Add latest changes from gitlab-org/gitlab@master

13 files changed, 60 insertions, 14 deletions

diff --git a/app/assets/javascripts/monitoring/stores/actions.js b/app/assets/javascripts/monitoring/stores/actions.js
index d74e0887c9b..cac04faae98 100644
--- a/app/assets/javascripts/monitoring/stores/actions.js
+++ b/app/assets/javascripts/monitoring/stores/actions.js
@@ -375,7 +375,7 @@ export const fetchDashboardValidationWarnings = ({ state, dispatch }) => {
     })
     .then(resp => resp.data?.project?.environments?.nodes?.[0]?.metricsDashboard)
     .then(({ schemaValidationWarnings } = {}) => {
-      const hasWarnings = schemaValidationWarnings?.length !== 0;
+      const hasWarnings = schemaValidationWarnings && schemaValidationWarnings.length !== 0;
       /**
        * The payload of the dispatch is a boolean, because at the moment a standard
        * warning message is shown instead of the warnings the BE returns
diff --git a/app/assets/javascripts/pages/shared/wikis/components/delete_wiki_modal.vue b/app/assets/javascripts/pages/shared/wikis/components/delete_wiki_modal.vue
index 580cca49b5e..a7b7d597fb7 100644
--- a/app/assets/javascripts/pages/shared/wikis/components/delete_wiki_modal.vue
+++ b/app/assets/javascripts/pages/shared/wikis/components/delete_wiki_modal.vue
@@ -55,13 +55,22 @@ export default {
 
 <template>
   <div class="d-inline-block">
-    <button v-gl-modal="modalId" type="button" class="btn btn-danger">{{ __('Delete') }}</button>
+    <button
+      v-gl-modal="modalId"
+      type="button"
+      class="btn btn-danger"
+      data-qa-selector="delete_button"
+    >
+      {{ __('Delete') }}
+    </button>
     <gl-modal
       :title="title"
-      :ok-title="s__('WikiPageConfirmDelete|Delete page')"
+      :action-primary="{
+        text: s__('WikiPageConfirmDelete|Delete page'),
+        attributes: { variant: 'danger', 'data-qa-selector': 'confirm_deletion_button' },
+      }"
       :modal-id="modalId"
       title-tag="h4"
-      ok-variant="danger"
       @ok="onSubmit"
     >
       {{ message }}
diff --git a/app/controllers/concerns/snippets_actions.rb b/app/controllers/concerns/snippets_actions.rb
index 3b8f9722913..048b18c5c61 100644
--- a/app/controllers/concerns/snippets_actions.rb
+++ b/app/controllers/concerns/snippets_actions.rb
@@ -8,6 +8,7 @@ module SnippetsActions
   include PaginatedCollection
   include Gitlab::NoteableMetadata
   include Snippets::SendBlob
+  include SnippetsSort
 
   included do
     skip_before_action :verify_authenticity_token,
diff --git a/app/controllers/concerns/snippets_sort.rb b/app/controllers/concerns/snippets_sort.rb
new file mode 100644
index 00000000000..f122c843af7
--- /dev/null
+++ b/app/controllers/concerns/snippets_sort.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module SnippetsSort
+  extend ActiveSupport::Concern
+
+  def sort_param
+    params[:sort].presence || 'updated_desc'
+  end
+end
diff --git a/app/controllers/dashboard/snippets_controller.rb b/app/controllers/dashboard/snippets_controller.rb
index aa09fcdbe61..a8ca3dbd0e7 100644
--- a/app/controllers/dashboard/snippets_controller.rb
+++ b/app/controllers/dashboard/snippets_controller.rb
@@ -3,6 +3,7 @@
 class Dashboard::SnippetsController < Dashboard::ApplicationController
   include PaginatedCollection
   include Gitlab::NoteableMetadata
+  include SnippetsSort
 
   skip_cross_project_access_check :index
 
@@ -11,7 +12,7 @@ class Dashboard::SnippetsController < Dashboard::ApplicationController
       .new(current_user, author: current_user)
       .execute
 
-    @snippets = SnippetsFinder.new(current_user, author: current_user, scope: params[:scope])
+    @snippets = SnippetsFinder.new(current_user, author: current_user, scope: params[:scope], sort: sort_param)
       .execute
       .page(params[:page])
       .inc_author
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 1bc63fce5fc..49840e847f2 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -19,7 +19,7 @@ class Projects::SnippetsController < Projects::Snippets::ApplicationController
       .new(current_user, project: @project)
       .execute
 
-    @snippets = SnippetsFinder.new(current_user, project: @project, scope: params[:scope])
+    @snippets = SnippetsFinder.new(current_user, project: @project, scope: params[:scope], sort: sort_param)
       .execute
       .page(params[:page])
       .inc_author
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 87d87390e57..e68b821459d 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -21,7 +21,7 @@ class SnippetsController < Snippets::ApplicationController
     if params[:username].present?
       @user = UserFinder.new(params[:username]).find_by_username!
 
-      @snippets = SnippetsFinder.new(current_user, author: @user, scope: params[:scope])
+      @snippets = SnippetsFinder.new(current_user, author: @user, scope: params[:scope], sort: sort_param)
         .execute
         .page(params[:page])
         .inc_author
diff --git a/app/finders/snippets_finder.rb b/app/finders/snippets_finder.rb
index 4f63810423b..ecde2c9f475 100644
--- a/app/finders/snippets_finder.rb
+++ b/app/finders/snippets_finder.rb
@@ -43,7 +43,7 @@ class SnippetsFinder < UnionFinder
   include Gitlab::Utils::StrongMemoize
 
   attr_accessor :current_user, :params
-  delegate :explore, :only_personal, :only_project, :scope, to: :params
+  delegate :explore, :only_personal, :only_project, :scope, :sort, to: :params
 
   def initialize(current_user = nil, params = {})
     @current_user = current_user
@@ -69,7 +69,9 @@ class SnippetsFinder < UnionFinder
 
     items = init_collection
     items = by_ids(items)
-    items.with_optional_visibility(visibility_from_scope).fresh
+    items = items.with_optional_visibility(visibility_from_scope)
+
+    items.order_by(sort_param)
   end
 
   private
@@ -202,6 +204,10 @@ class SnippetsFinder < UnionFinder
       params[:project].is_a?(Project) ? params[:project] : Project.find_by_id(params[:project])
     end
   end
+
+  def sort_param
+    sort.presence || 'id_desc'
+  end
 end
 
 SnippetsFinder.prepend_if_ee('EE::SnippetsFinder')
diff --git a/app/policies/merge_request_policy.rb b/app/policies/merge_request_policy.rb
index e2aca2a37d5..e5ac228b0ee 100644
--- a/app/policies/merge_request_policy.rb
+++ b/app/policies/merge_request_policy.rb
@@ -10,6 +10,10 @@ class MergeRequestPolicy < IssuablePolicy
   # it would not be safe to prevent :create_note there, since
   # note permissions are shared, and this would apply too broadly.
   rule { ~can?(:read_merge_request) }.prevent :create_note
+
+  rule { can?(:update_merge_request) }.policy do
+    enable :approve_merge_request
+  end
 end
 
 MergeRequestPolicy.prepend_if_ee('EE::MergeRequestPolicy')
diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb
index 6e89cadb82d..d0e81da5aab 100644
--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -2,8 +2,6 @@
 
 module Members
   class DestroyService < Members::BaseService
-    WAIT_FOR_DELETE = 1.hour
-
     def execute(member, skip_authorization: false, skip_subresources: false, unassign_issuables: false)
       raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_destroy_member?(member)
 
@@ -72,7 +70,7 @@ module Members
       source_type = member.is_a?(GroupMember) ? 'Group' : 'Project'
 
       member.run_after_commit do
-        MembersDestroyer::UnassignIssuablesWorker.perform_in(WAIT_FOR_DELETE, member.user_id, member.source_id, source_type)
+        MembersDestroyer::UnassignIssuablesWorker.perform_async(member.user_id, member.source_id, source_type)
       end
     end
   end
diff --git a/app/services/merge_requests/approval_service.rb b/app/services/merge_requests/approval_service.rb
index 0fe165303f2..150ec85fca9 100644
--- a/app/services/merge_requests/approval_service.rb
+++ b/app/services/merge_requests/approval_service.rb
@@ -3,19 +3,27 @@
 module MergeRequests
   class ApprovalService < MergeRequests::BaseService
     def execute(merge_request)
+      return unless can_be_approved?(merge_request)
+
       approval = merge_request.approvals.new(user: current_user)
 
-      return unless save_approval(approval)
+      return success unless save_approval(approval)
 
       reset_approvals_cache(merge_request)
       create_event(merge_request)
       create_approval_note(merge_request)
       mark_pending_todos_as_done(merge_request)
       execute_approval_hooks(merge_request, current_user)
+
+      success
     end
 
     private
 
+    def can_be_approved?(merge_request)
+      current_user.can?(:approve_merge_request, merge_request)
+    end
+
     def reset_approvals_cache(merge_request)
       merge_request.approvals.reset
     end
diff --git a/app/services/merge_requests/remove_approval_service.rb b/app/services/merge_requests/remove_approval_service.rb
index e2675f64ee4..aeaaebdbff6 100644
--- a/app/services/merge_requests/remove_approval_service.rb
+++ b/app/services/merge_requests/remove_approval_service.rb
@@ -4,6 +4,8 @@ module MergeRequests
   class RemoveApprovalService < MergeRequests::BaseService
     # rubocop: disable CodeReuse/ActiveRecord
     def execute(merge_request)
+      return unless approved_by_user?(merge_request)
+
       # paranoid protection against running wrong deletes
       return unless merge_request.id && current_user.id
 
@@ -15,11 +17,17 @@ module MergeRequests
         reset_approvals_cache(merge_request)
         create_note(merge_request)
       end
+
+      success
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
     private
 
+    def approved_by_user?(merge_request)
+      merge_request.approved_by_users.include?(current_user)
+    end
+
     def reset_approvals_cache(merge_request)
       merge_request.approvals.reset
     end
diff --git a/app/views/notify/push_to_merge_request_email.text.haml b/app/views/notify/push_to_merge_request_email.text.haml
index 55cbd62b7e8..5c2005a47e5 100644
--- a/app/views/notify/push_to_merge_request_email.text.haml
+++ b/app/views/notify/push_to_merge_request_email.text.haml
@@ -1,4 +1,6 @@
-#{sanitize_name(@updated_by_user.name)} pushed new commits to merge request #{merge_request_reference_link(@merge_request)}
+#{sanitize_name(@updated_by_user.name)} pushed new commits to merge request #{@merge_request.to_reference}
+
+Merge Request URL: #{project_merge_request_url(@merge_request.target_project, @merge_request)}
 \
 - if @existing_commits.any?
   - count = @existing_commits.size