delta/gitlab/gitlab-ce.git/lib, branch api-docs-fix gitlab.com: gitlab-org/gitlab-ce.git Merge branch '24880-configurable-plaintext-emails' into 'master' 2016-11-29T12:05:23+00:00 Sean McGivern sean@mcgivern.me.uk 2016-11-29T12:05:23+00:00 d8eee8ed73de13a5af42a5cf6de8ec1194e45483 Add setting to enable/disable HTML emails Closes #24880 See merge request !7749 

Add setting to enable/disable HTML emails

Closes #24880

See merge request !7749
 Merge branch 'zj-issue-search-slash-command' into 'master' 2016-11-29T11:04:17+00:00 Kamil Trzciński ayufan@ayufan.eu 2016-11-29T11:04:17+00:00 35212deb062dda60220a9a0929c26196c1c598b5 Add issue search slash command See merge request !7752 

Add issue search slash command

See merge request !7752
 Merge branch 'jej-use-issuable-finder-instead-of-access-check' into 'security' 2016-11-29T00:26:23+00:00 Douwe Maan douwe@gitlab.com 2016-11-22T10:25:04+00:00 3bf34face4cacf07ca973705c261369b1f596626 Replace issue access checks with use of IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR? :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested ### Issue lookup with access check Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells). - [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`] - [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`] - [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`] - [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`] - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone - [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too? - [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`] ### Previous discussions - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126 - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87 See merge request !2031 

Replace issue access checks with use of IssuableFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

:warning: - Potentially untested  
:bomb: - No test coverage  
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)  
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)  
:white_check_mark: - Permissions check tested

### Issue lookup with access check

Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).

- [x] :vertical_traffic_light: app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] :traffic_light: app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] :white_check_mark: app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] :white_check_mark: lib/api/issues.rb:112 [`visible_to_user`]
  - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] :white_check_mark: lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] :white_check_mark: lib/gitlab/search_results.rb:53 [`visible_to_user`]

### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87

See merge request !2031
 Merge branch 'zj-fix-label-creation-non-members' into 'security' 2016-11-29T00:24:19+00:00 Douwe Maan douwe@gitlab.com 2016-11-10T10:23:44+00:00 3d7704ae5f62446b8b399c796c64d1f527666376 Fix label creation non members Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416 See merge request !2006 
Fix label creation non members

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416

See merge request !2006
Add new configuration setting to enable/disable HTML emails. 2016-11-28T22:00:03+00:00 Ruben Davila rdavila84@gmail.com 2016-11-28T22:00:03+00:00 b62e2bedbfa49aacfc4847049aa589f045af15ce This new global setting will allow admins to specify if HTML emails should be sent or not, this is basically useful when system administrators want to save some disk space by avoiding emails in HTML format and using only the Plain Text version. 
This new global setting will allow admins to specify if HTML emails should be sent or not,
this is basically useful when system administrators want to save some disk space by avoiding
emails in HTML format and using only the Plain Text version.
Merge branch 'refresh-authorizations-with-lease' into 'master' 2016-11-28T03:35:37+00:00 Douwe Maan douwe@gitlab.com 2016-11-28T03:35:37+00:00 d2813832615c6baf1f176c39b260b66a702d3e70 Refresh project authorizations using a Redis lease This MR changes `User#refresh_authorized_projects` so it uses a Redis lease instead of relying on serializable transactions. See the commit message(s) for more details. See merge request !7733 

Refresh project authorizations using a Redis lease

This MR changes `User#refresh_authorized_projects` so it uses a Redis lease instead of relying on serializable transactions. See the commit message(s) for more details.

See merge request !7733
 Merge branch 'zj-expose-coverage-pipelines' into 'master' 2016-11-25T16:51:53+00:00 Rémy Coutable remy@rymai.me 2016-11-25T16:51:53+00:00 e17328986abcaabff47edb6292ede7546f607bb2 Expose coverage on GET pipelines/:id Closes gitlab-org/gitlab-ce#24801 See merge request !7670 

Expose coverage on GET pipelines/:id

Closes gitlab-org/gitlab-ce#24801

See merge request !7670
 Merge branch 'timeout-merge-request-for-binary-file' into 'master' 2016-11-25T16:19:03+00:00 Yorick Peterse yorickpeterse@gmail.com 2016-11-25T16:19:03+00:00 746b6ec82d1ed29a679fe4dc6a93b2d0228e9d34 Fix: Timeout creating and viewing merge request for binary file See merge request !7713 

Fix: Timeout creating and viewing merge request for binary file

See merge request !7713
 Expose coverage on GET pipelines/:id 2016-11-25T14:49:59+00:00 Z.J. van de Weg git@zjvandeweg.nl 2016-11-22T16:28:58+00:00 40e8185b64a04f719c85a793d0fdd5438a129975 The coverage wasn't exposed yet, now it is but only for detailed requests to save queries on the database. 
The coverage wasn't exposed yet, now it is but only for detailed
requests to save queries on the database.
Add issue search slash command 2016-11-25T14:41:28+00:00 Z.J. van de Weg git@zjvandeweg.nl 2016-11-25T14:41:28+00:00 6a08de7386fd41c9bbe27c32338328c6e6b40027 One of many requested in: gitlab-org/gitlab-ce#24768 
One of many requested in: gitlab-org/gitlab-ce#24768