Merge branch 'master' into fix/status-of-pipeline-without-buildsfix/status-of-pipeline-without-builds

* master: (198 commits)
  Set inverse_of for Project/Services relation
  Fix admin hooks spec
  Prevent default disabled buttons and links.
  Add index on `requested_at` to the `members` table
  Rearrange order of tabs
  Fix admin active tab tests
  Show created_at in table column
  Nest li elements directly under ul
  Move builds tab to admin overview
  Add monitoring link with subtabs
  Add sub links to overview
  Add counter for abuse reports
  Remove admin layout-nav counters
  Move admin nav to horizontal layout nav
  Eager load project relations in IssueParser
  Use validate and required for environment and project
  Award Emoji can't be awarded on system notes backend
  Get rid of Gitlab::ShellEnv
  Update CHANGELOG.
  Fix project star tooltip on the fly.
  ...

Conflicts:
	app/services/ci/create_builds_service.rb

19 files changed, 241 insertions, 74 deletions

diff --git a/app/models/ability.rb b/app/models/ability.rb
index aea946f9224..9c58b956007 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -9,7 +9,6 @@ class Ability
       when CommitStatus then commit_status_abilities(user, subject)
       when Project then project_abilities(user, subject)
       when Issue then issue_abilities(user, subject)
-      when ExternalIssue then external_issue_abilities(user, subject)
       when Note then note_abilities(user, subject)
       when ProjectSnippet then project_snippet_abilities(user, subject)
       when PersonalSnippet then personal_snippet_abilities(user, subject)
@@ -19,6 +18,7 @@ class Ability
       when GroupMember then group_member_abilities(user, subject)
       when ProjectMember then project_member_abilities(user, subject)
       when User then user_abilities
+      when ExternalIssue, Deployment, Environment then project_abilities(user, subject.project)
       else []
       end.concat(global_abilities(user))
     end
@@ -187,6 +187,8 @@ class Ability
         project_report_rules
       elsif team.guest?(user)
         project_guest_rules
+      else
+        []
       end
     end
 
@@ -228,6 +230,8 @@ class Ability
         :read_build,
         :read_container_image,
         :read_pipeline,
+        :read_environment,
+        :read_deployment
       ]
     end
 
@@ -246,6 +250,8 @@ class Ability
         :push_code,
         :create_container_image,
         :update_container_image,
+        :create_environment,
+        :create_deployment
       ]
     end
 
@@ -263,6 +269,8 @@ class Ability
       @project_master_rules ||= project_dev_rules + [
         :push_code_to_protected_branches,
         :update_project_snippet,
+        :update_environment,
+        :update_deployment,
         :admin_milestone,
         :admin_project_snippet,
         :admin_project_member,
@@ -273,7 +281,9 @@ class Ability
         :admin_commit_status,
         :admin_build,
         :admin_container_image,
-        :admin_pipeline
+        :admin_pipeline,
+        :admin_environment,
+        :admin_deployment
       ]
     end
 
@@ -317,6 +327,8 @@ class Ability
       unless project.builds_enabled
         rules += named_abilities('build')
         rules += named_abilities('pipeline')
+        rules += named_abilities('environment')
+        rules += named_abilities('deployment')
       end
 
       unless project.container_registry_enabled
@@ -511,10 +523,6 @@ class Ability
       end
     end
 
-    def external_issue_abilities(user, subject)
-      project_abilities(user, subject.project)
-    end
-
     private
 
     def restricted_public_level?
diff --git a/app/models/blob.rb b/app/models/blob.rb
index 0fea6b7f576..4279ea2ce57 100644
--- a/app/models/blob.rb
+++ b/app/models/blob.rb
@@ -24,7 +24,7 @@ class Blob < SimpleDelegator
   end
 
   def only_display_raw?
-    size && size > 5.megabytes
+    size && truncated?
   end
 
   def svg?
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 6a64ca451f7..764d8e4e136 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -11,6 +11,8 @@ module Ci
 
     scope :unstarted, ->() { where(runner_id: nil) }
     scope :ignore_failures, ->() { where(allow_failure: false) }
+    scope :with_artifacts, ->() { where.not(artifacts_file: nil) }
+    scope :with_expired_artifacts, ->() { with_artifacts.where('artifacts_expire_at < ?', Time.now) }
 
     mount_uploader :artifacts_file, ArtifactUploader
     mount_uploader :artifacts_metadata, ArtifactUploader
@@ -38,7 +40,7 @@ module Ci
         new_build.save
       end
 
-      def retry(build)
+      def retry(build, user = nil)
         new_build = Ci::Build.new(status: 'pending')
         new_build.ref = build.ref
         new_build.tag = build.tag
@@ -52,6 +54,7 @@ module Ci
         new_build.stage = build.stage
         new_build.stage_idx = build.stage_idx
         new_build.trigger_request = build.trigger_request
+        new_build.user = user
         new_build.save
         MergeRequests::AddTodoWhenBuildFailsService.new(build.project, nil).close(new_build)
         new_build
@@ -73,6 +76,17 @@ module Ci
         build.update_coverage
         build.execute_hooks
       end
+
+      after_transition any => [:success] do |build|
+        if build.environment.present?
+          service = CreateDeploymentService.new(build.project, build.user,
+                                                environment: build.environment,
+                                                sha: build.sha,
+                                                ref: build.ref,
+                                                tag: build.tag)
+          service.execute(build)
+        end
+      end
     end
 
     def retryable?
@@ -83,10 +97,6 @@ module Ci
       !self.pipeline.statuses.latest.include?(self)
     end
 
-    def retry
-      Ci::Build.retry(self)
-    end
-
     def depends_on_builds
       # Get builds of the same type
       latest_builds = self.pipeline.builds.latest
@@ -317,7 +327,7 @@ module Ci
     end
 
     def artifacts?
-      artifacts_file.exists?
+      !artifacts_expired? && artifacts_file.exists?
     end
 
     def artifacts_metadata?
@@ -328,11 +338,15 @@ module Ci
       Gitlab::Ci::Build::Artifacts::Metadata.new(artifacts_metadata.path, path, **options).to_entry
     end
 
+    def erase_artifacts!
+      remove_artifacts_file!
+      remove_artifacts_metadata!
+    end
+
     def erase(opts = {})
       return false unless erasable?
 
-      remove_artifacts_file!
-      remove_artifacts_metadata!
+      erase_artifacts!
       erase_trace!
       update_erased!(opts[:erased_by])
     end
@@ -345,6 +359,25 @@ module Ci
       !self.erased_at.nil?
     end
 
+    def artifacts_expired?
+      artifacts_expire_at && artifacts_expire_at < Time.now
+    end
+
+    def artifacts_expire_in
+      artifacts_expire_at - Time.now if artifacts_expire_at
+    end
+
+    def artifacts_expire_in=(value)
+      self.artifacts_expire_at =
+        if value
+          Time.now + ChronicDuration.parse(value)
+        end
+    end
+
+    def keep_artifacts!
+      self.update(artifacts_expire_at: nil)
+    end
+
     private
 
     def erase_trace!
@@ -352,7 +385,7 @@ module Ci
     end
 
     def update_erased!(user = nil)
-      self.update(erased_by: user, erased_at: Time.now)
+      self.update(erased_by: user, erased_at: Time.now, artifacts_expire_at: nil)
     end
 
     def yaml_variables
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index a26cb7dd7ee..a5f2ac59001 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -76,8 +76,10 @@ module Ci
       builds.running_or_pending.each(&:cancel)
     end
 
-    def retry_failed
-      builds.latest.failed.select(&:retryable?).each(&:retry)
+    def retry_failed(user)
+      builds.latest.failed.select(&:retryable?).each do |build|
+        Ci::Build.retry(build, user)
+      end
     end
 
     def latest?
@@ -164,6 +166,10 @@ module Ci
       git_commit_message =~ /(\[ci skip\])/ if git_commit_message
     end
 
+    def environments
+      builds.where.not(environment: nil).success.pluck(:environment).uniq
+    end
+
     private
 
     def build_builds_for_stages(stages, user, status, trigger_request)
diff --git a/app/models/concerns/access_requestable.rb b/app/models/concerns/access_requestable.rb
new file mode 100644
index 00000000000..eedd32a729f
--- /dev/null
+++ b/app/models/concerns/access_requestable.rb
@@ -0,0 +1,16 @@
+# == AccessRequestable concern
+#
+# Contains functionality related to objects that can receive request for access.
+#
+# Used by Project, and Group.
+#
+module AccessRequestable
+  extend ActiveSupport::Concern
+
+  def request_access(user)
+    members.create(
+      access_level: Gitlab::Access::DEVELOPER,
+      user: user,
+      requested_at: Time.now.utc)
+  end
+end
diff --git a/app/models/concerns/awardable.rb b/app/models/concerns/awardable.rb
index aa4b4201250..539c7c31e30 100644
--- a/app/models/concerns/awardable.rb
+++ b/app/models/concerns/awardable.rb
@@ -5,7 +5,7 @@ module Awardable
     has_many :award_emoji, as: :awardable, dependent: :destroy
 
     if self < Participable
-      participant :award_emoji
+      participant :award_emoji_with_associations
     end
   end
 
@@ -34,8 +34,12 @@ module Awardable
     end
   end
 
+  def award_emoji_with_associations
+    award_emoji.includes(:user)
+  end
+
   def grouped_awards(with_thumbs: true)
-    awards = award_emoji.group_by(&:name)
+    awards = award_emoji_with_associations.group_by(&:name)
 
     if with_thumbs
       awards[AwardEmoji::UPVOTE_NAME]   ||= []
diff --git a/app/models/deployment.rb b/app/models/deployment.rb
new file mode 100644
index 00000000000..e498ca96e3c
--- /dev/null
+++ b/app/models/deployment.rb
@@ -0,0 +1,29 @@
+class Deployment < ActiveRecord::Base
+  include InternalId
+
+  belongs_to :project, required: true, validate: true
+  belongs_to :environment, required: true, validate: true
+  belongs_to :user
+  belongs_to :deployable, polymorphic: true
+
+  validates :sha, presence: true
+  validates :ref, presence: true
+
+  delegate :name, to: :environment, prefix: true
+
+  def commit
+    project.commit(sha)
+  end
+
+  def commit_title
+    commit.try(:title)
+  end
+
+  def short_sha
+    Commit.truncate_sha(sha)
+  end
+
+  def last?
+    self == environment.last_deployment
+  end
+end
diff --git a/app/models/environment.rb b/app/models/environment.rb
new file mode 100644
index 00000000000..ac3a571a1f3
--- /dev/null
+++ b/app/models/environment.rb
@@ -0,0 +1,16 @@
+class Environment < ActiveRecord::Base
+  belongs_to :project, required: true, validate: true
+
+  has_many :deployments
+
+  validates :name,
+            presence: true,
+            uniqueness: { scope: :project_id },
+            length: { within: 0..255 },
+            format: { with: Gitlab::Regex.environment_name_regex,
+                      message: Gitlab::Regex.environment_name_regex_message }
+
+  def last_deployment
+    deployments.last
+  end
+end
diff --git a/app/models/group.rb b/app/models/group.rb
index aec92e335e6..b8dffe9f5b9 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -3,11 +3,12 @@ require 'carrierwave/orm/activerecord'
 class Group < Namespace
   include Gitlab::ConfigHelper
   include Gitlab::VisibilityLevel
+  include AccessRequestable
   include Referable
 
   has_many :group_members, dependent: :destroy, as: :source, class_name: 'GroupMember'
   alias_method :members, :group_members
-  has_many :users, through: :group_members
+  has_many :users, -> { where(members: { requested_at: nil }) }, through: :group_members
   has_many :project_group_links, dependent: :destroy
   has_many :shared_projects, through: :project_group_links, source: :project
   has_many :notification_settings, dependent: :destroy, as: :source
@@ -58,6 +59,10 @@ class Group < Namespace
     "#{self.class.reference_prefix}#{name}"
   end
 
+  def web_url
+    Gitlab::Routing.url_helpers.group_url(self)
+  end
+
   def human_name
     name
   end
diff --git a/app/models/member.rb b/app/models/member.rb
index d3060f07fc0..cea6d259760 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -26,20 +26,28 @@ class Member < ActiveRecord::Base
       allow_nil: true
     }
 
-  scope :invite, -> { where(user_id: nil) }
-  scope :non_invite, -> { where("user_id IS NOT NULL") }
+  scope :invite, -> { where.not(invite_token: nil) }
+  scope :non_invite, -> { where(invite_token: nil) }
+  scope :request, -> { where.not(requested_at: nil) }
+  scope :non_request, -> { where(requested_at: nil) }
+  scope :non_pending, -> { non_request.non_invite }
+
   scope :guests, -> { where(access_level: GUEST) }
   scope :reporters, -> { where(access_level: REPORTER) }
   scope :developers, -> { where(access_level: DEVELOPER) }
   scope :masters,  -> { where(access_level: MASTER) }
   scope :owners,  -> { where(access_level: OWNER) }
+  scope :owners_and_masters,  -> { where(access_level: [OWNER, MASTER]) }
 
   before_validation :generate_invite_token, on: :create, if: -> (member) { member.invite_email.present? }
+
   after_create :send_invite, if: :invite?
-  after_create :create_notification_setting, unless: :invite?
-  after_create :post_create_hook, unless: :invite?
-  after_update :post_update_hook, unless: :invite?
-  after_destroy :post_destroy_hook, unless: :invite?
+  after_create :send_request, if: :request?
+  after_create :create_notification_setting, unless: :pending?
+  after_create :post_create_hook, unless: :pending?
+  after_update :post_update_hook, unless: :pending?
+  after_destroy :post_destroy_hook, unless: :pending?
+  after_destroy :post_decline_request, if: :request?
 
   delegate :name, :username, :email, to: :user, prefix: true
 
@@ -96,10 +104,31 @@ class Member < ActiveRecord::Base
     end
   end
 
+  def real_source_type
+    source_type
+  end
+
   def invite?
     self.invite_token.present?
   end
 
+  def request?
+    requested_at.present?
+  end
+
+  def pending?
+    invite? || request?
+  end
+
+  def accept_request
+    return false unless request?
+
+    updated = self.update(requested_at: nil)
+    after_accept_request if updated
+
+    updated
+  end
+
   def accept_invite!(new_user)
     return false unless invite?
 
@@ -157,6 +186,10 @@ class Member < ActiveRecord::Base
     # override in subclass
   end
 
+  def send_request
+    # override in subclass
+  end
+
   def post_create_hook
     system_hook_service.execute_hooks_for(self, :create)
   end
@@ -177,6 +210,14 @@ class Member < ActiveRecord::Base
     # override in subclass
   end
 
+  def after_accept_request
+    post_create_hook
+  end
+
+  def post_decline_request
+    # override in subclass
+  end
+
   def system_hook_service
     SystemHooksService.new
   end
diff --git a/app/models/members/group_member.rb b/app/models/members/group_member.rb
index f63a0debf1a..363db877968 100644
--- a/app/models/members/group_member.rb
+++ b/app/models/members/group_member.rb
@@ -8,9 +8,6 @@ class GroupMember < Member
   validates_format_of :source_type, with: /\ANamespace\z/
   default_scope { where(source_type: SOURCE_TYPE) }
 
-  scope :with_group, ->(group) { where(source_id: group.id) }
-  scope :with_user, ->(user) { where(user_id: user.id) }
-
   def self.access_level_roles
     Gitlab::Access.options_with_owner
   end
@@ -23,6 +20,11 @@ class GroupMember < Member
     access_level
   end
 
+  # Because source_type is `Namespace`...
+  def real_source_type
+    'Group'
+  end
+
   private
 
   def send_invite
@@ -31,6 +33,12 @@ class GroupMember < Member
     super
   end
 
+  def send_request
+    notification_service.new_group_access_request(self)
+
+    super
+  end
+
   def post_create_hook
     notification_service.new_group_member(self)
 
@@ -56,4 +64,10 @@ class GroupMember < Member
 
     super
   end
+
+  def post_decline_request
+    notification_service.decline_group_access_request(self)
+
+    super
+  end
 end
diff --git a/app/models/members/project_member.rb b/app/models/members/project_member.rb
index 46955b430f3..250ee04fd1d 100644
--- a/app/models/members/project_member.rb
+++ b/app/models/members/project_member.rb
@@ -11,8 +11,6 @@ class ProjectMember < Member
   default_scope { where(source_type: SOURCE_TYPE) }
 
   scope :in_project, ->(project) { where(source_id: project.id) }
-  scope :in_projects, ->(projects) { where(source_id: projects.pluck(:id)) }
-  scope :with_user, ->(user) { where(user_id: user.id) }
 
   before_destroy :delete_member_todos
 
@@ -84,7 +82,7 @@ class ProjectMember < Member
       Gitlab::Access.sym_options
     end
 
-    def access_roles
+    def access_level_roles
       Gitlab::Access.options
     end
   end
@@ -113,6 +111,12 @@ class ProjectMember < Member
     super
   end
 
+  def send_request
+    notification_service.new_project_access_request(self)
+
+    super
+  end
+
   def post_create_hook
     unless owner?
       event_service.join_project(self.project, self.user)
@@ -148,6 +152,12 @@ class ProjectMember < Member
     super
   end
 
+  def post_decline_request
+    notification_service.decline_project_access_request(self)
+
+    super
+  end
+
   def event_service
     EventCreateService.new
   end
diff --git a/app/models/note.rb b/app/models/note.rb
index 58133f1581f..4b6748053ff 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -187,6 +187,10 @@ class Note < ActiveRecord::Base
     award_emoji_supported? && contains_emoji_only?
   end
 
+  def emoji_awardable?
+    !system?
+  end
+
   def clear_blank_line_code!
     self.line_code = nil if self.line_code.blank?
   end
diff --git a/app/models/project.rb b/app/models/project.rb
index dfa99fe0df2..0bb815e64e7 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -5,6 +5,7 @@ class Project < ActiveRecord::Base
   include Gitlab::ShellAdapter
   include Gitlab::VisibilityLevel
   include Gitlab::CurrentSettings
+  include AccessRequestable
   include Referable
   include Sortable
   include AfterCommitQueue
@@ -80,7 +81,7 @@ class Project < ActiveRecord::Base
   has_one :jira_service, dependent: :destroy
   has_one :redmine_service, dependent: :destroy
   has_one :custom_issue_tracker_service, dependent: :destroy
-  has_one :gitlab_issue_tracker_service, dependent: :destroy
+  has_one :gitlab_issue_tracker_service, dependent: :destroy, inverse_of: :project
   has_one :external_wiki_service, dependent: :destroy
 
   has_one  :forked_project_link,  dependent: :destroy, foreign_key: "forked_to_project_id"
@@ -102,8 +103,9 @@ class Project < ActiveRecord::Base
   has_many :snippets,           dependent: :destroy, class_name: 'ProjectSnippet'
   has_many :hooks,              dependent: :destroy, class_name: 'ProjectHook'
   has_many :protected_branches, dependent: :destroy
-  has_many :project_members, dependent: :destroy, as: :source, class_name: 'ProjectMember'
-  has_many :users, through: :project_members
+  has_many :project_members,    dependent: :destroy, as: :source, class_name: 'ProjectMember'
+  alias_method :members, :project_members
+  has_many :users, -> { where(members: { requested_at: nil }) }, through: :project_members
   has_many :deploy_keys_projects, dependent: :destroy
   has_many :deploy_keys, through: :deploy_keys_projects
   has_many :users_star_projects, dependent: :destroy
@@ -125,6 +127,8 @@ class Project < ActiveRecord::Base
   has_many :runners, through: :runner_projects, source: :runner, class_name: 'Ci::Runner'
   has_many :variables, dependent: :destroy, class_name: 'Ci::Variable', foreign_key: :gl_project_id
   has_many :triggers, dependent: :destroy, class_name: 'Ci::Trigger', foreign_key: :gl_project_id
+  has_many :environments, dependent: :destroy
+  has_many :deployments, dependent: :destroy
 
   accepts_nested_attributes_for :variables, allow_destroy: true
 
@@ -680,16 +684,6 @@ class Project < ActiveRecord::Base
     end
   end
 
-  def project_member_by_name_or_email(name = nil, email = nil)
-    user = users.find_by('name like ? or email like ?', name, email)
-    project_members.where(user: user) if user
-  end
-
-  # Get Team Member record by user id
-  def project_member_by_id(user_id)
-    project_members.find_by(user_id: user_id)
-  end
-
   def name_with_namespace
     @name_with_namespace ||= begin
                                if namespace
@@ -699,6 +693,7 @@ class Project < ActiveRecord::Base
                                end
                              end
   end
+  alias_method :human_name, :name_with_namespace
 
   def path_with_namespace
     if namespace
diff --git a/app/models/project_team.rb b/app/models/project_team.rb
index e29e854860a..73e736820af 100644
--- a/app/models/project_team.rb
+++ b/app/models/project_team.rb
@@ -21,23 +21,13 @@ class ProjectTeam
     end
   end
 
-  def find(user_id)
-    user = project.users.find_by(id: user_id)
-
-    if group
-      user ||= group.users.find_by(id: user_id)
-    end
-
-    user
-  end
-
   def find_member(user_id)
-    member = project.project_members.find_by(user_id: user_id)
+    member = project.members.non_request.find_by(user_id: user_id)
 
     # If user is not in project members
     # we should check for group membership
     if group && !member
-      member = group.group_members.find_by(user_id: user_id)
+      member = group.members.non_request.find_by(user_id: user_id)
     end
 
     member
@@ -61,13 +51,10 @@ class ProjectTeam
     ProjectMember.truncate_team(project)
   end
 
-  def users
-    members
-  end
-
   def members
     @members ||= fetch_members
   end
+  alias_method :users, :members
 
   def guests
     @guests ||= fetch_members(:guests)
@@ -150,7 +137,7 @@ class ProjectTeam
   def max_member_access(user_id)
     access = []
 
-    project.project_members.each do |member|
+    project.members.non_request.each do |member|
       if member.user_id == user_id
         access << member.access_field if member.access_field
         break
@@ -158,7 +145,7 @@ class ProjectTeam
     end
 
     if group
-      group.group_members.each do |member|
+      group.members.non_request.each do |member|
         if member.user_id == user_id
           access << member.access_field if member.access_field
           break
@@ -173,6 +160,7 @@ class ProjectTeam
     access.compact.max
   end
 
+  private
 
   def max_invited_level(user_id)
     project.project_group_links.map do |group_link|
@@ -189,17 +177,15 @@ class ProjectTeam
     end.compact.max
   end
 
-  private
-
   def fetch_members(level = nil)
-    project_members = project.project_members
-    group_members = group ? group.group_members : []
+    project_members = project.members.non_request
+    group_members = group ? group.members.non_request : []
     invited_members = []
 
     if project.invited_groups.any? && project.allowed_to_share_with_group?
       project.project_group_links.each do |group_link|
         invited_group = group_link.group
-        im = invited_group.group_members
+        im = invited_group.members.non_request
 
         if level
           int_level = GroupMember.access_level_roles[level.to_s.singularize.titleize]
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 1ab163510bf..e5b277cb198 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -446,7 +446,7 @@ class Repository
 
   def blob_at(sha, path)
     unless Gitlab::Git.blank_ref?(sha)
-      Gitlab::Git::Blob.find(self, sha, path)
+      Blob.decorate(Gitlab::Git::Blob.find(self, sha, path))
     end
   end
 
diff --git a/app/models/service.rb b/app/models/service.rb
index bf352397509..40d39933ad8 100644
--- a/app/models/service.rb
+++ b/app/models/service.rb
@@ -18,7 +18,7 @@ class Service < ActiveRecord::Base
   after_commit :reset_updated_properties
   after_commit :cache_project_has_external_issue_tracker
 
-  belongs_to :project
+  belongs_to :project, inverse_of: :services
   has_one :service_hook
 
   validates :project_id, presence: true, unless: Proc.new { |service| service.template? }
diff --git a/app/models/todo.rb b/app/models/todo.rb
index 3a091373329..2792fa9b9a8 100644
--- a/app/models/todo.rb
+++ b/app/models/todo.rb
@@ -2,6 +2,7 @@ class Todo < ActiveRecord::Base
   ASSIGNED     = 1
   MENTIONED    = 2
   BUILD_FAILED = 3
+  MARKED       = 4
 
   belongs_to :author, class_name: "User"
   belongs_to :note
diff --git a/app/models/user.rb b/app/models/user.rb
index a5b3c8afe51..8d0427da5ab 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -56,8 +56,7 @@ class User < ActiveRecord::Base
 
   # Groups
   has_many :members, dependent: :destroy
-  has_many :project_members, source: 'ProjectMember'
-  has_many :group_members, source: 'GroupMember'
+  has_many :group_members, dependent: :destroy, source: 'GroupMember'
   has_many :groups, through: :group_members
   has_many :owned_groups, -> { where members: { access_level: Gitlab::Access::OWNER } }, through: :group_members, source: :group
   has_many :masters_groups, -> { where members: { access_level: Gitlab::Access::MASTER } }, through: :group_members, source: :group
@@ -65,13 +64,13 @@ class User < ActiveRecord::Base
   # Projects
   has_many :groups_projects,          through: :groups, source: :projects
   has_many :personal_projects,        through: :namespace, source: :projects
+  has_many :project_members,          dependent: :destroy, class_name: 'ProjectMember'
   has_many :projects,                 through: :project_members
   has_many :created_projects,         foreign_key: :creator_id, class_name: 'Project'
   has_many :users_star_projects, dependent: :destroy
   has_many :starred_projects, through: :users_star_projects, source: :project
 
   has_many :snippets,                 dependent: :destroy, foreign_key: :author_id, class_name: "Snippet"
-  has_many :project_members,          dependent: :destroy, class_name: 'ProjectMember'
   has_many :issues,                   dependent: :destroy, foreign_key: :author_id
   has_many :notes,                    dependent: :destroy, foreign_key: :author_id
   has_many :merge_requests,           dependent: :destroy, foreign_key: :author_id