Merge remote-tracking branch 'origin/master' into 39549-label-list-page-redesign-with-draggable-labels

author: Luke Bennett <lukeeeebennettplus@gmail.com> 2018-06-06 10:50:13 +0300
committer: Luke Bennett <lukeeeebennettplus@gmail.com> 2018-06-06 10:50:13 +0300
commit: 0af7333ef9bea81f2a9d45f14a2ed4518b383d6d (patch)
tree: eda1fc06f17a7a3f657f6d52449a0bbc3cc664fd /app/controllers
parent: bb7f44aa8cf61d590bf45efb20c4ce19234ce03d (diff)
parent: a93e34acc3e52ccf81369d3345faaa48fee08581 (diff)
6 files changed, 22 insertions, 8 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index db8a8cdc0d2..bc60a0a02e8 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -130,12 +130,17 @@ class ApplicationController < ActionController::Base
   end
 
   def access_denied!(message = nil)
+    # If we display a custom access denied message to the user, we don't want to
+    # hide existence of the resource, rather tell them they cannot access it using
+    # the provided message
+    status = message.present? ? :forbidden : :not_found
+
     respond_to do |format|
-      format.any { head :not_found }
+      format.any { head status }
       format.html do
         render "errors/access_denied",
                layout: "errors",
-               status: 404,
+               status: status,
                locals: { message: message }
       end
     end
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb
index ef3eba80154..ef5d5e5c742 100644
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -3,8 +3,12 @@ class Groups::GroupMembersController < Groups::ApplicationController
   include MembersPresentation
   include SortingHelper
 
+  def self.admin_not_required_endpoints
+    %i[index leave request_access]
+  end
+
   # Authorize
-  before_action :authorize_admin_group_member!, except: [:index, :leave, :request_access]
+  before_action :authorize_admin_group_member!, except: admin_not_required_endpoints
 
   skip_cross_project_access_check :index, :create, :update, :destroy, :request_access,
                                   :approve_access_request, :leave, :resend_invite,
diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb
index 5903689dc62..9bd51de7e97 100644
--- a/app/controllers/groups/milestones_controller.rb
+++ b/app/controllers/groups/milestones_controller.rb
@@ -76,12 +76,15 @@ class Groups::MilestonesController < Groups::ApplicationController
 
   def milestones
     milestones = MilestonesFinder.new(search_params).execute
-    legacy_milestones = GroupMilestone.build_collection(group, group_projects, params)
 
     @sort = params[:sort] || 'due_date_asc'
     MilestoneArray.sort(milestones + legacy_milestones, @sort)
   end
 
+  def legacy_milestones
+    GroupMilestone.build_collection(group, group_projects, params)
+  end
+
   def milestone
     @milestone =
       if params[:title]
diff --git a/app/controllers/projects/merge_requests/application_controller.rb b/app/controllers/projects/merge_requests/application_controller.rb
index 29632bef7e5..8e4aeec16dc 100644
--- a/app/controllers/projects/merge_requests/application_controller.rb
+++ b/app/controllers/projects/merge_requests/application_controller.rb
@@ -15,7 +15,7 @@ class Projects::MergeRequests::ApplicationController < Projects::ApplicationCont
 
   def merge_request_params_attributes
     [
-      :allow_maintainer_to_push,
+      :allow_collaboration,
       :assignee_id,
       :description,
       :force_remove_source_branch,
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index 6b40fc2fe68..768595ceeb4 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -23,8 +23,6 @@ class Projects::PipelinesController < Projects::ApplicationController
     @finished_count = limited_pipelines_count(project, 'finished')
     @pipelines_count = limited_pipelines_count(project)
 
-    Gitlab::Ci::Pipeline::Preloader.preload(@pipelines)
-
     respond_to do |format|
       format.html
       format.json do
@@ -34,7 +32,7 @@ class Projects::PipelinesController < Projects::ApplicationController
           pipelines: PipelineSerializer
             .new(project: @project, current_user: @current_user)
             .with_pagination(request, response)
-            .represent(@pipelines, disable_coverage: true),
+            .represent(@pipelines, disable_coverage: true, preload: true),
           count: {
             all: @pipelines_count,
             running: @running_count,
diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb
index ab685b9106e..f7c6d1d59db 100644
--- a/app/controllers/users/terms_controller.rb
+++ b/app/controllers/users/terms_controller.rb
@@ -13,6 +13,10 @@ module Users
 
     def index
       @redirect = redirect_path
+
+      if @term.accepted_by_user?(current_user)
+        flash.now[:notice] = "You have already accepted the Terms of Service as #{current_user.to_reference}"
+      end
     end
 
     def accept
author	Luke Bennett <lukeeeebennettplus@gmail.com>	2018-06-06 10:50:13 +0300
committer	Luke Bennett <lukeeeebennettplus@gmail.com>	2018-06-06 10:50:13 +0300
commit	0af7333ef9bea81f2a9d45f14a2ed4518b383d6d (patch)
tree	eda1fc06f17a7a3f657f6d52449a0bbc3cc664fd /app/controllers
parent	bb7f44aa8cf61d590bf45efb20c4ce19234ce03d (diff)
parent	a93e34acc3e52ccf81369d3345faaa48fee08581 (diff)