Commit 270d93b3 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'ce-non-conflict' into 'master'

7.7 CE into master

```
Unmerged paths:
  (use "git add <file>..." to mark resolution)

	both modified:      app/controllers/projects/merge_requests_controller.rb
```

See merge request !293
parents 7453e142 f9065eb7
Note: The upcoming release contains empty lines to reduce the number of merge conflicts, scroll down to see past releases.
v 7.7.0
-
-
- Import from GitHub.com feature
- Add Jetbrains Teamcity CI service (Jason Lippert)
-
-
- Mention notification level
- Markdown preview in wiki (Yuriy Glukhov)
- Raise group avatar filesize limit to 200kb
......@@ -11,35 +10,21 @@ v 7.7.0
- Show user SSH keys in admin area
- Developer can push to protected branches option
- Set project path instead of project name in create form
-
-
- Block Git HTTP access after 10 failed authentication attempts
- Updates to the messages returned by API (sponsored by O'Reilly Media)
- New UI layout with side navigation
-
-
-
- Add alert message in case of outdated browser (IE < 10)
-
- Added API support for sorting projects
- Update gitlab_git to version 7.0.0.rc13
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Update gitlab_git to version 7.0.0.rc14
- Add API project search filter option for authorized projects
- Fix File blame not respecting branch selection
- Change some of application settings on fly in admin area UI
- Redesign signin/signup pages
- Close standard input in Gitlab::Popen.popen
- Trigger GitLab CI when push tags
- When accept merge request - do merge using sidaekiq job
- Enable web signups by default
v 7.6.0
- Fork repository to groups
......
......@@ -151,6 +151,7 @@ If you add a dependency in GitLab (such as an operating system package) please c
1. [CoffeeScript](https://github.com/thoughtbot/guides/tree/master/style#coffeescript)
1. [Shell commands](doc/development/shell_commands.md) created by GitLab contributors to enhance security
1. [Markdown](http://www.cirosantilli.com/markdown-styleguide)
1. Interface text should be written subjectively instead of objectively. It should be the gitlab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of "prohibited this user from being saved due to the following errors:" the text should be "sorry, we could not create your account because:". Also these [excellent writing guidelines](https://github.com/NARKOZ/guides#writing).
This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com).
......
......@@ -29,7 +29,7 @@ gem 'omniauth-twitter'
gem 'omniauth-github'
gem 'omniauth-shibboleth'
gem 'omniauth-kerberos'
gem 'doorkeeper', '2.0.1'
gem 'doorkeeper', '2.1.0'
gem "rack-oauth2", "~> 1.0.5"
# Browser detection
......@@ -37,7 +37,7 @@ gem "browser"
# Extracting information from a git repository
# Provide access to Gitlab::Git library
gem "gitlab_git", '7.0.0.rc13'
gem "gitlab_git", '7.0.0.rc14'
# Ruby/Rack Git Smart-HTTP Server Handler
gem 'gitlab-grack', '~> 2.0.0.pre', require: 'grack'
......@@ -177,7 +177,6 @@ gem 'semantic-ui-sass', '~> 0.16.1.0'
gem "sass-rails", '~> 4.0.2'
gem "coffee-rails"
gem "uglifier"
gem "therubyracer"
gem 'turbolinks'
gem 'jquery-turbolinks'
......@@ -262,6 +261,9 @@ end
group :production do
gem "gitlab_meta", '7.0'
gem "therubyracer"
end
gem "newrelic_rpm"
gem 'octokit', '3.7.0'
......@@ -109,7 +109,7 @@ GEM
diff-lcs (1.2.5)
diffy (3.0.3)
docile (1.1.5)
doorkeeper (2.0.1)
doorkeeper (2.1.0)
railties (>= 3.1)
dotenv (0.9.0)
dropzonejs-rails (0.4.14)
......@@ -183,7 +183,7 @@ GEM
mime-types (~> 1.19)
gitlab_emoji (0.0.1.1)
emoji (~> 1.0.1)
gitlab_git (7.0.0.rc13)
gitlab_git (7.0.0.rc14)
activesupport (~> 4.0)
charlock_holmes (~> 0.6)
gitlab-linguist (~> 3.0)
......@@ -319,6 +319,8 @@ GEM
jwt (~> 0.1.4)
multi_json (~> 1.0)
rack (~> 1.2)
octokit (3.7.0)
sawyer (~> 0.6.0, >= 0.5.3)
omniauth (1.1.4)
hashie (>= 1.2, < 3)
rack
......@@ -367,7 +369,7 @@ GEM
rack (1.5.2)
rack-accept (0.4.5)
rack (>= 0.4)
rack-attack (2.3.0)
rack-attack (4.2.0)
rack
rack-cors (0.2.9)
rack-mini-profiler (0.9.0)
......@@ -473,6 +475,9 @@ GEM
sass (~> 3.2.0)
sprockets (~> 2.8, <= 2.11.0)
sprockets-rails (~> 2.0)
sawyer (0.6.0)
addressable (~> 2.3.5)
faraday (~> 0.8, < 0.10)
sdoc (0.3.20)
json (>= 1.1.3)
rdoc (~> 3.10)
......@@ -633,7 +638,7 @@ DEPENDENCIES
devise (= 3.2.4)
devise-async (= 0.9.0)
diffy (~> 3.0.3)
doorkeeper (= 2.0.1)
doorkeeper (= 2.1.0)
dropzonejs-rails
email_spec
enumerize
......@@ -648,7 +653,7 @@ DEPENDENCIES
gitlab-grack (~> 2.0.0.pre)
gitlab-linguist (~> 3.0.0)
gitlab_emoji (~> 0.0.1.1)
gitlab_git (= 7.0.0.rc13)
gitlab_git (= 7.0.0.rc14)
gitlab_meta (= 7.0)
gitlab_omniauth-ldap (= 1.2.0)
gollum-lib (~> 3.0.0)
......@@ -677,6 +682,7 @@ DEPENDENCIES
net-ldap
newrelic_rpm
nprogress-rails
octokit (= 3.7.0)
omniauth (~> 1.1.3)
omniauth-github
omniauth-google-oauth2
......
......@@ -35,6 +35,14 @@ For all other questions, contact us at sales@gitlab.com
- Completely free and open source (MIT Expat license)
- Powered by Ruby on Rails
## Editions
There are two editions of GitLab.
GitLab [Community Edition](https://about.gitlab.com/features/) (CE) is available without any costs under an MIT license.
GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/features/#compare) that are most useful for organizations with more than 100 users.
To get access to the EE and support please [become a subscriber](https://about.gitlab.com/pricing/).
## Canonical source
- The source of GitLab Enterprise Edition is [hosted on GitLab.com](https://dev.gitlab.org/gitlab/gitlab-ee/) and acessible only to [subscribers](https://about.gitlab.com/subscription/).
......
......@@ -135,3 +135,16 @@ class @MergeRequest
this.$('.automerge_widget').hide()
this.$('.merge-in-progress').hide()
this.$('.automerge_widget.already_cannot_be_merged').show()
mergeInProgress: ->
$.ajax
type: 'GET'
url: $('.merge-request').data('url')
success: (data) =>
switch data.state
when 'merged'
location.reload()
else
setTimeout(merge_request.mergeInProgress, 3000)
dataType: 'json'
......@@ -13,3 +13,20 @@ class @ProjectShow
$("a[href=" + defaultView + "]").tab "show"
else
$("a[data-toggle='tab']:first").tab "show"
$(document).ready ->
$(window).load (e) ->
e.preventDefault()
unless location.hash is ""
$("html, body").animate
scrollTop: $(".navbar").offset().top - $(".navbar").height()
, 200
$("a").click (event) ->
link = event.target
isAnchor = link instanceof HTMLAnchorElement
if (location.hash != "" || isAnchor)
$("html,body").animate
scrollTop: $(this).offset().top - $(".navbar").height() - 3
, 200
$(document).ready ->
$(window).load (e) ->
e.preventDefault()
unless location.hash is ""
$("html, body").animate
scrollTop: $(".navbar").offset().top - $(".navbar").height()
, 200
$("a").click (event) ->
link = event.target
isAnchor = link instanceof HTMLAnchorElement
if (location.hash != "" || isAnchor)
$("html,body").animate
scrollTop: $(this).offset().top - $(".navbar").height() - 3
, 200
......@@ -29,7 +29,7 @@
line-height: 20px;
font-weight: bold;
.checkbox {
.remove_source_checkbox {
margin: 0;
}
}
......
class GithubImportsController < ApplicationController
before_filter :github_auth, except: :callback
rescue_from Octokit::Unauthorized, with: :github_unauthorized
def callback
token = client.auth_code.get_token(params[:code]).token
current_user.github_access_token = token
current_user.save
redirect_to status_github_import_url
end
def status
@repos = octo_client.repos
octo_client.orgs.each do |org|
@repos += octo_client.repos(org.login)
end
@already_added_projects = current_user.created_projects.where(import_type: "github")
already_added_projects_names = @already_added_projects.pluck(:import_source)
@repos.reject!{|repo| already_added_projects_names.include? repo.full_name}
end
def create
@repo_id = params[:repo_id].to_i
repo = octo_client.repo(@repo_id)
target_namespace = params[:new_namespace].presence || repo.owner.login
existing_namespace = Namespace.find_by("path = ? OR name = ?", target_namespace, target_namespace)
if existing_namespace
if existing_namespace.owner == current_user
namespace = existing_namespace
else
@already_been_taken = true
@target_namespace = target_namespace
@project_name = repo.name
render and return
end
else
namespace = Group.create(name: target_namespace, path: target_namespace, owner: current_user)
namespace.add_owner(current_user)
end
Gitlab::Github::ProjectCreator.new(repo, namespace, current_user).execute
end
private
def client
@client ||= Gitlab::Github::Client.new.client
end
def octo_client
Octokit.auto_paginate = true
@octo_client ||= Octokit::Client.new(:access_token => current_user.github_access_token)
end
def github_auth
if current_user.github_access_token.blank?
go_to_gihub_for_permissions
end
end
def go_to_gihub_for_permissions
redirect_to client.auth_code.authorize_url({
redirect_uri: callback_github_import_url,
scope: "repo, user, user:email"
})
end
def github_unauthorized
go_to_gihub_for_permissions
end
end
......@@ -66,7 +66,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return
end
end
rescue ForbiddenAction => e
rescue Gitlab::OAuth::ForbiddenAction => e
flash[:notice] = e.message
redirect_to new_user_session_path
end
......
......@@ -27,6 +27,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
respond_to do |format|
format.html
format.json { render json: @merge_request }
format.diff { render text: @merge_request.to_diff(current_user) }
format.patch { render text: @merge_request.to_patch(current_user) }
end
......@@ -104,16 +105,15 @@ class Projects::MergeRequestsController < Projects::ApplicationController
if @merge_request.unchecked?
@merge_request.check_if_can_be_merged
end
render json: {merge_status: @merge_request.merge_status_name}
render json: { merge_status: @merge_request.merge_status_name }
end
def automerge
return access_denied! unless allowed_to_merge?
if @merge_request.open? && @merge_request.can_be_merged?
@merge_request.should_remove_source_branch = params[:should_remove_source_branch]
@merge_request.should_rebase = params[:should_rebase]
@merge_request.automerge!(current_user, params[:commit_message])
AutoMergeWorker.perform_async(@merge_request.id, current_user.id, params)
@status = true
else
@status = false
......
......@@ -24,8 +24,7 @@ class Projects::ServicesController < Projects::ApplicationController
end
def test
data = GitPushService.new.sample_data(project, current_user)
data = Gitlab::PushDataBuilder.build_sample(project, current_user)
@service.execute(data)
redirect_to :back
......
......@@ -13,6 +13,7 @@ class Projects::TagsController < Projects::ApplicationController
def create
result = CreateTagService.new(@project, current_user).
execute(params[:tag_name], params[:ref], params[:message])
if result[:status] == :success
@tag = result[:tag]
redirect_to project_tags_path(@project)
......
......@@ -238,6 +238,26 @@ module ProjectsHelper
result
end
def project_wiki_path_with_version(proj, page, version, is_newest)
url_params = is_newest ? {} : { version_id: version }
project_wiki_path(proj, page, url_params)
end
def project_status_css_class(status)
case status
when "started"
"active"
when "failed"
"danger"
when "finished"
"success"
end
end
def github_import_enabled?
Gitlab.config.omniauth.enabled && enabled_oauth_providers.include?(:github)
end
def membership_locked?
if @project.group && @project.group.membership_lock
true
......@@ -246,3 +266,4 @@ module ProjectsHelper
end
end
end
......@@ -113,6 +113,16 @@ module TreeHelper
tree_join(@ref, file)
end
# returns the relative path of the first subdir that doesn't have only one directory descendand
def flatten_tree(tree)
subtree = Gitlab::Git::Tree.where(@repository, @commit.id, tree.path)
if subtree.count == 1 && subtree.first.dir?
return tree_join(tree.name, flatten_tree(subtree.first))
else
return tree.name
end
end
def leave_edit_message
"Leave edit mode?\nAll unsaved changes will be lost."
end
......
......@@ -296,6 +296,7 @@ class Note < ActiveRecord::Base
# If not - its outdated diff
def active?
return true unless self.diff
return false unless noteable
noteable.diffs.each do |mr_diff|
next unless mr_diff.new_path == self.diff.new_path
......
......@@ -21,10 +21,15 @@ class CreateTagService < BaseService
new_tag = repository.find_tag(tag_name)
if new_tag
if project.gitlab_ci?
push_data = create_push_data(project, current_user, new_tag)
project.gitlab_ci_service.async_execute(push_data)
end
Event.create_ref_event(project, current_user, new_tag, 'add', 'refs/tags')
return success(new_tag)
success(new_tag)
else
return error('Invalid reference name')
error('Invalid reference name')
end
end
......@@ -33,4 +38,9 @@ class CreateTagService < BaseService
out[:tag] = branch
out
end
def create_push_data(project, user, tag)
Gitlab::PushDataBuilder.
build(project, user, Gitlab::Git::BLANK_SHA, tag.target, 'refs/tags/' + tag.name, [])
end
end
......@@ -52,16 +52,6 @@ class GitPushService
end
end
# This method provide a sample data
# generated with post_receive_data method
# for given project
#
def sample_data(project, user)
@project, @user = project, user
@push_commits = project.repository.commits(project.default_branch, nil, 3)
post_receive_data(@push_commits.last.id, @push_commits.first.id, "refs/heads/#{project.default_branch}")
end
protected
def create_push_event(push_data)
......@@ -116,58 +106,9 @@ class GitPushService
end
end
# Produce a hash of post-receive data
#
# data = {
# before: String,
# after: String,
# ref: String,
# user_id: String,
# user_name: String,
# project_id: String,
# repository: {
# name: String,
# url: String,
# description: String,
# homepage: String,
# },
# commits: Array,
# total_commits_count: Fixnum
# }
#
def post_receive_data(oldrev, newrev, ref)
# Total commits count
push_commits_count = push_commits.size
# Get latest 20 commits ASC
push_commits_limited = push_commits.last(20)
# Hash to be passed as post_receive_data
data = {
before: oldrev,
after: newrev,
ref: ref,
user_id: user.id,
user_name: user.name,
project_id: project.id,
repository: {
name: project.name,
url: project.url_to_repo,
description: project.description,
homepage: project.web_url,
},
commits: [],
total_commits_count: push_commits_count
}
# For performance purposes maximum 20 latest commits
# will be passed as post receive hook data.
#
push_commits_limited.each do |commit|
data[:commits] << commit.hook_attrs(project)
end
data
Gitlab::PushDataBuilder.
build(project, user, oldrev, newrev, ref, push_commits)
end
def push_to_existing_branch?(ref, oldrev)
......
......@@ -8,25 +8,19 @@ class GitTagPushService
create_push_event
project.repository.expire_cache
project.execute_hooks(@push_data.dup, :tag_push_hooks)
if project.gitlab_ci?
project.gitlab_ci_service.async_execute(@push_data)
end
true
end
private
def create_push_data(oldrev, newrev, ref)
data = {
ref: ref,
before: oldrev,
after: newrev,
user_id: user.id,
user_name: user.name,
project_id: project.id,
repository: {
name: project.name,
url: project.url_to_repo,
description: project.description,
homepage: project.web_url
}
}
Gitlab::PushDataBuilder.
build(project, user, oldrev, newrev, ref, [])
end
def create_push_event
......
class TestHookService
def execute(hook, current_user)
data = GitPushService.new.sample_data(hook.project, current_user)
data = Gitlab::PushDataBuilder.build_sample(hook.project, current_user)
hook.execute(data)
end
end
- if @already_been_taken
:plain
target_field = $("tr#repo_#{@repo_id} .import-target")
origin_target = target_field.text()
project_name = "#{@project_name}"
origin_namespace = "#{@target_namespace}"
target_field.empty()
target_field.append("<p class='alert alert-danger'>This namespace already been taken! Please choose another one</p>")
target_field.append("<input type='text' name='target_namespace' />")
target_field.append("/" + project_name)
target_field.data("project_name", project_name)
target_field.find('input').prop("value", origin_namespace)
- else
:plain
$("table.import-jobs tbody").prepend($("tr#repo_#{@repo_id}"))
$("tr#repo_#{@repo_id}").addClass("active").find(".import-actions").html("<i class='fa fa-spinner fa-spin'></i> started")
%h3.page-title
%i.fa.fa-github
Import repositories from GitHub.com
%p.light
Select projects you want to import.
%span.pull-right
Reload to see the progress.
%hr
%table.table.import-jobs
%thead
%tr
%th From GitHub
%th To GitLab
%th Status
%tbody
- @already_added_projects.each do |project|
%tr{id: "repo_#{project.id}", class: "#{project_status_css_class(project.import_status)}"}
%td= project.import_source
%td
%strong= link_to project.name_with_namespace, project
%td
- if project.import_status == 'finished'
%span.cgreen
%i.fa.fa-check
done
- else
= project.human_import_status_name
- @repos.each do |repo|
%tr{id: "repo_#{repo.id}"}
%td= repo.full_name
%td.import-target
= repo.full_name
%td.import-actions
= button_tag "Add", class: "btn btn-add-to-import"
:coffeescript
$(".btn-add-to-import").click () ->
new_namespace = null
tr = $(this).closest("tr")
id = tr.attr("id").replace("repo_", "")
if tr.find(".import-target input").length > 0
new_namespace = tr.find(".import-target input").prop("value")
tr.find(".import-target").empty().append(new_namespace + "/" + tr.find(".import-target").data("project_name"))
$.post "#{github_import_url}", {repo_id: id, new_namespace: new_namespace}, dataType: 'script'
.merge-request
.merge-request{'data-url' => project_merge_request_path(@project, @merge_request)}
= render "projects/merge_requests/show/mr_title"
%hr
= render "projects/merge_requests/show/mr_box"
......
-if @status
:plain
location.reload();
merge_request.mergeInProgress();
-else
:plain
merge_request.alreadyOrCannotBeMerged()
......@@ -18,7 +18,7 @@
= f.submit "Accept Merge Request", class: "btn btn-create accept_merge_request"
- if can_remove_branch?(@merge_request.source_project, @merge_request.source_branch) && !@merge_request.for_fork?
.accept-control
= label_tag :should_remove_source_branch, class: "checkbox" do
= label_tag :should_remove_source_branch, class: "remove_source_checkbox" do
= check_box_tag :should_remove_source_branch
Remove source-branch
- if @merge_request.target_project.merge_requests_rebase_enabled && can_rebase?(@merge_request.target_project, @merge_request.target_branch)
......
......@@ -27,7 +27,7 @@
.col-sm-10
= link_to "#", class: 'js-toggle-button' do
%i.fa.fa-upload
%span Import existing repository?
%span Import existing repository by URL
.js-toggle-content.hide
.form-group.import-url-data
= f.label :import_url, class: 'control-label' do
......@@ -39,7 +39,16 @@
%br
The import will time out after 4 minutes. For big repositories, use a clone/push combination.
For SVN repositories, check #{link_to "this migrating from SVN doc.", "http://doc.gitlab.com/ce/workflow/migrating_from_svn.html"}
%hr
- if github_import_enabled?
.project-import.form-group
.col-sm-2
.col-sm-10
= link_to status_github_import_path do
%i.fa.fa-github
Import projects from GitHub
%hr.prepend-botton-10
.form-group
= f.label :description, class: 'control-label' do
......
......@@ -2,7 +2,8 @@
%td.tree-item-file-name
= tree_icon(type)
%span.str-truncated
= link_to tree_item.name, project_tree_path(@project, tree_join(@id || @commit.id, tree_item.name))
- path = flatten_tree(tree_item)
= link_to path, project_tree_path(@project, tree_join(@id || @commit.id, path))
%td.tree_time_ago.cgray
= render 'spinner'
%td.hidden-xs.tree_commit
......@@ -12,11 +12,12 @@
%th Last updated
%th Format
%tbody
- @page.versions.each do |version|
- @page.versions.each_with_index do |version, index|
- commit = version
%tr
%td
= link_to project_wiki_path(@project, @page, version_id: commit.id) do
= link_to project_wiki_path_with_version(@project, @page,
commit.id, index == 0) do
= truncate_sha(commit.id)
%td
= commit.author.name
......
class AutoMergeWorker
include Sidekiq::Worker
sidekiq_options queue: :default
def perform(merge_request_id, current_user_id, params)
params = params.with_indifferent_access
current_user = User.find(current_user_id)
merge_request = MergeRequest.find(merge_request_id)
merge_request.should_remove_source_branch = params[:should_remove_source_branch]
merge_request.should_rebase = params[:should_rebase]
merge_request.automerge!(current_user, params[:commit_message])
end
end
......@@ -10,7 +10,13 @@ class RepositoryImportWorker
project.path_with_namespace,
project.import_url)
if result
if project.import_type == 'github'
result_of_data_import = Gitlab::Github::Importer.new(project).execute
else
result_of_data_import = true
end
if result && result_of_data_import
project.import_finish
project.save
project.satellite.create unless project.satellite.exists?
......
......@@ -332,6 +332,20 @@ production: &base
# ![Company Logo](http://www.companydomain.com/logo.png)
# [Learn more about CompanyName](http://www.companydomain.com/)
rack_attack:
git_basic_auth:
# Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
# ip_whitelist: ["127.0.0.1"]
#
# Limit the number of Git HTTP authentication attempts per IP
# maxretry: 10
#
# Reset the auth attempt counter per IP after 60 seconds
# findtime: 60
#
# Ban an IP for one hour (3600s) after too many auth attempts
# bantime: 3600
development:
<<: *base
......
......@@ -112,7 +112,7 @@ rescue ArgumentError # no user configured
'/home/' + Settings.gitlab['user']
end
Settings.gitlab['time_zone'] ||= nil
Settings.gitlab['signup_enabled'] ||= false
Settings.gitlab['signup_enabled'] ||= true
Settings.gitlab['signin_enabled'] ||= true if Settings.gitlab['signin_enabled'].nil?
Settings.gitlab['restricted_visibility_levels'] = Settings.send(:verify_constant_array, Gitlab::VisibilityLevel, Settings.gitlab['restricted_visibility_levels'], [])
Settings.gitlab['username_changing_enabled'] = true if Settings.gitlab['username_changing_enabled'].nil?
......@@ -178,6 +178,16 @@ Settings.satellites['timeout'] ||= 30
#
Settings['extra'] ||= Settingslogic.new({})
#
# Rack::Attack settings
#
Settings['rack_attack'] ||= Settingslogic.new({})
Settings.rack_attack['git_basic_auth'] ||= Settingslogic.new({})
Settings.rack_attack.git_basic_auth['ip_whitelist'] ||= %w{127.0.0.1}
Settings.rack_attack.git_basic_auth['maxretry'] ||= 10
Settings.rack_attack.git_basic_auth['findtime'] ||= 1.minute
Settings.rack_attack.git_basic_auth['bantime'] ||= 1.hour
#
# Testing settings
#
......
......@@ -10,6 +10,11 @@ Doorkeeper.configure do
current_user || redirect_to(new_user_session_url)
end
resource_owner_from_credentials do |routes|
u = User.find_by(email: params[:username])
u if u && u.valid_password?(params[:password])
end
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
# admin_authenticator do
# # Put your admin authentication logic here.
......
unless Rails.env.test?
# Tell the Rack::Attack Rack middleware to maintain an IP blacklist. We will
# update the blacklist from Grack::Auth#authenticate_user.
Rack::Attack.blacklist('Git HTTP Basic Auth') do |req|
Rack::Attack::Allow2Ban.filter(req.ip, Gitlab.config.rack_attack.git_basic_auth) do
# This block only gets run if the IP was not already banned.
# Return false, meaning that we do not see anything wrong with the
# request at this time
false
end
end
end
# Monkey-patch Redis::Store to make 'setex' and 'expire' work with namespacing
module Gitlab
class Redis
class Store
module Namespace
# Redis::Store#setex in redis-store 1.1.4 does not respect namespaces;
# this new method does.
def setex(key, expires_in, value, options=nil)
namespace(key) { |key| super(key, expires_in, value) }
end
# Redis::Store#expire in redis-store 1.1.4 does not respect namespaces;
# this new method does.
def expire(key, expires_in)
namespace(key) { |key| super(key, expires_in) }
end
private
# Our new definitions of #setex and #expire above assume that the
# #namespace method exists. Because we cannot be sure of that, we
# re-implement the #namespace method from Redis::Store::Namespace so
# that it is available for all Redis::Store instances, whether they use
# namespacing or not.
#
# Based on lib/redis/store/namespace.rb L49-51 (redis-store 1.1.4)
def namespace(key)
if @namespace
yield interpolate(key)
else
# This Redis::Store instance does not use a namespace so we should
# just pass through the key.
yield key
end
end
end
end
end
end
Redis::Store.class_eval do
include Gitlab::Redis::Store::Namespace
end
......@@ -52,6 +52,14 @@ Gitlab::Application.routes.draw do
end
get "/s/:username" => "snippets#user_index", as: :user_snippets, constraints: { username: /.*/ }
#
# Github importer area
#
resource :github_import, only: [:create, :new] do
get :status
get :callback
end
#
# Explroe area
#
......
class AddImportDataToProjectTable < ActiveRecord::Migration
def change
add_column :projects, :import_type, :string
add_column :projects, :import_source, :string
add_column :users, :github_access_token, :string
end
end
......@@ -378,6 +378,8 @@ ActiveRecord::Schema.define(version: 20150108073740) do
t.integer "visibility_level", default: 0, null: false
t.boolean "archived", default: false, null: false
t.string "import_status"
t.string "import_type"
t.string "import_source"
t.float "repository_size", default: 0.0
t.integer "star_count", default: 0, null: false
t.text "merge_requests_template"
......@@ -487,6 +489,7 @@ ActiveRecord::Schema.define(version: 20150108073740) do
t.boolean "hide_no_ssh_key", default: false
t.string "website_url", default: "", null: false
t.datetime "last_credential_check_at"
t.string "github_access_token"
t.datetime "admin_email_unsubscribed_at"
end
......
......@@ -51,6 +51,24 @@ curl --header "PRIVATE-TOKEN: QVy1PB7sTxfy4pqfZM1U" "http://example.com/api/v3/p
The API uses JSON to serialize data. You don't need to specify `.json` at the end of API URL.
## Authentication with OAuth2 token
Instead of the private_token you can transmit the OAuth2 access token as a header or as a parameter.
### OAuth2 token (as a parameter)
```
curl https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN
```
### OAuth2 token (as a header)
```
curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user
```
Read more about [OAuth2 in GitLab](oauth2.md).
## Status codes
The API is designed to return different status codes according to context and action. In this way if a request results in an error the caller is able to get insight into what went wrong, e.g. status code `400 Bad Request` is returned if a required attribute is missing from the request. The following list gives an overview of how the API functions generally behave.
......
# OAuth2 authentication
OAuth2 is a protocol that enables us to get access to private details of user's account without getting its password.
Before using the OAuth2 you should create an application in user's account. Each application getting unique App ID and App Secret parameters. You should not share them.
This functianolity is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper)
## Web Application Flow
This flow is using for authentication from third-party web sites and probably is most used.
It basically consists of an exchange of an authorization token for an access token. For more detailed info, check out the [RFC spec here](http://tools.ietf.org/html/rfc6749#section-4.1)
This flow consists from 3 steps.
### 1. Registering the client
Creat an application in user's account profile.
### 2. Requesting authorization
To request the authorization token, you should visit the `/oauth/authorize` endpoint. You can do that by visiting manually the URL:
```
http://localhost:3000/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=code
```
Where REDIRECT_URI is the URL in your app where users will be sent after authorization.
### 3. Requesting the access token
To request the access token, you should use the returned code and exchange it for an access token. To do that you can use any HTTP client. In this case, I used rest-client:
```
parameters = 'client_id=APP_ID&client_secret=APP_SECRET&code=RETURNED_CODE&grant_type=AUTHORIZATION_CODE&redirect_uri=REDIRECT_URI'
RestClient.post 'http://localhost:3000/oauth/token', parameters
# The response will be
{
"access_token": "de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54",
"token_type": "bearer",
"expires_in": 7200,
"refresh_token": "8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1"
}
```
You can now make requests to the API with the access token returned.
### Use the access token to access the API
The access token allows you to make requests to the API on a behalf of a user.
```
GET https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN
```
Or you can put the token to the Authorization header:
```
curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user
```
## Resource Owner Password Credentials
In this flow, a token is requested in exchange for the resource owner credentials (username and password).
The credentials should only be used when there is a high degree of trust between the resource owner and the client (e.g. the
client is part of the device operating system or a highly privileged application), and when other authorization grant types are not
available (such as an authorization code).
Even though this grant type requires direct client access to the resource owner credentials, the resource owner credentials are used
for a single request and are exchanged for an access token. This grant type can eliminate the need for the client to store the
resource owner credentials for future use, by exchanging the credentials with a long-lived access token or refresh token.
You can do POST request to `/oauth/token` with parameters:
```
{
"grant_type" : "password",
"username" : "user@example.com",
"password" : "sekret"
}
```
Then, you'll receive the access token back in the response:
```
{
"access_token": "1f0af717251950dbd4d73154fdf0a474a5c5119adad999683f5b450c460726aa",
"token_type": "bearer",
"expires_in": 7200
}
```
For testing you can use the oauth2 ruby gem:
```
client = OAuth2::Client.new('the_client_id', 'the_client_secret', :site => "http://example.com")
access_token = client.password.get_token('user@example.com', 'sekret')
puts access_token.token
```
\ No newline at end of file
......@@ -13,6 +13,7 @@ Parameters:
- `archived` (optional) - if passed, limit by archived status
- `order_by` (optional) - Return requests ordered by `id`, `name`, `created_at` or `last_activity_at` fields
- `sort` (optional) - Return requests sorted in `asc` or `desc` order
- `search` (optional) - Return list of authorized projects according to a search criteria
```json
[
......
# How to create RC1
The RC1 release comes with the task to update the installation and upgrade docs. Be mindful that there might already be merge requests for this on GitLab or GitHub.
### **1. Update the installation guide**
1. Check if it references the correct branch `x-x-stable` (doesn't exist yet, but that is okay)
1. Check the [GitLab Shell version](/lib/tasks/gitlab/check.rake#L782)
1. Check the [Git version](/lib/tasks/gitlab/check.rake#L794)
1. There might be other changes. Ask around.
### **2. Create update guides**
1. Create: CE update guide from previous version. Like `7.3-to-7.4.md`
1. Create: CE to EE update guide in EE repository for latest version.
1. Update: `6.x-or-7.x-to-7.x.md` to latest version.
1. Create: CI update guide from previous version
It's best to copy paste the previous guide and make changes where necessary.
The typical steps are listed below with any points you should specifically look at.
#### 0. Any major changes?
List any major changes here, so the user is aware of them before starting to upgrade. For instance:
- Database updates
- Web server changes
- File structure changes
#### 1. Stop server
#### 2. Make backup
#### 3. Do users need to update dependencies like `git`?
- Check if the [GitLab Shell version](/lib/tasks/gitlab/check.rake#L782) changed since the last release.
- Check if the [Git version](/lib/tasks/gitlab/check.rake#L794) changed since the last release.
#### 4. Get latest code
#### 5. Does GitLab shell need to be updated?
#### 6. Install libs, migrations, etc.
#### 7. Any config files updated since last release?
Check if any of these changed since last release:
- [lib/support/nginx/gitlab](/lib/support/nginx/gitlab)
- [lib/support/nginx/gitlab-ssl](/lib/support/nginx/gitlab-ssl)
- <https://gitlab.com/gitlab-org/gitlab-shell/commits/master/config.yml.example>
- [config/gitlab.yml.example](/config/gitlab.yml.example)
- [config/unicorn.rb.example](/config/unicorn.rb.example)
- [config/database.yml.mysql](/config/database.yml.mysql)
- [config/database.yml.postgresql](/config/database.yml.postgresql)
- [config/initializers/rack_attack.rb.example](/config/initializers/rack_attack.rb.example)
- [config/resque.yml.example](/config/resque.yml.example)
#### 8. Need to update init script?
Check if the `init.d/gitlab` script changed since last release: [lib/support/init.d/gitlab](/lib/support/init.d/gitlab)
#### 9. Start application
#### 10. Check application status
### **3. Code quality indicators**
Make sure the code quality indicators are green / good.
- [![Build status](http://ci.gitlab.org/projects/1/status.png?ref=master)](http://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch)
- [![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq) (master branch)
- [![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.png)](https://codeclimate.com/github/gitlabhq/gitlabhq)
- [![Dependency Status](https://gemnasium.com/gitlabhq/gitlabhq.png)](https://gemnasium.com/gitlabhq/gitlabhq) this button can be yellow (small updates are available) but must not be red (a security fix or an important update is available)
- [![Coverage Status](https://coveralls.io/repos/gitlabhq/gitlabhq/badge.png?branch=master)](https://coveralls.io/r/gitlabhq/gitlabhq)
### 4. Run release tool for CE and EE
**Make sure EE `master` has latest changes from CE `master`**
Get release tools
```
git clone git@dev.gitlab.org:gitlab/release-tools.git
cd release-tools
```
Release candidate creates stable branch from master.
So we need to sync master branch between all CE remotes. Also do same for EE.
```
bundle exec rake sync
```
Create release candidate and stable branch:
```
bundle exec rake release["x.x.0.rc1"]
```
Now developers can use master for merging new features.
So you should use stable branch for future code chages related to release.
### 5. Release GitLab CI RC1
Add to your local `gitlab-ci/.git/config`:
```
[remote "public"]
url = none
pushurl = git@dev.gitlab.org:gitlab/gitlab-ci.git
pushurl = git@gitlab.com:gitlab-org/gitlab-ci.git
pushurl = git@github.com:gitlabhq/gitlab-ci.git
```
* Create a stable branch `x-y-stable`
* Bump VERSION to `x.y.0.rc1`
* `git tag -a v$(cat VERSION) -m "Version $(cat VERSION)"
* `git push public x-y-stable v$(cat VERSION)`
This diff is collapsed.
......@@ -279,7 +279,7 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
end
step 'I should see comments on the side-by-side diff page' do
within '.files [id^=diff]:nth-child(1) .note-text' do
within '.files [id^=diff]:nth-child(1) .parallel .note-text' do
page.should have_visible_content "Line is correct"
end
end
......
......@@ -15,9 +15,6 @@ module API
# Get a projects list for authenticated user
#
# Parameters:
# archived (optional) - if passed, limit by archived status
#
# Example Request:
# GET /projects
get do
......
......@@ -72,8 +72,26 @@ module Grack
end
def authenticate_user(login, password)
auth = Gitlab::Auth.new
auth.find(login, password)
user = Gitlab::Auth.new.find(login, password)
return user if user.present?
# At this point, we know the credentials were wrong. We let Rack::Attack
# know there was a failed authentication attempt from this IP. This
# information is stored in the Rails cache (Redis) and will be used by
# the Rack::Attack middleware to decide whether to block requests from
# this IP.
config = Gitlab.config.rack_attack.git_basic_auth
Rack::Attack::Allow2Ban.filter(@request.ip, config) do
# Unless the IP is whitelisted, return true so that Allow2Ban
# increments the counter (stored in Rails.cache) for the IP
if config.ip_whitelist.include?(@request.ip)
false
else
true
end
end
nil # No user was found
end
def authorized_request?
......
module Gitlab
module CurrentSettings
def current_application_settings
if ActiveRecord::Base.connection.table_exists?('application_settings')
ApplicationSetting.current ||
ApplicationSetting.create_from_defaults
else
begin
if ActiveRecord::Base.connection.table_exists?('application_settings')
ApplicationSetting.current ||
ApplicationSetting.create_from_defaults
else
fake_application_settings
end
rescue ActiveRecord::NoDatabaseError, database_adapter.constantize::Error
fake_application_settings
end
end
......@@ -18,5 +22,16 @@ module Gitlab
sign_in_text: Settings.extra['sign_in_text'],
)
end
# We need to check which database is setup
# but we cannot assume that the database exists already.
# Not checking this will break "rake gitlab:setup".
def database_adapter
if Rails.configuration.database_configuration[Rails.env]['adapter'] == 'mysql2'
"Mysql2"
else
"PG"
end
end
end
end
module Gitlab
module Github
class Client
attr_reader :client
def initialize
@client = ::OAuth2::Client.new(
config.app_id,
config.app_secret,
github_options
)
end
private
def config
Gitlab.config.omniauth.providers.select{|provider| provider.name == "github"}.first
end
def github_options
{
site: 'https://api.github.com',
authorize_url: 'https://github.com/login/oauth/authorize',
token_url: 'https://github.com/login/oauth/access_token'
}
end
end
end
end
module Gitlab
module Github
class Importer
attr_reader :project
def initialize(project)
@project = project
end
def execute
client = octo_client(project.creator.github_access_token)
#Issues && Comments
client.list_issues(project.import_source, state: :all).each do |issue|
if issue.pull_request.nil?
body = "*Created by: #{issue.user.login}*\n\n#{issue.body}"
if issue.comments > 0
body += "\n\n\n**Imported comments:**\n"
client.issue_comments(project.import_source, issue.number).each do |c|
body += "\n\n*By #{c.user.login} on #{c.created_at}*\n\n#{c.body}"
end
end
project.issues.create!(
description: body,
title: issue.title,
state: issue.state == 'closed' ? 'closed' : 'opened',
author_id: gl_user_id(project, issue.user.id)
)
end
end
end
private
def octo_client(access_token)
::Octokit.auto_paginate = true
::Octokit::Client.new(:access_token => access_token)
end
def gl_user_id(project, github_id)
user = User.joins(:identities).find_by("identities.extern_uid = ?", github_id.to_s)
(user && user.id) || project.creator_id
end
end
end
end
module Gitlab
module Github
class ProjectCreator
attr_reader :repo, :namespace, :current_user
def initialize(repo, namespace, current_user)
@repo = repo
@namespace = namespace
@current_user = current_user
end
def execute
@project = Project.new(
name: repo.name,
path: repo.name,
description: repo.description,
namespace: namespace,
creator: current_user,
visibility_level: repo.private ? Gitlab::VisibilityLevel::PRIVATE : Gitlab::VisibilityLevel::PUBLIC,
import_type: "github",
import_source: repo.full_name,
import_url: repo.clone_url.sub("https://", "https://#{current_user.github_access_token}@")
)
if @project.save!
@project.reload
if @project.import_failed?
@project.import_retry
else
@project.import_start
end
end
end
end
end
end
module Gitlab
class PushDataBuilder
# Produce a hash of post-receive data
#
# data = {
# before: String,
# after: String,
# ref: String,
# user_id: String,
# user_name: String,
# project_id: String,
# repository: {
# name: String,
# url: String,
# description: String,
# homepage: String,
# },
# commits: Array,
# total_commits_count: Fixnum
# }
#
def self.build(project, user, oldrev, newrev, ref, commits = [])
# Total commits count
commits_count = commits.size
# Get latest 20 commits ASC
commits_limited = commits.last(20)
# Hash to be passed as post_receive_data
data = {
before: oldrev,
after: newrev,
ref: ref,
user_id: user.id,
user_name: user.name,
project_id: project.id,
repository: {
name: project.name,
url: project.url_to_repo,
description: project.description,
homepage: project.web_url,
},
commits: [],
total_commits_count: commits_count
}
# For performance purposes maximum 20 latest commits
# will be passed as post receive hook data.
commits_limited.each do |commit|
data[:commits] << commit.hook_attrs(project)
end
data
end
# This method provide a sample data generated with
# existing project and commits to test web hooks
def self.build_sample(project, user)
commits = project.repository.commits(project.default_branch, nil, 3)
build(project, user, commits.last.id, commits.first.id, "refs/heads/#{project.default_branch}", commits)
end
end
end
......@@ -11,7 +11,7 @@ module Gitlab
end
def project_name_regex
/\A[a-zA-Z0-9_][a-zA-Z0-9_\-\. ]*\z/
/\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\. ]*\z/
end
def project_regex_message
......
require 'spec_helper'
describe GithubImportsController do
let(:user) { create(:user, github_access_token: 'asd123') }
before do
sign_in(user)
end
describe "GET callback" do
it "updates access token" do
token = "asdasd12345"
Gitlab::Github::Client.any_instance.stub_chain(:client, :auth_code, :get_token, :token).and_return(token)
Gitlab.config.omniauth.providers << OpenStruct.new(app_id: "asd123", app_secret: "asd123", name: "github")
get :callback
user.reload.github_access_token.should == token
controller.should redirect_to(status_github_import_url)
end
end
describe "GET status" do
before do
@repo = OpenStruct.new(login: 'vim', full_name: 'asd/vim')
end
it "assigns variables" do
@project = create(:project, import_type: 'github', creator_id: user.id)
controller.stub_chain(:octo_client, :repos).and_return([@repo])
controller.stub_chain(:octo_client, :orgs).and_return([])
get :status
expect(assigns(:already_added_projects)).to eq([@project])
expect(assigns(:repos)).to eq([@repo])
end
it "does not show already added project" do
@project = create(:project, import_type: 'github', creator_id: user.id, import_source: 'asd/vim')
controller.stub_chain(:octo_client, :repos).and_return([@repo])
controller.stub_chain(:octo_client, :orgs).and_return([])
get :status
expect(assigns(:already_added_projects)).to eq([@project])
expect(assigns(:repos)).to eq([])
end
end
describe "POST create" do
before do
@repo = OpenStruct.new(login: 'vim', full_name: 'asd/vim', owner: OpenStruct.new(login: "john"))
end
it "takes already existing namespace" do
namespace = create(:namespace, name: "john", owner: user)
Gitlab::Github::ProjectCreator.should_receive(:new).with(@repo, namespace, user).
and_return(double(execute: true))
controller.stub_chain(:octo_client, :repo).and_return(@repo)
post :create, format: :js
end
end
end
......@@ -20,4 +20,13 @@ describe ProjectsHelper do
"<option value=\"gitlab\">GitLab</option>"
end
end
describe "#project_status_css_class" do
it "returns appropriate class" do
project_status_css_class("started").should == "active"
project_status_css_class("failed").should == "danger"
project_status_css_class("finished").should == "success"
end
end
end
require 'spec_helper'
describe TreeHelper do
describe 'flatten_tree' do
let(:project) { create(:project) }
before {
@repository = project.repository
@commit = project.repository.commit("e56497bb")
}
context "on a directory containing more than one file/directory" do
let(:tree_item) { double(name: "files", path: "files") }
it "should return the directory name" do
flatten_tree(tree_item).should match('files')
end
end
context "on a directory containing only one directory" do
let(:tree_item) { double(name: "foo", path: "foo") }
it "should return the flattened path" do
flatten_tree(tree_item).should match('foo/bar')
end
end
end
end
require 'spec_helper'
describe Gitlab::Github::ProjectCreator do
let(:user) { create(:user, github_access_token: "asdffg") }
let(:repo) { OpenStruct.new(
login: 'vim',
name: 'vim',
private: true,
full_name: 'asd/vim',
clone_url: "https://gitlab.com/asd/vim.git",
owner: OpenStruct.new(login: "john"))
}
let(:namespace){ create(:namespace) }
it 'creates project' do
Project.any_instance.stub(:add_import_job)
project_creator = Gitlab::Github::ProjectCreator.new(repo, namespace, user)
project_creator.execute
project = Project.last
project.import_url.should == "https://asdffg@gitlab.com/asd/vim.git"
project.visibility_level.should == Gitlab::VisibilityLevel::PRIVATE
end
end
require 'spec_helper'
describe 'Gitlab::PushDataBuilder' do
let(:project) { create(:project) }
let(:user) { create(:user) }
describe :build_sample do
let(:data) { Gitlab::PushDataBuilder.build_sample(project, user) }
it { data.should be_a(Hash) }
it { data[:before].should == '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9' }
it { data[:after].should == '5937ac0a7beb003549fc5fd26fc247adbce4a52e' }
it { data[:ref].should == 'refs/heads/master' }
it { data[:commits].size.should == 3 }
it { data[:total_commits_count].should == 3 }
end
describe :build do
let(:data) do
Gitlab::PushDataBuilder.build(project,
user,
Gitlab::Git::BLANK_SHA,
'5937ac0a7beb003549fc5fd26fc247adbce4a52e',
'refs/tags/v1.1.0')
end
it { data.should be_a(Hash) }
it { data[:before].should == Gitlab::Git::BLANK_SHA }
it { data[:after].should == '5937ac0a7beb003549fc5fd26fc247adbce4a52e' }
it { data[:ref].should == 'refs/tags/v1.1.0' }
it { data[:commits].should be_empty }
it { data[:total_commits_count].should be_zero }
end
end
......@@ -33,7 +33,7 @@ describe AssemblaService, models: true do
token: 'verySecret',
subdomain: 'project_name'
)
@sample_data = GitPushService.new.sample_data(project, user)
@sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
@api_url = 'https://atlas.assembla.com/spaces/project_name/github_tool?secret_key=verySecret'
WebMock.stub_request(:post, @api_url)
end
......
......@@ -32,7 +32,7 @@ describe FlowdockService do
service_hook: true,
token: 'verySecret'
)
@sample_data = GitPushService.new.sample_data(project, user)
@sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
@api_url = 'https://api.flowdock.com/v1/git/verySecret'
WebMock.stub_request(:post, @api_url)
end
......
......@@ -33,7 +33,7 @@ describe GemnasiumService do
token: 'verySecret',
api_key: 'GemnasiumUserApiKey'
)
@sample_data = GitPushService.new.sample_data(project, user)
@sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
end
it "should call Gemnasium service" do
Gemnasium::GitlabService.should_receive(:execute).with(an_instance_of(Hash)).once
......
......@@ -42,7 +42,7 @@ describe JiraService, models: true do
password: 'gitlab_jira_password',
api_version: '2'
)
@sample_data = GitPushService.new.sample_data(project, user)
@sample_data = Gitlab::PushDataBuilder.build_sample(project, user)
# https://github.com/bblimke/webmock#request-with-basic-authentication
@api_url = 'http://gitlab_jira_username:gitlab_jira_password@jira.example.com/rest/api/2/issue/JIRA-123/transitions'
......
......@@ -36,7 +36,7 @@ describe PushoverService do
let(:pushover) { PushoverService.new }
let(:user) { create(:user) }
let(:project) { create(:project) }
let(:sample_data) { GitPushService.new.sample_data(project, user) }
let(:sample_data) { Gitlab::PushDataBuilder.build_sample(project, user) }
let(:api_key) { 'verySecret' }
let(:user_key) { 'verySecret' }
......
......@@ -34,7 +34,7 @@ describe SlackService do
let(:slack) { SlackService.new }
let(:user) { create(:user) }
let(:project) { create(:project) }
let(:sample_data) { GitPushService.new.sample_data(project, user) }
let(:sample_data) { Gitlab::PushDataBuilder.build_sample(project, user) }
let(:webhook_url) { 'https://hooks.slack.com/services/SVRWFV0VVAR97N/B02R25XN3/ZBqu7xMupaEEICInN685' }
before do
......
......@@ -7,6 +7,8 @@ describe API::API, api: true do
let(:user3) { create(:user) }
let(:admin) { create(:admin) }
let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
let(:project2) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace) }
let(:project3) { create(:project, path: 'project3', creator_id: user.id, namespace: user.namespace) }
let(:snippet) { create(:project_snippet, author: user, project: project, title: 'example') }
let(:project_member) { create(:project_member, user: user, project: project, access_level: ProjectMember::MASTER) }
let(:project_member2) { create(:project_member, user: user3, project: project, access_level: ProjectMember::DEVELOPER) }
......@@ -29,6 +31,29 @@ describe API::API, api: true do
json_response.first['name'].should == project.name
json_response.first['owner']['username'].should == user.username
end
context "and using search" do
it "should return searched project" do
get api("/projects", user), { search: project.name }
response.status.should eq(200)
json_response.should be_an Array
json_response.length.should eq(1)
end
end
context "and using sorting" do
before do
project2
project3
end
it "should return the correct order when sorted by id" do
get api("/projects", user), { order_by: 'id', sort: 'desc'}
response.status.should eq(200)
json_response.should be_an Array
json_response.first['id'].should eq(project3.id)
end
end
end
end
......
......@@ -5,6 +5,7 @@ module TestEnv
# When developing the seed repository, comment out the branch you will modify.
BRANCH_SHA = {
'flatten-dir' => 'e56497b',
'feature' => '0b4bc9a',
'feature_conflict' => 'bb5206f',
'fix' => '12d65c8',
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment