summaryrefslogtreecommitdiff
path: root/spec/requests
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'rc-use-grape-dsl-to-document-members-api' into 'master' Robert Speicher2016-10-061-4/+12
|\ | | | | | | | | | | | | API: Use Grape DSL to document access requests and members endpoints Part of #21979, depends on gitlab-org/gitlab-ce!6267 and gitlab-org/gitlab-ce!6266. See merge request !6269
| * Use Grape DSL to document methods and their paramsrc-use-grape-dsl-to-document-members-apiRémy Coutable2016-10-051-4/+12
| | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Merge branch 'mahcsig/gitlab-ce-17350-multi-file-commit'Rémy Coutable2016-10-061-6/+267
|\ \ | | | | | | | | | See !6096.
| * | multi-file commitMarc Siegfriedt2016-10-051-6/+267
| | | | | | | | | | | | | | | | | | add docs and tests - add additional validation allow move without content updated response
* | | Merge branch 'issue-board-api-support' into 'master' Dmitriy Zaporozhets2016-10-061-0/+192
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Issue Board API support ## What does this MR do? Adds support for Issue Board in the API. ## Are there points in the code the reviewer needs to double check? ~~Double check whether the Issue Board list movement fix is needed.~~ *Moved to a separate issue.* [#22890](https://gitlab.com/gitlab-org/gitlab-ce/issues/22890) ## Why was this MR needed? Currently the API offers partial support to a project's Issue Board indirectly through Labels. This MR adds support for listing, creating, moving and removing board lists. ## Does this MR meet the acceptance criteria? - [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [X] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [X] API support added - Tests - [X] Added for this feature/bug - [X] All builds are passing - [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if you do - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? [#22195](https://gitlab.com/gitlab-org/gitlab-ce/issues/22195) See merge request !6646
| * | | Added Issue Board API supportAndre Guedes2016-10-051-0/+192
| |/ / | | | | | | | | | - Includes documentation and tests
* | | Merge commit 'dev/security' into 'master'Rémy Coutable2016-10-062-7/+34
|\ \ \ | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * \ \ Merge branch '22435-no-api-state-change-via-rails-session' into 'security' Douwe Maan2016-09-281-6/+33
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | API: disable rails session auth for non-GET/HEAD requests Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435 See merge request !1999
| | * | | API: disable rails session auth for non-GET/HEAD requestsNick Thomas2016-09-231-6/+33
| | | | |
| * | | | Enforce the fork_project permission in Projects::CreateServiceNick Thomas2016-09-271-1/+1
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly. CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible. Several tests depend on the insecure behaviour of ForkService, so fi them up at the same time.
* | | | Merge branch 'fix_group_links_404' into 'master' Fatih Acet2016-10-051-0/+10
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix group links 404 ### What does this MR do? This MR should fix the 404 page, when creating a new group links without selecting any group from the group dropdown list. ### What are the relevant issue numbers? Closes #20766 See merge request !6155
| * | | fix group links 404barthc2016-10-051-0/+10
| | |/ | |/|
* | | Merge branch 'update-runner-information' into 'master' Rémy Coutable2016-10-051-16/+27
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update runner version only when updating contacted_at ## What does this MR do? Improves how we update runners table, especially the version. This is another round of improvements to reduce number of `ci_runners` updates. I did make `contacted_at` to be updated more often (on average every 15 minutes). We will also update version information in one go to solve: https://gitlab.com/gitlab-org/gitlab-ce/issues/22206 Improves: https://gitlab.com/gitlab-org/gitlab-ce/issues/22590 Solves: https://gitlab.com/gitlab-org/gitlab-ce/issues/22206 See merge request !6537
| * | Add some tests for updating ci runner informationupdate-runner-informationGrzegorz Bizon2016-10-031-16/+27
| | |
* | | Invert method's namingRémy Coutable2016-10-031-1/+1
| | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Improve Members::DestroyServiceRémy Coutable2016-10-031-2/+12
|/ / | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Merge branch ↵Robert Speicher2016-10-021-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '21983-member-add_user-doesn-t-detect-existing-members-that-have-requested-access' into 'master' Resolve "`Member.add_user`doesn't detect existing members that have requested access" ## What does this MR do? This merge request handle the case when an access requester is added to a group or project (via the members page or the API). In `Member.add_user`, if an access requester already exists, we simply accept their request (and set the `created_by`, `access_level` and `expires_at` attributes if given). ## Are there points in the code the reviewer needs to double check? I've taken the opportunity to cleanup the whole `{Group,Project}Member.add_user*` methods since it was quite a mess. ## What are the relevant issue numbers? Closes #21983 See merge request !6393
| * | Allow Member.add_user to handle access requestersRémy Coutable2016-09-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes include: - Ensure Member.add_user is not called directly when not necessary - New GroupMember.add_users_to_group to have the same abstraction level as for Project - Refactor Member.add_user to take a source instead of an array of members - Fix Rubocop offenses - Always use Project#add_user instead of project.team.add_user - Factorize users addition as members in Member.add_users_to_source - Make access_level a keyword argument in GroupMember.add_users_to_group and ProjectMember.add_users_to_projects - Destroy any requester before adding them as a member - Improve the way we handle access requesters in Member.add_user Instead of removing the requester and creating a new member, we now simply accepts their access request. This way, they will receive a "access request granted" email. - Fix error that was previously silently ignored - Stop raising when access level is invalid in Member, let Rails validation do their work Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Merge branch 'rc-new-members-request-access-service' into 'master' Robert Speicher2016-10-021-2/+16
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | New `Members::RequestAccessService` Part of #21979. See merge request !6265
| * | | New Members::RequestAccessServiceRémy Coutable2016-09-221-2/+16
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | Merge branch 'koding-setting-api' into 'master' Robert Speicher2016-09-301-10/+26
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expose the Koding application settings in the API ## Why was this MR needed? When saving the GitLab application secrets in Koding, and authorising your admin user to have access to the UI, we want to let Koding enable the integration, and populate the url in GitLab for the user. ## What are the relevant issue numbers? Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22705 See merge request !6555
| * | | | Expose the Koding application settings in the APIkoding-setting-apiDJ Mountney2016-09-291-10/+26
| | | | | | | | | | | | | | | | | | | | This will allow the Koding app to enable the integration itself once is has authorized an admin user using the application secrets.
* | | | | Allowing ">" to be used for Milestone models's title and storing the value ↵Makoto Scott-Hinkle2016-09-291-0/+8
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | in db as unescaped. Updating test value for milestone title Adding API test for title with reserved HTML characters. Updating changelog Adding the MR number for fixing bug #22452. removing duplicate line Updating MR number.
* | | | Merge branch 'issue_22382' into 'master' Rémy Coutable2016-09-291-3/+6
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expose project share expiration_date field on API closes #22382 See merge request !6484
| * | | | Expose project share expiration_date field on APIissue_22382Felipe Artur2016-09-281-3/+6
| | |_|/ | |/| |
* | | | Merge branch '22367-add-pipeline-id-build' into 'master' Rémy Coutable2016-09-291-0/+27
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expose pipeline data in builds API Exposes pipeline data in builds API, as suggested by #22367. The fields exposed were 'id', 'status', 'ref', and 'sha'. Closes #22367 See merge request !6502
| * | | | expose pipeline data in builds APIGuilherme Salazar2016-09-281-0/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add pipeline ref, sha, and status to the build API response add tests of build API (pipeline data) change API documentation for builds API log change to builds API in CHANGELOG CHANGELOG: add reference to pull request and contributor's name
* | | | | Merge branch 'lfs-ssh-authorization-fix' into 'master' Douwe Maan2016-09-282-3/+30
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not regenerate the `lfs_token` every time `git-lfs-authenticate` is called ## What does this MR do? Do not regenerate the `lfs_token` every time `git-lfs-authenticate` is called, instead return the saved token if one is present. This was causing a lot of 401s, leading to 403s, as state in #22527 As it turns out, when pushing a lot of LFS objects, the LFS client was calling `git-lfs-authenticate` in the middle of the request again. This caused the `lfs_token` to be regenerated. The problem lies in that the LFS client was not aware of this change, and was still using the old token. This caused all subsequent requests to fail with a 401 error. Since HTTP Auth is protected by Rack Attack, this 401s where immediately flagged and resulted in the IP of the user being banned. With this change, GitLab returns the value stored in Redis, if one is present, thus if the LFS client calls `git-lfs-authenticate` again during the request, the auth header will remain unchanged, allowing all subsequent requests to continue without issues. ## What are the relevant issue numbers? Fixes #22527 cc @SeanPackham @jacobvosmaer-gitlab See merge request !6551
| * | | | Handle LFS token creation and retrieval in the same method, and in the same ↵lfs-ssh-authorization-fixPatricio Cano2016-09-282-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Redis connection. Reset expiry time of token, if token is retrieved again before it expires.
| * | | | Do not regenerate the `lfs_token` every time `git-lfs-authenticate` is ↵Patricio Cano2016-09-271-0/+27
| | |_|/ | |/| | | | | | | | | | called, instead return the saved token if one is present.
* | | | Added git http requests tests for user with LDAP identityHoratiu Eugen Vlad2016-09-281-324/+333
|/ / / | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Be nice to Docker Clients talking to JWT/authKamil Trzcinski2016-09-271-2/+2
| | |
* | | Add extra check for api users specDmitriy Zaporozhets2016-09-271-0/+1
| | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | | Improvements to user organization field feature after code reviewDmitriy Zaporozhets2016-09-271-0/+1
| | | | | | | | | | | | | | | | | | | | | * Add newline to user organization spec according to test guide * Remove unnecessary comments from user organization database migration Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | | Add User#organization to users apiDmitriy Zaporozhets2016-09-271-0/+7
|/ / | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | API: Return 404 when trying to fork to unaccessible namespaceRémy Coutable2016-09-221-2/+2
|/ | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Merge branch 'and-you-get-awards' into 'master' Rémy Coutable2016-09-211-1/+53
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | And Snippets get awards ## What does this MR do? Makes snippets more awesome, by making them awardables ## Why was this MR needed? Because Snippets were left behind. ## What are the relevant issue numbers? Closes #17878 See merge request !4456
| * Fix tests for Snippets toggling awardsZ.J. van de Weg2016-09-191-2/+2
| | | | | | | | Also incorporate feedback
| * API support for Award Emoji on SnippetsZ.J. van de Weg2016-09-191-5/+50
| |
| * Snippets get award emoji! :thumbsup:Z.J. van de Weg2016-09-191-0/+7
| |
* | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ceDmitriy Zaporozhets2016-09-2112-63/+587
|\ \
| * \ Merge branch 'post-merge-improve-of-ci-permissions' into 'master' Rémy Coutable2016-09-211-3/+3
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | Post-merge improve of CI permissions Improves code from !6409 See merge request !6432
| | * | Post-merge improve of CI permissionsKamil Trzcinski2016-09-201-3/+3
| | | |
| * | | Merge branch 'add_optional_author_for_commits' into 'master' Rémy Coutable2016-09-201-0/+75
| |\ \ \ | | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Add optional 'author' param when making commits This fulfills https://gitlab.com/gitlab-org/gitlab-ce/issues/20789 by adding the ability to specify a user's ID to be used as the author of a commit. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/20789 See merge request !5822
| | * | Add optional 'author' param when making commitsDan Dunckel2016-09-191-0/+75
| | |/
| * | Merge branch 'lfs-support-for-ssh-enabled' into 'master' Douwe Maan2016-09-202-0/+62
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LFS support for ssh enabled ## What does this MR do? This is follow-up after https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043 which is falsely shown as merged due to: https://gitlab.com/gitlab-org/gitlab-ce/issues/22334 ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? See merge request !6413
| | * | Revert "Revert all changes introduced by ↵lfs-supportKamil Trzcinski2016-09-192-0/+62
| | | | | | | | | | | | | | | | | | | | | | | | https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043" This reverts commit 6d43c95b7011ec7ec4600e00bdc8df76bb39813c.
| * | | Merge branch '22065-group-members-api-returning-null-user-details' into ↵Robert Speicher2016-09-201-9/+18
| |\ \ \ | | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'master' Ensure invitees are not returned in Members API ## What are the relevant issue numbers? Closes #22065 See merge request !6370
| | * | Better assertion in API members specs22065-group-members-api-returning-null-user-detailsRémy Coutable2016-09-161-1/+3
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| | * | Ensure invitees are not returned in Members APIRémy Coutable2016-09-161-9/+16
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
View Lorry Controller Status