- 16 Jun, 2016 1 commit
-
-
Robert Speicher authored
Project members with guest role can't access notes on confidential issues Related issues: - https://gitlab.com/gitlab-org/gitlab-ce/issues/18535 - https://gitlab.com/gitlab-org/gitlab-ce/issues/14787 See merge request !1971
-
- 15 Jun, 2016 3 commits
-
-
Dmitriy Zaporozhets authored
-
Stan Hu authored
Don't fail builds for projects that are deleted when they are stuck ## What does this MR do? Solves when dropping stuck connection. ``` Dropping stuck pending build 1545510 for runner NoMethodError: undefined method `origin_merge_requests' for nil:NilClass from /opt/gitlab/embedded/service/gitlab-rails/app/services/merge_requests/base_service.rb:50:in `merge_request_from' from /opt/gitlab/embedded/service/gitlab-rails/app/services/merge_requests/base_service.rb:57:in `each_merge_request' from /opt/gitlab/embedded/service/gitlab-rails/app/services/merge_requests/add_todo_when_build_fails_service.rb:5:in `execute' from /opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/metrics/instrumentation.rb:164:in `execute' from /opt/gitlab/embedded/service/gitlab-rails/app/models/commit_status.rb:51:in `block (2 levels) in <class:CommitStatus>' from /opt/gitlab/embedded/service/gem/ruby/2.1.0/gems/state_machines-0.4.0/lib/state_machines/eval_helpers.rb:79:in `call' ... ``` This happens, because that `default_scope` of `Projects` filters returns the projects that are not deleted, where `Ci::Build` doesn't take into account. See merge request !4609
-
Douglas Barbosa Alexandre authored
-
- 14 Jun, 2016 36 commits
-
-
Stan Hu authored
Fix typo in obtaining a backtrace from all threads in gdb See merge request !4612
-
Jacob Schatz authored
Fix note polling when a window has been hidden `refresh` was called, `refreshing` was set to true, but then because `document.hidden` was true, `getContent` was never called, and `refreshing` never got reset to `false`, which stopped polling entirely until refresh. See merge request !4635
-
Stan Hu authored
Manually create todo for issuable ## What does this MR do? Adds a button to the sidebar in issues & merge requests to allow users to manually create a todo item themselves. ## What are the relevant issue numbers? Closes #15045 ## Screenshots (if relevant) ![Screen_Shot_2016-06-07_at_09.52.14](/uploads/00af70244c0589d19f241c3e85f3d63d/Screen_Shot_2016-06-07_at_09.52.14.png) ![Screen_Shot_2016-06-07_at_09.52.06](/uploads/e232b02208613a4a50cff4d1e6f119ff/Screen_Shot_2016-06-07_at_09.52.06.png) ![Screen_Shot_2016-06-07_at_09.51.14](/uploads/f1d36435d49ab882538ae2252bec8086/Screen_Shot_2016-06-07_at_09.51.14.png) See merge request !4502
-
Robert Speicher authored
Only show notes through JSON on confidential issues that the user has access to Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18535 See merge request !1970
-
Jacob Schatz authored
Update CHANGELOG ## What does this MR do? Updates the CHANGELOG See merge request !4549
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Annabel Dunstone authored
-
Jacob Schatz authored
Fixes bulk-assign labels not working when navigating through pages ## What does this MR do? This MR fixes an issue on bulk-assign labels not working when navigating though pages. The functionality was not working because events on checkboxes weren't working. This re-runs `Issuable.initChecks()` and makes sure we are not leaving zombie event handlers by turning them off first. Also fixes tests to use `wait_for_ajax` since label filtering is now using `Turbolinks` for redirection. ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - [ ] Tests - [ ] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4632
-
Alfredo Sumaran authored
-
Alfredo Sumaran authored
-
Alfredo Sumaran authored
-
Alfredo Sumaran authored
-
Jacob Schatz authored
Aligned the two navs horizontally ## What does this MR do? Previously the 2 top navs were not aligned horizontally together. The top nav would be slightly to the left due to the settings dropdown. This corrects that by putting `position: absolute` on the dropdown toggle. ## What are the relevant issue numbers? Closes #18513 ## Screenshots (if relevant) ![Screen_Shot_2016-06-13_at_10.20.22](/uploads/46f39a84dde74707578970f70ddda511/Screen_Shot_2016-06-13_at_10.20.22.png) See merge request !4616
-
Rémy Coutable authored
Update allocations Gem & ignore classes without names ## What does this MR do? 1. Updates the allocations Gem to 1.0.5 so it can be used on 2.2/2.3 without crashing 2. Changes the background sampler to ignore classes/modules without a name (as we can't do much with these) ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Using MRI 2.2 or 2.3 would lead to a segmentation fault in the allocations Gem, sometimes this problem would also occur on 2.1 ## What are the relevant issue numbers? Not an issue, but the merge request that highlighted these problems: !3807 ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - [ ] ~~API support added~~ - [ ] Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4645
-
Phil Hughes authored
Uses outerWidth instead of width
-
Douwe Maan authored
Revert "Added API endpoint for Sidekiq Metrics" @DouweM please merge my accidental push to master. See merge request !4651
-
Patricio Cano authored
This reverts commit 06e0ef07
-
Patricio Cano authored
-
Yorick Peterse authored
-
Yorick Peterse authored
We can't do a lot with classes without names as we can't filter by them, have no idea where they come from, etc. As such it's best to just ignore these.
-
Yorick Peterse authored
This allows it to be used on Ruby 2.3 without it crashing all the time.
-
Jacob Schatz authored
Put all sidebar icons in fixed width container ## What does this MR do? Puts all icons (font awesome and custom) in fixed width container to fix weird alignment ## Why was this MR needed? Mix of font awesome icons & custom icons results in different icon widths ## What are the relevant issue numbers? Closes #18539 ## Screenshots (if relevant) <img src="/uploads/94a82258d5d71df0b9608ccd4d7e5cd1/Screen_Shot_2016-06-14_at_9.57.25_AM.png" width="400px"> See merge request !4648
-
Annabel Dunstone authored
-
Robert Speicher authored
Forbid scripting for wiki files Wiki files (not pages - files in the repo) are just sent to the browser with whatever content-type the mime_types gem assigns to them based on their extension. As this is from the same domain as the GitLab application, this is an XSS vulnerability. Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these files. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17298. See merge request !1969
-
Douwe Maan authored
Allow users to request access to projects and groups #### TODO: - [x] Factorize the projects & groups members list - [x] Factorize `request_access` and `approve` controller methods into a concern - [x] Factorize the project & group dropdowns - [x] Factorize access request routes - [x] Factorize mailers #### Will be done in separate MRs - [ ] Documentation - [ ] API #### Access request to project - [x] Design project access request button to spec (defined in #13948) - [x] Request access to a project as a logged in user - [x] Withdraw access request to a project as a logged in user - [x] Do not treat project member request as actual membership (done partly in Ability) - [x] Display access requests on project's members page (+ allow to change level, approve, and deny request) - [x] Email requesting user at notification email address when accepted/denied - [x] Email all project admins at notification email addresses when new access request - [x] Unit specs to cover new functionality: `AccessRequestable` is missing specs - [x] Controller specs to cover new functionality - [x] Mailer specs to cover new functionality - [x] Features specs to cover new UI and interactions - [x] Regression specs still passing #### Access request to group - [x] Design group access request button to spec (defined in #13948) - [x] Request access to a group as a logged in user - [x] Withdraw access request to a group as a logged in user - [x] Do not treat group member request as actual membership - [x] Display access requests on group's members page (+ allow to change level, approve, and deny request) - [x] Email requesting user at notification email address when accepted/denied - [x] Email all project admins at notification email addresses when new access request - [x] Unit specs to cover new functionality - [x] Controller specs to cover new functionality - [x] Mailer specs to cover new functionality - [x] Features specs to cover new UI and interactions - [x] Regression specs still passing Closes #13948. ### Requesting access to a project #### Responsive UI ![request-access-to-project](/uploads/59337d84ca4c2f637dfd73fca038def9/request-access-to-project.gif) #### Request access link ![1-project-request-access-link](/uploads/5436f7854bc48bff74b2664b311920c6/1-project-request-access-link.png) #### Flash once access is requested ![2-project-request-access-flash](/uploads/8b304dd737431c47d00ee90ab88b8098/2-project-request-access-flash.jpg) #### Email sent to project admins on new access requests ##### HTML Email ![3-project-request-access-email-html](/uploads/63842c9bd4e43a907ab189087dd24cad/3-project-request-access-email-html.jpg) ##### Plain Email ![4-project-request-access-email-plain](/uploads/249289418678c65abfcf4c1e944986c6/4-project-request-access-email-plain.jpg) ### Withdrawing access request to a project #### Withdraw access request link ![5-project-withdraw-request-link](/uploads/932984713a98f03ad75cd9606245cbe2/5-project-withdraw-request-link.png) #### Withdraw access request confirmation dialog box ![6-project-withdraw-request-confirm](/uploads/bf6afb5b83ad8ba31443812d0ccbc50b/6-project-withdraw-request-confirm.png) #### Flash once access has been withdrawn ![6-2-project-withdraw-request-confirm](/uploads/4dea00452adc4febd7cff4a969a7830a/6-2-project-withdraw-request-confirm.png) ### Access requests management page ![7-project-access-requests](/uploads/2030399fa9ce261e0df4bd3d399bfc24/7-project-access-requests.jpg) #### Deny access request confirmation dialog box ![8-project-access-request-deny-confirm](/uploads/b6ffcc3092b037fb4d3a5f1929befa90/8-project-access-request-deny-confirm.png) #### Email sent to requester on denied access requests ##### HTML Email ![9-project-request-access-denied-email-html](/uploads/7fb26d627f8919039ce88302e72ede83/9-project-request-access-denied-email-html.jpg) ##### Plain Email ![10-project-request-access-denied-email-plain](/uploads/34a21f2266e3238dc29b93f855183fb0/10-project-request-access-denied-email-plain.jpg) #### Email sent to requester on granted access requests ##### HTML Email ![11-project-request-access-granted-email-html](/uploads/cecd4d874885c48dd8bb420f19defd8f/11-project-request-access-granted-email-html.jpg) ##### Plain Email ![12-project-request-access-granted-email-plain](/uploads/636446f7a711904231d592add2de83dc/12-project-request-access-granted-email-plain.jpg) ---------------------------------- ---------------------------------- ### Requesting access to a group #### Responsive UI ![request-access-to-group](/uploads/b319b8844836ad599ad4d562f3ba6057/request-access-to-group.gif) #### Request access link ![1-group-request-access-link](/uploads/1eccd38061f0183ba71c482f51ebf53a/1-group-request-access-link.png) #### Flash once access is requested ![2-group-request-access-flash](/uploads/bbb94ede6c54cd0b6b28e8e1196f687c/2-group-request-access-flash.jpg) #### Email sent to project admins on new access requests ##### HTML Email ![3-group-request-access-email-html](/uploads/7df7196e83d80bea861ea94bd8f3f390/3-group-request-access-email-html.jpg) ##### Plain Email ![4-group-request-access-email-plain](/uploads/55a1abcd7a42368f3ba8f20650339e4a/4-group-request-access-email-plain.jpg) ### Withdrawing access request to a project #### Withdraw access request link ![5-group-withdraw-request-link](/uploads/d02ed4f353a334a0a6c181da6006f0d6/5-group-withdraw-request-link.png) #### Withdraw access request confirmation dialog box ![6-group-withdraw-request-confirm](/uploads/09d6e123390f257aff9aed3b08695ad6/6-group-withdraw-request-confirm.png) #### Flash once access has been withdrawn ![6-2-group-withdraw-request-confirm](/uploads/cf300d2292d0c10ca592424860b80d20/6-2-group-withdraw-request-confirm.png) ### Access requests management page ![7-group-access-requests](/uploads/821c55ba4276112b1994ca87b0c5e1ad/7-group-access-requests.jpg) #### Deny access request confirmation dialog box ![8-group-access-request-deny-confirm](/uploads/68fad9da8bc82492be3f6d55d33dba17/8-group-access-request-deny-confirm.png) #### Email sent to requester on denied access requests ##### HTML Email ![9-group-request-access-denied-email-html](/uploads/48a8e0cc2cea3b36529b04d259dc8e65/9-group-request-access-denied-email-html.jpg) ##### Plain Email ![10-group-request-access-denied-email-plain](/uploads/85d95642a218eaf52a35da8a7a0ac8ed/10-group-request-access-denied-email-plain.jpg) #### Email sent to requester on granted access requests ##### HTML Email ![11-group-request-access-granted-email-html](/uploads/b18949a6538168824f3d0c272d89dd81/11-group-request-access-granted-email-html.jpg) ##### Plain Email ![12-group-request-access-granted-email-plain](/uploads/c33c7847ab86eeab4b07714467573f63/12-group-request-access-granted-email-plain.jpg) See merge request !3798
-
Yorick Peterse authored
Instrument Grape API endpoints See merge request !4587
-
Yorick Peterse authored
Instrument private methods and instance private methods See merge request !4639
-
Douwe Maan authored
# Conflicts: # app/views/layouts/nav/_project.html.haml
-
Dmitriy Zaporozhets authored
Fix displaying of project settings links the user cannot access. ## What does this MR do? It fixes the Project Settings dropdown displaying project settings links that the user cannot actually access. ## Are there points in the code the reviewer needs to double check? I've tested combinations I can think of, feel free to mess around with and see if it breaks? ## Why was this MR needed? Users were seeing links in the Project Settings dropdown that they shouldn't have seen, if they clicked them they would be shown permission errors. ## What are the relevant issue numbers? #18294 ## Screenshots (if relevant) Users without any permissions: ![Screen_Shot_2016-06-10_at_10.41.27_AM](/uploads/b70ca18a36b5f774b85694d8f1728882/Screen_Shot_2016-06-10_at_10.41.27_AM.png) Guest members of the project: ![Screen_Shot_2016-06-10_at_10.48.36_AM](/uploads/a37986b4daa789063661c2fa8cf59d43/Screen_Shot_2016-06-10_at_10.48.36_AM.png) Full permissions: ![Screen_Shot_2016-06-10_at_10.41.57_AM](/uploads/4c5cc97962e69a1a72ee8e237591ec22/Screen_Shot_2016-06-10_at_10.41.57_AM.png) cc: @dzaporozhets @annabeldunstone @jschatz1 See merge request !4599
-
Rémy Coutable authored
Artifacts expire date What do you think @grzesiek? The syntax will be simple: ``` job: artifacts: expire_in: 7d ``` - [x] Implement `expire_in` - [x] Check current design of expiry information with @jschatz1 and @markpundsack - [x] Add tests in GitLab application for a `ExpireBuildArtifactsWorker` and for `ArtifactsController::keep` - [x] Add user documentation how to use `artifacts:expire_in` - [x] Prepare GitLab Runner changes to pass `expire_in`: gitlab-org/gitlab-ci-multi-runner!191 - [x] Fix `timeago` with help of @jschatz1 - [x] Merge latest master after builds view changes @iamphill - [ ] Add Omnibus support for `expire_build_artifacts_worker` cron job - [ ] Add documentation how to configure `expire_build_artifacts_worker` This is based on https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4201. See merge request !4200
-
Achilleas Pipinellis authored
Update CI API docs Since CI is now part of GitLab, it makes sense to group all API related endpoints under one location. This is a step towards the much awaited issue of doc restructure https://gitlab.com/gitlab-org/gitlab-ce/issues/3349 Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18404 See merge request !4567
-
Paco Guzman authored
By default instrumentation will instrument public, protected and private methods, because usually heavy work is done on private method or at least that’s what facts is showing
-
Yorick Peterse authored
Fix timing issues on convertion migration award emoji See merge request !4581
-
Kamil Trzcinski authored
-
Achilleas Pipinellis authored
-