An error occurred fetching the project authors.
  1. 09 Jul, 2021 1 commit
    • Fabio Pitino's avatar
      Make job_token_scope_enabled project setting false by default · 024ec9e0
      Fabio Pitino authored
      When using the default value to `true` some new projects
      got this setting enabled while the feature was not fully
      implemented. To fix this we need to reset any enabled
      settings to `false` until the feature about
      `job_token_scope_enabled` is fully available.
      
      Changelog: fixed
      024ec9e0
  2. 08 Jul, 2021 1 commit
  3. 01 Jul, 2021 1 commit
    • Stan Hu's avatar
      Fix deploy keys not working with LFS auth check · 3e4a5749
      Stan Hu authored
      When a deploy key is presented to the initial auth check, a temporary
      LFS deploy token is assigned to the request, regardless if the user has
      access to the project.
      
      When the LFS client presents this token,
      `Gitlab::Auth::Result#lfs_deploy_token?` returns `true` if the deploy
      key has access to the project. If it does, then the LFS auth check
      succeeds, and LFS downloads proceed normally.
      
      However, if `Gitlab::Auth::Result#lfs_deploy_token?` returns false,
      `LfsRequest#lfs_download_access?` will then call
      `user_can_download_code?` to check if the given deploy key has access to
      download the repository code.
      
      The introduction of
      https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62733 assumed that
      anything passed to `ProjectPolicy` would include the `PolicyActor`
      module. Since `DeployKey` did not, the auth check would fail with
      `undefined method from_ci_job_token?`.
      
      We fix this by delegating the `PolicyActor` methods to the user and
      adding specific policies in `ProjectPolicy` for deploy keys to read or
      write to a repository.
      
      Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/334910
      
      Changelog: fixed
      3e4a5749
  4. 18 Jun, 2021 1 commit
  5. 14 Jun, 2021 1 commit
  6. 11 Jun, 2021 2 commits
  7. 10 Jun, 2021 1 commit
  8. 26 May, 2021 1 commit
    • Lee Tickett's avatar
      Remove group timelog mandatory arguments · cfdedd47
      Lee Tickett authored
      As graphQL enforces pagination (with a maximum of 100 records,
      we do not need to enforce the use of start/end arguments).
      
      We show timelogs through the web UI to anyone who can access
      an issuable, so we should observe the same permissions via
      graphQL.
      
      This is a pre-cursor to exposing timelogs against projects.
      
      Changelog: changed
      cfdedd47
  9. 17 May, 2021 1 commit
  10. 14 May, 2021 1 commit
  11. 20 Apr, 2021 1 commit
  12. 25 Mar, 2021 1 commit
  13. 23 Mar, 2021 1 commit
  14. 28 Feb, 2021 1 commit
  15. 25 Feb, 2021 1 commit
  16. 15 Feb, 2021 1 commit
  17. 08 Feb, 2021 1 commit
  18. 04 Feb, 2021 1 commit
  19. 29 Jan, 2021 1 commit
  20. 14 Jan, 2021 1 commit
    • Fabio Pitino's avatar
      Prevent non maintainers from using user-defined variables · 8824deb0
      Fabio Pitino authored
      - Introduce restrict_user_defined_variables project setting
        and allow it to be set via API.
      - Define policy for user defined variables.
      - Inject user-defined variables consistently throughout
        the codebase.
      - Allow user-defined variables to be set only by maintainers
        if the project setting is enabled.
      - Allow passing variables from parent to child pipeline
      8824deb0
  21. 04 Jan, 2021 1 commit
    • Serena Fang's avatar
      Remove project bot policy · 0ad8866b
      Serena Fang authored
      I was suggested to add a policy to check project token log in ability,
      but that's breaking things with container pulling, so removing policy
      code and doing more explicit permission checks instead.
      0ad8866b
  22. 16 Dec, 2020 2 commits
  23. 27 Nov, 2020 1 commit
  24. 16 Nov, 2020 1 commit
  25. 26 Oct, 2020 1 commit
  26. 30 Sep, 2020 1 commit
  27. 17 Sep, 2020 1 commit
    • Jason Goodman's avatar
      Remove feature flag license check · 2aebdde6
      Jason Goodman authored
      This makes feature flags available in all tiers of EE
      Require a premium or ultimate license for feature flag related issues
      Move feature flag policy and related permissions to core
      Move feature flags finder to core
      Part of moving feature flags to core
      2aebdde6
  28. 15 Sep, 2020 1 commit
  29. 08 Sep, 2020 8 commits
  30. 18 Aug, 2020 1 commit
  31. 06 Aug, 2020 1 commit