Add latest changes from gitlab-org/gitlab@master

10 files changed, 43 insertions, 29 deletions

diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb
index 8ed67c26f19..4cf26d3e1e2 100644
--- a/app/controllers/profiles/personal_access_tokens_controller.rb
+++ b/app/controllers/profiles/personal_access_tokens_controller.rb
@@ -3,6 +3,8 @@
 class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
   feature_category :authentication_and_authorization
 
+  before_action :check_personal_access_tokens_enabled
+
   def index
     set_index_vars
     scopes = params[:scopes].split(',').map(&:squish).select(&:present?).map(&:to_sym) unless params[:scopes].nil?
@@ -83,4 +85,8 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
   def page
     (params[:page] || 1).to_i
   end
+
+  def check_personal_access_tokens_enabled
+    render_404 if Gitlab::CurrentSettings.personal_access_tokens_disabled?
+  end
 end
diff --git a/app/graphql/types/notes/note_type.rb b/app/graphql/types/notes/note_type.rb
index c254460a51f..eef5ce40bde 100644
--- a/app/graphql/types/notes/note_type.rb
+++ b/app/graphql/types/notes/note_type.rb
@@ -41,7 +41,7 @@ module Types
                                                     deprecated: {
                                                       reason: :renamed,
                                                       replacement: 'internal',
-                                                      milestone: '15.3'
+                                                      milestone: '15.5'
                                                     }
 
       field :internal, GraphQL::Types::Boolean, null: true,
diff --git a/app/models/environment.rb b/app/models/environment.rb
index 4b98cd02e3b..e8588c8d022 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -441,11 +441,15 @@ class Environment < ApplicationRecord
   end
 
   def auto_stop_in=(value)
-    return unless value
+    if value.nil?
+      # Handles edge case when auto_stop_at is already set and the new value is nil.
+      # Possible by setting `auto_stop_in: null` in the CI configuration yml.
+      self.auto_stop_at = nil
 
-    parser = ::Gitlab::Ci::Build::DurationParser.new(value)
+      return
+    end
 
-    return if parser.seconds_from_now.nil? && auto_stop_at.nil?
+    parser = ::Gitlab::Ci::Build::DurationParser.new(value)
 
     self.auto_stop_at = parser.seconds_from_now
   rescue ChronicDuration::DurationParseError => ex
diff --git a/app/models/integration.rb b/app/models/integration.rb
index aecf9529a14..23688a87cbd 100644
--- a/app/models/integration.rb
+++ b/app/models/integration.rb
@@ -147,6 +147,8 @@ class Integration < ApplicationRecord
     fields << ::Integrations::Field.new(name: name, integration_class: self, **attrs)
 
     case storage
+    when :attribute
+      # noop
     when :properties
       prop_accessor(name)
     when :data_fields
@@ -155,7 +157,7 @@ class Integration < ApplicationRecord
       raise ArgumentError, "Unknown field storage: #{storage}"
     end
 
-    boolean_accessor(name) if attrs[:type] == 'checkbox'
+    boolean_accessor(name) if attrs[:type] == 'checkbox' && storage != :attribute
   end
   # :nocov:
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 4bc2d8f76aa..b2f75959f15 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -199,6 +199,8 @@ class User < ApplicationRecord
   has_many :notes,                    dependent: :destroy, foreign_key: :author_id # rubocop:disable Cop/ActiveRecordDependent
   has_many :issues,                   dependent: :destroy, foreign_key: :author_id # rubocop:disable Cop/ActiveRecordDependent
   has_many :legacy_assigned_merge_requests, class_name: 'MergeRequest', dependent: :nullify, foreign_key: :assignee_id # rubocop:disable Cop/ActiveRecordDependent
+  has_many :merged_merge_requests, class_name: 'MergeRequest::Metrics', dependent: :nullify, foreign_key: :merged_by_id # rubocop:disable Cop/ActiveRecordDependent
+  has_many :closed_merge_requests, class_name: 'MergeRequest::Metrics', dependent: :nullify, foreign_key: :latest_closed_by_id # rubocop:disable Cop/ActiveRecordDependent
   has_many :updated_merge_requests, class_name: 'MergeRequest', dependent: :nullify, foreign_key: :updated_by_id # rubocop:disable Cop/ActiveRecordDependent
   has_many :updated_issues, class_name: 'Issue', dependent: :nullify, foreign_key: :updated_by_id # rubocop:disable Cop/ActiveRecordDependent
   has_many :closed_issues, class_name: 'Issue', dependent: :nullify, foreign_key: :closed_by_id # rubocop:disable Cop/ActiveRecordDependent
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 674d1ddb18b..d9aa204399e 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -84,7 +84,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
   condition(:crm_enabled, score: 0, scope: :subject) { @subject.crm_enabled? }
 
   condition(:group_runner_registration_allowed, scope: :global) do
-    Feature.disabled?(:runner_registration_control) || Gitlab::CurrentSettings.valid_runner_registrars.include?('group')
+    Gitlab::CurrentSettings.valid_runner_registrars.include?('group')
   end
 
   condition(:runners_finder_all_available, scope: :subject) do
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index 4f15b5f6ded..77bdf9d62fc 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -222,7 +222,7 @@ class ProjectPolicy < BasePolicy
   end
 
   condition(:project_runner_registration_allowed) do
-    Feature.disabled?(:runner_registration_control) || Gitlab::CurrentSettings.valid_runner_registrars.include?('project')
+    Gitlab::CurrentSettings.valid_runner_registrars.include?('project')
   end
 
   condition :registry_enabled do
@@ -794,7 +794,7 @@ class ProjectPolicy < BasePolicy
 
   rule { project_bot }.enable :project_bot_access
 
-  rule { can?(:read_all_resources) }.enable :read_resource_access_tokens
+  rule { can?(:read_all_resources) & resource_access_token_feature_available }.enable :read_resource_access_tokens
 
   rule { can?(:admin_project) & resource_access_token_feature_available }.policy do
     enable :read_resource_access_tokens
diff --git a/app/services/ci/runners/register_runner_service.rb b/app/services/ci/runners/register_runner_service.rb
index ae9b8bc8a16..abd32610cec 100644
--- a/app/services/ci/runners/register_runner_service.rb
+++ b/app/services/ci/runners/register_runner_service.rb
@@ -59,7 +59,7 @@ module Ci
       end
 
       def runner_registrar_valid?(type)
-        Feature.disabled?(:runner_registration_control) || Gitlab::CurrentSettings.valid_runner_registrars.include?(type)
+        Gitlab::CurrentSettings.valid_runner_registrars.include?(type)
       end
 
       def token_scope
diff --git a/app/views/admin/application_settings/ci_cd.html.haml b/app/views/admin/application_settings/ci_cd.html.haml
index ff645e1183f..b7244c45871 100644
--- a/app/views/admin/application_settings/ci_cd.html.haml
+++ b/app/views/admin/application_settings/ci_cd.html.haml
@@ -38,12 +38,11 @@
     .settings-content
       = render 'registry'
 
-- if Feature.enabled?(:runner_registration_control)
-  %section.settings.as-runner.no-animate#js-runner-settings{ class: ('expanded' if expanded_by_default?) }
-    .settings-header
-      %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
-        = s_('Runners|Runner registration')
-      = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
-        = expanded_by_default? ? 'Collapse' : 'Expand'
-    .settings-content
-      = render 'runner_registrars_form'
+%section.settings.as-runner.no-animate#js-runner-settings{ class: ('expanded' if expanded_by_default?) }
+  .settings-header
+    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
+      = s_('Runners|Runner registration')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
+      = expanded_by_default? ? 'Collapse' : 'Expand'
+  .settings-content
+    = render 'runner_registrars_form'
diff --git a/app/views/layouts/nav/sidebar/_profile.html.haml b/app/views/layouts/nav/sidebar/_profile.html.haml
index a1393615e69..0e3327935ca 100644
--- a/app/views/layouts/nav/sidebar/_profile.html.haml
+++ b/app/views/layouts/nav/sidebar/_profile.html.haml
@@ -51,17 +51,18 @@
             = link_to profile_chat_names_path do
               %strong.fly-out-top-item-name
                 = _('Chat')
-      = nav_link(controller: :personal_access_tokens) do
-        = link_to profile_personal_access_tokens_path do
-          .nav-icon-container
-            = sprite_icon('token')
-          %span.nav-item-name
-            = _('Access Tokens')
-        %ul.sidebar-sub-level-items.is-fly-out-only
-          = nav_link(controller: :personal_access_tokens, html_options: { class: "fly-out-top-item" } ) do
-            = link_to profile_personal_access_tokens_path do
-              %strong.fly-out-top-item-name
-                = _('Access Tokens')
+      - unless Gitlab::CurrentSettings.personal_access_tokens_disabled?
+        = nav_link(controller: :personal_access_tokens) do
+          = link_to profile_personal_access_tokens_path do
+            .nav-icon-container
+              = sprite_icon('token')
+            %span.nav-item-name
+              = _('Access Tokens')
+          %ul.sidebar-sub-level-items.is-fly-out-only
+            = nav_link(controller: :personal_access_tokens, html_options: { class: "fly-out-top-item" } ) do
+              = link_to profile_personal_access_tokens_path do
+                %strong.fly-out-top-item-name
+                  = _('Access Tokens')
       = nav_link(controller: :emails) do
         = link_to profile_emails_path, data: { qa_selector: 'profile_emails_link' } do
           .nav-icon-container