Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42

4 files changed, 132 insertions, 2 deletions

diff --git a/lib/gitlab/background_migration/populate_dismissed_state_for_vulnerabilities.rb b/lib/gitlab/background_migration/populate_dismissed_state_for_vulnerabilities.rb
new file mode 100644
index 00000000000..68c91650d93
--- /dev/null
+++ b/lib/gitlab/background_migration/populate_dismissed_state_for_vulnerabilities.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # This class updates vulnerabilities entities with state dismissed
+    class PopulateDismissedStateForVulnerabilities
+      class Vulnerability < ActiveRecord::Base # rubocop:disable Style/Documentation
+        self.table_name = 'vulnerabilities'
+      end
+
+      def perform(*vulnerability_ids)
+        Vulnerability.where(id: vulnerability_ids).update_all(state: 2)
+        PopulateMissingVulnerabilityDismissalInformation.new.perform(*vulnerability_ids)
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/background_migration/populate_missing_vulnerability_dismissal_information.rb b/lib/gitlab/background_migration/populate_missing_vulnerability_dismissal_information.rb
index bc0a181a06c..04342fdabd4 100644
--- a/lib/gitlab/background_migration/populate_missing_vulnerability_dismissal_information.rb
+++ b/lib/gitlab/background_migration/populate_missing_vulnerability_dismissal_information.rb
@@ -26,13 +26,16 @@ module Gitlab
 
       class Finding < ActiveRecord::Base # rubocop:disable Style/Documentation
         include ShaAttribute
+        include ::Gitlab::Utils::StrongMemoize
 
         self.table_name = 'vulnerability_occurrences'
 
         sha_attribute :project_fingerprint
 
         def dismissal_feedback
-          Feedback.dismissal.where(category: report_type, project_fingerprint: project_fingerprint, project_id: project_id).first
+          strong_memoize(:dismissal_feedback) do
+            Feedback.dismissal.where(category: report_type, project_fingerprint: project_fingerprint, project_id: project_id).first
+          end
         end
       end
 
diff --git a/lib/gitlab/background_migration/populate_vulnerability_historical_statistics.rb b/lib/gitlab/background_migration/populate_vulnerability_historical_statistics.rb
index a0c89cc4664..2e81b1615d8 100644
--- a/lib/gitlab/background_migration/populate_vulnerability_historical_statistics.rb
+++ b/lib/gitlab/background_migration/populate_vulnerability_historical_statistics.rb
@@ -5,7 +5,7 @@ module Gitlab
     # This class creates/updates those project historical vulnerability statistics
     # that haven't been created nor initialized. It should only be executed in EE.
     class PopulateVulnerabilityHistoricalStatistics
-      def perform(project_ids)
+      def perform(project_ids, retention_period = 90)
       end
     end
   end
diff --git a/lib/gitlab/background_migration/update_existing_users_that_require_two_factor_auth.rb b/lib/gitlab/background_migration/update_existing_users_that_require_two_factor_auth.rb
new file mode 100644
index 00000000000..d97765cd398
--- /dev/null
+++ b/lib/gitlab/background_migration/update_existing_users_that_require_two_factor_auth.rb
@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+# rubocop:disable Style/Documentation
+
+module Gitlab
+  module BackgroundMigration
+    class UpdateExistingUsersThatRequireTwoFactorAuth # rubocop:disable Metrics/ClassLength
+      def perform(start_id, stop_id)
+        ActiveRecord::Base.connection.execute <<~SQL
+          UPDATE
+            users
+          SET
+            require_two_factor_authentication_from_group = FALSE
+          WHERE
+            users.id BETWEEN #{start_id}
+            AND #{stop_id}
+            AND users.require_two_factor_authentication_from_group = TRUE
+            AND users.id NOT IN ( SELECT DISTINCT
+                users_groups_query.user_id
+              FROM (
+                SELECT
+                  users.id AS user_id,
+                  members.source_id AS group_ids
+                FROM
+                  users
+                LEFT JOIN members ON members.source_type = 'Namespace'
+                  AND members.requested_at IS NULL
+                  AND members.user_id = users.id
+                  AND members.type = 'GroupMember'
+              WHERE
+                users.require_two_factor_authentication_from_group = TRUE
+                AND users.id BETWEEN #{start_id}
+                AND #{stop_id}) AS users_groups_query
+              INNER JOIN LATERAL ( WITH RECURSIVE "base_and_ancestors" AS (
+          (
+                    SELECT
+                      "namespaces"."type",
+                      "namespaces"."id",
+                      "namespaces"."parent_id",
+                      "namespaces"."require_two_factor_authentication"
+                    FROM
+                      "namespaces"
+                    WHERE
+                      "namespaces"."type" = 'Group'
+                      AND "namespaces"."id" = users_groups_query.group_ids)
+                  UNION (
+                    SELECT
+                      "namespaces"."type",
+                      "namespaces"."id",
+                      "namespaces"."parent_id",
+                      "namespaces"."require_two_factor_authentication"
+                    FROM
+                      "namespaces",
+                      "base_and_ancestors"
+                    WHERE
+                      "namespaces"."type" = 'Group'
+                      AND "namespaces"."id" = "base_and_ancestors"."parent_id")),
+                  "base_and_descendants" AS (
+          (
+                      SELECT
+                        "namespaces"."type",
+                        "namespaces"."id",
+                        "namespaces"."parent_id",
+                        "namespaces"."require_two_factor_authentication"
+                      FROM
+                        "namespaces"
+                      WHERE
+                        "namespaces"."type" = 'Group'
+                        AND "namespaces"."id" = users_groups_query.group_ids)
+                    UNION (
+                      SELECT
+                        "namespaces"."type",
+                        "namespaces"."id",
+                        "namespaces"."parent_id",
+                        "namespaces"."require_two_factor_authentication"
+                      FROM
+                        "namespaces",
+                        "base_and_descendants"
+                      WHERE
+                        "namespaces"."type" = 'Group'
+                        AND "namespaces"."parent_id" = "base_and_descendants"."id"))
+                    SELECT
+                      "namespaces".*
+                    FROM ((
+                        SELECT
+                          "namespaces"."type",
+                          "namespaces"."id",
+                          "namespaces"."parent_id",
+                          "namespaces"."require_two_factor_authentication"
+                        FROM
+                          "base_and_ancestors" AS "namespaces"
+                        WHERE
+                          "namespaces"."type" = 'Group')
+                      UNION (
+                        SELECT
+                          "namespaces"."type",
+                          "namespaces"."id",
+                          "namespaces"."parent_id",
+                          "namespaces"."require_two_factor_authentication"
+                        FROM
+                          "base_and_descendants" AS "namespaces"
+                        WHERE
+                          "namespaces"."type" = 'Group')) namespaces
+                    WHERE
+                      "namespaces"."type" = 'Group'
+                      AND "namespaces"."require_two_factor_authentication" = TRUE) AS hierarchy_tree ON TRUE);
+        SQL
+      end
+    end
+  end
+end