diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-19 10:33:21 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-19 10:33:21 +0300 |
| commit | 36a59d088eca61b834191dacea009677a96c052f (patch) | |
| tree | e4f33972dab5d8ef79e3944a9f403035fceea43f /app/controllers | |
| parent | a1761f15ec2cae7c7f7bbda39a75494add0dfd6f (diff) | |
Add latest changes from gitlab-org/gitlab@15-0-stable-eev15.0.0-rc42
Diffstat (limited to 'app/controllers')
172 files changed, 504 insertions, 536 deletions
diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 75d1e4bf6a0..253fca0a253 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -27,6 +27,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController feature_category :source_code_management, [:repository, :clear_repository_check_states] feature_category :continuous_integration, [:ci_cd, :reset_registration_token] + urgency :low, [:ci_cd, :reset_registration_token] feature_category :service_ping, [:usage_data, :service_usage_data] feature_category :integrations, [:integrations] feature_category :pages, [:lets_encrypt_terms_of_service] @@ -53,7 +54,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController end def service_usage_data - @service_ping_data_present = Rails.cache.exist?('usage_data') + @service_ping_data_present = prerecorded_service_ping_data.present? end def update @@ -63,7 +64,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController def usage_data respond_to do |format| format.html do - usage_data_json = Gitlab::Json.pretty_generate(Gitlab::Usage::ServicePingReport.for(output: :all_metrics_values, cached: true)) + usage_data_json = Gitlab::Json.pretty_generate(service_ping_data) render html: Gitlab::Highlight.highlight('payload.json', usage_data_json, language: 'json') end @@ -71,7 +72,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController format.json do Gitlab::UsageDataCounters::ServiceUsageDataCounter.count(:download_payload_click) - render json: Gitlab::Usage::ServicePingReport.for(output: :all_metrics_values, cached: true).to_json + render json: service_ping_data.to_json end end end @@ -255,6 +256,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController :raw_blob_request_limit, :issues_create_limit, :notes_create_limit, + :pipeline_limit_per_project_user_sha, :default_branch_name, disabled_oauth_sign_in_sources: [], import_sources: [], @@ -306,6 +308,14 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController def valid_setting_panels VALID_SETTING_PANELS end + + def service_ping_data + prerecorded_service_ping_data || Gitlab::Usage::ServicePingReport.for(output: :all_metrics_values) + end + + def prerecorded_service_ping_data + Rails.cache.fetch(Gitlab::Usage::ServicePingReport::CACHE_KEY) || ::RawUsageData.for_current_reporting_cycle.first&.payload + end end Admin::ApplicationSettingsController.prepend_mod_with('Admin::ApplicationSettingsController') diff --git a/app/controllers/admin/applications_controller.rb b/app/controllers/admin/applications_controller.rb index 83413afb6b7..a6a21cf3649 100644 --- a/app/controllers/admin/applications_controller.rb +++ b/app/controllers/admin/applications_controller.rb @@ -19,10 +19,7 @@ class Admin::ApplicationsController < Admin::ApplicationController end def new - # Default access tokens to expire. This preserves backward compatibility - # with existing applications. This will be removed in 15.0. - # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848 - @application = Doorkeeper::Application.new(expire_access_tokens: true) + @application = Doorkeeper::Application.new end def edit diff --git a/app/controllers/admin/background_migrations_controller.rb b/app/controllers/admin/background_migrations_controller.rb index 42b89a3317e..c6c9e0ced22 100644 --- a/app/controllers/admin/background_migrations_controller.rb +++ b/app/controllers/admin/background_migrations_controller.rb @@ -2,6 +2,9 @@ class Admin::BackgroundMigrationsController < Admin::ApplicationController feature_category :database + urgency :low + + around_action :support_multiple_databases def index @relations_by_tab = { @@ -13,6 +16,13 @@ class Admin::BackgroundMigrationsController < Admin::ApplicationController @current_tab = @relations_by_tab.key?(params[:tab]) ? params[:tab] : 'queued' @migrations = @relations_by_tab[@current_tab].page(params[:page]) @successful_rows_counts = batched_migration_class.successful_rows_counts(@migrations.map(&:id)) + @databases = Gitlab::Database.db_config_names + end + + def show + @migration = batched_migration_class.find(params[:id]) + + @failed_jobs = @migration.batched_jobs.with_status(:failed).page(params[:page]) end def pause @@ -38,6 +48,18 @@ class Admin::BackgroundMigrationsController < Admin::ApplicationController private + def support_multiple_databases + Gitlab::Database::SharedModel.using_connection(base_model.connection) do + yield + end + end + + def base_model + @selected_database = params[:database] || Gitlab::Database::MAIN_DATABASE_NAME + + Gitlab::Database.database_base_models[@selected_database] + end + def batched_migration_class @batched_migration_class ||= Gitlab::Database::BackgroundMigration::BatchedMigration end diff --git a/app/controllers/admin/batched_jobs_controller.rb b/app/controllers/admin/batched_jobs_controller.rb new file mode 100644 index 00000000000..0a00ba13dc8 --- /dev/null +++ b/app/controllers/admin/batched_jobs_controller.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +class Admin::BatchedJobsController < Admin::ApplicationController + feature_category :database + urgency :low + + around_action :support_multiple_databases + + def show + @job = Gitlab::Database::BackgroundMigration::BatchedJob.find(params[:id]) + + @transition_logs = @job.batched_job_transition_logs + end + + private + + def support_multiple_databases + Gitlab::Database::SharedModel.using_connection(base_model.connection) do + yield + end + end + + def base_model + @selected_database = params[:database] || Gitlab::Database::MAIN_DATABASE_NAME + + Gitlab::Database.database_base_models[@selected_database] + end +end diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb index ed63e65d4df..b24b25446b0 100644 --- a/app/controllers/admin/deploy_keys_controller.rb +++ b/app/controllers/admin/deploy_keys_controller.rb @@ -5,6 +5,7 @@ class Admin::DeployKeysController < Admin::ApplicationController before_action :deploy_key, only: [:destroy, :edit, :update] feature_category :continuous_delivery + urgency :low def index end diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb index 9abb244bc92..4d163824ef6 100644 --- a/app/controllers/admin/groups_controller.rb +++ b/app/controllers/admin/groups_controller.rb @@ -61,7 +61,7 @@ class Admin::GroupsController < Admin::ApplicationController end def members_update - member_params = params.permit(:user_ids, :access_level, :expires_at) + member_params = params.permit(:user_id, :access_level, :expires_at) result = Members::CreateService.new(current_user, member_params.merge(limit: -1, source: @group, invite_source: 'admin-group-page')).execute if result[:status] == :success diff --git a/app/controllers/admin/jobs_controller.rb b/app/controllers/admin/jobs_controller.rb index b800ca79d6b..ef9264d1615 100644 --- a/app/controllers/admin/jobs_controller.rb +++ b/app/controllers/admin/jobs_controller.rb @@ -4,6 +4,7 @@ class Admin::JobsController < Admin::ApplicationController BUILDS_PER_PAGE = 30 feature_category :continuous_integration + urgency :low def index # We need all builds for tabs counters diff --git a/app/controllers/admin/labels_controller.rb b/app/controllers/admin/labels_controller.rb index 822b7a93c9c..4747f3c5dea 100644 --- a/app/controllers/admin/labels_controller.rb +++ b/app/controllers/admin/labels_controller.rb @@ -4,6 +4,7 @@ class Admin::LabelsController < Admin::ApplicationController before_action :set_label, only: [:show, :edit, :update, :destroy] feature_category :team_planning + urgency :low def index @labels = Label.templates.page(params[:page]) diff --git a/app/controllers/admin/requests_profiles_controller.rb b/app/controllers/admin/requests_profiles_controller.rb deleted file mode 100644 index b60cb7ff9c2..00000000000 --- a/app/controllers/admin/requests_profiles_controller.rb +++ /dev/null @@ -1,21 +0,0 @@ -# frozen_string_literal: true - -class Admin::RequestsProfilesController < Admin::ApplicationController - feature_category :not_owned # rubocop:todo Gitlab/AvoidFeatureCategoryNotOwned - - def index - @profile_token = Gitlab::RequestProfiler.profile_token - @profiles = Gitlab::RequestProfiler.all.group_by(&:request_path) - end - - def show - clean_name = Rack::Utils.clean_path_info(params[:name]) - profile = Gitlab::RequestProfiler.find(clean_name) - - unless profile && profile.content_type - return redirect_to admin_requests_profiles_path, alert: 'Profile not found' - end - - send_file profile.file_path, type: "#{profile.content_type}; charset=utf-8", disposition: 'inline' - end -end diff --git a/app/controllers/admin/runner_projects_controller.rb b/app/controllers/admin/runner_projects_controller.rb index a4055cbe990..0165c6471db 100644 --- a/app/controllers/admin/runner_projects_controller.rb +++ b/app/controllers/admin/runner_projects_controller.rb @@ -4,6 +4,7 @@ class Admin::RunnerProjectsController < Admin::ApplicationController before_action :project, only: [:create] feature_category :runner + urgency :low def create @runner = Ci::Runner.find(params[:runner_project][:runner_id]) diff --git a/app/controllers/admin/runners_controller.rb b/app/controllers/admin/runners_controller.rb index 06880ace899..02e33baaf07 100644 --- a/app/controllers/admin/runners_controller.rb +++ b/app/controllers/admin/runners_controller.rb @@ -5,24 +5,20 @@ class Admin::RunnersController < Admin::ApplicationController before_action :runner, except: [:index, :tag_list, :runner_setup_scripts] before_action only: [:index] do - push_frontend_feature_flag(:admin_runners_bulk_delete, default_enabled: :yaml) + push_frontend_feature_flag(:admin_runners_bulk_delete) end feature_category :runner + urgency :low def index end def show - # We will show runner details in a read-only view in - # future iterations. For now, this route will have a - # redirect until this new view is developed. See more: - # https://gitlab.com/gitlab-org/gitlab/-/issues/347856 - redirect_to edit_admin_runner_path(runner) unless Feature.enabled?(:runner_read_only_admin_view, default_enabled: :yaml) end def edit - assign_builds_and_projects + assign_projects end def update @@ -31,7 +27,7 @@ class Admin::RunnersController < Admin::ApplicationController format.html { redirect_to edit_admin_runner_path(@runner) } end else - assign_builds_and_projects + assign_projects render 'show' end end @@ -87,12 +83,7 @@ class Admin::RunnersController < Admin::ApplicationController end # rubocop: disable CodeReuse/ActiveRecord - def assign_builds_and_projects - @builds = runner - .builds - .order_id_desc - .preload_project_and_pipeline_project.first(30) - + def assign_projects @projects = if params[:search].present? ::Project.search(params[:search]) diff --git a/app/controllers/admin/sessions_controller.rb b/app/controllers/admin/sessions_controller.rb index 9c378f4c883..63579421573 100644 --- a/app/controllers/admin/sessions_controller.rb +++ b/app/controllers/admin/sessions_controller.rb @@ -68,7 +68,7 @@ class Admin::SessionsController < ApplicationController def valid_otp_attempt?(user) otp_validation_result = - ::Users::ValidateOtpService.new(user).execute(user_params[:otp_attempt]) + ::Users::ValidateManualOtpService.new(user).execute(user_params[:otp_attempt]) valid_otp_attempt = otp_validation_result[:status] == :success return valid_otp_attempt if Gitlab::Database.read_only? diff --git a/app/controllers/admin/topics_controller.rb b/app/controllers/admin/topics_controller.rb index ccc38ba7cd5..908313bdb83 100644 --- a/app/controllers/admin/topics_controller.rb +++ b/app/controllers/admin/topics_controller.rb @@ -51,7 +51,8 @@ class Admin::TopicsController < Admin::ApplicationController [ :avatar, :description, - :name + :name, + :title ] end end diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index f19333d5d57..6b11b8eda5c 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -372,7 +372,7 @@ class Admin::UsersController < Admin::ApplicationController end def check_ban_user_feature_flag - access_denied! unless Feature.enabled?(:ban_user_feature_flag, default_enabled: :yaml) + access_denied! unless Feature.enabled?(:ban_user_feature_flag) end def log_impersonation_event diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 572ec40ef16..4fc96752507 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -286,6 +286,13 @@ class ApplicationController < ActionController::Base end end + def render_409(message = nil) + respond_to do |format| + format.html { render template: "errors/request_conflict", formats: :html, layout: "errors", status: :conflict, locals: { message: message } } + format.any { head :conflict } + end + end + def respond_422 head :unprocessable_entity end diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb index 663e3cf8648..f84d2ed320d 100644 --- a/app/controllers/autocomplete_controller.rb +++ b/app/controllers/autocomplete_controller.rb @@ -12,8 +12,9 @@ class AutocompleteController < ApplicationController feature_category :code_review, [:merge_request_target_branches] feature_category :continuous_delivery, [:deploy_keys_with_owners] - urgency :low, [:merge_request_target_branches] - urgency :default, [:users] + urgency :low, [:merge_request_target_branches, :deploy_keys_with_owners, :users] + urgency :low, [:award_emojis] + urgency :medium, [:projects] def users group = Autocomplete::GroupFinder diff --git a/app/controllers/boards/issues_controller.rb b/app/controllers/boards/issues_controller.rb index e7ae941886d..11377df7a10 100644 --- a/app/controllers/boards/issues_controller.rb +++ b/app/controllers/boards/issues_controller.rb @@ -22,6 +22,7 @@ module Boards before_action :can_move_issues?, only: [:bulk_move] feature_category :team_planning + urgency :low def index list_service = Boards::Issues::ListService.new(board_parent, current_user, filter_params) diff --git a/app/controllers/boards/lists_controller.rb b/app/controllers/boards/lists_controller.rb index 696b251301f..c3b5a887920 100644 --- a/app/controllers/boards/lists_controller.rb +++ b/app/controllers/boards/lists_controller.rb @@ -9,6 +9,7 @@ module Boards skip_before_action :authenticate_user!, only: [:index] feature_category :team_planning + urgency :low def index lists = Boards::Lists::ListService.new(board.resource_parent, current_user).execute(board) diff --git a/app/controllers/clusters/base_controller.rb b/app/controllers/clusters/base_controller.rb index f88d381b3bf..2401d8b1044 100644 --- a/app/controllers/clusters/base_controller.rb +++ b/app/controllers/clusters/base_controller.rb @@ -9,6 +9,10 @@ class Clusters::BaseController < ApplicationController helper_method :clusterable feature_category :kubernetes_management + urgency :low, [ + :index, :show, :environments, :cluster_status, :prometheus_proxy, + :destroy, :new_cluster_docs, :connect, :new, :create_user + ] private diff --git a/app/controllers/clusters/clusters_controller.rb b/app/controllers/clusters/clusters_controller.rb index 939c0ef220c..ae3b6125bde 100644 --- a/app/controllers/clusters/clusters_controller.rb +++ b/app/controllers/clusters/clusters_controller.rb @@ -6,12 +6,9 @@ class Clusters::ClustersController < Clusters::BaseController include MetricsDashboard before_action :cluster, only: [:cluster_status, :show, :update, :destroy, :clear_cache] - before_action :generate_gcp_authorize_url, only: [:new] - before_action :validate_gcp_token, only: [:new] - before_action :gcp_cluster, only: [:new] - before_action :user_cluster, only: [:new, :connect] + before_action :user_cluster, only: [:connect] before_action :authorize_read_cluster!, only: [:show, :index] - before_action :authorize_create_cluster!, only: [:new, :connect, :authorize_aws_role] + before_action :authorize_create_cluster!, only: [:connect, :authorize_aws_role] before_action :authorize_update_cluster!, only: [:update] before_action :update_applications_status, only: [:cluster_status] before_action :ensure_feature_enabled!, except: [:index, :new_cluster_docs] @@ -46,16 +43,6 @@ class Clusters::ClustersController < Clusters::BaseController end end - def new - if params[:provider] == 'aws' - @aws_role = Aws::Role.create_or_find_by!(user: current_user) - @instance_types = load_instance_types.to_json - - elsif params[:provider] == 'gcp' - redirect_to @authorize_url if @authorize_url && !@valid_gcp_token - end - end - # Overridding ActionController::Metal#status is NOT a good idea def cluster_status respond_to do |format| @@ -108,24 +95,6 @@ class Clusters::ClustersController < Clusters::BaseController redirect_to clusterable.index_path, status: :found end - def create_gcp - @gcp_cluster = ::Clusters::CreateService - .new(current_user, create_gcp_cluster_params) - .execute(access_token: token_in_session) - .present(current_user: current_user) - - if @gcp_cluster.persisted? - redirect_to @gcp_cluster.show_path - else - generate_gcp_authorize_url - validate_gcp_token - user_cluster - params[:provider] = 'gcp' - - render :new, locals: { active_tab: 'create' } - end - end - def create_aws @aws_cluster = ::Clusters::CreateService .new(current_user, create_aws_cluster_params) @@ -173,16 +142,12 @@ class Clusters::ClustersController < Clusters::BaseController private - def certificate_based_clusters_enabled? - Feature.enabled?(:certificate_based_clusters, clusterable, default_enabled: :yaml, type: :ops) - end - def ensure_feature_enabled! - render_404 unless certificate_based_clusters_enabled? + render_404 unless clusterable.certificate_based_clusters_enabled? end def cluster_list - return [] unless certificate_based_clusters_enabled? + return [] unless clusterable.certificate_based_clusters_enabled? finder = ClusterAncestorsFinder.new(clusterable.__subject__, current_user) clusters = finder.execute @@ -239,24 +204,6 @@ class Clusters::ClustersController < Clusters::BaseController end end - def create_gcp_cluster_params - params.require(:cluster).permit( - *base_permitted_cluster_params, - :name, - provider_gcp_attributes: [ - :gcp_project_id, - :zone, - :num_nodes, - :machine_type, - :cloud_run, - :legacy_abac - ]).merge( - provider_type: :gcp, - platform_type: :kubernetes, - clusterable: clusterable.__subject__ - ) - end - def create_aws_cluster_params params.require(:cluster).permit( *base_permitted_cluster_params, @@ -300,10 +247,10 @@ class Clusters::ClustersController < Clusters::BaseController end def generate_gcp_authorize_url - new_path = clusterable.new_path(provider: :gcp).to_s - error_path = @project ? project_clusters_path(@project) : new_path + connect_path = clusterable.connect_path().to_s + error_path = @project ? project_clusters_path(@project) : connect_path - state = generate_session_key_redirect(new_path, error_path) + state = generate_session_key_redirect(connect_path, error_path) @authorize_url = GoogleApi::CloudPlatform::Client.new( nil, callback_google_api_auth_url, diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index 14dcec33545..4228a93d310 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -23,9 +23,9 @@ module AuthenticatesWithTwoFactor session[:otp_user_id] = user.id session[:user_password_hash] = Digest::SHA256.hexdigest(user.encrypted_password) - push_frontend_feature_flag(:webauthn, default_enabled: :yaml) + push_frontend_feature_flag(:webauthn) - if Feature.enabled?(:webauthn, default_enabled: :yaml) + if Feature.enabled?(:webauthn) setup_webauthn_authentication(user) else setup_u2f_authentication(user) diff --git a/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb b/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb index 05be04059fd..574fc6c0f37 100644 --- a/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb +++ b/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb @@ -11,7 +11,7 @@ module AuthenticatesWithTwoFactorForAdminMode return handle_locked_user(user) unless user.can?(:log_in) session[:otp_user_id] = user.id - push_frontend_feature_flag(:webauthn, default_enabled: :yaml) + push_frontend_feature_flag(:webauthn) if user.two_factor_webauthn_enabled? setup_webauthn_authentication(user) diff --git a/app/controllers/concerns/dependency_proxy/group_access.rb b/app/controllers/concerns/dependency_proxy/group_access.rb index 44611641529..45392625e45 100644 --- a/app/controllers/concerns/dependency_proxy/group_access.rb +++ b/app/controllers/concerns/dependency_proxy/group_access.rb @@ -18,9 +18,5 @@ module DependencyProxy def authorize_read_dependency_proxy! access_denied! unless can?(auth_user, :read_dependency_proxy, group) end - - def authorize_admin_dependency_proxy! - access_denied! unless can?(auth_user, :admin_dependency_proxy, group) - end end end diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb index ae90bd59d01..4d3eb9cd183 100644 --- a/app/controllers/concerns/issuable_actions.rb +++ b/app/controllers/concerns/issuable_actions.rb @@ -184,7 +184,7 @@ module IssuableActions def paginated_discussions return if params[:per_page].blank? - return unless issuable.instance_of?(Issue) && Feature.enabled?(:paginated_issue_discussions, project, default_enabled: :yaml) + return unless issuable.instance_of?(Issue) && Feature.enabled?(:paginated_issue_discussions, project) strong_memoize(:paginated_discussions) do issuable diff --git a/app/controllers/concerns/notes_actions.rb b/app/controllers/concerns/notes_actions.rb index 8410a8779f6..55b6747fcfb 100644 --- a/app/controllers/concerns/notes_actions.rb +++ b/app/controllers/concerns/notes_actions.rb @@ -65,7 +65,7 @@ module NotesActions json.merge!(note_json(@note)) end - if @note.errors.present? && @note.errors.attribute_names != [:commands_only] + if @note.errors.present? && @note.errors.attribute_names != [:commands_only, :command_names] render json: json, status: :unprocessable_entity else render json: json diff --git a/app/controllers/concerns/oauth_applications.rb b/app/controllers/concerns/oauth_applications.rb index 794307ebb0c..8e63cc391ff 100644 --- a/app/controllers/concerns/oauth_applications.rb +++ b/app/controllers/concerns/oauth_applications.rb @@ -30,7 +30,7 @@ module OauthApplications end def permitted_params - %i{name redirect_uri scopes confidential expire_access_tokens} + %i{name redirect_uri scopes confidential} end def application_params diff --git a/app/controllers/concerns/product_analytics_tracking.rb b/app/controllers/concerns/product_analytics_tracking.rb index 03296d6b233..4021ff83578 100644 --- a/app/controllers/concerns/product_analytics_tracking.rb +++ b/app/controllers/concerns/product_analytics_tracking.rb @@ -20,7 +20,7 @@ module ProductAnalyticsTracking def route_events_to(destinations, name, &block) track_unique_redis_hll_event(name, &block) if destinations.include?(:redis_hll) - if destinations.include?(:snowplow) && Feature.enabled?(:route_hll_to_snowplow, tracking_namespace_source, default_enabled: :yaml) + if destinations.include?(:snowplow) && Feature.enabled?(:route_hll_to_snowplow, tracking_namespace_source) Gitlab::Tracking.event(self.class.to_s, name, namespace: tracking_namespace_source, user: current_user) end end diff --git a/app/controllers/concerns/send_file_upload.rb b/app/controllers/concerns/send_file_upload.rb index 8b053ef7c59..c8369c465b8 100644 --- a/app/controllers/concerns/send_file_upload.rb +++ b/app/controllers/concerns/send_file_upload.rb @@ -71,6 +71,6 @@ module SendFileUpload end def scaling_allowed_by_feature_flags?(file_upload) - Feature.enabled?(:dynamic_image_resizing, default_enabled: true, type: :ops) + Feature.enabled?(:dynamic_image_resizing, type: :ops) end end diff --git a/app/controllers/concerns/uploads_actions.rb b/app/controllers/concerns/uploads_actions.rb index c9b6e8923fe..f914e804e18 100644 --- a/app/controllers/concerns/uploads_actions.rb +++ b/app/controllers/concerns/uploads_actions.rb @@ -143,11 +143,17 @@ module UploadsActions end def bypass_auth_checks_on_uploads? - if ::Feature.enabled?(:enforce_auth_checks_on_uploads, project, default_enabled: :yaml) - false - else - action_name == 'show' && embeddable? + if ::Feature.enabled?(:enforce_auth_checks_on_uploads, target_project) + if target_project && !target_project.public? && target_project.enforce_auth_checks_on_uploads? + return false + end end + + action_name == 'show' && embeddable? + end + + def target_project + nil end def find_model diff --git a/app/controllers/concerns/wiki_actions.rb b/app/controllers/concerns/wiki_actions.rb index 91de1d8aeae..9fc8886aaee 100644 --- a/app/controllers/concerns/wiki_actions.rb +++ b/app/controllers/concerns/wiki_actions.rb @@ -21,6 +21,10 @@ module WikiActions before_action :load_sidebar, except: [:pages] before_action :set_content_class + before_action do + push_frontend_feature_flag(:preserve_unchanged_markdown, @group) + end + before_action only: [:show, :edit, :update] do @valid_encoding = valid_encoding? end diff --git a/app/controllers/dashboard/groups_controller.rb b/app/controllers/dashboard/groups_controller.rb index 23ffcd50369..552d74686d6 100644 --- a/app/controllers/dashboard/groups_controller.rb +++ b/app/controllers/dashboard/groups_controller.rb @@ -7,6 +7,8 @@ class Dashboard::GroupsController < Dashboard::ApplicationController feature_category :subgroups + urgency :low, [:index] + def index groups = GroupsFinder.new(current_user, all_available: false).execute render_group_tree(groups) diff --git a/app/controllers/dashboard/labels_controller.rb b/app/controllers/dashboard/labels_controller.rb index d2f31258ecd..d23518cf051 100644 --- a/app/controllers/dashboard/labels_controller.rb +++ b/app/controllers/dashboard/labels_controller.rb @@ -2,6 +2,7 @@ class Dashboard::LabelsController < Dashboard::ApplicationController feature_category :team_planning + urgency :low def index respond_to do |format| diff --git a/app/controllers/dashboard/milestones_controller.rb b/app/controllers/dashboard/milestones_controller.rb index 34d9739d91c..2cb2d6bbe23 100644 --- a/app/controllers/dashboard/milestones_controller.rb +++ b/app/controllers/dashboard/milestones_controller.rb @@ -5,6 +5,7 @@ class Dashboard::MilestonesController < Dashboard::ApplicationController before_action :groups, only: :index feature_category :team_planning + urgency :low def index respond_to do |format| diff --git a/app/controllers/dashboard/projects_controller.rb b/app/controllers/dashboard/projects_controller.rb index 4d6c7a63516..0e4592259d8 100644 --- a/app/controllers/dashboard/projects_controller.rb +++ b/app/controllers/dashboard/projects_controller.rb @@ -15,6 +15,7 @@ class Dashboard::ProjectsController < Dashboard::ApplicationController skip_cross_project_access_check :index, :starred feature_category :projects + urgency :low, [:starred, :index] def index respond_to do |format| diff --git a/app/controllers/dashboard/todos_controller.rb b/app/controllers/dashboard/todos_controller.rb index 2c5e6817427..d2434d4b0ba 100644 --- a/app/controllers/dashboard/todos_controller.rb +++ b/app/controllers/dashboard/todos_controller.rb @@ -9,6 +9,7 @@ class Dashboard::TodosController < Dashboard::ApplicationController before_action :find_todos, only: [:index, :destroy_all] feature_category :team_planning + urgency :low def index @sort = params[:sort] @@ -98,6 +99,14 @@ class Dashboard::TodosController < Dashboard::ApplicationController end def todo_params - params.permit(:action_id, :author_id, :project_id, :type, :sort, :state, :group_id) + aliased_action_id( + params.permit(:action_id, :author_id, :project_id, :type, :sort, :state, :group_id) + ) + end + + def aliased_action_id(original_params) + return original_params unless original_params[:action_id].to_i == ::Todo::MENTIONED + + original_params.merge(action_id: [::Todo::MENTIONED, ::Todo::DIRECTLY_ADDRESSED]) end end diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb index f25cc1bbc32..82e5bb6cd7c 100644 --- a/app/controllers/dashboard_controller.rb +++ b/app/controllers/dashboard_controller.rb @@ -18,7 +18,8 @@ class DashboardController < Dashboard::ApplicationController feature_category :team_planning, [:issues, :issues_calendar] feature_category :code_review, [:merge_requests] - urgency :low, [:merge_requests] + urgency :low, [:merge_requests, :activity] + urgency :low, [:issues, :issues_calendar] def activity respond_to do |format| diff --git a/app/controllers/explore/groups_controller.rb b/app/controllers/explore/groups_controller.rb index aa4196b1c18..97791b43d41 100644 --- a/app/controllers/explore/groups_controller.rb +++ b/app/controllers/explore/groups_controller.rb @@ -4,6 +4,7 @@ class Explore::GroupsController < Explore::ApplicationController include GroupTree feature_category :subgroups + urgency :low def index render_group_tree GroupsFinder.new(current_user).execute diff --git a/app/controllers/explore/projects_controller.rb b/app/controllers/explore/projects_controller.rb index 23e0143506e..34745815f3d 100644 --- a/app/controllers/explore/projects_controller.rb +++ b/app/controllers/explore/projects_controller.rb @@ -24,9 +24,9 @@ class Explore::ProjectsController < Explore::ApplicationController rescue_from PageOutOfBoundsError, with: :page_out_of_bounds feature_category :projects - # TODO: Set higher urgency after addressing https://gitlab.com/gitlab-org/gitlab/-/issues/357913 - urgency :low, [:index] + # and https://gitlab.com/gitlab-org/gitlab/-/issues/358945 + urgency :low, [:index, :topics, :trending, :starred, :topic] def index show_alert_if_search_is_disabled diff --git a/app/controllers/google_api/authorizations_controller.rb b/app/controllers/google_api/authorizations_controller.rb index b9c5e87c69c..5080ee5fbbe 100644 --- a/app/controllers/google_api/authorizations_controller.rb +++ b/app/controllers/google_api/authorizations_controller.rb @@ -7,6 +7,7 @@ module GoogleApi before_action :validate_session_key! feature_category :kubernetes_management + urgency :low ## # handle the response from google after the user diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb index b00d85b6b0f..c71c101b434 100644 --- a/app/controllers/graphql_controller.rb +++ b/app/controllers/graphql_controller.rb @@ -64,7 +64,7 @@ class GraphqlController < ApplicationController log_exception(exception) if Rails.env.test? || Rails.env.development? - render_error("Internal server error: #{exception.message}") + render_error("Internal server error: #{exception.message}", raised_at: exception.backtrace[0..10].join(' <-- ')) else render_error("Internal server error") end @@ -207,8 +207,9 @@ class GraphqlController < ApplicationController render_error("Not found!", status: :not_found) end - def render_error(message, status: 500) + def render_error(message, status: 500, raised_at: nil) error = { errors: [message: message] } + error[:errors].first['raisedAt'] = raised_at if raised_at render json: error, status: status end diff --git a/app/controllers/groups/autocomplete_sources_controller.rb b/app/controllers/groups/autocomplete_sources_controller.rb index 17cdcd9cb9b..a2eb475d360 100644 --- a/app/controllers/groups/autocomplete_sources_controller.rb +++ b/app/controllers/groups/autocomplete_sources_controller.rb @@ -5,6 +5,7 @@ class Groups::AutocompleteSourcesController < Groups::ApplicationController feature_category :team_planning, [:issues, :labels, :milestones, :commands] feature_category :code_review, [:merge_requests] + urgency :low, [:issues, :labels, :milestones, :commands] urgency :low, [:merge_requests] def members diff --git a/app/controllers/groups/boards_controller.rb b/app/controllers/groups/boards_controller.rb index c65232c0fea..0fbceb43be1 100644 --- a/app/controllers/groups/boards_controller.rb +++ b/app/controllers/groups/boards_controller.rb @@ -7,8 +7,8 @@ class Groups::BoardsController < Groups::ApplicationController before_action :assign_endpoint_vars before_action do - push_frontend_feature_flag(:board_multi_select, group, default_enabled: :yaml) - push_frontend_feature_flag(:realtime_labels, group, default_enabled: :yaml) + push_frontend_feature_flag(:board_multi_select, group) + push_frontend_feature_flag(:realtime_labels, group) experiment(:prominent_create_board_btn, subject: current_user) do |e| e.control { } e.candidate { } @@ -16,6 +16,7 @@ class Groups::BoardsController < Groups::ApplicationController end feature_category :team_planning + urgency :low private diff --git a/app/controllers/groups/crm/contacts_controller.rb b/app/controllers/groups/crm/contacts_controller.rb index b59e20d9cea..5bc927911c1 100644 --- a/app/controllers/groups/crm/contacts_controller.rb +++ b/app/controllers/groups/crm/contacts_controller.rb @@ -2,6 +2,7 @@ class Groups::Crm::ContactsController < Groups::ApplicationController feature_category :team_planning + urgency :low before_action :validate_root_group! before_action :authorize_read_crm_contact! diff --git a/app/controllers/groups/crm/organizations_controller.rb b/app/controllers/groups/crm/organizations_controller.rb index 846995ecba5..ef5ddcdbca6 100644 --- a/app/controllers/groups/crm/organizations_controller.rb +++ b/app/controllers/groups/crm/organizations_controller.rb @@ -2,6 +2,7 @@ class Groups::Crm::OrganizationsController < Groups::ApplicationController feature_category :team_planning + urgency :low before_action :validate_root_group! before_action :authorize_read_crm_organization! diff --git a/app/controllers/groups/dependency_proxies_controller.rb b/app/controllers/groups/dependency_proxies_controller.rb index 2e120de435e..8e134529c34 100644 --- a/app/controllers/groups/dependency_proxies_controller.rb +++ b/app/controllers/groups/dependency_proxies_controller.rb @@ -4,10 +4,10 @@ module Groups class DependencyProxiesController < Groups::ApplicationController include ::DependencyProxy::GroupAccess - before_action :authorize_admin_dependency_proxy!, only: :update before_action :verify_dependency_proxy_enabled! - feature_category :package_registry + feature_category :dependency_proxy + urgency :low private diff --git a/app/controllers/groups/dependency_proxy/application_controller.rb b/app/controllers/groups/dependency_proxy/application_controller.rb index 18a6ff93e15..f7337a3cdb1 100644 --- a/app/controllers/groups/dependency_proxy/application_controller.rb +++ b/app/controllers/groups/dependency_proxy/application_controller.rb @@ -16,8 +16,6 @@ module Groups prepend_before_action :authenticate_user_from_jwt_token! def authenticate_user_from_jwt_token! - return unless dependency_proxy_for_private_groups? - authenticate_with_http_token do |token, _| @authentication_result = EMPTY_AUTH_RESULT @@ -36,10 +34,6 @@ module Groups private - def dependency_proxy_for_private_groups? - Feature.enabled?(:dependency_proxy_for_private_groups, default_enabled: true) - end - def request_bearer_token! # unfortunately, we cannot use https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html#method-i-authentication_request response.headers['WWW-Authenticate'] = ::DependencyProxy::Registry.authenticate_header diff --git a/app/controllers/groups/dependency_proxy_auth_controller.rb b/app/controllers/groups/dependency_proxy_auth_controller.rb index 60b2371fa9a..03579d62ba9 100644 --- a/app/controllers/groups/dependency_proxy_auth_controller.rb +++ b/app/controllers/groups/dependency_proxy_auth_controller.rb @@ -2,6 +2,7 @@ class Groups::DependencyProxyAuthController < ::Groups::DependencyProxy::ApplicationController feature_category :dependency_proxy + urgency :low def authenticate render plain: '', status: :ok diff --git a/app/controllers/groups/dependency_proxy_for_containers_controller.rb b/app/controllers/groups/dependency_proxy_for_containers_controller.rb index 8513979c53b..2e9e0b12d2f 100644 --- a/app/controllers/groups/dependency_proxy_for_containers_controller.rb +++ b/app/controllers/groups/dependency_proxy_for_containers_controller.rb @@ -17,6 +17,7 @@ class Groups::DependencyProxyForContainersController < ::Groups::DependencyProxy attr_reader :token feature_category :dependency_proxy + urgency :low def manifest result = DependencyProxy::FindCachedManifestService.new(group, image, tag, token).execute diff --git a/app/controllers/groups/deploy_tokens_controller.rb b/app/controllers/groups/deploy_tokens_controller.rb index 9ef22aa33dc..5bab6f59a42 100644 --- a/app/controllers/groups/deploy_tokens_controller.rb +++ b/app/controllers/groups/deploy_tokens_controller.rb @@ -4,6 +4,7 @@ class Groups::DeployTokensController < Groups::ApplicationController before_action :authorize_destroy_deploy_token! feature_category :continuous_delivery + urgency :low def revoke Groups::DeployTokens::RevokeService.new(@group, current_user, params).execute diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 51778f31f65..d325bb402e7 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -21,6 +21,7 @@ class Groups::GroupMembersController < Groups::ApplicationController :override feature_category :subgroups + urgency :low def index push_frontend_feature_flag(:group_member_inherited_group, @group) diff --git a/app/controllers/groups/imports_controller.rb b/app/controllers/groups/imports_controller.rb index 7cf39e378db..a35237a706d 100644 --- a/app/controllers/groups/imports_controller.rb +++ b/app/controllers/groups/imports_controller.rb @@ -4,6 +4,7 @@ class Groups::ImportsController < Groups::ApplicationController include ContinueParams feature_category :importers + urgency :low def show if @group.import_state.nil? || @group.import_state.finished? diff --git a/app/controllers/groups/labels_controller.rb b/app/controllers/groups/labels_controller.rb index 7bcc8182bd6..2d821676677 100644 --- a/app/controllers/groups/labels_controller.rb +++ b/app/controllers/groups/labels_controller.rb @@ -10,6 +10,7 @@ class Groups::LabelsController < Groups::ApplicationController respond_to :html feature_category :team_planning + urgency :low def index respond_to do |format| diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index 75877cdef9c..494b8c5621d 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -7,6 +7,7 @@ class Groups::MilestonesController < Groups::ApplicationController before_action :authorize_admin_milestones!, only: [:edit, :new, :create, :update, :destroy] feature_category :team_planning + urgency :low def index respond_to do |format| diff --git a/app/controllers/groups/packages_controller.rb b/app/controllers/groups/packages_controller.rb index 1f3d80260ed..5d808d4c1c6 100644 --- a/app/controllers/groups/packages_controller.rb +++ b/app/controllers/groups/packages_controller.rb @@ -5,6 +5,7 @@ module Groups before_action :verify_packages_enabled! feature_category :package_registry + urgency :low # The show action renders index to allow frontend routing to work on page refresh def show diff --git a/app/controllers/groups/registry/repositories_controller.rb b/app/controllers/groups/registry/repositories_controller.rb index 549a148bfb8..cb7bf001918 100644 --- a/app/controllers/groups/registry/repositories_controller.rb +++ b/app/controllers/groups/registry/repositories_controller.rb @@ -8,7 +8,8 @@ module Groups before_action :verify_container_registry_enabled! before_action :authorize_read_container_image! - feature_category :package_registry + feature_category :container_registry + urgency :low def index respond_to do |format| diff --git a/app/controllers/groups/releases_controller.rb b/app/controllers/groups/releases_controller.rb index e87135cc104..c97947683dc 100644 --- a/app/controllers/groups/releases_controller.rb +++ b/app/controllers/groups/releases_controller.rb @@ -3,6 +3,7 @@ module Groups class ReleasesController < Groups::ApplicationController feature_category :release_evidence + urgency :low def index respond_to do |format| @@ -15,19 +16,11 @@ module Groups private def releases - if Feature.enabled?(:group_releases_finder_inoperator) - Releases::GroupReleasesFinder - .new(@group, current_user) - .execute(preload: false) - .page(params[:page]) - .per(30) - else - ReleasesFinder - .new(@group, current_user, { include_subgroups: true }) - .execute(preload: false) - .page(params[:page]) - .per(30) - end + Releases::GroupReleasesFinder + .new(@group, current_user) + .execute(preload: false) + .page(params[:page]) + .per(30) end end end diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb index a2be4d9d7e1..8d687bf3c2c 100644 --- a/app/controllers/groups/runners_controller.rb +++ b/app/controllers/groups/runners_controller.rb @@ -3,10 +3,10 @@ class Groups::RunnersController < Groups::ApplicationController before_action :authorize_read_group_runners!, only: [:index, :show] before_action :authorize_admin_group_runners!, only: [:edit, :update, :destroy, :pause, :resume] - before_action :runner_list_group_view_vue_ui_enabled, only: [:index] before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show] feature_category :runner + urgency :low def index finder = Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }) @@ -15,10 +15,6 @@ class Groups::RunnersController < Groups::ApplicationController Gitlab::Tracking.event(self.class.name, 'index', user: current_user, namespace: @group) end - def runner_list_group_view_vue_ui_enabled - render_404 unless Feature.enabled?(:runner_list_group_view_vue_ui, group, default_enabled: :yaml) - end - def show end @@ -33,32 +29,6 @@ class Groups::RunnersController < Groups::ApplicationController end end - def destroy - if can?(current_user, :delete_runner, @runner) - Ci::Runners::UnregisterRunnerService.new(@runner, current_user).execute - - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found - else - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found, alert: _('Runner cannot be deleted, please contact your administrator.') - end - end - - def resume - if Ci::Runners::UpdateRunnerService.new(@runner).update(active: true) - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), notice: _('Runner was successfully updated.') - else - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), alert: _('Runner was not updated.') - end - end - - def pause - if Ci::Runners::UpdateRunnerService.new(@runner).update(active: false) - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), notice: _('Runner was successfully updated.') - else - redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), alert: _('Runner was not updated.') - end - end - private def runner diff --git a/app/controllers/groups/settings/applications_controller.rb b/app/controllers/groups/settings/applications_controller.rb index 6388277e4dc..bfe61696e0f 100644 --- a/app/controllers/groups/settings/applications_controller.rb +++ b/app/controllers/groups/settings/applications_controller.rb @@ -57,10 +57,8 @@ module Groups # https://gitlab.com/gitlab-org/gitlab/-/issues/324187 @applications = @group.oauth_applications.limit(100) - # Default access tokens to expire. This preserves backward compatibility - # with existing applications. This will be removed in 15.0. - # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848 - @application ||= Doorkeeper::Application.new(expire_access_tokens: true) + # Don't overwrite a value possibly set by `create` + @application ||= Doorkeeper::Application.new end def set_application diff --git a/app/controllers/groups/settings/ci_cd_controller.rb b/app/controllers/groups/settings/ci_cd_controller.rb index 9b9e3f7b0bc..4b75cec19f7 100644 --- a/app/controllers/groups/settings/ci_cd_controller.rb +++ b/app/controllers/groups/settings/ci_cd_controller.rb @@ -3,8 +3,6 @@ module Groups module Settings class CiCdController < Groups::ApplicationController - include RunnerSetupScripts - layout 'group_settings' skip_cross_project_access_check :show before_action :authorize_admin_group! @@ -13,16 +11,9 @@ module Groups before_action :push_licensed_features, only: [:show] feature_category :continuous_integration - - NUMBER_OF_RUNNERS_PER_PAGE = 4 + urgency :low def show - runners_finder = Ci::RunnersFinder.new(current_user: current_user, params: params.merge({ group: @group })) - # We need all runners for count - @all_group_runners = runners_finder.execute.except(:limit, :offset) - @group_runners = runners_finder.execute.page(params[:page]).per(NUMBER_OF_RUNNERS_PER_PAGE) - - @sort = runners_finder.sort_key end def update @@ -35,13 +26,6 @@ module Groups redirect_to group_settings_ci_cd_path end - def reset_registration_token - ::Ci::Runners::ResetRegistrationTokenService.new(@group, current_user).execute - - flash[:notice] = _('GroupSettings|New runners registration token has been generated!') - redirect_to group_settings_ci_cd_path - end - def update_auto_devops if auto_devops_service.execute flash[:notice] = s_('GroupSettings|Auto DevOps pipeline was updated for the group') @@ -52,10 +36,6 @@ module Groups redirect_to group_settings_ci_cd_path end - def runner_setup_scripts - private_runner_setup_scripts - end - private def define_variables diff --git a/app/controllers/groups/settings/packages_and_registries_controller.rb b/app/controllers/groups/settings/packages_and_registries_controller.rb index c44e0727ff9..411b8577c3f 100644 --- a/app/controllers/groups/settings/packages_and_registries_controller.rb +++ b/app/controllers/groups/settings/packages_and_registries_controller.rb @@ -8,6 +8,7 @@ module Groups before_action :verify_packages_enabled! feature_category :package_registry + urgency :low def show end diff --git a/app/controllers/groups/settings/repository_controller.rb b/app/controllers/groups/settings/repository_controller.rb index 7404075985b..b0431c31179 100644 --- a/app/controllers/groups/settings/repository_controller.rb +++ b/app/controllers/groups/settings/repository_controller.rb @@ -12,6 +12,7 @@ module Groups end feature_category :continuous_delivery + urgency :low def create_deploy_token result = Groups::DeployTokens::CreateService.new(@group, current_user, deploy_token_params).execute diff --git a/app/controllers/groups/shared_projects_controller.rb b/app/controllers/groups/shared_projects_controller.rb index 7acdacc2d46..2d2664c02e8 100644 --- a/app/controllers/groups/shared_projects_controller.rb +++ b/app/controllers/groups/shared_projects_controller.rb @@ -7,6 +7,7 @@ module Groups skip_cross_project_access_check :index feature_category :subgroups + urgency :low, [:index] def index shared_projects = GroupProjectsFinder.new( diff --git a/app/controllers/groups/uploads_controller.rb b/app/controllers/groups/uploads_controller.rb index 49249f87d31..22e6549aa04 100644 --- a/app/controllers/groups/uploads_controller.rb +++ b/app/controllers/groups/uploads_controller.rb @@ -10,6 +10,7 @@ class Groups::UploadsController < Groups::ApplicationController before_action :verify_workhorse_api!, only: [:authorize] feature_category :subgroups + urgency :low, [:show] private diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb index 995d5abf045..d46cf899d8c 100644 --- a/app/controllers/groups_controller.rb +++ b/app/controllers/groups_controller.rb @@ -31,7 +31,7 @@ class GroupsController < Groups::ApplicationController before_action :user_actions, only: [:show] before_action do - push_frontend_feature_flag(:vue_issues_list, @group, default_enabled: :yaml) + push_frontend_feature_flag(:vue_issues_list, @group) end before_action :check_export_rate_limit!, only: [:export, :download_export] @@ -57,10 +57,13 @@ class GroupsController < Groups::ApplicationController feature_category :code_review, [:merge_requests, :unfoldered_environment_names] feature_category :projects, [:projects] feature_category :importers, [:export, :download_export] + urgency :low, [:export, :download_export] urgency :high, [:unfoldered_environment_names] + + urgency :low, [:issues, :issues_calendar, :preview_markdown] # TODO: Set #show to higher urgency after resolving https://gitlab.com/gitlab-org/gitlab/-/issues/334795 - urgency :low, [:merge_requests, :show] + urgency :low, [:merge_requests, :show, :create, :new, :update, :projects, :destroy, :edit, :activity] def index redirect_to(current_user ? dashboard_groups_path : explore_groups_path) @@ -209,7 +212,7 @@ class GroupsController < Groups::ApplicationController end def issues - return super if !html_request? || Feature.disabled?(:vue_issues_list, group, default_enabled: :yaml) + return super if !html_request? || Feature.disabled?(:vue_issues_list, group) @has_issues = IssuesFinder.new(current_user, group_id: group.id, include_subgroups: true).execute .non_archived @@ -227,6 +230,8 @@ class GroupsController < Groups::ApplicationController protected def render_show_html + Gitlab::Tracking.event('group_overview', 'render', user: current_user, namespace: @group) + render 'groups/show', locals: { trial: params[:trial] } end diff --git a/app/controllers/ide_controller.rb b/app/controllers/ide_controller.rb index 9494a686467..2bcbf88039b 100644 --- a/app/controllers/ide_controller.rb +++ b/app/controllers/ide_controller.rb @@ -12,7 +12,7 @@ class IdeController < ApplicationController before_action do push_frontend_feature_flag(:build_service_proxy) push_frontend_feature_flag(:schema_linting) - push_frontend_feature_flag(:reject_unsigned_commits_by_gitlab, default_enabled: :yaml) + push_frontend_feature_flag(:reject_unsigned_commits_by_gitlab) define_index_vars end diff --git a/app/controllers/import/available_namespaces_controller.rb b/app/controllers/import/available_namespaces_controller.rb index 0c2af13d3f3..c16c40cefea 100644 --- a/app/controllers/import/available_namespaces_controller.rb +++ b/app/controllers/import/available_namespaces_controller.rb @@ -2,6 +2,7 @@ class Import::AvailableNamespacesController < ApplicationController feature_category :importers + urgency :low def index render json: NamespaceSerializer.new.represent(current_user.manageable_groups_with_routes(include_groups_with_developer_maintainer_access: true)) diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb index 51ca12370e6..7ef07032913 100644 --- a/app/controllers/import/base_controller.rb +++ b/app/controllers/import/base_controller.rb @@ -5,6 +5,7 @@ class Import::BaseController < ApplicationController before_action -> { check_rate_limit!(:project_import, scope: [current_user, :project_import], redirect_back: true) }, only: [:create] feature_category :importers + urgency :low def status respond_to do |format| diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb index 7c9525d1744..55707000cf8 100644 --- a/app/controllers/import/bitbucket_controller.rb +++ b/app/controllers/import/bitbucket_controller.rb @@ -29,13 +29,12 @@ class Import::BitbucketController < Import::BaseController end end + # We need to re-expose controller's internal method 'status' as action. + # rubocop:disable Lint/UselessMethodDefinition def status super end - - def realtime_changes - super - end + # rubocop:enable Lint/UselessMethodDefinition def create bitbucket_client = Bitbucket::Client.new(credentials) diff --git a/app/controllers/import/bitbucket_server_controller.rb b/app/controllers/import/bitbucket_server_controller.rb index 31e9694ca1d..00f3f0b08b2 100644 --- a/app/controllers/import/bitbucket_server_controller.rb +++ b/app/controllers/import/bitbucket_server_controller.rb @@ -52,13 +52,12 @@ class Import::BitbucketServerController < Import::BaseController redirect_to status_import_bitbucket_server_path end + # We need to re-expose controller's internal method 'status' as action. + # rubocop:disable Lint/UselessMethodDefinition def status super end - - def realtime_changes - super - end + # rubocop:enable Lint/UselessMethodDefinition protected diff --git a/app/controllers/import/bulk_imports_controller.rb b/app/controllers/import/bulk_imports_controller.rb index f26c06b7e37..34f12aebb91 100644 --- a/app/controllers/import/bulk_imports_controller.rb +++ b/app/controllers/import/bulk_imports_controller.rb @@ -7,6 +7,7 @@ class Import::BulkImportsController < ApplicationController before_action :verify_blocked_uri, only: :status feature_category :importers + urgency :low POLLING_INTERVAL = 3_000 @@ -98,7 +99,7 @@ class Import::BulkImportsController < ApplicationController end def ensure_group_import_enabled - render_404 unless Feature.enabled?(:bulk_import, default_enabled: :yaml) + render_404 unless Feature.enabled?(:bulk_import) end def access_token_key diff --git a/app/controllers/import/fogbugz_controller.rb b/app/controllers/import/fogbugz_controller.rb index 377292d47d8..c223d9d211e 100644 --- a/app/controllers/import/fogbugz_controller.rb +++ b/app/controllers/import/fogbugz_controller.rb @@ -54,10 +54,6 @@ class Import::FogbugzController < Import::BaseController end # rubocop: enable CodeReuse/ActiveRecord - def realtime_changes - super - end - def create repo = client.repo(params[:repo_id]) fb_session = { uri: session[:fogbugz_uri], token: session[:fogbugz_token] } diff --git a/app/controllers/import/gitea_controller.rb b/app/controllers/import/gitea_controller.rb index 32c9da67e90..4b4ac07b389 100644 --- a/app/controllers/import/gitea_controller.rb +++ b/app/controllers/import/gitea_controller.rb @@ -16,10 +16,12 @@ class Import::GiteaController < Import::GithubController super end - # Must be defined or it will 404 + # We need to re-expose controller's internal method 'status' as action. + # rubocop:disable Lint/UselessMethodDefinition def status super end + # rubocop:enable Lint/UselessMethodDefinition protected @@ -61,7 +63,7 @@ class Import::GiteaController < Import::GithubController override :client def client - @client ||= Gitlab::LegacyGithubImport::Client.new(session[access_token_key], client_options) + @client ||= Gitlab::LegacyGithubImport::Client.new(session[access_token_key], **client_options) end override :client_options diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb index fa9517c3545..c846d9d225a 100644 --- a/app/controllers/import/gitlab_controller.rb +++ b/app/controllers/import/gitlab_controller.rb @@ -16,9 +16,12 @@ class Import::GitlabController < Import::BaseController redirect_to status_import_gitlab_url end + # We need to re-expose controller's internal method 'status' as action. + # rubocop:disable Lint/UselessMethodDefinition def status super end + # rubocop:enable Lint/UselessMethodDefinition def create repo = client.project(params[:repo_id].to_i) diff --git a/app/controllers/import/gitlab_groups_controller.rb b/app/controllers/import/gitlab_groups_controller.rb index c9d5e9986dc..81f18a18776 100644 --- a/app/controllers/import/gitlab_groups_controller.rb +++ b/app/controllers/import/gitlab_groups_controller.rb @@ -6,6 +6,7 @@ class Import::GitlabGroupsController < ApplicationController before_action :check_import_rate_limit!, only: %i[create] feature_category :importers + urgency :low def create unless file_is_valid?(group_params[:file]) diff --git a/app/controllers/import/history_controller.rb b/app/controllers/import/history_controller.rb index 69e31392f21..9677624d0b7 100644 --- a/app/controllers/import/history_controller.rb +++ b/app/controllers/import/history_controller.rb @@ -2,4 +2,5 @@ class Import::HistoryController < ApplicationController feature_category :importers + urgency :low end diff --git a/app/controllers/import/manifest_controller.rb b/app/controllers/import/manifest_controller.rb index 956d0c9a2ae..461ba982969 100644 --- a/app/controllers/import/manifest_controller.rb +++ b/app/controllers/import/manifest_controller.rb @@ -10,9 +10,12 @@ class Import::ManifestController < Import::BaseController def new end + # We need to re-expose controller's internal method 'status' as action. + # rubocop:disable Lint/UselessMethodDefinition def status super end + # rubocop:enable Lint/UselessMethodDefinition def upload group = Group.find(params[:group_id]) @@ -36,10 +39,6 @@ class Import::ManifestController < Import::BaseController end end - def realtime_changes - super - end - def create repository = importable_repos.find do |project| project[:id] == params[:repo_id].to_i diff --git a/app/controllers/import/url_controller.rb b/app/controllers/import/url_controller.rb index 4e4b6ad125e..fed3412881a 100644 --- a/app/controllers/import/url_controller.rb +++ b/app/controllers/import/url_controller.rb @@ -2,6 +2,7 @@ class Import::UrlController < ApplicationController feature_category :importers + urgency :low def validate result = Import::ValidateRemoteGitEndpointService.new(validate_params).execute diff --git a/app/controllers/jira_connect/application_controller.rb b/app/controllers/jira_connect/application_controller.rb index 9b3bff062dd..e26d69314cd 100644 --- a/app/controllers/jira_connect/application_controller.rb +++ b/app/controllers/jira_connect/application_controller.rb @@ -20,60 +20,44 @@ class JiraConnect::ApplicationController < ApplicationController end def verify_qsh_claim! - payload, _ = decode_auth_token! - - return if request.format.json? && payload['qsh'] == 'context-qsh' + return if request.format.json? && jwt.verify_context_qsh_claim # Make sure `qsh` claim matches the current request - render_403 unless payload['qsh'] == Atlassian::Jwt.create_query_string_hash(request.url, request.method, jira_connect_base_url) - rescue StandardError - render_403 + render_403 unless jwt.verify_qsh_claim(request.url, request.method, jira_connect_base_url) end def atlassian_jwt_valid? return false unless installation_from_jwt # Verify JWT signature with our stored `shared_secret` - decode_auth_token! - rescue JWT::DecodeError - false + jwt.valid?(installation_from_jwt.shared_secret) end def installation_from_jwt strong_memoize(:installation_from_jwt) do - next unless claims['iss'] + next unless jwt.iss_claim - JiraConnectInstallation.find_by_client_key(claims['iss']) - end - end - - def claims - strong_memoize(:claims) do - next {} unless auth_token - - # Decode without verification to get `client_key` in `iss` - payload, _ = Atlassian::Jwt.decode(auth_token, nil, false) - payload + JiraConnectInstallation.find_by_client_key(jwt.iss_claim) end end def jira_user strong_memoize(:jira_user) do next unless installation_from_jwt - next unless claims['sub'] + next unless jwt.sub_claim # This only works for Jira Cloud installations. - installation_from_jwt.client.user_info(claims['sub']) + installation_from_jwt.client.user_info(jwt.sub_claim) end end - def decode_auth_token! - Atlassian::Jwt.decode(auth_token, installation_from_jwt.shared_secret) + def jwt + strong_memoize(:jwt) do + Atlassian::JiraConnect::Jwt::Symmetric.new(auth_token) + end end def auth_token - strong_memoize(:auth_token) do - params[:jwt] || request.headers['Authorization']&.split(' ', 2)&.last - end + params[:jwt] || request.headers['Authorization']&.split(' ', 2)&.last end end diff --git a/app/controllers/jira_connect/events_controller.rb b/app/controllers/jira_connect/events_controller.rb index 3c78f63e069..394fdc9b2f6 100644 --- a/app/controllers/jira_connect/events_controller.rb +++ b/app/controllers/jira_connect/events_controller.rb @@ -47,7 +47,7 @@ class JiraConnect::EventsController < JiraConnect::ApplicationController end def verify_asymmetric_atlassian_jwt! - asymmetric_jwt = Atlassian::JiraConnect::AsymmetricJwt.new(auth_token, jwt_verification_claims) + asymmetric_jwt = Atlassian::JiraConnect::Jwt::Asymmetric.new(auth_token, jwt_verification_claims) return head :unauthorized unless asymmetric_jwt.valid? diff --git a/app/controllers/jira_connect/subscriptions_controller.rb b/app/controllers/jira_connect/subscriptions_controller.rb index d8ce67d6267..2ba9f8264e1 100644 --- a/app/controllers/jira_connect/subscriptions_controller.rb +++ b/app/controllers/jira_connect/subscriptions_controller.rb @@ -19,7 +19,8 @@ class JiraConnect::SubscriptionsController < JiraConnect::ApplicationController end before_action do - push_frontend_feature_flag(:jira_connect_oauth, @user, default_enabled: :yaml) + push_frontend_feature_flag(:jira_connect_oauth, @user) + push_frontend_feature_flag(:jira_connect_oauth_self_managed, @user) end before_action :allow_rendering_in_iframe, only: :index diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb index 81084ffe38b..3724bb0d925 100644 --- a/app/controllers/oauth/applications_controller.rb +++ b/app/controllers/oauth/applications_controller.rb @@ -57,10 +57,8 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController @authorized_anonymous_tokens = @authorized_tokens.reject(&:application) @authorized_apps = @authorized_tokens.map(&:application).uniq.reject(&:nil?) - # Default access tokens to expire. This preserves backward compatibility - # with existing applications. This will be removed in 15.0. - # Removal issue: https://gitlab.com/gitlab-org/gitlab/-/issues/340848 - @application ||= Doorkeeper::Application.new(expire_access_tokens: true) + # Don't overwrite a value possibly set by `create` + @application ||= Doorkeeper::Application.new end # Override Doorkeeper to scope to the current user diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index d1c409d071e..0817813f967 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -5,7 +5,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController include InitializesCurrentUserMode include Gitlab::Utils::StrongMemoize - before_action :verify_confirmed_email!, :verify_confidential_application! + before_action :verify_confirmed_email! layout 'profile' @@ -37,8 +37,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController # limit scopes when signing in with GitLab def downgrade_scopes! - return unless Feature.enabled?(:omniauth_login_minimal_scopes, current_user, - default_enabled: :yaml) + return unless Feature.enabled?(:omniauth_login_minimal_scopes, current_user) auth_type = params.delete('gl_auth_type') return unless auth_type == 'login' @@ -78,18 +77,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController doorkeeper_application&.includes_scope?(*::Gitlab::Auth::API_SCOPES) end - # Confidential apps require the client_secret to be sent with the request. - # Doorkeeper allows implicit grant flow requests (response_type=token) to - # work without client_secret regardless of the confidential setting. - # This leads to security vulnerabilities and we want to block it. - def verify_confidential_application! - render 'doorkeeper/authorizations/error' if authorizable_confidential? - end - - def authorizable_confidential? - pre_auth.authorizable? && pre_auth.response_type == 'token' && pre_auth.client.application.confidential - end - def verify_confirmed_email! return if current_user&.confirmed? diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index dc5b22e1606..927b50245a4 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -9,7 +9,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController after_action :verify_known_sign_in - protect_from_forgery except: [:kerberos, :saml, :cas3, :failure] + AuthHelper.saml_providers, with: :exception, prepend: true + protect_from_forgery except: [:cas3, :failure] + AuthHelper.saml_providers, with: :exception, prepend: true feature_category :authentication_and_authorization diff --git a/app/controllers/profiles/accounts_controller.rb b/app/controllers/profiles/accounts_controller.rb index bd52ef0b0d4..83eabbb736e 100644 --- a/app/controllers/profiles/accounts_controller.rb +++ b/app/controllers/profiles/accounts_controller.rb @@ -4,6 +4,7 @@ class Profiles::AccountsController < Profiles::ApplicationController include AuthHelper feature_category :users + urgency :low, [:show] def show render(locals: show_view_variables) diff --git a/app/controllers/profiles/emails_controller.rb b/app/controllers/profiles/emails_controller.rb index 7a88162f469..7e332d9a498 100644 --- a/app/controllers/profiles/emails_controller.rb +++ b/app/controllers/profiles/emails_controller.rb @@ -8,6 +8,7 @@ class Profiles::EmailsController < Profiles::ApplicationController only: [:resend_confirmation_instructions] feature_category :users + urgency :low, [:index] def index @primary_email = current_user.email diff --git a/app/controllers/profiles/gpg_keys_controller.rb b/app/controllers/profiles/gpg_keys_controller.rb index 9e16d195b00..e31ca87a5d5 100644 --- a/app/controllers/profiles/gpg_keys_controller.rb +++ b/app/controllers/profiles/gpg_keys_controller.rb @@ -3,7 +3,7 @@ class Profiles::GpgKeysController < Profiles::ApplicationController before_action :set_gpg_key, only: [:destroy, :revoke] - feature_category :users + feature_category :source_code_management def index @gpg_keys = current_user.gpg_keys.with_subkeys diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb index 3a189c900ac..90d5f945d78 100644 --- a/app/controllers/profiles/keys_controller.rb +++ b/app/controllers/profiles/keys_controller.rb @@ -2,6 +2,7 @@ class Profiles::KeysController < Profiles::ApplicationController feature_category :users + urgency :low, [:create, :index] def index @keys = current_user.keys.order_id_desc diff --git a/app/controllers/profiles/notifications_controller.rb b/app/controllers/profiles/notifications_controller.rb index ccfd360a781..9323d266cd5 100644 --- a/app/controllers/profiles/notifications_controller.rb +++ b/app/controllers/profiles/notifications_controller.rb @@ -2,6 +2,7 @@ class Profiles::NotificationsController < Profiles::ApplicationController feature_category :team_planning + urgency :low def show @user = current_user diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb index 8dc9697c56d..ad2e384077a 100644 --- a/app/controllers/profiles/personal_access_tokens_controller.rb +++ b/app/controllers/profiles/personal_access_tokens_controller.rb @@ -63,5 +63,3 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController finder(state: 'active', sort: 'expires_at_asc').execute end end - -Profiles::PersonalAccessTokensController.prepend_mod_with('Profiles::PersonalAccessTokensController') diff --git a/app/controllers/profiles/preferences_controller.rb b/app/controllers/profiles/preferences_controller.rb index 820b6520f6c..7aca76c2fb1 100644 --- a/app/controllers/profiles/preferences_controller.rb +++ b/app/controllers/profiles/preferences_controller.rb @@ -5,6 +5,9 @@ class Profiles::PreferencesController < Profiles::ApplicationController feature_category :users + urgency :low, [:show] + urgency :medium, [:update] + def show end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 48b0d313d3c..2e71b4801ed 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -9,7 +9,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController helper_method :current_password_required? before_action do - push_frontend_feature_flag(:webauthn, default_enabled: :yaml) + push_frontend_feature_flag(:webauthn) end feature_category :authentication_and_authorization @@ -35,7 +35,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController @qr_code = build_qr_code @account_string = account_string - if Feature.enabled?(:webauthn, default_enabled: :yaml) + if Feature.enabled?(:webauthn) setup_webauthn_registration else setup_u2f_registration @@ -44,7 +44,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def create otp_validation_result = - ::Users::ValidateOtpService.new(current_user).execute(params[:pin_code]) + ::Users::ValidateManualOtpService.new(current_user).execute(params[:pin_code]) if otp_validation_result[:status] == :success ActiveSession.destroy_all_but_current(current_user, session) @@ -61,7 +61,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController @qr_code = build_qr_code @account_string = account_string - if Feature.enabled?(:webauthn, default_enabled: :yaml) + if Feature.enabled?(:webauthn) setup_webauthn_registration else setup_u2f_registration diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index d57a293ab4d..d5e7195a157 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -11,10 +11,11 @@ class ProfilesController < Profiles::ApplicationController end skip_before_action :require_email, only: [:show, :update] before_action do - push_frontend_feature_flag(:webauthn, default_enabled: :yaml) + push_frontend_feature_flag(:webauthn) end feature_category :users + urgency :low, [:show, :update] def show end diff --git a/app/controllers/projects/alert_management_controller.rb b/app/controllers/projects/alert_management_controller.rb index ebe867d915d..ef0c47b0eed 100644 --- a/app/controllers/projects/alert_management_controller.rb +++ b/app/controllers/projects/alert_management_controller.rb @@ -4,6 +4,7 @@ class Projects::AlertManagementController < Projects::ApplicationController before_action :authorize_read_alert_management_alert! feature_category :incident_management + urgency :low def index end diff --git a/app/controllers/projects/alerting/notifications_controller.rb b/app/controllers/projects/alerting/notifications_controller.rb index ae8498ce65f..82fff287c4a 100644 --- a/app/controllers/projects/alerting/notifications_controller.rb +++ b/app/controllers/projects/alerting/notifications_controller.rb @@ -13,6 +13,9 @@ module Projects prepend_before_action :repository, :project_without_auth feature_category :incident_management + # Goal is to increase the urgency to medium. + # See https://gitlab.com/gitlab-org/gitlab/-/issues/361310. + urgency :low, [:create] def create token = extract_alert_manager_token(request) diff --git a/app/controllers/projects/analytics/cycle_analytics/value_streams_controller.rb b/app/controllers/projects/analytics/cycle_analytics/value_streams_controller.rb index 03dcb164d94..60bcd1d7238 100644 --- a/app/controllers/projects/analytics/cycle_analytics/value_streams_controller.rb +++ b/app/controllers/projects/analytics/cycle_analytics/value_streams_controller.rb @@ -4,6 +4,7 @@ class Projects::Analytics::CycleAnalytics::ValueStreamsController < Projects::Ap respond_to :json feature_category :planning_analytics + urgency :low before_action :authorize_read_cycle_analytics! diff --git a/app/controllers/projects/autocomplete_sources_controller.rb b/app/controllers/projects/autocomplete_sources_controller.rb index f678e19d05d..9dbf989ca3f 100644 --- a/app/controllers/projects/autocomplete_sources_controller.rb +++ b/app/controllers/projects/autocomplete_sources_controller.rb @@ -9,7 +9,8 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController feature_category :users, [:members] feature_category :snippets, [:snippets] - urgency :low, [:merge_requests] + urgency :low, [:merge_requests, :members] + urgency :low, [:issues, :labels, :milestones, :commands, :contacts] def members render json: ::Projects::ParticipantsService.new(@project, current_user).execute(target) diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb index fb113df137f..70d9b524e4d 100644 --- a/app/controllers/projects/avatars_controller.rb +++ b/app/controllers/projects/avatars_controller.rb @@ -9,6 +9,8 @@ class Projects::AvatarsController < Projects::ApplicationController feature_category :projects + urgency :low, [:show] + def show @blob = @repository.blob_at_branch(@repository.root_ref, @project.avatar_in_git) diff --git a/app/controllers/projects/blame_controller.rb b/app/controllers/projects/blame_controller.rb index 57a06f26f8c..64ced43311a 100644 --- a/app/controllers/projects/blame_controller.rb +++ b/app/controllers/projects/blame_controller.rb @@ -23,8 +23,11 @@ class Projects::BlameController < Projects::ApplicationController environment_params[:find_latest] = true @environment = ::Environments::EnvironmentsByDeploymentsFinder.new(@project, current_user, environment_params).execute.last - @blame = Gitlab::Blame.new(@blob, @commit) - @blame = Gitlab::View::Presenter::Factory.new(@blame, project: @project, path: @path).fabricate! + blame_service = Projects::BlameService.new(@blob, @commit, params.permit(:page)) + + @blame = Gitlab::View::Presenter::Factory.new(blame_service.blame, project: @project, path: @path).fabricate! + + render locals: { blame_pagination: blame_service.pagination } end end diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index 26a7b5662be..a9561fb9312 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -42,8 +42,8 @@ class Projects::BlobController < Projects::ApplicationController urgency :low, [:create, :show, :edit, :update, :diff] before_action do - push_frontend_feature_flag(:refactor_blob_viewer, @project, default_enabled: :yaml) - push_frontend_feature_flag(:highlight_js, @project, default_enabled: :yaml) + push_frontend_feature_flag(:refactor_blob_viewer, @project) + push_frontend_feature_flag(:highlight_js, @project) push_licensed_feature(:file_locks) if @project.licensed_feature_available?(:file_locks) end diff --git a/app/controllers/projects/boards_controller.rb b/app/controllers/projects/boards_controller.rb index 7a30e68d9a2..36986a714fb 100644 --- a/app/controllers/projects/boards_controller.rb +++ b/app/controllers/projects/boards_controller.rb @@ -7,8 +7,8 @@ class Projects::BoardsController < Projects::ApplicationController before_action :check_issues_available! before_action :assign_endpoint_vars before_action do - push_frontend_feature_flag(:board_multi_select, project, default_enabled: :yaml) - push_frontend_feature_flag(:realtime_labels, project&.group, default_enabled: :yaml) + push_frontend_feature_flag(:board_multi_select, project) + push_frontend_feature_flag(:realtime_labels, project&.group) experiment(:prominent_create_board_btn, subject: current_user) do |e| e.control { } e.candidate { } @@ -16,6 +16,7 @@ class Projects::BoardsController < Projects::ApplicationController end feature_category :team_planning + urgency :low private diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb index 6264f10ce2d..27969cb1a75 100644 --- a/app/controllers/projects/branches_controller.rb +++ b/app/controllers/projects/branches_controller.rb @@ -111,7 +111,7 @@ class Projects::BranchesController < Projects::ApplicationController flash_type = result.error? ? :alert : :notice flash[flash_type] = result.message - redirect_to project_branches_path(@project), status: :see_other + redirect_back_or_default(default: project_branches_path(@project), options: { status: :see_other }) end format.js { head result.http_status } diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index 61e8e5b015a..4168612d50f 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -5,8 +5,7 @@ class Projects::BuildsController < Projects::ApplicationController feature_category :continuous_integration - urgency :high, [:index, :show] - urgency :low, [:raw] + urgency :low, [:raw, :index, :show] def index redirect_to project_jobs_path(project) diff --git a/app/controllers/projects/ci/pipeline_editor_controller.rb b/app/controllers/projects/ci/pipeline_editor_controller.rb index 8c6e8f0e126..dbf3b2051fb 100644 --- a/app/controllers/projects/ci/pipeline_editor_controller.rb +++ b/app/controllers/projects/ci/pipeline_editor_controller.rb @@ -3,7 +3,8 @@ class Projects::Ci::PipelineEditorController < Projects::ApplicationController before_action :check_can_collaborate! before_action do - push_frontend_feature_flag(:schema_linting, @project, default_enabled: :yaml) + push_frontend_feature_flag(:schema_linting, @project) + push_frontend_feature_flag(:pipeline_editor_file_tree, @project) end feature_category :pipeline_authoring diff --git a/app/controllers/projects/ci/secure_files_controller.rb b/app/controllers/projects/ci/secure_files_controller.rb index 5141d0188b0..59ddca19081 100644 --- a/app/controllers/projects/ci/secure_files_controller.rb +++ b/app/controllers/projects/ci/secure_files_controller.rb @@ -6,5 +6,6 @@ class Projects::Ci::SecureFilesController < Projects::ApplicationController feature_category :pipeline_authoring def show + render_404 unless Feature.enabled?(:ci_secure_files, project) end end diff --git a/app/controllers/projects/cluster_agents_controller.rb b/app/controllers/projects/cluster_agents_controller.rb index 282b9ef1fb7..3f759e5c18c 100644 --- a/app/controllers/projects/cluster_agents_controller.rb +++ b/app/controllers/projects/cluster_agents_controller.rb @@ -4,6 +4,7 @@ class Projects::ClusterAgentsController < Projects::ApplicationController before_action :authorize_can_read_cluster_agent! feature_category :kubernetes_management + urgency :low def show @agent_name = params[:name] diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb index 440375bf3c9..30d001d0ac5 100644 --- a/app/controllers/projects/clusters_controller.rb +++ b/app/controllers/projects/clusters_controller.rb @@ -6,7 +6,7 @@ class Projects::ClustersController < Clusters::ClustersController before_action do push_frontend_feature_flag(:prometheus_computed_alerts) - push_frontend_feature_flag(:show_gitlab_agent_feedback, type: :ops, default_enabled: :yaml) + push_frontend_feature_flag(:show_gitlab_agent_feedback, type: :ops) end layout 'project' diff --git a/app/controllers/projects/cycle_analytics/events_controller.rb b/app/controllers/projects/cycle_analytics/events_controller.rb index a1da8d4e91f..43b4cdbe9a8 100644 --- a/app/controllers/projects/cycle_analytics/events_controller.rb +++ b/app/controllers/projects/cycle_analytics/events_controller.rb @@ -12,6 +12,7 @@ module Projects before_action :authorize_read_merge_request!, only: [:code, :review] feature_category :planning_analytics + urgency :low def issue render_events(cycle_analytics[:issue].events) diff --git a/app/controllers/projects/cycle_analytics_controller.rb b/app/controllers/projects/cycle_analytics_controller.rb index dc6a9a73d9e..6160dafb177 100644 --- a/app/controllers/projects/cycle_analytics_controller.rb +++ b/app/controllers/projects/cycle_analytics_controller.rb @@ -14,6 +14,7 @@ class Projects::CycleAnalyticsController < Projects::ApplicationController track_redis_hll_event :show, name: 'p_analytics_valuestream' feature_category :planning_analytics + urgency :low before_action do push_licensed_feature(:cycle_analytics_for_groups) if project.licensed_feature_available?(:cycle_analytics_for_groups) diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index ce25f86d692..96afe9dbb9f 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -11,6 +11,7 @@ class Projects::DeployKeysController < Projects::ApplicationController layout 'project_settings' feature_category :continuous_delivery + urgency :low def index respond_to do |format| diff --git a/app/controllers/projects/deploy_tokens_controller.rb b/app/controllers/projects/deploy_tokens_controller.rb index 42c2d8b17f1..ed77fa2fee6 100644 --- a/app/controllers/projects/deploy_tokens_controller.rb +++ b/app/controllers/projects/deploy_tokens_controller.rb @@ -4,6 +4,7 @@ class Projects::DeployTokensController < Projects::ApplicationController before_action :authorize_admin_project! feature_category :continuous_delivery + urgency :low def revoke @token = @project.deploy_tokens.find(params[:id]) diff --git a/app/controllers/projects/deployments_controller.rb b/app/controllers/projects/deployments_controller.rb index 231684427fb..bebade1b21b 100644 --- a/app/controllers/projects/deployments_controller.rb +++ b/app/controllers/projects/deployments_controller.rb @@ -4,6 +4,7 @@ class Projects::DeploymentsController < Projects::ApplicationController before_action :authorize_read_deployment! feature_category :continuous_delivery + urgency :low # rubocop: disable CodeReuse/ActiveRecord def index diff --git a/app/controllers/projects/discussions_controller.rb b/app/controllers/projects/discussions_controller.rb index 9f7d47b95f3..a61930d4b99 100644 --- a/app/controllers/projects/discussions_controller.rb +++ b/app/controllers/projects/discussions_controller.rb @@ -10,6 +10,7 @@ class Projects::DiscussionsController < Projects::ApplicationController before_action :authorize_resolve_discussion!, only: [:resolve, :unresolve] feature_category :team_planning + urgency :low def resolve Discussions::ResolveService.new(project, current_user, one_or_more_discussions: discussion).execute diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb index 8e81e75ad13..1a2c0d64d19 100644 --- a/app/controllers/projects/environments_controller.rb +++ b/app/controllers/projects/environments_controller.rb @@ -24,9 +24,13 @@ class Projects::EnvironmentsController < Projects::ApplicationController before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize, :metrics, :cancel_auto_stop] before_action :verify_api_request!, only: :terminal_websocket_authorize before_action :expire_etag_cache, only: [:index], unless: -> { request.format.json? } + before_action do + push_frontend_feature_flag(:monitor_logging, project) + end after_action :expire_etag_cache, only: [:cancel_auto_stop] feature_category :continuous_delivery + urgency :low def index @project = ProjectPresenter.new(project, current_user: current_user) @@ -73,7 +77,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController # rubocop: enable CodeReuse/ActiveRecord def show - @deployments = environment.deployments.ordered.page(params[:page]) + @deployments = deployments end def new @@ -202,6 +206,10 @@ class Projects::EnvironmentsController < Projects::ApplicationController private + def deployments + environment.deployments.ordered.page(params[:page]) + end + def verify_api_request! Gitlab::Workhorse.verify_api_request!(request.headers) end diff --git a/app/controllers/projects/feature_flags_clients_controller.rb b/app/controllers/projects/feature_flags_clients_controller.rb index 9a1f8932a27..2652345fc5a 100644 --- a/app/controllers/projects/feature_flags_clients_controller.rb +++ b/app/controllers/projects/feature_flags_clients_controller.rb @@ -5,6 +5,7 @@ class Projects::FeatureFlagsClientsController < Projects::ApplicationController before_action :feature_flags_client feature_category :feature_flags + urgency :low def reset_token feature_flags_client.reset_token! diff --git a/app/controllers/projects/feature_flags_controller.rb b/app/controllers/projects/feature_flags_controller.rb index 7c0da8f8a24..1d1fe91ad70 100644 --- a/app/controllers/projects/feature_flags_controller.rb +++ b/app/controllers/projects/feature_flags_controller.rb @@ -11,6 +11,7 @@ class Projects::FeatureFlagsController < Projects::ApplicationController before_action :feature_flag, only: [:edit, :update, :destroy] feature_category :feature_flags + urgency :low def index @feature_flags = FeatureFlagsFinder diff --git a/app/controllers/projects/feature_flags_user_lists_controller.rb b/app/controllers/projects/feature_flags_user_lists_controller.rb index fd81321924a..023eb51cc94 100644 --- a/app/controllers/projects/feature_flags_user_lists_controller.rb +++ b/app/controllers/projects/feature_flags_user_lists_controller.rb @@ -5,6 +5,7 @@ class Projects::FeatureFlagsUserListsController < Projects::ApplicationControlle before_action :user_list, only: [:edit, :show] feature_category :feature_flags + urgency :low def index end diff --git a/app/controllers/projects/graphs_controller.rb b/app/controllers/projects/graphs_controller.rb index 606f6ac7941..63309cce1e5 100644 --- a/app/controllers/projects/graphs_controller.rb +++ b/app/controllers/projects/graphs_controller.rb @@ -15,6 +15,7 @@ class Projects::GraphsController < Projects::ApplicationController urgency :low, [:show] feature_category :continuous_integration, [:ci] + urgency :low, [:ci] def show respond_to do |format| diff --git a/app/controllers/projects/imports_controller.rb b/app/controllers/projects/imports_controller.rb index 3b3f9bdcf6b..41daeddcf7f 100644 --- a/app/controllers/projects/imports_controller.rb +++ b/app/controllers/projects/imports_controller.rb @@ -12,6 +12,7 @@ class Projects::ImportsController < Projects::ApplicationController before_action :redirect_if_no_import, only: :show feature_category :importers + urgency :low def new end diff --git a/app/controllers/projects/incident_management/pager_duty_incidents_controller.rb b/app/controllers/projects/incident_management/pager_duty_incidents_controller.rb index 408652b4b9e..f1e518abf48 100644 --- a/app/controllers/projects/incident_management/pager_duty_incidents_controller.rb +++ b/app/controllers/projects/incident_management/pager_duty_incidents_controller.rb @@ -11,6 +11,7 @@ module Projects prepend_before_action :project_without_auth feature_category :incident_management + urgency :low def create result = webhook_processor.execute(params[:token]) diff --git a/app/controllers/projects/incidents_controller.rb b/app/controllers/projects/incidents_controller.rb index dd1e51bb9bd..fd7ba7b5460 100644 --- a/app/controllers/projects/incidents_controller.rb +++ b/app/controllers/projects/incidents_controller.rb @@ -7,11 +7,12 @@ class Projects::IncidentsController < Projects::ApplicationController before_action :authorize_read_issue! before_action :load_incident, only: [:show] before_action do - push_frontend_feature_flag(:incident_escalations, @project, default_enabled: :yaml) - push_frontend_feature_flag(:incident_timeline, @project, default_enabled: :yaml) + push_frontend_feature_flag(:incident_escalations, @project) + push_frontend_feature_flag(:incident_timeline, @project) end feature_category :incident_management + urgency :low def index end diff --git a/app/controllers/projects/issue_links_controller.rb b/app/controllers/projects/issue_links_controller.rb index e8c3110574f..956557457fa 100644 --- a/app/controllers/projects/issue_links_controller.rb +++ b/app/controllers/projects/issue_links_controller.rb @@ -8,6 +8,7 @@ module Projects before_action :authorize_issue_link_association!, only: :destroy feature_category :team_planning + urgency :low private diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 46943e7214a..b65616fdb3c 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -39,16 +39,16 @@ class Projects::IssuesController < Projects::ApplicationController before_action :authorize_download_code!, only: [:related_branches] before_action do - push_frontend_feature_flag(:vue_issues_list, project&.group, default_enabled: :yaml) - push_frontend_feature_flag(:contacts_autocomplete, project&.group, default_enabled: :yaml) - push_frontend_feature_flag(:incident_timeline, project, default_enabled: :yaml) + push_frontend_feature_flag(:vue_issues_list, project&.group) + push_frontend_feature_flag(:contacts_autocomplete, project&.group) + push_frontend_feature_flag(:incident_timeline, project) end before_action only: :show do - push_frontend_feature_flag(:confidential_notes, project&.group, default_enabled: :yaml) - push_frontend_feature_flag(:issue_assignees_widget, project, default_enabled: :yaml) - push_frontend_feature_flag(:paginated_issue_discussions, project, default_enabled: :yaml) - push_frontend_feature_flag(:realtime_labels, project, default_enabled: :yaml) + push_frontend_feature_flag(:confidential_notes, project&.group) + push_frontend_feature_flag(:issue_assignees_widget, project) + push_frontend_feature_flag(:paginated_issue_discussions, project) + push_frontend_feature_flag(:realtime_labels, project) push_force_frontend_feature_flag(:work_items, project&.work_items_feature_flag_enabled?) end @@ -65,10 +65,18 @@ class Projects::IssuesController < Projects::ApplicationController :toggle_award_emoji, :mark_as_spam, :related_branches, :can_create_branch, :create_merge_request ] + urgency :low, [ + :index, :calendar, :show, :new, :create, :edit, :update, + :destroy, :move, :reorder, :designs, :toggle_subscription, + :discussions, :bulk_update, :realtime_changes, + :toggle_award_emoji, :mark_as_spam, :related_branches, + :can_create_branch, :create_merge_request + ] feature_category :service_desk, [:service_desk] urgency :low, [:service_desk] feature_category :importers, [:import_csv, :export_csv] + urgency :low, [:import_csv, :export_csv] attr_accessor :vulnerability_id @@ -252,7 +260,7 @@ class Projects::IssuesController < Projects::ApplicationController def vue_issues_list? action_name.to_sym == :index && html_request? && - Feature.enabled?(:vue_issues_list, project&.group, default_enabled: :yaml) + Feature.enabled?(:vue_issues_list, project&.group) end def sorting_field diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb index 0f6cf97d69d..8c9f82b9dc1 100644 --- a/app/controllers/projects/jobs_controller.rb +++ b/app/controllers/projects/jobs_controller.rb @@ -21,13 +21,14 @@ class Projects::JobsController < Projects::ApplicationController before_action :push_jobs_table_vue_search, only: [:index] before_action do - push_frontend_feature_flag(:infinitely_collapsible_sections, @project, default_enabled: :yaml) - push_frontend_feature_flag(:trigger_job_retry_action, @project, default_enabled: :yaml) + push_frontend_feature_flag(:infinitely_collapsible_sections, @project) + push_frontend_feature_flag(:trigger_job_retry_action, @project) end layout 'project' feature_category :continuous_integration + urgency :low def index # We need all builds for tabs counters @@ -140,7 +141,7 @@ class Projects::JobsController < Projects::ApplicationController end def raw - if @build.trace.archived_trace_exist? + if @build.trace.archived? workhorse_set_content_type! send_upload(@build.job_artifacts_trace.file, send_params: raw_send_params, @@ -261,10 +262,10 @@ class Projects::JobsController < Projects::ApplicationController end def push_jobs_table_vue - push_frontend_feature_flag(:jobs_table_vue, @project, default_enabled: :yaml) + push_frontend_feature_flag(:jobs_table_vue, @project) end def push_jobs_table_vue_search - push_frontend_feature_flag(:jobs_table_vue_search, @project, default_enabled: :yaml) + push_frontend_feature_flag(:jobs_table_vue_search, @project) end end diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb index 814081194d6..8ec2cbb41e9 100644 --- a/app/controllers/projects/labels_controller.rb +++ b/app/controllers/projects/labels_controller.rb @@ -15,6 +15,7 @@ class Projects::LabelsController < Projects::ApplicationController respond_to :js, :html feature_category :team_planning + urgency :low def index respond_to do |format| diff --git a/app/controllers/projects/learn_gitlab_controller.rb b/app/controllers/projects/learn_gitlab_controller.rb index b9f9a1810b7..61e4a1812ba 100644 --- a/app/controllers/projects/learn_gitlab_controller.rb +++ b/app/controllers/projects/learn_gitlab_controller.rb @@ -7,6 +7,7 @@ class Projects::LearnGitlabController < Projects::ApplicationController before_action :enable_video_tutorials_continuous_onboarding_experiment feature_category :users + urgency :low, [:index] def index end diff --git a/app/controllers/projects/logs_controller.rb b/app/controllers/projects/logs_controller.rb index a4bdbc827e0..63d8981ef38 100644 --- a/app/controllers/projects/logs_controller.rb +++ b/app/controllers/projects/logs_controller.rb @@ -10,6 +10,8 @@ module Projects feature_category :logging def index + return render_404 unless Feature.enabled?(:monitor_logging, project) + if environment || cluster render :index else @@ -28,7 +30,6 @@ module Projects private def render_logs(service, permitted_params) - ::Gitlab::UsageCounters::PodLogs.increment(project.id) ::Gitlab::PollingInterval.set_header(response, interval: 3_000) result = service.new(cluster, namespace, params: permitted_params).execute diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 03bb132fe47..458df40ece1 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -33,20 +33,25 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo before_action only: [:show] do push_frontend_feature_flag(:file_identifier_hash) - push_frontend_feature_flag(:merge_request_widget_graphql, project, default_enabled: :yaml) + push_frontend_feature_flag(:merge_request_widget_graphql, project) push_frontend_feature_flag(:core_security_mr_widget_counts, project) - push_frontend_feature_flag(:paginated_notes, project, default_enabled: :yaml) - push_frontend_feature_flag(:confidential_notes, project, default_enabled: :yaml) - push_frontend_feature_flag(:restructured_mr_widget, project, default_enabled: :yaml) - push_frontend_feature_flag(:refactor_mr_widgets_extensions, project, default_enabled: :yaml) - push_frontend_feature_flag(:rebase_without_ci_ui, project, default_enabled: :yaml) - push_frontend_feature_flag(:secure_vulnerability_training, project, default_enabled: :yaml) - push_frontend_feature_flag(:issue_assignees_widget, @project, default_enabled: :yaml) - push_frontend_feature_flag(:realtime_labels, project, default_enabled: :yaml) + push_frontend_feature_flag(:paginated_notes, project) + push_frontend_feature_flag(:confidential_notes, project) + push_frontend_feature_flag(:restructured_mr_widget, project) + push_frontend_feature_flag(:refactor_mr_widgets_extensions, project) + push_frontend_feature_flag(:refactor_mr_widget_test_summary, project) + push_frontend_feature_flag(:rebase_without_ci_ui, project) + push_frontend_feature_flag(:issue_assignees_widget, @project) + push_frontend_feature_flag(:realtime_labels, project) + push_frontend_feature_flag(:updated_diff_expansion_buttons, project) + push_frontend_feature_flag(:mr_attention_requests, current_user) + push_frontend_feature_flag(:updated_mr_header, project) + push_frontend_feature_flag(:remove_diff_header_icons, project) + push_frontend_feature_flag(:moved_mr_sidebar, project) end before_action do - push_frontend_feature_flag(:permit_all_shared_groups_for_approval, @project, default_enabled: :yaml) + push_frontend_feature_flag(:permit_all_shared_groups_for_approval, @project) end around_action :allow_gitaly_ref_name_caching, only: [:index, :show, :discussions] @@ -81,12 +86,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo :rebase, :discussions, :pipelines, - :test_reports - ] - urgency :low, [ + :test_reports, :codequality_mr_diff_reports, - :codequality_reports + :codequality_reports, + :terraform_reports ] + urgency :low, [:pipeline_status, :pipelines, :exposed_artifacts] def index @merge_requests = @issuables diff --git a/app/controllers/projects/metrics_dashboard_controller.rb b/app/controllers/projects/metrics_dashboard_controller.rb index 3f10749602e..e305b018293 100644 --- a/app/controllers/projects/metrics_dashboard_controller.rb +++ b/app/controllers/projects/metrics_dashboard_controller.rb @@ -12,6 +12,7 @@ module Projects before_action do push_frontend_feature_flag(:prometheus_computed_alerts) push_frontend_feature_flag(:disable_metric_dashboard_refresh_rate) + push_frontend_feature_flag(:monitor_logging, project) end feature_category :metrics diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index b896e2543ff..744e45a0f9c 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -19,6 +19,7 @@ class Projects::MilestonesController < Projects::ApplicationController respond_to :html feature_category :team_planning + urgency :low def index @sort = params[:sort] || 'due_date_asc' diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb index 7322e08e62e..d24b232293b 100644 --- a/app/controllers/projects/notes_controller.rb +++ b/app/controllers/projects/notes_controller.rb @@ -12,6 +12,7 @@ class Projects::NotesController < Projects::ApplicationController before_action :authorize_resolve_note!, only: [:resolve, :unresolve] feature_category :team_planning + urgency :low def delete_attachment note.remove_attachment! diff --git a/app/controllers/projects/packages/infrastructure_registry_controller.rb b/app/controllers/projects/packages/infrastructure_registry_controller.rb index 99d75afc63a..f1410bf6043 100644 --- a/app/controllers/projects/packages/infrastructure_registry_controller.rb +++ b/app/controllers/projects/packages/infrastructure_registry_controller.rb @@ -6,6 +6,7 @@ module Projects include PackagesAccess feature_category :infrastructure_as_code + urgency :low def show @package = project.packages.find(params[:id]) diff --git a/app/controllers/projects/packages/packages_controller.rb b/app/controllers/projects/packages/packages_controller.rb index 969922266fa..f045bae5c96 100644 --- a/app/controllers/projects/packages/packages_controller.rb +++ b/app/controllers/projects/packages/packages_controller.rb @@ -6,6 +6,7 @@ module Projects include PackagesAccess feature_category :package_registry + urgency :low # The show action renders index to allow frontend routing to work on page refresh def show diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb index f6171403667..fa38fb209f0 100644 --- a/app/controllers/projects/pipeline_schedules_controller.rb +++ b/app/controllers/projects/pipeline_schedules_controller.rb @@ -12,6 +12,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController before_action :authorize_admin_pipeline_schedule!, only: [:destroy] feature_category :continuous_integration + urgency :low # rubocop: disable CodeReuse/ActiveRecord def index diff --git a/app/controllers/projects/pipelines/application_controller.rb b/app/controllers/projects/pipelines/application_controller.rb index c147d697888..e9dc71a0f4a 100644 --- a/app/controllers/projects/pipelines/application_controller.rb +++ b/app/controllers/projects/pipelines/application_controller.rb @@ -11,6 +11,7 @@ module Projects before_action :authorize_read_pipeline! feature_category :continuous_integration + urgency :low private diff --git a/app/controllers/projects/pipelines/tests_controller.rb b/app/controllers/projects/pipelines/tests_controller.rb index 4daf700a8bd..8f0e20290fe 100644 --- a/app/controllers/projects/pipelines/tests_controller.rb +++ b/app/controllers/projects/pipelines/tests_controller.rb @@ -23,7 +23,7 @@ module Projects def show respond_to do |format| format.json do - if Feature.enabled?(:ci_test_report_artifacts_expired, project, default_enabled: :yaml) && pipeline.has_expired_test_reports? + if Feature.enabled?(:ci_test_report_artifacts_expired, project) && pipeline.has_expired_test_reports? render json: { errors: 'Test report artifacts have expired' }, status: :not_found else render json: TestSuiteSerializer diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 02f041637ba..94865024688 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -4,8 +4,11 @@ class Projects::PipelinesController < Projects::ApplicationController include ::Gitlab::Utils::StrongMemoize include RedisTracking - urgency :default, [:status] - urgency :low, [:index, :new, :builds, :show, :failures, :create, :stage, :retry, :dag, :cancel, :test_report] + urgency :low, [ + :index, :new, :builds, :show, :failures, :create, + :stage, :retry, :dag, :cancel, :test_report, + :charts, :config_variables, :destroy, :status + ] before_action :disable_query_limiting, only: [:create, :retry] before_action :pipeline, except: [:index, :new, :create, :charts, :config_variables] @@ -18,7 +21,9 @@ class Projects::PipelinesController < Projects::ApplicationController before_action :ensure_pipeline, only: [:show, :downloadable_artifacts] before_action do - push_frontend_feature_flag(:pipeline_tabs_vue, @project, default_enabled: :yaml) + push_frontend_feature_flag(:pipeline_tabs_vue, @project) + push_frontend_feature_flag(:downstream_retry_action, @project) + push_frontend_feature_flag(:failed_jobs_tab_vue, @project) end # Will be removed with https://gitlab.com/gitlab-org/gitlab/-/issues/225596 @@ -37,6 +42,23 @@ class Projects::PipelinesController < Projects::ApplicationController POLLING_INTERVAL = 10_000 + content_security_policy do |policy| + next if policy.directives.blank? + + default_script_src = policy.directives['script-src'] || policy.directives['default-src'] + script_src_values = Array.wrap(default_script_src) | ["'self'", "'unsafe-eval'", 'https://*.zuora.com'] + + default_frame_src = policy.directives['frame-src'] || policy.directives['default-src'] + frame_src_values = Array.wrap(default_frame_src) | ["'self'", 'https://*.zuora.com'] + + default_child_src = policy.directives['child-src'] || policy.directives['default-src'] + child_src_values = Array.wrap(default_child_src) | ["'self'", 'https://*.zuora.com'] + + policy.script_src(*script_src_values) + policy.frame_src(*frame_src_values) + policy.child_src(*child_src_values) + end + feature_category :continuous_integration, [ :charts, :show, :config_variables, :stage, :cancel, :retry, :builds, :dag, :failures, :status, @@ -127,12 +149,22 @@ class Projects::PipelinesController < Projects::ApplicationController end def builds - render_show + if Feature.enabled?(:pipeline_tabs_vue, project) + redirect_to pipeline_path(@pipeline, tab: 'builds') + else + render_show + end end def dag respond_to do |format| - format.html { render_show } + format.html do + if Feature.enabled?(:pipeline_tabs_vue, project) + redirect_to pipeline_path(@pipeline, tab: 'dag') + else + render_show + end + end format.json do render json: Ci::DagPipelineSerializer .new(project: @project, current_user: @current_user) @@ -142,7 +174,9 @@ class Projects::PipelinesController < Projects::ApplicationController end def failures - if @pipeline.failed_builds.present? + if Feature.enabled?(:pipeline_tabs_vue, project) + redirect_to pipeline_path(@pipeline, tab: 'failures') + elsif @pipeline.failed_builds.present? render_show else redirect_to pipeline_path(@pipeline) @@ -196,7 +230,13 @@ class Projects::PipelinesController < Projects::ApplicationController def test_report respond_to do |format| - format.html { render_show } + format.html do + if Feature.enabled?(:pipeline_tabs_vue, project) + redirect_to pipeline_path(@pipeline, tab: 'test_report') + else + render_show + end + end format.json do render json: TestReportSerializer .new(current_user: @current_user) diff --git a/app/controllers/projects/pipelines_settings_controller.rb b/app/controllers/projects/pipelines_settings_controller.rb index 6e08a889520..9adec4dcf00 100644 --- a/app/controllers/projects/pipelines_settings_controller.rb +++ b/app/controllers/projects/pipelines_settings_controller.rb @@ -4,6 +4,7 @@ class Projects::PipelinesSettingsController < Projects::ApplicationController before_action :authorize_admin_pipeline! feature_category :continuous_integration + urgency :low def show redirect_to project_settings_ci_cd_path(@project, params: params.to_unsafe_h) diff --git a/app/controllers/projects/product_analytics_controller.rb b/app/controllers/projects/product_analytics_controller.rb index 5db7585d8e0..c89cd52530a 100644 --- a/app/controllers/projects/product_analytics_controller.rb +++ b/app/controllers/projects/product_analytics_controller.rb @@ -54,6 +54,6 @@ class Projects::ProductAnalyticsController < Projects::ApplicationController end def feature_enabled! - render_404 unless Feature.enabled?(:product_analytics, @project, default_enabled: false) + render_404 unless Feature.enabled?(:product_analytics, @project) end end diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index 49618c89672..168e703c87d 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -9,6 +9,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController before_action :authorize_admin_project_member!, except: [:index, :leave, :request_access] feature_category :projects + urgency :low def index @sort = params[:sort].presence || sort_value_name diff --git a/app/controllers/projects/prometheus/alerts_controller.rb b/app/controllers/projects/prometheus/alerts_controller.rb index 7aebff13278..5e1b9570fa0 100644 --- a/app/controllers/projects/prometheus/alerts_controller.rb +++ b/app/controllers/projects/prometheus/alerts_controller.rb @@ -14,9 +14,10 @@ module Projects prepend_before_action :repository, :project_without_auth, only: [:notify] before_action :authorize_read_prometheus_alerts!, except: [:notify] - before_action :alert, only: [:update, :show, :destroy, :metrics_dashboard] + before_action :alert, only: [:show, :metrics_dashboard] feature_category :incident_management + urgency :low def index render json: serialize_as_json(alerts) @@ -37,68 +38,13 @@ module Projects end end - def create - @alert = create_service.execute - - if @alert.persisted? - schedule_prometheus_update! - - render json: serialize_as_json(@alert) - else - head :bad_request - end - end - - def update - if update_service.execute(alert) - schedule_prometheus_update! - - render json: serialize_as_json(alert) - else - head :bad_request - end - end - - def destroy - if destroy_service.execute(alert) - schedule_prometheus_update! - - head :ok - else - head :bad_request - end - end - private - def alerts_params - params.permit(:operator, :threshold, :environment_id, :prometheus_metric_id, :runbook_url) - end - def notify_service Projects::Prometheus::Alerts::NotifyService .new(project, params.permit!) end - def create_service - Projects::Prometheus::Alerts::CreateService - .new(project: project, current_user: current_user, params: alerts_params) - end - - def update_service - Projects::Prometheus::Alerts::UpdateService - .new(project: project, current_user: current_user, params: alerts_params) - end - - def destroy_service - Projects::Prometheus::Alerts::DestroyService - .new(project: project, current_user: current_user, params: nil) - end - - def schedule_prometheus_update! - ::Clusters::Applications::ScheduleUpdateService.new(application, project).execute - end - def serialize_as_json(alert_obj) serializer.represent(alert_obj) end @@ -123,10 +69,6 @@ module Projects }.reverse_merge(opts)) end - def application - @application ||= alert.environment.cluster_prometheus_adapter - end - def extract_alert_manager_token(request) Doorkeeper::OAuth::Token.from_bearer_authorization(request) end @@ -136,10 +78,6 @@ module Projects .find_by_full_path("#{params[:namespace_id]}/#{params[:project_id]}") end - def prometheus_alerts - project.prometheus_alerts.for_environment(params[:environment_id]) - end - def metrics_dashboard_params { embedded: true, diff --git a/app/controllers/projects/prometheus/metrics_controller.rb b/app/controllers/projects/prometheus/metrics_controller.rb index e61d357ce4e..c5778ba15f2 100644 --- a/app/controllers/projects/prometheus/metrics_controller.rb +++ b/app/controllers/projects/prometheus/metrics_controller.rb @@ -74,9 +74,9 @@ module Projects end def update - @metric = update_metrics_service(prometheus_metric).execute + @metric = prometheus_metric - if @metric.persisted? + if @metric.update(metrics_params) redirect_to edit_project_integration_path(project, ::Integrations::Prometheus), notice: _('Metric was successfully updated.') else diff --git a/app/controllers/projects/registry/application_controller.rb b/app/controllers/projects/registry/application_controller.rb index e7bf8c8e757..9a94de3859a 100644 --- a/app/controllers/projects/registry/application_controller.rb +++ b/app/controllers/projects/registry/application_controller.rb @@ -9,6 +9,7 @@ module Projects before_action :authorize_read_container_image! feature_category :container_registry + urgency :low private diff --git a/app/controllers/projects/releases/evidences_controller.rb b/app/controllers/projects/releases/evidences_controller.rb index 41e2ce81eb8..9f59898878c 100644 --- a/app/controllers/projects/releases/evidences_controller.rb +++ b/app/controllers/projects/releases/evidences_controller.rb @@ -8,6 +8,7 @@ module Projects before_action :authorize_read_release_evidence! feature_category :release_evidence + urgency :low def show respond_to do |format| diff --git a/app/controllers/projects/releases_controller.rb b/app/controllers/projects/releases_controller.rb index 19413d97d9d..1dfb71842bd 100644 --- a/app/controllers/projects/releases_controller.rb +++ b/app/controllers/projects/releases_controller.rb @@ -10,13 +10,20 @@ class Projects::ReleasesController < Projects::ApplicationController before_action :validate_suffix_path, :fetch_latest_tag, only: :latest_permalink feature_category :release_orchestration + urgency :low def index respond_to do |format| format.html do require_non_empty_project end - format.json { render json: releases } + format.json do + if Feature.enabled?(:remove_sha_from_releases_json, project) + render json: ReleaseSerializer.new.represent(releases) + else + render json: releases + end + end end end diff --git a/app/controllers/projects/runner_projects_controller.rb b/app/controllers/projects/runner_projects_controller.rb index b77ce070492..34ce8df202b 100644 --- a/app/controllers/projects/runner_projects_controller.rb +++ b/app/controllers/projects/runner_projects_controller.rb @@ -6,6 +6,7 @@ class Projects::RunnerProjectsController < Projects::ApplicationController layout 'project_settings' feature_category :runner + urgency :low def create @runner = Ci::Runner.find(params[:runner_project][:runner_id]) diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb index 0eda8e3352d..ba9576795ec 100644 --- a/app/controllers/projects/runners_controller.rb +++ b/app/controllers/projects/runners_controller.rb @@ -5,6 +5,7 @@ class Projects::RunnersController < Projects::ApplicationController before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show] feature_category :runner + urgency :low def index redirect_to project_settings_ci_cd_path(@project, anchor: 'js-runners-settings') diff --git a/app/controllers/projects/security/configuration_controller.rb b/app/controllers/projects/security/configuration_controller.rb index cdb02047215..00a2a5d1193 100644 --- a/app/controllers/projects/security/configuration_controller.rb +++ b/app/controllers/projects/security/configuration_controller.rb @@ -42,7 +42,7 @@ module Projects end def unify_configuration_enabled? - Feature.enabled?(:unify_security_configuration, project, default_enabled: :yaml) + Feature.enabled?(:unify_security_configuration, project) end end end diff --git a/app/controllers/projects/serverless/functions_controller.rb b/app/controllers/projects/serverless/functions_controller.rb deleted file mode 100644 index 7352edaaab2..00000000000 --- a/app/controllers/projects/serverless/functions_controller.rb +++ /dev/null @@ -1,79 +0,0 @@ -# frozen_string_literal: true - -module Projects - module Serverless - class FunctionsController < Projects::ApplicationController - before_action :ensure_feature_enabled! - before_action :authorize_read_cluster! - - feature_category :not_owned # rubocop:todo Gitlab/AvoidFeatureCategoryNotOwned - - def index - respond_to do |format| - format.json do - functions = finder.execute.select do |function| - can?(@current_user, :read_cluster, function.cluster) - end - - serialized_functions = serialize_function(functions) - - render json: { - knative_installed: finder.knative_installed, - functions: serialized_functions - }.to_json - end - - format.html do - render - end - end - end - - def show - function = finder.service(params[:environment_id], params[:id]) - return not_found unless function && can?(@current_user, :read_cluster, function.cluster) - - @service = serialize_function(function) - return not_found if @service.nil? - - @prometheus = finder.has_prometheus?(params[:environment_id]) - - respond_to do |format| - format.json do - render json: @service - end - - format.html - end - end - - def metrics - respond_to do |format| - format.json do - metrics = finder.invocation_metrics(params[:environment_id], params[:id]) - - if metrics.nil? - head :no_content - else - render json: metrics - end - end - end - end - - private - - def finder - Projects::Serverless::FunctionsFinder.new(project) - end - - def serialize_function(function) - Projects::Serverless::ServiceSerializer.new(current_user: @current_user, project: project).represent(function) - end - - def ensure_feature_enabled! - render_404 unless Feature.enabled?(:deprecated_serverless, project, default_enabled: :yaml, type: :ops) - end - end - end -end diff --git a/app/controllers/projects/service_ping_controller.rb b/app/controllers/projects/service_ping_controller.rb index 368da8d1ef2..d8f1785d95e 100644 --- a/app/controllers/projects/service_ping_controller.rb +++ b/app/controllers/projects/service_ping_controller.rb @@ -3,7 +3,7 @@ class Projects::ServicePingController < Projects::ApplicationController before_action :authenticate_user! - feature_category :service_ping + feature_category :web_ide def web_ide_clientside_preview return render_404 unless Gitlab::CurrentSettings.web_ide_clientside_preview_enabled? @@ -17,6 +17,7 @@ class Projects::ServicePingController < Projects::ApplicationController return render_404 unless Gitlab::CurrentSettings.web_ide_clientside_preview_enabled? Gitlab::UsageDataCounters::WebIdeCounter.increment_previews_success_count + Gitlab::UsageDataCounters::EditorUniqueCounter.track_live_preview_edit_action(author: current_user) head(200) end diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb index 1321111faaf..8f83e34411b 100644 --- a/app/controllers/projects/services_controller.rb +++ b/app/controllers/projects/services_controller.rb @@ -10,8 +10,6 @@ class Projects::ServicesController < Projects::ApplicationController before_action :integration before_action :default_integration, only: [:edit, :update] before_action :web_hook_logs, only: [:edit, :update] - before_action :set_deprecation_notice_for_prometheus_integration, only: [:edit, :update] - before_action :redirect_deprecated_prometheus_integration, only: [:update] respond_to :html @@ -118,18 +116,6 @@ class Projects::ServicesController < Projects::ApplicationController .merge(errors: integration.errors.as_json) end - def redirect_deprecated_prometheus_integration - redirect_to edit_project_integration_path(project, integration) if integration.is_a?(::Integrations::Prometheus) && Feature.enabled?(:settings_operations_prometheus_service, project) - end - - def set_deprecation_notice_for_prometheus_integration - return if !integration.is_a?(::Integrations::Prometheus) || !Feature.enabled?(:settings_operations_prometheus_service, project) - - operations_link_start = "<a href=\"#{project_settings_operations_path(project)}\">" - message = s_('PrometheusService|You can now manage your Prometheus settings on the %{operations_link_start}Operations%{operations_link_end} page. Fields on this page have been deprecated.') % { operations_link_start: operations_link_start, operations_link_end: "</a>" } - flash.now[:alert] = message.html_safe - end - def use_inherited_settings?(attributes) default_integration && attributes[:inherit_from_id] == default_integration.id.to_s end diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb index 3f4d26bb6ec..ee50327be8f 100644 --- a/app/controllers/projects/settings/ci_cd_controller.rb +++ b/app/controllers/projects/settings/ci_cd_controller.rb @@ -18,6 +18,7 @@ module Projects helper_method :highlight_badge feature_category :continuous_integration + urgency :low def show if Feature.enabled?(:ci_pipeline_triggers_settings_vue_ui, @project) @@ -87,7 +88,7 @@ module Projects def permitted_project_params [ :runners_token, :builds_enabled, :build_allow_git_fetch, - :build_timeout_human_readable, :build_coverage_regex, :public_builds, + :build_timeout_human_readable, :public_builds, :ci_separated_caches, :auto_cancel_pending_pipelines, :ci_config_path, :auto_rollback_enabled, auto_devops_attributes: [:id, :domain, :enabled, :deploy_strategy], ci_cd_settings_attributes: [:default_git_depth, :forward_deployment_enabled] diff --git a/app/controllers/projects/settings/operations_controller.rb b/app/controllers/projects/settings/operations_controller.rb index 43c72b358db..d4126cbd708 100644 --- a/app/controllers/projects/settings/operations_controller.rb +++ b/app/controllers/projects/settings/operations_controller.rb @@ -17,6 +17,7 @@ module Projects helper_method :tracing_setting feature_category :incident_management + urgency :low def update result = ::Projects::Operations::UpdateService.new(project, current_user, update_params).execute @@ -133,7 +134,7 @@ module Projects # overridden in EE def permitted_project_params - project_params = { + { incident_management_setting_attributes: ::Gitlab::Tracking::IncidentManagement.tracking_keys.keys, metrics_setting_attributes: [:external_dashboard_url, :dashboard_timezone], @@ -149,12 +150,6 @@ module Projects grafana_integration_attributes: [:token, :grafana_url, :enabled], tracing_setting_attributes: [:external_url] } - - if Feature.enabled?(:settings_operations_prometheus_service, project) - project_params[:prometheus_integration_attributes] = [:manual_configuration, :api_url] - end - - project_params end end end diff --git a/app/controllers/projects/settings/packages_and_registries_controller.rb b/app/controllers/projects/settings/packages_and_registries_controller.rb index 8f0a19cfac5..0cd2bfa9695 100644 --- a/app/controllers/projects/settings/packages_and_registries_controller.rb +++ b/app/controllers/projects/settings/packages_and_registries_controller.rb @@ -9,6 +9,7 @@ module Projects before_action :packages_and_registries_settings_enabled! feature_category :package_registry + urgency :low def show end diff --git a/app/controllers/projects/settings/repository_controller.rb b/app/controllers/projects/settings/repository_controller.rb index a28c08e87cb..0fd2d56229a 100644 --- a/app/controllers/projects/settings/repository_controller.rb +++ b/app/controllers/projects/settings/repository_controller.rb @@ -12,7 +12,7 @@ module Projects feature_category :source_code_management, [:show, :cleanup] feature_category :continuous_delivery, [:create_deploy_token] - urgency :low, [:show] + urgency :low, [:show, :create_deploy_token] def show render_show diff --git a/app/controllers/projects/starrers_controller.rb b/app/controllers/projects/starrers_controller.rb index 91f49fc4d66..bc857648a06 100644 --- a/app/controllers/projects/starrers_controller.rb +++ b/app/controllers/projects/starrers_controller.rb @@ -5,6 +5,8 @@ class Projects::StarrersController < Projects::ApplicationController feature_category :projects + urgency :low, [:index] + def index @starrers = UsersStarProjectsFinder.new(@project, params, current_user: @current_user).execute @sort = params[:sort].presence || sort_value_name diff --git a/app/controllers/projects/tags/releases_controller.rb b/app/controllers/projects/tags/releases_controller.rb index 8e5539f546b..b852673d82a 100644 --- a/app/controllers/projects/tags/releases_controller.rb +++ b/app/controllers/projects/tags/releases_controller.rb @@ -9,6 +9,7 @@ class Projects::Tags::ReleasesController < Projects::ApplicationController before_action :release feature_category :release_evidence + urgency :low def edit end diff --git a/app/controllers/projects/terraform_controller.rb b/app/controllers/projects/terraform_controller.rb index aef163c98c5..ed1783bb43d 100644 --- a/app/controllers/projects/terraform_controller.rb +++ b/app/controllers/projects/terraform_controller.rb @@ -4,6 +4,7 @@ class Projects::TerraformController < Projects::ApplicationController before_action :authorize_can_read_terraform_state! feature_category :infrastructure_as_code + urgency :low def index end diff --git a/app/controllers/projects/todos_controller.rb b/app/controllers/projects/todos_controller.rb index dafdeb4c9ef..bba1949a084 100644 --- a/app/controllers/projects/todos_controller.rb +++ b/app/controllers/projects/todos_controller.rb @@ -7,6 +7,7 @@ class Projects::TodosController < Projects::ApplicationController before_action :authenticate_user!, only: [:create] feature_category :team_planning + urgency :low private diff --git a/app/controllers/projects/tracings_controller.rb b/app/controllers/projects/tracings_controller.rb index 2bc0c590e8d..a4aac6aaa32 100644 --- a/app/controllers/projects/tracings_controller.rb +++ b/app/controllers/projects/tracings_controller.rb @@ -15,6 +15,7 @@ module Projects feature_category :tracing def show + render_404 unless Feature.enabled?(:monitor_tracing, @project) end private diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb index a70795f2065..ed14f66847c 100644 --- a/app/controllers/projects/tree_controller.rb +++ b/app/controllers/projects/tree_controller.rb @@ -17,9 +17,9 @@ class Projects::TreeController < Projects::ApplicationController before_action :authorize_edit_tree!, only: [:create_dir] before_action do - push_frontend_feature_flag(:lazy_load_commits, @project, default_enabled: :yaml) - push_frontend_feature_flag(:refactor_blob_viewer, @project, default_enabled: :yaml) - push_frontend_feature_flag(:highlight_js, @project, default_enabled: :yaml) + push_frontend_feature_flag(:lazy_load_commits, @project) + push_frontend_feature_flag(:refactor_blob_viewer, @project) + push_frontend_feature_flag(:highlight_js, @project) push_licensed_feature(:file_locks) if @project.licensed_feature_available?(:file_locks) end diff --git a/app/controllers/projects/triggers_controller.rb b/app/controllers/projects/triggers_controller.rb index eec35fcec8d..f43c7e75fee 100644 --- a/app/controllers/projects/triggers_controller.rb +++ b/app/controllers/projects/triggers_controller.rb @@ -9,6 +9,7 @@ class Projects::TriggersController < Projects::ApplicationController layout 'project_settings' feature_category :continuous_integration + urgency :low def index redirect_to project_settings_ci_cd_path(@project, anchor: 'js-pipeline-triggers') diff --git a/app/controllers/projects/uploads_controller.rb b/app/controllers/projects/uploads_controller.rb index e6e91231ba2..a364668ea5f 100644 --- a/app/controllers/projects/uploads_controller.rb +++ b/app/controllers/projects/uploads_controller.rb @@ -23,6 +23,10 @@ class Projects::UploadsController < Projects::ApplicationController FileUploader end + def target_project + model + end + def find_model return @project if @project diff --git a/app/controllers/projects/work_items_controller.rb b/app/controllers/projects/work_items_controller.rb index d39664e1deb..27857dac2b7 100644 --- a/app/controllers/projects/work_items_controller.rb +++ b/app/controllers/projects/work_items_controller.rb @@ -6,6 +6,7 @@ class Projects::WorkItemsController < Projects::ApplicationController end feature_category :team_planning + urgency :low def index render_404 unless project&.work_items_feature_flag_enabled? diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 6cdfdfa9e2f..60d30352ff8 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -35,11 +35,12 @@ class ProjectsController < Projects::ApplicationController before_action :check_export_rate_limit!, only: [:export, :download_export, :generate_new_export] before_action do - push_frontend_feature_flag(:lazy_load_commits, @project, default_enabled: :yaml) - push_frontend_feature_flag(:refactor_blob_viewer, @project, default_enabled: :yaml) - push_frontend_feature_flag(:highlight_js, @project, default_enabled: :yaml) - push_frontend_feature_flag(:increase_page_size_exponentially, @project, default_enabled: :yaml) + push_frontend_feature_flag(:lazy_load_commits, @project) + push_frontend_feature_flag(:refactor_blob_viewer, @project) + push_frontend_feature_flag(:highlight_js, @project) + push_frontend_feature_flag(:increase_page_size_exponentially, @project) push_licensed_feature(:file_locks) if @project.present? && @project.licensed_feature_available?(:file_locks) + push_licensed_feature(:security_orchestration_policies) if @project.present? && @project.licensed_feature_available?(:security_orchestration_policies) push_force_frontend_feature_flag(:work_items, @project&.work_items_feature_flag_enabled?) end @@ -56,8 +57,13 @@ class ProjectsController < Projects::ApplicationController feature_category :code_review, [:unfoldered_environment_names] feature_category :portfolio_management, [:planning_hierarchy] + urgency :low, [:export, :remove_export, :generate_new_export, :download_export] + urgency :low, [:preview_markdown, :new_issuable_address] # TODO: Set high urgency for #show https://gitlab.com/gitlab-org/gitlab/-/issues/334444 - urgency :low, [:refs, :show] + + urgency :low, [:refs, :show, :toggle_star, :transfer, :archive, :destroy, :update, :create, + :activity, :edit, :new, :export, :remove_export, :generate_new_export, :download_export] + urgency :high, [:unfoldered_environment_names] def index @@ -233,6 +239,11 @@ class ProjectsController < Projects::ApplicationController edit_project_path(@project, anchor: 'js-export-project'), notice: _("Project export started. A download link will be sent by email and made available on this page.") ) + rescue Project::ExportLimitExceeded => ex + redirect_to( + edit_project_path(@project, anchor: 'js-export-project'), + alert: ex.to_s + ) end def download_export @@ -340,6 +351,8 @@ class ProjectsController < Projects::ApplicationController # # pages list order: repository readme, wiki home, issues list, customize workflow def render_landing_page + Gitlab::Tracking.event('project_overview', 'render', user: current_user, project: @project.project) + if can?(current_user, :download_code, @project) return render 'projects/no_repo' unless @project.repository_exists? @@ -412,6 +425,7 @@ class ProjectsController < Projects::ApplicationController squash_option mr_default_target_self warn_about_potentially_unwanted_characters + enforce_auth_checks_on_uploads ] end @@ -420,7 +434,6 @@ class ProjectsController < Projects::ApplicationController :allow_merge_on_skipped_pipeline, :avatar, :build_allow_git_fetch, - :build_coverage_regex, :build_timeout_human_readable, :resolve_outdated_diff_discussions, :container_registry_enabled, @@ -451,6 +464,7 @@ class ProjectsController < Projects::ApplicationController :initialize_with_sast, :initialize_with_readme, :autoclose_referenced_issues, + :ci_separated_caches, :suggestion_commit_message, :packages_enabled, :service_desk_enabled, diff --git a/app/controllers/pwa_controller.rb b/app/controllers/pwa_controller.rb new file mode 100644 index 00000000000..ea14dfb27b3 --- /dev/null +++ b/app/controllers/pwa_controller.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +class PwaController < ApplicationController # rubocop:disable Gitlab/NamespacedClass + layout 'errors' + + feature_category :navigation + + skip_before_action :authenticate_user! + + def offline + end +end diff --git a/app/controllers/registrations/welcome_controller.rb b/app/controllers/registrations/welcome_controller.rb index 41fd1b7a1e6..ea50099120b 100644 --- a/app/controllers/registrations/welcome_controller.rb +++ b/app/controllers/registrations/welcome_controller.rb @@ -2,6 +2,8 @@ module Registrations class WelcomeController < ApplicationController + include OneTrustCSP + layout 'minimal' skip_before_action :authenticate_user!, :required_signup_info, :check_two_factor_requirement, only: [:show, :update] before_action :require_current_user diff --git a/app/controllers/repositories/lfs_storage_controller.rb b/app/controllers/repositories/lfs_storage_controller.rb index 252b604dcb0..d54b51b463a 100644 --- a/app/controllers/repositories/lfs_storage_controller.rb +++ b/app/controllers/repositories/lfs_storage_controller.rb @@ -6,6 +6,8 @@ module Repositories include WorkhorseRequest include SendFileUpload + InvalidUploadedFile = Class.new(StandardError) + skip_before_action :verify_workhorse_api!, only: :download # added here as a part of the refactor, will be removed @@ -44,6 +46,8 @@ module Repositories end def upload_finalize + validate_uploaded_file! + if store_file!(oid, size) head 200, content_type: LfsRequest::CONTENT_TYPE else @@ -55,6 +59,8 @@ module Repositories render_lfs_forbidden rescue ObjectStorage::RemoteStoreError render_lfs_forbidden + rescue InvalidUploadedFile + render plain: 'SHA256 or size mismatch', status: :bad_request end private @@ -117,5 +123,13 @@ module Repositories lfs_object: object ) end + + def validate_uploaded_file! + return unless uploaded_file + + if size != uploaded_file.size || oid != uploaded_file.sha256 + raise InvalidUploadedFile + end + end end end diff --git a/app/controllers/runner_setup_controller.rb b/app/controllers/runner_setup_controller.rb index 89b635d5a6f..3926bc553ee 100644 --- a/app/controllers/runner_setup_controller.rb +++ b/app/controllers/runner_setup_controller.rb @@ -2,6 +2,7 @@ class RunnerSetupController < ApplicationController feature_category :runner + urgency :low def platforms render json: Gitlab::Ci::RunnerInstructions::OS.merge(Gitlab::Ci::RunnerInstructions::OTHER_ENVIRONMENTS) diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index b4e2da0c7b3..aab901c1008 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -25,8 +25,7 @@ class SearchController < ApplicationController layout 'search' feature_category :global_search - urgency :high, [:opensearch] - urgency :low, [:count] + urgency :low def show @project = search_service.project @@ -169,17 +168,17 @@ class SearchController < ApplicationController search_allowed = case params[:scope] when 'blobs' - Feature.enabled?(:global_search_code_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_code_tab, current_user, type: :ops) when 'commits' - Feature.enabled?(:global_search_commits_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_commits_tab, current_user, type: :ops) when 'issues' - Feature.enabled?(:global_search_issues_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_issues_tab, current_user, type: :ops) when 'merge_requests' - Feature.enabled?(:global_search_merge_requests_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_merge_requests_tab, current_user, type: :ops) when 'wiki_blobs' - Feature.enabled?(:global_search_wiki_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_wiki_tab, current_user, type: :ops) when 'users' - Feature.enabled?(:global_search_users_tab, current_user, type: :ops, default_enabled: :yaml) + Feature.enabled?(:global_search_users_tab, current_user, type: :ops) else true end diff --git a/app/controllers/sent_notifications_controller.rb b/app/controllers/sent_notifications_controller.rb index ebadfd1cdfb..6069924b39a 100644 --- a/app/controllers/sent_notifications_controller.rb +++ b/app/controllers/sent_notifications_controller.rb @@ -4,6 +4,7 @@ class SentNotificationsController < ApplicationController skip_before_action :authenticate_user! feature_category :team_planning + urgency :low def unsubscribe @sent_notification = SentNotification.for(params[:id]) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 3e11e0940bf..66a531b0b3b 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -33,7 +33,7 @@ class SessionsController < Devise::SessionsController before_action :load_recaptcha before_action :set_invite_params, only: [:new] before_action do - push_frontend_feature_flag(:webauthn, default_enabled: :yaml) + push_frontend_feature_flag(:webauthn) end after_action :log_failed_login, if: :action_new_and_failed_login? @@ -53,6 +53,7 @@ class SessionsController < Devise::SessionsController protect_from_forgery with: :exception, prepend: true, except: :destroy feature_category :authentication_and_authorization + urgency :low CAPTCHA_HEADER = 'X-GitLab-Show-Login-Captcha' MAX_FAILED_LOGIN_ATTEMPTS = 5 @@ -270,7 +271,7 @@ class SessionsController < Devise::SessionsController def valid_otp_attempt?(user) otp_validation_result = - ::Users::ValidateOtpService.new(user).execute(user_params[:otp_attempt]) + ::Users::ValidateManualOtpService.new(user).execute(user_params[:otp_attempt]) return true if otp_validation_result[:status] == :success user.invalidate_otp_backup_code!(user_params[:otp_attempt]) @@ -306,9 +307,9 @@ class SessionsController < Devise::SessionsController def authentication_method if user_params[:otp_attempt] AuthenticationEvent::TWO_FACTOR - elsif user_params[:device_response] && Feature.enabled?(:webauthn, default_enabled: :yaml) + elsif user_params[:device_response] && Feature.enabled?(:webauthn) AuthenticationEvent::TWO_FACTOR_WEBAUTHN - elsif user_params[:device_response] && !Feature.enabled?(:webauthn, default_enabled: :yaml) + elsif user_params[:device_response] && !Feature.enabled?(:webauthn) AuthenticationEvent::TWO_FACTOR_U2F else AuthenticationEvent::STANDARD diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 228ef710749..794d60e733d 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -34,7 +34,9 @@ class UsersController < ApplicationController feature_category :snippets, [:snippets] # TODO: Set higher urgency after resolving https://gitlab.com/gitlab-org/gitlab/-/issues/357914 - urgency :low, [:show] + urgency :low, [:show, :calendar_activities, :contributed, :activity, :projects, :groups] + urgency :default, [:calendar, :followers, :following, :starred] + urgency :high, [:exists] def show respond_to do |format| |