Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq

Conflicts: VERSION

Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
Conflicts: VERSION
5812cfa1 · Jacob Vosmaer · 779747c1 · 87efd92d · 5812cfa1 · 5812cfa1
Commit 5812cfa1 authored Aug 20, 2014 by Jacob Vosmaer
12 changed files
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -129,7 +129,7 @@ GEM
    factory_girl_rails (4.3.0)
      factory_girl (~> 4.3.0)
      railties (>= 3.0.0)
-    faraday (0.8.8)
+    faraday (0.8.9)
      multipart-post (~> 1.2.0)
    faraday_middleware (0.9.0)
      faraday (>= 0.7.4, < 0.9)
@@ -234,7 +234,7 @@ GEM
      activesupport (>= 4.0.1)
      haml (>= 3.1, < 5.0)
      railties (>= 4.0.1)
-    hashie (2.0.5)
+    hashie (2.1.2)
    hike (1.2.3)
    hipchat (0.14.0)
      httparty
@@ -243,7 +243,7 @@ GEM
    httparty (0.13.0)
      json (~> 1.8)
      multi_xml (>= 0.5.2)
-    httpauth (0.2.0)
+    httpauth (0.2.1)
    i18n (0.6.11)
    ice_nine (0.10.0)
    jasmine (2.0.2)
@@ -264,7 +264,7 @@ GEM
    jquery-ui-rails (4.2.1)
      railties (>= 3.2.16)
    json (1.8.1)
-    jwt (0.1.8)
+    jwt (0.1.13)
      multi_json (>= 1.5)
    kaminari (0.15.1)
      actionpack (>= 3.0.0)
@@ -311,9 +311,9 @@ GEM
    omniauth-github (1.1.1)
      omniauth (~> 1.0)
      omniauth-oauth2 (~> 1.1)
-    omniauth-google-oauth2 (0.2.1)
-      omniauth (~> 1.0)
-      omniauth-oauth2
+    omniauth-google-oauth2 (0.2.5)
+      omniauth (> 1.0)
+      omniauth-oauth2 (~> 1.1)
    omniauth-oauth (1.0.1)
      oauth
      omniauth (~> 1.0)

--- a/VERSION
+++ b/VERSION
-7.2.0.rc4-ee
+7.2.0.rc5-ee
--- a/app/models/concerns/issuable.rb
+++ b/app/models/concerns/issuable.rb
@@ -138,6 +138,10 @@ module Issuable
    labels.order('title ASC').pluck(:title)
  end

+  def remove_labels
+    labels.delete_all
+  end
+
  def add_labels_by_names(label_names)
    label_names.each do |label_name|
      label = project.labels.create_with(

--- a/app/models/label.rb
+++ b/app/models/label.rb
@@ -6,14 +6,14 @@ class Label < ActiveRecord::Base
  has_many :issues, through: :label_links, source: :target, source_type: 'Issue'

  validates :color,
-            format: { with: /\A\#[0-9A-Fa-f]{6}+\Z/ },
+            format: { with: /\A#[0-9A-Fa-f]{6}\Z/ },
            allow_blank: false
  validates :project, presence: true

  # Don't allow '?', '&', and ',' for label titles
  validates :title,
            presence: true,
-            format: { with: /\A[^&\?,&]*\z/ },
+            format: { with: /\A[^&\?,&]+\z/ },
            uniqueness: { scope: :project_id }

  scope :order_by_name, -> { reorder("labels.title ASC") }

--- a/doc/integration/google.md
+++ b/doc/integration/google.md
@@ -13,6 +13,10 @@ To enable the Google OAuth2 OmniAuth provider you must register your application

 1. Select "APIs & auth" in the left menu.

+1. Select "APIs" in the submenu.
+    - Enable `Contacts API`
+    - Enable `Google+ API`
+
 1. Select "Credentials" in the submenu.

 1. Select "Create New Client ID".

--- a/doc/update/6.0-to-7.2.md
+++ b/doc/update/6.0-to-7.2.md
@@ -129,6 +129,12 @@ To make sure you didn't miss anything run a more thorough check with:

 If all items are green, then congratulations upgrade complete!

+## 10. Update OmniAuth configuration
+
+When using Google omniauth login, changes of the Google account required.
+Ensure that `Contacts API` and the `Google+ API` are enabled in the [Google Developers Console](https://console.developers.google.com/).
+More details can be found at the [integration documentation](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/integration/google.md).
+
 ## Things went south? Revert to previous version (6.0)

 ### 1. Revert the code to the previous version

--- a/doc/update/7.1-to-7.2.md
+++ b/doc/update/7.1-to-7.2.md
@@ -91,6 +91,12 @@ To make sure you didn't miss anything run a more thorough check with:

 If all items are green, then congratulations upgrade is complete!

+### 8. Update OmniAuth configuration
+
+When using Google omniauth login, changes of the Google account required.
+Ensure that `Contacts API` and the `Google+ API` are enabled in the [Google Developers Console](https://console.developers.google.com/).
+More details can be found at the [integration documentation](../integration/google.md).
+
 ## Things went south? Revert to previous version (7.1)

 ### 1. Revert the code to the previous version

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -114,17 +114,21 @@ module API

    # Helper method for validating all labels against its names
    def validate_label_params(params)
+      errors = {}
+
      if params[:labels].present?
        params[:labels].split(',').each do |label_name|
          label = user_project.labels.create_with(
            color: Label::DEFAULT_COLOR).find_or_initialize_by(
              title: label_name.strip)
+
          if label.invalid?
-            return true
+            errors[label.title] = label.errors
          end
        end
      end
-      false
+
+      errors
    end

    # error helpers

--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -52,8 +52,8 @@ module API
        attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id]

        # Validate label names in advance
-        if validate_label_params(params)
-          return render_api_error!('Label names invalid', 405)
+        if (errors = validate_label_params(params)).any?
+          render_api_error!({ labels: errors }, 400)
        end

        issue = ::Issues::CreateService.new(user_project, current_user, attrs).execute
@@ -90,8 +90,8 @@ module API
        attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id, :state_event]

        # Validate label names in advance
-        if validate_label_params(params)
-          return render_api_error!('Label names invalid', 405)
+        if (errors = validate_label_params(params)).any?
+          render_api_error!({ labels: errors }, 400)
        end

        issue = ::Issues::UpdateService.new(user_project, current_user, attrs).execute(issue)
@@ -99,7 +99,8 @@ module API
        if issue.valid?
          # Find or create labels and attach to issue. Labels are valid because
          # we already checked its name, so there can't be an error here
-          if params[:labels].present?
+          unless params[:labels].nil?
+            issue.remove_labels
            # Create and add labels to the new created issue
            issue.add_labels_by_names(params[:labels].split(','))
          end

--- a/spec/models/label_spec.rb
+++ b/spec/models/label_spec.rb
@@ -5,4 +5,27 @@ describe Label do
  it { label.should be_valid }

  it { should belong_to(:project) }
+
+  describe 'Validation' do
+    it 'should validate color code' do
+      build(:label, color: 'G-ITLAB').should_not be_valid
+      build(:label, color: 'AABBCC').should_not be_valid
+      build(:label, color: '#AABBCCEE').should_not be_valid
+      build(:label, color: '#GGHHII').should_not be_valid
+      build(:label, color: '#').should_not be_valid
+      build(:label, color: '').should_not be_valid
+
+      build(:label, color: '#AABBCC').should be_valid
+    end
+
+    it 'should validate title' do
+      build(:label, title: 'G,ITLAB').should_not be_valid
+      build(:label, title: 'G?ITLAB').should_not be_valid
+      build(:label, title: 'G&ITLAB').should_not be_valid
+      build(:label, title: '').should_not be_valid
+
+      build(:label, title: 'GITLAB').should be_valid
+      build(:label, title: 'gitlab').should be_valid
+    end
+  end
 end
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -73,12 +73,12 @@ describe API::API, api: true  do
      response.status.should == 400
    end

-    it 'should return 405 on invalid label names' do
+    it 'should return 400 on invalid label names' do
      post api("/projects/#{project.id}/issues", user),
           title: 'new issue',
           labels: 'label, ?'
-      response.status.should == 405
-      json_response['message'].should == 'Label names invalid'
+      response.status.should == 400
+      json_response['message']['labels']['?']['title'].should == ['is invalid']
    end
  end

@@ -97,12 +97,56 @@ describe API::API, api: true  do
      response.status.should == 404
    end

-    it 'should return 405 on invalid label names' do
+    it 'should return 400 on invalid label names' do
      put api("/projects/#{project.id}/issues/#{issue.id}", user),
          title: 'updated title',
          labels: 'label, ?'
-      response.status.should == 405
-      json_response['message'].should == 'Label names invalid'
+      response.status.should == 400
+      json_response['message']['labels']['?']['title'].should == ['is invalid']
+    end
+  end
+
+  describe 'PUT /projects/:id/issues/:issue_id to update labels' do
+    let!(:label) { create(:label, title: 'dummy', project: project) }
+    let!(:label_link) { create(:label_link, label: label, target: issue) }
+
+    it 'should not update labels if not present' do
+      put api("/projects/#{project.id}/issues/#{issue.id}", user),
+          title: 'updated title'
+      response.status.should == 200
+      json_response['labels'].should == [label.title]
+    end
+
+    it 'should remove all labels' do
+      put api("/projects/#{project.id}/issues/#{issue.id}", user),
+          labels: ''
+      response.status.should == 200
+      json_response['labels'].should == []
+    end
+
+    it 'should update labels' do
+      put api("/projects/#{project.id}/issues/#{issue.id}", user),
+          labels: 'foo,bar'
+      response.status.should == 200
+      json_response['labels'].should include 'foo'
+      json_response['labels'].should include 'bar'
+    end
+
+    it 'should return 400 on invalid label names' do
+      put api("/projects/#{project.id}/issues/#{issue.id}", user),
+          labels: 'label, ?'
+      response.status.should == 400
+      json_response['message']['labels']['?']['title'].should == ['is invalid']
+    end
+
+    it 'should allow special label names' do
+      put api("/projects/#{project.id}/issues/#{issue.id}", user),
+          labels: 'label:foo, label-bar,label_bar,label/bar'
+      response.status.should == 200
+      json_response['labels'].should include 'label:foo'
+      json_response['labels'].should include 'label-bar'
+      json_response['labels'].should include 'label_bar'
+      json_response['labels'].should include 'label/bar'
    end
  end


--- a/spec/requests/api/labels_spec.rb
+++ b/spec/requests/api/labels_spec.rb
@@ -50,6 +50,14 @@ describe API::API, api: true  do
      json_response['message'].should == 'Color is invalid'
    end

+    it 'should return 400 for too long color code' do
+      post api("/projects/#{project.id}/labels", user),
+           name: 'Foo',
+           color: '#FFAAFFFF'
+      response.status.should == 400
+      json_response['message'].should == 'Color is invalid'
+    end
+
    it 'should return 400 for invalid name' do
      post api("/projects/#{project.id}/labels", user),
           name: '?',
@@ -147,5 +155,13 @@ describe API::API, api: true  do
      response.status.should == 400
      json_response['message'].should == 'Color is invalid'
    end
+
+    it 'should return 400 for too long color code' do
+      post api("/projects/#{project.id}/labels", user),
+           name: 'Foo',
+           color: '#FFAAFFFF'
+      response.status.should == 400
+      json_response['message'].should == 'Color is invalid'
+    end
  end
 end