- 30 Nov, 2016 7 commits
- 29 Nov, 2016 20 commits
-
-
Regis authored
-
Regis authored
-
Yorick Peterse authored
Remove unnecessary database indices See merge request !7789
-
Rémy Coutable authored
Fix broken README.md UX guide link. See merge request !7805
-
Valery Sizov authored
-
Sean McGivern authored
Fix blob controller spec failure See merge request !7814
-
Achilleas Pipinellis authored
Fix typos in Bitbucket integration docs [ci skip] See merge request !7823
-
Lee Matos authored
-
Sean McGivern authored
Add setting to enable/disable HTML emails Closes #24880 See merge request !7749
-
Kamil Trzciński authored
Add issue search slash command See merge request !7752
-
James Lopez authored
-
Annabel Dunstone Gray authored
Homogenize sort and filter dropdown toggles ## What does this MR do? Homogenizes the style of *filter* and *sort* dropdown toggles (aka buttons) related to: - *issues* (index, new & edit views) - *issue boards* (index); - *merge requests* (index, new, edit); - *projects* (index and "explore"); - *projects admin* (index); - *groups* (show and "explore"); - *groups admin* (index); - *users admin* (index); - *todos* (index); - *branches* (index); - *commits* (index); - *cycle analytics*; - *network*; - *forks*; - *tags* (index); - *global search* Some other dropdowns are incidently concerned: - project admin (show); - assigne/due date/milestone/label dropdowns on the issue and board sidebars; - stage dropdown on the build sidebar; - merge request and comparison dropdowns for choosing forks and branches; - ref switcher (e.g. in the blob (show) view or in the graphs view); Dropdown toggles concerned by #24150 but not covered in this MR: - Dropdowns for selection MR versions to be compared (in the "Changes" tab of an MR); - Dropdowns that bring up a list of actions: - "Settings" dropdowns (such as the one found on the upper-right corner of all project pages); - The download/action/notifications buttons on the main project page; - Dropdowns located inside of list items (on list of pipelines, users and groups, for instance); - The "Options" button on the commit (show) view; - The "+" button on the tree explorer (for creating files, branches, tags, ...) ### TODO - [ ] Update ui.html if needed ## Are there points in the code the reviewer needs to double check? Am I changing any other dropdown toggle than listed above? ## Why was this MR needed? For #24150 ## Screenshots (if relevant) ### Issue Index **Before:** ![issue-index-before](/uploads/1aa358b0b9e79fd3a7467b57cd2b03ec/issue-index-before.png) **After:** ![issue-index-after](/uploads/7a4159e8927d456ed3f4390072174e49/issue-index-after.png) ### Issue New **Before:** ![issue-new-before](/uploads/fcfb9c39d2ff8f00827f52d60db5c114/issue-new-before.png) **After:** ![issue-new-after](/uploads/a0b151d257d8f3e8f98a2873427362ee/issue-new-after.png) ### Merge Request Branch Selector **Before:** ![merge-request-new-before](/uploads/8dd7b6e8ea38af7aced743386bfb83ca/merge-request-new-before.png) **After:** ![merge-request-new-after](/uploads/38ad8f5a315344b3bab7e936a84acf7e/merge-request-new-after.png) ### Global Search ![global-search-after](/uploads/f2912b7d91fd286028cb9481d2d53a82/global-search-after.png) ### Cycle Analytics ![cycle-analytics-after](/uploads/248d5ca360bb510aa0f0bfa8a1a00aae/cycle-analytics-after.png) ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - ~~API support added~~ - Tests - ~~Added for this feature/bug~~ - [ ] All builds are passing - ~~Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)~~ - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? #24150 See merge request !7583
-
James Lopez authored
-
Fatih Acet authored
Hide project variables values by default Add a button to reveal/hide the values to help prevent accidental disclosure of sensitive information from wandering on a page. ![hide-vars](/uploads/5b5eeef9b4650776b529b780998bbb1b/hide-vars.gif) Closes #21358 See merge request !7731
-
Robert Speicher authored
Refactor issuable description and metadata form sections Continuation of https://gitlab.com/gitlab-org/gitlab-ce/issues/23864. Brother of gitlab-org/gitlab-ee!916. See merge request !7758
-
Douwe Maan authored
Add diff hunks to notification emails Add diff hunks to notification emails. Continued from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5855 - thanks @hoopes! This also fixes an issue where the + / - prefixes were missing from diffs in emails. Screenshots (from my browser) of the HTML emails, along with text screenshots
😛 ![image](/uploads/cb31400becf5149d40c8bb98a655aa93/image.png) ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1023 > Finished This is a comment at the top of a match section. ``` ![image](/uploads/704dd3845797530697a27f5c1953c053/image.png) ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1022 > Finished > %span.badge.js-running-count= @all_builds.finished.count(:id) > > - %li{class: ('active' if @scope == 'all')} > - = link_to admin_builds_path(scope: :all) do > - All > - %span.badge.js-totalbuilds-count= @all_builds.count(:id) > - > .gray-content-block > #{(@scope || 'running').capitalize} builds > This is a comment at the bottom of a match section. ``` ![image](/uploads/4063f3d9738aea8ebf3c0e690d0eddee/image.png) ``` New comment for Merge Request !1 on app/views/admin/builds/index.html.haml: http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1024 > = link_to 'Cancel all', cancel_all_admin_builds_path, data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post > > %ul.center-top-menu > - %li{class: ('active' if @scope.nil?)} > + %li{class: ('active' if @scope == 'all')} > = link_to admin_builds_path do > + All This is a comment with some deleted and added lines above it. ``` Closes #21027, closes #24340. See merge request !7660 -
Douwe Maan authored
Replace issue access checks with use of IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR?
⚠ - Potentially untested💣 - No test coverage🚥 - Test coverage of some sort exists (a test failed when error raised)🚦 - Test coverage of return value (a test failed when nil used)✅ - Permissions check tested ### Issue lookup with access check Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells). - [x]🚦 app/finders/notes_finder.rb:15 [`visible_to_user`] - [x]🚥 app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`] - [x]✅ app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`] - [x]✅ lib/api/issues.rb:112 [`visible_to_user`] - CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone - [x]✅ lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too? - [x]✅ lib/gitlab/search_results.rb:53 [`visible_to_user`] ### Previous discussions - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126 - [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87 See merge request !2031 -
Douwe Maan authored
Fix missing access checks on issue lookup using IssuableFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
⚠ - Potentially untested💣 - No test coverage🚥 - Test coverage of some sort exists (a test failed when error raised)🚦 - Test coverage of return value (a test failed when nil used)✅ - Permissions check tested - [x]✅ app/controllers/projects/branches_controller.rb:39 - `before_action :authorize_push_code!` helpes limit/prevent exploitation. Always checks for reporter access so fine with confidential issues, issues only visible to team, etc. - [x]🚥 app/models/cycle_analytics/summary.rb:9 [`.count`] - [x]✅ app/controllers/projects/todos_controller.rb:19 - [x] Potential double render in app/controllers/projects/todos_controller.rb - https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#cedccb227af9bfdf88802767cb58d43c2b977439_24_24 See merge request !2030 -
Douwe Maan authored
Fix information disclosure in `Projects::BlobController#update` It was possible to discover private project names by modifying `from_merge_request`parameter in `Projects::BlobController#update`. This fixes that. - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) https://gitlab.com/gitlab-org/gitlab-ce/issues/22869 See merge request !2023
-
Douwe Maan authored
Fix label creation non members Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23416 See merge request !2006
-
- 28 Nov, 2016 13 commits
-
-
Drew Blessing authored
Remove `memberOf` OID in LDAP `user_filter` docs While not technically invalid, it is not necessary to have the `memberOf` OID in the `user_filter`. It clutters things up and causes confusion for users so it's better if we remove it from the docs. See merge request !7809
-
Alejandro Rodríguez authored
-
Drew Blessing authored
While not technically invalid, it is not necessary to have the `memberOf` OID in the `user_filter`. It clutters things up and causes confusion for users so it's better if we remove it from the docs.
-
Annabel Dunstone Gray authored
Create secondary colors for buttons with SCSS functions [Proper] ## What does this MR do? * Removes the hardcoded values for button colors and generates them using the `darken` function * Adds a border color for outline buttons on hover, focus and active states * Adds darker colors for outline buttons in their active state ## Are there points in the code the reviewer needs to double check? Naming for new factor variables might not be good enough. ## Why was this MR needed? Increases visibility of alternate states as specified in #24145 ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #24145 See merge request !7797
-
David Wagner authored
Signed-off-by: David Wagner <david@marvid.fr>
-
David Wagner authored
Apart from Issues and Merge Requests pages, there are other sort/filter dropdowns that needed updating. Signed-off-by: David Wagner <david@marvid.fr>
-
David Wagner authored
[ci skip] Signed-off-by: David Wagner <david@marvid.fr>
-
David Wagner authored
The chevron now has the same darker shade when the dropdown is opened it had when hovered on. Signed-off-by: David Wagner <david@marvid.fr>
-
David Wagner authored
Make sort and filter dropdowns look the same and tweak their icon and colors according to #24150. Signed-off-by: David Wagner <david@marvid.fr>
-
Fatih Acet authored
-
Ruben Davila authored
This new global setting will allow admins to specify if HTML emails should be sent or not, this is basically useful when system administrators want to save some disk space by avoiding emails in HTML format and using only the Plain Text version.
-
Chris Peressini authored
-
Annabel Dunstone Gray authored
Add hover state to navigation rows ## What does this MR do? Adds hover states to navigations rows ## Screenshots (if relevant) ![Screen_Recording_2016-11-28_at_09.21_AM](/uploads/5d273f8bc53f46f9b55590f56f2287d8/Screen_Recording_2016-11-28_at_09.21_AM.gif) ## Does this MR meet the acceptance criteria? - [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #24149 See merge request !7584
-