###  Acceptance criteria met?
- [x] Tests added for new code
- [x] TODO comments removed
- [x] Squashed and removed skipped tests
- [x] Changelog entry
- [ ] State Gitlab versions affected and issue severity in description
- [ ] Create technical debt issue for NotesFinder.
  - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two.
  - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)`
  - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes`

See merge request !2035





Fix missing Note access checks in by moving Note#search to updated NoteFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Note lookup without access check

- [x] :white_check_mark: app/finders/notes_finder.rb:13 :download_code check
- [x] :white_check_mark: app/finders/notes_finder.rb:19 `SnippetsFinder`
- [x] :white_check_mark: app/models/note.rb:121 [`Issue#visible_to_user`]
- [x] :white_check_mark: lib/gitlab/project_search_results.rb:113
  - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`.
  - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked.

### Previous discussions
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used
  - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223

###  Acceptance criteria met?
- [x] Tests added for new code
- [x] TODO comments removed
- [x] Squashed and removed skipped tests
- [x] Changelog entry
- [ ] State Gitlab versions affected and issue severity in description
- [ ] Create technical debt issue for NotesFinder.
  - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two.
  - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)`
  - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes`

See merge request !2035






Merge branch '19990-update-snippets-page-design' into 'master'

2016-12-12T18:06:20+00:00

Fatih Acet
acetfatih@gmail.com

2016-12-12T18:06:20+00:00

01b767bd98237fc669b0576062341c91d519b60d


Resolve "Updated UI for Snippets pages"

## What does this MR do?

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?


Closes #19990

See merge request !7861





Resolve "Updated UI for Snippets pages"

## What does this MR do?

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?


Closes #19990

See merge request !7861