From e8c723543cfc4c1d905a5794a2da1bef7689d784 Mon Sep 17 00:00:00 2001 From: Baldinof Date: Wed, 9 Mar 2016 15:25:48 +0100 Subject: Close merge requests when removing fork relation --- app/controllers/projects_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index aea08ecce3e..a26d11459f0 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -72,7 +72,7 @@ class ProjectsController < ApplicationController def remove_fork return access_denied! unless can?(current_user, :remove_fork_project, @project) - if @project.unlink_fork + if @project.unlink_fork(current_user) flash[:notice] = 'The fork relationship has been removed.' end end -- cgit v1.2.1 From 91880e13df19ed312bfa0a2e06743dd8a71aa1ad Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Wed, 20 Jan 2016 18:54:06 -0500 Subject: initial ajax build --- app/controllers/projects/merge_requests_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 61b82c9db46..861ae7ee2f7 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -228,7 +228,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController response = { status: status, - coverage: coverage + coverage: coverage, + ci_status: @merge_request.ci_commit.status } render json: response -- cgit v1.2.1 From 51ceb3802f07d82fe9fa606382cf2f1074e1cfb5 Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Thu, 21 Jan 2016 07:24:02 -0500 Subject: Adds JSON callback, which is currently not working. --- app/controllers/projects/merge_requests_controller.rb | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 861ae7ee2f7..259e25c91ab 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -218,6 +218,14 @@ class Projects::MergeRequestsController < Projects::ApplicationController end end + def st + @ci_commit = @merge_request.ci_commit + @statuses = @ci_commit.statuses if @ci_commit + render json: { + statuses: @statuses + } + end + def ci_status ci_service = @merge_request.source_project.ci_service status = ci_service.commit_status(merge_request.last_commit.sha, merge_request.source_branch) @@ -228,8 +236,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController response = { status: status, - coverage: coverage, - ci_status: @merge_request.ci_commit.status + coverage: coverage } render json: response -- cgit v1.2.1 From f7e2109905ba21c4ca61e0ab74da208d18b6adeb Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Mon, 25 Jan 2016 16:20:24 -0500 Subject: Adds notifications API to MR page. When a build status changes a notification will popup. Fixes #10851 --- .../projects/merge_requests_controller.rb | 28 ++++++++++------------ 1 file changed, 13 insertions(+), 15 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 259e25c91ab..987b3e1c5b6 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -218,28 +218,26 @@ class Projects::MergeRequestsController < Projects::ApplicationController end end - def st - @ci_commit = @merge_request.ci_commit - @statuses = @ci_commit.statuses if @ci_commit - render json: { - statuses: @statuses - } - end - def ci_status - ci_service = @merge_request.source_project.ci_service - status = ci_service.commit_status(merge_request.last_commit.sha, merge_request.source_branch) + ci_commit = @merge_request.ci_commit + if ci_commit + status = ci_commit.try(:status) + coverage = ci_commit.try(:coverage) + else + ci_service = @merge_request.source_project.ci_service + status = ci_service.commit_status(merge_request.last_commit.sha, merge_request.source_branch) if ci_service - if ci_service.respond_to?(:commit_coverage) - coverage = ci_service.commit_coverage(merge_request.last_commit.sha, merge_request.source_branch) + if ci_service.respond_to?(:commit_coverage) + coverage = ci_service.commit_coverage(merge_request.last_commit.sha, merge_request.source_branch) + end end response = { - status: status, - coverage: coverage + status: status || :not_found, + coverage: coverage || :not_found } - render json: response + render json: response, status: 200 end protected -- cgit v1.2.1 From 1a482bfbc21eca3c7526cc367b86174b77e0d617 Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Fri, 4 Mar 2016 17:42:32 -0500 Subject: Removes name from file Changes `:not_found` to `nil` --- app/controllers/projects/merge_requests_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 987b3e1c5b6..e57471deccc 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -233,8 +233,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController end response = { - status: status || :not_found, - coverage: coverage || :not_found + status: status || nil, + coverage: coverage || nil } render json: response, status: 200 -- cgit v1.2.1 From b0e2e2e06ed38d8a23e8f834d389baa18a7a885e Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Wed, 9 Mar 2016 16:09:47 -0500 Subject: Fix code style issues. --- app/controllers/projects/merge_requests_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index e57471deccc..e40ec38fbff 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -233,11 +233,11 @@ class Projects::MergeRequestsController < Projects::ApplicationController end response = { - status: status || nil, - coverage: coverage || nil + status: status, + coverage: coverage } - render json: response, status: 200 + render json: response end protected -- cgit v1.2.1 From fcba25515321f57e36b9a8f2156d6b72eafb4c14 Mon Sep 17 00:00:00 2001 From: Phil Hughes Date: Wed, 16 Mar 2016 14:31:35 +0000 Subject: Commit SHA comes from JSON Removed page refresh - instead clicking takes to the builds tab --- app/controllers/projects/merge_requests_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index e40ec38fbff..2cc94596d2b 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -221,7 +221,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController def ci_status ci_commit = @merge_request.ci_commit if ci_commit - status = ci_commit.try(:status) + status = ci_commit.status coverage = ci_commit.try(:coverage) else ci_service = @merge_request.source_project.ci_service @@ -233,6 +233,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController end response = { + sha: merge_request.last_commit.sha, status: status, coverage: coverage } -- cgit v1.2.1 From 33aeaf6a9c926d269f090f3e4a9c048661b8078e Mon Sep 17 00:00:00 2001 From: Phil Hughes Date: Wed, 16 Mar 2016 14:52:56 +0000 Subject: Merge request title is in the notification Short commit instead of long commit sha --- app/controllers/projects/merge_requests_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 2cc94596d2b..728d743045f 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -233,7 +233,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController end response = { - sha: merge_request.last_commit.sha, + title: merge_request.title, + sha: merge_request.last_commit_short_sha, status: status, coverage: coverage } -- cgit v1.2.1 From fa4126acffdfe13741e05a60ad5ed7fd407b4f16 Mon Sep 17 00:00:00 2001 From: Baldinof Date: Tue, 22 Mar 2016 15:34:35 +0100 Subject: Move unlink fork logic to a service --- app/controllers/projects_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 94789702d65..87657e4e3d2 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -71,7 +71,7 @@ class ProjectsController < ApplicationController def remove_fork return access_denied! unless can?(current_user, :remove_fork_project, @project) - if @project.unlink_fork(current_user) + if ::Projects::UnlinkForkService.new(@project, current_user).execute flash[:notice] = 'The fork relationship has been removed.' end end -- cgit v1.2.1 From 4cd1b9f4d82efe3ffe810dabf6929a749c36c1bf Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Wed, 23 Mar 2016 11:24:18 +0100 Subject: Refactor builds badge, encapsulate inside a class --- app/controllers/projects/badges_controller.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index 6ff47c4033a..6d4d4360988 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -2,11 +2,12 @@ class Projects::BadgesController < Projects::ApplicationController before_action :no_cache_headers def build + badge = Gitlab::Badge::Build.new(project, params[:ref]) + respond_to do |format| format.html { render_404 } format.svg do - image = Ci::ImageForBuildService.new.execute(project, ref: params[:ref]) - send_file(image.path, filename: image.name, disposition: 'inline', type: 'image/svg+xml') + send_data(badge.data, type: badge.type, disposition: 'inline') end end end -- cgit v1.2.1 From a9b2a2744c93c848977a61ced56d66197027c0eb Mon Sep 17 00:00:00 2001 From: Gabriel Mazetto Date: Tue, 29 Mar 2016 19:19:34 -0300 Subject: Use `diff_base_commit` instead of `target_branch` to generate diffs --- app/controllers/projects/merge_requests_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 6189de09f27..785dcecc9be 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -57,8 +57,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController respond_to do |format| format.html format.json { render json: @merge_request } - format.diff { render text: @merge_request.to_diff(current_user) } - format.patch { render text: @merge_request.to_patch(current_user) } + format.diff { render text: @merge_request.to_diff } + format.patch { render text: @merge_request.to_patch } end end -- cgit v1.2.1 From 750cd5c0e0a7c8d911f44caa9bf6950b0018dee5 Mon Sep 17 00:00:00 2001 From: Jacob Schatz Date: Sat, 26 Mar 2016 12:15:42 -0400 Subject: Add json response for user avatar in merge request --- app/controllers/projects/merge_requests_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 6189de09f27..0b0ad984eb4 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -154,7 +154,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController @merge_request.target_project, @merge_request]) end format.json do - render json: @merge_request.to_json(include: [:milestone, :labels, :assignee]) + render json: @merge_request.to_json(include: [:milestone, :labels, assignee: { methods: :avatar_url }]) end end else -- cgit v1.2.1 From 5830d80b8d2b87daa9123dc248ae00e2ed90069c Mon Sep 17 00:00:00 2001 From: Yorick Peterse Date: Wed, 30 Mar 2016 19:29:17 +0200 Subject: Pre-calculate Emoji digests By pre-calculating the digests we can manually construct the emoji URLs, removing the need for using Rails' asset URL helpers. The reason we don't want to use these helpers for Emojis is two-fold: 1. Rails' image_url() method is slow, really slow. For one it _might_ have to calculate digests but it also performs a lot of other intensive operations (judging by the source code and based on measuring timings). 2. We have a lot of Emoji which coupled with the above can result in it taking minutes to load Emoji autocomplete data. Using this pre-calculation setup generating the digests takes around 7 seconds (including the time it takes to start Rails/Rake), and only around 600 milliseconds to load _all_ the autocomplete data of a project (measured locally). This commit _does_ change the Emoji URLs from absolute to relative URLs as these are much easier to generate. To update the Emoji data simply run: rake gemojione:digests Then commit any changes. Fixes gitlab-org/gitlab-ce#14009 --- app/controllers/projects_controller.rb | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 928817ba811..62f53664db3 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -138,7 +138,7 @@ class ProjectsController < Projects::ApplicationController participants = ::Projects::ParticipantsService.new(@project, current_user).execute(note_type, note_id) @suggestions = { - emojis: autocomplete_emojis, + emojis: AwardEmoji.urls, issues: autocomplete.issues, mergerequests: autocomplete.merge_requests, members: participants @@ -235,17 +235,6 @@ class ProjectsController < Projects::ApplicationController ) end - def autocomplete_emojis - Rails.cache.fetch("autocomplete-emoji-#{Gemojione::VERSION}") do - Emoji.emojis.map do |name, emoji| - { - name: name, - path: view_context.image_url("#{emoji["unicode"]}.png") - } - end - end - end - def repo_exists? project.repository_exists? && !project.empty_repo? end -- cgit v1.2.1 From b69f8a62b2078fbd43413c670dea76871b74d0d5 Mon Sep 17 00:00:00 2001 From: Gabriel Mazetto Date: Wed, 30 Mar 2016 15:04:58 -0300 Subject: Add specific markdown_preview route for Wikis --- app/controllers/projects/wikis_controller.rb | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb index 02ceb8f4334..9f3a4a69721 100644 --- a/app/controllers/projects/wikis_controller.rb +++ b/app/controllers/projects/wikis_controller.rb @@ -88,6 +88,20 @@ class Projects::WikisController < Projects::ApplicationController ) end + def markdown_preview + text = params[:text] + + ext = Gitlab::ReferenceExtractor.new(@project, current_user, current_user) + ext.analyze(text) + + render json: { + body: view_context.markdown(text, pipeline: :wiki, project_wiki: @project_wiki), + references: { + users: ext.users.map(&:username) + } + } + end + def git_access end -- cgit v1.2.1 From 85cc1729596ac1e5b31d8cfa1daa07477db6033d Mon Sep 17 00:00:00 2001 From: connorshea Date: Thu, 31 Mar 2016 16:40:39 -0600 Subject: Remove "Congratulations!" tweet button on newly-created project. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I’ve removed everything related to the feature based on this commit: ce08f919f34fd8849834365 Resolves #10857. --- app/controllers/admin/application_settings_controller.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index ed9f6031389..f010436bd36 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -52,7 +52,6 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController :require_two_factor_authentication, :two_factor_grace_period, :gravatar_enabled, - :twitter_sharing_enabled, :sign_in_text, :help_page_text, :home_page_url, -- cgit v1.2.1 From e99855bfe4b4741d33d5575fdf1f0bc2edd85844 Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Mon, 4 Apr 2016 19:10:59 -0500 Subject: Avoid saving again if the user attributes haven't changed --- app/controllers/omniauth_callbacks_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 21135f7d607..d28e96c3f18 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -55,7 +55,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end else saml_user = Gitlab::Saml::User.new(oauth) - saml_user.save + saml_user.save if saml_user.changed? @user = saml_user.gl_user continue_login_process -- cgit v1.2.1 From b248ee93814e8521fa0c73c82ec9ed113698b945 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Tue, 5 Apr 2016 13:29:48 +0200 Subject: Check permissions when importing project members Closes #14899 --- app/controllers/projects/project_members_controller.rb | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index e7bddc4a6f1..cd984f03c6b 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -95,8 +95,13 @@ class Projects::ProjectMembersController < Projects::ApplicationController def apply_import giver = Project.find(params[:source_project_id]) - status = @project.team.import(giver, current_user) - notice = status ? "Successfully imported" : "Import failed" + + if current_user.can?(:read_project_member, giver) + status = @project.team.import(giver, current_user) + notice = status ? "Successfully imported" : "Import failed" + else + notice = 'You are not authorized to import members from this project' + end redirect_to(namespace_project_project_members_path(project.namespace, project), notice: notice) -- cgit v1.2.1 From c52b5c92fbd31dc6f76087c43a94243d382d3172 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Tue, 5 Apr 2016 13:55:15 +0200 Subject: Do not leak project exists when importing members When importing members, and user does not have permissions to read members in a source project, do not leak information about source project existence. Notifiy user that project has not been found instead. --- app/controllers/projects/project_members_controller.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index cd984f03c6b..fd56dfd1260 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -94,13 +94,13 @@ class Projects::ProjectMembersController < Projects::ApplicationController end def apply_import - giver = Project.find(params[:source_project_id]) + source_project = Project.find(params[:source_project_id]) - if current_user.can?(:read_project_member, giver) - status = @project.team.import(giver, current_user) + if can?(current_user, :read_project_member, source_project) + status = @project.team.import(source_project, current_user) notice = status ? "Successfully imported" : "Import failed" else - notice = 'You are not authorized to import members from this project' + notice = 'Import failed - source project not found!' end redirect_to(namespace_project_project_members_path(project.namespace, project), -- cgit v1.2.1 From bb9c194c23b8b3ffef30c7fdbe244d4fefc93883 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Tue, 5 Apr 2016 14:37:06 +0200 Subject: Respond 404 when unauthorized user imports members --- app/controllers/projects/project_members_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index fd56dfd1260..e457db2f0b7 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -100,7 +100,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController status = @project.team.import(source_project, current_user) notice = status ? "Successfully imported" : "Import failed" else - notice = 'Import failed - source project not found!' + return render_404 end redirect_to(namespace_project_project_members_path(project.namespace, project), -- cgit v1.2.1 From 1ba9a91c6d3b98e1825e173fe281ba065d35890c Mon Sep 17 00:00:00 2001 From: Felipe Artur Date: Thu, 31 Mar 2016 16:11:49 -0300 Subject: Fix problem when creating milestones in groups without projects --- app/controllers/groups/milestones_controller.rb | 28 ++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index b23c3022fb5..2c05d9e0fe1 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -18,14 +18,14 @@ class Groups::MilestonesController < Groups::ApplicationController end def create - project_ids = params[:milestone][:project_ids] + project_ids = params[:milestone][:project_ids].reject(&:blank?) title = milestone_params[:title] - @projects.where(id: project_ids).each do |project| - Milestones::CreateService.new(project, current_user, milestone_params).execute + if project_ids.present? + create_milestones(project_ids, title) + else + render_new_with_error("Select a project(s).") end - - redirect_to milestone_path(title) end def show @@ -41,6 +41,24 @@ class Groups::MilestonesController < Groups::ApplicationController private + def create_milestones(project_ids, title) + begin + @projects.where(id: project_ids).each do |project| + ActiveRecord::Base.transaction { Milestones::CreateService.new(project, current_user, milestone_params).execute } + end + + redirect_to milestone_path(title) + rescue => e + render_new_with_error("Error creating milestones: #{e.message}") + end + end + + def render_new_with_error(error) + @milestone = Milestone.new(milestone_params) + flash[:alert] = error + render :new + end + def authorize_admin_milestones! return render_404 unless can?(current_user, :admin_milestones, group) end -- cgit v1.2.1 From 5d428030451b1fa2bac89f798c40d2f91ac65bac Mon Sep 17 00:00:00 2001 From: Felipe Artur Date: Fri, 1 Apr 2016 15:50:17 -0300 Subject: Improve code --- app/controllers/groups/milestones_controller.rb | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index 2c05d9e0fe1..21fc329f233 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -21,10 +21,10 @@ class Groups::MilestonesController < Groups::ApplicationController project_ids = params[:milestone][:project_ids].reject(&:blank?) title = milestone_params[:title] - if project_ids.present? - create_milestones(project_ids, title) + if create_milestones(project_ids, title) + redirect_to milestone_path(title) else - render_new_with_error("Select a project(s).") + render_new_with_error(@error) end end @@ -42,14 +42,22 @@ class Groups::MilestonesController < Groups::ApplicationController private def create_milestones(project_ids, title) + unless project_ids.present? + @error = "Please select at least one project." + return false + end + begin - @projects.where(id: project_ids).each do |project| - ActiveRecord::Base.transaction { Milestones::CreateService.new(project, current_user, milestone_params).execute } + ActiveRecord::Base.transaction do + @projects.where(id: project_ids).each do |project| + Milestones::CreateService.new(project, current_user, milestone_params).execute + end end - redirect_to milestone_path(title) + true rescue => e - render_new_with_error("Error creating milestones: #{e.message}") + @error = "Error creating milestone: #{e.message}." + false end end -- cgit v1.2.1 From 32c7e42b612bdda43eeef55d8c8afdc9eeb33785 Mon Sep 17 00:00:00 2001 From: Felipe Artur Date: Mon, 4 Apr 2016 17:04:35 -0300 Subject: Improve code --- app/controllers/groups/milestones_controller.rb | 29 +++++++++++-------------- 1 file changed, 13 insertions(+), 16 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index 21fc329f233..fcf19e8066a 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -24,7 +24,7 @@ class Groups::MilestonesController < Groups::ApplicationController if create_milestones(project_ids, title) redirect_to milestone_path(title) else - render_new_with_error(@error) + render_new_with_error(project_ids.empty?) end end @@ -42,28 +42,25 @@ class Groups::MilestonesController < Groups::ApplicationController private def create_milestones(project_ids, title) - unless project_ids.present? - @error = "Please select at least one project." - return false - end + return false unless project_ids.present? - begin - ActiveRecord::Base.transaction do - @projects.where(id: project_ids).each do |project| - Milestones::CreateService.new(project, current_user, milestone_params).execute - end + ActiveRecord::Base.transaction do + @projects.where(id: project_ids).each do |project| + Milestones::CreateService.new(project, current_user, milestone_params).execute end + end + + true - true rescue => e - @error = "Error creating milestone: #{e.message}." - false - end + + flash.now[:alert] = "An error occurred while creating the milestone: #{e.message}" + false end - def render_new_with_error(error) + def render_new_with_error(empty_project_ids) @milestone = Milestone.new(milestone_params) - flash[:alert] = error + @milestone.errors.add(:project_id, "Please select at least one project.") if empty_project_ids render :new end -- cgit v1.2.1 From 934f1e9097485bbaebbe2759e995c77bb4391c5d Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 4 Apr 2016 14:59:54 -0700 Subject: Fix Error 500 after renaming a project path Closes #14885 --- app/controllers/projects_controller.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 8c3a74c8236..3cc37e59855 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -40,6 +40,9 @@ class ProjectsController < Projects::ApplicationController def update status = ::Projects::UpdateService.new(@project, current_user, project_params).execute + # Refresh the repo in case anything changed + @repository = project.repository + respond_to do |format| if status flash[:notice] = "Project '#{@project.name}' was successfully updated." -- cgit v1.2.1 From 222e1dc59cd559f893a4565040dede300645248b Mon Sep 17 00:00:00 2001 From: PotHix Date: Wed, 6 Apr 2016 12:05:50 -0300 Subject: Fixes #14638. The SQL query was ambiguous and in this case we want to filter projects. --- app/controllers/admin/projects_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/admin/projects_controller.rb b/app/controllers/admin/projects_controller.rb index 4089091d569..c6b3105544a 100644 --- a/app/controllers/admin/projects_controller.rb +++ b/app/controllers/admin/projects_controller.rb @@ -5,7 +5,7 @@ class Admin::ProjectsController < Admin::ApplicationController def index @projects = Project.all @projects = @projects.in_namespace(params[:namespace_id]) if params[:namespace_id].present? - @projects = @projects.where("visibility_level IN (?)", params[:visibility_levels]) if params[:visibility_levels].present? + @projects = @projects.where("projects.visibility_level IN (?)", params[:visibility_levels]) if params[:visibility_levels].present? @projects = @projects.with_push if params[:with_push].present? @projects = @projects.abandoned if params[:abandoned].present? @projects = @projects.non_archived unless params[:with_archived].present? -- cgit v1.2.1 From 88fc7ccddaab18435bdc85021d06d9aa21d28a68 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Tue, 22 Mar 2016 10:21:45 +0100 Subject: Add project badges view prototype --- app/controllers/projects/badges_controller.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index 6d4d4360988..01db85c4a8a 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -1,5 +1,8 @@ class Projects::BadgesController < Projects::ApplicationController - before_action :no_cache_headers + before_action :no_cache_headers, except: [:index] + + def index + end def build badge = Gitlab::Badge::Build.new(project, params[:ref]) -- cgit v1.2.1 From b7fa7c4d59b2fbdc49db81aa2d6a2531c931a2fe Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Fri, 1 Apr 2016 13:03:14 +0200 Subject: Extend build status badge, add html/markdown methods --- app/controllers/projects/badges_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index 01db85c4a8a..b96555a153a 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -2,6 +2,8 @@ class Projects::BadgesController < Projects::ApplicationController before_action :no_cache_headers, except: [:index] def index + @ref = params[:ref] || 'master' + @badge = Gitlab::Badge::Build.new(@project, @ref) end def build -- cgit v1.2.1 From 97a2de9e03f9ad947642ded3b4f4e7761fcaa9c3 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Mon, 4 Apr 2016 10:40:40 +0200 Subject: Make it possible to switch ref in badges view --- app/controllers/projects/refs_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb index 00df1c9c965..d79f16e6a5a 100644 --- a/app/controllers/projects/refs_controller.rb +++ b/app/controllers/projects/refs_controller.rb @@ -24,6 +24,8 @@ class Projects::RefsController < Projects::ApplicationController namespace_project_find_file_path(@project.namespace, @project, @id) when "graphs_commits" commits_namespace_project_graph_path(@project.namespace, @project, @id) + when "badges" + namespace_project_badges_path(@project.namespace, @project, ref: @id) else namespace_project_commits_path(@project.namespace, @project, @id) end -- cgit v1.2.1 From a3a93ba4b08176b8d63ed5f6ca95dfa78e7dda0b Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Mon, 4 Apr 2016 12:32:50 +0200 Subject: Expose project badges in project settings menu --- app/controllers/projects/badges_controller.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index b96555a153a..6e442d66adc 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -1,4 +1,6 @@ class Projects::BadgesController < Projects::ApplicationController + layout 'project_settings' + before_action :authorize_admin_project!, only: [:index] before_action :no_cache_headers, except: [:index] def index -- cgit v1.2.1 From 5f32b82a80d517421889cfc89452f8d94fa09ea5 Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Wed, 6 Apr 2016 10:10:29 +0200 Subject: Change name of badge variable in badges controller --- app/controllers/projects/badges_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index 6e442d66adc..9dff74c823b 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -5,7 +5,7 @@ class Projects::BadgesController < Projects::ApplicationController def index @ref = params[:ref] || 'master' - @badge = Gitlab::Badge::Build.new(@project, @ref) + @build_badge = Gitlab::Badge::Build.new(@project, @ref) end def build -- cgit v1.2.1 From 7689e87854980f72f41dcf6924693fb046e1919b Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Wed, 6 Apr 2016 19:55:37 +0200 Subject: Use default branch when displaying list of badges --- app/controllers/projects/badges_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb index 9dff74c823b..824aa41db51 100644 --- a/app/controllers/projects/badges_controller.rb +++ b/app/controllers/projects/badges_controller.rb @@ -4,7 +4,7 @@ class Projects::BadgesController < Projects::ApplicationController before_action :no_cache_headers, except: [:index] def index - @ref = params[:ref] || 'master' + @ref = params[:ref] || @project.default_branch || 'master' @build_badge = Gitlab::Badge::Build.new(@project, @ref) end -- cgit v1.2.1 From 924e4b370013ae3a8448a2a68e6a4d353b23b699 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Wed, 6 Apr 2016 21:10:24 -0700 Subject: Return status code 303 after a branch DELETE operation to avoid project deletion Closes #14994 --- app/controllers/projects/application_controller.rb | 4 +++- app/controllers/projects/branches_controller.rb | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb index 657ee94cfd7..74150ad606b 100644 --- a/app/controllers/projects/application_controller.rb +++ b/app/controllers/projects/application_controller.rb @@ -68,7 +68,9 @@ class Projects::ApplicationController < ApplicationController end def require_non_empty_project - redirect_to namespace_project_path(@project.namespace, @project) if @project.empty_repo? + # Be sure to return status code 303 to avoid a double DELETE: + # http://api.rubyonrails.org/classes/ActionController/Redirecting.html + redirect_to namespace_project_path(@project.namespace, @project), status: 303 if @project.empty_repo? end def require_branch_head diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb index c0a53734921..d09e7375b67 100644 --- a/app/controllers/projects/branches_controller.rb +++ b/app/controllers/projects/branches_controller.rb @@ -48,7 +48,7 @@ class Projects::BranchesController < Projects::ApplicationController respond_to do |format| format.html do redirect_to namespace_project_branches_path(@project.namespace, - @project) + @project), status: 303 end format.js { render status: status[:return_code] } end -- cgit v1.2.1 From 00da609cfd8bf1105fe433dfc92ab263d6205eaf Mon Sep 17 00:00:00 2001 From: Grzegorz Bizon Date: Thu, 7 Apr 2016 11:19:29 +0200 Subject: Fix 2FA authentication spoofing vulnerability This commit attempts to change default user search scope if otp_user_id session variable has been set. If it is present, it means that user has 2FA enabled, and has already been verified with login and password. In this case we should look for user with otp_user_id first, before picking it up by login. --- app/controllers/sessions_controller.rb | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 65677a3dd3c..c29f4609e93 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -5,7 +5,8 @@ class SessionsController < Devise::SessionsController skip_before_action :check_2fa_requirement, only: [:destroy] prepend_before_action :check_initial_setup, only: [:new] - prepend_before_action :authenticate_with_two_factor, only: [:create] + prepend_before_action :authenticate_with_two_factor, + if: :two_factor_enabled?, only: [:create] prepend_before_action :store_redirect_path, only: [:new] before_action :auto_sign_in_with_provider, only: [:new] @@ -56,10 +57,10 @@ class SessionsController < Devise::SessionsController end def find_user - if user_params[:login] - User.by_login(user_params[:login]) - elsif user_params[:otp_attempt] && session[:otp_user_id] + if session[:otp_user_id] User.find(session[:otp_user_id]) + elsif user_params[:login] + User.by_login(user_params[:login]) end end @@ -83,11 +84,13 @@ class SessionsController < Devise::SessionsController end end + def two_factor_enabled? + find_user.try(:two_factor_enabled?) + end + def authenticate_with_two_factor user = self.resource = find_user - return unless user && user.two_factor_enabled? - if user_params[:otp_attempt].present? && session[:otp_user_id] if valid_otp_attempt?(user) # Remove any lingering user data from login -- cgit v1.2.1 From 0bef4b97647893df8cf0a781f768b1775ae2bb58 Mon Sep 17 00:00:00 2001 From: Felipe Artur Date: Tue, 5 Apr 2016 11:51:19 -0300 Subject: Implement review suggestions --- app/controllers/groups/milestones_controller.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index fcf19e8066a..9d5a28e8d4d 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -21,7 +21,7 @@ class Groups::MilestonesController < Groups::ApplicationController project_ids = params[:milestone][:project_ids].reject(&:blank?) title = milestone_params[:title] - if create_milestones(project_ids, title) + if create_milestones(project_ids) redirect_to milestone_path(title) else render_new_with_error(project_ids.empty?) @@ -41,7 +41,7 @@ class Groups::MilestonesController < Groups::ApplicationController private - def create_milestones(project_ids, title) + def create_milestones(project_ids) return false unless project_ids.present? ActiveRecord::Base.transaction do @@ -51,9 +51,7 @@ class Groups::MilestonesController < Groups::ApplicationController end true - - rescue => e - + rescue ActiveRecord::ActiveRecordError => e flash.now[:alert] = "An error occurred while creating the milestone: #{e.message}" false end -- cgit v1.2.1