delta/gitlab/gitlab-ce.git/spec/models/commit_range_spec.rb, branch patch-9 gitlab.com: gitlab-org/gitlab-ce.git Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security' 2016-12-09T00:42:07+00:00 Douwe Maan douwe@gitlab.com 2016-11-29T13:47:43+00:00 f23b1cb453deea2659c0cb9e9047c72d859bbf9d Replace MR access checks with use of MergeRequestsFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested - [x] :bomb: app/finders/notes_finder.rb:17 - [x] :warning: app/views/layouts/nav/_project.html.haml:80 [`.count`] - [x] :bomb: app/controllers/concerns/creates_commit.rb:84 - [x] :traffic_light: app/controllers/projects/commits_controller.rb:24 - [x] :traffic_light: app/controllers/projects/compare_controller.rb:56 - [x] :vertical_traffic_light: app/controllers/projects/discussions_controller.rb:29 - [x] :white_check_mark: app/controllers/projects/todos_controller.rb:27 - [x] :vertical_traffic_light: app/models/commit.rb:268 - [x] :white_check_mark: lib/gitlab/search_results.rb:71 - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)` - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`. - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use of unchecked `merged_merge_request?` See merge request !2033 
Replace MR access checks with use of MergeRequestsFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

:warning: - Potentially untested
:bomb: - No test coverage
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)
:white_check_mark: - Permissions check tested

- [x] :bomb:  app/finders/notes_finder.rb:17
- [x] :warning:  app/views/layouts/nav/_project.html.haml:80 [`.count`]
- [x] :bomb:  app/controllers/concerns/creates_commit.rb:84
- [x] :traffic_light:  app/controllers/projects/commits_controller.rb:24
- [x] :traffic_light:  app/controllers/projects/compare_controller.rb:56
- [x] :vertical_traffic_light:  app/controllers/projects/discussions_controller.rb:29
- [x] :white_check_mark:  app/controllers/projects/todos_controller.rb:27
- [x] :vertical_traffic_light:  app/models/commit.rb:268
- [x] :white_check_mark: lib/gitlab/search_results.rb:71

- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)`
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`.
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use  of unchecked `merged_merge_request?`

See merge request !2033
Add shorthand support to gitlab markdown references 2016-12-02T21:18:17+00:00 Oswaldo Ferreira oswluizf@gmail.com 2016-11-02T23:49:13+00:00 f272ee6eba37548cbd8919139d583a71ffdac8dc 






Use JavaScript tooltips for mentions (!5301)
2016-08-31T23:21:34+00:00

winniehell
git@winniehell.de

2016-07-17T00:03:56+00:00

0d8352973bfbd3d1857657fce35284fcaf241cf7












Fix note validation spec failures
2016-06-01T17:31:46+00:00

Stan Hu
stanhu@gmail.com

2016-06-01T16:56:06+00:00

30aa64202b073e33834241589595a58a14080107












Refactor Participable
2016-06-01T14:22:35+00:00

Yorick Peterse
yorickpeterse@gmail.com

2016-05-26T11:38:28+00:00

580d250166d97bd5c2b0526be737d02806e577c2

There are several changes to this module:

1. The use of an explicit stack in Participable#participants
2. Proc behaviour has been changed
3. Batch permissions checking

== Explicit Stack

Participable#participants no longer uses recursion to process "self" and
all child objects, instead it uses an Array and processes objects in
breadth-first order. This allows us to for example create a single
Gitlab::ReferenceExtractor instance and pass this to any Procs. Re-using
a ReferenceExtractor removes the need for running potentially many SQL
queries every time a Proc is called on a new object.

== Proc Behaviour Changed

Previously a Proc in Participable was expected to return an Array of
User instances. This has been changed and instead it's now expected that
a Proc modifies the Gitlab::ReferenceExtractor passed to it. The return
value of the Proc is ignored.

== Permissions Checking

The method Participable#participants uses
Ability.users_that_can_read_project to check if the returned users have
access to the project of "self" _without_ running multiple SQL queries
for every user.





There are several changes to this module:

1. The use of an explicit stack in Participable#participants
2. Proc behaviour has been changed
3. Batch permissions checking

== Explicit Stack

Participable#participants no longer uses recursion to process "self" and
all child objects, instead it uses an Array and processes objects in
breadth-first order. This allows us to for example create a single
Gitlab::ReferenceExtractor instance and pass this to any Procs. Re-using
a ReferenceExtractor removes the need for running potentially many SQL
queries every time a Proc is called on a new object.

== Proc Behaviour Changed

Previously a Proc in Participable was expected to return an Array of
User instances. This has been changed and instead it's now expected that
a Proc modifies the Gitlab::ReferenceExtractor passed to it. The return
value of the Proc is ignored.

== Permissions Checking

The method Participable#participants uses
Ability.users_that_can_read_project to check if the returned users have
access to the project of "self" _without_ running multiple SQL queries
for every user.







Don't modify arguments in CommitRange#initialize
2016-05-26T11:58:01+00:00

Yorick Peterse
yorickpeterse@gmail.com

2016-05-02T16:15:25+00:00

309ca405fa30e1eeaeaeddc0c8918e65c98ebbf7

This method used to call strip! on input strings which will mess with
the strings if they're re-used or frozen.





This method used to call strip! on input strings which will mess with
the strings if they're re-used or frozen.







Tag model specs
2015-12-09T09:50:51+00:00

Douwe Maan
douwe@gitlab.com

2015-12-09T09:50:51+00:00

1e8d703a854b372b12a2ad41b5e54d2abc028f74












Render commit reference using short sha, but include full sha in comment.
2015-12-01T11:58:45+00:00

Douwe Maan
douwe@gitlab.com

2015-12-01T11:58:45+00:00

62c14ba2edf9ac4b4bb1e8c46c0c60f1b6574909












Render commit range reference with short shas, link to full shas.
2015-11-30T20:10:52+00:00

Douwe Maan
douwe@gitlab.com

2015-11-30T20:10:52+00:00

a7be01cd07430a4302668224947b2ed135c2d7bb












Merge branch 'master' into rubocop-for-tests
2015-06-23T08:44:03+00:00

Dmitriy Zaporozhets
dmitriy.zaporozhets@gmail.com

2015-06-23T08:44:03+00:00

f40b99d02ee9411e5a7f9a93e3e6cf33c1d7890e

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Conflicts:
	spec/features/issues_spec.rb
	spec/models/forked_project_link_spec.rb
	spec/models/hooks/service_hook_spec.rb
	spec/models/hooks/web_hook_spec.rb
	spec/models/project_services/hipchat_service_spec.rb
	spec/requests/api/project_members_spec.rb
	spec/requests/api/projects_spec.rb
	spec/requests/api/system_hooks_spec.rb
	spec/services/archive_repository_service_spec.rb
	spec/support/matchers.rb
	spec/tasks/gitlab/backup_rake_spec.rb





Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Conflicts:
	spec/features/issues_spec.rb
	spec/models/forked_project_link_spec.rb
	spec/models/hooks/service_hook_spec.rb
	spec/models/hooks/web_hook_spec.rb
	spec/models/project_services/hipchat_service_spec.rb
	spec/requests/api/project_members_spec.rb
	spec/requests/api/projects_spec.rb
	spec/requests/api/system_hooks_spec.rb
	spec/services/archive_repository_service_spec.rb
	spec/support/matchers.rb
	spec/tasks/gitlab/backup_rake_spec.rb