delta/gitlab/gitlab-ce.git/lib/api/issues.rb, branch fe-commit-mr-pipelines

Add some API endpoints for time tracking.

2017-01-18T16:48:16+00:00

New endpoints are:

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_estimate"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_time_estimate"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/add_spent_time"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_spent_time"

GET  :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_stats"

API: Implement project issues iid param with IssuesFinder and add tests

2017-01-12T22:51:06+00:00

- Use IssuesFinder for the /issues API resouce
- Tests for iid filter in project issues API resource
- Tests for No Milestone filter in issues API resources
  The "No Milestone" case was not previously tested, and the `/issues`
  resource did not support the the `milestone` parameter.
- Return issues where all labels match from the issues and project issues
  API resources, like the group issues resource already does. See
  https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6825#note_17474533

Signed-off-by: Rémy Coutable

Adding 'IssueFinder' for 'projects' API endpoint

2017-01-12T22:51:06+00:00

Current filtering for "/projects/:id/issues" endpoint
returns no results for "No Milestone" query.

This PR introduces fix by copying filtering from "/groups/:id/issues"
which works as expected.

Add missing milestone parameter

2017-01-04T09:07:00+00:00

Refactor issues filter in API

2017-01-04T08:50:09+00:00

Fix state_event parameter to reopen an issue

2016-12-22T08:41:53+00:00

Grapify the issues API

2016-12-07T09:19:28+00:00

A simpler implementation of finding a merge request

2016-12-06T16:46:52+00:00

Following a discussion in !7180

Feature: delegate all open discussions to Issue

2016-12-05T19:55:45+00:00

When a merge request can only be merged when all discussions are
resolved. This feature allows to easily delegate those discussions to a
new issue, while marking them as resolved in the merge request.

The user is presented with a new issue, prepared with mentions of all
unresolved discussions, including the first unresolved note of the
discussion, time and link to the note.

When the issue is created, the discussions in the merge request will get
a system note directing the user to the newly created issue.

Merge branch 'jej-use-issuable-finder-instead-of-access-check' into 'security'

2016-11-29T00:26:23+00:00


Replace issue access checks with use of IssuableFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Issue lookup with access check

Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).

- [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`]
  - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`]

### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87

See merge request !2031