1. 20 Jul, 2015 2 commits
    • Marin Jankovski's avatar
      Merge branch 'set-omniauth-full-host' into 'master' · 8fa9da49
      Marin Jankovski authored
      Set OmniAuth full_host parameter to ensure redirect URIs are correct
      
      ### What does this MR do?
      
      This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host.
      
      ### Why was this MR needed?
      
      [OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start.
      
      ### What are the relevant issue numbers?
      
      Closes #1967
      
      See merge request !991
      8fa9da49
    • Stan Hu's avatar
      Merge branch 'fix-unauthenticated-label-access' into 'master' · e5a12596
      Stan Hu authored
      Fix label read access for unauthenticated users
      
      The label page was added to navigation for unauthorized users because
      the previously used milestone read permission was still checked. This
      has been fixed and read access to labels is now granted (again) for
      public projects.
      
      This regression has been introduced in
      07efb17e (7.12).
      
      See also 9bcd3639.
      
      Refs !836, !842.
      
      See merge request !1000
      e5a12596
  2. 19 Jul, 2015 5 commits
    • Valery Sizov's avatar
      Merge branch 'rs-issue-2001' into 'master' · d0ef64ac
      Valery Sizov authored
      Dynamically check `:admin_*` ability in issuable context
      
      Closes #2001
      
      See merge request !1002
      d0ef64ac
    • Robert Speicher's avatar
      Dynamically check `:admin_*` ability in issuable context · e65b0810
      Robert Speicher authored
      Closes #2001
      e65b0810
    • Daniel Gerhardt's avatar
      Fix label read access for unauthenticated users · 69417d36
      Daniel Gerhardt authored
      The label page was added to navigation for unauthorized users because
      the previously used milestone read permission was still checked. This
      has been fixed and read access to labels is now granted (again) for
      public projects.
      
      This regression has been introduced in
      07efb17e (7.12).
      
      See also 9bcd3639.
      
      Refs !836, !842.
      69417d36
    • Valery Sizov's avatar
      Merge branch 'fix-mixed-color-preview' into 'master' · e8aaf568
      Valery Sizov authored
      Fix bug where notes were being rendered with wrong color preferences due to caching
      
      ### What does this MR do?
      
      This MR adds the user's color preferences as part of the caching key for notes.
      
      ### Why was this MR needed?
      
      This should fix a bug introduced via 4d80360b where notes were being loaded from the cache without regard to the current user's color scheme.
      
      ### What are the relevant issue numbers?
      
      Closes #2008
      
      See merge request !994
      e8aaf568
    • Stan Hu's avatar
      Merge branch 'fix-oauth-redirection' into 'master' · 247609a3
      Stan Hu authored
      Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in
      
      ### What does this MR do?
      
      This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post.
      
      ### Why was this MR needed?
      
      If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce:
      
      1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com).
      2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab.
      3. Go to the GitLab CI instance. Click the "Login with GitLab".
      4. Enter in your credentials.
      5. Watch your browser login to GitLab and not return to GitLab CI.
      
      ### What are the relevant issue numbers?
      
      Closes #1612
      
      See merge request !998
      247609a3
  3. 18 Jul, 2015 10 commits
  4. 17 Jul, 2015 23 commits