Merge branch 'master' into markdown-tags

author: Vinnie Okada <vokada@mrvinn.com> 2015-03-24 20:03:22 -0600
committer: Vinnie Okada <vokada@mrvinn.com> 2015-03-24 20:03:22 -0600
commit: 057c8c344b6518cb50b81607e0f88734fc164a9e (patch)
tree: 996afee0c0f33bd6308f83b330a179dc29dfb48a /lib
parent: 637ca0b388382112850fd3052a961bb07db34d14 (diff)
parent: b9372c999707558b695fa401b4f660a3d38fce86 (diff)
download: gitlab-ce-057c8c344b6518cb50b81607e0f88734fc164a9e.tar.gz
8 files changed, 124 insertions, 60 deletions
diff --git a/lib/api/branches.rb b/lib/api/branches.rb
index b52d786e020..edfdf842f85 100644
--- a/lib/api/branches.rb
+++ b/lib/api/branches.rb
@@ -1,4 +1,5 @@
 require 'mime/types'
+require 'uri'
 
 module API
   # Projects API
@@ -103,7 +104,7 @@ module API
       delete ":id/repository/branches/:branch" do
         authorize_push_project
         result = DeleteBranchService.new(user_project, current_user).
-          execute(params[:branch])
+          execute(URI.unescape(params[:branch]))
 
         if result[:status] == :success
           {
diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb
index ee877e099b1..ffe4565ef1e 100644
--- a/lib/gitlab/backend/grack_auth.rb
+++ b/lib/gitlab/backend/grack_auth.rb
@@ -1,3 +1,4 @@
+require_relative 'rack_attack_helpers'
 require_relative 'shell_env'
 
 module Grack
@@ -85,25 +86,41 @@ module Grack
         user = oauth_access_token_check(login, password)
       end
 
-      return user if user.present?
-
-      # At this point, we know the credentials were wrong. We let Rack::Attack
-      # know there was a failed authentication attempt from this IP. This
-      # information is stored in the Rails cache (Redis) and will be used by
-      # the Rack::Attack middleware to decide whether to block requests from
-      # this IP.
+      # If the user authenticated successfully, we reset the auth failure count
+      # from Rack::Attack for that IP. A client may attempt to authenticate
+      # with a username and blank password first, and only after it receives
+      # a 401 error does it present a password. Resetting the count prevents
+      # false positives from occurring.
+      #
+      # Otherwise, we let Rack::Attack know there was a failed authentication
+      # attempt from this IP. This information is stored in the Rails cache
+      # (Redis) and will be used by the Rack::Attack middleware to decide
+      # whether to block requests from this IP.
       config = Gitlab.config.rack_attack.git_basic_auth
-      Rack::Attack::Allow2Ban.filter(@request.ip, config) do
-        # Unless the IP is whitelisted, return true so that Allow2Ban
-        # increments the counter (stored in Rails.cache) for the IP
-        if config.ip_whitelist.include?(@request.ip)
-          false
+
+      if config.enabled
+        if user
+          # A successful login will reset the auth failure count from this IP
+          Rack::Attack::Allow2Ban.reset(@request.ip, config)
         else
-          true
+          banned = Rack::Attack::Allow2Ban.filter(@request.ip, config) do
+            # Unless the IP is whitelisted, return true so that Allow2Ban
+            # increments the counter (stored in Rails.cache) for the IP
+            if config.ip_whitelist.include?(@request.ip)
+              false
+            else
+              true
+            end
+          end
+
+          if banned
+            Rails.logger.info "IP #{@request.ip} failed to login " \
+              "as #{login} but has been temporarily banned from Git auth"
+          end
         end
       end
 
-      nil # No user was found
+      user
     end
 
     def authorized_request?
diff --git a/lib/gitlab/backend/rack_attack_helpers.rb b/lib/gitlab/backend/rack_attack_helpers.rb
new file mode 100644
index 00000000000..8538f3f6eca
--- /dev/null
+++ b/lib/gitlab/backend/rack_attack_helpers.rb
@@ -0,0 +1,31 @@
+# rack-attack v4.2.0 doesn't yet support clearing of keys.
+# Taken from https://github.com/kickstarter/rack-attack/issues/113
+class Rack::Attack::Allow2Ban
+  def self.reset(discriminator, options)
+    findtime = options[:findtime] or raise ArgumentError, "Must pass findtime option"
+
+    cache.reset_count("#{key_prefix}:count:#{discriminator}", findtime)
+    cache.delete("#{key_prefix}:ban:#{discriminator}")
+  end
+end
+
+class Rack::Attack::Cache
+  def reset_count(unprefixed_key, period)
+    epoch_time = Time.now.to_i
+    # Add 1 to expires_in to avoid timing error: http://git.io/i1PHXA
+    expires_in = period - (epoch_time % period) + 1
+    key = "#{(epoch_time / period).to_i}:#{unprefixed_key}"
+    delete(key)
+  end
+
+  def delete(unprefixed_key)
+    store.delete("#{prefix}:#{unprefixed_key}")
+  end
+end
+
+class Rack::Attack::StoreProxy::RedisStoreProxy
+  def delete(key, options={})
+    self.del(key)
+    rescue Redis::BaseError
+  end
+end
diff --git a/lib/gitlab/commits_calendar.rb b/lib/gitlab/commits_calendar.rb
deleted file mode 100644
index 8963d346b6f..00000000000
--- a/lib/gitlab/commits_calendar.rb
+++ /dev/null
@@ -1,41 +0,0 @@
-module Gitlab
-  class CommitsCalendar
-    attr_reader :timestamps
-
-    def initialize(projects, user)
-      @timestamps = {}
-      date_timestamps = []
-
-      projects.reject(&:forked?).each do |project|
-        date_timestamps << ProjectContributions.new(project, user).commits_log
-      end
-
-      # Sumarrize commits from all projects per days
-      date_timestamps = date_timestamps.inject do |collection, date|
-        collection.merge(date) { |k, old_v, new_v| old_v + new_v }
-      end
-
-      date_timestamps ||= []
-      date_timestamps.each do |date, commits|
-        timestamp = Date.parse(date).to_time.to_i.to_s rescue nil
-        @timestamps[timestamp] = commits if timestamp
-      end
-    end
-
-    def self.get_commits_for_date(projects, user, date)
-      user_commits = {}
-      projects.reject(&:forked?).each do |project|
-        user_commits[project] = ProjectContributions.new(project, user).user_commits_on_date(date)
-      end
-      user_commits
-    end
-
-    def starting_year
-      (Time.now - 1.year).strftime("%Y")
-    end
-
-    def starting_month
-      Date.today.strftime("%m").to_i
-    end
-  end
-end
diff --git a/lib/gitlab/contributions_calendar.rb b/lib/gitlab/contributions_calendar.rb
new file mode 100644
index 00000000000..3fd0823df06
--- /dev/null
+++ b/lib/gitlab/contributions_calendar.rb
@@ -0,0 +1,56 @@
+module Gitlab
+  class ContributionsCalendar
+    attr_reader :timestamps, :projects, :user
+
+    def initialize(projects, user)
+      @projects = projects
+      @user = user
+    end
+
+    def timestamps
+      return @timestamps if @timestamps.present?
+
+      @timestamps = {}
+      date_from = 1.year.ago
+      date_to = Date.today
+
+      events = Event.reorder(nil).contributions.where(author_id: user.id).
+        where("created_at > ?", date_from).where(project_id: projects).
+        group('date(created_at)').
+        select('date(created_at), count(id) as total_amount').
+        map(&:attributes)
+
+      dates = (1.year.ago.to_date..(Date.today + 1.day)).to_a
+
+      dates.each do |date|
+        date_id = date.to_time.to_i.to_s
+        @timestamps[date_id] = 0
+        day_events = events.find { |day_events| day_events["date"] == date }
+
+        if day_events
+          @timestamps[date_id] = day_events["total_amount"]
+        end
+      end
+
+      @timestamps
+    end
+
+    def events_by_date(date)
+      events = Event.contributions.where(author_id: user.id).
+        where("created_at > ? AND created_at < ?", date.beginning_of_day, date.end_of_day).
+        where(project_id: projects)
+
+      events.select do |event|
+        event.push? || event.issue? || event.merge_request?
+      end
+    end
+
+    def starting_year
+      (Time.now - 1.year).strftime("%Y")
+    end
+
+    def starting_month
+      Date.today.strftime("%m").to_i
+    end
+  end
+end
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index 3c426179375..b81f3e8e8f5 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -14,7 +14,6 @@ module Gitlab
       end
 
       def self.find_by_dn(dn, adapter)
-        dn = Net::LDAP::Filter.escape(dn)
         adapter.user('dn', dn)
       end
 
diff --git a/lib/gitlab/markdown.rb b/lib/gitlab/markdown.rb
index 11da4be4022..41bb8d08924 100644
--- a/lib/gitlab/markdown.rb
+++ b/lib/gitlab/markdown.rb
@@ -368,11 +368,12 @@ module Gitlab
       # ActiveSupport::SafeBuffer, hence the `String.new`
       String.new(text).gsub(Taskable::TASK_PATTERN_HTML) do
         checked = $LAST_MATCH_INFO[:checked].downcase == 'x'
+        p_tag = $LAST_MATCH_INFO[:p_tag]
 
         if checked
-          "#{li_tag}#{checked_box}"
+          "#{li_tag}#{p_tag}#{checked_box}"
         else
-          "#{li_tag}#{unchecked_box}"
+          "#{li_tag}#{p_tag}#{unchecked_box}"
         end
       end
     end
diff --git a/lib/gitlab/project_search_results.rb b/lib/gitlab/project_search_results.rb
index 8b85f3da83f..0dab7bcfa4d 100644
--- a/lib/gitlab/project_search_results.rb
+++ b/lib/gitlab/project_search_results.rb
@@ -67,7 +67,7 @@ module Gitlab
     end
 
     def notes
-      Note.where(project_id: limit_project_ids).search(query).order('updated_at DESC')
+      Note.where(project_id: limit_project_ids).user.search(query).order('updated_at DESC')
     end
 
     def limit_project_ids
author	Vinnie Okada <vokada@mrvinn.com>	2015-03-24 20:03:22 -0600
committer	Vinnie Okada <vokada@mrvinn.com>	2015-03-24 20:03:22 -0600
commit	057c8c344b6518cb50b81607e0f88734fc164a9e (patch)
tree	996afee0c0f33bd6308f83b330a179dc29dfb48a /lib
parent	637ca0b388382112850fd3052a961bb07db34d14 (diff)
parent	b9372c999707558b695fa401b4f660a3d38fce86 (diff)
download	gitlab-ce-057c8c344b6518cb50b81607e0f88734fc164a9e.tar.gz