| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Add user projects API
Closes #33657
See merge request !12596
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Introduce cache policies for CI jobs
Closes #33772
See merge request !12483
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Resolve "Project option to allow customizing CI/CD config path"
Closes #32815 and #33130
See merge request !12509
|
| | |\ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
32815--Add-Custom-CI-Config-Path
* commit 'a8a4ca17e444c761ed9fc5dca4542cfec79abe55':
Remove IIFEs around several javascript classes
Handles realtime with 2 states for environments table
Revert "Merge branch '18000-remember-me-for-oauth-login' into 'master'"
Disable Flipper memoizer in tests to avoid transient failures
fix sidebar padding for full-width items (Time Tracking help)
Replace 'snippets/snippets.feature' spinach with rspec
32838 Add wells to admin dashboard overview to fix spacing problems
|
| | |\ \ \ \
| | | |/ /
| | |/| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
32815--Add-Custom-CI-Config-Path
* upstream/master: (149 commits)
Revert change to design. Go back to scrollable page
Fixes the column widths for the new navigation options in settings
Migrate #submodule_url_for to Gitaly
Add test example for external commit status retries
Fix invalid Rails.logger call in lib/gitlab/health_checks/fs_shards_check.rb
Fix build for !12300.
Log rescued exceptions to Sentry
Fix issues with non-UTF8 filenames by always fixing the encoding of tree and blob paths
Revert "Merge branch 'revert-12499' into 'master'"
Prevent accidental deletion of protected MR source branch by repeating checks before actual deletion
Improve the overall UX for the new monitoring dashboard
Document that GitLab 9.3 requires the TRIGGER permission on MySQL
Instrument Unicorn with Ruby exporter
Remove group modal like remove project modal. Closes #33130
Update prometheus client gem
Enables the option in user preferences to turn on the new navigation
Add Jasmine tests for `OAuthRememberMe`
Simplify authentication logic in the v4 users API for !12445.
Use stub_application_setting when testing ApplicationHelper#support_url
wait_for_requests is not needed when AJAX is not in play
...
|
| | | | | | |
|
| | | | | | |
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
32815--Add-Custom-CI-Config-Path
* upstream/master: (39 commits)
Fix rubocop offenses
Make entrypoint and command keys to be array of strings
Add issuable-list class to shared mr/issue lists to fix new responsive layout
New navigation breadcrumbs
Restore timeago translations in renderTimeago.
Automatically hide sidebar on smaller screens
Fix typo in IssuesFinder comment
Remove placeholder note when award emoji slash command is applied
Make setSidebarHeight more efficient with SidebarHeightManager.
Update CHANGELOG.md for 9.3.3
Resolve "More actions dropdown hidden by end of diff"
Use Gitaly 0.14.0
Improve support for external issue references
Make issuables_count_for_state public
Only verifies top position after the request has finished to account for errors
Clarify counter caching for users without project access
Make finders responsible for counter cache keys
Add changelog entry for issue / MR tab counting optimisations
Don't count any confidential issues for non-project-members
Cache total issue / MR counts for project by user type
...
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
32815--Add-Custom-CI-Config-Path
* upstream/master: (123 commits)
Backport changes to Projects::IssuesController and the search bar
bugfix: use `require_dependency` to bring in DeclarativePolicy
Resolve "Select branch dropdown is too close to branch name"
Clean up issuable lists
Defer project destroys within a namespace in Groups::DestroyService#async_execute
Fixed new navgiation bar logo height in Safari
Resolve "Issue dropdown persists when adding issue number to issue description"
Move verification to block level instead of paragraph
Revert "Merge branch 'dm-drop-default-scope-on-sortable-finders' into 'master'"
Added code for defining SHA attributes
Minor edits
Job details won't scroll horizontally to show long lines
Run mysql tests on stable preperation branches like 9-3-stable-patch-2
Bring back branches badge to main project page
optimize translation content based on comments
supplement traditional chinese in taiwan translation
Inserts exact matches of username, email and name to the top of the user search list
Remove Namespace model default scope override and write additional test to Project search
optimize translation content based on comments
Limit OpenGraph image size to 64x64
...
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
15041-Add-Custom-CI-Config-Path
* upstream/master: (12506 commits)
Update CHANGELOG.md for 9.3.2
Update architecture.md
Fix changelog entry file extension
Fix head pipeline stored in merge request for external pipelines
updated gitlab-ci.yml to compile locale
Ignore JSON files generated from PO files
Update mmap2 gem tha disables mmap_obj.gsub! as current implementation uses method that is no longer part of Ruby API
Disable rainbow during SimpleExecutor specs to have consistence
Slightly refactor pipeline schedules form in preparation for additions
Resolve "Submitting reply to existing diff discussion using Cmd/Ctrl+Enter submits twice and refreshes page"
Make the SimpleExecutor rescue exceptions in the executing Checks
Resolve "Unable to access edit comment from dropdown menu in certain screen sizes"
Update changelog item
revert removal of requestAnimationFrame and move to a separate MR/discussion
rename getEmojiCategoryMap and remove unnecessary parameter
Action Buttons on Prio Labels working again by setting pointer events to none on…
Remove 'contains' option from Commit.find_all
Remove Gitlab::Git::Repository#find_all
Use latest chrome and chrome driver in GitLab QA
Polish sidebar toggle
...
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| |_|_|_|_|_|_|/
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
into 'master'
Make filename and path creation compatible with UNIX in web UI
Closes #21362
See merge request !12608
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | |_|_|_|_|_|/
|/| | | | | | |
|
| | |_|_|_|_|/
|/| | | | |
| | | | | | |
This reverts merge request !11963
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Fix API Scoping
Closes #33580 and #33022
See merge request !12300
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | | |
# Conflicts:
# lib/api/users.rb
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- To represent an authorization scope, such as `api` or `read_user`
- This is a better abstraction than the hash we were previously using.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- Use a struct for scopes, so we can call `scope.if` instead of `scope[:if]`
- Refactor the "remove scopes whose :if condition returns false" logic to use a
`select` rather than a `reject`.
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
1. Get the spec for `lib/gitlab/auth.rb` passing.
- Make the `request` argument to `AccessTokenValidationService` optional -
`auth.rb` doesn't need to pass in a request.
- Pass in scopes in the format `[{ name: 'api' }]` rather than `['api']`, which
is what `AccessTokenValidationService` now expects.
2. Get the spec for `API::V3::Users` passing
2. Get the spec for `AccessTokenValidationService` passing
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- They are not included automatically since `API::Users` does not inherit from
`API::API`, as I initially assumed.
- Scopes declared in `API::API` are considered global (to the API), and need to
be included in all cases.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- Scope declarations of the form:
allow_access_with_scope :read_user, if: -> (request) { request.get? }
will only apply for `GET` requests
- Add a negative test to a `POST` endpoint in the `users` API to test this. Also
test for this case in the `AccessTokenValidationService` unit tests.
|
| | | |_|_|/ / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- Declaring an endpoint's scopes in a `before` block has proved to be
unreliable. For example, if we're accessing the `API::Users` endpoint - code
in a `before` block in `API::API` wouldn't be able to see the scopes set in
`API::Users` since the `API::API` `before` block runs first.
- This commit moves these declarations to the class level, since they don't need
to change once set.
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Honor the "Remember me" parameter for OAuth-based login
Closes #18000
See merge request !11963
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- Change double quotes to single quotes.
- Why is `OmniAuth.config.full_host` being reassigned in the integration test?
- Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
- Other minor changes
|
| | | |_|_|_|_|/
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
providers.
- The test for `rake gitlab:env:info` executed the rake task, which mutated the
list of omniauth providers, breaking subsequent tests relying on this list.
- I've changed the rake task to duplicate the providers list before modifying it.
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fix invalid Rails.logger call in lib/gitlab/health_checks/fs_shards_check.rb
See merge request !12641
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Migrate #submodule_url_for to Gitaly
See merge request !12629
|
| | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \
| |_|/ / / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fix issues with non-UTF8 filenames by always fixing the encoding of tree and blob paths
Closes #34529
See merge request !12636
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
blob paths
|
| |\ \ \ \ \ \ \ \ \
| |/ / / / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Add Italian translation of Cycle Analytics Page & Project Page & Repository Page
Closes #34544
See merge request !12578
|
| | | |_|_|_|_|_|/
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
translated of Cycle Analytics Page
translated of Project Page
translated of Repository Page
add Changelog
Closes #34544
|
| | |_|_|_|/ / /
|/| | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Allow unauthenticated access to the `/api/v4/users` API
Closes #34141
See merge request !12445
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- Rather than using an explicit check to turn off authentication for the
`/users` endpoint, simply call `authenticate_non_get!`.
- All `GET` endpoints we wish to restrict already call
`authenticated_as_admin!`, and so remain inacessible to anonymous users.
- This _does_ open up the `/users/:id` endpoint to anonymous access. It contains
the same access check that `/users` users, and so is safe for use here.
- More context: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12445#note_34031323
|
| | |\ \ \ \ \ \ \
| | | |_|_|_|/ /
| | |/| | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
34141-allow-unauthenticated-access-to-the-users-api
- Modify policy code to work with the `DeclarativePolicy` refactor
in 37c401433b76170f0150d70865f1f4584db01fa8.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can
fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC`
visibility level is not restricted.
- Further, as before, `/api/v4/users` is only accessible to unauthenticated users if
the `username` parameter is passed.
- Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual
route + method, rather than the description.
- Change the type of `current_user` check in `UsersFinder` to be more
compatible with EE.
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
- The issue filtering frontend code needs access to this API for non-logged-in
users + public projects. It uses the API to fetch information for a user by
username.
- We don't authenticate this API anymore, but instead - if the `current_user` is
not present:
- Verify that the `username` parameter has been passed. This disallows an
unauthenticated user from grabbing a list of all users on the instance. The
`UsersFinder` class performs an exact match on the `username`, so we are
guaranteed to get 0 or 1 users.
- Verify that the resulting user (if any) is accessible to be viewed publicly
by calling `can?(current_user, :read_user, user)`
|
| |\ \ \ \ \ \ \ \
| |_|_|_|/ / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | | |
Clean up Gitaly tests
See merge request !12526
|
| | | |/ / / / /
| |/| | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Repository#commits
Repository#commits is expensive because it has to use Rugged to walk the Git
tree as opposed to doing a direct ref lookup.
Improves performance in #34533
|
| | |_|_|/ / /
|/| | | | | |
|
