summaryrefslogtreecommitdiff
path: root/lib/api
Commit message (Collapse)AuthorAgeFilesLines
* Fix groups API to list only user's accessible projectsStan Hu2016-05-241-2/+1
| | | | Closes #17496
* Enable Style/DefWithParentheses cop and fix single offenseRobert Speicher2016-05-231-1/+1
|
* Dropdown implementationzj-gitignore-dropdownAlfredo Sumaran2016-05-201-5/+5
|
* Backend for a gitignores dropdownZeger-Jan van de Weg2016-05-203-0/+38
|
* Extend runner options that are configurable via APIGrzegorz Bizon2016-05-192-1/+2
|
* Merge branch 'issue_17302' into 'master' Rémy Coutable2016-05-181-18/+29
|\ | | | | | | | | | | | | Fix api leaking notes when user is not authorized to read noteable fixes #17302 See merge request !4102
| * Move note helper method to notes entity fileissue_17302Felipe Artur2016-05-172-6/+8
| |
| * Fix single note api requestFelipe Artur2016-05-162-5/+9
| |
| * Fix notes API calls symbol convertionsFelipe Artur2016-05-101-3/+3
| |
| * Fix api leaking notes when user is not authorized to read noteableFelipe Artur2016-05-091-13/+18
| |
* | Merge branch 'docker-registry' into 'master' Douwe Maan2016-05-162-1/+7
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added authentication service for docker registry This adds a simple authentication service for docker which uses current user credentials to authenticate pulls and pushes. I have only one concern. Since the `.docker/config` is unencrypted, thus the password for user stored there is unencrypted, maybe we should from the start implement function to generate/provide a separate password just for the purposes of accessing docker registry? What do you think @jacobvosmaer @sytses @marin? cc @marin See merge request !3787
| * \ Merge remote-tracking branch 'origin/master' into docker-registryKamil Trzcinski2016-05-1310-250/+256
| |\ \ | | | | | | | | | | | | | | | | # Conflicts: # config/initializers/1_settings.rb
| * | | Remove unused partsKamil Trzcinski2016-05-092-188/+0
| | | |
| * | | Rename `images` to `container_registry`Kamil Trzcinski2016-05-092-6/+6
| | | |
| * | | Revert "Eager load `lib/api`"Kamil Trzcinski2016-05-092-138/+138
| | | | | | | | | | | | | | | | This reverts commit 0a280158efeb7f681589ae7af24f0ed9052de809.
| * | | Merge remote-tracking branch 'origin/master' into docker-registryKamil Trzcinski2016-05-094-7/+42
| |\ \ \
| * | | | Eager load `lib/api`Timothy Andrew2016-04-292-138/+138
| | | | | | | | | | | | | | | | | | | | - So that the server doesn't have to be restarted for every change in dev.
| * | | | Missing parameters of docker payloadKamil Trzcinski2016-04-291-2/+21
| | | | |
| * | | | AudienceKamil Trzcinski2016-04-291-0/+1
| | | | |
| * | | | Auth tokenKamil Trzcinski2016-04-291-1/+2
| | | | |
| * | | | Try to fix auth serviceKamil Trzcinski2016-04-291-17/+17
| | | | |
| * | | | Make images_enabled configurableKamil Trzcinski2016-04-292-1/+7
| | | | |
| * | | | Added authentication service for docker registryKamil Trzcinski2016-04-292-0/+167
| | | | |
* | | | | Clean up LegacyDiffNote somewhatDouwe Maan2016-05-131-1/+1
| | | | |
* | | | | Extract LegacyDiffNote out of NoteDouwe Maan2016-05-132-3/+5
| |_|/ / |/| | |
* | | | Codestyle: make sure we have space around operatorsGabriel Mazetto2016-05-131-1/+1
| | | |
* | | | Add API endpoints for un/subscribing from/to a labelAhmad Sherif2016-05-127-77/+80
| | | | | | | | | | | | | | | | Closes #15638
* | | | Merge branch '17249-starred' into 'master' Robert Speicher2016-05-111-1/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restrict starred projects to viewable ones `User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects. Closes #17249. See merge request !4108
| * | | | Restrict starred projects to viewable onesSean McGivern2016-05-101-1/+1
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects.
* | | | Fix a few places where autoloading would failRémy Coutable2016-05-103-169/+172
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fix naming of API::CommitStatuses - Ensure we use require_dependency instead of require - Ensure the namespace is right in lib/api/api.rb, otherwise, we might require Grape::API::Helpers which defines the `#params` method. This is to avoid requiring a file multiple times and getting an "Already initialized constant" error. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Expose MergeRequest#user_notes_count in the API and use the method in issues ↵Rémy Coutable2016-05-091-1/+1
| | | | | | | | | | | | | | | | | | list Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | API: Expose Issue#user_notes_countcnam-dep2016-05-091-1/+1
| |/ |/|
* | Merge branch 'pacoguzman/gitlab-ce-15001-since-and-until-operators-api-commits'Douwe Maan2016-05-042-1/+23
|\ \ | | | | | | | | | | | | # Conflicts: # Gemfile.lock
| * | API support for the 'since' and 'until' operators on commit requestsPaco Guzman2016-04-292-1/+23
| | | | | | | | | - Parameter validation as ISO8601 format
* | | Merge remote-tracking branch 'dev/master' into 'master'Robert Speicher2016-05-022-6/+19
|\ \ \ | |_|/ |/| |
| * | Merge branch '15579-filter-milestone-confidential-issues-api' into 'master' Robert Speicher2016-04-261-1/+9
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | Prevent information disclosure via milestone API Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579 See merge request !1961
| | * | Filter confidential issues from milestones API if user does not have accessStan Hu2016-04-251-1/+9
| | |/ | | | | | | | | | Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579
| * | Prevent private snippets in public/internal projects from being leaked via APIStan Hu2016-04-251-5/+10
| |/ | | | | | | Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15580
* | Use ActionDispatch Remote IP for Akismet checkingStan Hu2016-04-271-2/+2
|/ | | | | | | | Previously all remote IPs appeared at 127.0.0.1, which made Akismet not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html) should provide more reliable results. Closes #16629
* Prevent users from deleting Webhooks via API they do not ownStan Hu2016-04-241-2/+2
| | | | Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15576
* Merge branch 'ci-commit-as-pipeline' into 'master' Kamil Trzciński2016-04-211-4/+17
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ci::Commit becomes a Pipeline object 1. Ci::Commit receives context: ref, :tag. 1. One Ci::Commit describes a one Pipeline 1. Pipeline is created from `.gitlab-ci.yml` 1. Pipeline is a ordered group of builds 1. We test MR against Pipeline 1. Pipelines have a separate view (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3703) 1. Pipeline can be triggered from UI (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3703) 1. Later we change `Trigger -> TriggerRequest -> Build` to `Trigger -> Pipeline` (future) 1. We add a Pipeline Hook that will be triggered on Pipeline status change (future) 1. We extend notifications to use `Pipeline Hook` to send summary on pipeline changes (future) After merging that I'll prepare a separate MR that will unify naming, database columns, table names: ``` Ci::Commit -> Pipeline Ci::Build -> Build CommitStatus -> Job GenericCommitStatus -> ExternalJob ci_commits -> pipelines ci_builds -> jobs ``` This MR implements first 5 points. This is made to solve this issue https://gitlab.com/gitlab-org/gitlab-ce/issues/14149. See merge request !3653
| * Merge remote-tracking branch 'origin/master' into ci-commit-as-pipelineci-commit-as-pipelineKamil Trzcinski2016-04-193-5/+13
| |\ | | | | | | | | | | | | # Conflicts: # db/schema.rb
| * | Write specs for this featureKamil Trzcinski2016-04-161-6/+13
| | |
| * | Merge remote-tracking branch 'origin/master' into ci-commit-as-pipelineKamil Trzcinski2016-04-165-2/+120
| |\ \ | | | | | | | | | | | | | | | | # Conflicts: # db/schema.rb
| * \ \ Merge remote-tracking branch 'origin/master' into ci-commit-as-pipelineKamil Trzcinski2016-04-139-15/+104
| |\ \ \
| * | | | Fix specsKamil Trzcinski2016-04-111-4/+10
| | | | |
| * | | | Use Ci::Commit as PipelineKamil Trzcinski2016-04-111-1/+1
| | | | |
* | | | | Fix setting of "action" for Grape transactionsYorick Peterse2016-04-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Merely setting the "action" tag will only result in the transaction itself containing a value for this tag. To ensure other metrics also contain this tag we must set the action using Transaction#action= instead.
* | | | | Merge branch 'license-templates-and-api-12804' into 'master' Robert Speicher2016-04-203-0/+71
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | License templates when creating/editing a LICENSE file Closes #12804 See merge request !3660
| * | | | Rename License entity to RepoLicense to avoid conflict with EElicense-templates-and-api-12804Rémy Coutable2016-04-192-3/+3
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
View Lorry Controller Status