Merge remote-tracking branch 'origin/master' into ci-commit-as-pipeline

14 files changed, 142 insertions, 18 deletions

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index d76b46b8836..60b9f5e0ece 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -212,7 +212,7 @@ module API
       expose :note, as: :body
       expose :attachment_identifier, as: :attachment
       expose :author, using: Entities::UserBasic
-      expose :created_at
+      expose :created_at, :updated_at
       expose :system?, as: :system
       expose :noteable_id, :noteable_type
       # upvote? and downvote? are deprecated, always return false
@@ -263,14 +263,19 @@ module API
       expose :id, :path, :kind
     end
 
-    class ProjectAccess < Grape::Entity
+    class Member < Grape::Entity
       expose :access_level
-      expose :notification_level
+      expose :notification_level do |member, options|
+        if member.notification_setting
+          NotificationSetting.levels[member.notification_setting.level]
+        end
+      end
     end
 
-    class GroupAccess < Grape::Entity
-      expose :access_level
-      expose :notification_level
+    class ProjectAccess < Member
+    end
+
+    class GroupAccess < Member
     end
 
     class ProjectService < Grape::Entity
@@ -301,6 +306,7 @@ module API
 
     class Label < Grape::Entity
       expose :name, :color, :description
+      expose :open_issues_count, :closed_issues_count, :open_merge_requests_count
     end
 
     class Compare < Grape::Entity
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index c165de21a75..91e420832f3 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -23,8 +23,10 @@ module API
       # Create group. Available only for users who can create groups.
       #
       # Parameters:
-      #   name (required) - The name of the group
-      #   path (required) - The path of the group
+      #   name (required)             - The name of the group
+      #   path (required)             - The path of the group
+      #   description (optional)      - The description of the group
+      #   visibility_level (optional) - The visibility level of the group
       # Example Request:
       #   POST /groups
       post do
@@ -42,6 +44,28 @@ module API
         end
       end
 
+      # Update group. Available only for users who can administrate groups.
+      #
+      # Parameters:
+      #   id (required)               - The ID of a group
+      #   path (optional)             - The path of the group
+      #   description (optional)      - The description of the group
+      #   visibility_level (optional) - The visibility level of the group
+      # Example Request:
+      #   PUT /groups/:id
+      put ':id' do
+        group = find_group(params[:id])
+        authorize! :admin_group, group
+
+        attrs = attributes_for_keys [:name, :path, :description, :visibility_level]
+
+        if ::Groups::UpdateService.new(group, current_user, attrs).execute
+          present group, with: Entities::GroupDetail
+        else
+          render_validation_error!(group)
+        end
+      end
+
       # Get a single group, with containing projects
       #
       # Parameters:
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 4921ae99e78..96af7d7675c 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -91,8 +91,7 @@ module API
       if can?(current_user, :read_group, group)
         group
       else
-        forbidden!("#{current_user.username} lacks sufficient "\
-        "access to #{group.name}")
+        not_found!('Group')
       end
     end
 
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index c4ea05ee6cf..850e99981ff 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -195,6 +195,29 @@ module API
         end
       end
 
+      # Move an existing issue
+      #
+      # Parameters:
+      #  id (required)            - The ID of a project
+      #  issue_id (required)      - The ID of a project issue
+      #  to_project_id (required) - The ID of the new project
+      # Example Request:
+      #   POST /projects/:id/issues/:issue_id/move
+      post ':id/issues/:issue_id/move' do
+        required_attributes! [:to_project_id]
+
+        issue = user_project.issues.find(params[:issue_id])
+        new_project = Project.find(params[:to_project_id])
+
+        begin
+          issue = ::Issues::MoveService.new(user_project, current_user).execute(issue, new_project)
+          present issue, with: Entities::Issue, current_user: current_user
+        rescue ::Issues::MoveService::MoveError => error
+          render_api_error!(error.message, 400)
+        end
+      end
+
+      #
       # Delete a project issue
       #
       # Parameters:
diff --git a/lib/api/milestones.rb b/lib/api/milestones.rb
index 0f3f505fa05..84b4d4cdd6d 100644
--- a/lib/api/milestones.rb
+++ b/lib/api/milestones.rb
@@ -21,6 +21,7 @@ module API
       #   state (optional) - Return "active" or "closed" milestones
       # Example Request:
       #   GET /projects/:id/milestones
+      #   GET /projects/:id/milestones?iid=42
       #   GET /projects/:id/milestones?state=active
       #   GET /projects/:id/milestones?state=closed
       get ":id/milestones" do
@@ -28,6 +29,7 @@ module API
 
         milestones = user_project.milestones
         milestones = filter_milestones_state(milestones, params[:state])
+        milestones = filter_by_iid(milestones, params[:iid]) if params[:iid].present?
 
         present paginate(milestones), with: Entities::Milestone
       end
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index 174473f5371..a1c98f5e8ff 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -112,6 +112,23 @@ module API
           end
         end
 
+        # Delete a +noteable+ note
+        #
+        # Parameters:
+        #   id (required) - The ID of a project
+        #   noteable_id (required) - The ID of an issue, MR, or snippet
+        #   node_id (required) - The ID of a note
+        # Example Request:
+        #   DELETE /projects/:id/issues/:noteable_id/notes/:note_id
+        #   DELETE /projects/:id/snippets/:noteable_id/notes/:node_id
+        delete ":id/#{noteables_str}/:#{noteable_id_str}/notes/:note_id" do
+          note = user_project.notes.find(params[:note_id])
+          authorize! :admin_note, note
+
+          ::Notes::DeleteService.new(user_project, current_user).execute(note)
+
+          present note, with: Entities::Note
+        end
       end
     end
   end
diff --git a/lib/api/project_members.rb b/lib/api/project_members.rb
index c756bb479fc..4aefdf319c6 100644
--- a/lib/api/project_members.rb
+++ b/lib/api/project_members.rb
@@ -93,12 +93,17 @@ module API
       # Example Request:
       #   DELETE /projects/:id/members/:user_id
       delete ":id/members/:user_id" do
-        authorize! :admin_project, user_project
         project_member = user_project.project_members.find_by(user_id: params[:user_id])
-        unless project_member.nil?
-          project_member.destroy
-        else
+
+        unless current_user.can?(:admin_project, user_project) ||
+                current_user.can?(:destroy_project_member, project_member)
+          forbidden!
+        end
+
+        if project_member.nil?
           { message: "Access revoked", id: params[:user_id].to_i }
+        else
+          project_member.destroy
         end
       end
     end
diff --git a/lib/api/repositories.rb b/lib/api/repositories.rb
index 0d0f0d4616d..62161aadb9a 100644
--- a/lib/api/repositories.rb
+++ b/lib/api/repositories.rb
@@ -98,7 +98,6 @@ module API
         authorize! :download_code, user_project
 
         begin
-          RepositoryArchiveCacheWorker.perform_async
           header *Gitlab::Workhorse.send_git_archive(user_project, params[:sha], params[:format])
         rescue
           not_found!('File')
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index 2d8a9e51bb9..d1a10479e44 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -16,6 +16,20 @@ module API
                 with: Entities::RepoTag, project: user_project
       end
 
+      # Get a single repository tag
+      #
+      # Parameters:
+      #   id (required)       - The ID of a project
+      #   tag_name (required) - The name of the tag
+      # Example Request:
+      #   GET /projects/:id/repository/tags/:tag_name
+      get ":id/repository/tags/:tag_name", requirements: { tag_name: /.+/ } do
+        tag = user_project.repository.find_tag(params[:tag_name])
+        not_found!('Tag') unless tag
+
+        present tag, with: Entities::RepoTag, project: user_project
+      end
+
       # Create tag
       #
       # Parameters:
diff --git a/lib/gitlab.rb b/lib/gitlab.rb
index 6108697bc20..7479e729db1 100644
--- a/lib/gitlab.rb
+++ b/lib/gitlab.rb
@@ -1,4 +1,7 @@
 require 'gitlab/git'
 
 module Gitlab
+  def self.com?
+    Gitlab.config.gitlab.url == 'https://gitlab.com'
+  end
 end
diff --git a/lib/gitlab/metrics.rb b/lib/gitlab/metrics.rb
index 2a0a5629be5..484970c5a10 100644
--- a/lib/gitlab/metrics.rb
+++ b/lib/gitlab/metrics.rb
@@ -104,6 +104,16 @@ module Gitlab
       retval
     end
 
+    # Adds a tag to the current transaction (if any)
+    #
+    # name - The name of the tag to add.
+    # value - The value of the tag.
+    def self.tag_transaction(name, value)
+      trans = current_transaction
+
+      trans.add_tag(name, value) if trans
+    end
+
     # When enabled this should be set before being used as the usual pattern
     # "@foo ||= bar" is _not_ thread-safe.
     if enabled?
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb
index 832fb08a526..356e96fcbab 100644
--- a/lib/gitlab/o_auth/user.rb
+++ b/lib/gitlab/o_auth/user.rb
@@ -54,6 +54,12 @@ module Gitlab
           @user ||= build_new_user
         end
 
+        if external_provider? && @user
+          @user.external = true
+        elsif @user
+          @user.external = false
+        end
+
         @user
       end
 
@@ -113,6 +119,10 @@ module Gitlab
         end
       end
 
+      def external_provider?
+        Gitlab.config.omniauth.external_providers.include?(auth_hash.provider)
+      end
+
       def block_after_signup?
         if creating_linked_ldap_user?
           ldap_config.block_auto_created_users
diff --git a/lib/gitlab/saml/user.rb b/lib/gitlab/saml/user.rb
index c1072452abe..dba4bbfc899 100644
--- a/lib/gitlab/saml/user.rb
+++ b/lib/gitlab/saml/user.rb
@@ -26,7 +26,7 @@ module Gitlab
           @user ||= build_new_user
         end
 
-        if external_users_enabled?
+        if external_users_enabled? && @user
           # Check if there is overlap between the user's groups and the external groups
           # setting then set user as external or internal.
           if (auth_hash.groups & Gitlab::Saml::Config.external_groups).empty?
@@ -48,6 +48,7 @@ module Gitlab
       end
 
       def changed?
+        return true unless gl_user
         gl_user.changed? || gl_user.identities.any?(&:changed?)
       end
 
diff --git a/lib/tasks/gemojione.rake b/lib/tasks/gemojione.rake
index 7ec00a898fd..030ee8bafcb 100644
--- a/lib/tasks/gemojione.rake
+++ b/lib/tasks/gemojione.rake
@@ -5,12 +5,23 @@ namespace :gemojione do
     require 'json'
 
     dir = Gemojione.index.images_path
+    digests = []
+    aliases = Hash.new { |hash, key| hash[key] = [] }
+    aliases_path = File.join(Rails.root, 'fixtures', 'emojis', 'aliases.json')
 
-    digests = AwardEmoji.emojis.map do |name, emoji_hash|
+    JSON.parse(File.read(aliases_path)).each do |alias_name, real_name|
+      aliases[real_name] << alias_name
+    end
+
+    AwardEmoji.emojis.map do |name, emoji_hash|
       fpath = File.join(dir, "#{emoji_hash['unicode']}.png")
       digest = Digest::SHA256.file(fpath).hexdigest
 
-      { name: name, unicode: emoji_hash['unicode'], digest: digest }
+      digests << { name: name, unicode: emoji_hash['unicode'], digest: digest }
+
+      aliases[name].each do |alias_name|
+        digests << { name: alias_name, unicode: emoji_hash['unicode'], digest: digest }
+      end
     end
 
     out = File.join(Rails.root, 'fixtures', 'emojis', 'digests.json')