summaryrefslogtreecommitdiff
path: root/app/controllers/admin
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'rs-disable-2fa-by-admin' into 'master'Dmitriy Zaporozhets2015-07-131-0/+6
|\ | | | | | | | | | | | | | | | | | | Allow admins to disable 2FA for a user > ![Screen_Shot_2015-07-10_at_5.19.13_PM](https://gitlab.com/gitlab-org/gitlab-ce/uploads/3f9bb7c783110d2689c282879cb4b061/Screen_Shot_2015-07-10_at_5.19.13_PM.png) Depends on !961 See merge request !962
| * Add disable_two_factor route for Admin::UsersRobert Speicher2015-07-101-0/+6
| |
* | Fix transferring of project to another group using the API.Douwe Maan2015-07-111-1/+2
|/
* Add support for unlocking users in admin settingsStan Hu2015-07-021-0/+8
| | | | Closes https://github.com/gitlabhq/gitlabhq/issues/9381
* Merge branch 'admin-edit-identities' into 'master'Dmitriy Zaporozhets2015-06-232-1/+51
|\ | | | | | | | | | | | | | | | | | | Admin can see, edit and remove user identities Related to #1415 and https://dev.gitlab.org/gitlab/gitlabhq/issues/2224 Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> See merge request !843
| * Fix admin identities codeDmitriy Zaporozhets2015-06-231-1/+1
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Address review commentsDmitriy Zaporozhets2015-06-221-7/+5
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Refactor admin user pageDmitriy Zaporozhets2015-06-221-1/+10
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Move identities list to own controller actionDmitriy Zaporozhets2015-06-191-4/+8
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Add ability for admin to edit user identityDmitriy Zaporozhets2015-06-191-4/+22
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Admin can see and remove user identitiesDmitriy Zaporozhets2015-06-191-0/+21
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Fix error when deleting a user who has projectsStan Hu2015-06-231-1/+1
|/ | | | | Closes #1856 Closes https://github.com/gitlabhq/gitlabhq/issues/9394
* Merge branch 'feature-session-expire-seconds-ui' into 'master'Douwe Maan2015-06-121-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | Add session expiration delay configuration through UI application Setting is accessible by the administrator through the UI and defaults to 1 week (the current setting) Answers the following suggestions: * http://feedback.gitlab.com/forums/176466-general/suggestions/6210719-make-session-length-configurable * http://feedback.gitlab.com/forums/176466-general/suggestions/6730512-automatic-logout-after-a-time-being-idle See merge request !774
| * session_expire_seconds => session_expire_delaythemaze752015-06-101-1/+1
| | | | | | | | | | delay is in seconds more legible code in session_store Added `GitLab restart required` help block to session_expire_delay
| * Add session expiration delay configuration through UI applicationEric Maziade2015-06-051-0/+1
| | | | | | settings
* | An `in_namespace` scope is already presentzenati2015-06-091-1/+1
|/
* Remove show actions from Admin and Project DeployKeysRobert Speicher2015-06-031-6/+1
|
* Wrap group removal into serviceDmitriy Zaporozhets2015-06-031-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Allow to configure a URL to show after sign outAlex Lossent2015-05-291-0/+1
|
* Add option to disallow users from registering any application to use GitLab ↵user-oauth-applicationsDouwe Maan2015-05-291-0/+1
| | | | as an OAuth provider
* You can not remove user if he/she is an only owner of groupDmitriy Zaporozhets2015-05-281-5/+1
| | | | | | | To prevent loose of group data you need to transfer or remove group first before you can remove user Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Merge branch 'version-check' into 'master'Dmitriy Zaporozhets2015-05-131-0/+1
|\ | | | | | | | | | | Version check See merge request !1509
| * Fix syntax errorDmitriy Zaporozhets2015-05-081-1/+1
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Merge branch 'version-check' into gl-version-checkDmitriy Zaporozhets2015-05-081-0/+1
| |\ | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: app/controllers/admin/application_settings_controller.rb app/views/admin/application_settings/_form.html.haml db/schema.rb
| | * Add feature to disable version checkDmitriy Zaporozhets2015-03-101-1/+2
| | |
* | | Added X-GitLab-Event header for web hooksbugagazavr2015-05-081-1/+1
|/ /
* | Merge branch 'change-primary-email' into 'master'Dmitriy Zaporozhets2015-05-031-2/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow primary email to be set to an email that you've already added. Fixes gitlab-com/support-forum#106. When the user sets their primary email to an email that they've already added to their account, this patch makes sure that secondary email record is destroyed, and a new email record is created for the old primary email. This is based on the assumption that in this case no email was meant to be deleted, but the user simply wanted to change which of their emails is primary. See merge request !591
| * | Allow primary email to be set to an email that you've already added.change-primary-emailDouwe Maan2015-04-301-2/+1
| | |
* | | Add application setting to restrict user signups to e-mail domainsStan Hu2015-05-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This feature was requested long ago: http://feedback.gitlab.com/forums/176466-general/suggestions/4118466-ability-to-register-only-from-ceratain-domains This MR is based off !253 but changed to use application settings and use wildcard strings to give more flexibility in pattern matching. Regexps seemed overkill and easy to get wrong. Only restrict e-mail addresses upon creation
* | | Add helpers for header title and sidebar, and move setting those from ↵Douwe Maan2015-05-011-7/+1
| | | | | | | | | | | | controllers to layouts.
* | | Add a page title to every page.Douwe Maan2015-04-301-1/+7
|/ /
* | Revert "Added X-GitLab-Event header for web hooks"Valery Sizov2015-04-271-1/+1
| | | | | | | | This reverts commit 548f182814acd0f7a110e6c165c186e345901b00.
* | Merge branch 'master' of github.com:gitlabhq/gitlabhqDmitriy Zaporozhets2015-04-271-1/+1
|\ \
| * | Added X-GitLab-Event header for web hooksbugagazavr2015-04-251-1/+1
| | |
* | | Add new admin settingsVinnie Okada2015-04-261-0/+2
|/ / | | | | | | | | Add new global application settings for default project and snippet visibility levels.
* | Fix bug where Slack service channel was not saved in admin template settings.Stan Hu2015-04-241-10/+1
| | | | | | | | | | | | Consolidate allowed parameters in one place to avoid these kinds of bugs in the future. Closes https://github.com/gitlabhq/gitlabhq/issues/9181
* | Fixed the Rails/ActionFilter copJeroen van Baarsen2015-04-209-13/+13
| | | | | | | | Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
* | Track who created a group or project member.Douwe Maan2015-04-141-1/+1
| |
* | Merge branch 'skip-email-reconfirmation' into 'master'Dmitriy Zaporozhets2015-04-131-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | Skip email confirmation when set by admin or via LDAP. Addresses private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2203. See merge request !494
| * | Skip email confirmation when set by admin or via LDAP.skip-email-reconfirmationDouwe Maan2015-04-061-1/+1
| | |
* | | Clean up code.Douwe Maan2015-04-031-5/+9
| | |
* | | Allow admin to create public deploy keys that are accessible to any project.Douwe Maan2015-04-031-0/+45
|/ /
* | Support configurable attachment size via Application SettingsStan Hu2015-04-021-0/+1
| | | | | | | | | | | | Fix bug where error messages from Dropzone would not be displayed on the issues page Closes #1258
* | Include missing events and fix save functionality in admin service template ↵Stan Hu2015-03-231-1/+3
| | | | | | | | | | | | settings form Closes #1275
* | Fix restricted visibility bugsVinnie Okada2015-03-161-1/+3
| | | | | | | | | | | | Check for nil values in the restricted_visibility_level validation method, and set the restricted visibility request parameter to `[]` when it's missing from the request.
* | Merge branch 'fix-restricted-visibility' into 'master'Dmitriy Zaporozhets2015-03-161-1/+9
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restricted visibility levels - bug fix and new feature This allows admin users to override restricted visibility settings when creating and updating projects and snippets, and moves the restricted visibility configuration from gitlab.yml to the web UI. See #1903. ## Move configuration location I added a new section to the application settings page for restricted visibility levels. Each level has a checkbox, styled with Bootstrap to look like a toggle button. A checked box means that the level is restricted. I added a glowing text shadow and changed the background color for checked buttons because the default styles made it hard to distinguish between checked and unchecked. This image shows the new section with the "Public" box checked: ![restricted_visibility_settings](https://dev.gitlab.org/Okada/gitlabhq/uploads/629562e4313f89b795e81c3bb0f95893/restricted_visibility_settings.png) ## Allow admins to override To allow admin users to override the restricted visibility levels, I had to remove the `visibility_level` validation from the `Project` class. The model doesn't know about the `current_user`, which should determine whether the restrictions can be overridden. We could use the creator in the validation, but that wouldn't work correctly for projects where a non-admin user is the creator and an admin tries to change the project to a restricted visibility level. The `Project::UpdateService` and `Project::CreateService` classes already had code to determine whether the current user is allowed to use a given visibility level; now all visibility level validation is done in those classes. Currently, when a non-admin tries to create or update a project using a restricted level, these classes silently set the visibility level to the global default (create) or the project's existing value (update). I changed this behavior to be more like an Active Model validation, where using a restricted level causes the entire request to be rejected. Project and personal snippets didn't have service classes, and restricted visibility levels weren't being enforced in the model or the controllers. The UI disabled radio buttons for restricted levels, but that wouldn't be difficult to circumvent. I created the `CreateSnippetService` and `UpdateSnippetService` classes to do the same restricted visibility check that the project classes do. And since I was dealing with snippet visibility levels, I updated the API endpoints for project snippets to allow users to set and update the visibility level. ## TODO * [x] Add more tests for restricted visibility functionality cc @sytse @dzaporozhets See merge request !1655
| * \ Merge branch 'master' into fix-restricted-visibilityVinnie Okada2015-03-144-9/+10
| |\ \ | | | | | | | | | | | | | | | | Conflicts: db/schema.rb
| * | | Move restricted visibility settings to the UIVinnie Okada2015-03-071-1/+9
| | | | | | | | | | | | | | | | | | | | Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml.
* | | | Use `project_member` instead of `team_member`.Douwe Maan2015-03-151-2/+2
| |/ / |/| |
* | | Use same constant for amount of items per pageDmitriy Zaporozhets2015-03-122-6/+6
| |/ |/|
View Lorry Controller Status