diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-07 06:11:09 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-07 06:11:09 +0300 |
| commit | fcfafe81d1f1aa442c5a5c93cd27b5f5b798cb90 (patch) | |
| tree | c75080b3bf76b2a8f891e6b0b7437794da03519e /app/models | |
| parent | 11438b1771abda3c216ca627bf5319684474889b (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/analytics/cycle_analytics/stage.rb | 13 | ||||
| -rw-r--r-- | app/models/audit_event.rb | 2 | ||||
| -rw-r--r-- | app/models/integrations/chat_message/base_message.rb | 6 |
3 files changed, 14 insertions, 7 deletions
diff --git a/app/models/analytics/cycle_analytics/stage.rb b/app/models/analytics/cycle_analytics/stage.rb index fb9918e195d..7e9a89975a3 100644 --- a/app/models/analytics/cycle_analytics/stage.rb +++ b/app/models/analytics/cycle_analytics/stage.rb @@ -18,8 +18,19 @@ foreign_key: :group_value_stream_id, inverse_of: :stages alias_attribute :value_stream_id, :group_value_stream_id def self.distinct_stages_within_hierarchy(namespace) + # Looking up the whole hierarchy including all kinds (type) of Namespace records. + # We're doing a custom traversal_ids query because: + # - The traversal_ids based `self_and_descendants` doesn't include the ProjectNamespace records. + # - The default recursive lookup also excludes the ProjectNamespace records. + # + # Related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/386124 + all_namespace_ids = + Namespace + .select(Arel.sql('namespaces.traversal_ids[array_length(namespaces.traversal_ids, 1)]').as('id')) + .where("traversal_ids @> ('{?}')", namespace.id) + with_preloaded_labels - .where(group_id: namespace.self_and_descendants.select(:id)) + .where(parent_id: all_namespace_ids) .select("DISTINCT ON(stage_event_hash_id) #{quoted_table_name}.*") end diff --git a/app/models/audit_event.rb b/app/models/audit_event.rb index 0c75f6e8b0b..4d92cb1becf 100644 --- a/app/models/audit_event.rb +++ b/app/models/audit_event.rb @@ -74,7 +74,7 @@ class AuditEvent < ApplicationRecord def lazy_author BatchLoader.for(author_id).batch do |author_ids, loader| - User.select(:id, :name, :username).where(id: author_ids).find_each do |user| + User.select(:id, :name, :username, :email).where(id: author_ids).find_each do |user| loader.call(user.id, user) end end diff --git a/app/models/integrations/chat_message/base_message.rb b/app/models/integrations/chat_message/base_message.rb index 554b422c0fa..501b214a769 100644 --- a/app/models/integrations/chat_message/base_message.rb +++ b/app/models/integrations/chat_message/base_message.rb @@ -5,10 +5,6 @@ module Integrations class BaseMessage RELATIVE_LINK_REGEX = %r{!\[[^\]]*\]\((/uploads/[^\)]*)\)}.freeze - # Markup characters which are used for links in HTML, Markdown, - # and Slack "mrkdwn" syntax (`<http://example.com|Label>`). - UNSAFE_MARKUP_CHARACTERS = '<>[]|' - attr_reader :markdown attr_reader :user_full_name attr_reader :user_name @@ -85,7 +81,7 @@ module Integrations # - https://api.slack.com/reference/surfaces/formatting#escaping # - https://gitlab.com/gitlab-org/slack-notifier#escaping def strip_markup(string) - string&.delete(UNSAFE_MARKUP_CHARACTERS) + SlackMarkdownSanitizer.sanitize(string) end def attachment_color |