Merge branch 'standardize-cookie-paths' into 'master'

Ensure all javascripts use GitLab install directory as the cookie path. ## What does this MR do? Fixes #20435 and standardizes all JavaScript-set cookies to use the same root url. ## Are there points in the code the reviewer needs to double check? Nothing I can think of. This MR is pretty straight forward. ## Why was this MR needed? Cookie paths were inconsistent across front-end scripts. Some would default to '/' and others had no set path and would end up tied to whatever page they were set on. Also as @connorshea noted, we cannot assume GitLab is installed at '/'. Before: ![Screen_Shot_2016-08-02_at_10.01.18_AM](/uploads/fa0238e2edf67a8e8ff48f8ee9c8d955/Screen_Shot_2016-08-02_at_10.01.18_AM.png) After: ![Screen_Shot_2016-08-02_at_10.03.03_AM](/uploads/f1b95936d6f95f2ef1d7db10b5fb09d1/Screen_Shot_2016-08-02_at_10.03.03_AM.png) ## What are the relevant issue numbers? #20435 ## Screenshots (if relevant) see above ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5627

Merge branch 'standardize-cookie-paths' into 'master'
Ensure all javascripts use GitLab install directory as the cookie path. ## What does this MR do? Fixes #20435 and standardizes all JavaScript-set cookies to use the same root url. ## Are there points in the code the reviewer needs to double check? Nothing I can think of. This MR is pretty straight forward. ## Why was this MR needed? Cookie paths were inconsistent across front-end scripts. Some would default to '/' and others had no set path and would end up tied to whatever page they were set on. Also as @connorshea noted, we cannot assume GitLab is installed at '/'. Before: ![Screen_Shot_2016-08-02_at_10.01.18_AM](/uploads/fa0238e2edf67a8e8ff48f8ee9c8d955/Screen_Shot_2016-08-02_at_10.01.18_AM.png) After: ![Screen_Shot_2016-08-02_at_10.03.03_AM](/uploads/f1b95936d6f95f2ef1d7db10b5fb09d1/Screen_Shot_2016-08-02_at_10.03.03_AM.png) ## What are the relevant issue numbers? #20435 ## Screenshots (if relevant) see above ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5627
871514f4 · Jacob Schatz · 97c14167 · 33694a5a · 871514f4 · 871514f4
Commit 871514f4 authored Aug 25, 2016 by Jacob Schatz
8 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@ v 8.12.0 (unreleased)
  - Add two-factor recovery endpoint to internal API !5510
  - Change merge_error column from string to text type
  - Add `web_url` field to issue, merge request, and snippet API objects (Ben Boeckel)
+  - Set path for all JavaScript cookies to honor GitLab's subdirectory setting !5627 (Mike Greiling)
  - Optimistic locking for Issues and Merge Requests (title and description overriding prevention)
  - Add `wiki_page_events` to project hook APIs (Ben Boeckel)
  - Add Sentry logging to API calls

--- a/app/assets/javascripts/activities.js
+++ b/app/assets/javascripts/activities.js
@@ -26,7 +26,7 @@
      event_filters = $.cookie("event_filter");
      filter = sender.attr("id").split("_")[0];
      $.cookie("event_filter", (event_filters !== filter ? filter : ""), {
-        path: '/'
+        path: gon.relative_url_root || '/'
      });
      if (event_filters !== filter) {
        return sender.closest('li').toggleClass("active");

--- a/app/assets/javascripts/application.js
+++ b/app/assets/javascripts/application.js
@@ -288,7 +288,7 @@
    new Aside();
    if ($window.width() < 1024 && $.cookie('pin_nav') === 'true') {
      $.cookie('pin_nav', 'false', {
-        path: '/',
+        path: gon.relative_url_root || '/',
        expires: 365 * 10
      });
      $('.page-with-sidebar').toggleClass('page-sidebar-collapsed page-sidebar-expanded').removeClass('page-sidebar-pinned');
@@ -313,7 +313,7 @@
        $topNav.removeClass('header-pinned-nav').toggleClass('header-collapsed header-expanded');
      }
      $.cookie('pin_nav', doPinNav, {
-        path: '/',
+        path: gon.relative_url_root || '/',
        expires: 365 * 10
      });
      if ($.cookie('pin_nav') === 'true' || doPinNav) {

--- a/app/assets/javascripts/awards_handler.js
+++ b/app/assets/javascripts/awards_handler.js
@@ -320,6 +320,7 @@
      frequentlyUsedEmojis = this.getFrequentlyUsedEmojis();
      frequentlyUsedEmojis.push(emoji);
      return $.cookie('frequently_used_emojis', frequentlyUsedEmojis.join(','), {
+        path: gon.relative_url_root || '/',
        expires: 365
      });
    };

--- a/app/assets/javascripts/project.js
+++ b/app/assets/javascripts/project.js
@@ -17,19 +17,15 @@
        return $(this).parents('form').submit();
      });
      $('.hide-no-ssh-message').on('click', function(e) {
-        var path;
-        path = '/';
        $.cookie('hide_no_ssh_message', 'false', {
-          path: path
+          path: gon.relative_url_root || '/'
        });
        $(this).parents('.no-ssh-key-message').remove();
        return e.preventDefault();
      });
      $('.hide-no-password-message').on('click', function(e) {
-        var path;
-        path = '/';
        $.cookie('hide_no_password_message', 'false', {
-          path: path
+          path: gon.relative_url_root || '/'
        });
        $(this).parents('.no-password-message').remove();
        return e.preventDefault();

--- a/app/assets/javascripts/right_sidebar.js
+++ b/app/assets/javascripts/right_sidebar.js
@@ -30,7 +30,7 @@
        }
        if (!triggered) {
          return $.cookie("collapsed_gutter", $('.right-sidebar').hasClass('right-sidebar-collapsed'), {
-            path: '/'
+            path: gon.relative_url_root || '/'
          });
        }
      });

--- a/app/assets/javascripts/user.js
+++ b/app/assets/javascripts/user.js
@@ -7,10 +7,8 @@
      });
      this.initTabs();
      $('.hide-project-limit-message').on('click', function(e) {
-        var path;
-        path = '/';
        $.cookie('hide_project_limit_message', 'false', {
-          path: path
+          path: gon.relative_url_root || '/'
        });
        $(this).parents('.project-limit-message').remove();
        return e.preventDefault();

--- a/spec/javascripts/awards_handler_spec.js
+++ b/spec/javascripts/awards_handler_spec.js
@@ -11,7 +11,7 @@
 /*= require ./fixtures/emoji_menu */
 (function() {
-  var awardsHandler, lazyAssert;
+  var awardsHandler, lazyAssert, urlRoot;
  awardsHandler = null;
@@ -27,6 +27,7 @@
  };
  gon.award_menu_url = '/emojis';
+  urlRoot = gon.relative_url_root;
  lazyAssert = function(done, assertFn) {
    return setTimeout(function() {
@@ -45,9 +46,14 @@
          return cb();
        };
      })(this));
-      return spyOn(jQuery, 'get').and.callFake(function(req, cb) {
+      spyOn(jQuery, 'get').and.callFake(function(req, cb) {
        return cb(window.emojiMenu);
      });
+      spyOn(jQuery, 'cookie');
+    });
+    afterEach(function() {
+      // restore original url root value
+      gon.relative_url_root = urlRoot;
    });
    describe('::showEmojiMenu', function() {
      it('should show emoji menu when Add emoji button clicked', function(done) {
@@ -189,6 +195,28 @@
        return expect($thumbsUpEmoji.data("original-title")).toBe('sam');
      });
    });
+    describe('::addEmojiToFrequentlyUsedList', function() {
+      it('should set a cookie with the correct default path', function() {
+        gon.relative_url_root = '';
+        awardsHandler.addEmojiToFrequentlyUsedList('sunglasses');
+        expect(jQuery.cookie)
+          .toHaveBeenCalledWith('frequently_used_emojis', 'sunglasses', {
+            path: '/',
+            expires: 365
+          })
+        ;
+      });
+      it('should set a cookie with the correct custom root path', function() {
+        gon.relative_url_root = '/gitlab/subdir';
+        awardsHandler.addEmojiToFrequentlyUsedList('alien');
+        expect(jQuery.cookie)
+          .toHaveBeenCalledWith('frequently_used_emojis', 'alien', {
+            path: '/gitlab/subdir',
+            expires: 365
+          })
+        ;
+      });
+    });
    describe('search', function() {
      return it('should filter the emoji', function() {
        $('.js-add-award').eq(0).click();