- 30 Nov, 2016 6 commits
-
-
Robert Speicher authored
Update Sidekiq-cron to fix compatibility issues with Sidekiq 4.2.1 The "Enqueue Now" button would not work in the admin panel due to changes in the Web extension interface: https://github.com/ondrejbartas/sidekiq-cron/commit/88ada926132d4658e3fd370c9f44899b6c88ccaf Closes #24376 See merge request !7815
-
Robert Speicher authored
Add `null: true` to timestamps in migrations that does not define it This is to ensure that migrations will still be consitent when we will upgrade to Rails 5 which default to `null: false` for timestamps columns. Fixes #23666. See merge request !7791
-
Douwe Maan authored
Alert user when logged in user email is not the same as the invitation ## What does this MR do? Add a note to the invitation page when the logged in user email is not the same as the invitation. ## Why was this MR needed? Help users to not accept invitations logged in with a wrong account. ## Screenshots (if relevant)  ## Relevant issues Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24955 See merge request !7803
-
Douwe Maan authored
CE-specific changes for gitlab-org/gitlab-ee#1137 ## What does this MR do? - gitlab-org/gitlab-ee#1137 is a `technical debt` issue to clean up the EE protected branch access levels (for users and groups) implementation. - Some of this cleanup bleeds over to code shared by CE and EE, which is why this MR is required. - An EE-specific MR has also been created: gitlab-org/gitlab-ee!927 See merge request !7821
-
Annabel Dunstone Gray authored
Fix the width of project avatars in order to adjust alignment within their container element ## What does this MR do? Adjusts the width of project avatars in order to fix their alignment within the container elements. ## Are there points in the code the reviewer needs to double check? To make sure there are no unintentional styles changes on unrelated elements. ## Why was this MR needed? To fix the issue seen below. ## Screenshots (if relevant) Before:  After:  Affected pages:  ## What are the relevant issue numbers? Closes #24999 See merge request !7772
-
Annabel Dunstone Gray authored
Changes project dashboard tabs to sentence casing Changes the nav tab titles on the project dashboard page (```https://gitlab.com/dashboard/projects```) from title casing to sentence casing. Before:  After:  Closes #25002 See merge request !7774
-
- 29 Nov, 2016 34 commits
-
-
Annabel Dunstone Gray authored
Add blue back to sub nav active ## What does this MR do? Adds blue color back active sub nav tab ## Screenshots (if relevant)  ## Does this MR meet the acceptance criteria? - [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? https://gitlab.com/gitlab-org/gitlab-ce/issues/24149 See merge request !7829
-
Fatih Acet authored
Adds hoverstates for collapsed Issue/Merge Request sidebar This MR is part 1/2 of https://gitlab.com/gitlab-org/gitlab-ce/issues/25011 ## What does this MR do? Adds hoverstates for collapsed Issue/Merge Request sidebar ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? We needed hover states on the issue/merge request sidebar ## Screenshots (if relevant)   ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #25011 See merge request !7777
-
Ryan Harris authored
-
Alfredo Sumaran authored
New project should be below new group on the welcome screen ## What does this MR do? Places the group `.blank-slate` above the project's. ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? ## Screenshots (if relevant)  ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #24135 See merge request !7770
-
Fatih Acet authored
Remove JSX/React eslint plugins. ## What does this MR do? ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? See merge request !7470
-
tauriedavis authored
-
Grzegorz Bizon authored
Expose timestamps in build entity ## What does this MR do? This MR exposes timestamps for build entity that is being used by serializers in `app/serializers`. ## Does this MR meet the acceptance criteria? - Tests - [x] Added for this feature/bug - [ ] All builds are passing ## What are the relevant issue numbers? See https://gitlab.com/gitlab-org/gitlab-ce/issues/24844#note_19145053 See merge request !7818
-
Annabel Dunstone Gray authored
Fix pipelines info being hidden in merge request widget ## What does this MR do? Reintroduces CSS classes that are necessary for `MergeRequestWidget` to show correct divs. ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - ~~[ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - ~~[ ] API support added~~ - Tests - ~~[ ] Added for this feature/bug~~ - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #25055 See merge request !7808
-
Luke "Jared" Bennett authored
Change airbnb eslint config package to `eslint-config-airbnb-base` and update plugins. Change `airbnb` to `airbnb-base` for .eslintrc `extends` value. Added changelog entry Made sure all plugins and envs are set Corrected new failing specs
-
Dimitrie Hoekstra authored
-
Luke "Jared" Bennett authored
-
Yorick Peterse authored
Remove unnecessary database indices See merge request !7789
-
Stan Hu authored
The "Enqueue Now" button would not work in the admin panel due to changes in the Web extension interface. Closes #24376
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Grzegorz Bizon authored
-
Rémy Coutable authored
Fix broken README.md UX guide link. See merge request !7805
-
Valery Sizov authored
-
Sean McGivern authored
Fix blob controller spec failure See merge request !7814
-
Achilleas Pipinellis authored
Fix typos in Bitbucket integration docs [ci skip] See merge request !7823
-
Timothy Andrew authored
- Extract all common {push,merge} access level model code into the `ProtectedBranchAccess` module - Use the HTTP verb to define controller specs -
Lee Matos authored
-
Sean McGivern authored
Add setting to enable/disable HTML emails Closes #24880 See merge request !7749
-
Kamil Trzciński authored
Add issue search slash command See merge request !7752
-
James Lopez authored
-
Annabel Dunstone Gray authored
Homogenize sort and filter dropdown toggles ## What does this MR do? Homogenizes the style of *filter* and *sort* dropdown toggles (aka buttons) related to: - *issues* (index, new & edit views) - *issue boards* (index); - *merge requests* (index, new, edit); - *projects* (index and "explore"); - *projects admin* (index); - *groups* (show and "explore"); - *groups admin* (index); - *users admin* (index); - *todos* (index); - *branches* (index); - *commits* (index); - *cycle analytics*; - *network*; - *forks*; - *tags* (index); - *global search* Some other dropdowns are incidently concerned: - project admin (show); - assigne/due date/milestone/label dropdowns on the issue and board sidebars; - stage dropdown on the build sidebar; - merge request and comparison dropdowns for choosing forks and branches; - ref switcher (e.g. in the blob (show) view or in the graphs view); Dropdown toggles concerned by #24150 but not covered in this MR: - Dropdowns for selection MR versions to be compared (in the "Changes" tab of an MR); - Dropdowns that bring up a list of actions: - "Settings" dropdowns (such as the one found on the upper-right corner of all project pages); - The download/action/notifications buttons on the main project page; - Dropdowns located inside of list items (on list of pipelines, users and groups, for instance); - The "Options" button on the commit (show) view; - The "+" button on the tree explorer (for creating files, branches, tags, ...) ### TODO - [ ] Update ui.html if needed ## Are there points in the code the reviewer needs to double check? Am I changing any other dropdown toggle than listed above? ## Why was this MR needed? For #24150 ## Screenshots (if relevant) ### Issue Index **Before:**  **After:**  ### Issue New **Before:**  **After:**  ### Merge Request Branch Selector **Before:**  **After:**  ### Global Search  ### Cycle Analytics  ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - ~~API support added~~ - Tests - ~~Added for this feature/bug~~ - [ ] All builds are passing - ~~Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)~~ - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? #24150 See merge request !7583
-
James Lopez authored
-
Fatih Acet authored
Hide project variables values by default Add a button to reveal/hide the values to help prevent accidental disclosure of sensitive information from wandering on a page.  Closes #21358 See merge request !7731
-
Robert Speicher authored
Refactor issuable description and metadata form sections Continuation of https://gitlab.com/gitlab-org/gitlab-ce/issues/23864. Brother of gitlab-org/gitlab-ee!916. See merge request !7758
-
Douwe Maan authored
Add diff hunks to notification emails Add diff hunks to notification emails. Continued from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5855 - thanks @hoopes! This also fixes an issue where the + / - prefixes were missing from diffs in emails. Screenshots (from my browser) of the HTML emails, along with text screenshots
😛  ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1023 > Finished This is a comment at the top of a match section. ```  ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1022 > Finished > %span.badge.js-running-count= @all_builds.finished.count(:id) > > - %li{class: ('active' if @scope == 'all')} > - = link_to admin_builds_path(scope: :all) do > - All > - %span.badge.js-totalbuilds-count= @all_builds.count(:id) > - > .gray-content-block > #{(@scope || 'running').capitalize} builds > This is a comment at the bottom of a match section. ```  ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1024 > = link_to 'Cancel all', cancel_all_admin_builds_path, data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post > > %ul.center-top-menu > - %li{class: ('active' if @scope.nil?)} > + %li{class: ('active' if @scope == 'all')} > = link_to admin_builds_path do > + All This is a comment with some deleted and added lines above it. ``` Closes #21027, closes #24340. See merge request !7660 -
Douwe Maan authored
Replace issue access checks with use of IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR?
⚠ - Potentially untested💣 - No test coverage🚥 - Test coverage of some sort exists (a test failed when error raised)🚦 - Test coverage of return value (a test failed when nil used)✅ - Permissions check tested ### Issue lookup with access check Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells). - [x]🚦 app/finders/notes_finder.rb:15 [`visible_to_user`] - [x]🚥 app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`] - [x]✅ app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`] - [x]✅ lib/api/issues.rb:112 [`visible_to_user`] - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone - [x]✅ lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too? - [x]✅ lib/gitlab/search_results.rb:53 [`visible_to_user`] ### Previous discussions - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126 - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87 See merge request !2031 -
Douwe Maan authored
Fix missing access checks on issue lookup using IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
⚠ - Potentially untested💣 - No test coverage🚥 - Test coverage of some sort exists (a test failed when error raised)🚦 - Test coverage of return value (a test failed when nil used)✅ - Permissions check tested - [x]✅ app/controllers/projects/branches_controller.rb:39 - `before_action :authorize_push_code!` helpes limit/prevent exploitation. Always checks for reporter access so fine with confidential issues, issues only visible to team, etc. - [x]🚥 app/models/cycle_analytics/summary.rb:9 [`.count`] - [x]✅ app/controllers/projects/todos_controller.rb:19 - [x] Potential double render in app/controllers/projects/todos_controller.rb - https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#cedccb227af9bfdf88802767cb58d43c2b977439_24_24 See merge request !2030 -
Douwe Maan authored
Fix information disclosure in `Projects::BlobController#update` It was possible to discover private project names by modifying `from_merge_request`parameter in `Projects::BlobController#update`. This fixes that. - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) https://gitlab.com/gitlab-org/gitlab-ce/issues/22869 See merge request !2023
-
Douwe Maan authored
Fix label creation non members Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416 See merge request !2006
-
