summaryrefslogtreecommitdiff
path: root/app/controllers/projects/commits_controller.rb
Commit message (Collapse)AuthorAgeFilesLines
* Check for valid refs in CommitController before doing anythingStan Hu2018-12-091-0/+5
| | | | | | | | | | Before a 404 would be rendered only after a request to Gitaly would return with an InvalidArgument error. Now we check that the ref have a valid format before sending it to Gitaly. In both cases, a 404 is returned to the user, but this change prevents Gitaly from generating error noise in production. Closes https://gitlab.com/gitlab-org/gitaly/issues/1425
* Revert "[Rails5] Set request.format in commits_controller"Douwe Maan2018-12-031-14/+0
| | | | | | | This reverts commit 6da19415531e4c40f48df2c604efe51578cea295. # Conflicts: # app/controllers/projects/commits_controller.rb
* Merge branch 'security-fix-pat-web-access' into 'master'Cindy Pallares2018-11-281-0/+1
| | | | | [master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2583
* Enable even more frozen string in app/controllersgfyoung2018-09-251-0/+2
| | | | | | | | | | | | Enables frozen string for some vestigial files as well as the following: * app/controllers/projects/**/*.rb * app/controllers/sherlock/**/*.rb * app/controllers/snippets/**/*.rb * app/controllers/users/**/*.rb Partially addresses #47424.
* Disable existing offenses for the CodeReuse copsYorick Peterse2018-09-111-0/+2
| | | | | This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
* Speed up diff comparisons by limiting number of commit messages renderedStan Hu2018-08-221-1/+1
| | | | | | | When a diff has a significant number of commits, the previous behavior would attempt to render the Markdown on all the commit messages but only display 1000 of them. To avoid additional work, we only need to render the Markdown on the set that is displayed.
* Transfer to commits_controller, add test, and update changelogKia Mei Somabes2018-07-241-3/+7
|
* [Rails5] Set request.format in commits_controllerblackst0ne-rails5-set-request-format-in--commits-controllerblackst0ne2018-06-201-0/+14
| | | | | | | | | | | | | | Since Rails 5.0 `request.format` is being set depending on the route extension. In commits pages we pass a ref as a URL parameter. If the ref is an extension-like, Rails converts it and sets to `request.format`. E.g. if the ref is `some_branch.atom`, Rails starts responding with `atom` format, but it should response with `html` because `.atom` is the part of ref name, not the format. This commit explicitly sets `request.format` to `:html` when needed.
* Fetch commit signatures from Gitaly in batchesfeature/fetch-commit-signs-from-gitaly-in-batchAhmad Sherif2018-03-011-25/+19
| | | | Closes gitaly#1046
* Track and act upon the number of executed queriesquery-countsYorick Peterse2018-02-011-0/+5
| | | | | | | | | | | This ensures that we have more visibility in the number of SQL queries that are executed in web requests. The current threshold is hardcoded to 100 as we will rarely (maybe once or twice) change it. In production and development we use Sentry if enabled, in the test environment we raise an error. This feature is also only enabled in production/staging when running on GitLab.com as it's not very useful to other users.
* Retrieve commit signatures with GitalyJacob Vosmaer (GitLab)2018-01-181-20/+26
|
* Fix 404 on empty branchhaseeb2017-11-271-2/+1
|
* Optimise getting the pipeline status of commitsci-pipeline-status-queryYorick Peterse2017-11-161-0/+1
| | | | | This adds an optimised way of getting the latest pipeline status for a list of Commit objects (or just a single one).
* Use Commit#notes and Note.for_commit_id when possible to make sure we use ↵dm-notes-for-commit-idDouwe Maan2017-11-081-3/+0
| | | | all the indexes available to us
* Renders 404 in commits controller if no commits are foundGuilherme Vieira2017-10-181-0/+2
|
* Adds cacheless render to Banzai object render34509-improves-markdown-rendering-performance-for-commits-listTiago Botelho2017-09-061-0/+3
|
* fetch gpg signature badges by ajaxAlexis Reigel2017-07-271-10/+30
|
* Enable Style/DotPosition Rubocop :cop:Grzegorz Bizon2017-06-211-4/+4
|
* Refactor atom builder by using xml.atom layoutTieu-Philippe KHIM2017-06-121-1/+1
|
* Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security'Douwe Maan2016-12-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace MR access checks with use of MergeRequestsFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested - [x] :bomb: app/finders/notes_finder.rb:17 - [x] :warning: app/views/layouts/nav/_project.html.haml:80 [`.count`] - [x] :bomb: app/controllers/concerns/creates_commit.rb:84 - [x] :traffic_light: app/controllers/projects/commits_controller.rb:24 - [x] :traffic_light: app/controllers/projects/compare_controller.rb:56 - [x] :vertical_traffic_light: app/controllers/projects/discussions_controller.rb:29 - [x] :white_check_mark: app/controllers/projects/todos_controller.rb:27 - [x] :vertical_traffic_light: app/models/commit.rb:268 - [x] :white_check_mark: lib/gitlab/search_results.rb:71 - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)` - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`. - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use of unchecked `merged_merge_request?` See merge request !2033
* Pass `@ref` along so we know which pipeline to showLin Jen-Shin2016-10-241-1/+8
| | | | Closes #23615
* Refactoring find_commits functionalityValery Sizov2016-10-201-1/+1
|
* API support for the 'since' and 'until' operators on commit requestsPaco Guzman2016-04-291-1/+1
| | | - Parameter validation as ISO8601 format
* Replaces "Create merge request" link with one to the MR when one existsDouglas Barbosa Alexandre2016-02-101-0/+3
|
* Add support for ref and path to commits filteringDmitriy Zaporozhets2016-01-071-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Filter commits by search parameterDmitriy Zaporozhets2016-01-071-2/+8
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Prevent an XSS warning from the updated Brakemanrs-bump-brakemanRobert Speicher2015-12-271-1/+1
|
* Fix: Inability to reply to code comments in the MR view, if the MR comes ↵comments_fixValery Sizov2015-10-221-1/+1
| | | | from a fork
* Fixed the Rails/ActionFilter copJeroen van Baarsen2015-04-201-3/+3
| | | | Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
* Move 'require_non_empty_project' filter to front so 'assign_ref_vars' ↵Douwe Maan2015-02-201-1/+1
| | | | doesn't 404.
* Apply default scope to labels and remove one for notesDmitriy Zaporozhets2015-02-051-1/+1
|
* Explicitly set before_filter for ref-related controllersDmitriy Zaporozhets2015-01-261-1/+1
|
* remove auth duplicationValery Sizov2014-11-051-1/+0
|
* Factor authorize_push! and authorize_code_access!Ciro Santilli2014-10-131-1/+1
| | | | | with existing method_missing. Pattern already used extensively, so let's be consistent and use it everywhere.
* Remove outdated comment from commits_controllerCiro Santilli2014-10-071-1/+1
|
* notes count in 1 query for mr and commitsskv2014-06-101-0/+2
|
* Drop rjs from Infinite scrollingDmitriy Zaporozhets2013-11-281-1/+1
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Move projects controllers/views in Projects moduleDmitriy Zaporozhets2013-06-231-0/+23
View Lorry Controller Status