Merge branch 'ce-non-conflict' into 'master'

7.7 CE into master

```
Unmerged paths:
  (use "git add <file>..." to mark resolution)

	both modified:      app/controllers/projects/merge_requests_controller.rb
```

See merge request !293

CHANGELOG

+Note: The upcoming release contains empty lines to reduce the number of merge conflicts, scroll down to see past releases.
+
 v 7.7.0
-  -
-  -
+  - Import from GitHub.com feature
   - Add Jetbrains Teamcity CI service (Jason Lippert)
-  -
-  -
   - Mention notification level
   - Markdown preview in wiki (Yuriy Glukhov)
   - Raise group avatar filesize limit to 200kb
@@ -11,35 +10,21 @@ v 7.7.0
   - Show user SSH keys in admin area
   - Developer can push to protected branches option
   - Set project path instead of project name in create form
-  -
-  -
+  - Block Git HTTP access after 10 failed authentication attempts
   - Updates to the messages returned by API (sponsored by O'Reilly Media)
   - New UI layout with side navigation
-  -
-  -
-  -
   - Add alert message in case of outdated browser (IE < 10)
-  -
   - Added API support for sorting projects
-  - Update gitlab_git to version 7.0.0.rc13
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
-  -
+  - Update gitlab_git to version 7.0.0.rc14
+  - Add API project search filter option for authorized projects
+  - Fix File blame not respecting branch selection
   - Change some of application settings on fly in admin area UI
   - Redesign signin/signup pages
   - Close standard input in Gitlab::Popen.popen
+  - Trigger GitLab CI when push tags
+  - When accept merge request - do merge using sidaekiq job
+  - Enable web signups by default
+
 
 v 7.6.0
   - Fork repository to groups

CONTRIBUTING.md

@@ -151,6 +151,7 @@ If you add a dependency in GitLab (such as an operating system package) please c
 1.  [CoffeeScript](https://github.com/thoughtbot/guides/tree/master/style#coffeescript)
 1.  [Shell commands](doc/development/shell_commands.md) created by GitLab contributors to enhance security
 1.  [Markdown](http://www.cirosantilli.com/markdown-styleguide)
+1.  Interface text should be written subjectively instead of objectively. It should be the gitlab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of "prohibited this user from being saved due to the following errors:" the text should be "sorry, we could not create your account because:". Also these [excellent writing guidelines](https://github.com/NARKOZ/guides#writing).
 
 This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com).
 

GITLAB_SHELL_VERSION

-2.4.0
+2.4.1

Gemfile

@@ -29,7 +29,7 @@ gem 'omniauth-twitter'
 gem 'omniauth-github'
 gem 'omniauth-shibboleth'
 gem 'omniauth-kerberos'
-gem 'doorkeeper', '2.0.1'
+gem 'doorkeeper', '2.1.0'
 gem "rack-oauth2", "~> 1.0.5"
 
 # Browser detection
@@ -37,7 +37,7 @@ gem "browser"
 
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library
-gem "gitlab_git", '7.0.0.rc13'
+gem "gitlab_git", '7.0.0.rc14'
 
 # Ruby/Rack Git Smart-HTTP Server Handler
 gem 'gitlab-grack', '~> 2.0.0.pre', require: 'grack'
@@ -177,7 +177,6 @@ gem 'semantic-ui-sass', '~> 0.16.1.0'
 gem "sass-rails", '~> 4.0.2'
 gem "coffee-rails"
 gem "uglifier"
-gem "therubyracer"
 gem 'turbolinks'
 gem 'jquery-turbolinks'
 
@@ -262,6 +261,9 @@ end
 
 group :production do
   gem "gitlab_meta", '7.0'
+  gem "therubyracer"
 end
 
 gem "newrelic_rpm"
+
+gem 'octokit', '3.7.0'

Gemfile.lock

@@ -109,7 +109,7 @@ GEM
     diff-lcs (1.2.5)
     diffy (3.0.3)
     docile (1.1.5)
-    doorkeeper (2.0.1)
+    doorkeeper (2.1.0)
       railties (>= 3.1)
     dotenv (0.9.0)
     dropzonejs-rails (0.4.14)
@@ -183,7 +183,7 @@ GEM
       mime-types (~> 1.19)
     gitlab_emoji (0.0.1.1)
       emoji (~> 1.0.1)
-    gitlab_git (7.0.0.rc13)
+    gitlab_git (7.0.0.rc14)
       activesupport (~> 4.0)
       charlock_holmes (~> 0.6)
       gitlab-linguist (~> 3.0)
@@ -319,6 +319,8 @@ GEM
       jwt (~> 0.1.4)
       multi_json (~> 1.0)
       rack (~> 1.2)
+    octokit (3.7.0)
+      sawyer (~> 0.6.0, >= 0.5.3)
     omniauth (1.1.4)
       hashie (>= 1.2, < 3)
       rack
@@ -367,7 +369,7 @@ GEM
     rack (1.5.2)
     rack-accept (0.4.5)
       rack (>= 0.4)
-    rack-attack (2.3.0)
+    rack-attack (4.2.0)
       rack
     rack-cors (0.2.9)
     rack-mini-profiler (0.9.0)
@@ -473,6 +475,9 @@ GEM
       sass (~> 3.2.0)
       sprockets (~> 2.8, <= 2.11.0)
       sprockets-rails (~> 2.0)
+    sawyer (0.6.0)
+      addressable (~> 2.3.5)
+      faraday (~> 0.8, < 0.10)
     sdoc (0.3.20)
       json (>= 1.1.3)
       rdoc (~> 3.10)
@@ -633,7 +638,7 @@ DEPENDENCIES
   devise (= 3.2.4)
   devise-async (= 0.9.0)
   diffy (~> 3.0.3)
-  doorkeeper (= 2.0.1)
+  doorkeeper (= 2.1.0)
   dropzonejs-rails
   email_spec
   enumerize
@@ -648,7 +653,7 @@ DEPENDENCIES
   gitlab-grack (~> 2.0.0.pre)
   gitlab-linguist (~> 3.0.0)
   gitlab_emoji (~> 0.0.1.1)
-  gitlab_git (= 7.0.0.rc13)
+  gitlab_git (= 7.0.0.rc14)
   gitlab_meta (= 7.0)
   gitlab_omniauth-ldap (= 1.2.0)
   gollum-lib (~> 3.0.0)
@@ -677,6 +682,7 @@ DEPENDENCIES
   net-ldap
   newrelic_rpm
   nprogress-rails
+  octokit (= 3.7.0)
   omniauth (~> 1.1.3)
   omniauth-github
   omniauth-google-oauth2

README.md

@@ -35,6 +35,14 @@ For all other questions, contact us at sales@gitlab.com
 - Completely free and open source (MIT Expat license)
 - Powered by Ruby on Rails
 
+## Editions
+
+There are two editions of GitLab.
+GitLab [Community Edition](https://about.gitlab.com/features/) (CE) is available without any costs under an MIT license.
+
+GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/features/#compare) that are most useful for organizations with more than 100 users.
+To get access to the EE and support please [become a subscriber](https://about.gitlab.com/pricing/).
+
 ## Canonical source
 
 - The source of GitLab Enterprise Edition is [hosted on GitLab.com](https://dev.gitlab.org/gitlab/gitlab-ee/) and acessible only to [subscribers](https://about.gitlab.com/subscription/).

app/assets/javascripts/merge_request.js.coffee

@@ -135,3 +135,16 @@ class @MergeRequest
     this.$('.automerge_widget').hide()
     this.$('.merge-in-progress').hide()
     this.$('.automerge_widget.already_cannot_be_merged').show()
+
+  mergeInProgress: ->
+    $.ajax
+      type: 'GET'
+      url: $('.merge-request').data('url')
+      success: (data) =>
+        switch data.state
+          when 'merged'
+            location.reload()
+          else
+            setTimeout(merge_request.mergeInProgress, 3000)
+      dataType: 'json'
+

app/assets/javascripts/project_show.js.coffee

@@ -13,3 +13,20 @@ class @ProjectShow
         $("a[href=" + defaultView + "]").tab "show"
       else
         $("a[data-toggle='tab']:first").tab "show"
+
+$(document).ready ->
+  $(window).load (e) ->
+    e.preventDefault()
+    unless location.hash is ""
+      $("html, body").animate
+        scrollTop: $(".navbar").offset().top - $(".navbar").height()
+      , 200
+
+  $("a").click (event) ->
+    link = event.target
+    isAnchor = link instanceof HTMLAnchorElement
+
+    if (location.hash != "" || isAnchor)
+      $("html,body").animate
+        scrollTop: $(this).offset().top - $(".navbar").height() - 3
+      , 200

app/assets/javascripts/tree_show.js.coffee

+$(document).ready ->
+  $(window).load (e) ->
+    e.preventDefault()
+    unless location.hash is ""
+      $("html, body").animate
+        scrollTop: $(".navbar").offset().top - $(".navbar").height()
+      , 200
+
+  $("a").click (event) ->
+    link = event.target
+    isAnchor = link instanceof HTMLAnchorElement
+
+    if (location.hash != "" || isAnchor)
+      $("html,body").animate
+        scrollTop: $(this).offset().top - $(".navbar").height() - 3
+      , 200

app/assets/stylesheets/sections/merge_requests.scss

@@ -29,7 +29,7 @@
       line-height: 20px;
       font-weight: bold;
 
-      .checkbox {
+      .remove_source_checkbox {
         margin: 0;
       }
     }

app/controllers/github_imports_controller.rb

+class GithubImportsController < ApplicationController
+  before_filter :github_auth, except: :callback
+
+  rescue_from Octokit::Unauthorized, with: :github_unauthorized
+
+  def callback
+    token = client.auth_code.get_token(params[:code]).token
+    current_user.github_access_token = token
+    current_user.save
+    redirect_to status_github_import_url
+  end
+
+  def status
+    @repos = octo_client.repos
+    octo_client.orgs.each do |org|
+      @repos += octo_client.repos(org.login)
+    end
+
+    @already_added_projects = current_user.created_projects.where(import_type: "github")
+    already_added_projects_names = @already_added_projects.pluck(:import_source)
+
+    @repos.reject!{|repo| already_added_projects_names.include? repo.full_name}
+  end
+
+  def create
+    @repo_id = params[:repo_id].to_i
+    repo = octo_client.repo(@repo_id)
+    target_namespace = params[:new_namespace].presence || repo.owner.login
+    existing_namespace = Namespace.find_by("path = ? OR name = ?", target_namespace, target_namespace)
+
+    if existing_namespace
+      if existing_namespace.owner == current_user
+        namespace = existing_namespace
+      else
+        @already_been_taken = true
+        @target_namespace = target_namespace
+        @project_name = repo.name
+        render and return
+      end
+    else
+      namespace = Group.create(name: target_namespace, path: target_namespace, owner: current_user)
+      namespace.add_owner(current_user)
+    end
+
+    Gitlab::Github::ProjectCreator.new(repo, namespace, current_user).execute
+  end
+
+  private
+
+  def client
+    @client ||= Gitlab::Github::Client.new.client
+  end
+
+  def octo_client
+    Octokit.auto_paginate = true
+    @octo_client ||= Octokit::Client.new(:access_token => current_user.github_access_token)
+  end
+
+  def github_auth
+    if current_user.github_access_token.blank?
+      go_to_gihub_for_permissions
+    end
+  end
+
+  def go_to_gihub_for_permissions
+    redirect_to client.auth_code.authorize_url({
+      redirect_uri: callback_github_import_url,
+      scope: "repo, user, user:email"
+    })
+  end
+
+  def github_unauthorized
+    go_to_gihub_for_permissions
+  end
+end

app/controllers/omniauth_callbacks_controller.rb

@@ -66,7 +66,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
         redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return
       end
     end
-  rescue ForbiddenAction => e
+  rescue Gitlab::OAuth::ForbiddenAction => e
     flash[:notice] = e.message
     redirect_to new_user_session_path
   end

app/controllers/projects/merge_requests_controller.rb

@@ -27,6 +27,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
 
     respond_to do |format|
       format.html
+      format.json { render json: @merge_request }
       format.diff { render text: @merge_request.to_diff(current_user) }
       format.patch { render text: @merge_request.to_patch(current_user) }
     end
@@ -104,16 +105,15 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     if @merge_request.unchecked?
       @merge_request.check_if_can_be_merged
     end
-    render json: {merge_status: @merge_request.merge_status_name}
+
+    render json: { merge_status: @merge_request.merge_status_name }
   end
 
   def automerge
     return access_denied! unless allowed_to_merge?
 
     if @merge_request.open? && @merge_request.can_be_merged?
-      @merge_request.should_remove_source_branch = params[:should_remove_source_branch]
-      @merge_request.should_rebase = params[:should_rebase]
-      @merge_request.automerge!(current_user, params[:commit_message])
+      AutoMergeWorker.perform_async(@merge_request.id, current_user.id, params)
       @status = true
     else
       @status = false

app/controllers/projects/services_controller.rb

@@ -24,8 +24,7 @@ class Projects::ServicesController < Projects::ApplicationController
   end
 
   def test
-    data = GitPushService.new.sample_data(project, current_user)
-
+    data = Gitlab::PushDataBuilder.build_sample(project, current_user)
     @service.execute(data)
 
     redirect_to :back

app/controllers/projects/tags_controller.rb

@@ -13,6 +13,7 @@ class Projects::TagsController < Projects::ApplicationController
   def create
     result = CreateTagService.new(@project, current_user).
       execute(params[:tag_name], params[:ref], params[:message])
+
     if result[:status] == :success
       @tag = result[:tag]
       redirect_to project_tags_path(@project)

app/helpers/projects_helper.rb

@@ -238,6 +238,26 @@ module ProjectsHelper
     result
   end
 
+  def project_wiki_path_with_version(proj, page, version, is_newest)
+    url_params = is_newest ? {} : { version_id: version }
+    project_wiki_path(proj, page, url_params)
+  end
+
+  def project_status_css_class(status)
+    case status
+    when "started"
+      "active"
+    when "failed"
+      "danger"
+    when "finished"
+      "success"
+    end
+  end
+
+  def github_import_enabled?
+    Gitlab.config.omniauth.enabled && enabled_oauth_providers.include?(:github)
+  end
+  
   def membership_locked?
     if @project.group && @project.group.membership_lock
       true
@@ -246,3 +266,4 @@ module ProjectsHelper
     end
   end
 end
+

app/helpers/tree_helper.rb

@@ -113,6 +113,16 @@ module TreeHelper
     tree_join(@ref, file)
   end
 
+  # returns the relative path of the first subdir that doesn't have only one directory descendand
+  def flatten_tree(tree)
+    subtree = Gitlab::Git::Tree.where(@repository, @commit.id, tree.path)
+    if subtree.count == 1 && subtree.first.dir?
+      return tree_join(tree.name, flatten_tree(subtree.first))
+    else
+      return tree.name
+    end
+  end
+
   def leave_edit_message
     "Leave edit mode?\nAll unsaved changes will be lost."
   end

app/models/note.rb

@@ -296,6 +296,7 @@ class Note < ActiveRecord::Base
   # If not - its outdated diff
   def active?
     return true unless self.diff
+    return false unless noteable
 
     noteable.diffs.each do |mr_diff|
       next unless mr_diff.new_path == self.diff.new_path

app/services/create_tag_service.rb

@@ -21,10 +21,15 @@ class CreateTagService < BaseService
     new_tag = repository.find_tag(tag_name)
 
     if new_tag
+      if project.gitlab_ci?
+        push_data = create_push_data(project, current_user, new_tag)
+        project.gitlab_ci_service.async_execute(push_data)
+      end
+
       Event.create_ref_event(project, current_user, new_tag, 'add', 'refs/tags')
-      return success(new_tag)
+      success(new_tag)
     else
-      return error('Invalid reference name')
+      error('Invalid reference name')
     end
   end
 
@@ -33,4 +38,9 @@ class CreateTagService < BaseService
     out[:tag] = branch
     out
   end
+
+  def create_push_data(project, user, tag)
+    Gitlab::PushDataBuilder.
+      build(project, user, Gitlab::Git::BLANK_SHA, tag.target, 'refs/tags/' + tag.name, [])
+  end
 end

app/services/git_push_service.rb

@@ -52,16 +52,6 @@ class GitPushService
     end
   end
 
-  # This method provide a sample data
-  # generated with post_receive_data method
-  # for given project
-  #
-  def sample_data(project, user)
-    @project, @user = project, user
-    @push_commits = project.repository.commits(project.default_branch, nil, 3)
-    post_receive_data(@push_commits.last.id, @push_commits.first.id, "refs/heads/#{project.default_branch}")
-  end
-
   protected
 
   def create_push_event(push_data)
@@ -116,58 +106,9 @@ class GitPushService
     end
   end
 
-  # Produce a hash of post-receive data
-  #
-  # data = {
-  #   before: String,
-  #   after: String,
-  #   ref: String,
-  #   user_id: String,
-  #   user_name: String,
-  #   project_id: String,
-  #   repository: {
-  #     name: String,
-  #     url: String,
-  #     description: String,
-  #     homepage: String,
-  #   },
-  #   commits: Array,
-  #   total_commits_count: Fixnum
-  # }
-  #
   def post_receive_data(oldrev, newrev, ref)
-    # Total commits count
-    push_commits_count = push_commits.size
-
-    # Get latest 20 commits ASC
-    push_commits_limited = push_commits.last(20)
-
-    # Hash to be passed as post_receive_data
-    data = {
-      before: oldrev,
-      after: newrev,
-      ref: ref,
-      user_id: user.id,
-      user_name: user.name,
-      project_id: project.id,
-      repository: {
-        name: project.name,
-        url: project.url_to_repo,
-        description: project.description,
-        homepage: project.web_url,
-      },
-      commits: [],
-      total_commits_count: push_commits_count
-    }
-
-    # For performance purposes maximum 20 latest commits
-    # will be passed as post receive hook data.
-    #
-    push_commits_limited.each do |commit|
-      data[:commits] << commit.hook_attrs(project)
-    end
-
-    data
+    Gitlab::PushDataBuilder.
+      build(project, user, oldrev, newrev, ref, push_commits)
   end
 
   def push_to_existing_branch?(ref, oldrev)

app/services/git_tag_push_service.rb

@@ -8,25 +8,19 @@ class GitTagPushService
     create_push_event
     project.repository.expire_cache
     project.execute_hooks(@push_data.dup, :tag_push_hooks)
+
+    if project.gitlab_ci?
+      project.gitlab_ci_service.async_execute(@push_data)
+    end
+
+    true
   end
 
   private
 
   def create_push_data(oldrev, newrev, ref)
-    data = {
-      ref: ref,
-      before: oldrev,
-      after: newrev,
-      user_id: user.id,
-      user_name: user.name,
-      project_id: project.id,
-      repository: {
-        name: project.name,
-        url: project.url_to_repo,
-        description: project.description,
-        homepage: project.web_url
-      }
-    }
+    Gitlab::PushDataBuilder.
+      build(project, user, oldrev, newrev, ref, [])
   end
 
   def create_push_event

app/services/test_hook_service.rb

 class TestHookService
   def execute(hook, current_user)
-    data = GitPushService.new.sample_data(hook.project, current_user)
+    data = Gitlab::PushDataBuilder.build_sample(hook.project, current_user)
     hook.execute(data)
   end
 end

app/views/github_imports/create.js.haml

+- if @already_been_taken
+  :plain
+    target_field = $("tr#repo_#{@repo_id} .import-target")
+    origin_target = target_field.text()
+    project_name = "#{@project_name}"
+    origin_namespace = "#{@target_namespace}"
+    target_field.empty()
+    target_field.append("<p class='alert alert-danger'>This namespace already been taken! Please choose another one</p>")
+    target_field.append("<input type='text' name='target_namespace' />")
+    target_field.append("/" + project_name)
+    target_field.data("project_name", project_name)
+    target_field.find('input').prop("value", origin_namespace)
+- else
+  :plain
+    $("table.import-jobs tbody").prepend($("tr#repo_#{@repo_id}"))
+    $("tr#repo_#{@repo_id}").addClass("active").find(".import-actions").html("<i class='fa fa-spinner fa-spin'></i> started")

app/views/github_imports/status.html.haml

+%h3.page-title
+  %i.fa.fa-github
+  Import repositories from GitHub.com
+
+%p.light
+  Select projects you want to import.
+  %span.pull-right
+    Reload to see the progress.
+
+%hr
+%table.table.import-jobs
+  %thead
+    %tr
+      %th From GitHub
+      %th To GitLab
+      %th Status
+  %tbody
+    - @already_added_projects.each do |project|
+      %tr{id: "repo_#{project.id}", class: "#{project_status_css_class(project.import_status)}"}
+        %td= project.import_source
+        %td
+          %strong= link_to project.name_with_namespace, project
+        %td
+          - if project.import_status == 'finished'
+            %span.cgreen
+              %i.fa.fa-check
+              done
+          - else
+            = project.human_import_status_name
+
+    - @repos.each do |repo|
+      %tr{id: "repo_#{repo.id}"}
+        %td= repo.full_name
+        %td.import-target
+          = repo.full_name
+        %td.import-actions
+          = button_tag "Add", class: "btn btn-add-to-import"
+
+
+:coffeescript
+  $(".btn-add-to-import").click () ->
+    new_namespace = null
+    tr = $(this).closest("tr")
+    id = tr.attr("id").replace("repo_", "")
+    if tr.find(".import-target input").length > 0
+      new_namespace = tr.find(".import-target input").prop("value")
+      tr.find(".import-target").empty().append(new_namespace + "/" + tr.find(".import-target").data("project_name"))
+    $.post "#{github_import_url}", {repo_id: id, new_namespace: new_namespace}, dataType: 'script'

app/views/projects/merge_requests/_show.html.haml

-.merge-request
+.merge-request{'data-url' => project_merge_request_path(@project, @merge_request)}
   = render "projects/merge_requests/show/mr_title"
   %hr
   = render "projects/merge_requests/show/mr_box"

app/views/projects/merge_requests/automerge.js.haml

 -if @status
   :plain
-    location.reload();
+    merge_request.mergeInProgress();
 -else
   :plain
     merge_request.alreadyOrCannotBeMerged()
-

app/views/projects/merge_requests/show/_mr_accept.html.haml

@@ -18,7 +18,7 @@
             = f.submit "Accept Merge Request", class: "btn btn-create accept_merge_request"
           - if can_remove_branch?(@merge_request.source_project, @merge_request.source_branch) && !@merge_request.for_fork?
             .accept-control
-              = label_tag :should_remove_source_branch, class: "checkbox" do
+              = label_tag :should_remove_source_branch, class: "remove_source_checkbox" do
                 = check_box_tag :should_remove_source_branch
                 Remove source-branch
           - if @merge_request.target_project.merge_requests_rebase_enabled && can_rebase?(@merge_request.target_project, @merge_request.target_branch)

app/views/projects/new.html.haml

@@ -27,7 +27,7 @@
           .col-sm-10
             = link_to "#", class: 'js-toggle-button' do
               %i.fa.fa-upload
-              %span Import existing repository?
+              %span Import existing repository by URL
         .js-toggle-content.hide
           .form-group.import-url-data
             = f.label :import_url, class: 'control-label' do
@@ -39,7 +39,16 @@
                 %br
                 The import will time out after 4 minutes. For big repositories, use a clone/push combination.
                 For SVN repositories, check #{link_to "this migrating from SVN doc.", "http://doc.gitlab.com/ce/workflow/migrating_from_svn.html"}
-      %hr
+
+      - if github_import_enabled?
+        .project-import.form-group
+          .col-sm-2
+          .col-sm-10
+            = link_to status_github_import_path do
+              %i.fa.fa-github
+              Import projects from GitHub
+
+      %hr.prepend-botton-10
 
       .form-group
         = f.label :description, class: 'control-label' do

app/views/projects/tree/_tree_item.html.haml

@@ -2,7 +2,8 @@
   %td.tree-item-file-name
     = tree_icon(type)
     %span.str-truncated
-      = link_to tree_item.name, project_tree_path(@project, tree_join(@id || @commit.id, tree_item.name))
+      - path = flatten_tree(tree_item)
+      = link_to path, project_tree_path(@project, tree_join(@id || @commit.id, path))
   %td.tree_time_ago.cgray
     = render 'spinner'
   %td.hidden-xs.tree_commit

app/views/projects/wikis/history.html.haml

@@ -12,11 +12,12 @@
       %th Last updated
       %th Format
   %tbody
-    - @page.versions.each do |version|
+    - @page.versions.each_with_index do |version, index|
       - commit = version
       %tr
         %td
-          = link_to project_wiki_path(@project, @page, version_id: commit.id) do
+          = link_to project_wiki_path_with_version(@project, @page,
+                                                   commit.id, index == 0) do
             = truncate_sha(commit.id)
         %td
           = commit.author.name

app/workers/auto_merge_worker.rb

+class AutoMergeWorker
+  include Sidekiq::Worker
+
+  sidekiq_options queue: :default
+
+  def perform(merge_request_id, current_user_id, params)
+    params = params.with_indifferent_access
+    current_user = User.find(current_user_id)
+    merge_request = MergeRequest.find(merge_request_id)
+    merge_request.should_remove_source_branch = params[:should_remove_source_branch]
+    merge_request.should_rebase = params[:should_rebase]
+    merge_request.automerge!(current_user, params[:commit_message])
+  end
+end

app/workers/repository_import_worker.rb

@@ -10,7 +10,13 @@ class RepositoryImportWorker
                                project.path_with_namespace,
                                project.import_url)
 
-    if result
+    if project.import_type == 'github'
+      result_of_data_import = Gitlab::Github::Importer.new(project).execute
+    else
+      result_of_data_import = true
+    end
+
+    if result && result_of_data_import
       project.import_finish
       project.save
       project.satellite.create unless project.satellite.exists?

config/gitlab.yml.example

@@ -332,6 +332,20 @@ production: &base
     #   ![Company Logo](http://www.companydomain.com/logo.png)
     #   [Learn more about CompanyName](http://www.companydomain.com/)
 
+  rack_attack:
+    git_basic_auth:
+      # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
+      # ip_whitelist: ["127.0.0.1"]
+      #
+      # Limit the number of Git HTTP authentication attempts per IP
+      # maxretry: 10
+      #
+      # Reset the auth attempt counter per IP after 60 seconds
+      # findtime: 60
+      #
+      # Ban an IP for one hour (3600s) after too many auth attempts
+      # bantime: 3600
+
 development:
   <<: *base
 

config/initializers/1_settings.rb

@@ -112,7 +112,7 @@ rescue ArgumentError # no user configured
   '/home/' + Settings.gitlab['user']
 end
 Settings.gitlab['time_zone']  ||= nil
-Settings.gitlab['signup_enabled'] ||= false
+Settings.gitlab['signup_enabled'] ||= true
 Settings.gitlab['signin_enabled'] ||= true if Settings.gitlab['signin_enabled'].nil?
 Settings.gitlab['restricted_visibility_levels'] = Settings.send(:verify_constant_array, Gitlab::VisibilityLevel, Settings.gitlab['restricted_visibility_levels'], [])
 Settings.gitlab['username_changing_enabled'] = true if Settings.gitlab['username_changing_enabled'].nil?
@@ -178,6 +178,16 @@ Settings.satellites['timeout'] ||= 30
 #
 Settings['extra'] ||= Settingslogic.new({})
 
+#
+# Rack::Attack settings
+#
+Settings['rack_attack'] ||= Settingslogic.new({})
+Settings.rack_attack['git_basic_auth'] ||= Settingslogic.new({})
+Settings.rack_attack.git_basic_auth['ip_whitelist'] ||= %w{127.0.0.1}
+Settings.rack_attack.git_basic_auth['maxretry'] ||= 10
+Settings.rack_attack.git_basic_auth['findtime'] ||= 1.minute
+Settings.rack_attack.git_basic_auth['bantime'] ||= 1.hour
+
 #
 # Testing settings
 #

config/initializers/doorkeeper.rb

@@ -10,6 +10,11 @@ Doorkeeper.configure do
     current_user || redirect_to(new_user_session_url)
   end
 
+  resource_owner_from_credentials do |routes|
+    u = User.find_by(email: params[:username])
+    u if u && u.valid_password?(params[:password])
+  end
+
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
   # admin_authenticator do
   #   # Put your admin authentication logic here.

config/initializers/rack_attack_git_basic_auth.rb

+unless Rails.env.test?
+  # Tell the Rack::Attack Rack middleware to maintain an IP blacklist. We will
+  # update the blacklist from Grack::Auth#authenticate_user.
+  Rack::Attack.blacklist('Git HTTP Basic Auth') do |req|
+    Rack::Attack::Allow2Ban.filter(req.ip, Gitlab.config.rack_attack.git_basic_auth) do
+      # This block only gets run if the IP was not already banned.
+      # Return false, meaning that we do not see anything wrong with the
+      # request at this time
+      false
+    end
+  end
+end

config/initializers/redis-store-fix-expiry.rb

+# Monkey-patch Redis::Store to make 'setex' and 'expire' work with namespacing
+
+module Gitlab
+  class Redis
+    class Store
+      module Namespace
+        # Redis::Store#setex in redis-store 1.1.4 does not respect namespaces;
+        # this new method does.
+        def setex(key, expires_in, value, options=nil)
+          namespace(key) { |key| super(key, expires_in, value) }
+        end
+
+        # Redis::Store#expire in redis-store 1.1.4 does not respect namespaces;
+        # this new method does.
+        def expire(key, expires_in)
+          namespace(key) { |key| super(key, expires_in) }
+        end
+
+        private
+
+        # Our new definitions of #setex and #expire above assume that the
+        # #namespace method exists. Because we cannot be sure of that, we
+        # re-implement the #namespace method from Redis::Store::Namespace so
+        # that it is available for all Redis::Store instances, whether they use
+        # namespacing or not.
+        #
+        # Based on lib/redis/store/namespace.rb L49-51 (redis-store 1.1.4)
+        def namespace(key)
+          if @namespace
+            yield interpolate(key)
+          else
+            # This Redis::Store instance does not use a namespace so we should
+            # just pass through the key.
+            yield key
+          end
+        end
+      end
+    end
+  end
+end
+
+Redis::Store.class_eval do
+  include Gitlab::Redis::Store::Namespace
+end

config/routes.rb

@@ -52,6 +52,14 @@ Gitlab::Application.routes.draw do
   end
   get "/s/:username" => "snippets#user_index", as: :user_snippets, constraints: { username: /.*/ }
 
+  #
+  # Github importer area
+  #
+  resource :github_import, only: [:create, :new] do
+    get :status
+    get :callback
+  end
+
   #
   # Explroe area
   #

db/migrate/20141223135007_add_import_data_to_project_table.rb

+class AddImportDataToProjectTable < ActiveRecord::Migration
+  def change
+    add_column :projects, :import_type, :string
+    add_column :projects, :import_source, :string
+
+    add_column :users, :github_access_token, :string
+  end
+end

db/schema.rb

@@ -378,6 +378,8 @@ ActiveRecord::Schema.define(version: 20150108073740) do
     t.integer  "visibility_level",              default: 0,        null: false
     t.boolean  "archived",                      default: false,    null: false
     t.string   "import_status"
+    t.string   "import_type"
+    t.string   "import_source"
     t.float    "repository_size",               default: 0.0
     t.integer  "star_count",                    default: 0,        null: false
     t.text     "merge_requests_template"
@@ -487,6 +489,7 @@ ActiveRecord::Schema.define(version: 20150108073740) do
     t.boolean  "hide_no_ssh_key",             default: false
     t.string   "website_url",                 default: "",    null: false
     t.datetime "last_credential_check_at"
+    t.string   "github_access_token"
     t.datetime "admin_email_unsubscribed_at"
   end
 

doc/api/README.md

@@ -51,6 +51,24 @@ curl --header "PRIVATE-TOKEN: QVy1PB7sTxfy4pqfZM1U" "http://example.com/api/v3/p
 
 The API uses JSON to serialize data. You don't need to specify `.json` at the end of API URL.
 
+## Authentication with OAuth2 token
+
+Instead of the private_token you can transmit the OAuth2 access token as a header or as a parameter.
+
+### OAuth2 token (as a parameter)
+
+```
+curl https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN
+```
+
+###  OAuth2 token (as a header)
+
+```
+curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user
+```
+
+Read more about [OAuth2 in GitLab](oauth2.md).
+
 ## Status codes
 
 The API is designed to return different status codes according to context and action. In this way if a request results in an error the caller is able to get insight into what went wrong, e.g. status code `400 Bad Request` is returned if a required attribute is missing from the request. The following list gives an overview of how the API functions generally behave.

doc/api/oauth2.md

+# OAuth2 authentication
+
+OAuth2 is a protocol that enables us to get access to private details of user's account without getting its password. 
+
+Before using the OAuth2 you should create an application in user's account. Each application getting unique App ID and App Secret parameters. You should not share them.
+
+This functianolity is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper)
+
+## Web Application Flow
+
+This flow is using for authentication from third-party web sites and probably is most used. 
+It basically consists of an exchange of an authorization token for an access token. For more detailed info, check out the [RFC spec here](http://tools.ietf.org/html/rfc6749#section-4.1)
+
+This flow consists from 3 steps.
+
+### 1. Registering the client
+
+Creat an application in user's account profile.
+
+### 2. Requesting authorization
+
+To request the authorization token, you should visit the `/oauth/authorize` endpoint. You can do that by visiting manually the URL:
+
+```
+http://localhost:3000/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=code
+```
+
+Where REDIRECT_URI is the URL in your app where users will be sent after authorization. 	
+
+### 3. Requesting the access token
+
+To request the access token, you should use the returned code and exchange it for an access token. To do that you can use any HTTP client. In this case, I used rest-client:
+
+```
+parameters = 'client_id=APP_ID&client_secret=APP_SECRET&code=RETURNED_CODE&grant_type=AUTHORIZATION_CODE&redirect_uri=REDIRECT_URI'
+RestClient.post 'http://localhost:3000/oauth/token', parameters
+
+# The response will be
+{
+ "access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
+ "token_type": "bearer", 
+ "expires_in": 7200,
+ "refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
+}
+```
+
+You can now make requests to the API with the access token returned.
+
+###  Use the access token to access the API
+
+The access token allows you to make requests to the API on a behalf of a user.
+
+```
+GET https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN
+```
+
+Or you can put the token to the Authorization header:
+
+```
+curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user
+```
+
+## Resource Owner Password Credentials
+
+In this flow, a token is requested in exchange for the resource owner credentials (username and password). 
+The credentials should only be used when there is a high degree of trust between the resource owner and the client (e.g. the
+client is part of the device operating system or a highly privileged application), and when other authorization grant types are not
+available (such as an authorization code).
+
+Even though this grant type requires direct client access to the resource owner credentials, the resource owner credentials are used
+for a single request and are exchanged for an access token.  This grant type can eliminate the need for the client to store the
+resource owner credentials for future use, by exchanging the credentials with a long-lived access token or refresh token.
+You can do POST request to `/oauth/token` with parameters:
+
+```
+{
+  "grant_type"    : "password",
+  "username"      : "user@example.com",
+  "password"      : "sekret"
+}
+```
+
+Then, you'll receive the access token back in the response:
+
+```
+{
+  "access_token": "1f0af717251950dbd4d73154fdf0a474a5c5119adad999683f5b450c460726aa",
+  "token_type": "bearer",
+  "expires_in": 7200
+}
+```
+
+For testing you can use the oauth2 ruby gem:
+
+```
+client = OAuth2::Client.new('the_client_id', 'the_client_secret', :site => "http://example.com")
+access_token = client.password.get_token('user@example.com', 'sekret')
+puts access_token.token
+```
\ No newline at end of file

doc/api/projects.md

@@ -13,6 +13,7 @@ Parameters:
 - `archived` (optional) - if passed, limit by archived status
 - `order_by` (optional) - Return requests ordered by `id`, `name`, `created_at` or `last_activity_at` fields
 - `sort` (optional) - Return requests sorted in `asc` or `desc` order
+- `search` (optional) - Return list of authorized projects according to a search criteria
 
 ```json
 [

doc/release/howto_rc1.md

+# How to create RC1
+
+The RC1 release comes with the task to update the installation and upgrade docs. Be mindful that there might already be merge requests for this on GitLab or GitHub.
+
+### **1. Update the installation guide**
+
+1. Check if it references the correct branch `x-x-stable` (doesn't exist yet, but that is okay)
+1. Check the [GitLab Shell version](/lib/tasks/gitlab/check.rake#L782)
+1. Check the [Git version](/lib/tasks/gitlab/check.rake#L794)
+1. There might be other changes. Ask around.
+
+### **2. Create update guides**
+
+1. Create: CE update guide from previous version. Like `7.3-to-7.4.md`
+1. Create: CE to EE update guide in EE repository for latest version.
+1. Update: `6.x-or-7.x-to-7.x.md` to latest version.
+1. Create: CI update guide from previous version
+
+It's best to copy paste the previous guide and make changes where necessary.
+The typical steps are listed below with any points you should specifically look at.
+
+#### 0. Any major changes?
+
+List any major changes here, so the user is aware of them before starting to upgrade. For instance:
+
+- Database updates
+- Web server changes
+- File structure changes
+
+#### 1. Stop server
+
+#### 2. Make backup
+
+#### 3. Do users need to update dependencies like `git`?
+
+- Check if the [GitLab Shell version](/lib/tasks/gitlab/check.rake#L782) changed since the last release.
+
+- Check if the [Git version](/lib/tasks/gitlab/check.rake#L794) changed since the last release.
+
+#### 4. Get latest code
+
+#### 5. Does GitLab shell need to be updated?
+
+#### 6. Install libs, migrations, etc.
+
+#### 7. Any config files updated since last release?
+
+Check if any of these changed since last release:
+
+- [lib/support/nginx/gitlab](/lib/support/nginx/gitlab)
+- [lib/support/nginx/gitlab-ssl](/lib/support/nginx/gitlab-ssl)
+- <https://gitlab.com/gitlab-org/gitlab-shell/commits/master/config.yml.example>
+- [config/gitlab.yml.example](/config/gitlab.yml.example)
+- [config/unicorn.rb.example](/config/unicorn.rb.example)
+- [config/database.yml.mysql](/config/database.yml.mysql)
+- [config/database.yml.postgresql](/config/database.yml.postgresql)
+- [config/initializers/rack_attack.rb.example](/config/initializers/rack_attack.rb.example)
+- [config/resque.yml.example](/config/resque.yml.example)
+
+#### 8. Need to update init script?
+
+Check if the `init.d/gitlab` script changed since last release: [lib/support/init.d/gitlab](/lib/support/init.d/gitlab)
+
+#### 9. Start application
+
+#### 10. Check application status
+
+### **3. Code quality indicators**
+
+Make sure the code quality indicators are green / good.
+
+- [![Build status](http://ci.gitlab.org/projects/1/status.png?ref=master)](http://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch)
+
+- [![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq) (master branch)
+
+- [![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.png)](https://codeclimate.com/github/gitlabhq/gitlabhq)
+
+- [![Dependency Status](https://gemnasium.com/gitlabhq/gitlabhq.png)](https://gemnasium.com/gitlabhq/gitlabhq) this button can be yellow (small updates are available) but must not be red (a security fix or an important update is available)
+
+- [![Coverage Status](https://coveralls.io/repos/gitlabhq/gitlabhq/badge.png?branch=master)](https://coveralls.io/r/gitlabhq/gitlabhq)
+
+### 4. Run release tool for CE and EE
+
+**Make sure EE `master` has latest changes from CE `master`**
+
+Get release tools
+
+```
+git clone git@dev.gitlab.org:gitlab/release-tools.git
+cd release-tools
+```
+
+Release candidate creates stable branch from master. 
+So we need to sync master branch between all CE remotes. Also do same for EE.
+
+```
+bundle exec rake sync
+```
+
+Create release candidate and stable branch:
+
+```
+bundle exec rake release["x.x.0.rc1"]
+```
+
+Now developers can use master for merging new features.
+So you should use stable branch for future code chages related to release.
+
+
+### 5. Release GitLab CI RC1
+
+Add to your local `gitlab-ci/.git/config`:
+
+```
+[remote "public"]
+    url = none
+    pushurl = git@dev.gitlab.org:gitlab/gitlab-ci.git
+    pushurl = git@gitlab.com:gitlab-org/gitlab-ci.git
+    pushurl = git@github.com:gitlabhq/gitlab-ci.git
+```
+
+* Create a stable branch `x-y-stable`
+* Bump VERSION to `x.y.0.rc1`
+* `git tag -a v$(cat VERSION) -m "Version $(cat VERSION)"
+* `git push public x-y-stable v$(cat VERSION)`
+

features/steps/project/merge_requests.rb

@@ -279,7 +279,7 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
   end
 
   step 'I should see comments on the side-by-side diff page' do
-    within '.files [id^=diff]:nth-child(1) .note-text' do
+    within '.files [id^=diff]:nth-child(1) .parallel .note-text' do
       page.should have_visible_content "Line is correct"
     end
   end

lib/api/projects.rb

@@ -15,9 +15,6 @@ module API
 
       # Get a projects list for authenticated user
       #
-      # Parameters:
-      #   archived (optional) - if passed, limit by archived status
-      #
       # Example Request:
       #   GET /projects
       get do

lib/gitlab/backend/grack_auth.rb

@@ -72,8 +72,26 @@ module Grack
     end
 
     def authenticate_user(login, password)
-      auth = Gitlab::Auth.new
-      auth.find(login, password)
+      user = Gitlab::Auth.new.find(login, password)
+      return user if user.present?
+
+      # At this point, we know the credentials were wrong. We let Rack::Attack
+      # know there was a failed authentication attempt from this IP. This
+      # information is stored in the Rails cache (Redis) and will be used by
+      # the Rack::Attack middleware to decide whether to block requests from
+      # this IP.
+      config = Gitlab.config.rack_attack.git_basic_auth
+      Rack::Attack::Allow2Ban.filter(@request.ip, config) do
+        # Unless the IP is whitelisted, return true so that Allow2Ban
+        # increments the counter (stored in Rails.cache) for the IP
+        if config.ip_whitelist.include?(@request.ip)
+          false
+        else
+          true
+        end
+      end
+
+      nil # No user was found
     end
 
     def authorized_request?

lib/gitlab/current_settings.rb

 module Gitlab
   module CurrentSettings
     def current_application_settings
-      if ActiveRecord::Base.connection.table_exists?('application_settings')
-        ApplicationSetting.current ||
-          ApplicationSetting.create_from_defaults
-      else
+      begin
+        if ActiveRecord::Base.connection.table_exists?('application_settings')
+          ApplicationSetting.current ||
+            ApplicationSetting.create_from_defaults
+        else
+          fake_application_settings
+        end
+      rescue ActiveRecord::NoDatabaseError, database_adapter.constantize::Error
         fake_application_settings
       end
     end
@@ -18,5 +22,16 @@ module Gitlab
         sign_in_text: Settings.extra['sign_in_text'],
       )
     end
+
+    # We need to check which database is setup
+    # but we cannot assume that the database exists already.
+    # Not checking this will break "rake gitlab:setup".
+    def database_adapter
+      if Rails.configuration.database_configuration[Rails.env]['adapter'] == 'mysql2'
+        "Mysql2"
+      else
+        "PG"
+      end
+    end
   end
 end

lib/gitlab/github/client.rb

+module Gitlab
+  module Github
+    class Client
+      attr_reader :client
+
+      def initialize
+        @client = ::OAuth2::Client.new(
+          config.app_id,
+          config.app_secret,
+          github_options
+        )
+      end
+
+      private
+
+      def config
+        Gitlab.config.omniauth.providers.select{|provider| provider.name == "github"}.first
+      end
+
+      def github_options
+        {
+          site: 'https://api.github.com',
+          authorize_url: 'https://github.com/login/oauth/authorize',
+          token_url: 'https://github.com/login/oauth/access_token'
+        }
+      end
+    end
+  end
+end

lib/gitlab/github/importer.rb

+module Gitlab
+  module Github
+    class Importer
+      attr_reader :project
+
+      def initialize(project)
+        @project = project
+      end
+
+      def execute
+        client = octo_client(project.creator.github_access_token)
+       
+        #Issues && Comments
+        client.list_issues(project.import_source, state: :all).each do |issue|
+          if issue.pull_request.nil?
+            body = "*Created by: #{issue.user.login}*\n\n#{issue.body}"
+            
+            if issue.comments > 0
+              body += "\n\n\n**Imported comments:**\n"
+              client.issue_comments(project.import_source, issue.number).each do |c|
+                body += "\n\n*By #{c.user.login} on #{c.created_at}*\n\n#{c.body}"
+              end
+            end
+
+            project.issues.create!(
+              description: body, 
+              title: issue.title,
+              state: issue.state == 'closed' ? 'closed' : 'opened',
+              author_id: gl_user_id(project, issue.user.id)
+            )
+          end
+        end
+      end
+
+      private
+
+      def octo_client(access_token)
+        ::Octokit.auto_paginate = true
+        ::Octokit::Client.new(:access_token => access_token)
+      end
+
+      def gl_user_id(project, github_id)
+        user = User.joins(:identities).find_by("identities.extern_uid = ?", github_id.to_s)
+        (user && user.id) || project.creator_id
+      end
+    end
+  end
+end

lib/gitlab/github/project_creator.rb

+module Gitlab
+  module Github
+    class ProjectCreator
+      attr_reader :repo, :namespace, :current_user
+
+      def initialize(repo, namespace, current_user)
+        @repo = repo
+        @namespace = namespace
+        @current_user = current_user
+      end
+
+      def execute
+        @project = Project.new(
+          name: repo.name,
+          path: repo.name,
+          description: repo.description,
+          namespace: namespace,
+          creator: current_user,
+          visibility_level: repo.private ? Gitlab::VisibilityLevel::PRIVATE : Gitlab::VisibilityLevel::PUBLIC,
+          import_type: "github",
+          import_source: repo.full_name,
+          import_url: repo.clone_url.sub("https://", "https://#{current_user.github_access_token}@")
+        )
+
+        if @project.save!
+          @project.reload
+
+          if @project.import_failed?
+            @project.import_retry
+          else
+            @project.import_start
+          end
+        end
+      end
+    end
+  end
+end

lib/gitlab/push_data_builder.rb

+module Gitlab
+  class PushDataBuilder
+    # Produce a hash of post-receive data
+    #
+    # data = {
+    #   before: String,
+    #   after: String,
+    #   ref: String,
+    #   user_id: String,
+    #   user_name: String,
+    #   project_id: String,
+    #   repository: {
+    #     name: String,
+    #     url: String,
+    #     description: String,
+    #     homepage: String,
+    #   },
+    #   commits: Array,
+    #   total_commits_count: Fixnum
+    # }
+    #
+    def self.build(project, user, oldrev, newrev, ref, commits = [])
+      # Total commits count
+      commits_count = commits.size
+
+      # Get latest 20 commits ASC
+      commits_limited = commits.last(20)
+
+      # Hash to be passed as post_receive_data
+      data = {
+        before: oldrev,
+        after: newrev,
+        ref: ref,
+        user_id: user.id,
+        user_name: user.name,
+        project_id: project.id,
+        repository: {
+          name: project.name,
+          url: project.url_to_repo,
+          description: project.description,
+          homepage: project.web_url,
+        },
+        commits: [],
+        total_commits_count: commits_count
+      }
+
+      # For performance purposes maximum 20 latest commits
+      # will be passed as post receive hook data.
+      commits_limited.each do |commit|
+        data[:commits] << commit.hook_attrs(project)
+      end
+
+      data
+    end
+
+    # This method provide a sample data generated with
+    # existing project and commits to test web hooks
+    def self.build_sample(project, user)
+      commits = project.repository.commits(project.default_branch, nil, 3)
+      build(project, user, commits.last.id, commits.first.id, "refs/heads/#{project.default_branch}", commits)
+    end
+  end
+end

lib/gitlab/regex.rb

@@ -11,7 +11,7 @@ module Gitlab
     end
 
     def project_name_regex
-      /\A[a-zA-Z0-9_][a-zA-Z0-9_\-\. ]*\z/
+      /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\. ]*\z/
     end
 
     def project_regex_message

spec/controllers/github_imports_controller_spec.rb

+require 'spec_helper'
+
+describe GithubImportsController do
+  let(:user) { create(:user, github_access_token: 'asd123') }
+
+  before do
+    sign_in(user)
+  end
+
+  describe "GET callback" do
+    it "updates access token" do
+      token = "asdasd12345"
+      Gitlab::Github::Client.any_instance.stub_chain(:client, :auth_code, :get_token, :token).and_return(token)
+      Gitlab.config.omniauth.providers << OpenStruct.new(app_id: "asd123", app_secret: "asd123", name: "github")
+
+      get :callback
+      
+      user.reload.github_access_token.should == token
+      controller.should redirect_to(status_github_import_url)
+    end
+  end
+
+  describe "GET status" do
+    before do
+      @repo = OpenStruct.new(login: 'vim', full_name: 'asd/vim')
+    end
+
+    it "assigns variables" do
+      @project = create(:project, import_type: 'github', creator_id: user.id)
+      controller.stub_chain(:octo_client, :repos).and_return([@repo])
+      controller.stub_chain(:octo_client, :orgs).and_return([])
+
+      get :status
+
+      expect(assigns(:already_added_projects)).to eq([@project])
+      expect(assigns(:repos)).to eq([@repo])
+    end
+
+    it "does not show already added project" do
+      @project = create(:project, import_type: 'github', creator_id: user.id, import_source: 'asd/vim')
+      controller.stub_chain(:octo_client, :repos).and_return([@repo])
+      controller.stub_chain(:octo_client, :orgs).and_return([])
+
+      get :status
+
+      expect(assigns(:already_added_projects)).to eq([@project])
+      expect(assigns(:repos)).to eq([])
+    end
+  end
+
+  describe "POST create" do
+    before do
+      @repo = OpenStruct.new(login: 'vim', full_name: 'asd/vim', owner: OpenStruct.new(login: "john"))
+    end
+
+    it "takes already existing namespace" do
+      namespace = create(:namespace, name: "john", owner: user)
+      Gitlab::Github::ProjectCreator.should_receive(:new).with(@repo, namespace, user).
+        and_return(double(execute: true))
+      controller.stub_chain(:octo_client, :repo).and_return(@repo)
+
+      post :create, format: :js
+    end
+  end
+end

spec/helpers/projects_helper_spec.rb

@@ -20,4 +20,13 @@ describe ProjectsHelper do
           "<option value=\"gitlab\">GitLab</option>"
     end
   end
+
+  describe "#project_status_css_class" do
+    it "returns appropriate class" do
+      project_status_css_class("started").should == "active"
+      project_status_css_class("failed").should == "danger"
+      project_status_css_class("finished").should == "success"
+    end
+
+  end
 end

spec/helpers/tree_helper_spec.rb

+require 'spec_helper'
+
+describe TreeHelper do
+  describe 'flatten_tree' do
+    let(:project) { create(:project) }
+
+    before {
+      @repository = project.repository
+      @commit = project.repository.commit("e56497bb")
+    }
+
+    context "on a directory containing more than one file/directory" do
+      let(:tree_item) { double(name: "files", path: "files") }
+
+      it "should return the directory name" do
+        flatten_tree(tree_item).should match('files')
+      end
+    end
+
+    context "on a directory containing only one directory" do
+      let(:tree_item) { double(name: "foo", path: "foo") }
+
+      it "should return the flattened path" do
+        flatten_tree(tree_item).should match('foo/bar')
+      end
+    end
+  end
+end

spec/lib/gitlab/github/project_creator.rb

+require 'spec_helper'
+
+describe Gitlab::Github::ProjectCreator do
+  let(:user) { create(:user, github_access_token: "asdffg") }
+  let(:repo) { OpenStruct.new(
+    login: 'vim',
+    name: 'vim',
+    private: true,
+    full_name: 'asd/vim',
+    clone_url: "https://gitlab.com/asd/vim.git",
+    owner: OpenStruct.new(login: "john"))
+  }
+  let(:namespace){ create(:namespace) }
+
+  it 'creates project' do
+    Project.any_instance.stub(:add_import_job)
+    
+    project_creator = Gitlab::Github::ProjectCreator.new(repo, namespace, user)
+    project_creator.execute
+    project = Project.last
+    
+    project.import_url.should ==  "https://asdffg@gitlab.com/asd/vim.git"
+    project.visibility_level.should == Gitlab::VisibilityLevel::PRIVATE
+  end
+end

spec/lib/gitlab/push_data_builder_spec.rb

+require 'spec_helper'
+
+describe 'Gitlab::PushDataBuilder' do
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+
+  describe :build_sample do
+    let(:data) { Gitlab::PushDataBuilder.build_sample(project, user) }
+
+    it { data.should be_a(Hash) }
+    it { data[:before].should == '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9' }
+    it { data[:after].should == '5937ac0a7beb003549fc5fd26fc247adbce4a52e' }
+    it { data[:ref].should == 'refs/heads/master' }
+    it { data[:commits].size.should == 3 }
+    it { data[:total_commits_count].should == 3 }
+  end
+
+  describe :build do
+    let(:data) do
+      Gitlab::PushDataBuilder.build(project,
+                                    user,
+                                    Gitlab::Git::BLANK_SHA,
+                                    '5937ac0a7beb003549fc5fd26fc247adbce4a52e',
+                                    'refs/tags/v1.1.0')
+    end
+
+    it { data.should be_a(Hash) }
+    it { data[:before].should == Gitlab::Git::BLANK_SHA }
+    it { data[:after].should == '5937ac0a7beb003549fc5fd26fc247adbce4a52e' }
+    it { data[:ref].should == 'refs/tags/v1.1.0' }
+    it { data[:commits].should be_empty }
+    it { data[:total_commits_count].should be_zero }
+  end
+end

spec/models/assembla_service_spec.rb

@@ -33,7 +33,7 @@ describe AssemblaService, models: true do
         token: 'verySecret',
         subdomain: 'project_name'
       )
-      @sample_data = GitPushService.new.sample_data(project, user)
+      @sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
       @api_url = 'https://atlas.assembla.com/spaces/project_name/github_tool?secret_key=verySecret'
       WebMock.stub_request(:post, @api_url)
     end

spec/models/flowdock_service_spec.rb

@@ -32,7 +32,7 @@ describe FlowdockService do
         service_hook: true,
         token: 'verySecret'
       )
-      @sample_data = GitPushService.new.sample_data(project, user)
+      @sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
       @api_url = 'https://api.flowdock.com/v1/git/verySecret'
       WebMock.stub_request(:post, @api_url)
     end

spec/models/gemnasium_service_spec.rb

@@ -33,7 +33,7 @@ describe GemnasiumService do
         token: 'verySecret',
         api_key: 'GemnasiumUserApiKey'
       )
-      @sample_data = GitPushService.new.sample_data(project, user)
+      @sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
     end
     it "should call Gemnasium service" do
       Gemnasium::GitlabService.should_receive(:execute).with(an_instance_of(Hash)).once

spec/models/jira_service_spec.rb

@@ -42,7 +42,7 @@ describe JiraService, models: true do
         password: 'gitlab_jira_password',
         api_version: '2'
       )
-      @sample_data = GitPushService.new.sample_data(project, user)
+      @sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
       # https://github.com/bblimke/webmock#request-with-basic-authentication
       @api_url = 'http://gitlab_jira_username:gitlab_jira_password@jira.example.com/rest/api/2/issue/JIRA-123/transitions'
 

spec/models/pushover_service_spec.rb

@@ -36,7 +36,7 @@ describe PushoverService do
     let(:pushover) { PushoverService.new }
     let(:user) { create(:user) }
     let(:project) { create(:project) }
-    let(:sample_data) { GitPushService.new.sample_data(project, user) }
+    let(:sample_data) { Gitlab::PushDataBuilder.build_sample(project, user) }
 
     let(:api_key) { 'verySecret' }
     let(:user_key) { 'verySecret' }

spec/models/slack_service_spec.rb

@@ -34,7 +34,7 @@ describe SlackService do
     let(:slack)   { SlackService.new }
     let(:user)    { create(:user) }
     let(:project) { create(:project) }
-    let(:sample_data) { GitPushService.new.sample_data(project, user) }
+    let(:sample_data) { Gitlab::PushDataBuilder.build_sample(project, user) }
     let(:webhook_url) { 'https://hooks.slack.com/services/SVRWFV0VVAR97N/B02R25XN3/ZBqu7xMupaEEICInN685' }
 
     before do

spec/requests/api/projects_spec.rb

@@ -7,6 +7,8 @@ describe API::API, api: true  do
   let(:user3) { create(:user) }
   let(:admin) { create(:admin) }
   let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
+  let(:project2) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace) }
+  let(:project3) { create(:project, path: 'project3', creator_id: user.id, namespace: user.namespace) }
   let(:snippet) { create(:project_snippet, author: user, project: project, title: 'example') }
   let(:project_member) { create(:project_member, user: user, project: project, access_level: ProjectMember::MASTER) }
   let(:project_member2) { create(:project_member, user: user3, project: project, access_level: ProjectMember::DEVELOPER) }
@@ -29,6 +31,29 @@ describe API::API, api: true  do
         json_response.first['name'].should == project.name
         json_response.first['owner']['username'].should == user.username
       end
+
+      context "and using search" do
+        it "should return searched project" do
+          get api("/projects", user), { search: project.name }
+          response.status.should eq(200)
+          json_response.should be_an Array
+          json_response.length.should eq(1)
+        end
+      end
+
+      context "and using sorting" do
+        before do
+          project2
+          project3
+        end
+
+        it "should return the correct order when sorted by id" do
+          get api("/projects", user), { order_by: 'id', sort: 'desc'}
+          response.status.should eq(200)
+          json_response.should be_an Array
+          json_response.first['id'].should eq(project3.id)
+        end
+      end
     end
   end
 

spec/support/test_env.rb

@@ -5,6 +5,7 @@ module TestEnv
 
   # When developing the seed repository, comment out the branch you will modify.
   BRANCH_SHA = {
+    'flatten-dir'      => 'e56497b',
     'feature'          => '0b4bc9a',
     'feature_conflict' => 'bb5206f',
     'fix'              => '12d65c8',