Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-12-11 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-10 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-06 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-04 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-08 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-01 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-10 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-30 | Validate that SAML requests are originated from gitlab | Sebastian Arcila Valenzuela | |
If the request wasn't initiated by gitlab we shouldn't add the new identity to the user, and instead show that we weren't able to link the identity to the user. This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509 | |||
2019-09-27 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-26 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-13 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-10 | Enable serving static objects from an external storage | Ahmad Sherif | |
It consists of two parts: 1. Redirecting users to the configured external storage 1. Allowing the external storage to request the static object(s) on behalf of the user by means of specific tokens Part of https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829 | |||
2019-09-04 | Avoid calling freeze on already frozen strings in lib/gitlab | dineshpanda | |
2019-08-27 | Update docs and comments about saml with allow_bypass_two_factor | dodocat | |
allow_bypass_two_factor configration dose not work with saml provider | |||
2019-07-26 | Ensure Warden triggers after_authentication callback | Imre Farkas | |
By not triggering the callback: - ActiveSession lookup keys are not cleaned - Devise also misses its hook related to session cleanup | |||
2019-07-25 | Frozen string cannot change encoding | Thong Kuah | |
This was shown in specs but surely this will be happening in application code as well if this method is passes a frozen string. We were also trying to force_encode a OmniAuth::AuthHash which had the very confusing behaviour of returning nil when it was sent a method that it did not define. Fix that by only force_encoding a String. | |||
2019-07-22 | OAuth2 support for GitLab personal access tokens | Steve Abrams | |
PATs are accepted using the OAuth2 compliant header "Authorization: Bearer {token}" in order to allow for OAuth requests while 2FA is enabled. | |||
2019-07-10 | Add a rubocop for Rails.logger | Mayra Cabrera | |
Suggests to use a JSON structured log instead Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/54102 | |||
2019-06-28 | Support CIDR notation in IP rate limiter | Stan Hu | |
This will make it possible to whitelist multiple IP addresses (e.g. 192.168.0.1/24). | |||
2019-06-18 | #57815 Password authentication disabled for UltraAuth users | Kartikey Tanna | |
Disabled password authentication for the users registered using omniauth-ultraauth strategy | |||
2019-05-27 | Add no-tabs class and externalize strings | Martin Wortschack | |
- Add .no-tabs to login-box - Externalize strings in common signup box - Leverage render_if_exists - Update PO file | |||
2019-05-05 | Run rubocop -a on CE files | Stan Hu | |
2019-03-25 | Backport 'Update user name upon LDAP sync' from EE | Rémy Coutable | |
Signed-off-by: Rémy Coutable <remy@rymai.me> | |||
2019-03-20 | Handle nil name in Gitlab::Auth::LDAP::Person#name | Rémy Coutable | |
Signed-off-by: Rémy Coutable <remy@rymai.me> | |||
2019-03-06 | Adds the Rubocop ReturnNil cop | Andrew Newdigate | |
This style change enforces `return if ...` instead of `return nil if ...` to save maintainers a few minor review points | |||
2019-03-05 | Merge branch 'add_ldap_tls_options' into 'master' | Douwe Maan | |
Allow raw `tls_options` to be passed in LDAP configuration Closes #46391 See merge request gitlab-org/gitlab-ce!20678 | |||
2019-03-04 | Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master' | Yorick Peterse | |
Ensure request to link GroupSAML acount was GitLab initiated See merge request gitlab/gitlabhq!2976 | |||
2019-03-04 | Allow raw `tls_options` to be passed in LDAP configuration | Drew Blessing | |
We've previously exposed ca_file and ssl_version but there are many possible options that can be used inside tls_options. Instead of exposing individual ones, simply expose the entire hash so it can be passed in and we won't have to add things in the future. | |||
2019-01-28 | Backport of ee/9235: Add LDAP integration to smartcard authentication | Imre Farkas | |
2019-01-23 | Backport EE GroupSAML origin verification changes | James Edwards-Jones | |
2019-01-23 | Log admin status of user when OAuth::User is saved | Imre Farkas | |
2019-01-16 | chore(rubocop): fix Style/TrivialAccessors issues | Semyon Pupkov | |
2018-11-29 | Add config to disable impersonation | Imre Farkas | |
Adds gitlab.impersonation_enabled config option defaulting to true to keep the current default behaviour. Only the act of impersonation is modified, impersonation token management is not affected. | |||
2018-11-29 | Merge branch 'security-fix-pat-web-access' into 'master' | Cindy Pallares | |
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2583 | |||
2018-11-20 | Merge branch 'fix/allow-saml2-for-2fa-bypass' into 'master' | Douwe Maan | |
saml/auth_hash: Allow 2FA bypass for SAML 2.0 responses See merge request gitlab-org/gitlab-ce!22568 | |||
2018-11-01 | Fix typos in comments and specs | George Tsiolis | |
2018-10-29 | [master] Persist only SHA digest of PersonalAccessToken#token | Imre Farkas | |
2018-10-25 | saml/auth_hash: Allow 2FA bypass for SAML 2.0 responses | 115100 | |
Closes gitlab-org/gitlab-ce/#53102. | |||
2018-10-13 | Enable some frozen string in lib/gitlab | gfyoung | |
Enable frozen string for the following files: * lib/gitlab/auth/**/*.rb * lib/gitlab/badge/**/*.rb * lib/gitlab/bare_repository_import/**/*.rb * lib/gitlab/bitbucket_import/**/*.rb * lib/gitlab/bitbucket_server_import/**/*.rb * lib/gitlab/cache/**/*.rb * lib/gitlab/checks/**/*.rb Partially addresses #47424. | |||
2018-09-21 | Correct Gitlab Capitalization in code files | Marcel Amirault | |
2018-09-11 | Disable existing offenses for the CodeReuse cops | Yorick Peterse | |
This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. | |||
2018-08-23 | Backport LDAP changes to CE | Douglas Barbosa Alexandre | |
2018-08-22 | Fix broken Git over HTTP clones with LDAP users | Stan Hu | |
Due to a regression in !20608, the LDAP authenticator was not being used unless OmniAuth was enabled. This change allows the LDAP provider to be used if it is configured regardless of the OmniAuth setting. Closes #50579 | |||
2018-08-03 | Improve blocked user tracking code readability | Grzegorz Bizon | |
2018-08-02 | Remove an empty line from blocker user tracker class | Grzegorz Bizon | |
2018-08-02 | Remove an empty line from the end of blocked_user_tracker.rb | Grzegorz Bizon | |
2018-08-01 | Improve authentication events-related code readability | Grzegorz Bizon | |
2018-08-01 | Simplify blocked user tracking during authentication | Grzegorz Bizon | |
2018-08-01 | Improve blocked user tracking and fire some events only once | Grzegorz Bizon | |