Age | Commit message (Collapse) | Author |
|
|
|
|
|
Require a captcha after unique failed logins from the same IP
See merge request gitlab/gitlabhq!3270
|
|
This will help prevent issues such as
https://gitlab.com/gitlab-org/gitlab-ce/issues/66449.
|
|
This introduces several changes, but these are all just ported from the
EE project.
|
|
|
|
This MR adds new application setting to network section
`allow_local_requests_from_system_hooks`. Prior to this change
system hooks were allowed to do local network requests by default
and we are adding an ability for admins to control it.
|
|
Add method to store session ids by ip
Add new specs for storing session ids
Add cleaning up records after login
Add retrieving anonymous sessions
Add login recaptcha setting
Add new setting to sessions controller
Add conditions for showing captcha
Add sessions controller specs
Add admin settings specs for login protection
Add new settings to api
Add stub to devise spec
Add new translation key
Add cr remarks
Rename class call
Add cr remarks
Change if-clause for consistency
Add cr remarks
Add code review remarks
Refactor AnonymousSession class
Add changelog entry
Move AnonymousSession class to lib
Move store unauthenticated sessions to sessions controller
Move link to recaptcha info
Regenerate text file
Improve copy on the spam page
Change action filter for storing anonymous sessions
Fix rubocop offences
Add code review remarks
|
|
- The most common use case for qualified_domain_validator currently is
to allow blank ([]) but not allow nil. Modify the
qualified_domain_validator to support this use case.
|
|
Creates a new item in help dropdown to show configured support page link
|
|
* Limits raw requests to 300 per minute and per raw path.
* Add a new attribute to ApplicationSettings so user can change this
value on their instance.
* Uses Gitlab::ActionRateLimiter to limit the raw requests.
* Add a new method into ActionRateLimiter to log the event into auth.log
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
|
|
Signed-off-by: Istvan szalai <istvan.szalai@savoirfairelinux.com>
|
|
- Move steps to new doc
- Move all concepts to different docs
|
|
* remove feature flag for admin settings
* remove feature flag for domain settings
|
|
|
|
Remove Sentry settings from application settings
See merge request gitlab-org/gitlab-ce!28447
|
|
RecaptchaExperimentHelper contains helper methods
to assist in the controller and view layers.
|
|
|
|
Changes migration and all other places the attribute is used
|
|
Adds an instance setting to limit display of time tracking
values to hours only
|
|
Updating multiple application settings panels through
a single action causes the incorrect action to be shown
when there are errors. Instead, make each panel action
handle both updating and display.
|
|
'master'
Backporting required template form on admin CI/CD
See merge request gitlab-org/gitlab-ce!29154
|
|
EE added a required template form on the CI/CD page.
This is a backport for that change.
|
|
|
|
|
|
|
|
|
|
|
|
Add changelog
|
|
Part of adding Let's Encrypt certificates for pages domains
Add acme-client gem
Client is being initialized by private key stored in secrets.yml
Let's Encrypt account is being created lazily.
If it's already created, Acme::Client just gets account_kid by
calling new_account method
Make Let's Encrypt client an instance
Wrap order and challenge classes
|
|
|
|
|
|
|
|
Store Let's Encrypt account email in application settings
Also add explicit terms of service consent
|
|
These are very high-level. Currently, they test:
1. That the performance bar appears.
2. That it has detailed metrics for Postgres and Gitaly.
3. That AJAX requests are included in the request selector.
|
|
spec/features/groups/group_page_with_external_authorization_service_spec to EE
|
|
Add columns to store project creation settings
Add project creation level column in groups
and default project creation column in application settings
Remove obsolete line from schema
Update migration with project_creation_level column existence check
Rename migrations to avoid conflicts
Update migration methods
Update migration method
|
|
This reverts merge request !26823
|
|
spec/features/groups/group_page_with_external_authorization_service_spec to EE
|
|
- Leverage render_if_exists
- Externalize strings
- Extract help page setting into EE specific partial
|
|
|
|
|
|
|
|
|
|
|
|
Changes "Auto devops" to "Auto DevOps" on CI/CD admin settings
|
|
|
|
|
|
|
|
The private commit email is automatically generated in the format:
id-username@noreply.HOSTNAME
GitLab instance admins are able to change the HOSTNAME portion,
that defaults to Gitlab's hostname, to whatever they prefer.
|