CE upstream

See merge request !832

[ci skip]
Signed-off-by: Rémy Coutable <remy@rymai.me>

Convert ASCII-8BIT LDAP DNs to UTF-8 to avoid unnecessary user deletions

Issue #1159 exposed a bug where LDAP DNs would be loaded in ASCII-8BIT encoding
but compared against UTF-8-encoded values. This comparison would always
fail, causing the LDAP group sync to evict users with Unicode characters.
The problem was quietly masked because the user would be re-added later
in the group sync worker.

This commit forces the UTF-8 encoding and falls back to the original value
if that fails.

The net-ldap library has an outstanding issue
(https://github.com/ruby-ldap/ruby-net-ldap/issues/4) to load data in UTF-8
format instead of ASCII-8BIT. Per
https://tools.ietf.org/html/rfc4514#section-3, LDAP DNs should be in UTF-8.

See merge request !828

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Reduce code included in `RepositorySizeError`

Closes #1141

See merge request !833

Merge branch 'ee-1159-allow-permission-check-bypass-in-approve-access-request-service-ee' into 'master'

Don't pass a current user to Member#add_user in LDAP group sync

See the individual commits for explanation of the changes.

This is part of the fix for gitlab-org/gitlab-ee#1159.

CE backport for the change in `Members::ApproveAccessRequestService` is at gitlab-org/gitlab-ce!7168.
/cc @stanhu

See merge request !830

Delete issue board welcome cookie

## What does this MR do?

This was seen in the idea to production demo, because the project had already existed on the exact same URL the cookie already existed which meant the blank state wasn't shown. 

This MR deletes the cookie on project create.

See merge request !6899

This is because group owners have their `:admin_group_member` permission
removed when the group is LDAP synced, thus ending in an early return
at `return member unless can_update_member?(current_user, member)` in
`Member.add_user`, leading to new LDAP users not being created.

This make this change while still being able to approve access requests
during a LDAP sync, `Members::ApproveAccessRequestService` has been
changed (in CE) to accept a `:force` option that bypass permission check
(since the permission is removed for owners of LDAP-synced groups).
This option is thus set to `ldap` in `Member.add_user`.
Signed-off-by: Rémy Coutable <remy@rymai.me>

This param allows to bypass permission check. It is useful for LDAP-sync
where even owners don't have the :admin_group_member permission.

See
https://gitlab.com/gitlab-org/gitlab-ee/blob/6081c37123abae4570f78831b33c2f45f92c2765/app/policies/group_policy.rb#L38
and https://gitlab.com/gitlab-org/gitlab-ee/issues/1159Signed-off-by: Rémy Coutable <remy@rymai.me>

Replace static fixture by generated one in issue_spec.js

## What does this MR do?

- clean up `issue_spec.js`
- introduce an alternative approach to #19445
  - rename `rake teaspoon` to `rake teaspoon:tests`
  - introduce `rake teaspoon:fixtures` which generates fixtures using RSpec
  - introduce `rake teaspoon` which runs `rake teaspoon:fixtures` and `rake teaspoon:tests`

## Why was this MR needed?

- many duplications
- missing existence checks
- missing conditions
- static fixtures don't match real views

## Reasoning

I want to explain some of my decisions here, so that they stay visible for future discussions.

### Why not HAML?

- same number of HAML templates as number of fixtures (many input files)
- embedded logic less readable
- can not be rendered by JavaScript (because of inline Ruby)

### Why RSpec?

- real controllers for fixtures
- spys available for mocking
- easily report failed fixture generations

### Why not magic_lamp? (#19445)

- introduces another dependency/tool
- needs to run a server concurrently to teaspoon
- makes it harder to use a JavaScript test runner
- static HTML files serve faster

See merge request !6059

Modify GitHub importer to be retryable

Closes #23533

See merge request !7003

Only show one error message for an invalid email

Changes it to only validate the notification_email format if it's different from email.

Closes #5905

See merge request !7158

Stop unauthorized users dragging on milestone page

Closes #13670

See merge request !7113

Document admin access requirement for /deploy_keys endpoint

Closes #23807

See merge request !7164

Fix and improve `Sortable.highest_label_priority`

Closes #23928

See merge request !7165

API: Fix booleans not recognized as such when using the `to_boolean` helper

Fixes #22831
Fixes #23890

See merge request !7149

Jira refactoring to jira gem

part of gitlab-org/gitlab-ee#1008

Original MR: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2572/commits

See merge request !6598