summaryrefslogtreecommitdiff
path: root/lib/gitlab
Commit message (Collapse)AuthorAgeFilesLines
...
| | * | | | Replace commits calendar with contributions calendarDmitriy Zaporozhets2015-03-212-41/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * count opening of issues and merge requests * dont trigger git repository - use events from database * much-much faster since does not affected by repository size
* | | | | | Merge pull request #8995 from MichaelAlt/patch-1Douwe Maan2015-03-231-1/+0
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Faulty LDAP DN name escaping removed
| * | | | | Faulty LDAP DN name escaping removedMichael Alt2015-03-211-1/+0
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Net::LDAP::Filter.escape function can not be used to escape the DN name because the backslash is required to escape special chars in the DN name. This leads to the error message "Access denied for your LDAP account." and prevents the user from logging in to gitlab. Example DN: CN=Test\, User,OU=Organization,DC=Company CN=Test User,OU=Organization,DC=Company http://www.ietf.org/rfc/rfc4514.txt
* | | | | Fix OAuth2 issue importing a new project from GitHub and GitLabStan Hu2015-03-223-4/+4
| | | | | | | | | | | | | | | | | | | | Closes #1268
* | | | | Merge branch 'disable-ref-generation-in-code-blocks' into 'master'Dmitriy Zaporozhets2015-03-221-1/+7
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Disable reference generation in preformatted/code blocks ### Summary If a user adds text in code or preformatted text via Markdown or HTML that contains `#XXX`, the system adds a note that issue `XXX` was mentioned. This is particularly annoying because we often list gdb backtrace dumps into our issues, and many issues get mentioned as a result. For example: ``` (gdb) bt #0 0x00000000004004c4 in second () at main.cc:6 #1 0x00000000004004d2 in first () at main.cc:11 #2 0x00000000004004dd in main () at main.cc:17 (gdb) ``` ### Steps to reproduce 1. In an issue, write the above text using Markdown or HTML tags (e.g. `<code>`, `<pre>`). 2. Observe that [issue 1](https://gitlab.com/gitlab-org/gitlab-ce/issues/1) and [issue 2](https://gitlab.com/gitlab-org/gitlab-ce/issues/2) have a note that says they were mentioned. ### Expected behavior Everything enclosed in the code blocks should be ignored as references. ### Observed behavior Issues get referenced unnecessarily. ### Fix I've made `reference_extractor.rb` strip out HTML and Markdown blocks before processing. I considered running the raw text through the entire Markdown processor, but this seems overkill and perhaps could lead to some unintended side effects. See merge request !365
| * | | | Disable reference creation for comments surrounded by code/preformatted blocksStan Hu2015-03-191-1/+7
| | | | |
* | | | | Extend push_tag event to include tag message and last commitKamil Trzcinski2015-03-211-1/+2
| |/ / / |/| | |
* | | | Revert "Increase timeout for Git-over-HTTP requests."Dmitriy Zaporozhets2015-03-191-13/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 516bcabbf42d60db2ac989dce4c7187b2a1e5de9. Conflicts: Gemfile
* | | | Fewer constants, more helpers.Douwe Maan2015-03-192-4/+6
|/ / /
* | | Move application setting to separate variable.Marin Jankovski2015-03-181-2/+4
| | |
* | | Handle nil restricted visibility settingsVinnie Okada2015-03-181-1/+5
| | | | | | | | | | | | | | | Return `true` from `non_restricted_level?` when the `restricted_visibility_levels` setting is nil.
* | | Merge branch 'new-branch-commits' into 'master'Dmitriy Zaporozhets2015-03-181-8/+7
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | List new commits for newly pushed branch in activity view. When someone pushes commits, I want to see them, regardless if it's a new or existing branch. If it's a new branch, we compare with the default branch (usually master). ![Screen_Shot_2015-03-17_at_15.49.13](https://dev.gitlab.org/gitlab/gitlabhq/uploads/4cb7e0d833bc83a30197db81d4b273bc/Screen_Shot_2015-03-17_at_15.49.13.png) See merge request !1711
| * | | List new commits for newly pushed branch in activity view.Douwe Maan2015-03-181-8/+7
| | |/ | |/|
* | | Extend the commit calendar to show the actual commits for a dateHannes Rosenögger2015-03-181-0/+8
|/ /
* | Merge branch 'atom-xhtml-squashed' into 'master'Douwe Maan2015-03-171-8/+22
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix invalid Atom feeds when using emoji, horizontal rules, or images This is a fix for issues #880, #723, #1113. Markdown must be rendered to XHTML, not HTML, when generating summary content for Atom feeds. Otherwise, content-less tags like *img* and *hr* are not terminated and make the Atom XML invalid. Such tags are generated when issue descriptions, merge request descriptions, comments, or commit messages use emoji, horizontal rules, or images. To pass this option through from the relevant Haml templates to the proper place in the `gfm()` method, a new method `gfm_with_options()` is introduced. It reuses the options dictionary passed to `markdown()` and interprets options `xhtml` and `parse_tasks` from it (the latter was a convenient replacement for `gfm_with_tasks()`). `xhtml` is already interpreted by Redcarpet::Render::HTML, but that alone was not sufficient, because the post-processing in `gfm()` would convert its XHTML tags back to HTML. I found no way of passing additional optional options to the existing `gfm()` method without requiring updates to existing callers and without getting in the way of the existing optional arguments, but maybe someone who knows more about Ruby than I can think of one. Thorough review appreciated since this is the first time I have used Ruby. See merge request !344
| * | Fix invalid Atom feeds when using emoji, horizontal rules, or images.Christian Walther2015-03-161-8/+22
| | | | | | | | | | | | Fixes issues #880, #723, #1113: Markdown must be rendered to XHTML, not HTML, when generating summary content for Atom feeds. Otherwise, content-less tags like <img> and <hr>, generated when issue descriptions, merge request descriptions, comments, or commit messages use emoji, horizontal rules, or images, are not terminated and make the Atom XML invalid.
* | | Merge branch 'fix-restricted-visibility' into 'master'Dmitriy Zaporozhets2015-03-163-14/+16
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restricted visibility levels - bug fix and new feature This allows admin users to override restricted visibility settings when creating and updating projects and snippets, and moves the restricted visibility configuration from gitlab.yml to the web UI. See #1903. ## Move configuration location I added a new section to the application settings page for restricted visibility levels. Each level has a checkbox, styled with Bootstrap to look like a toggle button. A checked box means that the level is restricted. I added a glowing text shadow and changed the background color for checked buttons because the default styles made it hard to distinguish between checked and unchecked. This image shows the new section with the "Public" box checked: ![restricted_visibility_settings](https://dev.gitlab.org/Okada/gitlabhq/uploads/629562e4313f89b795e81c3bb0f95893/restricted_visibility_settings.png) ## Allow admins to override To allow admin users to override the restricted visibility levels, I had to remove the `visibility_level` validation from the `Project` class. The model doesn't know about the `current_user`, which should determine whether the restrictions can be overridden. We could use the creator in the validation, but that wouldn't work correctly for projects where a non-admin user is the creator and an admin tries to change the project to a restricted visibility level. The `Project::UpdateService` and `Project::CreateService` classes already had code to determine whether the current user is allowed to use a given visibility level; now all visibility level validation is done in those classes. Currently, when a non-admin tries to create or update a project using a restricted level, these classes silently set the visibility level to the global default (create) or the project's existing value (update). I changed this behavior to be more like an Active Model validation, where using a restricted level causes the entire request to be rejected. Project and personal snippets didn't have service classes, and restricted visibility levels weren't being enforced in the model or the controllers. The UI disabled radio buttons for restricted levels, but that wouldn't be difficult to circumvent. I created the `CreateSnippetService` and `UpdateSnippetService` classes to do the same restricted visibility check that the project classes do. And since I was dealing with snippet visibility levels, I updated the API endpoints for project snippets to allow users to set and update the visibility level. ## TODO * [x] Add more tests for restricted visibility functionality cc @sytse @dzaporozhets See merge request !1655
| * \ \ Merge branch 'master' into fix-restricted-visibilityVinnie Okada2015-03-1412-21/+88
| |\ \ \ | | | | | | | | | | | | | | | | | | | | Conflicts: db/schema.rb
| * | | | Enforce restricted visibilities for snippetsVinnie Okada2015-03-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new service classes to create and update project and personal snippets. These classes are responsible for enforcing restricted visibility settings for non-admin users.
| * | | | Move restricted visibility settings to the UIVinnie Okada2015-03-072-11/+13
| | | | | | | | | | | | | | | | | | | | | | | | | Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml.
* | | | | Use `project_member` instead of `team_member`.Douwe Maan2015-03-151-1/+1
| |/ / / |/| | |
* | | | Merge branch 'ldap-unblock-user' into 'master'Dmitriy Zaporozhets2015-03-131-0/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unblock user if they were unblocked in AD. Fixes problem with !1687. See merge request !1694
| * | | | Unblock user if they were unblocked in AD.Douwe Maan2015-03-131-0/+1
| | | | |
* | | | | Merge branch 'tag-branch-hooks' into 'master'Dmitriy Zaporozhets2015-03-131-1/+2
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Execute hooks and services when branch or tag is created or deleted through web interface. Fixes #2095. Split up into commits to make it easier to see why what was changed :) See merge request !1692
| * | | | | Set push data object kind in PushDataBuilder.Douwe Maan2015-03-131-1/+2
| |/ / / /
* | | | | Fix import pages not working after first load.Douwe Maan2015-03-133-3/+3
|/ / / /
* | | | Block user if he/she was blocked in Active DirectoryDmitriy Zaporozhets2015-03-121-1/+8
| | | |
* | | | Add blue theme to GitLabDmitriy Zaporozhets2015-03-111-1/+3
| | | |
* | | | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ceDmitriy Zaporozhets2015-03-111-0/+1
|\ \ \ \
| * \ \ \ Merge branch 'generate-valid-json' into 'master'Hannes Rosenögger2015-03-111-0/+1
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Generate valid json This patch helps to be compatible to other programing languages as it improves the validation of hook data. It seems only ruby can handle 'nil' as value while other json decode function will fatal. See merge request !182
| | * | | | Generate valid json for hooksNicole Cordes2015-03-101-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It seems that ruby can handle 'nil' value but other json processors (like PHP) throw an error. This is always generated for empty arrays.
* | | | | | Merge branch 'ldap-filter-eq' into 'master'Dmitriy Zaporozhets2015-03-112-1/+3
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Escape wildcards when searching LDAP by username. Addresses https://dev.gitlab.org/gitlab/gitlabhq/issues/2086. Also see https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/344 and https://dev.gitlab.org/gitlab/omniauth-ldap/merge_requests/2. See merge request !1644
| * | | | | Escape wildcards when searching LDAP by username.Douwe Maan2015-03-062-1/+3
| | | | | |
* | | | | | Use Gitlab::Git helper methods and constants as much as possible.Douwe Maan2015-03-103-10/+27
| |/ / / / |/| | | |
* | | | | Automatically link commit ranges to compare page.Douwe Maan2015-03-072-4/+40
| |/ / / |/| | |
* | | | Added comment notification events to HipChat and Slack services.Stan Hu2015-03-062-0/+106
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Supports four different event types all bundled under the "note" event type: - comments on a commit - comments on an issue - comments on a merge request - comments on a code snippet
* | | | Merge branch 'timeout' into 'master'Dmitriy Zaporozhets2015-03-051-0/+13
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Increase timeout for Git-over-HTTP requests. Fixes #2081 and https://gitlab.com/gitlab-org/gitlab-ce/issues/232. Normal web requests are bound by the `Rack::Timeout` timeout of 60 seconds, while Grack Git-over-HTTP requests are only bound by Unicorn's timeout which is now set to 1 hour, which should be plenty. The omnibus package should be updated to no longer use `unicorn['worker_timeout']` for the Unicorn timeout, but to set the `Slowpoke.timeout`. See merge request !1619
| * | | | Increase timeout for Git-over-HTTP requests.Douwe Maan2015-03-041-0/+13
| | | | |
* | | | | Merge branch 'add-more-slack-notifications' into 'master'Dmitriy Zaporozhets2015-03-041-0/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add more Slack notifications for issue and merge request events From https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/237 by Stan Hu. See merge request !1556
| * | | | | Issue #595: Support Slack notifications upon issue and merge request eventsStan Hu2015-03-031-0/+1
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Adds a DB migration for all services to toggle on push, issue, and merge events. 2) Upon an issue or merge request event, fire service hooks. 3) Slack service supports custom messages for each of these events. Other services not supported at the moment. 4) Label merge request hooks with their corresponding actions.
* | | | | Web Hook sends email of pusherValery Sizov2015-03-041-0/+2
| |/ / / |/| | |
* | | | Merge branch 'fix-namespace-merge-request-url' into 'master'Marin Jankovski2015-03-041-11/+7
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix namespace in merge request url building Changes in 42387b733b76dfc1f72585015910a50f094e264f now require namespace specification and broke abc69c890513fb58c1ceae7548f4fbcc221b7c34. There are additional helper functions in c530ca00b0f40ec0e0df4d1885ce55e47a59b70d, but this seemed easier not to rely on them. See merge request !363
| * | | | Fix URL builder to use GitlabRoutingHelperStan Hu2015-03-031-11/+7
| | | | |
* | | | | Merge branch 'project-existence-leak' into 'master'Dmitriy Zaporozhets2015-03-031-24/+28
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't leak information about private project existence via Git-over-SSH/HTTP. Fixes #2040 and https://gitlab.com/gitlab-org/gitlab-ce/issues/343. Both `Grack::Auth` (used by Git-over-HTTP) and `Api::Internal /allowed` (used by gitlab-shell/Git-over-SSH) now return a generic "Not Found" error when the project exists but the user doesn't have access to it. See merge request !1578
| * | | | Don't leak information about private project existence via Git-over-SSH/HTTP.Douwe Maan2015-03-021-24/+28
| | | | |
* | | | | Merge branch 'fix-merge-request-url-builder' into 'master'Jeroen van Baarsen2015-03-031-0/+9
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix merge request URL passed to Webhooks If you look at the data structure passed to Webhooks, you will see: `"url"=>nil` I don't think any of the Webhooks or services are using this yet, so right now nothing so far depends upon this value being correct. See merge request !352
| * | | | Fix merge request URL passed to Webhooks.Stan Hu2015-02-241-0/+9
| | | | | | | | | | | | | | | | | | | | Previously the symbol "url" in the object_attributes hash would always be nil.
* | | | | Support names starting with a digit or _ for projects and usersNicolas Bouilleaud2015-03-021-1/+1
| |/ / / |/| | | | | | | | | | | This is what’s actually allowed when creating a user or a project in gitlab.
* | | | Merge branch 'bitbucket-import'Dmitriy Zaporozhets2015-02-2511-15/+249
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: app/views/import/gitorious/status.html.haml db/schema.rb
| * | | | Satisfy Rubocop.Douwe Maan2015-02-241-2/+2
| | | | |
View Lorry Controller Status