An error occurred fetching the project authors.
- 09 Jul, 2021 1 commit
-
-
Fabio Pitino authored
When using the default value to `true` some new projects got this setting enabled while the feature was not fully implemented. To fix this we need to reset any enabled settings to `false` until the feature about `job_token_scope_enabled` is fully available. Changelog: fixed
-
- 08 Jul, 2021 1 commit
-
-
Reuben Pereira authored
Remove the read_container_registry_access_level feature flag and always read project_features.container_registry_access_level instead of projects.container_registry_enabled. Changelog: changed
-
- 01 Jul, 2021 1 commit
-
-
Stan Hu authored
When a deploy key is presented to the initial auth check, a temporary LFS deploy token is assigned to the request, regardless if the user has access to the project. When the LFS client presents this token, `Gitlab::Auth::Result#lfs_deploy_token?` returns `true` if the deploy key has access to the project. If it does, then the LFS auth check succeeds, and LFS downloads proceed normally. However, if `Gitlab::Auth::Result#lfs_deploy_token?` returns false, `LfsRequest#lfs_download_access?` will then call `user_can_download_code?` to check if the given deploy key has access to download the repository code. The introduction of https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62733 assumed that anything passed to `ProjectPolicy` would include the `PolicyActor` module. Since `DeployKey` did not, the auth check would fail with `undefined method from_ci_job_token?`. We fix this by delegating the `PolicyActor` methods to the user and adding specific policies in `ProjectPolicy` for deploy keys to read or write to a repository. Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/334910 Changelog: fixed
-
- 18 Jun, 2021 1 commit
-
-
Alex Kalderimis authored
Rename project association from jira_service to jira_integration
-
- 14 Jun, 2021 1 commit
-
-
Pedro Pombeiro authored
-
- 11 Jun, 2021 2 commits
-
-
Reuben Pereira authored
Put the reading of project_features.container_registry_access_level instead of projects.container_registry_enabled behind a feature flag called read_container_registry_access_level.
-
Reuben Pereira authored
*_container_image policies should now check project_feature.container_registry_access_level instead of projects.container_registry_enabled.
-
- 10 Jun, 2021 1 commit
-
-
Fabio Pitino authored
-
- 26 May, 2021 1 commit
-
-
Lee Tickett authored
As graphQL enforces pagination (with a maximum of 100 records, we do not need to enforce the use of start/end arguments). We show timelogs through the web UI to anyone who can access an issuable, so we should observe the same permissions via graphQL. This is a pre-cursor to exposing timelogs against projects. Changelog: changed
-
- 17 May, 2021 1 commit
-
-
Valery Sizov authored
If user has admin porject permissions it will see the disk path
-
- 14 May, 2021 1 commit
-
-
Sarah Yasonik authored
-
- 20 Apr, 2021 1 commit
-
-
Alex Kalderimis authored
-
- 25 Mar, 2021 1 commit
-
-
Serena Fang authored
Splitting admin resource access tokens into read, destroy, and create tokens
-
- 23 Mar, 2021 1 commit
-
-
Lee Tickett authored
-
- 28 Feb, 2021 1 commit
-
-
Thong Kuah authored
This spec is againts unconfirmed user, not developer access
-
- 25 Feb, 2021 1 commit
-
-
Felipe Artur authored
Improve name of issue board policy permissions
-
- 15 Feb, 2021 1 commit
-
-
Mehmet Emin INAC authored
This is the roof feature for all the "Security & Compliance" related features.
-
- 08 Feb, 2021 1 commit
-
-
Adam Hegyi authored
Respect analytics_enabled rule when resolving policies for project level analytics features.
-
- 04 Feb, 2021 1 commit
-
-
Jannik Lehmann authored
- Added CE configuration_controller - Added read_security_configuration ability - Added Configuration sidebar entry Adresses: https://gitlab.com/gitlab-org/gitlab/-/issues/294033Co-authored-by: Mark Florian <mflorian@gitlab.com>
-
- 29 Jan, 2021 1 commit
-
-
Serena Fang authored
Not working yet
-
- 14 Jan, 2021 1 commit
-
-
Fabio Pitino authored
- Introduce restrict_user_defined_variables project setting and allow it to be set via API. - Define policy for user defined variables. - Inject user-defined variables consistently throughout the codebase. - Allow user-defined variables to be set only by maintainers if the project setting is enabled. - Allow passing variables from parent to child pipeline
-
- 04 Jan, 2021 1 commit
-
-
Serena Fang authored
I was suggested to add a policy to check project token log in ability, but that's breaking things with container pulling, so removing policy code and doing more explicit permission checks instead.
-
- 16 Dec, 2020 2 commits
-
-
Vasilii Iakliushin authored
Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/224700 * Create a database migration to store project display preferences for Analytics item on the sidebar.
-
Serena Fang authored
This reverts commit 439f98cb15753651d35cd323a2552444d5de2aca.
-
- 27 Nov, 2020 1 commit
-
-
Francisco Javier López authored
In this commit we add the BE logic for the new setting 'Operations' withint the project settings.
-
- 16 Nov, 2020 1 commit
-
-
Steve Abrams authored
Include read_package in deploy token permissions to allow mvn deploy to work with a write_package_registry deploy token.
-
- 26 Oct, 2020 1 commit
-
-
allison.browne authored
Security fix for single pipeline schedule api view
-
- 30 Sep, 2020 1 commit
-
-
Drew Blessing authored
`resource_access_token` becomes a licensed feature flag from a development flag. The feature is available in Core for self-managed and on paid, non-trial groups/projects for .com. This distinction is to lower abuse on GitLab.com.
-
- 17 Sep, 2020 1 commit
-
-
Jason Goodman authored
This makes feature flags available in all tiers of EE Require a premium or ultimate license for feature flag related issues Move feature flag policy and related permissions to core Move feature flags finder to core Part of moving feature flags to core
-
- 15 Sep, 2020 1 commit
-
-
Peter Leitzen authored
Reuse factories (already `let_it_be`) from shared context where feasible.
-
- 08 Sep, 2020 8 commits
-
-
Peter Leitzen authored
-
Peter Leitzen authored
Difference: >> a - b => [] >> b - a => []
-
Peter Leitzen authored
Difference: >> a - b => [] >> b - a => []
-
Peter Leitzen authored
Difference: >> a - b => [:read_deploy_token, :create_deploy_token, :destroy_deploy_token, :admin_terraform_state] >> b - a => []
-
Peter Leitzen authored
Difference >> a - b => [:admin_tag, :destroy_container_image, :create_metrics_dashboard_annotation, :delete_metrics_dashboard_annotation, :update_metrics_dashboard_annotation, :read_terraform_state, :read_pod_logs] >> b - a => []
-
Peter Leitzen authored
Difference: >> a - b => [] >> b - a => []
-
Peter Leitzen authored
Difference: >> a - b => [:read_metrics_dashboard_annotation, :metrics_dashboard, :read_confidential_issues, :admin_issue_link] >> b - a => [:read_prometheus]
-
Peter Leitzen authored
Difference: >> a - b => [:read_release, :read_issue_link] >> b - a => []
-
- 18 Aug, 2020 1 commit
-
-
Mario de la Ossa authored
We're moving related issues to core but keeping blocked issues in EE
-
- 06 Aug, 2020 1 commit
-
-
Doug Stull authored
- comply to style guide.
-