summaryrefslogtreecommitdiff
path: root/lib/api
Commit message (Collapse)AuthorAgeFilesLines
...
* Add 2FA status to user admin APIStan Hu2015-06-231-0/+1
| | | | Closes https://github.com/gitlabhq/gitlabhq/issues/9391
* Fix error when deleting a user who has projectsStan Hu2015-06-231-1/+1
| | | | | Closes #1856 Closes https://github.com/gitlabhq/gitlabhq/issues/9394
* Fix editing files via APIDmitriy Zaporozhets2015-06-051-24/+26
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Merge branch 'maser/gitlab-ce-order-commit-comments-in-api' into 'master'Dmitriy Zaporozhets2015-06-051-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | Order commit comments in API chronologically When fetching commit comments via API, the comments were not ordered, but just returned in the order Postgresql finds them. Now the API always returns comments in chronological order. Same as !628 but with CI See merge request !768
| * Order commit comments in API chronologicallyMartin Luder2015-05-081-1/+1
| | | | | | | | | | | | When fetching commit comments via API, the comments were not ordered, but just returned in the order Postgresql finds them. Now the API always returns comments in chronological order.
* | Merge branch 'make-namespaces-api-available-to-all-users' into 'master'Dmitriy Zaporozhets2015-06-041-5/+6
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make namespace API available to all users ### What does this MR do? This MR makes it possible for a user to query namespaces to which he/she has access. Also, it adds documentation for the existing API. ### Why was this MR needed? Even though the `groups` API exists, it might still be useful to have an endpoint that tells the namespace type (e.g. `user` vs. `group`), especially if a user has access to a number of different projects. ### What are the relevant issue numbers? Closes https://github.com/gitlabhq/gitlabhq/issues/9328 See merge request !708
| * | Make namespace API available to all usersStan Hu2015-05-281-5/+6
| | | | | | | | | | | | Closes https://github.com/gitlabhq/gitlabhq/issues/9328
* | | Wrap group removal into serviceDmitriy Zaporozhets2015-06-031-1/+1
| | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | | Disable changing of the source branch in merge request update APIStan Hu2015-05-291-2/+6
| | |
* | | You can not remove user if he/she is an only owner of groupDmitriy Zaporozhets2015-05-281-1/+1
|/ / | | | | | | | | | | | | To prevent loose of group data you need to transfer or remove group first before you can remove user Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Add support for Webhook note eventsStan Hu2015-05-211-2/+4
| | | | | | | | Closes https://github.com/gitlabhq/gitlabhq/issues/6745
* | Allow to configure gitlab_shell_secret locationJakub Jirutka2015-05-161-1/+1
| |
* | Add order option for projects APIValery Sizov2015-05-141-1/+6
| |
* | Improve Git access error messages.Douwe Maan2015-05-131-19/+7
| |
* | Added X-GitLab-Event header for web hooksbugagazavr2015-05-081-1/+1
|/
* Add current_sign_in_at to api UserSven Selberg2015-05-041-1/+1
|
* Merge branch 'api-iid' of https://github.com/jubianchi/gitlabhq into ↵Dmitriy Zaporozhets2015-05-033-5/+18
|\ | | | | | | jubianchi-api-iid
| * Query issues, merge requests and milestones with their IID through APIjubianchi2015-05-023-5/+18
| |
* | Merge pull request #9066 from jirutka/fix-6417Dmitriy Zaporozhets2015-05-031-2/+2
|\ \ | |/ |/| Fix #6417: users with group permission should be able to create groups via API
| * Fix #6417: users with group permission should be able to create groups via APIRobert Schilling2015-03-311-2/+2
| |
* | Don't allow a merge request to be merged when its title starts with "WIP".Douwe Maan2015-04-301-2/+2
| |
* | Send 500 errors as JSON in the APIjubianchi2015-04-271-1/+1
| |
* | Revert "Added X-GitLab-Event header for web hooks"Valery Sizov2015-04-271-1/+1
| | | | | | | | This reverts commit 548f182814acd0f7a110e6c165c186e345901b00.
* | Added X-GitLab-Event header for web hooksbugagazavr2015-04-251-1/+1
| |
* | Use project.commit convenience method.Douwe Maan2015-04-243-6/+6
| |
* | Let commit model know about its project.Douwe Maan2015-04-241-2/+2
| |
* | Track who created a group or project member.Douwe Maan2015-04-141-1/+1
| |
* | Use through-relation instead of manually mapping.Douwe Maan2015-04-141-2/+1
| |
* | Rename manage_group ability to admin_group for consistency with project.Douwe Maan2015-04-142-4/+4
| |
* | Include creator_id in project info of APIChristoph Dreis2015-04-101-0/+1
| |
* | Modified lib/api/entities.rb to expose Project class tag_list property to ↵Cristian Medina2015-04-031-1/+1
| | | | | | | | | | | | | | | | the API Updated projects.md to show tag_list field when performing GETs Updated projects_spec.rb to include check for tag_list key in project list Added changes to the CHANGELOG
* | Merge branch 'repository-archive-worker' into 'master'Dmitriy Zaporozhets2015-04-021-5/+6
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Archive repositories in background worker. Depends on https://gitlab.com/gitlab-org/gitlab_git/merge_requests/17 being merged, a new `gitlab_git` being released and this MR's `Gemfile.lock` being updated.. See private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2173. To do after this is merged: Update https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/sv-sidekiq-run.erb in omnibus. See merge request !436
| * | Archive repositories in background worker.Douwe Maan2015-03-311-5/+6
| |/
* | Merge pull request #9023 from dantudor/patch-1Dmitriy Zaporozhets2015-03-311-3/+3
|\ \ | |/ |/| Allow ability to delete branches with '/` in name
| * Added the missing commaDan Tudor2015-03-311-1/+1
| |
| * Allow ability to delete branches with '/` in nameDan Tudor2015-03-251-3/+3
| |
* | Merge branch 'events-paginate' into 'master'Douwe Maan2015-03-301-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | API: Events paginate Updated the api method for /project/:id/events, to use the paginate method instead of limiting and offsetting the recent events in the method itself. This will also change the first page to be 1 instead of 0, but using 0 will still work and will give back the first page. This also add's the link headers (next/first/last). See merge request !267
| * | Updated api method GET /projects/:id/events to use paginate instead of a ↵Stephan van Leeuwen2015-03-241-5/+2
| | | | | | | | | | | | | | | | | | | | | | | | self-implementation Also updated example request url Added changelog item
* | | properly paginate project events in APINihad Abbasov2015-03-291-4/+1
| | |
* | | Merge branch 'master' into 'master'Dmitriy Zaporozhets2015-03-261-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change ordering so that confirm is removed from attrs before attempting to User.build_user Possible fix gitlab-org/gitlab-ce#1296 See merge request !445
| * | | Change ordering so that confirm is removed from attrs before attempting to ↵RICKETTM@uk.ibm.com2015-03-241-2/+2
| |/ / | | | | | | | | | User.build_user
* | | Merge branch 'more-rubocop-styles' into 'master'Dmitriy Zaporozhets2015-03-251-2/+2
|\ \ \ | |_|/ |/| | | | | | | | | | | More rubocop styles See merge request !449
| * | Enable more rubocop style checksDmitriy Zaporozhets2015-03-241-2/+2
| | |
* | | Merge branch 'api-internal-errors' into 'master'Dmitriy Zaporozhets2015-03-252-21/+20
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | Respond with full GitAccess error if user has project read access. Should help with debugging #1236. cc @marin See merge request !437
| * | Respond with full GitAccess error if user has project read access.api-internal-errorsDouwe Maan2015-03-241-1/+1
| | |
| * | Refactor GitAccess to use instance variables.Douwe Maan2015-03-242-20/+19
| |/
* | Unescape branch param to deleteDan Tudor2015-03-241-1/+2
|/ | | | Branch names that contain `/` return a 405 error when being deleted because the slash is escaped to `%2F` This patch will unescape the param prior to executing the delete action.
* Merge branch 'fix-restricted-visibility' into 'master'Dmitriy Zaporozhets2015-03-163-15/+19
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restricted visibility levels - bug fix and new feature This allows admin users to override restricted visibility settings when creating and updating projects and snippets, and moves the restricted visibility configuration from gitlab.yml to the web UI. See #1903. ## Move configuration location I added a new section to the application settings page for restricted visibility levels. Each level has a checkbox, styled with Bootstrap to look like a toggle button. A checked box means that the level is restricted. I added a glowing text shadow and changed the background color for checked buttons because the default styles made it hard to distinguish between checked and unchecked. This image shows the new section with the "Public" box checked: ![restricted_visibility_settings](https://dev.gitlab.org/Okada/gitlabhq/uploads/629562e4313f89b795e81c3bb0f95893/restricted_visibility_settings.png) ## Allow admins to override To allow admin users to override the restricted visibility levels, I had to remove the `visibility_level` validation from the `Project` class. The model doesn't know about the `current_user`, which should determine whether the restrictions can be overridden. We could use the creator in the validation, but that wouldn't work correctly for projects where a non-admin user is the creator and an admin tries to change the project to a restricted visibility level. The `Project::UpdateService` and `Project::CreateService` classes already had code to determine whether the current user is allowed to use a given visibility level; now all visibility level validation is done in those classes. Currently, when a non-admin tries to create or update a project using a restricted level, these classes silently set the visibility level to the global default (create) or the project's existing value (update). I changed this behavior to be more like an Active Model validation, where using a restricted level causes the entire request to be rejected. Project and personal snippets didn't have service classes, and restricted visibility levels weren't being enforced in the model or the controllers. The UI disabled radio buttons for restricted levels, but that wouldn't be difficult to circumvent. I created the `CreateSnippetService` and `UpdateSnippetService` classes to do the same restricted visibility check that the project classes do. And since I was dealing with snippet visibility levels, I updated the API endpoints for project snippets to allow users to set and update the visibility level. ## TODO * [x] Add more tests for restricted visibility functionality cc @sytse @dzaporozhets See merge request !1655
| * Merge branch 'master' into fix-restricted-visibilityVinnie Okada2015-03-141-1/+4
| |\ | | | | | | | | | | | | Conflicts: db/schema.rb
| * | More restricted visibility changesVinnie Okada2015-03-101-4/+4
| | | | | | | | | | | | Bug fixes and new tests for the restricted visibility changes.
View Lorry Controller Status