Merge branch 'master' into feature/issue-move

* master: (121 commits) Dedupe labels in labels selector in Dashboard pages Refactor colors and lists Add a safeguard in MergeRequest#compute_diverged_commits_count Fix an issue when the target branch of a MR had been deleted Add avatar to issue and MR pages header Cleanup somce css colors Re-group scss variables Refactor `Todo#target` Fixes issue with filter label missing on labels & milestones Rename `Todo#to_reference` to `Todo#target_reference` Fixed failing tests Updated controller with before_action Fixed other issues based on feedback Fixes issue on dashboard issues Full labels data in JSON Fixed issue with labels dropdown getting wrong labels Update CHANGELOG Use `Note#for_project_snippet?` to skip notes on project snippet Use `Commit#short_id` instead of `Commit.truncate_sha` Reuse `for_commit?` on conditional validations Update schema info comment on todo related files ... Conflicts: app/models/issue.rb db/schema.rb spec/models/issue_spec.rb
author: Grzegorz Bizon <grzesiek.bizon@gmail.com> 2016-03-19 18:50:15 +0100
committer: Grzegorz Bizon <grzesiek.bizon@gmail.com> 2016-03-19 18:50:15 +0100
commit: 0115ad66d264f4670f241251acd3e36991134576 (patch)
tree: e60e7773e909de64ccdeebd1cc97928d24073cd2 /lib
parent: 9b13ce0b7a50e65dfba31d4865a728c725daa3fe (diff)
parent: 4f0302f00ef0c51b67b73429ace0a632971b7f1b (diff)
download: gitlab-ce-0115ad66d264f4670f241251acd3e36991134576.tar.gz
10 files changed, 102 insertions, 10 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 9805e53624e..71197205f34 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -31,6 +31,7 @@ module API
       expose :can_create_group?, as: :can_create_group
       expose :can_create_project?, as: :can_create_project
       expose :two_factor_enabled
+      expose :external
     end
 
     class UserLogin < UserFull
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 252744515da..fda6f841438 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -82,7 +82,7 @@ module API
       #   GET /projects/:id/issues?milestone=1.0.0&state=closed
       #   GET /issues?iid=42
       get ":id/issues" do
-        issues = user_project.issues
+        issues = user_project.issues.visible_to_user(current_user)
         issues = filter_issues_state(issues, params[:state]) unless params[:state].nil?
         issues = filter_issues_labels(issues, params[:labels]) unless params[:labels].nil?
         issues = filter_by_iid(issues, params[:iid]) unless params[:iid].nil?
@@ -104,6 +104,7 @@ module API
       #   GET /projects/:id/issues/:issue_id
       get ":id/issues/:issue_id" do
         @issue = user_project.issues.find(params[:issue_id])
+        not_found! unless can?(current_user, :read_issue, @issue)
         present @issue, with: Entities::Issue
       end
 
diff --git a/lib/api/users.rb b/lib/api/users.rb
index fd2128bd179..13ab17c6904 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -61,19 +61,20 @@ module API
       #   admin                             - User is admin - true or false (default)
       #   can_create_group                  - User can create groups - true or false
       #   confirm                           - Require user confirmation - true (default) or false
+      #   external                          - Flags the user as external - true or false(default)
       # Example Request:
       #   POST /users
       post do
         authenticated_as_admin!
         required_attributes! [:email, :password, :name, :username]
-        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :bio, :can_create_group, :admin, :confirm]
+        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :bio, :can_create_group, :admin, :confirm, :external]
         admin = attrs.delete(:admin)
         confirm = !(attrs.delete(:confirm) =~ (/(false|f|no|0)$/i))
         user = User.build_user(attrs)
         user.admin = admin unless admin.nil?
         user.skip_confirmation! unless confirm
-
         identity_attrs = attributes_for_keys [:provider, :extern_uid]
+
         if identity_attrs.any?
           user.identities.build(identity_attrs)
         end
@@ -107,12 +108,13 @@ module API
       #   bio                               - Bio
       #   admin                             - User is admin - true or false (default)
       #   can_create_group                  - User can create groups - true or false
+      #   external                          - Flags the user as external - true or false(default)
       # Example Request:
       #   PUT /users/:id
       put ":id" do
         authenticated_as_admin!
 
-        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :website_url, :projects_limit, :username, :bio, :can_create_group, :admin]
+        attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :website_url, :projects_limit, :username, :bio, :can_create_group, :admin, :external]
         user = User.find(params[:id])
         not_found!('User') unless user
 
diff --git a/lib/banzai/filter/issue_reference_filter.rb b/lib/banzai/filter/issue_reference_filter.rb
index 9f08aa36e8b..2732e0b5145 100644
--- a/lib/banzai/filter/issue_reference_filter.rb
+++ b/lib/banzai/filter/issue_reference_filter.rb
@@ -9,6 +9,11 @@ module Banzai
         Issue
       end
 
+      def self.user_can_see_reference?(user, node, context)
+        issue = Issue.find(node.attr('data-issue')) rescue nil
+        Ability.abilities.allowed?(user, :read_issue, issue)
+      end
+
       def find_object(project, id)
         project.get_issue(id)
       end
diff --git a/lib/gitlab/diff/file.rb b/lib/gitlab/diff/file.rb
index faa2830c16e..d2e85cabf72 100644
--- a/lib/gitlab/diff/file.rb
+++ b/lib/gitlab/diff/file.rb
@@ -24,6 +24,10 @@ module Gitlab
         @lines ||= parser.parse(raw_diff.each_line).to_a
       end
 
+      def too_large?
+        diff.too_large?
+      end
+
       def highlighted_diff_lines
         Gitlab::Diff::Highlight.new(self).highlight
       end
diff --git a/lib/gitlab/git_post_receive.rb b/lib/gitlab/git_post_receive.rb
new file mode 100644
index 00000000000..a088e19d1e7
--- /dev/null
+++ b/lib/gitlab/git_post_receive.rb
@@ -0,0 +1,60 @@
+module Gitlab
+  class GitPostReceive
+    include Gitlab::Identifier
+    attr_reader :repo_path, :identifier, :changes, :project
+
+    def initialize(repo_path, identifier, changes)
+      repo_path.gsub!(/\.git\z/, '')
+      repo_path.gsub!(/\A\//, '')
+
+      @repo_path = repo_path
+      @identifier = identifier
+      @changes = deserialize_changes(changes)
+
+      retrieve_project_and_type
+    end
+
+    def wiki?
+      @type == :wiki
+    end
+
+    def regular_project?
+      @type == :project
+    end
+
+    def identify(revision)
+      super(identifier, project, revision)
+    end
+
+    private
+
+    def retrieve_project_and_type
+      @type = :project
+      @project = Project.find_with_namespace(@repo_path)
+
+      if @repo_path.end_with?('.wiki') && !@project
+        @type = :wiki
+        @project = Project.find_with_namespace(@repo_path.gsub(/\.wiki\z/, ''))
+      end
+    end
+
+    def deserialize_changes(changes)
+      changes = Base64.decode64(changes) unless changes.include?(' ')
+      changes = utf8_encode_changes(changes)
+      changes.lines
+    end
+
+    def utf8_encode_changes(changes)
+      changes = changes.dup
+
+      changes.force_encoding('UTF-8')
+      return changes if changes.valid_encoding?
+
+      # Convert non-UTF-8 branch/tag names to UTF-8 so they can be dumped as JSON.
+      detection = CharlockHolmes::EncodingDetector.detect(changes)
+      return changes unless detection && detection[:encoding]
+
+      CharlockHolmes::Converter.convert(changes, detection[:encoding], 'UTF-8')
+    end
+  end
+end
diff --git a/lib/gitlab/project_search_results.rb b/lib/gitlab/project_search_results.rb
index 0607a8b9592..71c5b6801fb 100644
--- a/lib/gitlab/project_search_results.rb
+++ b/lib/gitlab/project_search_results.rb
@@ -2,7 +2,8 @@ module Gitlab
   class ProjectSearchResults < SearchResults
     attr_reader :project, :repository_ref
 
-    def initialize(project, query, repository_ref = nil)
+    def initialize(current_user, project, query, repository_ref = nil)
+      @current_user = current_user
       @project = project
       @repository_ref = if repository_ref.present?
                           repository_ref
diff --git a/lib/gitlab/search_results.rb b/lib/gitlab/search_results.rb
index f13528a2eea..f8ab2b1f09e 100644
--- a/lib/gitlab/search_results.rb
+++ b/lib/gitlab/search_results.rb
@@ -1,12 +1,13 @@
 module Gitlab
   class SearchResults
-    attr_reader :query
+    attr_reader :current_user, :query
 
     # Limit search results by passed projects
     # It allows us to search only for projects user has access to
     attr_reader :limit_projects
 
-    def initialize(limit_projects, query)
+    def initialize(current_user, limit_projects, query)
+      @current_user = current_user
       @limit_projects = limit_projects || Project.all
       @query = Shellwords.shellescape(query) if query.present?
     end
@@ -58,7 +59,7 @@ module Gitlab
     end
 
     def issues
-      issues = Issue.where(project_id: project_ids_relation)
+      issues = Issue.visible_to_user(current_user).where(project_id: project_ids_relation)
 
       if query =~ /#(\d+)\z/
         issues = issues.where(iid: $1)
diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab
index fc5475c4eef..1324e4cd267 100644
--- a/lib/support/nginx/gitlab
+++ b/lib/support/nginx/gitlab
@@ -30,7 +30,6 @@ server {
   listen [::]:80 default_server;
   server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com
   server_tokens off; ## Don't show the nginx version number, a security best practice
-  root /home/git/gitlab/public;
 
   ## See app/controllers/application_controller.rb for headers set
 
@@ -57,4 +56,14 @@ server {
 
     proxy_pass http://gitlab-workhorse;
   }
+
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 /500.html;
+  error_page 502 /502.html;
+  location ~ ^/(404|422|500|502)\.html$ {
+    root /home/git/gitlab/public;
+    internal;
+  }
+
 }
diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl
index 1e5f85413ec..af6ea9ed706 100644
--- a/lib/support/nginx/gitlab-ssl
+++ b/lib/support/nginx/gitlab-ssl
@@ -45,7 +45,6 @@ server {
   listen [::]:443 ipv6only=on ssl default_server;
   server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com
   server_tokens off; ## Don't show the nginx version number, a security best practice
-  root /home/git/gitlab/public;
 
   ## Strong SSL Security
   ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
@@ -101,4 +100,13 @@ server {
     proxy_set_header    X-Forwarded-Proto   $scheme;
     proxy_pass http://gitlab-workhorse;
   }
+
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 /500.html;
+  error_page 502 /502.html;
+  location ~ ^/(404|422|500|502)\.html$ {
+    root /home/git/gitlab/public;
+    internal;
+  }
 }
author	Grzegorz Bizon <grzesiek.bizon@gmail.com>	2016-03-19 18:50:15 +0100
committer	Grzegorz Bizon <grzesiek.bizon@gmail.com>	2016-03-19 18:50:15 +0100
commit	0115ad66d264f4670f241251acd3e36991134576 (patch)
tree	e60e7773e909de64ccdeebd1cc97928d24073cd2 /lib
parent	9b13ce0b7a50e65dfba31d4865a728c725daa3fe (diff)
parent	4f0302f00ef0c51b67b73429ace0a632971b7f1b (diff)
download	gitlab-ce-0115ad66d264f4670f241251acd3e36991134576.tar.gz