| Age | Commit message (Collapse) | Author |
|---|
|
|
|
other than just removing a key, which doesn't affect the verified state
of a commit, revoking a key unverifies all signed commits.
|
|
|
|
When sign-in is disabled:
- skip password expiration checks
- prevent password reset requests
- don’t show Password tab in User Settings
- don’t allow login with username/password for Git over HTTP requests
- render 404 on requests to Profiles::PasswordsController
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Allow pulling container images using personal access tokens
Closes #19219
See merge request !11845
|
|
explicitly set 'status' in 'destroy' actions of controllers
|
|
This is the first commit doing mainly 3 things:
1. create a new scope and allow users to use it
2. Have the JWTController respond correctly on this
3. Updates documentation to suggest usage of PATs
There is one gotcha, there will be no support for impersonation tokens, as this
seems not needed.
Fixes gitlab-org/gitlab-ce#19219
|
|
Use the EnforcedStyleForMultiline: no_comma option.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
|
|
|
|
|
|
This reverts commit 68e40bd49fde7b790bb31b9ac85a249bedd817d2, reversing
changes made to 2d1f823b4c8b60cee525384cb52e547d2be8925a.
|
|
This reverts commit 5e9666880376b3f53edb95cba77b5642d3cc1810, reversing
changes made to b35378a938e22f745b6c6ea32b53cb50f9b6c627.
|
|
|
|
'origin/personal_access_token_api_and_impersonation_token'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
in Profiles::NotificationsController#update
|
|
Resolve "Add a doorkeeper scope suitable for authentication"
## What does this MR do?
- Add a single new scope (in addition to the `api` scope we've had) - `read_user`
- Allow creating OAuth applications and Personal access tokens with a scope selected
- Enforce scopes in the API
## What are the relevant issue numbers?
- Closes #20492
- EE counterpart for this MR: gitlab-org/gitlab-ee!946
See merge request !5951
|
|
The two factor authentication account string only had the user's
email address. This led to ambiguous entries in two factor
code generating apps. This adds the GitLab host to the account
string in the standard format (according to Google). No matter
the code generator this change disambiguates the entry.
|
|
|
|
Flushing the events cache worked by updating a recent number of rows in
the "events" table. This has the result that on PostgreSQL a lot of dead
tuples are produced on a regular basis. This in turn means that
PostgreSQL will spend considerable amounts of time vacuuming this table.
This in turn can lead to an increase of database load.
For GitLab.com we measured the impact of not using events caching and
found no measurable increase in response timings. Meanwhile not flushing
the events cache lead to the "events" table having no more dead tuples
as now rows are only inserted into this table.
As a result of this we are hereby removing events caching as it does not
appear to help and only increases database load.
For more information see the following comment:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6578#note_18864037
|
|
|
|
|
|
|
|
|
|
them [ci skip]
|
|
1. Remove an unnecessary (since we're fetching all the records anyway)
`pluck` while fetching U2F registration records.
2. Align "Your device was successfully set up!" section with the "U2F
Devices" table below.
|
|
1. Display a list of U2F devices on the `two_factor_auth` page.
2. Allow deleting individual U2F devices.
3. Allow setting a (optional) name for a device (during registration).
|
|
|
|
1. Only on supported Chrome versions
2. Mainly, this lets us simplify the javascript-based U2F check to
`window.u2f`, where `window.u2f` can either be loaded from the GitLab
server (for Chrome) or from the Firefox extension.
3. This is a better way to provide browser detection for U2F.
|
