summaryrefslogtreecommitdiff
path: root/app/models/user.rb
Commit message (Collapse)AuthorAgeFilesLines
...
| * Remove unused `User#projects_limit_percent`Mehdi Lahmam2017-08-201-5/+0
| | | | | | | | Its last usage has been removed at 87ffd67617.
| * Remove `User#projects_sorted_by_activity`Mehdi Lahmam2017-08-201-4/+0
| | | | | | | | | | | | Its last usage has been removed at https://gitlab.com/mehlah/gitlab-ce/commit/9df6f7bfad#e6ff2c1091173fd03646752d4e30891f66d33db3_46_48 The method can still be useful but should be renamed `authorized_projects_sorted_by_activity` for better clarity.
* | Merge branch '37202-revert-changes-to-signing-enabled' into 'master'Douwe Maan2017-09-011-1/+1
|\ \ | | | | | | | | | | | | | | | | | | Rollback changes made to signing_enabled. Closes #37202 See merge request !13956
| * | Rollsback changes made to signing_enabled.Tiago Botelho2017-09-011-1/+1
| | |
* | | `current_application_settings` belongs on `Gitlab::CurrentSettings`Sean McGivern2017-08-311-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form.
* | | Move the logic to a concernHiroyuki Sato2017-08-291-1/+2
| | |
* | | Improve AutocompleteController#user.json performanceHiroyuki Sato2017-08-251-1/+1
|/ /
* | Add namespace errors from User#after_updatemk-fix-user-namespace-renameMichael Kozono2017-08-181-1/+6
| |
* | Make username update fail if namespace part failsMichael Kozono2017-08-171-1/+1
|/
* expose Referable#non_referable_inspectdev.non-referable-inspecthttp://jneen.net/2017-08-161-5/+0
|
* Merge branch 'rs-more-public-send-whitelists' into 'master'Rémy Coutable2017-08-161-1/+1
|\ | | | | | | | | Whitelist or fix additional `Gitlab/PublicSend` cop violations See merge request !13467
| * Whitelist or fix additional `Gitlab/PublicSend` cop violationsrs-more-public-send-whitelistsRobert Speicher2017-08-141-1/+1
| | | | | | | | | | An upcoming update to rubocop-gitlab-security added additional violations.
* | Merge branch 'rs-remove-username-from-sanitize-attrs' into 'master'Rémy Coutable2017-08-141-3/+3
|\ \ | |/ |/| | | | | Remove `username` from `User#sanitize_attrs` callback See merge request !13511
| * Remove `username` from `User#sanitize_attrs` callbackrs-remove-username-from-sanitize-attrsRobert Speicher2017-08-111-3/+3
| | | | | | | | | | | | | | | | | | | | This attribute is since validated against `DynamicPathValidator`, which has strict requirements for the characters allowed, and should no longer need to be sanitized in a callback before saving. This has additional benefits in our test suite, where every creation of a `User` record was calling `Sanitize.clean` on a username value that was always clean, since we're the ones generating it.
* | don't send devise notifications to the ghost userhttp://jneen.net/2017-08-111-0/+1
|/
* Prevent user from changing username with container registry tagsMichael Kozono2017-08-091-0/+8
|
* Use full path of user's avatar in webhooks34339-user_avatar-url-in-push-event-webhook-json-payload-is-relative-should-be-absoluteblackst0ne2017-08-091-1/+1
|
* Re-enable SqlInjection and CommandInjectionBrian Neel2017-08-081-5/+5
|
* Memoize a user's personal projects countYorick Peterse2017-08-071-1/+5
| | | | | | | | | | The method User#projects_limit_left would run "personal_projects.count" but such a query is not memoized. As a result multiple calls to User#projects_limit_left would result in multiple COUNT(*) queries being executed. To work around this this commit adds User#personal_projects_count which simply memoizes the result of the COUNT(*) in an instance variable.
* Remove redundant query from User#recent_pushYorick Peterse2017-08-071-10/+8
| | | | | | The "events" table has a foreign key on "events.project_id" with a cascading delete. As such it's impossible for an event to have a non-existing project ID.
* implement #inspect for all Referablesdev.referable-inspecthttp://jneen.net/2017-08-011-0/+5
|
* use db's on_delete instead of has_many :dependentAlexis Reigel2017-07-271-1/+1
|
* use after_commit instead of AfterCommitQueueAlexis Reigel2017-07-271-3/+2
|
* perform signature update in sidekiq workerAlexis Reigel2017-07-271-1/+2
|
* update invalid gpg signatures when email changesAlexis Reigel2017-07-271-0/+5
|
* don't sync to keychain fileAlexis Reigel2017-07-271-7/+0
|
* remove gpg from keychain when user's email changesAlexis Reigel2017-07-271-0/+7
|
* add profile gpg key page to manage gpg keysAlexis Reigel2017-07-271-0/+1
|
* Use Ghost user when edited_by, merged_by deleted34930-fix-edited-byJarka Kadlecova2017-07-191-1/+3
|
* Fixes the user order being overriden in the autocomplete controllerfix-exact-matches-of-username-and-email-on-top-of-the-user-searchTiago Botelho2017-07-141-1/+1
|
* Merge branch 'fixes-for-internal-auth-disabled' into 'master'Sean McGivern2017-07-141-4/+8
|\ | | | | | | | | Fixes needed when GitLab sign-in is not enabled See merge request !12491
| * Fixes needed when GitLab sign-in is not enabledRobin Bobbitt2017-07-131-4/+8
| | | | | | | | | | | | | | | | | | When sign-in is disabled: - skip password expiration checks - prevent password reset requests - don’t show Password tab in User Settings - don’t allow login with username/password for Git over HTTP requests - render 404 on requests to Profiles::PasswordsController
* | Stop sanitizing user 'name' when inserting into dbNathan Neulinger2017-07-121-1/+1
|/ | | | Add spec tests for encoding
* refactor created at filter to use model scopesJames Lopez2017-07-071-0/+1
|
* Rename ActiverecordSerialize copYorick Peterse2017-07-061-1/+1
| | | | | This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written.
* Added Cop to blacklist the use of `dependent:`Yorick Peterse2017-07-061-30/+30
| | | | | | | | This is allowed for existing instances so we don't end up 76 offenses right away, but for new code one should _only_ use this if they _have_ to remove non database data. Even then it's usually better to do this in a service class as this gives you more control over how to remove the data (e.g. in bulk).
* Merge branch '34078-allow-to-enable-feature-flags-with-more-granularity' ↵Robert Speicher2017-06-291-0/+1
|\ | | | | | | | | | | | | | | | | into 'master' Allow the feature flags to be enabled/disabled with more granularity Closes #34078 See merge request !12357
| * Rename FLippable to FeatureGate and make `flipper_group` and `user` mutually ↵Rémy Coutable2017-06-271-1/+1
| | | | | | | | | | | | exclusive Signed-off-by: Rémy Coutable <remy@rymai.me>
| * Allow the feature flags to be enabled/disabled with more granularityRémy Coutable2017-06-271-0/+1
| | | | | | | | | | | | | | | | This allows to enable/disable a feature flag for a given user, or a given Flipper group (must be declared statically in the `flipper.rb` initializer beforehand). Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Inserts exact matches of username, email and name to the top of the user ↵26125-match-username-on-searchTiago Botelho2017-06-291-1/+10
|/ | | | search list
* Provide hint to create a personal access token for Git over HTTPRobin Bobbitt2017-06-261-1/+7
| | | | | | If internal auth is disabled and user is not an LDAP user, present the user with an alert to create a personal access token if he does not have one already.
* Merge branch 'feature/add-new-services' into 'master'Sean McGivern2017-06-261-7/+6
|\ | | | | | | | | Add additional user and email services See merge request !12125
| * fix spec failuresJames Lopez2017-06-251-2/+2
| |
| * refactor update user service not to do auth checksJames Lopez2017-06-231-3/+3
| |
| * refactor emails serviceJames Lopez2017-06-231-2/+0
| |
| * add missing user updatesJames Lopez2017-06-231-3/+4
| |
| * update missing email actionsJames Lopez2017-06-231-1/+1
| |
| * update to use emails destroy serviceJames Lopez2017-06-231-1/+1
| |
* | Add User#full_private_access? to check if user has Private accesstc-refactor-projects-finder-init-collectionToon Claes2017-06-231-0/+6
|/ | | | | | | | | | | | | In CE only the admin has access to all private groups & projects. In EE also an auditor can have full private access. To overcome merge conflicts, or accidental incorrect access rights, abstract this out in `User#full_private_access?`. `User#admin?` now only should be used for admin-only features. For private access-related features `User#full_private_access?` should be used. Backported from gitlab-org/gitlab-ee!2199
* Enable Style/DotPosition Rubocop :cop:Grzegorz Bizon2017-06-211-28/+28
|
View Lorry Controller Status