| Age | Commit message (Collapse) | Author |
|---|
|
API: Share projects only with groups current_user can access
Aims to address the issues here: https://gitlab.com/gitlab-org/gitlab-ce/issues/23004
* Projects can be shared with non-existent groups
* Projects can be shared with groups that the current user does not have access to read
Concerns:
The new implementation of the API endpoint allows projects to be shared with a larger range of groups than can be done via the web UI.
The form for sharing a project with a group uses the following API endpoint to index the available groups: https://gitlab.com/gitlab-org/gitlab-ce/blob/494269fc92f61098ee6bd635a0426129ce2c5456/lib/api/groups.rb#L17. The groups indexed in the web form will only be those groups that the user is currently a member of.
The new implementation allows projects to be shared with any group that the authenticated user has access to view. This widens the range of groups to those that are public and internal.
See merge request !2005
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Allow browsing branches that end with '.atom'
## What does this MR do?
1. Simplify the regex capture in the routing for the CommitsController
to not exclude the '.atom' suffix. That's a perfectly valid git
branch name, so we shouldn't blow up if we get it.
2. Because Rails now can't automatically detect the request format, add
some code to do so in `ExtractPath` when there is no path. This means
that, given branches 'foo' and 'foo.atom', the Atom feed for the
former is unroutable. To fix this: don't do that! Give the branches
different names!
## Why was this MR needed?
Creating a branch or tag name ending in '.atom' would cause some 500s on that repo.
## What are the relevant issue numbers?
Closes #21955. Related to !5994.
See merge request !6750
|
|
Move reply by email docs to a new location
## What does this MR do?
Move reply by email docs to a new location.
Part of https://gitlab.com/gitlab-org/gitlab-ce/issues/3349
## Moving docs to a new location?
See the guidelines: http://docs.gitlab.com/ce/development/doc_styleguide.html#changing-document-location
- [ ] Make sure the old link is not removed and has its contents replaced with a link to the new location.
- [ ] Make sure internal links pointing to the document in question are not broken.
- [ ] Search and replace any links referring to old docs in GitLab Rails app, specifically under the `app/views/` directory.
- [ ] If working on CE, submit an MR to EE with the changes as well.
See merge request !6517
|
|
We need to do two things to support this:
1. Simplify the regex capture in the routing for the CommitsController
to not exclude the '.atom' suffix. That's a perfectly valid git
branch name, so we shouldn't blow up if we get it.
2. Because Rails now can't automatically detect the request format, add
some code to do so in `ExtractPath` when there is no path. This means
that, given branches 'foo' and 'foo.atom', the Atom feed for the
former is unroutable. To fix this: don't do that! Give the branches
different names!
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Remove NamespacesController
* removes unnecessary NamespacesController. The main purpose of this controller was redirect to group or user page when URL like https://gitlab.com/gitlab-org was used. Now this functionality is handled by constrainers (like this https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/routes/user.rb#L17-21) and take user to correct controller right from the start.
* serve non existing API routes like `/api/v3/whatever` with Grape instead of Rails. Before this change wrong API url was served by rails with not obvious 404, 405 & 500 errors
See merge request !6733
|
|
Rename HTMLEntityFilter to HtmlEntityFilter to fix autoloading
See merge request !6776
|
|
Explain the extra chmod
There is confusion about what passing `0600` to File.open does.
```
$ touch /tmp/foobar
$ ls -l /tmp/foobar
-rw-r--r-- 1 jacobvosmaer wheel 0 Sep 26 14:20 /tmp/foobar
$ ruby -e 'File.open("/tmp/foobar", "w", 0600)'
$ ls -l /tmp/foobar
-rw-r--r-- 1 jacobvosmaer wheel 0 Sep 26 14:20 /tmp/foobar
$
$
$ rm /tmp/foobar
$ ruby -e 'File.open("/tmp/foobar", "w", 0600)'
$ ls -l /tmp/foobar
-rw------- 1 jacobvosmaer wheel 0 Sep 26 14:21 /tmp/foobar
```
See merge request !6523
|
|
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Adds .git and .atom to the master namespace regex
Updates existing group tests and adds two new ones
Updates path cleaning to also forbid .atom
|
|
Memoize Github::Shell's secret token
## What does this MR do?
`API::Helpers#secret_token` was reading the secret file on every invocation. This MR reads the file in the `gitlab_shell_secret_token.rb` initializer and saves it as a class variable at `Gitlab::Shell.secret_token`
## Are there points in the code the reviewer needs to double check?
- I'm not sure if the use of `cattr_accessor` is the best approach, or if should be moved into the `class << self` block?
- Should `API::Helpers#secret_token` be removed in favor of using `Gitlab::Shell.secret_token`?
## Why was this MR needed?
Performance optimization.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22510
See merge request !6599
|
|
Add visible projects API
## What does this MR do?
Add a new `/projects/visible` API endpoint. Originally created by @ben.boeckel in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5970.
## Are there points in the code the reviewer needs to double check?
Does the API make sense?
## Why was this MR needed?
The `/projects` endpoint only returned projects the user was explicitly a member of.
Closes #19361, #3119.
See merge request !6681
|
|
Resolve "NameError: undefined local variable or method `request' for #<Grape::Middleware::Error:0x007fc990..."
## What does this MR do?
Switches from `request` to `env` in an API helper method as the helpers are included in contexts lacking `request`.
## Are there points in the code the reviewer needs to double check?
I couldn't build a reproducer for this.
Closes #22820
See merge request !6615
|
|
This commit alters views for the following models to use the markdown cache if
present:
* AbuseReport
* Appearance
* ApplicationSetting
* BroadcastMessage
* Group
* Issue
* Label
* MergeRequest
* Milestone
* Project
At the same time, calls to `escape_once` have been moved into the `single_line`
Banzai pipeline, so they can't be missed out by accident and the work is done
at save, rather than render, time.
|
|
|
|
This commit adds a number of _html columns and, with the exception of Note,
starts updating them whenever the content of their partner fields changes.
Note has a collision with the note_html attr_accessor; that will be fixed later
A background worker for clearing these cache columns is also introduced - use
`rake cache:clear` to set it off. You can clear the database or Redis caches
separately by running `rake cache:clear:db` or `rake cache:clear:redis`,
respectively.
|
|
Fix inconsistent highlighting of already selected activity nav-links
## What does this MR do?
* Remove edge case where user could deselect an activity nav-link (which seems to be returning all the events)
* Explicitly add an `All` tab to return all the events
## Are there points in the code the reviewer needs to double check?
Shouldn't be
## Why was this MR needed?
Resolves existing UI inconsistency
## Screenshots (if relevant)
Before:
After:
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
* Closes #21631
* Closes #21452
See merge request !6091
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
every request.
|
|
Per https://gitlab.com/gitlab-org/gitlab-ce/issues/22820, this helper is mixed
in to classes that lack a `request` method. They do include `env`, so use it
instead.
|
|
Fix broken handling of certain calls in GitHub importer client
## What does this MR do?
It changes/fixes the behavior of request handling in GH client. Now it returns the response directly if it's not a collection of resources. Otherwise, it checks for a passed block, if true, then it yield each page to said block, if not, it collects all response in a single array then returns it.
Closes #22998
See merge request !6703
|
|
API: Use Grape DSL to document access requests and members endpoints
Part of #21979, depends on gitlab-org/gitlab-ce!6267 and gitlab-org/gitlab-ce!6266.
See merge request !6269
|
|
See !6096.
|
|
Issue Board API support
## What does this MR do?
Adds support for Issue Board in the API.
## Are there points in the code the reviewer needs to double check?
~~Double check whether the Issue Board list movement fix is needed.~~
*Moved to a separate issue.* [#22890](https://gitlab.com/gitlab-org/gitlab-ce/issues/22890)
## Why was this MR needed?
Currently the API offers partial support to a project's Issue Board indirectly through Labels.
This MR adds support for listing, creating, moving and removing board lists.
## Does this MR meet the acceptance criteria?
- [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [X] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [X] API support added
- Tests
- [X] Added for this feature/bug
- [X] All builds are passing
- [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [X] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
[#22195](https://gitlab.com/gitlab-org/gitlab-ce/issues/22195)
See merge request !6646
|
|
Closes #22998
|
|
|
|
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
fix group links 404
### What does this MR do?
This MR should fix the 404 page, when creating a new group links without selecting any group from the group dropdown list.
### What are the relevant issue numbers?
Closes #20766
See merge request !6155
|
|
add docs and tests - add additional validation
allow move without content
updated response
|
|
See !6474.
|
|
- Includes documentation and tests
|
|
Refactor Gitlab::Identifier
## What does this MR do?
This refactors `Gitlab::Identifier` so that it:
1. Has tests
2. Caches output in an instance variable to reduce queries
3. Uses only a single query to find a user by an SSH key, instead of 2
## Why was this MR needed?
This code was untested and would execute more SQL queries than needed.
See merge request !6680
|
|
|
|
This refactors Gitlab::Identifier so it uses fewer queries and is
actually tested. Queries are reduced by caching the output as well as
using 1 query (instead of 2) to find a user using an SSH key.
|
|
Update runner version only when updating contacted_at
## What does this MR do?
Improves how we update runners table, especially the version.
This is another round of improvements to reduce number of `ci_runners` updates.
I did make `contacted_at` to be updated more often (on average every 15 minutes).
We will also update version information in one go to solve: https://gitlab.com/gitlab-org/gitlab-ce/issues/22206
Improves: https://gitlab.com/gitlab-org/gitlab-ce/issues/22590
Solves: https://gitlab.com/gitlab-org/gitlab-ce/issues/22206
See merge request !6537
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
Skip wiki creation when GitHub project has wiki enabled
## What does this MR do?
When importing a repository from if the repository has wiki, we should not create the default wiki. Otherwise the GitHub importer will fail because the wiki repository already exist. This bug was introduced here https://gitlab.com/gitlab-org/gitlab-ce/commit/892dea67717c0efbd6a28f7639f34535ec0a8747
## Are there points in the code the reviewer needs to double check?
No.
## Why was this MR needed?
GitLab fails to import GitHub Wiki.
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
- [X] Added for this feature/bug
- [ ] All builds are passing
- [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
Fixes #22225
See merge request !6665
|
|
FIxes #19361, #3119.
|
|
If the GitHub project repository has wiki, we should not create
the default wiki. Otherwise the GitHub importer will fail because
the wiki repository already exist.
This bug was introduced here
https://gitlab.com/gitlab-org/gitlab-ce/commit/892dea67717c0efbd6a28f763
9f34535ec0a8747
|
|
|
|
Closes #22911
|
|
Improve `Members::DestroyService`
Part of #21979.
See merge request !6267
|
|
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
