diff options
Diffstat (limited to 'app/controllers')
47 files changed, 125 insertions, 78 deletions
diff --git a/app/controllers/admin/ci/variables_controller.rb b/app/controllers/admin/ci/variables_controller.rb index 4ab67e54766..1085de6fa05 100644 --- a/app/controllers/admin/ci/variables_controller.rb +++ b/app/controllers/admin/ci/variables_controller.rb @@ -44,7 +44,7 @@ module Admin end def variable_params_attributes - %i[id variable_type key secret_value protected masked raw _destroy] + %i[id variable_type key description secret_value protected masked raw _destroy] end end end diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index ee78d5a8c35..3a0618c0d40 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -9,6 +9,10 @@ class Admin::UsersController < Admin::ApplicationController before_action :ensure_destroy_prerequisites_met, only: [:destroy] before_action :set_shared_view_parameters, only: [:show, :projects, :keys] + before_action only: [:index] do + push_frontend_feature_flag(:simplified_badges) + end + feature_category :user_management PAGINATION_WITH_COUNT_LIMIT = 1000 diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fca3bb3460f..d7b005d03b5 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -26,7 +26,6 @@ class ApplicationController < BaseActionController include CheckRateLimit include RequestPayloadLogger - before_action :limit_session_time, if: -> { !current_user } before_action :authenticate_user!, except: [:route_not_found] before_action :enforce_terms!, if: :should_enforce_terms? before_action :check_password_expiration, if: :html_request? @@ -51,7 +50,6 @@ class ApplicationController < BaseActionController around_action :set_current_admin after_action :set_page_title_header, if: :json_request? - after_action :ensure_authenticated_session_time, if: -> { current_user } protect_from_forgery with: :exception, prepend: true diff --git a/app/controllers/concerns/confirm_email_warning.rb b/app/controllers/concerns/confirm_email_warning.rb index 2efea461a35..c55911eed48 100644 --- a/app/controllers/concerns/confirm_email_warning.rb +++ b/app/controllers/concerns/confirm_email_warning.rb @@ -38,6 +38,6 @@ module ConfirmEmailWarning end def email_to_display - html_escape(email) + ERB::Util.html_escape(email) end end diff --git a/app/controllers/concerns/enforces_two_factor_authentication.rb b/app/controllers/concerns/enforces_two_factor_authentication.rb index 24475909b62..81130fcd6a6 100644 --- a/app/controllers/concerns/enforces_two_factor_authentication.rb +++ b/app/controllers/concerns/enforces_two_factor_authentication.rb @@ -46,15 +46,11 @@ module EnforcesTwoFactorAuthentication end # rubocop: disable CodeReuse/ActiveRecord - def two_factor_authentication_reason(global: -> {}, group: -> {}) - if two_factor_authentication_required? - if Gitlab::CurrentSettings.require_two_factor_authentication? - global.call - else - groups = current_user.source_groups_of_two_factor_authentication_requirement.reorder(name: :asc) - group.call(groups) - end - end + def execute_action_for_2fa_reason(actions) + reason = two_factor_verifier.two_factor_authentication_reason + groups_enforcing_two_factor = current_user.source_groups_of_two_factor_authentication_requirement + .reorder(name: :asc) + actions[reason].call(groups_enforcing_two_factor) end # rubocop: enable CodeReuse/ActiveRecord diff --git a/app/controllers/concerns/integrations/params.rb b/app/controllers/concerns/integrations/params.rb index e344e0dcd8c..d71ab98c3fd 100644 --- a/app/controllers/concerns/integrations/params.rb +++ b/app/controllers/concerns/integrations/params.rb @@ -38,6 +38,9 @@ module Integrations :default_irc_uri, :device, :disable_diffs, + :diffblue_access_token_name, + :diffblue_access_token_secret, + :diffblue_license_key, :drone_url, :enable_ssl_verification, :external_wiki_url, diff --git a/app/controllers/concerns/preview_markdown.rb b/app/controllers/concerns/preview_markdown.rb index 7f1b961e92a..8bd120b5ed5 100644 --- a/app/controllers/concerns/preview_markdown.rb +++ b/app/controllers/concerns/preview_markdown.rb @@ -44,6 +44,7 @@ module PreviewMarkdown when 'groups' then { group: group, issuable_reference_expansion_enabled: true } when 'projects' then projects_filter_params when 'timeline_events' then timeline_events_filter_params + when 'organizations' then { pipeline: :description } else {} end.merge( requested_path: params[:path], diff --git a/app/controllers/explore/catalog_controller.rb b/app/controllers/explore/catalog_controller.rb index d384ad10c86..39c43182fbf 100644 --- a/app/controllers/explore/catalog_controller.rb +++ b/app/controllers/explore/catalog_controller.rb @@ -6,7 +6,7 @@ module Explore feature_category :pipeline_composition before_action :check_resource_access, only: :show - track_internal_event :index, name: 'unique_users_visiting_ci_catalog' + track_internal_event :index, name: 'unique_users_visiting_ci_catalog', conditions: :current_user before_action do push_frontend_feature_flag(:ci_catalog_components_tab, current_user) end diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb index 1941920325f..e39f1148cf2 100644 --- a/app/controllers/graphql_controller.rb +++ b/app/controllers/graphql_controller.rb @@ -256,8 +256,7 @@ class GraphqlController < ApplicationController def authorize_access_api! if current_user.nil? && - request_authenticator.authentication_token_present? && - Feature.enabled?(:invalid_graphql_auth_401) + request_authenticator.authentication_token_present? render_error('Invalid token', status: :unauthorized) end diff --git a/app/controllers/groups/autocomplete_sources_controller.rb b/app/controllers/groups/autocomplete_sources_controller.rb index 7a490b34511..191720f69a0 100644 --- a/app/controllers/groups/autocomplete_sources_controller.rb +++ b/app/controllers/groups/autocomplete_sources_controller.rb @@ -10,7 +10,7 @@ class Groups::AutocompleteSourcesController < Groups::ApplicationController urgency :low, [:issues, :labels, :milestones, :commands, :merge_requests, :members] def members - render json: ::Groups::ParticipantsService.new(@group, current_user).execute(target) + render json: ::Groups::ParticipantsService.new(@group, current_user, params).execute(target) end def issues diff --git a/app/controllers/groups/boards_controller.rb b/app/controllers/groups/boards_controller.rb index 7cc0e6a8558..eb3661ea3d7 100644 --- a/app/controllers/groups/boards_controller.rb +++ b/app/controllers/groups/boards_controller.rb @@ -7,7 +7,6 @@ class Groups::BoardsController < Groups::ApplicationController before_action do push_frontend_feature_flag(:board_multi_select, group) - push_frontend_feature_flag(:apollo_boards, group) push_frontend_feature_flag(:display_work_item_epic_issue_sidebar, group) experiment(:prominent_create_board_btn, subject: current_user) do |e| e.control {} diff --git a/app/controllers/groups/variables_controller.rb b/app/controllers/groups/variables_controller.rb index fad3a6ab9f5..d27d70dc857 100644 --- a/app/controllers/groups/variables_controller.rb +++ b/app/controllers/groups/variables_controller.rb @@ -50,7 +50,7 @@ module Groups end def variable_params_attributes - %i[id variable_type key secret_value protected masked raw _destroy] + %i[id variable_type key description secret_value protected masked raw _destroy] end def authorize_admin_build! diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb index 5b9b3b7de11..b151793ad8b 100644 --- a/app/controllers/groups_controller.rb +++ b/app/controllers/groups_controller.rb @@ -305,7 +305,8 @@ class GroupsController < Groups::ApplicationController :prevent_sharing_groups_outside_hierarchy, :setup_for_company, :jobs_to_be_done, - :crm_enabled + :crm_enabled, + :enable_namespace_descendants_cache ] + [group_feature_attributes: group_feature_attributes] end diff --git a/app/controllers/import/bitbucket_server_controller.rb b/app/controllers/import/bitbucket_server_controller.rb index ba2743e1002..01657df28fd 100644 --- a/app/controllers/import/bitbucket_server_controller.rb +++ b/app/controllers/import/bitbucket_server_controller.rb @@ -49,6 +49,9 @@ class Import::BitbucketServerController < Import::BaseController session[bitbucket_server_username_key] = params[:bitbucket_server_username] session[bitbucket_server_url_key] = params[:bitbucket_server_url] + experiment(:default_to_import_tab, actor: current_user) + .track(:authentication, property: provider_name) + redirect_to status_import_bitbucket_server_path(namespace_id: params[:namespace_id]) end diff --git a/app/controllers/import/bulk_imports_controller.rb b/app/controllers/import/bulk_imports_controller.rb index e211ea70a56..6ff0f55d2f6 100644 --- a/app/controllers/import/bulk_imports_controller.rb +++ b/app/controllers/import/bulk_imports_controller.rb @@ -6,10 +6,6 @@ class Import::BulkImportsController < ApplicationController before_action :ensure_bulk_import_enabled before_action :verify_blocked_uri, only: :status - before_action only: [:history] do - push_frontend_feature_flag(:bulk_import_details_page) - end - feature_category :importers urgency :low @@ -53,9 +49,7 @@ class Import::BulkImportsController < ApplicationController end end - def details - render_404 unless Feature.enabled?(:bulk_import_details_page) - end + def details; end def create return render json: { success: false }, status: :too_many_requests if throttled_request? diff --git a/app/controllers/import/fogbugz_controller.rb b/app/controllers/import/fogbugz_controller.rb index 34fdf513313..05ba317057d 100644 --- a/app/controllers/import/fogbugz_controller.rb +++ b/app/controllers/import/fogbugz_controller.rb @@ -22,6 +22,9 @@ class Import::FogbugzController < Import::BaseController session[:fogbugz_token] = res.get_token.to_s session[:fogbugz_uri] = params[:uri] + experiment(:default_to_import_tab, actor: current_user) + .track(:successfully_authenticated, property: provider_name) + redirect_to new_user_map_import_fogbugz_path(namespace_id: params[:namespace_id]) end diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb index 2b72ceceb5a..0159c1913af 100644 --- a/app/controllers/import/github_controller.rb +++ b/app/controllers/import/github_controller.rb @@ -41,6 +41,9 @@ class Import::GithubController < Import::BaseController end def personal_access_token + experiment(:default_to_import_tab, actor: current_user) + .track(:authentication, property: provider_name) + session[access_token_key] = params[:personal_access_token]&.strip redirect_to status_import_url end diff --git a/app/controllers/import/gitlab_projects_controller.rb b/app/controllers/import/gitlab_projects_controller.rb index d1b182a57d8..71d66dc3db8 100644 --- a/app/controllers/import/gitlab_projects_controller.rb +++ b/app/controllers/import/gitlab_projects_controller.rb @@ -21,6 +21,9 @@ class Import::GitlabProjectsController < Import::BaseController @project = ::Projects::GitlabProjectsImportService.new(current_user, project_params).execute if @project.saved? + experiment(:default_to_import_tab, actor: current_user) + .track(:successfully_imported, property: 'gitlab_export') + redirect_to( project_path(@project), notice: _("Project '%{project_name}' is being imported.") % { project_name: @project.name } diff --git a/app/controllers/import/manifest_controller.rb b/app/controllers/import/manifest_controller.rb index 03884717e54..7d3c91a7f5c 100644 --- a/app/controllers/import/manifest_controller.rb +++ b/app/controllers/import/manifest_controller.rb @@ -31,6 +31,9 @@ class Import::ManifestController < Import::BaseController if manifest.valid? manifest_import_metadata.save(manifest.projects, group.id) + experiment(:default_to_import_tab, actor: current_user) + .track(:successfully_imported, property: provider_name) + redirect_to status_import_manifest_path else @errors = manifest.errors diff --git a/app/controllers/jwks_controller.rb b/app/controllers/jwks_controller.rb index 2e030cf46c4..fb190846ffa 100644 --- a/app/controllers/jwks_controller.rb +++ b/app/controllers/jwks_controller.rb @@ -2,9 +2,7 @@ class JwksController < Doorkeeper::OpenidConnect::DiscoveryController def index - if ::Feature.enabled?(:cache_control_headers_for_openid_jwks) - expires_in 24.hours, public: true, must_revalidate: true, 'no-transform': true - end + expires_in 24.hours, public: true, must_revalidate: true, 'no-transform': true render json: { keys: payload } end diff --git a/app/controllers/ldap/omniauth_callbacks_controller.rb b/app/controllers/ldap/omniauth_callbacks_controller.rb index 955dfe58449..1c79bd3a668 100644 --- a/app/controllers/ldap/omniauth_callbacks_controller.rb +++ b/app/controllers/ldap/omniauth_callbacks_controller.rb @@ -28,7 +28,7 @@ class Ldap::OmniauthCallbacksController < OmniauthCallbacksController define_providers! override :set_remember_me - def set_remember_me(user) + def set_remember_me(user, _auth_user) user.remember_me = params[:remember_me] if user.persisted? end diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 907ece1a06e..0701b1ee977 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -139,9 +139,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth, session) link_identity(identity_linker) - set_remember_me(current_user) - store_idp_two_factor_status(build_auth_user(auth_module::User).bypass_two_factor?) + current_auth_user = build_auth_user(auth_module::User) + set_remember_me(current_user, current_auth_user) + + store_idp_two_factor_status(current_auth_user.bypass_two_factor?) if identity_linker.changed? redirect_identity_linked @@ -193,7 +195,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController track_event(@user, oauth['provider'], 'succeeded') Gitlab::Tracking.event(self.class.name, "#{oauth['provider']}_sso", user: @user) if new_user - set_remember_me(@user) + set_remember_me(@user, auth_user) set_session_active_since(oauth['provider']) if ::AuthHelper.saml_providers.include?(oauth['provider'].to_sym) if @user.two_factor_enabled? && !auth_user.bypass_two_factor? @@ -278,10 +280,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController .for_authentication.security_event end - def set_remember_me(user) + def set_remember_me(user, auth_user) return unless remember_me? - if user.two_factor_enabled? + if user.two_factor_enabled? && !auth_user.bypass_two_factor? params[:remember_me] = '1' else remember_me(user) diff --git a/app/controllers/organizations/organizations_controller.rb b/app/controllers/organizations/organizations_controller.rb index 9f09627b1e4..0596441591d 100644 --- a/app/controllers/organizations/organizations_controller.rb +++ b/app/controllers/organizations/organizations_controller.rb @@ -2,9 +2,11 @@ module Organizations class OrganizationsController < ApplicationController + include PreviewMarkdown + feature_category :cell - skip_before_action :authenticate_user!, except: [:index, :new, :users] + skip_before_action :authenticate_user!, only: [:show, :groups_and_projects] def index; end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index f1646027e8e..5a956a14552 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -207,15 +207,19 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def setup_show_page if two_factor_authentication_required? && !current_user.two_factor_enabled? - two_factor_authentication_reason( - global: lambda do + two_factor_auth_actions = { + global: lambda do |_| flash.now[:alert] = _('The global settings require you to enable Two-Factor Authentication for your account.') end, + admin_2fa: lambda do |_| + flash.now[:alert] = _('Administrator users are required to enable Two-Factor Authentication for their account.') + end, group: lambda do |groups| flash.now[:alert] = groups_notification(groups) end - ) + } + execute_action_for_2fa_reason(two_factor_auth_actions) unless two_factor_grace_period_expired? grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours diff --git a/app/controllers/projects/autocomplete_sources_controller.rb b/app/controllers/projects/autocomplete_sources_controller.rb index ff3484d3020..dc10004c62b 100644 --- a/app/controllers/projects/autocomplete_sources_controller.rb +++ b/app/controllers/projects/autocomplete_sources_controller.rb @@ -15,7 +15,7 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController urgency :low, [:issues, :labels, :milestones, :commands, :contacts] def members - render json: ::Projects::ParticipantsService.new(@project, current_user).execute(target) + render json: ::Projects::ParticipantsService.new(@project, current_user, params).execute(target) end def issues diff --git a/app/controllers/projects/boards_controller.rb b/app/controllers/projects/boards_controller.rb index fd853b5aaed..29bc00ae870 100644 --- a/app/controllers/projects/boards_controller.rb +++ b/app/controllers/projects/boards_controller.rb @@ -7,7 +7,6 @@ class Projects::BoardsController < Projects::ApplicationController before_action :check_issues_available! before_action do push_frontend_feature_flag(:board_multi_select, project) - push_frontend_feature_flag(:apollo_boards, project) push_frontend_feature_flag(:display_work_item_epic_issue_sidebar, project) experiment(:prominent_create_board_btn, subject: current_user) do |e| e.control {} diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb index 88e9113188a..c36742e8bb9 100644 --- a/app/controllers/projects/commit_controller.rb +++ b/app/controllers/projects/commit_controller.rb @@ -186,7 +186,6 @@ class Projects::CommitController < Projects::ApplicationController opts[:use_extra_viewer_as_main] = false @diffs = commit.diffs(opts) - @notes_count = commit.notes.count @environment = ::Environments::EnvironmentsByDeploymentsFinder.new(@project, current_user, commit: @commit, find_latest: true).execute.last end diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb index 8cdd6efa7c5..65cbe5a78ce 100644 --- a/app/controllers/projects/environments_controller.rb +++ b/app/controllers/projects/environments_controller.rb @@ -26,7 +26,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize, :cancel_auto_stop] before_action :verify_api_request!, only: :terminal_websocket_authorize before_action :expire_etag_cache, only: [:index], unless: -> { request.format.json? } - before_action :set_kas_cookie, only: [:index, :edit, :new], if: -> { current_user && request.format.html? } + before_action :set_kas_cookie, only: [:index, :folder, :edit, :new], if: -> { current_user && request.format.html? } after_action :expire_etag_cache, only: [:cancel_auto_stop] track_event :index, :folder, :show, :new, :edit, :create, :update, :stop, :cancel_auto_stop, :terminal, diff --git a/app/controllers/projects/gcp/artifact_registry/docker_images_controller.rb b/app/controllers/projects/gcp/artifact_registry/docker_images_controller.rb index b88b86975a4..60adbbe6e5d 100644 --- a/app/controllers/projects/gcp/artifact_registry/docker_images_controller.rb +++ b/app/controllers/projects/gcp/artifact_registry/docker_images_controller.rb @@ -25,7 +25,7 @@ module Projects private def service - ::Integrations::GoogleCloudPlatform::ArtifactRegistry::ListDockerImagesService.new( + ::GoogleCloudPlatform::ArtifactRegistry::ListDockerImagesService.new( project: @project, current_user: current_user, params: { @@ -124,6 +124,10 @@ module Projects Time.zone.parse(upload_time) end + + def details_url + "https://#{uri}" + end end end end diff --git a/app/controllers/projects/google_cloud/configuration_controller.rb b/app/controllers/projects/google_cloud/configuration_controller.rb index d35b2d54c53..3baa1210ec2 100644 --- a/app/controllers/projects/google_cloud/configuration_controller.rb +++ b/app/controllers/projects/google_cloud/configuration_controller.rb @@ -8,7 +8,7 @@ module Projects configurationUrl: project_google_cloud_configuration_path(project), deploymentsUrl: project_google_cloud_deployments_path(project), databasesUrl: project_google_cloud_databases_path(project), - serviceAccounts: ::GoogleCloud::ServiceAccountsService.new(project).find_for_project, + serviceAccounts: ::CloudSeed::GoogleCloud::ServiceAccountsService.new(project).find_for_project, createServiceAccountUrl: project_google_cloud_service_accounts_path(project), emptyIllustrationUrl: ActionController::Base.helpers.image_path('illustrations/empty-state/empty-pipeline-md.svg'), diff --git a/app/controllers/projects/google_cloud/databases_controller.rb b/app/controllers/projects/google_cloud/databases_controller.rb index ea79efd9f4f..9023b8a5fa6 100644 --- a/app/controllers/projects/google_cloud/databases_controller.rb +++ b/app/controllers/projects/google_cloud/databases_controller.rb @@ -14,7 +14,7 @@ module Projects cloudsqlPostgresUrl: new_project_google_cloud_database_path(project, :postgres), cloudsqlMysqlUrl: new_project_google_cloud_database_path(project, :mysql), cloudsqlSqlserverUrl: new_project_google_cloud_database_path(project, :sqlserver), - cloudsqlInstances: ::GoogleCloud::GetCloudsqlInstancesService.new(project).execute, + cloudsqlInstances: ::CloudSeed::GoogleCloud::GetCloudsqlInstancesService.new(project).execute, emptyIllustrationUrl: ActionController::Base.helpers.image_path('illustrations/empty-state/empty-pipeline-md.svg') } @@ -46,7 +46,7 @@ module Projects end def create - enable_response = ::GoogleCloud::EnableCloudsqlService + enable_response = ::CloudSeed::GoogleCloud::EnableCloudsqlService .new(project, current_user, enable_service_params) .execute @@ -54,7 +54,7 @@ module Projects track_event(:error_enable_cloudsql_services) flash[:alert] = error_message(enable_response[:message]) else - create_response = ::GoogleCloud::CreateCloudsqlInstanceService + create_response = ::CloudSeed::GoogleCloud::CreateCloudsqlInstanceService .new(project, current_user, create_service_params) .execute diff --git a/app/controllers/projects/google_cloud/deployments_controller.rb b/app/controllers/projects/google_cloud/deployments_controller.rb index 92c99ad4271..e4666f9335c 100644 --- a/app/controllers/projects/google_cloud/deployments_controller.rb +++ b/app/controllers/projects/google_cloud/deployments_controller.rb @@ -17,7 +17,7 @@ class Projects::GoogleCloud::DeploymentsController < Projects::GoogleCloud::Base def cloud_run params = { google_oauth2_token: token_in_session } - enable_cloud_run_response = GoogleCloud::EnableCloudRunService + enable_cloud_run_response = CloudSeed::GoogleCloud::EnableCloudRunService .new(project, current_user, params).execute if enable_cloud_run_response[:status] == :error @@ -25,8 +25,8 @@ class Projects::GoogleCloud::DeploymentsController < Projects::GoogleCloud::Base flash[:alert] = enable_cloud_run_response[:message] redirect_to project_google_cloud_deployments_path(project) else - params = { action: GoogleCloud::GeneratePipelineService::ACTION_DEPLOY_TO_CLOUD_RUN } - generate_pipeline_response = GoogleCloud::GeneratePipelineService + params = { action: CloudSeed::GoogleCloud::GeneratePipelineService::ACTION_DEPLOY_TO_CLOUD_RUN } + generate_pipeline_response = CloudSeed::GoogleCloud::GeneratePipelineService .new(project, current_user, params).execute if generate_pipeline_response[:status] == :error diff --git a/app/controllers/projects/google_cloud/gcp_regions_controller.rb b/app/controllers/projects/google_cloud/gcp_regions_controller.rb index c51261721b2..593e27eeebf 100644 --- a/app/controllers/projects/google_cloud/gcp_regions_controller.rb +++ b/app/controllers/projects/google_cloud/gcp_regions_controller.rb @@ -20,7 +20,7 @@ class Projects::GoogleCloud::GcpRegionsController < Projects::GoogleCloud::BaseC def create permitted_params = params.permit(:ref, :gcp_region) - GoogleCloud::GcpRegionAddOrReplaceService.new(project).execute(permitted_params[:ref], permitted_params[:gcp_region]) + CloudSeed::GoogleCloud::GcpRegionAddOrReplaceService.new(project).execute(permitted_params[:ref], permitted_params[:gcp_region]) track_event(:configure_region) redirect_to project_google_cloud_configuration_path(project), notice: _('GCP region configured') end diff --git a/app/controllers/projects/google_cloud/service_accounts_controller.rb b/app/controllers/projects/google_cloud/service_accounts_controller.rb index 7b029e25ea2..5a5f53943c0 100644 --- a/app/controllers/projects/google_cloud/service_accounts_controller.rb +++ b/app/controllers/projects/google_cloud/service_accounts_controller.rb @@ -27,7 +27,7 @@ class Projects::GoogleCloud::ServiceAccountsController < Projects::GoogleCloud:: def create permitted_params = params.permit(:gcp_project, :ref) - response = GoogleCloud::CreateServiceAccountsService.new( + response = CloudSeed::GoogleCloud::CreateServiceAccountsService.new( project, current_user, google_oauth2_token: token_in_session, diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index d0eabf8d837..c1de24f300b 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -71,6 +71,7 @@ class Projects::IssuesController < Projects::ApplicationController push_frontend_feature_flag(:display_work_item_epic_issue_sidebar, project) push_force_frontend_feature_flag(:linked_work_items, project.linked_work_items_feature_flag_enabled?) push_frontend_feature_flag(:notifications_todos_buttons, current_user) + push_frontend_feature_flag(:mention_autocomplete_backend_filtering, project) end around_action :allow_gitaly_ref_name_caching, only: [:discussions] diff --git a/app/controllers/projects/merge_requests/diffs_controller.rb b/app/controllers/projects/merge_requests/diffs_controller.rb index b269d41fa77..c62a1e09c00 100644 --- a/app/controllers/projects/merge_requests/diffs_controller.rb +++ b/app/controllers/projects/merge_requests/diffs_controller.rb @@ -9,11 +9,11 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic before_action :commit before_action :define_diff_vars before_action :define_diff_comment_vars, except: [:diffs_batch, :diffs_metadata] - before_action :update_diff_discussion_positions! + before_action :update_diff_discussion_positions!, except: [:diff_by_file_hash] around_action :allow_gitaly_ref_name_caching - after_action :track_viewed_diffs_events, only: [:diffs_batch, :diff_for_path] + after_action :track_viewed_diffs_events, only: [:diffs_batch, :diff_for_path, :diff_by_file_hash] urgency :low, [ :show, @@ -26,6 +26,14 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic render_diffs end + def diff_by_file_hash + diff_file = @compare.diffs.diff_files.find { |file| file.file_hash == params[:file_hash] } + params[:old_path] = diff_file&.old_path + params[:new_path] = diff_file&.new_path + + render_diffs + end + def diff_for_path render_diffs end diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 0899e303305..6cb00fea922 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -46,6 +46,8 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo push_frontend_feature_flag(:notifications_todos_buttons, current_user) push_frontend_feature_flag(:mr_request_changes, current_user) push_frontend_feature_flag(:merge_blocked_component, current_user) + push_frontend_feature_flag(:mention_autocomplete_backend_filtering, project) + push_frontend_feature_flag(:pinned_file, project) end around_action :allow_gitaly_ref_name_caching, only: [:index, :show, :diffs, :discussions] @@ -448,6 +450,15 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo @update_current_user_path = expose_path(api_v4_user_preferences_path) @endpoint_metadata_url = endpoint_metadata_url(@project, @merge_request) @endpoint_diff_batch_url = endpoint_diff_batch_url(@project, @merge_request) + if params[:pin] && Feature.enabled?(:pinned_file) + @pinned_file_url = diff_by_file_hash_namespace_project_merge_request_path( + format: 'json', + id: merge_request.iid, + namespace_id: project&.namespace.to_param, + project_id: project&.path, + file_hash: params[:pin] + ) + end if merge_request.diffs_batch_cache_with_max_age? @diffs_batch_cache_key = @merge_request.merge_head_diff&.patch_id_sha diff --git a/app/controllers/projects/ml/models_controller.rb b/app/controllers/projects/ml/models_controller.rb index 68a8b7a1686..2dff3ec3325 100644 --- a/app/controllers/projects/ml/models_controller.rb +++ b/app/controllers/projects/ml/models_controller.rb @@ -4,7 +4,7 @@ module Projects module Ml class ModelsController < ::Projects::ApplicationController before_action :authorize_read_model_registry! - before_action :authorize_write_model_registry!, only: [:destroy] + before_action :authorize_write_model_registry!, only: [:destroy, :new] before_action :set_model, only: [:show, :destroy] feature_category :mlops @@ -22,6 +22,8 @@ module Projects @model_count = finder.count end + def new; end + def show; end def destroy diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb index 278d306301a..e52e13e8ce6 100644 --- a/app/controllers/projects/refs_controller.rb +++ b/app/controllers/projects/refs_controller.rb @@ -42,7 +42,7 @@ class Projects::RefsController < Projects::ApplicationController redirect_to new_path end end - rescue Gitlab::PathTraversal::PathTraversalAttackError + rescue Gitlab::PathTraversal::PathTraversalAttackError, ActionController::UrlGenerationError head :bad_request end diff --git a/app/controllers/projects/security/configuration_controller.rb b/app/controllers/projects/security/configuration_controller.rb index ee2e60b5a1a..abf564a00e1 100644 --- a/app/controllers/projects/security/configuration_controller.rb +++ b/app/controllers/projects/security/configuration_controller.rb @@ -24,11 +24,7 @@ module Projects private def configuration - if unify_configuration_enabled? - configuration_presenter - else - {} - end + configuration_presenter end def configuration_presenter @@ -38,10 +34,6 @@ module Projects def presenter_attributes {} end - - def unify_configuration_enabled? - Feature.enabled?(:unify_security_configuration, project) - end end end end diff --git a/app/controllers/projects/settings/packages_and_registries_controller.rb b/app/controllers/projects/settings/packages_and_registries_controller.rb index 76c9cead360..5c352866c8d 100644 --- a/app/controllers/projects/settings/packages_and_registries_controller.rb +++ b/app/controllers/projects/settings/packages_and_registries_controller.rb @@ -7,6 +7,7 @@ module Projects before_action :authorize_admin_project! before_action :packages_and_registries_settings_enabled! + before_action :set_feature_flag_packages_protected_packages, only: :show feature_category :package_registry urgency :low @@ -30,6 +31,10 @@ module Projects render_404 unless Gitlab.config.registry.enabled && can?(current_user, :admin_container_image, project) end + + def set_feature_flag_packages_protected_packages + push_frontend_feature_flag(:packages_protected_packages, project) + end end end end diff --git a/app/controllers/projects/settings/repository_controller.rb b/app/controllers/projects/settings/repository_controller.rb index 38b23b24c9a..6a10d603ad7 100644 --- a/app/controllers/projects/settings/repository_controller.rb +++ b/app/controllers/projects/settings/repository_controller.rb @@ -7,6 +7,10 @@ module Projects before_action :authorize_admin_project! before_action :define_variables, only: [:create_deploy_token] + before_action do + push_frontend_feature_flag(:add_branch_rule, @project) + end + feature_category :source_code_management, [:show, :cleanup, :update] feature_category :continuous_delivery, [:create_deploy_token] urgency :low, [:show, :create_deploy_token] diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb index f7542d68642..29ecca1b7e0 100644 --- a/app/controllers/projects/variables_controller.rb +++ b/app/controllers/projects/variables_controller.rb @@ -47,6 +47,6 @@ class Projects::VariablesController < Projects::ApplicationController end def variable_params_attributes - %i[id variable_type key secret_value protected masked raw environment_scope _destroy] + %i[id variable_type key description secret_value protected masked raw environment_scope _destroy] end end diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 1152bdcf058..d4b77c588dc 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -29,7 +29,7 @@ class ProjectsController < Projects::ApplicationController before_action :authorize_read_code!, only: [:refs] # Authorize - before_action :authorize_admin_project_or_custom_permissions!, only: :edit + before_action :authorize_view_edit_page!, only: :edit before_action :authorize_admin_project!, only: [:update, :housekeeping, :download_export, :export, :remove_export, :generate_new_export] before_action :authorize_archive_project!, only: [:archive, :unarchive] before_action :event_filter, only: [:show, :activity] @@ -44,6 +44,7 @@ class ProjectsController < Projects::ApplicationController push_frontend_feature_flag(:explain_code_chat, current_user) push_frontend_feature_flag(:issue_email_participants, @project) push_frontend_feature_flag(:encoding_logs_tree) + push_frontend_feature_flag(:add_branch_rule, @project) # TODO: We need to remove the FF eventually when we rollout page_specific_styles push_frontend_feature_flag(:page_specific_styles, current_user) push_licensed_feature(:file_locks) if @project.present? && @project.licensed_feature_available?(:file_locks) @@ -87,8 +88,14 @@ class ProjectsController < Projects::ApplicationController @parent_group = Group.find_by(id: params[:namespace_id]) + manageable_groups_count = current_user.manageable_groups(include_groups_with_developer_maintainer_access: true).count + + if manageable_groups_count == 0 && !can?(current_user, :create_projects, current_user.namespace) + return access_denied! + end + @current_user_group = - if current_user.manageable_groups(include_groups_with_developer_maintainer_access: true).count == 1 + if manageable_groups_count == 1 current_user.manageable_groups(include_groups_with_developer_maintainer_access: true).first end @@ -612,11 +619,6 @@ class ProjectsController < Projects::ApplicationController def render_edit render 'edit' end - - # Overridden in EE - def authorize_admin_project_or_custom_permissions! - authorize_admin_project! - end end ProjectsController.prepend_mod_with('ProjectsController') diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index 64d9db41a1b..896b71d2822 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -175,7 +175,7 @@ class SearchController < ApplicationController return false unless commit.present? link = search_path(safe_params.merge(force_search_results: true)) - flash[:notice] = html_escape(_("You have been redirected to the only result; see the %{a_start}search results%{a_end} instead.")) % { a_start: "<a href=\"#{link}\"><u>".html_safe, a_end: '</u></a>'.html_safe } + flash[:notice] = ERB::Util.html_escape(_("You have been redirected to the only result; see the %{a_start}search results%{a_end} instead.")) % { a_start: "<a href=\"#{link}\"><u>".html_safe, a_end: '</u></a>'.html_safe } redirect_to project_commit_path(@project, commit) true diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 6d3811514d9..94e114e7da8 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -16,6 +16,7 @@ class UploadsController < ApplicationController "projects/topic" => Projects::Topic, 'alert_management_metric_image' => ::AlertManagement::MetricImage, "achievements/achievement" => Achievements::Achievement, + "organizations/organization_detail" => Organizations::OrganizationDetail, "abuse_report" => AbuseReport, nil => PersonalSnippet }.freeze @@ -65,6 +66,8 @@ class UploadsController < ApplicationController can?(current_user, :read_alert_management_metric_image, model.alert) when ::Achievements::Achievement true + when Organizations::OrganizationDetail + can?(current_user, :read_organization, model.organization) else can?(current_user, "read_#{model.class.underscore}".to_sym, model) end @@ -96,7 +99,7 @@ class UploadsController < ApplicationController def cache_settings case model - when User, Appearance, Projects::Topic, Achievements::Achievement + when User, Appearance, Projects::Topic, Achievements::Achievement, Organizations::OrganizationDetail [5.minutes, { public: true, must_revalidate: false }] when Project, Group [5.minutes, { private: true, must_revalidate: true }] diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 88a8851607b..83cd84c396a 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -261,7 +261,8 @@ class UsersController < ApplicationController end def load_groups - @groups = JoinedGroupsFinder.new(user).execute(current_user) + groups = JoinedGroupsFinder.new(user).execute(current_user) + @groups = groups.with_route.page(params[:page]).without_count prepare_groups_for_rendering(@groups) end |