diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-17 00:09:56 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-17 00:09:56 +0000 |
| commit | cc626f14115f740bd4aa247cf3ac42dfb2082a4e (patch) | |
| tree | b5c7f25711903177ea0e756b1fabd8eef2a9ca14 /app | |
| parent | 19db7fd1fefc4e4249d4e55f409f321fdb85aed1 (diff) | |
| download | gitlab-ce-cc626f14115f740bd4aa247cf3ac42dfb2082a4e.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
11 files changed, 76 insertions, 30 deletions
diff --git a/app/assets/javascripts/work_items/components/work_item_description.vue b/app/assets/javascripts/work_items/components/work_item_description.vue index 57930951856..b91c2d929e4 100644 --- a/app/assets/javascripts/work_items/components/work_item_description.vue +++ b/app/assets/javascripts/work_items/components/work_item_description.vue @@ -224,7 +224,7 @@ export default { label-for="work-item-description" > <markdown-editor - v-if="glFeatures.workItemsMvc2" + v-if="glFeatures.workItemsMvc" class="gl-my-3 common-note-form" :value="descriptionText" :render-markdown-path="markdownPreviewPath" diff --git a/app/assets/javascripts/work_items/graphql/work_item_widgets.fragment.graphql b/app/assets/javascripts/work_items/graphql/work_item_widgets.fragment.graphql index b9715c21c27..fe4efb64637 100644 --- a/app/assets/javascripts/work_items/graphql/work_item_widgets.fragment.graphql +++ b/app/assets/javascripts/work_items/graphql/work_item_widgets.fragment.graphql @@ -47,6 +47,14 @@ fragment WorkItemWidgets on WorkItemWidget { children { nodes { id + confidential + workItemType { + id + } + title + state + createdAt + closedAt } } } diff --git a/app/controllers/concerns/observability/content_security_policy.rb b/app/controllers/concerns/observability/content_security_policy.rb new file mode 100644 index 00000000000..2721907f218 --- /dev/null +++ b/app/controllers/concerns/observability/content_security_policy.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module Observability + module ContentSecurityPolicy + extend ActiveSupport::Concern + + included do + content_security_policy do |p| + next if p.directives.blank? || Gitlab::Observability.observability_url.blank? + + default_frame_src = p.directives['frame-src'] || p.directives['default-src'] + + # When ObservabilityUI is not authenticated, it needs to be able + # to redirect to the GL sign-in page, hence 'self' + frame_src_values = Array.wrap(default_frame_src) | [Gitlab::Observability.observability_url, "'self'"] + + p.frame_src(*frame_src_values) + end + end + end +end diff --git a/app/controllers/groups/observability_controller.rb b/app/controllers/groups/observability_controller.rb index 4b1f2b582ce..3baa5e830ff 100644 --- a/app/controllers/groups/observability_controller.rb +++ b/app/controllers/groups/observability_controller.rb @@ -1,18 +1,9 @@ # frozen_string_literal: true module Groups class ObservabilityController < Groups::ApplicationController - feature_category :tracing - - content_security_policy do |p| - next if p.directives.blank? - - default_frame_src = p.directives['frame-src'] || p.directives['default-src'] + include ::Observability::ContentSecurityPolicy - # When ObservabilityUI is not authenticated, it needs to be able to redirect to the GL sign-in page, hence 'self' - frame_src_values = Array.wrap(default_frame_src) | [observability_url, "'self'"] - - p.frame_src(*frame_src_values) - end + feature_category :tracing before_action :check_observability_allowed @@ -34,16 +25,8 @@ module Groups render 'observability', layout: 'group', locals: { base_layout: 'layouts/fullscreen' } end - def self.observability_url - Gitlab::Observability.observability_url - end - - def observability_url - self.class.observability_url - end - def check_observability_allowed - return render_404 unless observability_url.present? + return render_404 unless Gitlab::Observability.observability_url.present? render_404 unless can?(current_user, :read_observability, @group) end diff --git a/app/controllers/jira_connect/oauth_application_ids_controller.rb b/app/controllers/jira_connect/oauth_application_ids_controller.rb index 3e788e2282e..eb03faed351 100644 --- a/app/controllers/jira_connect/oauth_application_ids_controller.rb +++ b/app/controllers/jira_connect/oauth_application_ids_controller.rb @@ -20,7 +20,7 @@ module JiraConnect def show_application_id? return if Gitlab.com? - Feature.enabled?(:jira_connect_oauth_self_managed) && jira_connect_application_key.present? + Feature.enabled?(:jira_connect_oauth_self_managed_setting) && jira_connect_application_key.present? end def jira_connect_application_key diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index 995303a631a..35f395ac904 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -15,6 +15,7 @@ class RegistrationsController < Devise::RegistrationsController layout 'devise' prepend_before_action :check_captcha, only: :create + before_action :ensure_first_name_and_last_name_not_empty, only: :create before_action :ensure_destroy_prerequisites_met, only: [:destroy] before_action :init_preferred_language, only: :new before_action :load_recaptcha, only: :new @@ -172,6 +173,14 @@ class RegistrationsController < Devise::RegistrationsController render action: 'new' end + def ensure_first_name_and_last_name_not_empty + return if params[resource_name][:first_name].present? && params[resource_name][:last_name].present? + + resource.errors.add(_('First name'), _("cannot be blank")) if params[resource_name][:first_name].blank? + resource.errors.add(_('Last name'), _("cannot be blank")) if params[resource_name][:last_name].blank? + render action: 'new' + end + def pending_approval? return false unless Gitlab::CurrentSettings.require_admin_approval_after_user_signup diff --git a/app/finders/notes_finder.rb b/app/finders/notes_finder.rb index 42bd7a24888..ce0bf0dc145 100644 --- a/app/finders/notes_finder.rb +++ b/app/finders/notes_finder.rb @@ -65,7 +65,7 @@ class NotesFinder @target = if target_type == "commit" - if Ability.allowed?(@current_user, :download_code, @project) + if Ability.allowed?(@current_user, :read_code, @project) @project.commit(target_id) end else @@ -126,7 +126,7 @@ class NotesFinder # rubocop: disable CodeReuse/ActiveRecord def notes_for_type(noteable_type) if noteable_type == "commit" - if Ability.allowed?(@current_user, :download_code, @project) + if Ability.allowed?(@current_user, :read_code, @project) @project.notes.where(noteable_type: 'Commit') else Note.none diff --git a/app/models/ci/processable.rb b/app/models/ci/processable.rb index eb805ffae0a..65600858650 100644 --- a/app/models/ci/processable.rb +++ b/app/models/ci/processable.rb @@ -172,7 +172,7 @@ module Ci def needs_attributes strong_memoize(:needs_attributes) do - needs.map { |need| need.attributes.except('id', 'build_id') } + needs.map { |need| need.attributes.except('id', 'build_id', 'partition_id') } end end diff --git a/app/models/integrations/base_chat_notification.rb b/app/models/integrations/base_chat_notification.rb index 750aa60b185..c7ab9befd12 100644 --- a/app/models/integrations/base_chat_notification.rb +++ b/app/models/integrations/base_chat_notification.rb @@ -33,7 +33,10 @@ module Integrations boolean_accessor :notify_only_broken_pipelines, :notify_only_default_branch - validates :webhook, presence: true, public_url: true, if: :activated? + validates :webhook, + presence: true, + public_url: true, + if: -> (integration) { integration.activated? && integration.requires_webhook? } validates :labels_to_be_notified_behavior, inclusion: { in: LABEL_NOTIFICATION_BEHAVIOURS }, allow_blank: true def initialize_properties @@ -73,8 +76,6 @@ module Integrations def default_fields [ - { type: 'text', name: 'webhook', help: "#{webhook_help}", required: true }.freeze, - { type: 'text', name: 'username', placeholder: 'GitLab-integration' }.freeze, { type: 'checkbox', name: 'notify_only_broken_pipelines', help: 'Do not send notifications for successful pipelines.' }.freeze, { type: 'select', @@ -96,7 +97,14 @@ module Integrations ['Match all of the labels', MATCH_ALL_LABELS] ] }.freeze - ].freeze + ].tap do |fields| + next unless requires_webhook? + + fields.unshift( + { type: 'text', name: 'webhook', help: "#{webhook_help}", required: true }.freeze, + { type: 'text', name: 'username', placeholder: 'GitLab-integration' }.freeze + ) + end.freeze end def execute(data) @@ -168,6 +176,10 @@ module Integrations self.public_send(field_name) # rubocop:disable GitlabSecurity/PublicSend end + def requires_webhook? + true + end + private def log_usage(_, _) diff --git a/app/models/integrations/base_slack_notification.rb b/app/models/integrations/base_slack_notification.rb index cb785afdcfe..cbfcb1807f0 100644 --- a/app/models/integrations/base_slack_notification.rb +++ b/app/models/integrations/base_slack_notification.rb @@ -32,13 +32,15 @@ module Integrations true end + private + override :log_usage def log_usage(event, user_id) return unless user_id return unless SUPPORTED_EVENTS_FOR_USAGE_LOG.include?(event) - key = "i_ecosystem_slack_service_#{event}_notification" + key = "#{metrics_key_prefix}_#{event}_notification" Gitlab::UsageDataCounters::HLLRedisCounter.track_event(key, values: user_id) @@ -58,5 +60,9 @@ module Integrations **optional_arguments ) end + + def metrics_key_prefix + raise NotImplementedError + end end end diff --git a/app/models/integrations/slack.rb b/app/models/integrations/slack.rb index 89326b8174f..07d2d802915 100644 --- a/app/models/integrations/slack.rb +++ b/app/models/integrations/slack.rb @@ -20,5 +20,12 @@ module Integrations def webhook_help 'https://hooks.slack.com/services/…' end + + private + + override :metrics_key_prefix + def metrics_key_prefix + 'i_ecosystem_slack_service' + end end end |