Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers/admin
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-10-21 10:08:36 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2020-10-21 10:08:36 +0300
commit48aff82709769b098321c738f3444b9bdaa694c6 (patch)
treee00c7c43e2d9b603a5a6af576b1685e400410dee /app/controllers/admin
parent879f5329ee916a948223f8f43d77fba4da6cd028 (diff)
Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42
Diffstat (limited to 'app/controllers/admin')
-rw-r--r--app/controllers/admin/abuse_reports_controller.rb2
-rw-r--r--app/controllers/admin/appearances_controller.rb2
-rw-r--r--app/controllers/admin/application_settings_controller.rb21
-rw-r--r--app/controllers/admin/applications_controller.rb2
-rw-r--r--app/controllers/admin/background_jobs_controller.rb1
-rw-r--r--app/controllers/admin/broadcast_messages_controller.rb2
-rw-r--r--app/controllers/admin/ci/variables_controller.rb2
-rw-r--r--app/controllers/admin/cohorts_controller.rb2
-rw-r--r--app/controllers/admin/concerns/authenticates_2fa_for_admin_mode.rb110
-rw-r--r--app/controllers/admin/dashboard_controller.rb2
-rw-r--r--app/controllers/admin/deploy_keys_controller.rb2
-rw-r--r--app/controllers/admin/dev_ops_report_controller.rb2
-rw-r--r--app/controllers/admin/gitaly_servers_controller.rb2
-rw-r--r--app/controllers/admin/groups_controller.rb2
-rw-r--r--app/controllers/admin/health_check_controller.rb2
-rw-r--r--app/controllers/admin/hook_logs_controller.rb2
-rw-r--r--app/controllers/admin/hooks_controller.rb4
-rw-r--r--app/controllers/admin/identities_controller.rb2
-rw-r--r--app/controllers/admin/impersonation_tokens_controller.rb2
-rw-r--r--app/controllers/admin/impersonations_controller.rb2
-rw-r--r--app/controllers/admin/instance_review_controller.rb39
-rw-r--r--app/controllers/admin/instance_statistics_controller.rb2
-rw-r--r--app/controllers/admin/integrations_controller.rb5
-rw-r--r--app/controllers/admin/jobs_controller.rb2
-rw-r--r--app/controllers/admin/keys_controller.rb2
-rw-r--r--app/controllers/admin/labels_controller.rb2
-rw-r--r--app/controllers/admin/plan_limits_controller.rb2
-rw-r--r--app/controllers/admin/projects_controller.rb3
-rw-r--r--app/controllers/admin/requests_profiles_controller.rb2
-rw-r--r--app/controllers/admin/runner_projects_controller.rb2
-rw-r--r--app/controllers/admin/runners_controller.rb10
-rw-r--r--app/controllers/admin/serverless/domains_controller.rb2
-rw-r--r--app/controllers/admin/services_controller.rb2
-rw-r--r--app/controllers/admin/sessions_controller.rb9
-rw-r--r--app/controllers/admin/spam_logs_controller.rb2
-rw-r--r--app/controllers/admin/system_info_controller.rb2
-rw-r--r--app/controllers/admin/users_controller.rb23
37 files changed, 162 insertions, 117 deletions
diff --git a/app/controllers/admin/abuse_reports_controller.rb b/app/controllers/admin/abuse_reports_controller.rb
index 31d825c235b..6f80ed3c172 100644
--- a/app/controllers/admin/abuse_reports_controller.rb
+++ b/app/controllers/admin/abuse_reports_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::AbuseReportsController < Admin::ApplicationController
+ feature_category :users
+
def index
@abuse_reports = AbuseReportsFinder.new(params).execute
end
diff --git a/app/controllers/admin/appearances_controller.rb b/app/controllers/admin/appearances_controller.rb
index 8405f2a5cf8..c2614a158b7 100644
--- a/app/controllers/admin/appearances_controller.rb
+++ b/app/controllers/admin/appearances_controller.rb
@@ -3,6 +3,8 @@
class Admin::AppearancesController < Admin::ApplicationController
before_action :set_appearance, except: :create
+ feature_category :navigation
+
def show
end
diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index 73f71f7ad55..786ba73a96f 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -2,6 +2,7 @@
class Admin::ApplicationSettingsController < Admin::ApplicationController
include InternalRedirect
+ include ServicesHelper
# NOTE: Use @application_setting in this controller when you need to access
# application_settings after it has been modified. This is because the
@@ -16,6 +17,24 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
push_frontend_feature_flag(:ci_instance_variables_ui, default_enabled: true)
end
+ feature_category :not_owned, [
+ :general, :reporting, :metrics_and_profiling, :network,
+ :preferences, :update, :reset_health_check_token
+ ]
+
+ feature_category :metrics, [
+ :create_self_monitoring_project,
+ :status_create_self_monitoring_project,
+ :delete_self_monitoring_project,
+ :status_delete_self_monitoring_project
+ ]
+
+ feature_category :source_code_management, [:repository, :clear_repository_check_states]
+ feature_category :continuous_integration, [:ci_cd, :reset_registration_token]
+ feature_category :collection, [:usage_data]
+ feature_category :integrations, [:integrations]
+ feature_category :pages, [:lets_encrypt_terms_of_service]
+
VALID_SETTING_PANELS = %w(general repository
ci_cd reporting metrics_and_profiling
network preferences).freeze
@@ -32,6 +51,8 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
end
def integrations
+ return not_found unless instance_level_integrations?
+
@integrations = Service.find_or_initialize_all(Service.for_instance).sort_by(&:title)
end
diff --git a/app/controllers/admin/applications_controller.rb b/app/controllers/admin/applications_controller.rb
index c017ecee054..449aa90b0e6 100644
--- a/app/controllers/admin/applications_controller.rb
+++ b/app/controllers/admin/applications_controller.rb
@@ -6,6 +6,8 @@ class Admin::ApplicationsController < Admin::ApplicationController
before_action :set_application, only: [:show, :edit, :update, :destroy]
before_action :load_scopes, only: [:new, :create, :edit, :update]
+ feature_category :authentication_and_authorization
+
def index
applications = ApplicationsFinder.new.execute
@applications = Kaminari.paginate_array(applications).page(params[:page])
diff --git a/app/controllers/admin/background_jobs_controller.rb b/app/controllers/admin/background_jobs_controller.rb
index fc877142418..d4b906d5e33 100644
--- a/app/controllers/admin/background_jobs_controller.rb
+++ b/app/controllers/admin/background_jobs_controller.rb
@@ -1,4 +1,5 @@
# frozen_string_literal: true
class Admin::BackgroundJobsController < Admin::ApplicationController
+ feature_category :not_owned
end
diff --git a/app/controllers/admin/broadcast_messages_controller.rb b/app/controllers/admin/broadcast_messages_controller.rb
index 3233c765941..4660b0bfbb0 100644
--- a/app/controllers/admin/broadcast_messages_controller.rb
+++ b/app/controllers/admin/broadcast_messages_controller.rb
@@ -5,6 +5,8 @@ class Admin::BroadcastMessagesController < Admin::ApplicationController
before_action :finder, only: [:edit, :update, :destroy]
+ feature_category :navigation
+
# rubocop: disable CodeReuse/ActiveRecord
def index
@broadcast_messages = BroadcastMessage.order(ends_at: :desc).page(params[:page])
diff --git a/app/controllers/admin/ci/variables_controller.rb b/app/controllers/admin/ci/variables_controller.rb
index ca9b393550d..f30ee37fa58 100644
--- a/app/controllers/admin/ci/variables_controller.rb
+++ b/app/controllers/admin/ci/variables_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::Ci::VariablesController < Admin::ApplicationController
+ feature_category :continuous_integration
+
def show
respond_to do |format|
format.json { render_instance_variables }
diff --git a/app/controllers/admin/cohorts_controller.rb b/app/controllers/admin/cohorts_controller.rb
index e3df98b7917..d5cd9c55422 100644
--- a/app/controllers/admin/cohorts_controller.rb
+++ b/app/controllers/admin/cohorts_controller.rb
@@ -5,6 +5,8 @@ class Admin::CohortsController < Admin::ApplicationController
track_unique_visits :index, target_id: 'i_analytics_cohorts'
+ feature_category :instance_statistics
+
def index
if Gitlab::CurrentSettings.usage_ping_enabled
cohorts_results = Rails.cache.fetch('cohorts', expires_in: 1.day) do
diff --git a/app/controllers/admin/concerns/authenticates_2fa_for_admin_mode.rb b/app/controllers/admin/concerns/authenticates_2fa_for_admin_mode.rb
deleted file mode 100644
index 03783cd75a3..00000000000
--- a/app/controllers/admin/concerns/authenticates_2fa_for_admin_mode.rb
+++ /dev/null
@@ -1,110 +0,0 @@
-# frozen_string_literal: true
-
-module Authenticates2FAForAdminMode
- extend ActiveSupport::Concern
-
- included do
- include AuthenticatesWithTwoFactor
- end
-
- def admin_mode_prompt_for_two_factor(user)
- return handle_locked_user(user) unless user.can?(:log_in)
-
- session[:otp_user_id] = user.id
- push_frontend_feature_flag(:webauthn)
-
- if user.two_factor_webauthn_enabled?
- setup_webauthn_authentication(user)
- else
- setup_u2f_authentication(user)
- end
-
- render 'admin/sessions/two_factor', layout: 'application'
- end
-
- def admin_mode_authenticate_with_two_factor
- user = current_user
-
- return handle_locked_user(user) unless user.can?(:log_in)
-
- if user_params[:otp_attempt].present? && session[:otp_user_id]
- admin_mode_authenticate_with_two_factor_via_otp(user)
- elsif user_params[:device_response].present? && session[:otp_user_id]
- if user.two_factor_webauthn_enabled?
- admin_mode_authenticate_with_two_factor_via_webauthn(user)
- else
- admin_mode_authenticate_with_two_factor_via_u2f(user)
- end
- elsif user && user.valid_password?(user_params[:password])
- admin_mode_prompt_for_two_factor(user)
- else
- invalid_login_redirect
- end
- end
-
- def admin_mode_authenticate_with_two_factor_via_otp(user)
- if valid_otp_attempt?(user)
- # Remove any lingering user data from login
- session.delete(:otp_user_id)
-
- user.save! unless Gitlab::Database.read_only?
-
- # The admin user has successfully passed 2fa, enable admin mode ignoring password
- enable_admin_mode
- else
- user.increment_failed_attempts!
- Gitlab::AppLogger.info("Failed Admin Mode Login: user=#{user.username} ip=#{request.remote_ip} method=OTP")
- flash.now[:alert] = _('Invalid two-factor code.')
-
- admin_mode_prompt_for_two_factor(user)
- end
- end
-
- def admin_mode_authenticate_with_two_factor_via_u2f(user)
- if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenge])
- admin_handle_two_factor_success
- else
- admin_handle_two_factor_failure(user, 'U2F')
- end
- end
-
- def admin_mode_authenticate_with_two_factor_via_webauthn(user)
- if Webauthn::AuthenticateService.new(user, user_params[:device_response], session[:challenge]).execute
- admin_handle_two_factor_success
- else
- admin_handle_two_factor_failure(user, 'WebAuthn')
- end
- end
-
- private
-
- def enable_admin_mode
- if current_user_mode.enable_admin_mode!(skip_password_validation: true)
- redirect_to redirect_path, notice: _('Admin mode enabled')
- else
- invalid_login_redirect
- end
- end
-
- def invalid_login_redirect
- flash.now[:alert] = _('Invalid login or password')
- render :new
- end
-
- def admin_handle_two_factor_success
- # Remove any lingering user data from login
- session.delete(:otp_user_id)
- session.delete(:challenge)
-
- # The admin user has successfully passed 2fa, enable admin mode ignoring password
- enable_admin_mode
- end
-
- def admin_handle_two_factor_failure(user, method)
- user.increment_failed_attempts!
- Gitlab::AppLogger.info("Failed Admin Mode Login: user=#{user.username} ip=#{request.remote_ip} method=#{method}")
- flash.now[:alert] = _('Authentication via %{method} device failed.') % { method: method }
-
- admin_mode_prompt_for_two_factor(user)
- end
-end
diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb
index b7b535e70df..7d981d67840 100644
--- a/app/controllers/admin/dashboard_controller.rb
+++ b/app/controllers/admin/dashboard_controller.rb
@@ -6,6 +6,8 @@ class Admin::DashboardController < Admin::ApplicationController
COUNTED_ITEMS = [Project, User, Group].freeze
+ feature_category :not_owned
+
# rubocop: disable CodeReuse/ActiveRecord
def index
@counts = Gitlab::Database::Count.approximate_counts(COUNTED_ITEMS)
diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb
index 180f7d4c803..ed63e65d4df 100644
--- a/app/controllers/admin/deploy_keys_controller.rb
+++ b/app/controllers/admin/deploy_keys_controller.rb
@@ -4,6 +4,8 @@ class Admin::DeployKeysController < Admin::ApplicationController
before_action :deploy_keys, only: [:index]
before_action :deploy_key, only: [:destroy, :edit, :update]
+ feature_category :continuous_delivery
+
def index
end
diff --git a/app/controllers/admin/dev_ops_report_controller.rb b/app/controllers/admin/dev_ops_report_controller.rb
index bed0d51c331..59b2200fb59 100644
--- a/app/controllers/admin/dev_ops_report_controller.rb
+++ b/app/controllers/admin/dev_ops_report_controller.rb
@@ -5,6 +5,8 @@ class Admin::DevOpsReportController < Admin::ApplicationController
track_unique_visits :show, target_id: 'i_analytics_dev_ops_score'
+ feature_category :devops_reports
+
# rubocop: disable CodeReuse/ActiveRecord
def show
@metric = DevOpsReport::Metric.order(:created_at).last&.present
diff --git a/app/controllers/admin/gitaly_servers_controller.rb b/app/controllers/admin/gitaly_servers_controller.rb
index 0a5566bfe70..827791c8a4a 100644
--- a/app/controllers/admin/gitaly_servers_controller.rb
+++ b/app/controllers/admin/gitaly_servers_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::GitalyServersController < Admin::ApplicationController
+ feature_category :gitaly
+
def index
@gitaly_servers = Gitaly::Server.all
end
diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 6414792dd43..032e449f995 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -5,6 +5,8 @@ class Admin::GroupsController < Admin::ApplicationController
before_action :group, only: [:edit, :update, :destroy, :project_update, :members_update]
+ feature_category :subgroups
+
def index
@groups = groups.sort_by_attribute(@sort = params[:sort])
@groups = @groups.search(params[:name]) if params[:name].present?
diff --git a/app/controllers/admin/health_check_controller.rb b/app/controllers/admin/health_check_controller.rb
index 7668c799cba..e013b5fbd72 100644
--- a/app/controllers/admin/health_check_controller.rb
+++ b/app/controllers/admin/health_check_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::HealthCheckController < Admin::ApplicationController
+ feature_category :not_owned
+
def show
@errors = HealthCheck::Utils.process_checks(checks)
end
diff --git a/app/controllers/admin/hook_logs_controller.rb b/app/controllers/admin/hook_logs_controller.rb
index 8301b3aa880..444ad17f86d 100644
--- a/app/controllers/admin/hook_logs_controller.rb
+++ b/app/controllers/admin/hook_logs_controller.rb
@@ -8,6 +8,8 @@ class Admin::HookLogsController < Admin::ApplicationController
respond_to :html
+ feature_category :integrations
+
def show
end
diff --git a/app/controllers/admin/hooks_controller.rb b/app/controllers/admin/hooks_controller.rb
index 51b0f45c5be..ca24f671b9d 100644
--- a/app/controllers/admin/hooks_controller.rb
+++ b/app/controllers/admin/hooks_controller.rb
@@ -5,6 +5,8 @@ class Admin::HooksController < Admin::ApplicationController
before_action :hook_logs, only: :edit
+ feature_category :integrations
+
def index
@hooks = SystemHook.all
@hook = SystemHook.new
@@ -34,7 +36,7 @@ class Admin::HooksController < Admin::ApplicationController
end
def destroy
- hook.destroy
+ destroy_hook(hook)
redirect_to admin_hooks_path, status: :found
end
diff --git a/app/controllers/admin/identities_controller.rb b/app/controllers/admin/identities_controller.rb
index 327538f1e93..dcec50e882d 100644
--- a/app/controllers/admin/identities_controller.rb
+++ b/app/controllers/admin/identities_controller.rb
@@ -4,6 +4,8 @@ class Admin::IdentitiesController < Admin::ApplicationController
before_action :user
before_action :identity, except: [:index, :new, :create]
+ feature_category :authentication_and_authorization
+
def new
@identity = Identity.new
end
diff --git a/app/controllers/admin/impersonation_tokens_controller.rb b/app/controllers/admin/impersonation_tokens_controller.rb
index c35619a944e..c3166d5dd82 100644
--- a/app/controllers/admin/impersonation_tokens_controller.rb
+++ b/app/controllers/admin/impersonation_tokens_controller.rb
@@ -3,6 +3,8 @@
class Admin::ImpersonationTokensController < Admin::ApplicationController
before_action :user
+ feature_category :authentication_and_authorization
+
def index
set_index_vars
end
diff --git a/app/controllers/admin/impersonations_controller.rb b/app/controllers/admin/impersonations_controller.rb
index 65fe22bd8f4..6c45b03455e 100644
--- a/app/controllers/admin/impersonations_controller.rb
+++ b/app/controllers/admin/impersonations_controller.rb
@@ -4,6 +4,8 @@ class Admin::ImpersonationsController < Admin::ApplicationController
skip_before_action :authenticate_admin!
before_action :authenticate_impersonator!
+ feature_category :authentication_and_authorization
+
def destroy
original_user = stop_impersonation
redirect_to admin_user_path(original_user), status: :found
diff --git a/app/controllers/admin/instance_review_controller.rb b/app/controllers/admin/instance_review_controller.rb
new file mode 100644
index 00000000000..db304c82dd6
--- /dev/null
+++ b/app/controllers/admin/instance_review_controller.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+class Admin::InstanceReviewController < Admin::ApplicationController
+ feature_category :instance_statistics
+
+ def index
+ redirect_to("#{::Gitlab::SubscriptionPortal::SUBSCRIPTIONS_URL}/instance_review?#{instance_review_params}")
+ end
+
+ def instance_review_params
+ result = {
+ instance_review: {
+ email: current_user.email,
+ last_name: current_user.name,
+ version: ::Gitlab::VERSION
+ }
+ }
+
+ if Gitlab::CurrentSettings.usage_ping_enabled?
+ data = ::Gitlab::UsageData.data
+ counts = data[:counts]
+
+ result[:instance_review].merge!(
+ users_count: data[:active_user_count],
+ projects_count: counts[:projects],
+ groups_count: counts[:groups],
+ issues_count: counts[:issues],
+ merge_requests_count: counts[:merge_requests],
+ internal_pipelines_count: counts[:ci_internal_pipelines],
+ external_pipelines_count: counts[:ci_external_pipelines],
+ labels_count: counts[:labels],
+ milestones_count: counts[:milestones],
+ snippets_count: counts[:snippets],
+ notes_count: counts[:notes]
+ )
+ end
+
+ result.to_query
+ end
+end
diff --git a/app/controllers/admin/instance_statistics_controller.rb b/app/controllers/admin/instance_statistics_controller.rb
index 3aee26b97a2..dfbd704cb0c 100644
--- a/app/controllers/admin/instance_statistics_controller.rb
+++ b/app/controllers/admin/instance_statistics_controller.rb
@@ -7,6 +7,8 @@ class Admin::InstanceStatisticsController < Admin::ApplicationController
track_unique_visits :index, target_id: 'i_analytics_instance_statistics'
+ feature_category :instance_statistics
+
def index
end
diff --git a/app/controllers/admin/integrations_controller.rb b/app/controllers/admin/integrations_controller.rb
index 1e2a99f7078..9a1d5a11f7f 100644
--- a/app/controllers/admin/integrations_controller.rb
+++ b/app/controllers/admin/integrations_controller.rb
@@ -2,6 +2,9 @@
class Admin::IntegrationsController < Admin::ApplicationController
include IntegrationsActions
+ include ServicesHelper
+
+ feature_category :integrations
private
@@ -10,7 +13,7 @@ class Admin::IntegrationsController < Admin::ApplicationController
end
def integrations_enabled?
- true
+ instance_level_integrations?
end
def scoped_edit_integration_path(integration)
diff --git a/app/controllers/admin/jobs_controller.rb b/app/controllers/admin/jobs_controller.rb
index 7b50a45a9cd..b800ca79d6b 100644
--- a/app/controllers/admin/jobs_controller.rb
+++ b/app/controllers/admin/jobs_controller.rb
@@ -3,6 +3,8 @@
class Admin::JobsController < Admin::ApplicationController
BUILDS_PER_PAGE = 30
+ feature_category :continuous_integration
+
def index
# We need all builds for tabs counters
@all_builds = Ci::JobsFinder.new(current_user: current_user).execute
diff --git a/app/controllers/admin/keys_controller.rb b/app/controllers/admin/keys_controller.rb
index 58ea19d1210..03383604e30 100644
--- a/app/controllers/admin/keys_controller.rb
+++ b/app/controllers/admin/keys_controller.rb
@@ -3,6 +3,8 @@
class Admin::KeysController < Admin::ApplicationController
before_action :user, only: [:show, :destroy]
+ feature_category :authentication_and_authorization
+
def show
@key = user.keys.find(params[:id])
diff --git a/app/controllers/admin/labels_controller.rb b/app/controllers/admin/labels_controller.rb
index 6cb206c1686..be63bf4c7ce 100644
--- a/app/controllers/admin/labels_controller.rb
+++ b/app/controllers/admin/labels_controller.rb
@@ -3,6 +3,8 @@
class Admin::LabelsController < Admin::ApplicationController
before_action :set_label, only: [:show, :edit, :update, :destroy]
+ feature_category :issue_tracking
+
def index
@labels = Label.templates.page(params[:page])
end
diff --git a/app/controllers/admin/plan_limits_controller.rb b/app/controllers/admin/plan_limits_controller.rb
index 2620db8aec5..0a5cdc06d61 100644
--- a/app/controllers/admin/plan_limits_controller.rb
+++ b/app/controllers/admin/plan_limits_controller.rb
@@ -5,6 +5,8 @@ class Admin::PlanLimitsController < Admin::ApplicationController
before_action :set_plan_limits
+ feature_category :not_owned
+
def create
redirect_path = referer_path(request) || general_admin_application_settings_path
diff --git a/app/controllers/admin/projects_controller.rb b/app/controllers/admin/projects_controller.rb
index 9fe1f22c342..c4564478462 100644
--- a/app/controllers/admin/projects_controller.rb
+++ b/app/controllers/admin/projects_controller.rb
@@ -6,6 +6,9 @@ class Admin::ProjectsController < Admin::ApplicationController
before_action :project, only: [:show, :transfer, :repository_check, :destroy]
before_action :group, only: [:show, :transfer]
+ feature_category :projects, [:index, :show, :transfer, :destroy]
+ feature_category :source_code_management, [:repository_check]
+
def index
params[:sort] ||= 'latest_activity_desc'
@sort = params[:sort]
diff --git a/app/controllers/admin/requests_profiles_controller.rb b/app/controllers/admin/requests_profiles_controller.rb
index 24383455064..fbbe8c24637 100644
--- a/app/controllers/admin/requests_profiles_controller.rb
+++ b/app/controllers/admin/requests_profiles_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::RequestsProfilesController < Admin::ApplicationController
+ feature_category :not_owned
+
def index
@profile_token = Gitlab::RequestProfiler.profile_token
@profiles = Gitlab::RequestProfiler.all.group_by(&:request_path)
diff --git a/app/controllers/admin/runner_projects_controller.rb b/app/controllers/admin/runner_projects_controller.rb
index 774ce04d079..7761ffaac84 100644
--- a/app/controllers/admin/runner_projects_controller.rb
+++ b/app/controllers/admin/runner_projects_controller.rb
@@ -3,6 +3,8 @@
class Admin::RunnerProjectsController < Admin::ApplicationController
before_action :project, only: [:create]
+ feature_category :continuous_integration
+
def create
@runner = Ci::Runner.find(params[:runner_project][:runner_id])
diff --git a/app/controllers/admin/runners_controller.rb b/app/controllers/admin/runners_controller.rb
index 7a377a33d41..576b148fbff 100644
--- a/app/controllers/admin/runners_controller.rb
+++ b/app/controllers/admin/runners_controller.rb
@@ -1,7 +1,11 @@
# frozen_string_literal: true
class Admin::RunnersController < Admin::ApplicationController
- before_action :runner, except: [:index, :tag_list]
+ include RunnerSetupScripts
+
+ before_action :runner, except: [:index, :tag_list, :runner_setup_scripts]
+
+ feature_category :continuous_integration
def index
finder = Ci::RunnersFinder.new(current_user: current_user, params: params)
@@ -53,6 +57,10 @@ class Admin::RunnersController < Admin::ApplicationController
render json: ActsAsTaggableOn::TagSerializer.new.represent(tags)
end
+ def runner_setup_scripts
+ private_runner_setup_scripts
+ end
+
private
def runner
diff --git a/app/controllers/admin/serverless/domains_controller.rb b/app/controllers/admin/serverless/domains_controller.rb
index 1d4f10e033f..49cd9f7a36d 100644
--- a/app/controllers/admin/serverless/domains_controller.rb
+++ b/app/controllers/admin/serverless/domains_controller.rb
@@ -4,6 +4,8 @@ class Admin::Serverless::DomainsController < Admin::ApplicationController
before_action :check_feature_flag
before_action :domain, only: [:update, :verify, :destroy]
+ feature_category :serverless
+
def index
@domain = PagesDomain.instance_serverless.first_or_initialize
end
diff --git a/app/controllers/admin/services_controller.rb b/app/controllers/admin/services_controller.rb
index 1f4250639c4..379e74bb249 100644
--- a/app/controllers/admin/services_controller.rb
+++ b/app/controllers/admin/services_controller.rb
@@ -6,6 +6,8 @@ class Admin::ServicesController < Admin::ApplicationController
before_action :service, only: [:edit, :update]
before_action :whitelist_query_limiting, only: [:index]
+ feature_category :integrations
+
def index
@services = Service.find_or_create_templates.sort_by(&:title)
@existing_instance_types = Service.for_instance.pluck(:type) # rubocop: disable CodeReuse/ActiveRecord
diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb
index 0c0bbaf4d93..9c378f4c883 100644
--- a/app/controllers/admin/sessions_controller.rb
+++ b/app/controllers/admin/sessions_controller.rb
@@ -1,12 +1,14 @@
# frozen_string_literal: true
class Admin::SessionsController < ApplicationController
- include Authenticates2FAForAdminMode
+ include AuthenticatesWithTwoFactorForAdminMode
include InternalRedirect
include RendersLdapServers
before_action :user_is_admin!
+ feature_category :authentication_and_authorization
+
def new
if current_user_mode.admin_mode?
redirect_to redirect_path, notice: _('Admin mode already enabled')
@@ -65,7 +67,10 @@ class Admin::SessionsController < ApplicationController
end
def valid_otp_attempt?(user)
- valid_otp_attempt = user.validate_and_consume_otp!(user_params[:otp_attempt])
+ otp_validation_result =
+ ::Users::ValidateOtpService.new(user).execute(user_params[:otp_attempt])
+ valid_otp_attempt = otp_validation_result[:status] == :success
+
return valid_otp_attempt if Gitlab::Database.read_only?
valid_otp_attempt || user.invalidate_otp_backup_code!(user_params[:otp_attempt])
diff --git a/app/controllers/admin/spam_logs_controller.rb b/app/controllers/admin/spam_logs_controller.rb
index 689e502a221..67d991c8b03 100644
--- a/app/controllers/admin/spam_logs_controller.rb
+++ b/app/controllers/admin/spam_logs_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::SpamLogsController < Admin::ApplicationController
+ feature_category :not_owned
+
# rubocop: disable CodeReuse/ActiveRecord
def index
@spam_logs = SpamLog.order(id: :desc).page(params[:page])
diff --git a/app/controllers/admin/system_info_controller.rb b/app/controllers/admin/system_info_controller.rb
index 657aa177ecf..f14305528a3 100644
--- a/app/controllers/admin/system_info_controller.rb
+++ b/app/controllers/admin/system_info_controller.rb
@@ -1,6 +1,8 @@
# frozen_string_literal: true
class Admin::SystemInfoController < Admin::ApplicationController
+ feature_category :not_owned
+
EXCLUDED_MOUNT_OPTIONS = %w[
nobrowse
read-only
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index e19b09e1324..bd7b69384b2 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -6,10 +6,14 @@ class Admin::UsersController < Admin::ApplicationController
before_action :user, except: [:index, :new, :create]
before_action :check_impersonation_availability, only: :impersonate
before_action :ensure_destroy_prerequisites_met, only: [:destroy]
+ before_action :check_admin_approval_feature_available!, only: [:approve]
+
+ feature_category :users
def index
@users = User.filter_items(params[:filter]).order_name_asc
@users = @users.search_with_secondary_emails(params[:search_query]) if params[:search_query].present?
+ @users = @users.includes(:authorized_projects) # rubocop: disable CodeReuse/ActiveRecord
@users = @users.sort_by_attribute(@sort = params[:sort])
@users = @users.page(params[:page])
end
@@ -59,6 +63,16 @@ class Admin::UsersController < Admin::ApplicationController
end
end
+ def approve
+ result = Users::ApproveService.new(current_user).execute(user)
+
+ if result[:status] == :success
+ redirect_back_or_admin_user(notice: _("Successfully approved"))
+ else
+ redirect_back_or_admin_user(alert: result[:message])
+ end
+ end
+
def activate
return redirect_back_or_admin_user(notice: _("Error occurred. A blocked user must be unblocked to be activated")) if user.blocked?
@@ -69,6 +83,7 @@ class Admin::UsersController < Admin::ApplicationController
def deactivate
return redirect_back_or_admin_user(notice: _("Error occurred. A blocked user cannot be deactivated")) if user.blocked?
return redirect_back_or_admin_user(notice: _("Successfully deactivated")) if user.deactivated?
+ return redirect_back_or_admin_user(notice: _("Internal users cannot be deactivated")) if user.internal?
return redirect_back_or_admin_user(notice: _("The user you are trying to deactivate has been active in the past %{minimum_inactive_days} days and cannot be deactivated") % { minimum_inactive_days: ::User::MINIMUM_INACTIVE_DAYS }) unless user.can_be_deactivated?
user.deactivate
@@ -78,7 +93,7 @@ class Admin::UsersController < Admin::ApplicationController
def block
result = Users::BlockService.new(current_user).execute(user)
- if result[:status] = :success
+ if result[:status] == :success
redirect_back_or_admin_user(notice: _("Successfully blocked"))
else
redirect_back_or_admin_user(alert: _("Error occurred. User was not blocked"))
@@ -168,7 +183,7 @@ class Admin::UsersController < Admin::ApplicationController
# restore username to keep form action url.
user.username = params[:id]
format.html { render "edit" }
- format.json { render json: [result[:message]], status: result[:status] }
+ format.json { render json: [result[:message]], status: :internal_server_error }
end
end
end
@@ -283,6 +298,10 @@ class Admin::UsersController < Admin::ApplicationController
def log_impersonation_event
Gitlab::AppLogger.info(_("User %{current_user_username} has started impersonating %{username}") % { current_user_username: current_user.username, username: user.username })
end
+
+ def check_admin_approval_feature_available!
+ access_denied! unless Feature.enabled?(:admin_approval_for_new_user_signups, default_enabled: true)
+ end
end
Admin::UsersController.prepend_if_ee('EE::Admin::UsersController')
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 00:47:27 +0300