summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Clarify config var and add to LDAP docs.ldap-block_auto_created_usersDouwe Maan2015-04-142-1/+8
|
* Add config var to block auto-created LDAP users.Douwe Maan2015-04-146-9/+75
|
* Non-persisted users already have the identity by way of build_new_user.Douwe Maan2015-04-141-0/+2
|
* Merge branch 'dir-traversal' into 'master'Dmitriy Zaporozhets2015-04-143-5/+38
|\ | | | | | | | | | | | | | | | | | | | | | | Fix directory traversal vulnerabilities Fixes gitlab/gitlab-ee#272. As @joern mentions: > This is not exploitable via the front-end nginx. But nevertheless this issue should be addressed. See merge request !1760
| * Add explanation to HelpController#clean_path_info.Douwe Maan2015-04-141-3/+16
| |
| * Fix a whoopsie daisy in the changelog.Douwe Maan2015-04-111-1/+0
| |
| * Fix directory traversal vulnerability around help pages.Douwe Maan2015-04-102-1/+20
| |
| * Fix directory traversal vulnerability around uploads routes.Douwe Maan2015-04-102-4/+6
| |
* | Merge pull request #9126 from Senorsen/masterDmitriy Zaporozhets2015-04-149-5/+37
|\ \ | | | | | | Allow user to choose which email to be public
| * | Allow user to choose which email to be publicSenorsen2015-04-149-5/+37
|/ / | | | | | | | | This commit allows user to show one of their emails in profile page, or don't show email in this page.
* | Revert "Merge branch 'fix-stuck-mr' into 'master'"Douwe Maan2015-04-142-2/+1
| | | | | | | | | | This reverts commit 79b4d0b0c0682fc31d794d8b42d02b3d1bb5b9dc, reversing changes made to a1e147ce223ee52066e7f0ce77ece82eb2dc6bbe.
* | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ceDmitriy Zaporozhets2015-04-1420-137/+22
|\ \
| * \ Merge branch 'revert_fix_email_images' into 'master'Douwe Maan2015-04-145-107/+6
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revert "Merge branch 'fix_email_images' into 'master'" This reverts commit d66148ef393f1748c669c934eec4e928d92ef36a, reversing changes made to cdb64a81a8ca96961033b8ab06d5191ef5449634. This change needed to be reverted, because not enough email clients support inline images. /cc @DouweM As discussed before. I'll try to create a MR to allow access to all images this week. I'm a bit busy at the moment so no guarantees. ;) See merge request !513
| | * | Revert "Merge branch 'fix_email_images' into 'master'"Hannes Rosenögger2015-04-135-107/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit d66148ef393f1748c669c934eec4e928d92ef36a, reversing changes made to cdb64a81a8ca96961033b8ab06d5191ef5449634. This change needed to be reverted, because not enough email clients support inline images.
| * | | Merge branch 'fix_changelog' into 'master'Douwe Maan2015-04-141-2/+3
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Fix wrong merged changelog entries See merge request !514
| | * | | Remove superseeded changelog entry for commit calendarRobert Schilling2015-04-131-1/+0
| | | | |
| | * | | Fix wrong merged changelog entriesRobert Schilling2015-04-131-4/+3
| | | | |
| * | | | Merge branch 'fix-stuck-mr' into 'master'Douwe Maan2015-04-142-1/+2
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix stuck MR If `locked_at` is `nil` return that the merge has been locked long enough and those are old merges stuck in locked state. Fixes #348. Related to 6487419364fa9c179e24028d85b2be10d574067f. See merge request !517
| | * | | | fix stuck MRBen Bodenmiller2015-04-142-1/+2
| | |/ / / | | | | | | | | | | | | | | | fixes #348. related to 6487419364fa9c179e24028d85b2be10d574067f.
| * | | | Merge branch 'fix_tests_help_link_2' into 'master'Hannes Rosenögger2015-04-132-0/+7
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix failing test This should fix: ``` Coverage report generated for RSpec to /home/gitlab-runner/tmp/builds/project-1/coverage. 4331 / 8315 LOC (52.09%) covered. /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/racc-1.4.10/lib/racc/parser.rb:532:in `on_error': (Racc::ParseError) parse error on value "Background" (BACKGROUND) from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/racc-1.4.10/lib/racc/parser.rb:264:in `_racc_do_parse_c' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/racc-1.4.10/lib/racc/parser.rb:264:in `do_parse' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/gherkin-ruby-0.3.1/lib/gherkin_ruby/parser/lexer.rb:31:in `scan_str' from gherkin.y:107:in `parse' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/gherkin-ruby-0.3.1/lib/gherkin_ruby.rb:8:in `parse' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/lib/spinach/parser.rb:39:in `parse' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/lib/spinach/runner.rb:75:in `block in run' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/lib/spinach/runner.rb:74:in `each' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/lib/spinach/runner.rb:74:in `run' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/lib/spinach/cli.rb:27:in `run' from /home/gitlab-runner/lib/ruby/gems/2.1.0/gems/spinach-0.8.7/bin/spinach:15:in `<top (required)>' from /home/gitlab-runner/bin/spinach:23:in `load' from /home/gitlab-runner/bin/spinach:23:in `<main>' rake aborted! ``` Seems that I deleted a bit to much with my last attempt to remove the failing test. I've run the entire spinach suite again locally and it seems to pass. See merge request !516
| | * | | | fix failing testHannes Rosenögger2015-04-132-0/+7
| |/ / / /
| * | | | Merge branch 'fix_tests_help_link' into 'master'Douwe Maan2015-04-133-19/+0
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove failing test Earlier today I accepted a MR that removed the redundant help link on the dashboard sidebar. This MR removes the now failing test. See merge request !515
| | * | | | The help link has been removed. The commit removes the test for it.Hannes Rosenögger2015-04-133-19/+0
| |/ / / /
| * | | | Merge branch 'empty-avatar-alt-text' into 'master'Hannes Rosenögger2015-04-139-9/+10
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Explicitly set image alt to prevent graphical glitches Rails image_tag sets the alt-attribute to the filename which causes graphical glitches if the file could not be loaded. Fixes https://github.com/gitlabhq/gitlabhq/issues/6036. Signed-off-by: Sven Strickroth <email@cs-ware.de> See merge request !503
| | * | | | Explicitly set image alt to prevent graphical glitchesSven Strickroth2015-04-139-9/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rails image_tag sets the alt-attribute to the filename which causes graphical glitches if the file could not be loaded. Fixes https://github.com/gitlabhq/gitlabhq/issues/6036. Signed-off-by: Sven Strickroth <email@cs-ware.de>
| * | | | | Merge branch 'remove-sidebar-help-link' into 'master'Hannes Rosenögger2015-04-131-5/+0
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removed help link from sidebar Closes #1349 I don't see the point in having two links on the page that will do the same thing. See merge request !483
| | * | | | | Removed help link from sidebarPhil Hughes2015-03-311-5/+0
| | | | | | |
| * | | | | | Merge branch 'master' into 'master'Hannes Rosenögger2015-04-131-1/+1
| |\ \ \ \ \ \ | | |_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gitlab 7.9.2 Fresh gitlab in Dockerfile See merge request !501
| | * | | | | gitlab 7.9.2Igor Kostenko2015-04-071-1/+1
| | | |/ / / | | |/| | |
* | | | | | Merge branch 'rs-remove-invalid-key-factories' into 'master'Dmitriy Zaporozhets2015-04-143-22/+9
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove the invalid key factories They're only used once each, and they're easy to build in-place. See merge request !1766
| * | | | | | Remove the invalid key factoriesRobert Speicher2015-04-113-22/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | They're only used once each, and they're easy to build in-place.
* | | | | | | Merge branch 'rs-link-to-performance' into 'master'Dmitriy Zaporozhets2015-04-142-32/+38
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Speed up the overridden `link_to` helper Only bothers to check the provided link's external status if it's a String that doesn't begin with a path or anchor character. See merge request !1767
| * | | | | | Use `start_with?` instead of String slicing to check for external linksRobert Speicher2015-04-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | [ci skip]
| * | | | | | Speed up the overridden `link_to` helperRobert Speicher2015-04-122-32/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only bothers to check the provided link's external status if it's a String that doesn't begin with a path or anchor character.
* | | | | | | Merge branch 'ldap_migration'Dmitriy Zaporozhets2015-04-138-20/+48
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: db/schema.rb
| * | | | | | | Call your existing LDAP server 'main'Jacob Vosmaer2015-04-132-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By imposing this rule we avoid having to demand that 'ldapmain' exists in the settings initializer.
| * | | | | | | Remove test for 'ldap' provider special caseJacob Vosmaer2015-04-131-14/+0
| | | | | | | |
| * | | | | | | Also ldap_group_links where provider='ldap'Jacob Vosmaer2015-04-131-1/+1
| | | | | | | |
| * | | | | | | Merge branch 'ldap_migration' of dev.gitlab.org:gitlab/gitlabhq into ↵Jacob Vosmaer2015-04-131-1/+1
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | ldap_migration
| | * | | | | | | Check for table instead of classDmitriy Zaporozhets2015-04-131-2/+2
| | | | | | | | |
| * | | | | | | | Simplify legacy LDAP config interpretationJacob Vosmaer2015-04-131-2/+3
| | | | | | | | |
| * | | | | | | | Make migration work if LDAP is disabledJacob Vosmaer2015-04-131-2/+7
| |/ / / / / / /
| * | | | | | | Try to explain what we are doingJacob Vosmaer2015-04-131-0/+9
| | | | | | | |
| * | | | | | | Remove special cases for the 'ldap' providerJacob Vosmaer2015-04-132-3/+1
| | | | | | | |
| * | | | | | | Change migration to SQLDmitriy Zaporozhets2015-04-131-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * | | | | | | fix ldap identitiesValery Sizov2015-04-114-4/+26
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Merge branch 'reference-access-control' into 'master'Dmitriy Zaporozhets2015-04-1322-257/+277
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only allow users to reference groups, projects, issues, MRs, commits they have access to. Addresses https://dev.gitlab.org/gitlab/gitlabhq/issues/2183. See merge request !1742
| * | | | | | | Update tests.Douwe Maan2015-04-032-48/+54
| | | | | | | |
| * | | | | | | Refactor ClosingIssueExtractor.Douwe Maan2015-04-033-15/+14
| | | | | | | |
| * | | | | | | Refactor ReferenceExtractor.Douwe Maan2015-04-031-29/+28
| | | | | | | |
View Lorry Controller Status