diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-25 19:30:40 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-25 19:30:40 +0300 |
commit | b485c8c3723dc5aaba15ab9fa258010d1ec66d61 (patch) | |
tree | 36cd2260b2f31bc77ad313b644e5784160ce9104 /app | |
parent | 479d579719c36f1b8706165c20f4525bc32bb451 (diff) |
Add latest changes from gitlab-org/security/gitlab@14-8-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/mirrors/mirror_repos.js | 10 | ||||
-rw-r--r-- | app/services/members/create_service.rb | 13 | ||||
-rw-r--r-- | app/views/projects/mirrors/_authentication_method.html.haml | 2 |
3 files changed, 23 insertions, 2 deletions
diff --git a/app/assets/javascripts/mirrors/mirror_repos.js b/app/assets/javascripts/mirrors/mirror_repos.js index e59da18fb77..5bf08be1ead 100644 --- a/app/assets/javascripts/mirrors/mirror_repos.js +++ b/app/assets/javascripts/mirrors/mirror_repos.js @@ -6,6 +6,8 @@ import { __ } from '~/locale'; import { hide } from '~/tooltips'; import SSHMirror from './ssh_mirror'; +const PASSWORD_FIELD_SELECTOR = '.js-mirror-password-field'; + export default class MirrorRepos { constructor(container) { this.$container = $(container); @@ -27,7 +29,6 @@ export default class MirrorRepos { this.$passwordGroup = $('.js-password-group', this.$container); this.$password = $('.js-password', this.$passwordGroup); this.$authMethod = $('.js-auth-method', this.$form); - this.$keepDivergentRefsInput.on('change', () => this.updateKeepDivergentRefs()); this.$authMethod.on('change', () => this.togglePassword()); this.$password.on('input.updateUrl', () => this.debouncedUpdateUrl()); @@ -35,6 +36,13 @@ export default class MirrorRepos { this.initMirrorSSH(); this.updateProtectedBranches(); this.updateKeepDivergentRefs(); + MirrorRepos.resetPasswordField(); + } + + static resetPasswordField() { + if (document.querySelector(PASSWORD_FIELD_SELECTOR)) { + document.querySelector(PASSWORD_FIELD_SELECTOR).value = ''; + } } initMirrorSSH() { diff --git a/app/services/members/create_service.rb b/app/services/members/create_service.rb index dc29bb2c6da..758fa2e67f1 100644 --- a/app/services/members/create_service.rb +++ b/app/services/members/create_service.rb @@ -19,6 +19,8 @@ module Members end def execute + raise Gitlab::Access::AccessDeniedError unless can?(current_user, create_member_permission(source), source) + validate_invite_source! validate_invitable! @@ -156,6 +158,17 @@ module Members }) ) end + + def create_member_permission(source) + case source + when Group + :admin_group_member + when Project + :admin_project_member + else + raise "Unknown source type: #{source.class}!" + end + end end end diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml index e9e3645d7f2..28b433b2514 100644 --- a/app/views/projects/mirrors/_authentication_method.html.haml +++ b/app/views/projects/mirrors/_authentication_method.html.haml @@ -13,4 +13,4 @@ .form-group .well-password-auth.collapse.js-well-password-auth = f.label :password, _("Password"), class: "label-bold" - = f.password_field :password, class: 'form-control gl-form-input qa-password', autocomplete: 'new-password' + = f.password_field :password, class: 'form-control gl-form-input qa-password js-mirror-password-field', autocomplete: 'off' |