Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into acet-mr-notes-index

8 files changed, 111 insertions, 50 deletions

diff --git a/app/controllers/projects/clusters/gcp_controller.rb b/app/controllers/projects/clusters/gcp_controller.rb
index 4fc515bd03e..94d33b91562 100644
--- a/app/controllers/projects/clusters/gcp_controller.rb
+++ b/app/controllers/projects/clusters/gcp_controller.rb
@@ -42,7 +42,7 @@ class Projects::Clusters::GcpController < Projects::ApplicationController
     when 'true'
       return
     when 'false'
-      flash[:alert] = _('Please <a href=%{link_to_billing} target="_blank" rel="noopener noreferrer">enable billing for one of your projects to be able to create a cluster</a>, then try again.').html_safe % { link_to_billing: "https://console.cloud.google.com/freetrial?utm_campaign=2018_cpanel&utm_source=gitlab&utm_medium=referral" }
+      flash[:alert] = _('Please <a href=%{link_to_billing} target="_blank" rel="noopener noreferrer">enable billing for one of your projects to be able to create a Kubernetes cluster</a>, then try again.').html_safe % { link_to_billing: "https://console.cloud.google.com/freetrial?utm_campaign=2018_cpanel&utm_source=gitlab&utm_medium=referral" }
     else
       flash[:alert] = _('We could not verify that one of your projects on GCP has billing enabled. Please try again.')
     end
diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb
index 1dc7f1b3a7f..142e8b6e4bc 100644
--- a/app/controllers/projects/clusters_controller.rb
+++ b/app/controllers/projects/clusters_controller.rb
@@ -41,7 +41,7 @@ class Projects::ClustersController < Projects::ApplicationController
           head :no_content
         end
         format.html do
-          flash[:notice] = "Cluster was successfully updated."
+          flash[:notice] = _('Kubernetes cluster was successfully updated.')
           redirect_to project_cluster_path(project, cluster)
         end
       end
@@ -55,10 +55,10 @@ class Projects::ClustersController < Projects::ApplicationController
 
   def destroy
     if cluster.destroy
-      flash[:notice] = "Cluster integration was successfully removed."
+      flash[:notice] = _('Kubernetes cluster integration was successfully removed.')
       redirect_to project_clusters_path(project), status: 302
     else
-      flash[:notice] = "Cluster integration was not removed."
+      flash[:notice] = _('Kubernetes cluster integration was not removed.')
       render :show
     end
   end
diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index 71ae60cb8cd..45910a9be44 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -5,6 +5,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController
 
   rescue_from Gitlab::GitAccess::UnauthorizedError, with: :render_403
   rescue_from Gitlab::GitAccess::NotFoundError, with: :render_404
+  rescue_from Gitlab::GitAccess::ProjectCreationError, with: :render_422
 
   # GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
   # GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
@@ -55,8 +56,15 @@ class Projects::GitHttpController < Projects::GitHttpClientController
     render plain: exception.message, status: :not_found
   end
 
+  def render_422(exception)
+    render plain: exception.message, status: :unprocessable_entity
+  end
+
   def access
-    @access ||= access_klass.new(access_actor, project, 'http', authentication_abilities: authentication_abilities, redirected_path: redirected_path)
+    @access ||= access_klass.new(access_actor, project,
+      'http', authentication_abilities: authentication_abilities,
+              namespace_path: params[:namespace_id], project_path: project_path,
+              redirected_path: redirected_path)
   end
 
   def access_actor
@@ -68,12 +76,17 @@ class Projects::GitHttpController < Projects::GitHttpClientController
     # Use the magic string '_any' to indicate we do not know what the
     # changes are. This is also what gitlab-shell does.
     access.check(git_command, '_any')
+    @project ||= access.project
   end
 
   def access_klass
     @access_klass ||= wiki? ? Gitlab::GitAccessWiki : Gitlab::GitAccess
   end
 
+  def project_path
+    @project_path ||= params[:project_id].sub(/\.git$/, '')
+  end
+
   def log_user_activity
     Users::ActivityService.new(user, 'pull').execute
   end
diff --git a/app/controllers/projects/lfs_api_controller.rb b/app/controllers/projects/lfs_api_controller.rb
index 536f908d2c5..c77f10ef1dd 100644
--- a/app/controllers/projects/lfs_api_controller.rb
+++ b/app/controllers/projects/lfs_api_controller.rb
@@ -98,7 +98,7 @@ class Projects::LfsApiController < Projects::GitHttpClientController
         json: {
           message: lfs_read_only_message
         },
-        content_type: 'application/vnd.git-lfs+json',
+        content_type: LfsRequest::CONTENT_TYPE,
         status: 403
       )
     end
diff --git a/app/controllers/projects/lfs_locks_api_controller.rb b/app/controllers/projects/lfs_locks_api_controller.rb
new file mode 100644
index 00000000000..3fff0fd69ae
--- /dev/null
+++ b/app/controllers/projects/lfs_locks_api_controller.rb
@@ -0,0 +1,70 @@
+class Projects::LfsLocksApiController < Projects::GitHttpClientController
+  include LfsRequest
+
+  def create
+    @result = Lfs::LockFileService.new(project, user, params).execute
+
+    render_json(@result[:lock])
+  end
+
+  def unlock
+    @result = Lfs::UnlockFileService.new(project, user, params).execute
+
+    render_json(@result[:lock])
+  end
+
+  def index
+    @result = Lfs::LocksFinderService.new(project, user, params).execute
+
+    render_json(@result[:locks])
+  end
+
+  def verify
+    @result = Lfs::LocksFinderService.new(project, user, {}).execute
+
+    ours, theirs = split_by_owner(@result[:locks])
+
+    render_json({ ours: ours, theirs: theirs }, false)
+  end
+
+  private
+
+  def render_json(data, process = true)
+    render json: build_payload(data, process),
+           content_type: LfsRequest::CONTENT_TYPE,
+           status: @result[:http_status]
+  end
+
+  def build_payload(data, process)
+    data = LfsFileLockSerializer.new.represent(data) if process
+
+    return data if @result[:status] == :success
+
+    # When the locking failed due to an existent Lock, the existent record
+    # is returned in `@result[:lock]`
+    error_payload(@result[:message], @result[:lock] ? data : {})
+  end
+
+  def error_payload(message, custom_attrs = {})
+    custom_attrs.merge({
+      message: message,
+      documentation_url: help_url
+    })
+  end
+
+  def split_by_owner(locks)
+    groups = locks.partition { |lock| lock.user_id == user.id }
+
+    groups.map! do |records|
+      LfsFileLockSerializer.new.represent(records, root: false)
+    end
+  end
+
+  def download_request?
+    params[:action] == 'index'
+  end
+
+  def upload_request?
+    %w(create unlock verify).include?(params[:action])
+  end
+end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 8af4e379f0a..8eed957d9fe 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -50,10 +50,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
 
         set_pipeline_variables
 
-        # n+1: https://gitlab.com/gitlab-org/gitlab-ce/issues/37432
-        Gitlab::GitalyClient.allow_n_plus_1_calls do
-          render
-        end
+        render
       end
 
       format.json do
diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb
index 6a825137564..7eb509e2e64 100644
--- a/app/controllers/projects/variables_controller.rb
+++ b/app/controllers/projects/variables_controller.rb
@@ -1,60 +1,41 @@
 class Projects::VariablesController < Projects::ApplicationController
-  before_action :variable, only: [:show, :update, :destroy]
   before_action :authorize_admin_build!
 
-  layout 'project_settings'
-
-  def index
-    redirect_to project_settings_ci_cd_path(@project)
-  end
-
   def show
+    respond_to do |format|
+      format.json do
+        render status: :ok, json: { variables: VariableSerializer.new.represent(@project.variables) }
+      end
+    end
   end
 
   def update
-    if variable.update(variable_params)
-      redirect_to project_variables_path(project),
-                  notice: 'Variable was successfully updated.'
+    if @project.update(variables_params)
+      respond_to do |format|
+        format.json { return render_variables }
+      end
     else
-      render "show"
+      respond_to do |format|
+        format.json { render_error }
+      end
     end
   end
 
-  def create
-    @variable = project.variables.create(variable_params)
-      .present(current_user: current_user)
+  private
 
-    if @variable.persisted?
-      redirect_to project_settings_ci_cd_path(project),
-                  notice: 'Variable was successfully created.'
-    else
-      render "show"
-    end
+  def render_variables
+    render status: :ok, json: { variables: VariableSerializer.new.represent(@project.variables) }
   end
 
-  def destroy
-    if variable.destroy
-      redirect_to project_settings_ci_cd_path(project),
-                  status: 302,
-                  notice: 'Variable was successfully removed.'
-    else
-      redirect_to project_settings_ci_cd_path(project),
-                  status: 302,
-                  notice: 'Failed to remove the variable.'
-    end
+  def render_error
+    render status: :bad_request, json: @project.errors.full_messages
   end
 
-  private
-
-  def variable_params
-    params.require(:variable).permit(*variable_params_attributes)
+  def variables_params
+    params.permit(variables_attributes: [*variable_params_attributes])
   end
 
   def variable_params_attributes
     %i[id key value protected _destroy]
   end
-
-  def variable
-    @variable ||= project.variables.find(params[:id]).present(current_user: current_user)
-  end
 end
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index fde96cbd35d..c4930d3d18d 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -76,9 +76,9 @@ class Projects::WikisController < Projects::ApplicationController
     @page = @project_wiki.find_page(params[:id])
 
     if @page
-      @page_versions = Kaminari.paginate_array(@page.versions(page: params[:page]),
+      @page_versions = Kaminari.paginate_array(@page.versions(page: params[:page].to_i),
                                                total_count: @page.count_versions)
-                               .page(params[:page])
+        .page(params[:page])
     else
       redirect_to(
         project_wiki_path(@project, :home),