Add latest changes from gitlab-org/gitlab@14-2-stable-eev14.2.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-19 12:08:42 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-19 12:08:42 +0300
commit: b76ae638462ab0f673e5915986070518dd3f9ad3 (patch)
tree: bdab0533383b52873be0ec0eb4d3c66598ff8b91 /app/controllers/projects
parent: 434373eabe7b4be9593d18a585fb763f1e5f1a6f (diff)
21 files changed, 140 insertions, 114 deletions
diff --git a/app/controllers/projects/analytics/cycle_analytics/stages_controller.rb b/app/controllers/projects/analytics/cycle_analytics/stages_controller.rb
index 7b4f6739a9b..2f9d70fede1 100644
--- a/app/controllers/projects/analytics/cycle_analytics/stages_controller.rb
+++ b/app/controllers/projects/analytics/cycle_analytics/stages_controller.rb
@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class Projects::Analytics::CycleAnalytics::StagesController < Projects::ApplicationController
+  include ::Analytics::CycleAnalytics::StageActions
+  extend ::Gitlab::Utils::Override
+
   respond_to :json
 
   feature_category :planning_analytics
@@ -8,37 +11,19 @@ class Projects::Analytics::CycleAnalytics::StagesController < Projects::Applicat
   before_action :authorize_read_cycle_analytics!
   before_action :only_default_value_stream_is_allowed!
 
-  def index
-    result = list_service.execute
-
-    if result.success?
-      render json: cycle_analytics_configuration(result.payload[:stages])
-    else
-      render json: { message: result.message }, status: result.http_status
-    end
-  end
-
   private
 
-  def only_default_value_stream_is_allowed!
-    render_404 if params[:value_stream_id] != Analytics::CycleAnalytics::Stages::BaseService::DEFAULT_VALUE_STREAM_NAME
+  override :parent
+  def parent
+    @project
   end
 
-  def value_stream
-    Analytics::CycleAnalytics::ProjectValueStream.build_default_value_stream(@project)
+  override :value_stream_class
+  def value_stream_class
+    Analytics::CycleAnalytics::ProjectValueStream
   end
 
-  def list_params
-    { value_stream: value_stream }
-  end
-
-  def list_service
-    Analytics::CycleAnalytics::Stages::ListService.new(parent: @project, current_user: current_user, params: list_params)
-  end
-
-  def cycle_analytics_configuration(stages)
-    stage_presenters = stages.map { |s| ::Analytics::CycleAnalytics::StagePresenter.new(s) }
-
-    Analytics::CycleAnalytics::ConfigurationEntity.new(stages: stage_presenters)
+  def only_default_value_stream_is_allowed!
+    render_404 if params[:value_stream_id] != Analytics::CycleAnalytics::Stages::BaseService::DEFAULT_VALUE_STREAM_NAME
   end
 end
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb
index 08066acb45c..acf6b6116b8 100644
--- a/app/controllers/projects/blob_controller.rb
+++ b/app/controllers/projects/blob_controller.rb
@@ -44,6 +44,7 @@ class Projects::BlobController < Projects::ApplicationController
   before_action do
     push_frontend_feature_flag(:refactor_blob_viewer, @project, default_enabled: :yaml)
     push_frontend_feature_flag(:consolidated_edit_button, @project, default_enabled: :yaml)
+    push_licensed_feature(:file_locks) if @project.licensed_feature_available?(:file_locks)
   end
 
   def new
diff --git a/app/controllers/projects/clusters/applications_controller.rb b/app/controllers/projects/clusters/applications_controller.rb
deleted file mode 100644
index 6c5778124e8..00000000000
--- a/app/controllers/projects/clusters/applications_controller.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-class Projects::Clusters::ApplicationsController < Clusters::ApplicationsController
-  prepend_before_action :project
-
-  private
-
-  def clusterable
-    @clusterable ||= ClusterablePresenter.fabricate(project, current_user: current_user)
-  end
-
-  def project
-    @project ||= find_routable!(Project, File.join(params[:namespace_id], params[:project_id]), request.path_info)
-  end
-end
diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb
index edf45e7063a..99f62c18593 100644
--- a/app/controllers/projects/compare_controller.rb
+++ b/app/controllers/projects/compare_controller.rb
@@ -20,10 +20,6 @@ class Projects::CompareController < Projects::ApplicationController
   # Validation
   before_action :validate_refs!
 
-  before_action do
-    push_frontend_feature_flag(:compare_repo_dropdown, source_project, default_enabled: :yaml)
-  end
-
   feature_category :source_code_management
 
   # Diffs may be pretty chunky, the less is better in this endpoint.
@@ -91,7 +87,6 @@ class Projects::CompareController < Projects::ApplicationController
   def target_project
     strong_memoize(:target_project) do
       next source_project unless params.key?(:from_project_id)
-      next source_project unless Feature.enabled?(:compare_repo_dropdown, source_project, default_enabled: :yaml)
       next source_project if params[:from_project_id].to_i == source_project.id
 
       target_project = target_projects(source_project).find_by_id(params[:from_project_id])
diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb
index 8519841ee16..cac0aa9d513 100644
--- a/app/controllers/projects/environments_controller.rb
+++ b/app/controllers/projects/environments_controller.rb
@@ -87,17 +87,17 @@ class Projects::EnvironmentsController < Projects::ApplicationController
     @environment = project.environments.create(environment_params)
 
     if @environment.persisted?
-      redirect_to project_environment_path(project, @environment)
+      render json: { environment: @environment, path: project_environment_path(project, @environment) }
     else
-      render :new
+      render json: { message: @environment.errors.full_messages }, status: :bad_request
     end
   end
 
   def update
     if @environment.update(environment_params)
-      redirect_to project_environment_path(project, @environment)
+      render json: { environment: @environment, path: project_environment_path(project, @environment) }
     else
-      render :edit
+      render json: { message: @environment.errors.full_messages }, status: :bad_request
     end
   end
 
diff --git a/app/controllers/projects/error_tracking_controller.rb b/app/controllers/projects/error_tracking_controller.rb
index b4b03e219ab..8700d3c2198 100644
--- a/app/controllers/projects/error_tracking_controller.rb
+++ b/app/controllers/projects/error_tracking_controller.rb
@@ -27,7 +27,7 @@ class Projects::ErrorTrackingController < Projects::ErrorTracking::BaseControlle
   end
 
   def update
-    service = ErrorTracking::IssueUpdateService.new(project, current_user, issue_update_params)
+    service = ::ErrorTracking::IssueUpdateService.new(project, current_user, issue_update_params)
     result = service.execute
 
     return if render_errors(result)
@@ -40,7 +40,7 @@ class Projects::ErrorTrackingController < Projects::ErrorTracking::BaseControlle
   private
 
   def render_index_json
-    service = ErrorTracking::ListIssuesService.new(
+    service = ::ErrorTracking::ListIssuesService.new(
       project,
       current_user,
       list_issues_params
@@ -57,7 +57,7 @@ class Projects::ErrorTrackingController < Projects::ErrorTracking::BaseControlle
   end
 
   def render_issue_detail_json
-    service = ErrorTracking::IssueDetailsService.new(project, current_user, issue_details_params)
+    service = ::ErrorTracking::IssueDetailsService.new(project, current_user, issue_details_params)
     result = service.execute
 
     return if render_errors(result)
@@ -91,13 +91,13 @@ class Projects::ErrorTrackingController < Projects::ErrorTracking::BaseControlle
   end
 
   def serialize_errors(errors)
-    ErrorTracking::ErrorSerializer
+    ::ErrorTracking::ErrorSerializer
       .new(project: project, user: current_user)
       .represent(errors)
   end
 
   def serialize_detailed_error(error)
-    ErrorTracking::DetailedErrorSerializer
+    ::ErrorTracking::DetailedErrorSerializer
       .new(project: project, user: current_user)
       .represent(error)
   end
diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb
index 0f00fda4687..7135c0d959e 100644
--- a/app/controllers/projects/forks_controller.rb
+++ b/app/controllers/projects/forks_controller.rb
@@ -99,7 +99,7 @@ class Projects::ForksController < Projects::ApplicationController
       current_user: current_user
     ).execute
 
-    forks.includes(:route, :creator, :group, namespace: [:route, :owner])
+    forks.includes(:route, :creator, :group, :topics, namespace: [:route, :owner])
   end
 
   def fork_service
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 5d38e431c8a..bdfaaf2b143 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -7,7 +7,6 @@ class Projects::IssuesController < Projects::ApplicationController
   include ToggleAwardEmoji
   include IssuableCollections
   include IssuesCalendar
-  include SpammableActions
   include RecordUserLastActivity
 
   ISSUES_EXCEPT_ACTIONS = %i[index calendar new create bulk_update import_csv export_csv service_desk].freeze
@@ -58,7 +57,7 @@ class Projects::IssuesController < Projects::ApplicationController
     push_frontend_feature_flag(:labels_widget, @project, default_enabled: :yaml)
 
     experiment(:invite_members_in_comment, namespace: @project.root_ancestor) do |experiment_instance|
-      experiment_instance.exclude! unless helpers.can_import_members?
+      experiment_instance.exclude! unless helpers.can_admin_project_member?(@project)
 
       experiment_instance.use {}
       experiment_instance.try(:invite_member_link) {}
@@ -129,7 +128,6 @@ class Projects::IssuesController < Projects::ApplicationController
   end
 
   def create
-    extract_legacy_spam_params_to_headers
     create_params = issue_params.merge(
       merge_request_to_resolve_discussions_of: params[:merge_request_to_resolve_discussions_of],
       discussion_to_resolve: params[:discussion_to_resolve]
@@ -149,10 +147,11 @@ class Projects::IssuesController < Projects::ApplicationController
                        end
     end
 
-    respond_to do |format|
-      format.html do
-        recaptcha_check_with_fallback { render :new }
-      end
+    if @issue.valid?
+      redirect_to project_issue_path(@project, @issue)
+    else
+      # NOTE: this CAPTCHA support method is indirectly included via IssuableActions
+      with_captcha_check_html_format { render :new }
     end
   end
 
diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb
index 49687a50ff6..778623a05c6 100644
--- a/app/controllers/projects/jobs_controller.rb
+++ b/app/controllers/projects/jobs_controller.rb
@@ -9,7 +9,7 @@ class Projects::JobsController < Projects::ApplicationController
   before_action :authorize_read_build_trace!, only: [:trace, :raw]
   before_action :authorize_read_build!
   before_action :authorize_update_build!,
-    except: [:index, :show, :status, :raw, :trace, :erase]
+    except: [:index, :show, :status, :raw, :trace, :erase, :cancel, :unschedule]
   before_action :authorize_erase_build!, only: [:erase]
   before_action :authorize_use_build_terminal!, only: [:terminal, :terminal_websocket_authorize]
   before_action :verify_api_request!, only: :terminal_websocket_authorize
@@ -93,22 +93,28 @@ class Projects::JobsController < Projects::ApplicationController
   end
 
   def cancel
-    return respond_422 unless @build.cancelable?
+    service_response = Ci::BuildCancelService.new(@build, current_user).execute
 
-    @build.cancel
-
-    if continue_params[:to]
-      redirect_to continue_params[:to]
+    if service_response.success?
+      destination = continue_params[:to].presence || builds_project_pipeline_path(@project, @build.pipeline.id)
+      redirect_to destination
+    elsif service_response.http_status == :forbidden
+      access_denied!
     else
-      redirect_to builds_project_pipeline_path(@project, @build.pipeline.id)
+      head service_response.http_status
     end
   end
 
   def unschedule
-    return respond_422 unless @build.scheduled?
+    service_response = Ci::BuildUnscheduleService.new(@build, current_user).execute
 
-    @build.unschedule!
-    redirect_to build_path(@build)
+    if service_response.success?
+      redirect_to build_path(@build)
+    elsif service_response.http_status == :forbidden
+      access_denied!
+    else
+      head service_response.http_status
+    end
   end
 
   def status
diff --git a/app/controllers/projects/merge_requests/creations_controller.rb b/app/controllers/projects/merge_requests/creations_controller.rb
index 9f1e2d8236a..ecc5ad1f84e 100644
--- a/app/controllers/projects/merge_requests/creations_controller.rb
+++ b/app/controllers/projects/merge_requests/creations_controller.rb
@@ -10,10 +10,6 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
   before_action :apply_diff_view_cookie!, only: [:diffs, :diff_for_path]
   before_action :build_merge_request, except: [:create]
 
-  before_action do
-    push_frontend_feature_flag(:mr_collapsed_approval_rules, @project)
-  end
-
   def new
     define_new_vars
   end
diff --git a/app/controllers/projects/merge_requests/diffs_controller.rb b/app/controllers/projects/merge_requests/diffs_controller.rb
index 88423bec915..8ccc658dfe7 100644
--- a/app/controllers/projects/merge_requests/diffs_controller.rb
+++ b/app/controllers/projects/merge_requests/diffs_controller.rb
@@ -27,10 +27,10 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
     diff_options_hash[:paths] = params[:paths] if params[:paths]
 
     diffs = @compare.diffs_in_batch(params[:page], params[:per_page], diff_options: diff_options_hash)
-    positions = @merge_request.note_positions_for_paths(diffs.diff_file_paths, current_user)
+    unfoldable_positions = @merge_request.note_positions_for_paths(diffs.diff_file_paths, current_user).unfoldable
     environment = @merge_request.environments_for(current_user, latest: true).last
 
-    diffs.unfold_diff_files(positions.unfoldable)
+    diffs.unfold_diff_files(unfoldable_positions)
     diffs.write_cache
 
     options = {
@@ -38,14 +38,29 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
       merge_request: @merge_request,
       diff_view: diff_view,
       merge_ref_head_diff: render_merge_ref_head_diff?,
-      pagination_data: diffs.pagination_data
+      pagination_data: diffs.pagination_data,
+      allow_tree_conflicts: display_merge_conflicts_in_diff?
     }
 
     if diff_options_hash[:paths].blank? && Feature.enabled?(:diffs_batch_render_cached, project, default_enabled: :yaml)
+      # NOTE: Any variables that would affect the resulting json needs to be added to the cache_context to avoid stale cache issues.
+      cache_context = [
+        current_user&.cache_key,
+        environment&.cache_key,
+        unfoldable_positions.map(&:to_h),
+        diff_view,
+        params[:w],
+        params[:expanded],
+        params[:page],
+        params[:per_page],
+        options[:merge_ref_head_diff],
+        options[:allow_tree_conflicts]
+      ]
+
       render_cached(
         diffs,
         with: PaginatedDiffSerializer.new(current_user: current_user),
-        cache_context: -> (_) { [diff_view, params[:w], params[:expanded], params[:per_page], params[:page]] },
+        cache_context: -> (_) { [Digest::SHA256.hexdigest(cache_context.to_s)] },
         **options
       )
     else
@@ -56,8 +71,14 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
   def diffs_metadata
     diffs = @compare.diffs(diff_options)
 
+    options = additional_attributes.merge(
+      only_context_commits: show_only_context_commits?,
+      merge_ref_head_diff: render_merge_ref_head_diff?,
+      allow_tree_conflicts: display_merge_conflicts_in_diff?
+    )
+
     render json: DiffsMetadataSerializer.new(project: @merge_request.project, current_user: current_user)
-                   .represent(diffs, additional_attributes.merge(only_context_commits: show_only_context_commits?))
+                   .represent(diffs, options)
   end
 
   private
@@ -82,7 +103,8 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
 
     options = additional_attributes.merge(
       diff_view: "inline",
-      merge_ref_head_diff: render_merge_ref_head_diff?
+      merge_ref_head_diff: render_merge_ref_head_diff?,
+      allow_tree_conflicts: display_merge_conflicts_in_diff?
     )
 
     if @merge_request.project.context_commits_enabled?
@@ -213,4 +235,8 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
     Gitlab::UsageDataCounters::MergeRequestActivityUniqueCounter
       .track_mr_diffs_single_file_action(merge_request: @merge_request, user: current_user)
   end
+
+  def display_merge_conflicts_in_diff?
+    Feature.enabled?(:display_merge_conflicts_in_diff, @merge_request.project)
+  end
 end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index cfa64bbc16d..8b3f2df69df 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -11,6 +11,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   include RecordUserLastActivity
   include SourcegraphDecorator
   include DiffHelper
+  include Gitlab::Cache::Helpers
 
   skip_before_action :merge_request, only: [:index, :bulk_update, :export_csv]
   before_action :apply_diff_view_cookie!, only: [:show]
@@ -43,9 +44,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     # Usage data feature flags
     push_frontend_feature_flag(:users_expanding_widgets_usage_data, @project, default_enabled: :yaml)
     push_frontend_feature_flag(:diff_settings_usage_data, default_enabled: :yaml)
+    push_frontend_feature_flag(:diff_searching_usage_data, @project, default_enabled: :yaml)
 
     experiment(:invite_members_in_comment, namespace: @project.root_ancestor) do |experiment_instance|
-      experiment_instance.exclude! unless helpers.can_import_members?
+      experiment_instance.exclude! unless helpers.can_admin_project_member?(@project)
 
       experiment_instance.use {}
       experiment_instance.try(:invite_member_link) {}
@@ -55,7 +57,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   end
 
   before_action do
-    push_frontend_feature_flag(:mr_collapsed_approval_rules, @project)
     push_frontend_feature_flag(:show_relevant_approval_rule_approvers, @project, default_enabled: :yaml)
   end
 
@@ -92,6 +93,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     end
   end
 
+  # rubocop:disable Metrics/AbcSize
   def show
     close_merge_request_if_no_source_project
 
@@ -128,7 +130,21 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
       format.json do
         Gitlab::PollingInterval.set_header(response, interval: 10_000)
 
-        render json: serializer.represent(@merge_request, serializer: params[:serializer])
+        if params[:serializer] == 'sidebar_extras' && Feature.enabled?(:merge_request_show_render_cached, @project, default_enabled: :yaml)
+          cache_context = [
+            params[:serializer],
+            current_user&.cache_key,
+            @merge_request.assignees.map(&:cache_key),
+            @merge_request.reviewers.map(&:cache_key)
+          ]
+
+          render_cached(@merge_request,
+                        with: serializer,
+                        cache_context: -> (_) { [Digest::SHA256.hexdigest(cache_context.to_s)] },
+                        serializer: params[:serializer])
+        else
+          render json: serializer.represent(@merge_request, serializer: params[:serializer])
+        end
       end
 
       format.patch do
@@ -144,6 +160,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
       end
     end
   end
+  # rubocop:enable Metrics/AbcSize
 
   def commits
     # Get context commits from repository
diff --git a/app/controllers/projects/packages/infrastructure_registry_controller.rb b/app/controllers/projects/packages/infrastructure_registry_controller.rb
index ee04cbb0062..4506a83634a 100644
--- a/app/controllers/projects/packages/infrastructure_registry_controller.rb
+++ b/app/controllers/projects/packages/infrastructure_registry_controller.rb
@@ -3,19 +3,14 @@
 module Projects
   module Packages
     class InfrastructureRegistryController < Projects::ApplicationController
-      before_action :verify_feature_enabled!
+      include PackagesAccess
+
       feature_category :infrastructure_as_code
 
       def show
         @package = project.packages.find(params[:id])
         @package_files = @package.package_files.recent
       end
-
-      private
-
-      def verify_feature_enabled!
-        render_404 unless Feature.enabled?(:infrastructure_registry_page, default_enabled: :yaml)
-      end
     end
   end
 end
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index ba7c86434e0..a411264b350 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -12,12 +12,11 @@ class Projects::PipelinesController < Projects::ApplicationController
   before_action :authorize_read_ci_cd_analytics!, only: [:charts]
   before_action :authorize_create_pipeline!, only: [:new, :create, :config_variables]
   before_action :authorize_update_pipeline!, only: [:retry, :cancel]
+  before_action :ensure_pipeline, only: [:show, :downloadable_artifacts]
+
   before_action do
-    push_frontend_feature_flag(:pipeline_graph_layers_view, project, type: :development, default_enabled: :yaml)
-    push_frontend_feature_flag(:graphql_pipeline_details, project, type: :development, default_enabled: :yaml)
-    push_frontend_feature_flag(:graphql_pipeline_details_users, current_user, type: :development, default_enabled: :yaml)
+    push_frontend_feature_flag(:pipeline_source_filter, project, type: :development, default_enabled: :yaml)
   end
-  before_action :ensure_pipeline, only: [:show, :downloadable_artifacts]
 
   # Will be removed with https://gitlab.com/gitlab-org/gitlab/-/issues/225596
   before_action :redirect_for_legacy_scope_filter, only: [:index], if: -> { request.format.html? }
@@ -32,10 +31,11 @@ class Projects::PipelinesController < Projects::ApplicationController
 
   feature_category :continuous_integration, [
                      :charts, :show, :config_variables, :stage, :cancel, :retry,
-                     :builds, :dag, :failures, :status, :downloadable_artifacts,
+                     :builds, :dag, :failures, :status,
                      :index, :create, :new, :destroy
                    ]
   feature_category :code_testing, [:test_report]
+  feature_category :build_artifacts, [:downloadable_artifacts]
 
   def index
     @pipelines = Ci::PipelinesFinder
@@ -68,20 +68,22 @@ class Projects::PipelinesController < Projects::ApplicationController
   end
 
   def create
-    @pipeline = Ci::CreatePipelineService
+    service_response = Ci::CreatePipelineService
       .new(project, current_user, create_params)
       .execute(:web, ignore_skip_ci: true, save_on_errors: false)
 
+    @pipeline = service_response.payload
+
     respond_to do |format|
       format.html do
-        if @pipeline.created_successfully?
+        if service_response.success?
           redirect_to project_pipeline_path(project, @pipeline)
         else
           render 'new', status: :bad_request
         end
       end
       format.json do
-        if @pipeline.created_successfully?
+        if service_response.success?
           render json: PipelineSerializer
                          .new(project: project, current_user: current_user)
                          .represent(@pipeline),
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb
index 370cd2b02a1..d0987492d2d 100644
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@@ -23,7 +23,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
       .new(@project, current_user, params: filter_params)
       .execute(include_relations: requested_relations)
 
-    if helpers.can_manage_project_members?(@project)
+    if can?(current_user, :admin_project_member, @project)
       @invited_members = present_members(project_members.invite)
       @requesters = present_members(AccessRequestsFinder.new(@project).execute(current_user))
     end
diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 3fff93abe5c..e86d2490282 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -19,7 +19,7 @@ class Projects::RawController < Projects::ApplicationController
   feature_category :source_code_management
 
   def show
-    @blob = @repository.blob_at(@ref, @path)
+    @blob = @repository.blob_at(@ref, @path, limit: Gitlab::Git::Blob::LFS_POINTER_MAX_SIZE)
 
     send_blob(@repository, @blob, inline: (params[:inline] != 'false'), allow_caching: Guest.can?(:download_code, @project))
   end
diff --git a/app/controllers/projects/runner_projects_controller.rb b/app/controllers/projects/runner_projects_controller.rb
index fa6adc9431d..5da81045e02 100644
--- a/app/controllers/projects/runner_projects_controller.rb
+++ b/app/controllers/projects/runner_projects_controller.rb
@@ -5,7 +5,7 @@ class Projects::RunnerProjectsController < Projects::ApplicationController
 
   layout 'project_settings'
 
-  feature_category :continuous_integration
+  feature_category :runner
 
   def create
     @runner = Ci::Runner.find(params[:runner_project][:runner_id])
diff --git a/app/controllers/projects/security/configuration_controller.rb b/app/controllers/projects/security/configuration_controller.rb
index 3a473bb67e0..19de157357a 100644
--- a/app/controllers/projects/security/configuration_controller.rb
+++ b/app/controllers/projects/security/configuration_controller.rb
@@ -7,10 +7,6 @@ module Projects
 
       feature_category :static_application_security_testing
 
-      before_action only: [:show] do
-        push_frontend_feature_flag(:security_configuration_redesign, project, default_enabled: :yaml)
-      end
-
       def show
         render_403 unless can?(current_user, :read_security_configuration, project)
       end
diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb
index ef6d96e8737..0dcaab7160b 100644
--- a/app/controllers/projects/services_controller.rb
+++ b/app/controllers/projects/services_controller.rb
@@ -8,6 +8,7 @@ class Projects::ServicesController < Projects::ApplicationController
   before_action :authorize_admin_project!
   before_action :ensure_service_enabled
   before_action :integration
+  before_action :default_integration, only: [:edit, :update]
   before_action :web_hook_logs, only: [:edit, :update]
   before_action :set_deprecation_notice_for_prometheus_integration, only: [:edit, :update]
   before_action :redirect_deprecated_prometheus_integration, only: [:update]
@@ -19,14 +20,22 @@ class Projects::ServicesController < Projects::ApplicationController
   feature_category :integrations
 
   def edit
-    @default_integration = Integration.default_integration(service.type, project)
   end
 
   def update
-    @integration.attributes = integration_params[:integration]
-    @integration.inherit_from_id = nil if integration_params[:integration][:inherit_from_id].blank?
+    attributes = integration_params[:integration]
 
-    saved = @integration.save(context: :manual_change)
+    if use_inherited_settings?(attributes)
+      @integration.inherit_from_id = default_integration.id
+
+      if saved = @integration.save(context: :manual_change)
+        BulkUpdateIntegrationService.new(default_integration, [@integration]).execute
+      end
+    else
+      attributes[:inherit_from_id] = nil
+      @integration.attributes = attributes
+      saved = @integration.save(context: :manual_change)
+    end
 
     respond_to do |format|
       format.html do
@@ -88,6 +97,10 @@ class Projects::ServicesController < Projects::ApplicationController
   end
   alias_method :service, :integration
 
+  def default_integration
+    @default_integration ||= Integration.default_integration(integration.type, project)
+  end
+
   def web_hook_logs
     return unless integration.service_hook.present?
 
@@ -115,4 +128,8 @@ class Projects::ServicesController < Projects::ApplicationController
     message = s_('PrometheusService|You can now manage your Prometheus settings on the %{operations_link_start}Operations%{operations_link_end} page. Fields on this page have been deprecated.') % { operations_link_start: operations_link_start, operations_link_end: "</a>" }
     flash.now[:alert] = message.html_safe
   end
+
+  def use_inherited_settings?(attributes)
+    default_integration && attributes[:inherit_from_id] == default_integration.id.to_s
+  end
 end
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index de2ab16b5b1..97f9c5814e2 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -1,9 +1,10 @@
 # frozen_string_literal: true
 
 class Projects::SnippetsController < Projects::Snippets::ApplicationController
+  extend ::Gitlab::Utils::Override
   include SnippetsActions
   include ToggleAwardEmoji
-  include SpammableActions
+  include SpammableActions::AkismetMarkAsSpamAction
 
   before_action :check_snippets_available!
 
@@ -45,4 +46,9 @@ class Projects::SnippetsController < Projects::Snippets::ApplicationController
   def spammable_path
     project_snippet_path(@project, @snippet)
   end
+
+  override :snippet_find_params
+  def snippet_find_params
+    super.merge(project_id: project.id)
+  end
 end
diff --git a/app/controllers/projects/templates_controller.rb b/app/controllers/projects/templates_controller.rb
index df945a99c73..4bad6dc1b3d 100644
--- a/app/controllers/projects/templates_controller.rb
+++ b/app/controllers/projects/templates_controller.rb
@@ -5,7 +5,7 @@ class Projects::TemplatesController < Projects::ApplicationController
   before_action :authorize_can_read_issuable!
   before_action :get_template_class
 
-  feature_category :templates
+  feature_category :source_code_management
 
   def index
     templates = @template_type.template_subsets(project)
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-19 12:08:42 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-19 12:08:42 +0300
commit	b76ae638462ab0f673e5915986070518dd3f9ad3 (patch)
tree	bdab0533383b52873be0ec0eb4d3c66598ff8b91 /app/controllers/projects
parent	434373eabe7b4be9593d18a585fb763f1e5f1a6f (diff)