From b5820a6bcd083c878a085aa288757e8dc2d35fec Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 3 Mar 2021 12:11:16 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 .../mixins/environments_pagination_api_mixin.js            |  2 ++
 app/controllers/application_controller.rb                  | 12 ++++++------
 app/controllers/graphql_controller.rb                      | 14 +++++++++++++-
 app/models/iterations/cadence.rb                           |  8 --------
 app/services/merge_requests/base_service.rb                |  2 +-
 app/services/merge_requests/update_service.rb              | 11 +++++++++++
 6 files changed, 33 insertions(+), 16 deletions(-)
 delete mode 100644 app/models/iterations/cadence.rb

(limited to 'app')

diff --git a/app/assets/javascripts/environments/mixins/environments_pagination_api_mixin.js b/app/assets/javascripts/environments/mixins/environments_pagination_api_mixin.js
index b62fe196a6f..a76c8e445ed 100644
--- a/app/assets/javascripts/environments/mixins/environments_pagination_api_mixin.js
+++ b/app/assets/javascripts/environments/mixins/environments_pagination_api_mixin.js
@@ -16,6 +16,7 @@ export default {
       let params = {
         scope,
         page: '1',
+        nested: true,
       };
 
       params = this.onChangeWithFilter(params);
@@ -27,6 +28,7 @@ export default {
       /* URLS parameters are strings, we need to parse to match types */
       let params = {
         page: Number(page).toString(),
+        nested: true,
       };
 
       if (this.scope) {
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 5f14d95ffed..379da90827a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -29,7 +29,6 @@ class ApplicationController < ActionController::Base
   before_action :validate_user_service_ticket!
   before_action :check_password_expiration, if: :html_request?
   before_action :ldap_security_check
-  around_action :sentry_context
   before_action :default_headers
   before_action :default_cache_headers
   before_action :add_gon_variables, if: :html_request?
@@ -171,7 +170,12 @@ class ApplicationController < ActionController::Base
   end
 
   def log_exception(exception)
-    Gitlab::ErrorTracking.track_exception(exception)
+    # At this point, the controller already exits set_current_context around
+    # block. To maintain the context while handling error exception, we need to
+    # set the context again
+    set_current_context do
+      Gitlab::ErrorTracking.track_exception(exception)
+    end
 
     backtrace_cleaner = request.env["action_dispatch.backtrace_cleaner"]
     application_trace = ActionDispatch::ExceptionWrapper.new(backtrace_cleaner, exception).application_trace
@@ -528,10 +532,6 @@ class ApplicationController < ActionController::Base
       .execute
   end
 
-  def sentry_context(&block)
-    Gitlab::ErrorTracking.with_context(current_user, &block)
-  end
-
   def allow_gitaly_ref_name_caching
     ::Gitlab::GitalyClient.allow_ref_name_caching do
       yield
diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb
index 152f07b4c16..53064041ab8 100644
--- a/app/controllers/graphql_controller.rb
+++ b/app/controllers/graphql_controller.rb
@@ -4,6 +4,8 @@ class GraphqlController < ApplicationController
   # Unauthenticated users have access to the API for public data
   skip_before_action :authenticate_user!
 
+  WHITELIST_HEADER = 'HTTP_X_GITLAB_QUERY_WHITELIST_ISSUE'
+
   # If a user is using their session to access GraphQL, we need to have session
   # storage, since the admin-mode check is session wide.
   # We can't enable this for anonymous users because that would cause users using
@@ -21,6 +23,7 @@ class GraphqlController < ApplicationController
   before_action(only: [:execute]) { authenticate_sessionless_user!(:api) }
   before_action :set_user_last_activity
   before_action :track_vs_code_usage
+  before_action :whitelist_query!
 
   # Since we deactivate authentication from the main ApplicationController and
   # defer it to :authorize_access_api!, we need to override the bypass session
@@ -59,6 +62,14 @@ class GraphqlController < ApplicationController
 
   private
 
+  # Tests may mark some queries as exempt from query limits
+  def whitelist_query!
+    whitelist_issue = request.headers[WHITELIST_HEADER]
+    return unless whitelist_issue
+
+    Gitlab::QueryLimiting.whitelist(whitelist_issue)
+  end
+
   def set_user_last_activity
     return unless current_user
 
@@ -66,7 +77,8 @@ class GraphqlController < ApplicationController
   end
 
   def track_vs_code_usage
-    Gitlab::UsageDataCounters::VSCodeExtensionActivityUniqueCounter.track_api_request_when_trackable(user_agent: request.user_agent, user: current_user)
+    Gitlab::UsageDataCounters::VSCodeExtensionActivityUniqueCounter
+      .track_api_request_when_trackable(user_agent: request.user_agent, user: current_user)
   end
 
   def execute_multiplex
diff --git a/app/models/iterations/cadence.rb b/app/models/iterations/cadence.rb
deleted file mode 100644
index 7945fb1785a..00000000000
--- a/app/models/iterations/cadence.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-# Placeholder class for model that is implemented in EE
-class Iterations::Cadence < ApplicationRecord
-  self.table_name = 'iterations_cadences'
-end
-
-Iterations::Cadence.prepend_if_ee('::EE::Iterations::Cadence')
diff --git a/app/services/merge_requests/base_service.rb b/app/services/merge_requests/base_service.rb
index 6bd31e26748..317cd11a69d 100644
--- a/app/services/merge_requests/base_service.rb
+++ b/app/services/merge_requests/base_service.rb
@@ -181,7 +181,7 @@ module MergeRequests
       }
 
       if exception
-        Gitlab::ErrorTracking.with_context(current_user) do
+        Gitlab::ApplicationContext.with_context(user: current_user) do
           Gitlab::ErrorTracking.track_exception(exception, data)
         end
 
diff --git a/app/services/merge_requests/update_service.rb b/app/services/merge_requests/update_service.rb
index 38df3ee0e43..217679e733c 100644
--- a/app/services/merge_requests/update_service.rb
+++ b/app/services/merge_requests/update_service.rb
@@ -47,6 +47,7 @@ module MergeRequests
       handle_draft_status_change(merge_request, changed_fields)
 
       track_title_and_desc_edits(changed_fields)
+      track_discussion_lock_toggle(merge_request, changed_fields)
 
       notify_if_labels_added(merge_request, old_labels)
       notify_if_mentions_added(merge_request, old_mentioned_users)
@@ -95,6 +96,16 @@ module MergeRequests
       end
     end
 
+    def track_discussion_lock_toggle(merge_request, changed_fields)
+      return unless changed_fields.include?('discussion_locked')
+
+      if merge_request.discussion_locked
+        merge_request_activity_counter.track_discussion_locked_action(user: current_user)
+      else
+        merge_request_activity_counter.track_discussion_unlocked_action(user: current_user)
+      end
+    end
+
     def notify_if_labels_added(merge_request, old_labels)
       added_labels = merge_request.labels - old_labels
 
-- 
cgit v1.2.3