diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-18 18:15:16 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-18 18:15:16 +0300 |
commit | 9ee9d3012b3747270beb6dec6200d632d8afd0e3 (patch) | |
tree | 13dd297abb01c7b45261289c1f97a63dcd0a9fc3 /app | |
parent | 00cfeb7c25bdbd460efb83ad846cb924e73ee150 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
19 files changed, 144 insertions, 133 deletions
diff --git a/app/assets/stylesheets/framework/sidebar.scss b/app/assets/stylesheets/framework/sidebar.scss index 9e453249a79..0eecf7bddc1 100644 --- a/app/assets/stylesheets/framework/sidebar.scss +++ b/app/assets/stylesheets/framework/sidebar.scss @@ -330,7 +330,7 @@ .right-sidebar { &:not(.right-sidebar-merge-requests) { @include right-sidebar; - top: $calc-application-bars-height; + top: $calc-application-header-height; @include media-breakpoint-down(md) { z-index: 251; @@ -490,6 +490,10 @@ width: $right-sidebar-width; } + .issuable-sidebar-header { + @include gl-py-5; + } + .value { line-height: 1; } diff --git a/app/assets/stylesheets/page_bundles/issuable.scss b/app/assets/stylesheets/page_bundles/issuable.scss index 05563f8e314..8b353b42f58 100644 --- a/app/assets/stylesheets/page_bundles/issuable.scss +++ b/app/assets/stylesheets/page_bundles/issuable.scss @@ -105,3 +105,8 @@ @include gl-font-weight-normal; } } + +[data-page="projects:issues:show"] .top-bar-fixed, +[data-page="groups:epics:show"] .top-bar-fixed { + width: 100%; +} diff --git a/app/assets/stylesheets/page_bundles/project.scss b/app/assets/stylesheets/page_bundles/project.scss index c0fbd7f5d84..c2ecf3702f9 100644 --- a/app/assets/stylesheets/page_bundles/project.scss +++ b/app/assets/stylesheets/page_bundles/project.scss @@ -159,11 +159,9 @@ // FF :project_overview_reorg enabled .project-page-indicator:not(.hidden) + .project-page-layout { - --project-overview-sidebar-width: 290px; - @include media-breakpoint-up(lg) { display: grid; - grid-template-columns: auto var(--project-overview-sidebar-width); + grid-template-columns: auto $right-sidebar-width; gap: 2rem; .project-page-layout-content, @@ -190,7 +188,7 @@ -webkit-overflow-scrolling: touch; .project-page-sidebar-block { - width: calc(var(--project-overview-sidebar-width) - 1px); + width: $right-sidebar-width - 1px; &:first-of-type { padding-top: $gl-spacing-scale-1; diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 8156cf8e165..fca3bb3460f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -297,7 +297,7 @@ class ApplicationController < BaseActionController return if current_user.nil? if current_user.password_expired? && current_user.allow_password_authentication? - redirect_to new_profile_password_path + redirect_to new_user_settings_password_path end end diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb deleted file mode 100644 index 7a0dfbbba0d..00000000000 --- a/app/controllers/profiles/passwords_controller.rb +++ /dev/null @@ -1,102 +0,0 @@ -# frozen_string_literal: true - -class Profiles::PasswordsController < Profiles::ApplicationController - include Gitlab::Tracking::Helpers::WeakPasswordErrorEvent - - skip_before_action :check_password_expiration, only: [:new, :create] - skip_before_action :check_two_factor_requirement, only: [:new, :create] - - before_action :set_user - before_action :authorize_change_password! - - layout :determine_layout - - feature_category :system_access - - def new - end - - def create - unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) - redirect_to new_profile_password_path, alert: _('You must provide a valid current password') - return - end - - result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute - - if result[:status] == :success - Users::UpdateService.new(current_user, user: @user, password_expires_at: nil).execute - - redirect_to root_path, notice: _('Password successfully changed') - else - track_weak_password_error(@user, self.class.name, 'create') - render :new - end - end - - def edit - end - - def update - unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) - handle_invalid_current_password_attempt! - - redirect_to edit_profile_password_path, alert: _('You must provide a valid current password') - return - end - - result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute - - if result[:status] == :success - flash[:notice] = _('Password was successfully updated. Please sign in again.') - redirect_to new_user_session_path - else - track_weak_password_error(@user, self.class.name, 'update') - @user.reset - render 'edit' - end - end - - def reset - current_user.send_reset_password_instructions - redirect_to edit_profile_password_path, notice: _('We sent you an email with reset password instructions') - end - - private - - def set_user - @user = current_user - end - - def determine_layout - if [:new, :create].include?(action_name.to_sym) - 'application' - else - 'profile' - end - end - - def authorize_change_password! - render_404 unless @user.allow_password_authentication? - end - - def handle_invalid_current_password_attempt! - Gitlab::AppLogger.info(message: 'Invalid current password when attempting to update user password', username: @user.username, ip: request.remote_ip) - - @user.increment_failed_attempts! - end - - def user_params - params.require(:user).permit(:password, :new_password, :password_confirmation) - end - - def password_attributes - { - password: user_params[:new_password], - password_confirmation: user_params[:password_confirmation], - password_automatically_set: false - } - end -end - -Profiles::PasswordsController.prepend_mod diff --git a/app/controllers/user_settings/passwords_controller.rb b/app/controllers/user_settings/passwords_controller.rb new file mode 100644 index 00000000000..d68ddf90d49 --- /dev/null +++ b/app/controllers/user_settings/passwords_controller.rb @@ -0,0 +1,103 @@ +# frozen_string_literal: true + +module UserSettings + class PasswordsController < ApplicationController + include Gitlab::Tracking::Helpers::WeakPasswordErrorEvent + + skip_before_action :check_password_expiration, only: [:new, :create] + skip_before_action :check_two_factor_requirement, only: [:new, :create] + + before_action :set_user + before_action :authorize_change_password! + + layout :determine_layout + + feature_category :system_access + + def new; end + + def create + unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) + redirect_to new_user_settings_password_path, alert: _('You must provide a valid current password') + return + end + + result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute + + if result[:status] == :success + Users::UpdateService.new(current_user, user: @user, password_expires_at: nil).execute + + redirect_to root_path, notice: _('Password successfully changed') + else + track_weak_password_error(@user, self.class.name, 'create') + render :new + end + end + + def edit; end + + def update + unless @user.password_automatically_set || @user.valid_password?(user_params[:password]) + handle_invalid_current_password_attempt! + + redirect_to edit_user_settings_password_path, alert: _('You must provide a valid current password') + return + end + + result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute + + if result[:status] == :success + flash[:notice] = _('Password was successfully updated. Please sign in again.') + redirect_to new_user_session_path + else + track_weak_password_error(@user, self.class.name, 'update') + @user.reset + render 'edit' + end + end + + def reset + current_user.send_reset_password_instructions + redirect_to edit_user_settings_password_path, notice: _('We sent you an email with reset password instructions') + end + + private + + def set_user + @user = current_user + end + + def determine_layout + if [:new, :create].include?(action_name.to_sym) + 'application' + else + 'profile' + end + end + + def authorize_change_password! + render_404 unless @user.allow_password_authentication? + end + + def handle_invalid_current_password_attempt! + Gitlab::AppLogger.info(message: 'Invalid current password when attempting to update user password', + username: @user.username, ip: request.remote_ip) + + @user.increment_failed_attempts! + end + + def user_params + params.require(:user).permit(:password, :new_password, :password_confirmation) + end + + def password_attributes + { + password: user_params[:new_password], + password_confirmation: user_params[:password_confirmation], + password_automatically_set: false + } + end + end +end + +UserSettings::PasswordsController.prepend_mod diff --git a/app/finders/milestones_finder.rb b/app/finders/milestones_finder.rb index 38379f5bbbf..820fb6ea291 100644 --- a/app/finders/milestones_finder.rb +++ b/app/finders/milestones_finder.rb @@ -27,9 +27,8 @@ class MilestonesFinder def execute items = Milestone.all - items = by_ids(items) + items = by_ids_or_title(items) items = by_groups_and_projects(items) - items = by_title(items) items = by_search_title(items) items = by_search(items) items = by_state(items) @@ -43,26 +42,18 @@ class MilestonesFinder private - def by_ids(items) - return items unless params[:ids].present? + def by_ids_or_title(items) + return items if params[:ids].blank? && params[:title].blank? + return items.id_in(params[:ids]) if params[:ids].present? && params[:title].blank? + return items.with_title(params[:title]) if params[:ids].blank? && params[:title].present? - items.id_in(params[:ids]) + items.with_ids_or_title(ids: params[:ids], title: params[:title]) end def by_groups_and_projects(items) items.for_projects_and_groups(params[:project_ids], params[:group_ids]) end - # rubocop: disable CodeReuse/ActiveRecord - def by_title(items) - if params[:title] - items.where(title: params[:title]) - else - items - end - end - # rubocop: enable CodeReuse/ActiveRecord - def by_search_title(items) if params[:search_title].present? items.search_title(params[:search_title]) diff --git a/app/graphql/mutations/namespace/package_settings/update.rb b/app/graphql/mutations/namespace/package_settings/update.rb index 97c16ee79fe..813c5687642 100644 --- a/app/graphql/mutations/namespace/package_settings/update.rb +++ b/app/graphql/mutations/namespace/package_settings/update.rb @@ -81,6 +81,11 @@ module Mutations required: false, description: copy_field_description(Types::Namespace::PackageSettingsType, :lock_pypi_package_requests_forwarding) + argument :nuget_symbol_server_enabled, + GraphQL::Types::Boolean, + required: false, + description: copy_field_description(Types::Namespace::PackageSettingsType, :nuget_symbol_server_enabled) + field :package_settings, Types::Namespace::PackageSettingsType, null: true, diff --git a/app/graphql/types/namespace/package_settings_type.rb b/app/graphql/types/namespace/package_settings_type.rb index 6c6144f2357..7bf76ae7de5 100644 --- a/app/graphql/types/namespace/package_settings_type.rb +++ b/app/graphql/types/namespace/package_settings_type.rb @@ -31,7 +31,7 @@ module Types description: 'When nuget_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. ' field :nuget_duplicates_allowed, GraphQL::Types::Boolean, null: false, - description: 'Indicates whether duplicate NuGet packages are allowed for this namespace. ' + description: 'Indicates whether duplicate NuGet packages are allowed for this namespace.' field :pypi_package_requests_forwarding, GraphQL::Types::Boolean, null: true, description: 'Indicates whether PyPI package forwarding is allowed for this namespace.' @@ -58,5 +58,9 @@ module Types null: false, method: :pypi_package_requests_forwarding_locked?, description: 'Indicates whether PyPI package forwarding settings are locked by a parent namespace.' + + field :nuget_symbol_server_enabled, GraphQL::Types::Boolean, + null: false, + description: 'Indicates wheather the NuGet symbol server is enabled for this namespace.' end end diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index a821d014592..7663055d3b0 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -243,7 +243,7 @@ module ProjectsHelper def no_password_message push_pull_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('topics/git/terminology', anchor: 'pull-and-push') } clone_with_https_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('gitlab-basics/start-using-git', anchor: 'clone-with-https') } - set_password_link_start = '<a href="%{url}">'.html_safe % { url: edit_profile_password_path } + set_password_link_start = '<a href="%{url}">'.html_safe % { url: edit_user_settings_password_path } set_up_pat_link_start = '<a href="%{url}">'.html_safe % { url: user_settings_personal_access_tokens_path } message = if current_user.require_password_creation_for_git? diff --git a/app/mailers/emails/identity_verification.rb b/app/mailers/emails/identity_verification.rb index f3fe609e7d1..7a20b66d439 100644 --- a/app/mailers/emails/identity_verification.rb +++ b/app/mailers/emails/identity_verification.rb @@ -5,7 +5,7 @@ module Emails def verification_instructions_email(email, token:) @token = token @expires_in_minutes = Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES - @password_link = edit_profile_password_url + @password_link = edit_user_settings_password_url @two_fa_link = help_page_url('user/profile/account/two_factor_authentication') headers = { diff --git a/app/mailers/emails/profile.rb b/app/mailers/emails/profile.rb index 9fc3332293c..cf46257f7d4 100644 --- a/app/mailers/emails/profile.rb +++ b/app/mailers/emails/profile.rb @@ -150,7 +150,7 @@ module Emails @user = user @ip = ip @time = time - @target_url = edit_profile_password_url + @target_url = edit_user_settings_password_url email_with_layout( to: @user.notification_email_or_default, diff --git a/app/models/milestone.rb b/app/models/milestone.rb index d5b9a4dc30f..c23921f28bd 100644 --- a/app/models/milestone.rb +++ b/app/models/milestone.rb @@ -56,6 +56,7 @@ class Milestone < ApplicationRecord scope :with_api_entity_associations, -> { preload(project: [:project_feature, :route, namespace: :route]) } scope :preload_for_indexing, -> { includes(project: [:project_feature]) } scope :order_by_dates_and_title, -> { order(due_date: :asc, start_date: :asc, title: :asc) } + scope :with_ids_or_title, ->(ids:, title:) { id_in(ids).or(with_title(title)) } validates :group, presence: true, unless: :project validates :project, presence: true, unless: :group diff --git a/app/models/namespace/package_setting.rb b/app/models/namespace/package_setting.rb index a249bb144f9..a5a393ad8a2 100644 --- a/app/models/namespace/package_setting.rb +++ b/app/models/namespace/package_setting.rb @@ -23,6 +23,7 @@ class Namespace::PackageSetting < ApplicationRecord validates :generic_duplicate_exception_regex, untrusted_regexp: true, length: { maximum: 255 } validates :nuget_duplicates_allowed, inclusion: { in: [true, false] } validates :nuget_duplicate_exception_regex, untrusted_regexp: true, length: { maximum: 255 } + validates :nuget_symbol_server_enabled, inclusion: { in: [true, false] } class << self def duplicates_allowed?(package) diff --git a/app/services/namespaces/package_settings/update_service.rb b/app/services/namespaces/package_settings/update_service.rb index cd5745cfec6..d7ab6828346 100644 --- a/app/services/namespaces/package_settings/update_service.rb +++ b/app/services/namespaces/package_settings/update_service.rb @@ -16,7 +16,8 @@ module Namespaces pypi_package_requests_forwarding lock_maven_package_requests_forwarding lock_npm_package_requests_forwarding - lock_pypi_package_requests_forwarding].freeze + lock_pypi_package_requests_forwarding + nuget_symbol_server_enabled].freeze def execute return ServiceResponse.error(message: 'Access Denied', http_status: 403) unless allowed? diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml index 75dba925328..6da1121fe7b 100644 --- a/app/views/profiles/accounts/show.html.haml +++ b/app/views/profiles/accounts/show.html.haml @@ -93,7 +93,7 @@ = s_('Profiles|You must transfer ownership or delete these groups before you can delete your account.') - elsif !current_user.can_remove_self? %p - = s_('Profiles|GitLab is unable to verify your identity automatically. For security purposes, you must set a password by %{openingTag}resetting your password%{closingTag} to delete your account.').html_safe % { openingTag: "<a href='#{reset_profile_password_path}' rel=\"nofollow\" data-method=\"put\">".html_safe, closingTag: '</a>'.html_safe} + = s_('Profiles|GitLab is unable to verify your identity automatically. For security purposes, you must set a password by %{openingTag}resetting your password%{closingTag} to delete your account.').html_safe % { openingTag: "<a href='#{reset_user_settings_password_path}' rel=\"nofollow\" data-method=\"put\">".html_safe, closingTag: '</a>'.html_safe} %p = s_('Profiles|If after setting a password, the option to delete your account is still not available, please %{link_start}submit a request%{link_end} to begin the account deletion process.').html_safe % { link_start: '<a href="https://support.gitlab.io/account-deletion/" rel="nofollow noreferrer noopener" target="_blank">'.html_safe, link_end: '</a>'.html_safe} - else diff --git a/app/views/shared/issuable/_sidebar.html.haml b/app/views/shared/issuable/_sidebar.html.haml index f018e4f122e..efb6d59a66d 100644 --- a/app/views/shared/issuable/_sidebar.html.haml +++ b/app/views/shared/issuable/_sidebar.html.haml @@ -15,7 +15,7 @@ %aside.right-sidebar.js-right-sidebar.js-issuable-sidebar{ data: { always_show_toggle: true, signed: { in: signed_in }, issuable_type: issuable_type }, class: "#{sidebar_gutter_collapsed_class(is_merge_request_with_flag)} #{'right-sidebar-merge-requests' if is_merge_request_with_flag}", 'aria-live' => 'polite', 'aria-label': issuable_type } .issuable-sidebar{ class: "#{'is-merge-request' if is_merge_request_with_flag}" } - .issuable-sidebar-header{ class: "gl-pb-4! #{'gl-pb-2! gl-md-display-flex gl-justify-content-end gl-lg-display-none!' if is_merge_request_with_flag}" } + .issuable-sidebar-header{ class: "#{'gl-pb-2! gl-md-display-flex gl-justify-content-end gl-lg-display-none!' if is_merge_request_with_flag}" } = render Pajamas::ButtonComponent.new(button_options: { class: "gutter-toggle float-right js-sidebar-toggle has-tooltip gl-shadow-none! #{'gl-display-block' if moved_sidebar_enabled} #{'gl-mt-2' if notifications_todos_buttons_enabled?}" , type: 'button', 'aria-label' => _('Toggle sidebar'), title: sidebar_gutter_tooltip_text, data: { container: 'body', placement: 'left', boundary: 'viewport' } }) do = sidebar_gutter_toggle_icon - if signed_in diff --git a/app/views/profiles/passwords/edit.html.haml b/app/views/user_settings/passwords/edit.html.haml index 4848a9dc595..afe6ee2c0b3 100644 --- a/app/views/profiles/passwords/edit.html.haml +++ b/app/views/user_settings/passwords/edit.html.haml @@ -12,7 +12,7 @@ = _('Change your password.') - else = _('Change your password or recover your current one.') - = gitlab_ui_form_for @user, url: profile_password_path, method: :put, html: {class: "update-password"} do |f| + = gitlab_ui_form_for @user, url: user_settings_password_path, method: :put, html: {class: "update-password"} do |f| = form_errors(@user) - unless @user.password_automatically_set? @@ -31,5 +31,5 @@ .gl-mt-3.gl-mb-3 = f.submit _('Save password'), class: "gl-mr-3", data: { qa_selector: 'save_password_button' }, pajamas_button: true - unless @user.password_automatically_set? - = render Pajamas::ButtonComponent.new(href: reset_profile_password_path, variant: :link, method: :put) do + = render Pajamas::ButtonComponent.new(href: reset_user_settings_password_path, variant: :link, method: :put) do = _('I forgot my password') diff --git a/app/views/profiles/passwords/new.html.haml b/app/views/user_settings/passwords/new.html.haml index a0a9077afe4..3616c9ec252 100644 --- a/app/views/profiles/passwords/new.html.haml +++ b/app/views/user_settings/passwords/new.html.haml @@ -3,7 +3,7 @@ %h1.page-title.gl-font-size-h-display= _('Set up new password') %hr -= gitlab_ui_form_for @user, url: profile_password_path, method: :post do |f| += gitlab_ui_form_for @user, url: user_settings_password_path, method: :post do |f| %p.slead = _('Please set a new password before proceeding.') %br |