delta/gitlab/gitlab-ce.git/spec/controllers, branch 22964-git-commit-documentation-article gitlab.com: gitlab-org/gitlab-ce.git Merge branch 'restrict-failed-2fa-attempts' into 'master' 2016-10-04T15:04:57+00:00 Rémy Coutable remy@rymai.me 2016-10-04T15:04:57+00:00 b8005b6112d7322ff8b2cf0a1e55e6c56f0fcba3 Restrict failed login attempts from users with 2FA enabled. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/19799. See merge request !6668 

Restrict failed login attempts from users with 2FA enabled.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/19799.

See merge request !6668
 Restrict failed login attempts for users with 2FA 2016-10-04T14:01:38+00:00 Sean McGivern sean@gitlab.com 2016-09-02T13:30:19+00:00 194fbc3c3d4b068f191fca75488b986df88c5333 Copy logic from `Devise::Models::Lockable#valid_for_authentication?`, as our custom login flow with two pages doesn't call this method. This will increment the failed login counter, and lock the user's account once they exceed the number of failed attempts. Also ensure that users who are locked can't continue to submit 2FA codes. 
Copy logic from `Devise::Models::Lockable#valid_for_authentication?`, as
our custom login flow with two pages doesn't call this method. This will
increment the failed login counter, and lock the user's account once
they exceed the number of failed attempts.

Also ensure that users who are locked can't continue to submit 2FA
codes.
Fix a few things after the initial improvment to Members::DestroyService 2016-10-03T14:57:48+00:00 Rémy Coutable remy@rymai.me 2016-09-09T16:51:31+00:00 c8b1311934935c7ac7fd901558e19ac496fbad2c Signed-off-by: Rémy Coutable <remy@rymai.me> 
Signed-off-by: Rémy Coutable <remy@rymai.me>
Add a /wip slash command 2016-10-03T07:36:21+00:00 Thomas Balthazar thomas@balthazar.info 2016-09-08T09:18:41+00:00 ddbe676dc318b87c3d656a08bbf5d75485ad544b It toggles the 'WIP' prefix in the MR title. 
It toggles the 'WIP' prefix in the MR title.
Merge branch '21983-member-add_user-doesn-t-detect-existing-members-that-have-requested-access' into 'master' 2016-10-02T11:42:57+00:00 Robert Speicher robert@gitlab.com 2016-10-02T11:42:57+00:00 e64594ac4419a42b84f3ee36388f832e74361c8c Resolve "`Member.add_user`doesn't detect existing members that have requested access" ## What does this MR do? This merge request handle the case when an access requester is added to a group or project (via the members page or the API). In `Member.add_user`, if an access requester already exists, we simply accept their request (and set the `created_by`, `access_level` and `expires_at` attributes if given). ## Are there points in the code the reviewer needs to double check? I've taken the opportunity to cleanup the whole `{Group,Project}Member.add_user*` methods since it was quite a mess. ## What are the relevant issue numbers? Closes #21983 See merge request !6393 

Resolve "`Member.add_user`doesn't detect existing members that have requested access"

## What does this MR do?

This merge request handle the case when an access requester is added to a group or project (via the members page or the API).

In `Member.add_user`, if an access requester already exists, we simply accept their request (and set the `created_by`, `access_level` and `expires_at` attributes if given).

## Are there points in the code the reviewer needs to double check?

I've taken the opportunity to cleanup the whole `{Group,Project}Member.add_user*` methods since it was quite a mess.

## What are the relevant issue numbers?

Closes #21983

See merge request !6393
 fix broken repo 500 errors in UI and added relevant specs 2016-09-29T14:58:14+00:00 James Lopez james@jameslopez.es 2016-09-23T07:42:07+00:00 29141ed3ea6157a60d9748921782015626a17f9e 






Allow Member.add_user to handle access requesters
2016-09-28T07:43:00+00:00

Rémy Coutable
remy@rymai.me

2016-09-16T15:54:21+00:00

ec0061a95cbba02286b2c143048c93d8f26ff5f0

Changes include:

- Ensure Member.add_user is not called directly when not necessary
- New GroupMember.add_users_to_group to have the same abstraction level as for Project
- Refactor Member.add_user to take a source instead of an array of members
- Fix Rubocop offenses
- Always use Project#add_user instead of project.team.add_user
- Factorize users addition as members in Member.add_users_to_source
- Make access_level a keyword argument in GroupMember.add_users_to_group and ProjectMember.add_users_to_projects
- Destroy any requester before adding them as a member
- Improve the way we handle access requesters in Member.add_user
  Instead of removing the requester and creating a new member,
  we now simply accepts their access request. This way, they will
  receive a "access request granted" email.
- Fix error that was previously silently ignored
- Stop raising when access level is invalid in Member, let Rails validation do their work

Signed-off-by: Rémy Coutable <remy@rymai.me>





Changes include:

- Ensure Member.add_user is not called directly when not necessary
- New GroupMember.add_users_to_group to have the same abstraction level as for Project
- Refactor Member.add_user to take a source instead of an array of members
- Fix Rubocop offenses
- Always use Project#add_user instead of project.team.add_user
- Factorize users addition as members in Member.add_users_to_source
- Make access_level a keyword argument in GroupMember.add_users_to_group and ProjectMember.add_users_to_projects
- Destroy any requester before adding them as a member
- Improve the way we handle access requesters in Member.add_user
  Instead of removing the requester and creating a new member,
  we now simply accepts their access request. This way, they will
  receive a "access request granted" email.
- Fix error that was previously silently ignored
- Stop raising when access level is invalid in Member, let Rails validation do their work

Signed-off-by: Rémy Coutable <remy@rymai.me>







Fix test failure by accessing Content-Type header directly.
2016-09-28T02:52:41+00:00

Connor Shea
connor.james.shea@gmail.com

2016-09-28T02:52:41+00:00

e13dc69be271e57fe9cc1a3cbf0f7a86d735b2c6












Merge branch 'rc-new-members-approve-request-access-service' into 'master'

2016-09-27T12:10:12+00:00

Douwe Maan
douwe@gitlab.com

2016-09-27T12:10:12+00:00

166c6cd85c2be13bb2fa5d27f40d304ffd9c62ad


New `Members::ApproveAccessRequestService`

Part of #21979.

## Does this MR meet the acceptance criteria?

- [x] API support added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !6266





New `Members::ApproveAccessRequestService`

Part of #21979.

## Does this MR meet the acceptance criteria?

- [x] API support added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !6266






Improve project_with_board factory to create the default lists
2016-09-26T17:42:38+00:00

Douglas Barbosa Alexandre
dbalexandre@gmail.com

2016-09-26T17:39:41+00:00

97551e8dd9dc5711951e865e7f9875f8cd5712ac