Merge branch 'feature-multi-ldap-servers-merge-master' into feature-multi-ldap-servers-group-sync

Conflicts:
	db/schema.rb
	lib/api/ldap.rb

.ruby-version

+2.1.3

CHANGELOG

@@ -12,9 +12,21 @@ v 7.4.0
   - API: Add support for forking a project via the API (Bernhard Kaindl)
   - API: filter project issues by milestone (Julien Bianchi)
   - Fail harder in the backup script
+  - Changes to Slack service structure, only webhook url needed
   - Zen mode for wiki and milestones (Robert Schilling)
   - Move Emoji parsing to html-pipeline-gitlab (Robert Schilling)
   - Font Awesome 4.2 integration (Sullivan Senechal)
+  - Add Pushover service integration (Sullivan Senechal)
+  - Add select field type for services options (Sullivan Senechal)
+  - Add cross-project references to the Markdown parser (Vinnie Okada)
+  - Add task lists to issue and merge request descriptions (Vinnie Okada)
+  - Snippets can be public, internal or private
+  - Improve danger zone: ask project path to confirm data-loss action
+  - Raise exception on forgery
+  - Show build coverage in Merge Requests (requires GitLab CI v5.1)
+  - New milestone and label links on issue edit form
+  - Improved repository graphs
+  - Improve event note display in dashboard and project activity views (Vinnie Okada)
 
 v 7.3.2
   - Fix creating new file via web editor

CONTRIBUTING.md

@@ -10,7 +10,7 @@ By submitting code as an individual you agree to the [individual contributor lic
 
 ## Security vulnerability disclosure
 
-Please report suspected security vulnerabilities in private to support@gitlab.com, also see the [disclosure section on the GitLab.com website](http://www.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
+Please report suspected security vulnerabilities in private to support@gitlab.com, also see the [disclosure section on the GitLab.com website](http://about.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
 
 ## Closing policy for issues and merge requests
 
@@ -22,7 +22,7 @@ Issues and merge requests should be in English and contain appropriate language
 
 ## Issue tracker
 
-To get support for your particular problem please use the channels as detailed in the [getting help section of the readme](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/README.md#getting-help). Professional [support subscriptions](http://www.gitlab.com/subscription/) and [consulting services](http://www.gitlab.com/consultancy/) are available from [GitLab.com](http://www.gitlab.com/).
+To get support for your particular problem please use the channels as detailed in the [getting help section of the readme](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/README.md#getting-help). Professional [support subscriptions](http://about.gitlab.com/subscription/) and [consulting services](http://about.gitlab.com/consultancy/) are available from [GitLab.com](http://about.gitlab.com/).
 
 The [issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues) is only for obvious errors in the latest [stable or development release of GitLab](MAINTENANCE.md). If something is wrong but it is not a regression compared to older versions of GitLab please do not open an issue but a feature request. When submitting an issue please conform to the issue submission guidelines listed below. Not all issues will be addressed and your issue is more likely to be addressed if you submit a merge request which partially or fully addresses the issue.
 

Gemfile

@@ -31,7 +31,7 @@ gem 'omniauth-shibboleth'
 
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library
-gem "gitlab_git", '7.0.0.rc8'
+gem "gitlab_git", '7.0.0.rc9'
 
 # Ruby/Rack Git Smart-HTTP Server Handler
 gem 'gitlab-grack', '~> 2.0.0.pre', require: 'grack'

Gemfile.lock

@@ -168,7 +168,7 @@ GEM
       multi_json
     gitlab-grack (2.0.0.pre)
       rack (~> 1.5.1)
-    gitlab-grit (2.6.11)
+    gitlab-grit (2.6.12)
       charlock_holmes (~> 0.6)
       diff-lcs (~> 1.1)
       mime-types (~> 1.15)
@@ -179,7 +179,7 @@ GEM
       mime-types (~> 1.19)
     gitlab_emoji (0.0.1.1)
       emoji (~> 1.0.1)
-    gitlab_git (7.0.0.rc8)
+    gitlab_git (7.0.0.rc9)
       activesupport (~> 4.0)
       charlock_holmes (~> 0.6)
       gitlab-linguist (~> 3.0)
@@ -241,9 +241,11 @@ GEM
     html-pipeline (1.11.0)
       activesupport (>= 2)
       nokogiri (~> 1.4)
-    html-pipeline-gitlab (0.1.0)
-      gitlab_emoji (~> 0.0.1.1)
+    html-pipeline-gitlab (0.1.5)
+      actionpack (~> 4)
+      gitlab_emoji (~> 0.0.1)
       html-pipeline (~> 1.11.0)
+      sanitize (~> 2.1)
     http_parser.rb (0.5.3)
     httparty (0.13.0)
       json (~> 1.8)
@@ -622,7 +624,7 @@ DEPENDENCIES
   gitlab-grack (~> 2.0.0.pre)
   gitlab-linguist (~> 3.0.0)
   gitlab_emoji (~> 0.0.1.1)
-  gitlab_git (= 7.0.0.rc8)
+  gitlab_git (= 7.0.0.rc9)
   gitlab_meta (= 7.0)
   gitlab_omniauth-ldap (= 1.1.0)
   gollum-lib (~> 3.0.0)

PROCESS.md

@@ -18,7 +18,7 @@ Below we describe the contributing process to GitLab for two reasons. So that co
 - Responds to merge requests the issue team mentions them in and monitors for new merge requests
 - Provides feedback to the merge request submitter to improve the merge request (style, tests, etc.)
 - Mark merge requests 'ready-for-merge' when they meet the contribution guidelines
-- Mention developer(s) based on the [list of members and their specialities](https://www.gitlab.com/core-team/)
+- Mention developer(s) based on the [list of members and their specialities](https://about.gitlab.com/core-team/)
 - Closes merge requests with no feedback from the reporter for two weeks
 
 ## Priorities of the issue team
@@ -30,7 +30,7 @@ Below we describe the contributing process to GitLab for two reasons. So that co
 
 ## Mentioning people
 
-The most important thing is making sure valid issues receive feedback from the development team. Therefore the priority is mentioning developers that can help on those issue. Please select someone with relevant experience from [GitLab core team](https://www.gitlab.com/core-team/). If there is nobody mentioned with that expertise look in the commit history for the affected files to find someone. Avoid mentioning the lead developer, this is the person that is least likely to give a timely response. If the involvement of the lead developer is needed the other core team members will mention this person.
+The most important thing is making sure valid issues receive feedback from the development team. Therefore the priority is mentioning developers that can help on those issue. Please select someone with relevant experience from [GitLab core team](https://about.gitlab.com/core-team/). If there is nobody mentioned with that expertise look in the commit history for the affected files to find someone. Avoid mentioning the lead developer, this is the person that is least likely to give a timely response. If the involvement of the lead developer is needed the other core team members will mention this person.
 
 ## Workflow labels
 
@@ -79,7 +79,7 @@ Thanks for the issue report but we only support issues for the latest stable ver
 
 ### Support requests and configuration questions
 
-Thanks for your interest in GitLab. We don't use the issue tracker for support requests and configuration questions. Please use the \[support forum\]\(https://groups.google.com/forum/#!forum/gitlabhq), \[Stack Overflow\]\(http://stackoverflow.com/questions/tagged/gitlab), the #gitlab IRC channel on Freenode or the http://www.gitlab.com paid services for this purpose. Have a look at the \[contribution guidelines\]\(https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md) for more information.
+Thanks for your interest in GitLab. We don't use the issue tracker for support requests and configuration questions. Please use the \[support forum\]\(https://groups.google.com/forum/#!forum/gitlabhq), \[Stack Overflow\]\(http://stackoverflow.com/questions/tagged/gitlab), the #gitlab IRC channel on Freenode or the http://about.gitlab.com paid services for this purpose. Have a look at the \[contribution guidelines\]\(https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md) for more information.
 
 ### Code format
 

app/assets/javascripts/application.js.coffee

@@ -177,6 +177,13 @@ $ ->
     $(@).closest(".diff-file").find(".notes_holder").toggle()
     e.preventDefault()
 
+  $(document).on "click", '.js-confirm-danger', (e) ->
+    e.preventDefault()
+    btn = $(e.target)
+    text = btn.data("confirm-danger-message")
+    form = btn.closest("form")
+    new ConfirmDangerModal(form, text)
+
 (($) ->
   # Disable an element and add the 'disabled' Bootstrap class
   $.fn.extend disable: ->

app/assets/javascripts/behaviors/taskable.js.coffee

+window.updateTaskState = (taskableType) ->
+  objType = taskableType.data
+  isChecked = $(this).prop("checked")
+  if $(this).is(":checked")
+    stateEvent = "task_check"
+  else
+    stateEvent = "task_uncheck"
+
+  taskableUrl = $("form.edit-" + objType).first().attr("action")
+  taskableNum = taskableUrl.match(/\d+$/)
+  taskNum = 0
+  $("li.task-list-item input:checkbox").each( (index, e) =>
+    if e == this
+      taskNum = index + 1
+  )
+
+  $.ajax
+    type: "PATCH"
+    url: taskableUrl
+    data: objType + "[state_event]=" + stateEvent +
+      "&" + objType + "[task_num]=" + taskNum

app/assets/javascripts/confirm_danger_modal.js.coffee

+class ConfirmDangerModal
+  constructor: (form, text) ->
+    @form = form
+    $('.js-confirm-text').text(text || '')
+    $('.js-confirm-danger-input').val('')
+    $('#modal-confirm-danger').modal('show')
+    project_path = $('.js-confirm-danger-match').text()
+    submit = $('.js-confirm-danger-submit')
+    submit.disable()
+
+    $('.js-confirm-danger-input').on 'input', ->
+      if rstrip($(@).val()) is project_path
+        submit.enable()
+      else
+        submit.disable()
+
+    $('.js-confirm-danger-submit').on 'click', =>
+      @form.submit()
+
+@ConfirmDangerModal = ConfirmDangerModal

app/assets/javascripts/issue.js.coffee

@@ -6,4 +6,14 @@ class Issue
     $(".issue-box .inline-update").on "change", "#issue_assignee_id", ->
       $(this).submit()
 
+    if $("a.btn-close").length
+      $("li.task-list-item input:checkbox").prop("disabled", false)
+
+    $(".task-list-item input:checkbox").on(
+      "click"
+      null
+      "issue"
+      updateTaskState
+    )
+
 @Issue = Issue

app/assets/javascripts/merge_request.js.coffee

@@ -17,6 +17,8 @@ class MergeRequest
 
     disableButtonIfEmptyField '#commit_message', '.accept_merge_request'
 
+    if $("a.btn-close").length
+      $("li.task-list-item input:checkbox").prop("disabled", false)
 
   # Local jQuery finder
   $: (selector) ->
@@ -72,6 +74,13 @@ class MergeRequest
       this.$('.remove_source_branch_in_progress').hide()
       this.$('.remove_source_branch_widget.failed').show()
 
+    $(".task-list-item input:checkbox").on(
+      "click"
+      null
+      "merge_request"
+      updateTaskState
+    )
+
   activateTab: (action) ->
     this.$('.merge-request-tabs li').removeClass 'active'
     this.$('.tab-content').hide()
@@ -96,14 +105,6 @@ class MergeRequest
     else
       $('.ci_widget.ci-error').show()
 
-    switch state
-      when "success"
-        $('.mr-state-widget').addClass("panel-success")
-      when "failed"
-        $('.mr-state-widget').addClass("panel-danger")
-      when "running", "pending"
-        $('.mr-state-widget').addClass("panel-warning")
-
   showCiCoverage: (coverage) ->
     cov_html = $('<span>')
     cov_html.addClass('ci-coverage')

app/assets/stylesheets/generic/common.scss

@@ -365,3 +365,6 @@ table {
   font-size: 42px;
 }
 
+.task-status {
+  margin-left: 10px;
+}

app/assets/stylesheets/generic/issue_box.scss

@@ -10,8 +10,7 @@
 .issue-box {
   color: #555;
   margin:20px 0;
-  background: #f9f9f9;
-  border-top-left-radius: 5px;
+  background: $box_bg;
   @include box-shadow(0 1px 1px rgba(0, 0, 0, 0.09));
 
   &.issue-box-closed {
@@ -112,7 +111,6 @@
     float: left;
     font-weight: bold;
     padding: 10px 15px;
-    border-top-left-radius: 5px;
   }
 
   .creator {

app/assets/stylesheets/generic/lists.scss

@@ -122,3 +122,7 @@ ul.bordered-list {
     }
   }
 }
+
+li.task-list-item {
+  list-style-type: none;
+}

app/assets/stylesheets/gl_bootstrap.scss

@@ -233,8 +233,8 @@ $list-group-active-bg: $bg_primary;
     }
 
     .form-actions {
-      margin-bottom: 0;
-      background: #FFF;
+      margin: -15px;
+      margin-top: 18px;
     }
   }
 
@@ -262,53 +262,33 @@ $list-group-active-bg: $bg_primary;
 }
 
 .panel-danger {
-  border-color: $border_danger;
+  @include panel-colored;
   .panel-heading {
-    color: #ffffff;
-    background-color: $bg_danger;
+    color: $border_danger;
     border-color: $border_danger;
-    a {
-      color: #FFF;
-      text-decoration: underline;
-    }
   }
 }
 
 .panel-success {
-  border-color: $border_success;
+  @include panel-colored;
   .panel-heading {
-    color: #ffffff;
-    background-color: $bg_success;
+    color: $border_success;
     border-color: $border_success;
-    a {
-      color: #FFF;
-      text-decoration: underline;
-    }
   }
 }
 
 .panel-primary {
-  border-color: $border_primary;
+  @include panel-colored;
   .panel-heading {
-    color: #ffffff;
-    background-color: $bg_primary;
+    color: $border_primary;
     border-color: $border_primary;
-    a {
-      color: #FFF;
-      text-decoration: underline;
-    }
   }
 }
 
 .panel-warning {
-  border-color: $border_warning;
+  @include panel-colored;
   .panel-heading {
-    color: #ffffff;
-    background-color: $bg_warning;
+    color: $border_warning;
     border-color: $border_warning;
-    a {
-      color: #FFF;
-      text-decoration: underline;
-    }
   }
 }

app/assets/stylesheets/main/mixins.scss

@@ -132,3 +132,14 @@
   white-space: nowrap;
   max-width: $max_width;
 }
+
+@mixin panel-colored {
+  border: none;
+  background: $box_bg;
+  @include box-shadow(0 1px 1px rgba(0, 0, 0, 0.09));
+
+  .panel-heading {
+    font-weight: bold;
+    background-color: $box_bg;
+  }
+}

app/assets/stylesheets/main/variables.scss

@@ -3,6 +3,7 @@
  */
 $style_color: #474D57;
 $hover: #FFECDB;
+$box_bg: #F9F9F9;
 
 /*
  * Link colors

app/assets/stylesheets/sections/merge_requests.scss

@@ -104,7 +104,44 @@
 }
 
 .mr-state-widget {
-  .panel-body {
+  background: $box_bg;
+  margin-bottom: 20px;
+  @include box-shadow(0 1px 1px rgba(0, 0, 0, 0.09));
+
+  .ci_widget {
+    padding: 10px 15px;
+    font-size: 15px;
+    border-bottom: 1px dashed #AAA;
+
+    &.ci-success {
+      color: $bg_success;
+      border-color: $border_success;
+    }
+
+    &.ci-pending {
+      color: #548;
+      border-color: #548;
+    }
+
+    &.ci-running {
+      color: $bg_warning;
+      border-color: $border_warning;
+    }
+
+    &.ci-failed {
+      color: $bg_danger;
+      border-color: $border_danger;
+    }
+
+    &.ci-error {
+      color: $bg_danger;
+      border-color: $border_danger;
+    }
+  }
+
+  .mr-widget-body {
+    padding: 10px 15px;
+
     h4 {
       margin-top: 0px;
     }
@@ -114,6 +151,11 @@
     }
   }
 
+  .mr-widget-footer {
+    padding: 10px 15px;
+    border-top: 1px solid #EEE;
+  }
+
   .ci-coverage {
     float: right;
   }

app/assets/stylesheets/sections/nav.scss

@@ -8,8 +8,6 @@
   ul {
     padding: 0;
     margin: auto;
-    height: 40px;
-    overflow: hidden;
     .count {
       font-weight: normal;
       display: inline-block;
@@ -37,53 +35,28 @@
         a {
           color: $link_color;
           font-weight: bold;
-          &:after {
-            content: '';
-            display: block;
-            position: relative;
-            bottom: -1px;
-            border-color: $link_color;
-            border-style: solid;
-            border-width: 2px;
-          }
+          border-bottom: 3px solid $link_color;
         }
       }
 
       &:hover {
         a {
           color: $link_hover_color;
-          &:after {
-            content: '';
-            display: block;
-            position: relative;
-            bottom: -1px;
-            border-color: $link_hover_color;
-            border-style: solid;
-            border-width: 2px;
-          }
-        }
-      }
-
-      &.home {
-        a {
-          i {
-            font-size: 20px;
-            position: relative;
-            top: 4px;
-          }
+          border-bottom: 3px solid $link_hover_color;
         }
       }
     }
     a {
       display: block;
       text-align: center;
-      font-weight: 500;
-      height: 38px;
-      line-height: 34px;
+      font-weight: bold;
+      height: 42px;
+      line-height: 39px;
       color: #777;
       text-shadow: 0 1px 1px white;
       text-decoration: none;
-      padding-top: 2px;
+      overflow: hidden;
+      margin-bottom: -1px;
     }
   }
 

app/controllers/admin/users_controller.rb

@@ -4,6 +4,7 @@ class Admin::UsersController < Admin::ApplicationController
   def index
     @users = User.filter(params[:filter])
     @users = @users.search(params[:name]) if params[:name].present?
+    @users = @users.sort(@sort = params[:sort])
     @users = @users.alphabetically.page(params[:page])
   end
 

app/controllers/application_controller.rb

@@ -13,7 +13,7 @@ class ApplicationController < ActionController::Base
   before_filter :configure_permitted_parameters, if: :devise_controller?
   before_filter :require_email, unless: :devise_controller?
 
-  protect_from_forgery
+  protect_from_forgery with: :exception
 
   helper_method :abilities, :can?
 

app/controllers/omniauth_callbacks_controller.rb

@@ -32,10 +32,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
     end
   end
 
-  Gitlab.config.ldap.servers.each do |server|
-    alias_method server.provider_name, :ldap
-  end
-
   def omniauth_error
     @provider = params[:provider]
     @error = params[:error]

app/controllers/projects/commits_controller.rb

@@ -17,7 +17,7 @@ class Projects::CommitsController < Projects::ApplicationController
         group(:commit_id).count
 
     respond_to do |format|
-      format.html # index.html.erb
+      format.html
       format.json { pager_json("projects/commits/_commits", @commits.size) }
       format.atom { render layout: false }
     end

app/controllers/projects/issues_controller.rb

@@ -152,7 +152,7 @@ class Projects::IssuesController < Projects::ApplicationController
   def issue_params
     params.require(:issue).permit(
       :title, :assignee_id, :position, :description,
-      :milestone_id, :state_event, label_ids: []
+      :milestone_id, :state_event, :task_num, label_ids: []
     )
   end
 end

app/controllers/projects/merge_requests_controller.rb

@@ -250,7 +250,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     params.require(:merge_request).permit(
       :title, :assignee_id, :source_project_id, :source_branch,
       :target_project_id, :target_branch, :milestone_id,
-      :state_event, :description, label_ids: []
+      :state_event, :description, :task_num, label_ids: []
     )
   end
 end

app/controllers/projects/services_controller.rb

@@ -40,7 +40,8 @@ class Projects::ServicesController < Projects::ApplicationController
   def service_params
     params.require(:service).permit(
       :title, :token, :type, :active, :api_key, :subdomain,
-      :room, :recipients, :project_url, :username, :password, :api_version
+      :room, :recipients, :project_url, :webhook, :username, :password, :api_version,
+      :user_key, :device, :priority, :sound
     )
   end
 end

app/controllers/projects/snippets_controller.rb

@@ -17,7 +17,10 @@ class Projects::SnippetsController < Projects::ApplicationController
   respond_to :html
 
   def index
-    @snippets = @project.snippets.fresh.non_expired
+    @snippets = SnippetsFinder.new.execute(current_user, {
+      filter: :by_project,
+      project: @project
+    })
   end
 
   def new
@@ -88,6 +91,6 @@ class Projects::SnippetsController < Projects::ApplicationController
   end
 
   def snippet_params
-    params.require(:project_snippet).permit(:title, :content, :file_name, :private)
+    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
   end
 end

app/controllers/sessions_controller.rb

@@ -19,7 +19,7 @@ class SessionsController < Devise::SessionsController
     end
 
     if Gitlab.config.ldap.enabled
-      @ldap_servers = Gitlab.config.ldap.servers
+      @ldap_servers = Gitlab::LDAP::Config.servers
     end
 
     super

app/controllers/snippets_controller.rb

@@ -9,12 +9,14 @@ class SnippetsController < ApplicationController
 
   before_filter :set_title
 
+  skip_before_filter :authenticate_user!, only: [:index, :user_index]
+
   respond_to :html
 
-  layout 'navless'
+  layout :determine_layout
 
   def index
-    @snippets = Snippet.are_public.fresh.non_expired.page(params[:page]).per(20)
+    @snippets = SnippetsFinder.new.execute(current_user, filter: :all).page(params[:page]).per(20)
   end
 
   def user_index
@@ -22,22 +24,11 @@ class SnippetsController < ApplicationController
 
     render_404 and return unless @user
 
-    @snippets = @user.snippets.fresh.non_expired
-
-    if @user == current_user
-      @snippets = case params[:scope]
-                  when 'are_public' then
-                    @snippets.are_public
-                  when 'are_private' then
-                    @snippets.are_private
-                  else
-                    @snippets
-                  end
-    else
-      @snippets = @snippets.are_public
-    end
-
-    @snippets = @snippets.page(params[:page]).per(20)
+    @snippets = SnippetsFinder.new.execute(current_user, {
+      filter: :by_user,
+      user: @user,
+      scope: params[:scope]}).
+    page(params[:page]).per(20)
 
     if @user == current_user
       render 'current_user_index'
@@ -95,7 +86,14 @@ class SnippetsController < ApplicationController
   protected
 
   def snippet
-    @snippet ||= PersonalSnippet.where('author_id = :user_id or private is false', user_id: current_user.id).find(params[:id])
+    @snippet ||= if current_user
+                   PersonalSnippet.where("author_id = ? OR visibility_level IN (?)",
+                     current_user.id,
+                     [Snippet::PUBLIC, Snippet::INTERNAL]).
+                     find(params[:id])
+                 else
+                   PersonalSnippet.are_public.find(params[:id])
+                 end
   end
 
   def authorize_modify_snippet!
@@ -111,6 +109,10 @@ class SnippetsController < ApplicationController
   end
 
   def snippet_params
-    params.require(:personal_snippet).permit(:title, :content, :file_name, :private)
+    params.require(:personal_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
+  end
+
+  def determine_layout
+    current_user ? 'navless' : 'public_users'
   end
 end

app/finders/README.md

 # Finders
 
-This type of classes responsible for collectiong items based on different conditions.
+This type of classes responsible for collection items based on different conditions.
 To prevent lookup methods in models like this:
 
 ```ruby
@@ -19,4 +19,4 @@ Better use this:
 issues = IssuesFinder.new.execute(project, user, filter)
 ```
 
-It will help keep models thiner
+It will help keep models thiner.

app/finders/snippets_finder.rb

+class SnippetsFinder
+  def execute(current_user, params = {})
+    filter = params[:filter]
+
+    case filter
+    when :all then
+      snippets(current_user).fresh.non_expired
+    when :by_user then
+      by_user(current_user, params[:user], params[:scope])
+    when :by_project
+      by_project(current_user, params[:project])
+    end
+  end
+
+  private
+
+  def snippets(current_user)
+    if current_user
+      Snippet.public_and_internal
+    else
+      # Not authenticated
+      #
+      # Return only:
+      #   public snippets
+      Snippet.are_public
+    end
+  end
+
+  def by_user(current_user, user, scope)
+    snippets = user.snippets.fresh.non_expired
+
+    if user == current_user
+      case scope
+      when 'are_internal' then
+        snippets.are_internal
+      when 'are_private' then
+        snippets.are_private
+      when 'are_public' then
+        snippets.are_public
+      else
+       snippets
+      end
+    else
+      snippets.public_and_internal
+    end
+  end
+
+  def by_project(current_user, project)
+    snippets = project.snippets.fresh.non_expired
+
+    if current_user
+      if project.team.member?(current_user.id)
+        snippets
+      else
+        snippets.public_and_internal
+      end
+    else
+      snippets.are_public
+    end
+  end
+end

app/helpers/application_helper.rb

@@ -259,4 +259,16 @@ module ApplicationHelper
 
     super
   end
+
+  def escaped_autolink(text)
+    auto_link ERB::Util.html_escape(text), link: :urls
+  end
+
+  def promo_host
+    'about.gitlab.com'
+  end
+
+  def promo_url
+    'https://' + promo_host
+  end
 end

app/helpers/commits_helper.rb

@@ -120,4 +120,8 @@ module CommitsHelper
                                        class: 'commit-short-id')
     end
   end
+
+  def truncate_sha(sha)
+    Commit.truncate_sha(sha)
+  end
 end

app/helpers/dashboard_helper.rb

@@ -37,40 +37,31 @@ module DashboardHelper
   end
 
   def assigned_entities_count(current_user, entity, scope = nil)
-    items = current_user.send("assigned_" + entity.pluralize).opened
-
-    if scope.kind_of?(Group)
-      items = items.of_group(scope)
-    elsif scope.kind_of?(Project)
-      items = items.of_projects(scope)
-    end
-
-    items.count
+    items = current_user.send('assigned_' + entity.pluralize)
+    get_count(items, scope)
   end
 
   def authored_entities_count(current_user, entity, scope = nil)
-    items = current_user.send(entity.pluralize).opened
-
-    if scope.kind_of?(Group)
-      items = items.of_group(scope)
-    elsif scope.kind_of?(Project)
-      items = items.of_projects(scope)
+    items = current_user.send(entity.pluralize)
+    get_count(items, scope)
   end
 
-    items.count
+  def authorized_entities_count(current_user, entity, scope = nil)
+    items = entity.classify.constantize
+    get_count(items, scope, true, current_user)
   end
 
-  def authorized_entities_count(current_user, entity, scope = nil)
-    items = entity.classify.constantize.opened
+  protected
 
+  def get_count(items, scope, get_authorized = false, current_user = nil)
+    items = items.opened
     if scope.kind_of?(Group)
       items = items.of_group(scope)
     elsif scope.kind_of?(Project)
       items = items.of_projects(scope)
-    else
+    elsif get_authorized
       items = items.of_projects(current_user.authorized_projects)
     end
-
     items.count
   end
 end

app/helpers/events_helper.rb

@@ -136,9 +136,8 @@ module EventsHelper
   end
 
   def event_note(text)
-    text = first_line_in_markdown(text)
-    text = truncate(text, length: 150)
-    sanitize(markdown(text), tags: %w(a img b pre p))
+    text = first_line_in_markdown(text, 150)
+    sanitize(text, tags: %w(a img b pre code p))
   end
 
   def event_commit_title(message)

app/helpers/gitlab_markdown_helper.rb

@@ -51,12 +51,14 @@ module GitlabMarkdownHelper
     @markdown.render(text).html_safe
   end
 
-  def first_line_in_markdown(text)
-    line = text.split("\n").detect do |i|
-      i.present? && markdown(i).present?
-    end
-    line += '...' unless line.nil?
-    line
+  # Return the first line of +text+, up to +max_chars+, after parsing the line
+  # as Markdown.  HTML tags in the parsed output are not counted toward the
+  # +max_chars+ limit.  If the length limit falls within a tag's contents, then
+  # the tag contents are truncated without removing the closing tag.
+  def first_line_in_markdown(text, max_chars = nil)
+    md = markdown(text).strip
+
+    truncate_visible(md, max_chars || md.length) if md.present?
   end
 
   def render_wiki_content(wiki_page)
@@ -204,4 +206,52 @@ module GitlabMarkdownHelper
   def correct_ref
     @ref ? @ref : "master"
   end
+
+  private
+
+  # Return +text+, truncated to +max_chars+ characters, excluding any HTML
+  # tags.
+  def truncate_visible(text, max_chars)
+    doc = Nokogiri::HTML.fragment(text)
+    content_length = 0
+    truncated = false
+
+    doc.traverse do |node|
+      if node.text? || node.content.empty?
+        if truncated
+          node.remove
+          next
+        end
+
+        # Handle line breaks within a node
+        if node.content.strip.lines.length > 1
+          node.content = "#{node.content.lines.first.chomp}..."
+          truncated = true
+        end
+
+        num_remaining = max_chars - content_length
+        if node.content.length > num_remaining
+          node.content = node.content.truncate(num_remaining)
+          truncated = true
+        end
+        content_length += node.content.length
+      end
+
+      truncated = truncate_if_block(node, truncated)
+    end
+
+    doc.to_html
+  end
+
+  # Used by #truncate_visible.  If +node+ is the first block element, and the
+  # text hasn't already been truncated, then append "..." to the node contents
+  # and return true.  Otherwise return false.
+  def truncate_if_block(node, truncated)
+    if node.element? && node.description.block? && !truncated
+      node.content = "#{node.content}..." if node.next_sibling
+      true
+    else
+      truncated
+    end
+  end
 end

app/helpers/merge_requests_helper.rb

@@ -19,8 +19,7 @@ module MergeRequestsHelper
       source_project_id: event.project.id,
       target_project_id: target_project.id,
       source_branch: event.branch_name,
-      target_branch: target_project.repository.root_ref,
-      title: event.branch_name.titleize.humanize
+      target_branch: target_project.repository.root_ref
     }
   end
 

app/helpers/projects_helper.rb

@@ -56,6 +56,10 @@ module ProjectsHelper
     "You are going to remove #{project.name_with_namespace}.\n Removed project CANNOT be restored!\n Are you ABSOLUTELY sure?"
   end
 
+  def transfer_project_message(project)
+    "You are going to transfer #{project.name_with_namespace} to another owner. Are you ABSOLUTELY sure?"
+  end
+
   def project_nav_tabs
     @nav_tabs ||= get_project_nav_tabs(@project, current_user)
   end
@@ -128,9 +132,9 @@ module ProjectsHelper
 
     toggle_html = content_tag('span', class: 'toggle') do
       toggle_text = if starred
-                      'Unstar'
+                      ' Unstar'
                     else
-                      'Star'
+                      ' Star'
                     end
 
       content_tag('i', ' ', class: 'fa fa-star') + toggle_text

app/helpers/tree_helper.rb

@@ -90,7 +90,7 @@ module TreeHelper
   end
 
   def editing_preview_title(filename)
-    if gitlab_markdown?(filename) || markup?(filename)
+    if Gitlab::MarkdownHelper.previewable?(filename)
       'Preview'
     else
       'Diff'

app/helpers/visibility_level_helper.rb

@@ -28,6 +28,23 @@ module VisibilityLevelHelper
     end
   end
 
+  def snippet_visibility_level_description(level)
+    capture_haml do
+      haml_tag :span do
+        case level
+        when Gitlab::VisibilityLevel::PRIVATE
+          haml_concat "The snippet is visible only for me"
+        when Gitlab::VisibilityLevel::INTERNAL
+          haml_concat "The snippet is visible for any logged in user."
+        when Gitlab::VisibilityLevel::PUBLIC
+          haml_concat "The snippet can be accessed"
+          haml_concat "without any"
+          haml_concat "authentication."
+        end
+      end
+    end
+  end
+
   def visibility_level_icon(level)
     case level
     when Gitlab::VisibilityLevel::PRIVATE

app/models/commit.rb

@@ -19,13 +19,24 @@ class Commit
 
   class << self
     def decorate(commits)
-      commits.map { |c| self.new(c) }
+      commits.map do |commit|
+        if commit.kind_of?(Commit)
+          commit
+        else
+          self.new(commit)
+        end
+      end
     end
 
     # Calculate number of lines to render for diffs
     def diff_line_count(diffs)
       diffs.reduce(0) { |sum, d| sum + d.diff.lines.count }
     end
+
+    # Truncate sha to 8 characters
+    def truncate_sha(sha)
+      sha[0..7]
+    end
   end
 
   attr_accessor :raw
@@ -111,7 +122,7 @@ class Commit
 
   # Mentionable override.
   def gfm_reference
-    "commit #{sha[0..5]}"
+    "commit #{id}"
   end
 
   def method_missing(m, *args, &block)
@@ -124,6 +135,11 @@ class Commit
     super
   end
 
+  # Truncate sha to 8 characters
+  def short_id
+    @raw.short_id(7)
+  end
+
   def parents
     @parents ||= Commit.decorate(super)
   end

app/models/concerns/mentionable.rb

@@ -67,9 +67,10 @@ module Mentionable
   def references(p = project, text = mentionable_text)
     return [] if text.blank?
     ext = Gitlab::ReferenceExtractor.new
-    ext.analyze(text)
-    issues = ext.issues_for(p).select { |issue| issue.is_a?(Issue) }
-    (issues + ext.merge_requests_for(p) + ext.commits_for(p)).uniq - [local_reference]
+    ext.analyze(text, p)
+    (ext.issues_for +
+     ext.merge_requests_for +
+     ext.commits_for).uniq - [local_reference]
   end
 
   # Create a cross-reference Note for each GFM reference to another Mentionable found in +mentionable_text+.

app/models/concerns/taskable.rb

+# Contains functionality for objects that can have task lists in their
+# descriptions.  Task list items can be added with Markdown like "* [x] Fix
+# bugs".
+#
+# Used by MergeRequest and Issue
+module Taskable
+  TASK_PATTERN_MD = /^(?<bullet> *[*-] *)\[(?<checked>[ xX])\]/.freeze
+  TASK_PATTERN_HTML = /^<li>\[(?<checked>[ xX])\]/.freeze
+
+  # Change the state of a task list item for this Taskable.  Edit the object's
+  # description by finding the nth task item and changing its checkbox
+  # placeholder to "[x]" if +checked+ is true, or "[ ]" if it's false.
+  # Note: task numbering starts with 1
+  def update_nth_task(n, checked)
+    index = 0
+    check_char = checked ? 'x' : ' '
+
+    # Do this instead of using #gsub! so that ActiveRecord detects that a field
+    # has changed.
+    self.description = self.description.gsub(TASK_PATTERN_MD) do |match|
+      index += 1
+      case index
+      when n then "#{$LAST_MATCH_INFO[:bullet]}[#{check_char}]"
+      else match
+      end
+    end
+
+    save
+  end
+
+  # Return true if this object's description has any task list items.
+  def tasks?
+    description && description.match(TASK_PATTERN_MD)
+  end
+
+  # Return a string that describes the current state of this Taskable's task
+  # list items, e.g. "20 tasks (12 done, 8 unfinished)"
+  def task_status
+    return nil unless description
+
+    num_tasks = 0
+    num_done = 0
+
+    description.scan(TASK_PATTERN_MD) do
+      num_tasks += 1
+      num_done += 1 unless $LAST_MATCH_INFO[:checked] == ' '
+    end
+
+    "#{num_tasks} tasks (#{num_done} done, #{num_tasks - num_done} unfinished)"
+  end
+end

app/models/event.rb

@@ -266,7 +266,7 @@ class Event < ActiveRecord::Base
   end
 
   def note_short_commit_id
-    note_commit_id[0..8]
+    Commit.truncate_sha(note_commit_id)
   end
 
   def note_commit?

app/models/issue.rb

@@ -23,6 +23,7 @@ require 'file_size_validator'
 class Issue < ActiveRecord::Base
   include Issuable
   include InternalId
+  include Taskable
 
   ActsAsTaggableOn.strict_case_match = true
 

app/models/member.rb

+# == Schema Information
+#
+# Table name: members
+#
+#  id                 :integer          not null, primary key
+#  access_level       :integer          not null
+#  source_id          :integer          not null
+#  source_type        :string(255)      not null
+#  user_id            :integer          not null
+#  notification_level :integer          not null
+#  type               :string(255)
+#  created_at         :datetime
+#  updated_at         :datetime
+#
+
 class Member < ActiveRecord::Base
   include Notifiable
   include Gitlab::Access

app/models/members/group_member.rb

+# == Schema Information
+#
+# Table name: members
+#
+#  id                 :integer          not null, primary key
+#  access_level       :integer          not null
+#  source_id          :integer          not null
+#  source_type        :string(255)      not null
+#  user_id            :integer          not null
+#  notification_level :integer          not null
+#  type               :string(255)
+#  created_at         :datetime
+#  updated_at         :datetime
+#
+
 class GroupMember < Member
   SOURCE_TYPE = 'Namespace'
 

app/models/members/project_member.rb

+# == Schema Information
+#
+# Table name: members
+#
+#  id                 :integer          not null, primary key
+#  access_level       :integer          not null
+#  source_id          :integer          not null
+#  source_type        :string(255)      not null
+#  user_id            :integer          not null
+#  notification_level :integer          not null
+#  type               :string(255)
+#  created_at         :datetime
+#  updated_at         :datetime
+#
+
 class ProjectMember < Member
   SOURCE_TYPE = 'Project'
 

app/models/merge_request.rb

@@ -25,6 +25,7 @@ require Rails.root.join("lib/static_model")
 
 class MergeRequest < ActiveRecord::Base
   include Issuable
+  include Taskable
   include InternalId
 
   belongs_to :target_project, foreign_key: :target_project_id, class_name: "Project"

app/models/merge_request_diff.rb

@@ -55,7 +55,7 @@ class MergeRequestDiff < ActiveRecord::Base
   end
 
   def last_commit_short_sha
-    @last_commit_short_sha ||= last_commit.sha[0..10]
+    @last_commit_short_sha ||= last_commit.short_id
   end
 
   private

app/models/note.rb

@@ -47,7 +47,7 @@ class Note < ActiveRecord::Base
   scope :for_commit_id, ->(commit_id) { where(noteable_type: "Commit", commit_id: commit_id) }
   scope :inline, ->{ where("line_code IS NOT NULL") }
   scope :not_inline, ->{ where(line_code: [nil, '']) }
-
+  scope :system, ->{ where(system: true) }
   scope :common, ->{ where(noteable_type: ["", nil]) }
   scope :fresh, ->{ order("created_at ASC, id ASC") }
   scope :inc_author_project, ->{ includes(:project, :author) }
@@ -70,13 +70,17 @@ class Note < ActiveRecord::Base
       )
     end
 
-    # +noteable+ was referenced from +mentioner+, by including GFM in either +mentioner+'s description or an associated Note.
-    # Create a system Note associated with +noteable+ with a GFM back-reference to +mentioner+.
+    # +noteable+ was referenced from +mentioner+, by including GFM in either
+    # +mentioner+'s description or an associated Note.
+    # Create a system Note associated with +noteable+ with a GFM back-reference
+    # to +mentioner+.
     def create_cross_reference_note(noteable, mentioner, author, project)
+      gfm_reference = mentioner_gfm_ref(noteable, mentioner, project)
+
       note_options = {
         project: project,
         author: author,
-        note: "_mentioned in #{mentioner.gfm_reference}_",
+        note: "_mentioned in #{gfm_reference}_",
         system: true
       }
 
@@ -163,12 +167,78 @@ class Note < ActiveRecord::Base
 
     # Determine whether or not a cross-reference note already exists.
     def cross_reference_exists?(noteable, mentioner)
-      where(noteable_id: noteable.id, system: true, note: "_mentioned in #{mentioner.gfm_reference}_").any?
+      gfm_reference = mentioner_gfm_ref(noteable, mentioner)
+      notes = if noteable.is_a?(Commit)
+                where(commit_id: noteable.id)
+              else
+                where(noteable_id: noteable.id)
+              end
+
+      notes.where('note like ?', "_mentioned in #{gfm_reference}_").
+        system.any?
     end
 
     def search(query)
       where("note like :query", query: "%#{query}%")
     end
+
+    private
+
+    # Prepend the mentioner's namespaced project path to the GFM reference for
+    # cross-project references.  For same-project references, return the
+    # unmodified GFM reference.
+    def mentioner_gfm_ref(noteable, mentioner, project = nil)
+      if mentioner.is_a?(Commit)
+        if project.nil?
+          return mentioner.gfm_reference.sub('commit ', 'commit %')
+        else
+          mentioning_project = project
+        end
+      else
+        mentioning_project = mentioner.project
+      end
+
+      noteable_project_id = noteable_project_id(noteable, mentioning_project)
+
+      full_gfm_reference(mentioning_project, noteable_project_id, mentioner)
+    end
+
+    # Return the ID of the project that +noteable+ belongs to, or nil if
+    # +noteable+ is a commit and is not part of the project that owns
+    # +mentioner+.
+    def noteable_project_id(noteable, mentioning_project)
+      if noteable.is_a?(Commit)
+        if mentioning_project.repository.commit(noteable.id)
+          # The noteable commit belongs to the mentioner's project
+          mentioning_project.id
+        else
+          nil
+        end
+      else
+        noteable.project.id
+      end
+    end
+
+    # Return the +mentioner+ GFM reference.  If the mentioner and noteable
+    # projects are not the same, add the mentioning project's path to the
+    # returned value.
+    def full_gfm_reference(mentioning_project, noteable_project_id, mentioner)
+      if mentioning_project.id == noteable_project_id
+        mentioner.gfm_reference
+      else
+        if mentioner.is_a?(Commit)
+          mentioner.gfm_reference.sub(
+            /(commit )/,
+            "\\1#{mentioning_project.path_with_namespace}@"
+          )
+        else
+          mentioner.gfm_reference.sub(
+            /(issue |merge request )/,
+            "\\1#{mentioning_project.path_with_namespace}"
+          )
+        end
+      end
+    end
   end
 
   def commit_author

app/models/personal_snippet.rb

@@ -11,8 +11,8 @@
 #  updated_at       :datetime
 #  file_name        :string(255)
 #  expires_at       :datetime
-#  private    :boolean          default(TRUE), not null
 #  type             :string(255)
+#  visibility_level :integer          default(0), not null
 #
 
 class PersonalSnippet < Snippet

app/models/project.rb

@@ -67,6 +67,8 @@ class Project < ActiveRecord::Base
   has_one :slack_service, dependent: :destroy
   has_one :jira_service, dependent: :destroy
   has_one :jenkins_service, dependent: :destroy
+  has_one :buildbox_service, dependent: :destroy
+  has_one :pushover_service, dependent: :destroy
 
   has_one :forked_project_link, dependent: :destroy, foreign_key: "forked_to_project_id"
   has_one :forked_from_project, through: :forked_project_link
@@ -318,7 +320,7 @@ class Project < ActiveRecord::Base
   end
 
   def available_services_names
-    %w(gitlab_ci campfire hipchat pivotaltracker flowdock assembla emails_on_push gemnasium slack jira jenkins)
+    %w(gitlab_ci campfire hipchat pivotaltracker flowdock assembla emails_on_push gemnasium slack jira jenkins pushover buildbox)
   end
 
   def gitlab_ci?

app/models/project_services/buildbox_service.rb

+# == Schema Information
+#
+# Table name: services
+#
+#  id         :integer          not null, primary key
+#  type       :string(255)
+#  title      :string(255)
+#  project_id :integer          not null
+#  created_at :datetime
+#  updated_at :datetime
+#  active     :boolean          default(FALSE), not null
+#  properties :text
+#
+
+class BuildboxService < CiService
+  prop_accessor :project_url, :token
+
+  validates :project_url, presence: true, if: :activated?
+  validates :token, presence: true, if: :activated?
+
+  after_save :compose_service_hook, if: :activated?
+
+  def webhook_url
+    "#{buildbox_endpoint('webhook')}/deliver/#{webhook_token}"
+  end
+
+  def compose_service_hook
+    hook = service_hook || build_service_hook
+    hook.url = webhook_url
+    hook.save
+  end
+
+  def execute(data)
+    service_hook.execute(data)
+  end
+
+  def commit_status(sha)
+    response = HTTParty.get(commit_status_path(sha), verify: false)
+
+    if response.code == 200 && response['status']
+      response['status']
+    else
+      :error
+    end
+  end
+
+  def commit_status_path(sha)
+    "#{buildbox_endpoint('gitlab')}/status/#{status_token}.json?commit=#{sha}"
+  end
+
+  def build_page(sha)
+    "#{project_url}/builds?commit=#{sha}"
+  end
+
+  def builds_path
+    "#{project_url}/builds?branch=#{project.default_branch}"
+  end
+
+  def status_img_path
+    "#{buildbox_endpoint('badge')}/#{status_token}.svg"
+  end
+
+  def title
+    'Buildbox'
+  end
+
+  def description
+    'Continuous integration and deployments'
+  end
+
+  def to_param
+    'buildbox'
+  end
+
+  def fields
+    [
+      { type: 'text',
+        name: 'token',
+        placeholder: 'Buildbox project GitLab token' },
+
+      { type: 'text',
+        name: 'project_url',
+        placeholder: 'https://buildbox.io/example/project' }
+    ]
+  end
+
+  private
+
+  def webhook_token
+    token_parts.first
+  end
+
+  def status_token
+    token_parts.second
+  end
+
+  def token_parts
+    if token.present?
+      token.split(':')
+    else
+      []
+    end
+  end
+
+  def buildbox_endpoint(subdomain = nil)
+    endpoint = 'https://buildbox.io'
+
+    if subdomain.present?
+      uri = Addressable::URI.parse(endpoint)
+      new_endpoint = "#{uri.scheme || 'http'}://#{subdomain}.#{uri.host}"
+
+      if uri.port.present?
+        "#{new_endpoint}:#{uri.port}"
+      else
+        new_endpoint
+      end
+    else
+      endpoint
+    end
+  end
+end

app/models/project_services/gitlab_ci_service.rb

@@ -9,7 +9,7 @@
 #  created_at :datetime
 #  updated_at :datetime
 #  active     :boolean          default(FALSE), not null
-#  property    :text
+#  properties :text
 #
 
 class GitlabCiService < CiService

app/models/project_services/pushover_service.rb

+# == Schema Information
+#
+# Table name: services
+#
+#  id         :integer          not null, primary key
+#  type       :string(255)
+#  title      :string(255)
+#  project_id :integer          not null
+#  created_at :datetime
+#  updated_at :datetime
+#  active     :boolean          default(FALSE), not null
+#  properties :text
+#
+
+class PushoverService < Service
+  include HTTParty
+  base_uri 'https://api.pushover.net/1'
+
+  prop_accessor :api_key, :user_key, :device, :priority, :sound
+  validates :api_key, :user_key, :priority, presence: true, if: :activated?
+
+  def title
+    'Pushover'
+  end
+
+  def description
+    'Pushover makes it easy to get real-time notifications on your Android device, iPhone, iPad, and Desktop.'
+  end
+
+  def to_param
+    'pushover'
+  end
+
+  def fields
+    [
+      { type: 'text', name: 'api_key', placeholder: 'Your application key' },
+      { type: 'text', name: 'user_key', placeholder: 'Your user key' },
+      { type: 'text', name: 'device', placeholder: 'Leave blank for all active devices' },
+      { type: 'select', name: 'priority', choices:
+        [
+          ['Lowest Priority', -2],
+          ['Low Priority', -1],
+          ['Normal Priority', 0],
+          ['High Priority', 1]
+        ],
+        default_choice: 0
+      },
+      { type: 'select', name: 'sound', choices:
+        [
+          ['Device default sound', nil],
+          ['Pushover (default)', 'pushover'],
+          ['Bike', 'bike'],
+          ['Bugle', 'bugle'],
+          ['Cash Register', 'cashregister'],
+          ['Classical', 'classical'],
+          ['Cosmic', 'cosmic'],
+          ['Falling', 'falling'],
+          ['Gamelan', 'gamelan'],
+          ['Incoming', 'incoming'],
+          ['Intermission', 'intermission'],
+          ['Magic', 'magic'],
+          ['Mechanical', 'mechanical'],
+          ['Piano Bar', 'pianobar'],
+          ['Siren', 'siren'],
+          ['Space Alarm', 'spacealarm'],
+          ['Tug Boat', 'tugboat'],
+          ['Alien Alarm (long)', 'alien'],
+          ['Climb (long)', 'climb'],
+          ['Persistent (long)', 'persistent'],
+          ['Pushover Echo (long)', 'echo'],
+          ['Up Down (long)', 'updown'],
+          ['None (silent)', 'none']
+        ]
+      },
+    ]
+  end
+
+  def execute(push_data)
+    ref = push_data[:ref].gsub('refs/heads/', '')
+    before = push_data[:before]
+    after = push_data[:after]
+
+    if before =~ /000000/
+      message = "#{push_data[:user_name]} pushed new branch \"#{ref}\"."
+    elsif after =~ /000000/
+      message = "#{push_data[:user_name]} deleted branch \"#{ref}\"."
+    else
+      message = "#{push_data[:user_name]} push to branch \"#{ref}\"."
+    end
+
+    if push_data[:total_commits_count] > 0
+      message << "\nTotal commits count: #{push_data[:total_commits_count]}"
+    end
+
+    pushover_data = {
+      token: api_key,
+      user: user_key,
+      device: device,
+      priority: priority,
+      title: "#{project.name_with_namespace}",
+      message: message,
+      url: push_data[:repository][:homepage],
+      url_title: "See project #{project.name_with_namespace}"
+    }
+
+    # Sound parameter MUST NOT be sent to API if not selected
+    if sound
+      pushover_data.merge!(sound: sound)
+    end
+
+    PushoverService.post('/messages.json', body: pushover_data)
+  end
+end

app/models/project_services/slack_service.rb

@@ -13,10 +13,8 @@
 #
 
 class SlackService < Service
-  prop_accessor :room, :subdomain, :token
-  validates :room, presence: true, if: :activated?
-  validates :subdomain, presence: true, if: :activated?
-  validates :token, presence: true, if: :activated?
+  prop_accessor :webhook
+  validates :webhook, presence: true, if: :activated?
 
   def title
     'Slack'
@@ -32,9 +30,7 @@ class SlackService < Service
 
   def fields
     [
-      { type: 'text', name: 'subdomain', placeholder: '' },
-      { type: 'text', name: 'token',     placeholder: '' },
-      { type: 'text', name: 'room',      placeholder: 'Ex. #general' },
+      { type: 'text', name: 'webhook', placeholder: '' }
     ]
   end
 
@@ -44,11 +40,14 @@ class SlackService < Service
       project_name: project_name
     ))
 
+    credentials = webhook.match(/(\w*).slack.com.*services\/(.*)/)
+    if credentials.present?
+      subdomain =  credentials[1]
+      token = credentials[2].split("token=").last
       notifier = Slack::Notifier.new(subdomain, token)
-    notifier.channel = room
-    notifier.username = 'GitLab'
       notifier.ping(message.pretext, attachments: message.attachments)
     end
+  end
 
   private
 

app/models/project_snippet.rb

@@ -11,8 +11,8 @@
 #  updated_at       :datetime
 #  file_name        :string(255)
 #  expires_at       :datetime
-#  private    :boolean          default(TRUE), not null
 #  type             :string(255)
+#  visibility_level :integer          default(0), not null
 #
 
 class ProjectSnippet < Snippet

app/models/project_team.rb

@@ -133,6 +133,10 @@ class ProjectTeam
     max_tm_access(user.id) == Gitlab::Access::MASTER
   end
 
+  def member?(user_id)
+    !!find_tm(user_id)
+  end
+
   def max_tm_access(user_id)
     access = []
     access << project.project_members.find_by(user_id: user_id).try(:access_field)

app/models/repository.rb

@@ -30,6 +30,8 @@ class Repository
     commit = Gitlab::Git::Commit.find(raw_repository, id)
     commit = Commit.new(commit) if commit
     commit
+  rescue Rugged::OdbError => ex
+    nil
   end
 
   def commits(ref, path = nil, limit = nil, offset = nil, skip_merges = false)

app/models/service.rb

@@ -10,6 +10,7 @@
 #  updated_at :datetime
 #  active     :boolean          default(FALSE), not null
 #  properties :text
+#
 
 # To add new service you should build a class inherited from Service
 # and implement a set of methods

app/models/snippet.rb

@@ -11,14 +11,15 @@
 #  updated_at       :datetime
 #  file_name        :string(255)
 #  expires_at       :datetime
-#  private    :boolean          default(TRUE), not null
 #  type             :string(255)
+#  visibility_level :integer          default(0), not null
 #
 
 class Snippet < ActiveRecord::Base
   include Linguist::BlobHelper
+  include Gitlab::VisibilityLevel
 
-  default_value_for :private, true
+  default_value_for :visibility_level, Snippet::PRIVATE
 
   belongs_to :author, class_name: "User"
 
@@ -30,10 +31,13 @@ class Snippet < ActiveRecord::Base
   validates :title, presence: true, length: { within: 0..255 }
   validates :file_name, presence: true, length: { within: 0..255 }
   validates :content, presence: true
+  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }
 
   # Scopes
-  scope :are_public,  -> { where(private: false) }
-  scope :are_private, -> { where(private: true) }
+  scope :are_internal,  -> { where(visibility_level: Snippet::INTERNAL) }
+  scope :are_private, -> { where(visibility_level: Snippet::PRIVATE) }
+  scope :are_public, -> { where(visibility_level: Snippet::PUBLIC) }
+  scope :public_and_internal, -> { where(visibility_level: [Snippet::PUBLIC, Snippet::INTERNAL]) }
   scope :fresh,   -> { order("created_at DESC") }
   scope :expired, -> { where(["expires_at IS NOT NULL AND expires_at < ?", Time.current]) }
   scope :non_expired, -> { where(["expires_at IS NULL OR expires_at > ?", Time.current]) }
@@ -66,6 +70,10 @@ class Snippet < ActiveRecord::Base
     expires_at && expires_at < Time.current
   end
 
+  def visibility_level_field
+    visibility_level
+  end 
+
   class << self
     def search(query)
       where('(title LIKE :query OR file_name LIKE :query)', query: "%#{query}%")
@@ -76,7 +84,7 @@ class Snippet < ActiveRecord::Base
     end
 
     def accessible_to(user)
-      where('private = ? OR author_id = ?', false, user)
+      where('visibility_level IN (?) OR author_id = ?', [Snippet::INTERNAL, Snippet::PUBLIC], user)
     end
   end
 end

app/models/tree.rb

@@ -15,7 +15,7 @@ class Tree
       # by markup renderer.
       if available_readmes.length > 1
         supported_readmes = available_readmes.select do |readme|
-          gitlab_markdown?(readme.name) || markup?(readme.name)
+          previewable?(readme.name)
         end
 
         # Take the first supported readme, or the first available readme, if we

app/models/user.rb

@@ -178,9 +178,8 @@ class User < ActiveRecord::Base
   scope :not_in_team, ->(team){ where('users.id NOT IN (:ids)', ids: team.member_ids) }
   scope :not_in_project, ->(project) { project.users.present? ? where("id not in (:ids)", ids: project.users.map(&:id) ) : all }
   scope :without_projects, -> { where('id NOT IN (SELECT DISTINCT(user_id) FROM members)') }
-  scope :ldap, -> { where('provider LIKE ?', 'ldap%') }
   scope :subscribed_for_admin_email, -> { where(admin_email_unsubscribed_at: nil) }
-
+  scope :ldap, -> { where('provider LIKE ?', 'ldap%') }
   scope :potential_team_members, ->(team) { team.members.any? ? active.not_in_team(team) : active  }
 
   #
@@ -197,6 +196,16 @@ class User < ActiveRecord::Base
       end
     end
 
+    def sort(method)
+      case method.to_s
+      when 'recent_sign_in' then reorder('users.last_sign_in_at DESC')
+      when 'oldest_sign_in' then reorder('users.last_sign_in_at ASC')
+      when 'recently_created' then reorder('users.created_at DESC')
+      when 'late_created' then reorder('users.created_at ASC')
+      else reorder("users.name ASC")
+      end
+    end
+
     def find_for_commit(email, name)
       # Prefer email match over name match
       User.where(email: email).first ||

app/services/issuable_base_service.rb

+class IssuableBaseService < BaseService
+  private
+
+  def create_assignee_note(issuable)
+    Note.create_assignee_change_note(
+      issuable, issuable.project, current_user, issuable.assignee)
+  end
+
+  def create_milestone_note(issuable)
+    Note.create_milestone_change_note(
+      issuable, issuable.project, current_user, issuable.milestone)
+  end
+end

app/services/issues/base_service.rb

 module Issues
-  class BaseService < ::BaseService
+  class BaseService < ::IssuableBaseService
 
     private
 
-    def create_assignee_note(issue)
-      Note.create_assignee_change_note(issue, issue.project, current_user, issue.assignee)
-    end
-
     def execute_hooks(issue, action = 'open')
       issue_data = issue.to_hook_data
       issue_url = Gitlab::UrlBuilder.new(:issue).build(issue.id)
       issue_data[:object_attributes].merge!(url: issue_url, action: action)
       issue.project.execute_hooks(issue_data, :issue_hooks)
     end
-
-    def create_milestone_note(issue)
-      Note.create_milestone_change_note(issue, issue.project, current_user, issue.milestone)
-    end
   end
 end

app/services/issues/update_service.rb

@@ -8,9 +8,14 @@ module Issues
         Issues::ReopenService.new(project, current_user, {}).execute(issue)
       when 'close'
         Issues::CloseService.new(project, current_user, {}).execute(issue)
+      when 'task_check'
+        issue.update_nth_task(params[:task_num].to_i, true)
+      when 'task_uncheck'
+        issue.update_nth_task(params[:task_num].to_i, false)
       end
 
-      if params.present? && issue.update_attributes(params.except(:state_event))
+      if params.present? && issue.update_attributes(params.except(:state_event,
+                                                                  :task_num))
         issue.reset_events_cache
 
         if issue.previous_changes.include?('milestone_id')

app/services/merge_requests/base_service.rb

 module MergeRequests
-  class BaseService < ::BaseService
-
-    private
-
-    def create_assignee_note(merge_request)
-      Note.create_assignee_change_note(merge_request, merge_request.project, current_user, merge_request.assignee)
-    end
+  class BaseService < ::IssuableBaseService
 
     def create_note(merge_request)
       Note.create_status_change_note(merge_request, merge_request.target_project, current_user, merge_request.state, nil)
@@ -16,9 +10,5 @@ module MergeRequests
         merge_request.project.execute_hooks(merge_request.to_hook_data, :merge_request_hooks)
       end
     end
-
-    def create_milestone_note(merge_request)
-      Note.create_milestone_change_note(merge_request, merge_request.project, current_user, merge_request.milestone)
-    end
   end
 end

app/services/merge_requests/update_service.rb

@@ -17,9 +17,15 @@ module MergeRequests
         MergeRequests::ReopenService.new(project, current_user, {}).execute(merge_request)
       when 'close'
         MergeRequests::CloseService.new(project, current_user, {}).execute(merge_request)
+      when 'task_check'
+        merge_request.update_nth_task(params[:task_num].to_i, true)
+      when 'task_uncheck'
+        merge_request.update_nth_task(params[:task_num].to_i, false)
       end
 
-      if params.present? && merge_request.update_attributes(params.except(:state_event))
+      if params.present? && merge_request.update_attributes(
+        params.except(:state_event, :task_num)
+      )
         merge_request.reset_events_cache
 
         if merge_request.previous_changes.include?('milestone_id')

app/views/admin/users/index.html.haml

@@ -33,6 +33,26 @@
         Users (#{@users.total_count})
         .panel-head-actions
           = link_to 'Send email to users', admin_email_path, class: 'btn btn-info'
+          .dropdown.inline
+            %a.dropdown-toggle.btn{href: '#', "data-toggle" => "dropdown"}
+              %span.light sort:
+              - if @sort.present?
+                = @sort.humanize
+              - else
+                Name
+              %b.caret
+            %ul.dropdown-menu
+              %li
+                = link_to admin_users_path(sort: nil) do
+                  Name
+                = link_to admin_users_path(sort: 'recent_sign_in') do
+                  Recent sign in
+                = link_to admin_users_path(sort: 'oldest_sign_in') do
+                  Oldest sign in
+                = link_to admin_users_path(sort: 'recently_created') do
+                  Recently created
+                = link_to admin_users_path(sort: 'late_created') do
+                  Late created
           = link_to 'New User', new_admin_user_path, class: "btn btn-new"
       %ul.well-list
         - @users.each do |user|

app/views/devise/sessions/new.html.haml

@@ -6,13 +6,13 @@
       %ul.nav.nav-tabs
         - @ldap_servers.each_with_index do |server, i|
           %li{class: (:active if i==0)}
-            = link_to server['label'], "#tab-#{server.provider_name}", 'data-toggle' => 'tab'
+            = link_to server['label'], "#tab-#{server['provider_name']}", 'data-toggle' => 'tab'
         %li
           = link_to 'Standard', '#tab-signin', 'data-toggle' => 'tab'
       .tab-content
         - @ldap_servers.each_with_index do |server,i|
-          %div.tab-pane{id: "tab-#{server.provider_name}", class: (:active if i==0)}
-            = render 'devise/sessions/new_ldap', provider: server.provider_name
+          %div.tab-pane{id: "tab-#{server['provider_name']}", class: (:active if i==0)}
+            = render 'devise/sessions/new_ldap', provider: server['provider_name']
         %div#tab-signin.tab-pane
           = render 'devise/sessions/new_base'
 

app/views/events/_commit.html.haml

 %li.commit
   .commit-row-title
-    = link_to commit[:id][0..8], project_commit_path(project, commit[:id]), class: "commit_short_id", alt: ''
+    = link_to truncate_sha(commit[:id]), project_commit_path(project, commit[:id]), class: "commit_short_id", alt: ''
      
     = gfm event_commit_title(commit[:message]), project

app/views/events/_event_push.atom.haml

@@ -2,7 +2,7 @@
   - event.commits.first(15).each do |commit|
     %p
       %strong= commit[:author][:name]
-      = link_to "(##{commit[:id][0...8]})", project_commit_path(event.project, id: commit[:id])
+      = link_to "(##{truncate_sha(commit[:id])})", project_commit_path(event.project, id: commit[:id])
       %i
         at
         = commit[:timestamp].to_time.to_s(:short)

app/views/events/event/_push.html.haml

@@ -22,4 +22,4 @@
           - if event.commits_count > 2
             %span ... and #{event.commits_count - 2} more commits.
           = link_to project_compare_path(event.project, from: event.commit_from, to: event.commit_to) do
-            %strong Compare → #{event.commit_from[0..7]}...#{event.commit_to[0..7]}
+            %strong Compare → #{truncate_sha(event.commit_from)}...#{truncate_sha(event.commit_to)}

app/views/groups/show.html.haml

@@ -24,7 +24,7 @@
           = @group.name
         - if @group.description.present?
           %p
-            = auto_link @group.description, link: :urls
+            = escaped_autolink(@group.description)
     = render "projects", projects: @projects
     %br
     = render "shared_projects", projects: @shared_projects

app/views/help/index.html.haml

@@ -15,7 +15,7 @@
     %br
     Used by more than 100,000 organizations, GitLab is the most popular solution to manage git repositories on-premises.
     %br
-    Read more about GitLab at #{link_to "www.gitlab.com", "https://www.gitlab.com/", target: "_blank"}.
+    Read more about GitLab at #{link_to promo_host, promo_url, target: '_blank'}.
 
 %hr
 
@@ -35,7 +35,7 @@
       %ul.well-list
         %li
           See our website for
-          = link_to "getting help", "https://www.gitlab.com/getting-help/"
+          = link_to 'getting help', promo_url + '/getting-help/'
         %li
           Use the
           = link_to 'search bar', '#', onclick: 'Shortcuts.focusSearch(event)'

app/views/profiles/notifications/show.html.haml

@@ -31,12 +31,12 @@
 
 .clearfix
   %hr
-  %p
-    You can also specify notification level per group or per project
-    %br
-    By default all projects and groups uses notification level set above
 .row.all-notifications
   .col-md-6
+    %p
+      You can also specify notification level per group or per project.
+      %br
+      By default all projects and groups uses notification level set above.
     %h4 Groups:
     %ul.bordered-list
       - @group_members.each do |users_group|
@@ -44,6 +44,10 @@
         = render 'settings', type: 'group', membership: users_group, notification: notification
 
   .col-md-6
+    %p
+      To specify notification level per project of a group you belong to,
+      %br
+      you need to be a member of the project itself, not only its group.
     %h4 Projects:
     %ul.bordered-list
       - @project_members.each do |project_member|

app/views/projects/_commit_button.html.haml

+.form-actions
+  .commit-button-annotation
+    = button_tag 'Commit Changes',
+                 class: 'btn commit-btn js-commit-button btn-create'
+    .message
+      to branch
+      %strong= ref
+  = link_to 'Cancel', cancel_path,
+            class: 'btn btn-cancel', data: {confirm: leave_edit_message}

app/views/projects/_home_panel.html.haml

@@ -3,7 +3,7 @@
   .project-home-row
     .project-home-desc
       - if @project.description.present?
-        = auto_link ERB::Util.html_escape(@project.description), link: :urls
+        = escaped_autolink(@project.description)
       - if can?(current_user, :admin_project, @project)
         –
         = link_to 'Edit', edit_project_path

app/views/projects/blame/show.html.haml

@@ -15,7 +15,7 @@
           %tr
             %td.blame-commit
               %span.commit
-                = link_to commit.short_id(8), project_commit_path(@project, commit), class: "commit_short_id"
+                = link_to commit.short_id, project_commit_path(@project, commit), class: "commit_short_id"
                  
                 = commit_author_link(commit, avatar: true, size: 16)
                  

app/views/projects/blob/_download.html.haml

@@ -2,6 +2,6 @@
   .center
     = link_to project_raw_path(@project, @id) do
       %h1.light
-        %i.fa.fa-arrow-circle-o-down-alt
+        %i.fa.fa-download
       %h4
         Download (#{number_to_human_size blob.size})

app/views/projects/commit/_commit_box.html.haml

@@ -6,7 +6,7 @@
         = @notes_count
     .pull-left.btn-group
       %a.btn.btn-grouped.dropdown-toggle{ data: {toggle: :dropdown} }
-        %i.fa.fa-arrow-circle-o-down-alt
+        %i.fa.fa-download
         Download as
         %span.caret
       %ul.dropdown-menu
@@ -35,7 +35,7 @@
 .commit-info-row
   %span.cgray= pluralize(@commit.parents.count, "parent")
   - @commit.parents.each do |parent|
-    = link_to parent.id[0...10], project_commit_path(@project, parent)
+    = link_to parent.short_id, project_commit_path(@project, parent)
 
 - if @branches.any?
   .commit-info-row

app/views/projects/commits/_commit.html.haml

 %li.commit.js-toggle-container
   .commit-row-title
-    = link_to commit.short_id(8), project_commit_path(project, commit), class: "commit_short_id"
+    = link_to commit.short_id, project_commit_path(project, commit), class: "commit_short_id"
      
     %span.str-truncated
       = link_to_gfm commit.title, project_commit_path(project, commit.id), class: "commit-row-message"

app/views/projects/commits/_inline_commit.html.haml

 %li.commit.inline-commit
   .commit-row-title
-    = link_to commit.short_id(8), project_commit_path(project, commit), class: "commit_short_id"
+    = link_to commit.short_id, project_commit_path(project, commit), class: "commit_short_id"
      
     %span.str-truncated
       = link_to_gfm commit.title, project_commit_path(project, commit.id), class: "commit-row-message"

app/views/projects/edit.html.haml

@@ -93,27 +93,13 @@
 
 
 
-    .danger-settings.js-toggle-container
-      .centered-light-block
-        %h3
-          %i.fa.fa-exclamation-triangle
-          Dangerous settings
-
-        %p Project settings below may result in data loss!
-        = link_to '#', class: 'btn js-toggle-button' do
-          Show them to me
-          %i.fa.fa-chevron-down
-
-      .js-toggle-content.hide
+    .danger-settings
       - if can? current_user, :archive_project, @project
-          .panel.panel-default.panel.panel-warning
-            .panel-heading
         - if @project.archived?
+          .panel.panel-success
+            .panel-heading
               Unarchive project
-              - else
-                Archive project
             .panel-body
-              - if @project.archived?
               %p
                 Unarchiving the project will mark its repository as active.
                 %br
@@ -122,8 +108,12 @@
                 %strong Once active this project shows up in the search and on the dashboard.
               = link_to 'Unarchive', unarchive_project_path(@project),
                   data: { confirm: "Are you sure that you want to unarchive this project?\nWhen this project is unarchived it is active and can be committed to again." },
-                    method: :post, class: "btn btn-remove"
+                  method: :post, class: "btn btn-success"
         - else
+          .panel.panel-warning
+            .panel-heading
+              Archive project
+            .panel-body
               %p
                 Archiving the project will mark its repository as read-only.
                 %br
@@ -172,7 +162,7 @@
                     %li You can only transfer the project to namespaces you manage.
                     %li You will need to update your local repositories to point to the new location.
               .form-actions
-                  = f.submit 'Transfer', class: "btn btn-remove"
+                = f.submit 'Transfer', class: "btn btn-remove js-confirm-danger", data: { "confirm-danger-message" => transfer_project_message(@project) }
       - else
         .nothing-here-block Only the project owner can transfer a project
 
@@ -180,12 +170,13 @@
         .panel.panel-default.panel.panel-danger
           .panel-heading Remove project
           .panel-body
+            = form_tag(project_path(@project), method: :delete, html: { class: 'form-horizontal'}) do
               %p
                 Removing the project will delete its repository and all related resources including issues, merge requests etc.
                 %br
                 %strong Removed projects cannot be restored!
 
-              = link_to 'Remove project', @project, data: { confirm: remove_project_message(@project) }, method: :delete, class: "btn btn-remove"
+              = link_to 'Remove project', '#', class: "btn btn-remove js-confirm-danger", data: { "confirm-danger-message" => remove_project_message(@project) }
       - else
         .nothing-here-block Only project owner can remove a project
 
@@ -195,3 +186,6 @@
       %i.fa.fa-spinner.fa-spin
       Saving project.
     %p Please wait a moment, this page will automatically refresh when ready.
+
+
+= render 'shared/confirm_modal', phrase: @project.path

app/views/projects/edit_tree/show.html.haml

@@ -23,16 +23,11 @@
               %i.fa.fa-spinner.fa-spin
     = render 'shared/commit_message_container', params: params,
              placeholder: "Update #{@blob.name}"
-    .form-actions
     = hidden_field_tag 'last_commit', @last_commit
     = hidden_field_tag 'content', '', id: "file-content"
     = hidden_field_tag 'from_merge_request_id', params[:from_merge_request_id]
-      .commit-button-annotation
-        = button_tag "Commit changes", class: 'btn commit-btn js-commit-button btn-primary'
-        .message
-          to branch
-          %strong= @ref
-      = link_to "Cancel", @after_edit_path, class: "btn btn-cancel", data: { confirm: leave_edit_message}
+    = render 'projects/commit_button', ref: @ref,
+              cancel_path: @after_edit_path
 
 :javascript
   ace.config.set("modePath", gon.relative_url_root + "#{Gitlab::Application.config.assets.prefix}/ace")

app/views/projects/issues/_issue.html.haml

@@ -26,6 +26,10 @@
       %span
         %i.fa.fa-clock-o
         = issue.milestone.title
+    - if issue.tasks?
+      %span.task-status
+        = issue.task_status
+
     .pull-right
       %small updated #{time_ago_with_tooltip(issue.updated_at, 'bottom', 'issue_update_ago')}
 

app/views/projects/issues/show.html.haml

@@ -48,7 +48,7 @@
     .description
       .wiki
         = preserve do
-          = markdown @issue.description
+          = markdown(@issue.description, parse_tasks: true)
   .context
     %cite.cgray
       = render partial: 'issue_context', locals: { issue: @issue }
@@ -62,7 +62,8 @@
       = link_to 'Close Issue', project_issue_path(@project, @issue, issue: {state_event: :close }, status_only: true), method: :put, class: "btn btn-grouped btn-close js-note-target-close", title: "Close Issue"
 
 .participants
-  %cite.cgray #{@issue.participants.count} participants
+  %cite.cgray
+    = pluralize(@issue.participants.count, 'participant')
   - @issue.participants.each do |participant|
     = link_to_member(@project, participant, name: false, size: 24)
 

app/views/projects/merge_requests/_merge_request.html.haml

@@ -27,7 +27,9 @@
       %span
         %i.fa.fa-clock-o
         = merge_request.milestone.title
-
+    - if merge_request.tasks?
+      %span.task-status
+        = merge_request.task_status
 
     .pull-right
       %small updated #{time_ago_with_tooltip(merge_request.updated_at, 'bottom', 'merge_request_updated_ago')}

app/views/projects/merge_requests/show/_mr_box.html.haml

@@ -18,7 +18,7 @@
     .description
       .wiki
         = preserve do
-          = markdown @merge_request.description
+          = markdown(@merge_request.description, parse_tasks: true)
 
   .context
     %cite.cgray

app/views/projects/merge_requests/show/_mr_ci.html.haml

@@ -20,7 +20,6 @@
       = link_to "Build page", ci_build_details_path(@merge_request)
 
   .ci_widget
-    %strong
     %i.fa.fa-spinner
     Checking for CI status for #{@merge_request.last_commit_short_sha}
 

app/views/projects/merge_requests/show/_mr_title.html.haml

@@ -6,7 +6,7 @@
       - if @merge_request.open?
         .btn-group.pull-left
           %a.btn.btn-grouped.dropdown-toggle{ data: {toggle: :dropdown} }
-            %i.fa.fa-arrow-circle-o-down-alt
+            %i.fa.fa-download
             Download as
             %span.caret
           %ul.dropdown-menu

app/views/projects/merge_requests/show/_state_widget.html.haml

-.panel.mr-state-widget.panel-default
+.mr-state-widget
   - if @merge_request.source_project.ci_service && @commits.any?
-    .panel-heading
+    .mr-widget-heading
       = render "projects/merge_requests/show/mr_ci"
-  .panel-body
+  .mr-widget-body
     - if @merge_request.open?
       - if @merge_request.source_branch_exists? && @merge_request.target_branch_exists?
         = render "projects/merge_requests/show/mr_accept"
@@ -31,8 +31,8 @@
         %br
         Try to use different branches or push new code.
 
-  - if !@closes_issues.empty? && @merge_request.open?
-    .panel-footer
+  - if @closes_issues.present? && @merge_request.open?
+    .mr-widget-footer
       %span
         %i.fa.fa-check
         Accepting this merge request will close #{@closes_issues.size == 1 ? 'issue' : 'issues'}

app/views/projects/new_tree/show.html.haml

@@ -27,14 +27,9 @@
       .file-content.code
         %pre#editor= params[:content]
 
-    .form-actions
-      = hidden_field_tag 'content', '', id: "file-content"
-      .commit-button-annotation
-        = button_tag "Commit changes", class: 'btn commit-btn js-commit-button btn-create'
-        .message
-          to branch
-          %strong= @ref
-      = link_to "Cancel", project_tree_path(@project, @id), class: "btn btn-cancel", data: { confirm: leave_edit_message}
+    = hidden_field_tag 'content', '', id: 'file-content'
+    = render 'projects/commit_button', ref: @ref,
+              cancel_path: project_tree_path(@project, @id)
 
 :javascript
   ace.config.set("modePath", gon.relative_url_root + "#{Gitlab::Application.config.assets.prefix}/ace-src-noconflict")

app/views/projects/protected_branches/index.html.haml

 %h3.page-title Protected branches
-%p.light This ability keeps stable branches secure and forces developers to use code reviews
+%p.light Keep stable branches secure and force developers to use Merge Requests
 %hr
 
 .bs-callout.bs-callout-info
   %p Protected branches are designed to
   %ul
     %li prevent pushes from everybody except #{link_to "masters", help_page_path("permissions", "permissions"), class: "vlink"}
-    %li prevents anyone from force pushing to the branch
-    %li prevents anyone from deleting the branch
+    %li prevent anyone from force pushing to the branch
+    %li prevent anyone from deleting the branch
   %p Read more about #{link_to "project permissions", help_page_path("permissions", "permissions"), class: "underlined-link"}
 
 - if can? current_user, :admin_project, @project

app/views/projects/repositories/_download_archive.html.haml

@@ -4,7 +4,7 @@
 - if split_button == true
   %span.btn-group{class: btn_class}
     = link_to archive_project_repository_path(@project, ref: ref, format: 'zip'), class: 'btn', rel: 'nofollow' do
-      %i.fa.fa-arrow-circle-o-down-alt
+      %i.fa.fa-download
       %span Download zip
     %a.btn.dropdown-toggle{ 'data-toggle' => 'dropdown' }
       %span.caret
@@ -13,25 +13,25 @@
     %ul.dropdown-menu{ role: 'menu' }
       %li
         = link_to archive_project_repository_path(@project, ref: ref, format: 'zip'), rel: 'nofollow' do
-          %i.fa.fa-arrow-circle-o-down-alt
+          %i.fa.fa-download
           %span Download zip
       %li
         = link_to archive_project_repository_path(@project, ref: ref, format: 'tar.gz'), rel: 'nofollow' do
-          %i.fa.fa-arrow-circle-o-down-alt
+          %i.fa.fa-download
           %span Download tar.gz
       %li
         = link_to archive_project_repository_path(@project, ref: ref, format: 'tar.bz2'), rel: 'nofollow' do
-          %i.fa.fa-arrow-circle-o-down-alt
+          %i.fa.fa-download
           %span Download tar.bz2
       %li
         = link_to archive_project_repository_path(@project, ref: ref, format: 'tar'), rel: 'nofollow' do
-          %i.fa.fa-arrow-circle-o-down-alt
+          %i.fa.fa-download
           %span Download tar
 - else
   %span.btn-group{class: btn_class}
     = link_to archive_project_repository_path(@project, ref: ref, format: 'zip'), class: 'btn', rel: 'nofollow' do
-      %i.fa.fa-arrow-circle-o-down-alt
+      %i.fa.fa-download
       %span zip
     = link_to archive_project_repository_path(@project, ref: ref, format: 'tar.gz'), class: 'btn', rel: 'nofollow' do
-      %i.fa.fa-arrow-circle-o-down-alt
+      %i.fa.fa-download
       %span tar.gz

app/views/projects/services/_form.html.haml

@@ -32,8 +32,11 @@
 
   - @service.fields.each do |field|
     - name = field[:name]
+    - value = @service.send(name)
     - type = field[:type]
     - placeholder = field[:placeholder]
+    - choices = field[:choices]
+    - default_choice = field[:default_choice]
 
     .form-group
       = f.label name, class: "control-label"
@@ -46,6 +49,8 @@
           = f.check_box name
         - elsif type == 'password'
           = f.password_field name, class: "form-control"
+        - elsif type == 'select'
+          = f.select name, options_for_select(choices, value ? value : default_choice), {}, { class: "form-control" }
 
   .form-actions
     = f.submit 'Save', class: 'btn btn-save'

app/views/projects/show.html.haml

@@ -62,11 +62,14 @@
             - else
               #{link_to @project.owner_name, @project.owner}
 
-
-          - if @project.gitlab_ci?
-            %hr
-            = link_to @project.gitlab_ci_service.builds_path do
-              = image_tag @project.gitlab_ci_service.status_img_path, alt: "build status"
+          - @project.ci_services.each do |ci_service|
+            - if ci_service.active? && ci_service.respond_to?(:builds_path)
+              - if ci_service.respond_to?(:status_img_path)
+                = link_to ci_service.builds_path do
+                  = image_tag ci_service.status_img_path, alt: "build status"
+              - else
+                %span.light CI provided by
+                = link_to ci_service.title, ci_service.builds_path
 
   - if readme
     .tab-pane#tab-readme

app/views/projects/tree/_submodule_item.html.haml

@@ -7,8 +7,8 @@
     @
     %span.monospace
       - if commit.nil?
-        #{submodule_item.id[0..10]}
+        #{truncate_sha(submodule_item.id)}
       - else
-        = link_to "#{submodule_item.id[0..10]}", commit
+        = link_to "#{truncate_sha(submodule_item.id)}", commit
   %td
   %td.hidden-xs

app/views/projects/wikis/_nav.html.haml

@@ -7,7 +7,7 @@
 
   = nav_link(path: 'wikis#git_access') do
     = link_to git_access_project_wikis_path(@project) do
-      %i.fa.fa-arrow-circle-o-down-alt
+      %i.fa.fa-download
       Git Access
 
   - if can?(current_user, :write_wiki, @project)

app/views/projects/wikis/history.html.haml

@@ -17,7 +17,7 @@
       %tr
         %td
           = link_to project_wiki_path(@project, @page, version_id: commit.id) do
-            = commit.id[0..10]
+            = truncate_sha(commit.id)
         %td
           = commit.author.name
         %td

app/views/search/results/_note.html.haml

@@ -10,7 +10,7 @@
         = project.name_with_namespace
       ·
       = link_to project_commit_path(project, note.commit_id, anchor: dom_id(note)) do
-        Commit #{note.commit_id[0..8]}
+        Commit #{truncate_sha(note.commit_id)}
     - else
       = link_to project do
         = project.name_with_namespace

app/views/shared/_confirm_modal.html.haml

+#modal-confirm-danger.modal.hide{tabindex: -1}
+  .modal-dialog
+    .modal-content
+      .modal-header
+        %a.close{href: "#", "data-dismiss" => "modal"} ×
+        %h4 Confirmation required
+
+      .modal-body
+        %p.cred.lead.js-confirm-text
+
+        %p
+          This action can lead to data loss.
+          To prevent accidental actions we ask you to confirm your intention.
+          %br
+          Please type
+          %code.js-confirm-danger-match #{phrase}
+          to proceed or close this modal to cancel
+
+        .form-group
+          = text_field_tag 'confirm_name_input', '', class: 'form-control js-confirm-danger-input'
+        .form-group
+          = submit_tag 'Confirm', class: "btn btn-danger js-confirm-danger-submit"

app/views/shared/_promo.html.haml

 .gitlab-promo
-  = link_to "Homepage", "https://www.gitlab.com/"
-  = link_to "Blog", "https://www.gitlab.com/blog/"
+  = link_to 'Homepage', promo_url
+  = link_to "Blog", promo_url + '/blog/'
   = link_to "@gitlabhq", "https://twitter.com/gitlabhq"
   = link_to "Requests", "http://feedback.gitlab.com/"

app/views/shared/snippets/_form.html.haml

@@ -10,21 +10,7 @@
       = f.label :title, class: 'control-label'
       .col-sm-10= f.text_field :title, placeholder: "Example Snippet", class: 'form-control', required: true
 
-    - unless @snippet.respond_to?(:project)
-      .form-group
-        = f.label "Access", class: 'control-label'
-        .col-sm-10
-          = f.label :private_true, class: 'radio-label' do
-            = f.radio_button :private, true
-            %span
-              %strong Private
-              (only you can see this snippet)
-          %br
-          = f.label :private_false, class: 'radio-label' do
-            = f.radio_button :private, false
-            %span
-              %strong Public
-              (GitLab users can see this snippet)
+    = render "shared/snippets/visibility_level", f: f, visibility_level: gitlab_config.default_projects_features.visibility_level, can_change_visibility_level: true
     
     .form-group
       .file-editor

app/views/shared/snippets/_visibility_level.html.haml

+.form-group.project-visibility-level-holder
+  = f.label :visibility_level, class: 'control-label' do
+    Visibility Level
+    = link_to "(?)", help_page_path("public_access", "public_access")
+  .col-sm-10
+    - if can_change_visibility_level
+      - Gitlab::VisibilityLevel.values.each do |level|
+        .radio
+          - restricted = restricted_visibility_levels.include?(level)
+          = f.radio_button :visibility_level, level, disabled: restricted
+          = label "#{dom_class(@snippet)}_visibility_level", level do
+            = visibility_level_icon(level)
+            .option-title
+              = visibility_level_label(level)
+            .option-descr
+              = snippet_visibility_level_description(level)
+      - unless restricted_visibility_levels.empty?
+        .col-sm-10
+          %span.info
+            Some visibility level settings have been restricted by the administrator.
+    - else
+      .col-sm-10
+        %span.info
+          = visibility_level_icon(visibility_level)
+          %strong
+            = visibility_level_label(visibility_level)
+          .light= visibility_level_description(visibility_level)

app/views/snippets/current_user_index.html.haml

@@ -23,6 +23,11 @@
           Private
           %span.pull-right
             = @user.snippets.are_private.count
+      = nav_tab :scope, 'are_internal' do
+        = link_to user_snippets_path(@user, scope: 'are_internal') do
+          Internal
+          %span.pull-right
+            = @user.snippets.are_internal.count
       = nav_tab :scope, 'are_public' do
         = link_to user_snippets_path(@user, scope: 'are_public') do
           Public

app/views/snippets/index.html.haml

@@ -2,6 +2,8 @@
   Public snippets
 
   .pull-right
+    
+    - if current_user
       = link_to new_snippet_path, class: "btn btn-new btn-grouped", title: "New Snippet" do
         Add new snippet
       = link_to user_snippets_path(current_user), class: "btn btn-grouped"  do

app/views/snippets/user_index.html.haml

@@ -4,6 +4,7 @@
   %span
     \/
     Snippets
+  - if current_user
     = link_to new_snippet_path, class: "btn btn-small add_new pull-right", title: "New Snippet" do
       Add new snippet
 

config/application.rb

@@ -2,7 +2,7 @@ require File.expand_path('../boot', __FILE__)
 
 require 'rails/all'
 require 'devise'
-
+I18n.config.enforce_available_locales = false
 Bundler.require(:default, Rails.env)
 
 module Gitlab

config/gitlab.yml.example

@@ -119,6 +119,7 @@ production: &base
     #   new_issue_url: "http://jira.sample/secure/CreateIssue.jspa"
 
   ## Gravatar
+  ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
   gravatar:
     enabled: true                 # Use user avatar image from Gravatar.com (default: true)
     # gravatar urls: possible placeholders: %{hash} %{size} %{email}
@@ -135,26 +136,13 @@ production: &base
   ldap:
     enabled: false
     servers:
-      -
-        ## provider_id
-        #
-        # This identifier is used by GitLab to keep track of which LDAP server each
-        # GitLab user belongs to. Each LDAP server known to GitLab should have a unique
-        # provider_id. This identifier cannot be changed once users from the LDAP server
-        # have started logging in to GitLab.
-        #
-        # Format: one word, using a-z (lower case) and 0-9
-        # Example: 'paris' or 'uswest2'
-
-        provider_id: main
-
+      main: # 'main' is the GitLab 'provider ID' of this LDAP server
         ## label
         #
         # A human-friendly name for your LDAP server. It is OK to change the label later,
         # for instance if you find out it is too large to fit on the web page.
         #
         # Example: 'Paris' or 'Acme, Ltd.'
-
         label: 'LDAP'
 
         host: '_your_ldap_server'
@@ -164,14 +152,6 @@ production: &base
         bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
         password: '_the_password_of_the_bind_user'
 
-        # This setting controls the amount of time between LDAP permission checks for each user.
-        # After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
-        # How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
-        # The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
-        #
-        # Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
-        # sync_time: 3600
-
         # This setting specifies if LDAP server is Active Directory LDAP server.
         # For non AD servers it skips the AD specific queries.
         # If your LDAP server is not AD, set this to false.
@@ -203,6 +183,14 @@ production: &base
         #
         user_filter: ''
 
+        # This setting controls the amount of time between LDAP permission checks for each user.
+        # After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
+        # How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
+        # The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
+        #
+        # Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
+        # sync_time: 3600
+
         # Base where we can search for groups
         #
         #   Ex. ou=Groups,dc=gitlab,dc=example
@@ -222,6 +210,14 @@ production: &base
         #
         sync_ssh_keys: false
 
+      # GitLab EE only: add more LDAP servers
+      # Choose an ID made of a-z and 0-9 . This ID will be stored in the database
+      # so that GitLab can remember which LDAP server a user belongs to.
+      # uswest2:
+      #   label:
+      #   host:
+      #   ....
+
   ## OmniAuth settings
   omniauth:
     # Allow login via Twitter, Google, etc. using OmniAuth providers
@@ -351,8 +347,7 @@ test:
   ldap:
     enabled: false
     servers:
-      -
-        provider_id: main
+      main:
         label: ldap
         host: 127.0.0.1
         port: 3890
@@ -363,5 +358,6 @@ test:
         group_base: 'ou=groups,dc=example,dc=com'
         admin_group: ''
         sync_ssh_keys: false
+
 staging:
   <<: *base

config/initializers/1_settings.rb

@@ -62,17 +62,21 @@ if Settings.ldap['enabled'] || Rails.env.test?
   if Settings.ldap['host'].present?
     server = Settings.ldap.except('sync_time')
     server['label'] = 'LDAP'
-    server['provider_id'] = 'main'
-    Settings.ldap['servers'] = [server]
+    server['provider_name'] = 'ldap'
+    Settings.ldap['servers'] = {
+      'ldap' => server
+    }
   end
 
-  Settings.ldap['servers'].each do |server|
+  Settings.ldap['servers'].each do |key, server|
     server['allow_username_or_email_login'] = false if server['allow_username_or_email_login'].nil?
     server['active_directory'] = true if server['active_directory'].nil?
-    server['provider_name'] = "ldap#{server['provider_id']}".downcase
+    server['provider_name'] ||= "ldap#{key}".downcase
+    server['sync_time'] = 3600 if server['sync_time'].nil?
     server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
   end
 end
+
 Settings['omniauth'] ||= Settingslogic.new({})
 Settings.omniauth['enabled']      = false if Settings.omniauth['enabled'].nil?
 Settings.omniauth['providers']  ||= []

config/initializers/7_omniauth.rb

 module OmniAuth::Strategies
-  Gitlab.config.ldap.servers.each_with_index do |server|
-    const_set(server.provider_class, Class.new(LDAP))
+  Gitlab::LDAP::Config.servers.each do |server|
+    # do not redeclare LDAP
+    next if server['provider_name'] == 'ldap'
+    const_set(server['provider_class'], Class.new(LDAP))
+  end
+end
+
+OmniauthCallbacksController.class_eval do
+  Gitlab::LDAP::Config.servers.each do |server|
+    alias_method server['provider_name'], :ldap
   end
 end

config/initializers/devise.rb

@@ -205,14 +205,14 @@ Devise.setup do |config|
   # end
 
   if Gitlab.config.ldap.enabled
-    Gitlab.config.ldap.servers.each do |server|
+    Gitlab::LDAP::Config.servers.each do |server|
       if server['allow_username_or_email_login']
         email_stripping_proc = ->(name) {name.gsub(/@.*$/,'')}
       else
         email_stripping_proc = ->(name) {name}
       end
 
-      config.omniauth server.provider_name,
+      config.omniauth server['provider_name'],
         host:     server['host'],
         base:     server['base'],
         uid:      server['uid'],

db/fixtures/production/001_admin.rb

@@ -21,7 +21,7 @@ admin.save!
 admin.confirm!
 
 if admin.valid?
-puts %q[
+puts %Q[
 Administrator account created:
 
 login.........root

db/migrate/20141006143943_move_slack_service_to_webhook.rb

+class MoveSlackServiceToWebhook < ActiveRecord::Migration
+  def change
+    SlackService.all.each do |slack_service|
+      if ["token", "subdomain"].all? { |property| slack_service.properties.key? property }
+        token = slack_service.properties['token']
+        subdomain = slack_service.properties['subdomain']
+        webhook = "https://#{subdomain}.slack.com/services/hooks/incoming-webhook?token=#{token}"
+        slack_service.properties['webhook'] = webhook
+        slack_service.properties.delete('token')
+        slack_service.properties.delete('subdomain')
+        # Room is configured on the Slack side
+        slack_service.properties.delete('room')
+        slack_service.save!
+      end
+    end
+  end
+end

db/migrate/20141007100818_add_visibility_level_to_snippet.rb

+class AddVisibilityLevelToSnippet < ActiveRecord::Migration
+  def up
+    add_column :snippets, :visibility_level, :integer, :default => 0, :null => false
+
+    Snippet.where(private: true).update_all(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+    Snippet.where(private: false).update_all(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+
+    add_index :snippets, :visibility_level
+
+    remove_column :snippets, :private
+  end
+
+  def down
+    add_column :snippets, :private, :boolean, :default => false, :null => false
+    
+    Snippet.where(visibility_level: Gitlab::VisibilityLevel::INTERNAL).update_all(private: false)
+    Snippet.where(visibility_level: Gitlab::VisibilityLevel::PRIVATE).update_all(private: true)
+    
+    remove_column :snippets, :visibility_level
+  end
+end

db/schema.rb

@@ -338,14 +338,15 @@ ActiveRecord::Schema.define(version: 20141010132608) do
     t.datetime "updated_at"
     t.string   "file_name"
     t.datetime "expires_at"
-    t.boolean  "private",    default: true, null: false
     t.string   "type"
+    t.integer  "visibility_level", default: 0, null: false
   end
 
   add_index "snippets", ["author_id"], name: "index_snippets_on_author_id", using: :btree
   add_index "snippets", ["created_at"], name: "index_snippets_on_created_at", using: :btree
   add_index "snippets", ["expires_at"], name: "index_snippets_on_expires_at", using: :btree
   add_index "snippets", ["project_id"], name: "index_snippets_on_project_id", using: :btree
+  add_index "snippets", ["visibility_level"], name: "index_snippets_on_visibility_level", using: :btree
 
   create_table "taggings", force: true do |t|
     t.integer  "tag_id"

doc/README.md

@@ -24,6 +24,7 @@
 - [Email](tools/email.md) Email GitLab users from GitLab
 - [Welcome message](customization/welcome_message.md) Add a custom welcome message to the sign-in page.
 - [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
+- [Libravatar](customization/libravatar.md) Use Libravatar for user avatars.
 
 ## Contributor documentation
 

doc/customization/libravatar.md

+# Use Libravatar service with GitLab
+
+GitLab by default supports [Gravatar](gravatar.com) avatar service.
+Libravatar is a service which delivers your avatar (profile picture) to other websites and their API is
+[heavily based on gravatar](http://wiki.libravatar.org/api/).
+
+This means that it is not complicated to switch to Libravatar avatar service or even self hosted Libravatar server.
+
+# Configuration
+
+In [gitlab.yml gravatar section](https://gitlab.com/gitlab-org/gitlab-ce/blob/672bd3902d86b78d730cea809fce312ec49d39d7/config/gitlab.yml.example#L122) set
+the configuration options as follows:
+
+## For HTTP
+
+```yml
+  gravatar:
+    enabled: true
+    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+    plain_url: "http://cdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
+```
+
+## For HTTPS
+
+```yml
+  gravatar:
+    enabled: true
+    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+    ssl_url: "https://seccdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
+```
+
+## Self-hosted
+
+If you are [running your own libravatar service](http://wiki.libravatar.org/running_your_own/) the url will be different in the configuration
+but the important part is to provide the same placeholders so GitLab can parse the url correctly.
+
+For example, you host a service on `http://libravatar.example.com` the `plain_url` you need to supply in `gitlab.yml` is
+
+`http://libravatar.example.com/avatar/%{hash}?s=%{size}&d=identicon`
+
+
+## Omnibus-gitlab example
+
+In `/etc/gitlab/gitlab.rb`:
+
+#### For http
+
+```ruby
+gitlab_rails['gravatar_enabled'] = true
+gitlab_rails['gravatar_plain_url'] = "http://cdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
+```
+
+#### For https
+
+```ruby
+gitlab_rails['gravatar_enabled'] = true
+gitlab_rails['gravatar_ssl_url'] = "https://seccdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
+```
+
+
+Run `sudo gitlab-ctl reconfigure` for changes to take effect.
+
+
+## Default URL for missing images
+
+[Libravatar supports different sets](http://wiki.libravatar.org/api/) of `missing images` for emails not found on the Libravatar service.
+
+In order to use a different set other than `identicon`, replace `&d=identicon` portion of the url with another supported set.
+For example, you can use `retro` set in which case url would look like: `plain_url: "http://cdn.libravatar.org/avatar/%{hash}?s=%{size}&d=retro"`

doc/development/architecture.md

@@ -2,7 +2,7 @@
 
 ## Software delivery
 
-There are two editions of GitLab: [Enterprise Edition](https://www.gitlab.com/gitlab-ee/) (EE) and [Community Edition](https://www.gitlab.com/gitlab-ce/) (CE). GitLab CE is delivered via git from the [gitlabhq repository](https://gitlab.com/gitlab-org/gitlab-ce/tree/master). New versions of GitLab are released in stable branches and the master branch is for bleeding edge development.
+There are two editions of GitLab: [Enterprise Edition](https://about.gitlab.com/gitlab-ee/) (EE) and [Community Edition](https://about.gitlab.com/gitlab-ce/) (CE). GitLab CE is delivered via git from the [gitlabhq repository](https://gitlab.com/gitlab-org/gitlab-ce/tree/master). New versions of GitLab are released in stable branches and the master branch is for bleeding edge development.
 
 EE releases are available not long after CE releases. To obtain the GitLab EE there is a [repository at gitlab.com](https://gitlab.com/subscribers/gitlab-ee). For more information about the release process see the section 'New versions and upgrading' in the readme.
 

doc/install/installation.md

@@ -6,13 +6,13 @@ Make sure you view [this installation guide](https://gitlab.com/gitlab-org/gitla
 
 ![Select latest branch](https://i.imgur.com/Lrdxk1k.png)
 
-If the highest number stable branch is unclear please check the [GitLab Blog](https://www.gitlab.com/blog/) for installation guide links by version.
+If the highest number stable branch is unclear please check the [GitLab Blog](https://about.gitlab.com/blog/) for installation guide links by version.
 
 ## Important Notes
 
 This guide is long because it covers many cases and includes all commands you need, this is [one of the few installation scripts that actually works out of the box](https://twitter.com/robinvdvleuten/status/424163226532986880).
 
-This installation guide was created for and tested on **Debian/Ubuntu** operating systems. Please read [doc/install/requirements.md](./requirements.md) for hardware and operating system requirements. If you want to install on RHEL/CentOS we recommend using the [Omnibus packages](https://www.gitlab.com/downloads/).
+This installation guide was created for and tested on **Debian/Ubuntu** operating systems. Please read [doc/install/requirements.md](./requirements.md) for hardware and operating system requirements. If you want to install on RHEL/CentOS we recommend using the [Omnibus packages](https://about.gitlab.com/downloads/).
 
 This is the official installation guide to set up a production server. To set up a **development installation** or for many other installation options please see [the installation section of the readme](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/README.md#installation).
 

doc/install/requirements.md

@@ -85,9 +85,9 @@ Redis stores all user sessions and the background task queue.
 The storage requirements for Redis are minimal, about 25kB per user.
 Sidekiq processes the background jobs with a multithreaded process.
 This process starts with the entire Rails stack (200MB+) but it can grow over time due to memory leaks.
-On a very active server (10.000 active users) the Sidekiq process can use 1GB+ of memory.
+On a very active server (10,000 active users) the Sidekiq process can use 1GB+ of memory.
 
-## Supported webbrowsers
+## Supported web browsers
 
 - Chrome (Latest stable version)
 - Firefox (Latest released version) 

doc/markdown/markdown.md

@@ -10,6 +10,7 @@
 * [Code and Syntax Highlighting](#code-and-syntax-highlighting)
 * [Emoji](#emoji)
 * [Special GitLab references](#special-gitlab-references)
+* [Task lists](#task-lists)
 
 **[Standard Markdown](#standard-markdown)**
 
@@ -177,6 +178,24 @@ GFM will recognize the following:
 - 1234567 : for commits
 - \[file\](path/to/file) : for file references
 
+GFM also recognizes references to commits, issues, and merge requests in other projects:
+
+- namespace/project#123 : for issues
+- namespace/project!123 : for merge requests
+- namespace/project@1234567 : for commits
+
+## Task Lists
+
+You can add task lists to merge request and issue descriptions to keep track of to-do items.  To create a task, add an unordered list to the description in an issue or merge request, formatted like so:
+
+```no-highlight
+* [x] Completed task
+* [ ] Unfinished task
+    * [x] Nested task
+```
+
+Task lists can only be created in descriptions, not in titles or comments.  Task item state can be managed by editing the description's Markdown or by clicking the rendered checkboxes.
+
 # Standard Markdown
 
 ## Headers

doc/release/security.md

@@ -8,7 +8,7 @@ Do a security release when there is a critical issue that needs to be addresses
 
 ## Security vulnerability disclosure
 
-Please report suspected security vulnerabilities in private to <support@gitlab.com>, also see the [disclosure section on the GitLab.com website](http://www.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
+Please report suspected security vulnerabilities in private to <support@gitlab.com>, also see the [disclosure section on the GitLab.com website](http://about.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
 
 ## Release Procedure
 
@@ -21,7 +21,7 @@ Please report suspected security vulnerabilities in private to <support@gitlab.c
 1. Send out an email to the 'GitLab Newsletter' mailing list on MailChimp (or the 'Subscribers' list if the security fix is for EE only)
 1. Send out an email to [the community google mailing list](https://groups.google.com/forum/#!forum/gitlabhq)
 1. Post a signed copy of our complete announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number
-1. Add the security researcher to the [Security Researcher Acknowledgments list](http://www.gitlab.com/vulnerability-acknowledgements/)
+1. Add the security researcher to the [Security Researcher Acknowledgments list](http://about.gitlab.com/vulnerability-acknowledgements/)
 1. Thank the security researcher in an email for their cooperation
 1. Update the blog post and the CHANGELOG when we receive the CVE number
 

doc/update/6.x-or-7.x-to-7.3.md

@@ -64,12 +64,12 @@ sudo gem install bundler --no-ri --no-rdoc
 ```bash
 cd /home/git/gitlab
 sudo -u git -H git fetch --all
+sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 ```
 
 For GitLab Community Edition:
 
 ```bash
-sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 sudo -u git -H git checkout 7-3-stable
 ```
 
@@ -78,7 +78,6 @@ OR
 For GitLab Enterprise Edition:
 
 ```bash
-sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 sudo -u git -H git checkout 7-3-stable-ee
 ```
 

doc/update/7.2-to-7.3.md

@@ -18,12 +18,12 @@ sudo service gitlab stop
 ```bash
 cd /home/git/gitlab
 sudo -u git -H git fetch --all
+sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 ```
 
 For GitLab Community Edition:
 
 ```bash
-sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 sudo -u git -H git checkout 7-3-stable
 ```
 
@@ -32,7 +32,6 @@ OR
 For GitLab Enterprise Edition:
 
 ```bash
-sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 sudo -u git -H git checkout 7-3-stable-ee
 ```
 

doc/update/7.3-to-7.4.md

+# From 7.3 to 7.4
+
+## GitLab 7.4 has not been released yet!
+
+This document currently just serves as a place to keep track of updates that will be needed for the 7.4 update.
+
+## Update config files
+
+* Add `collation: utf8_general_ci` to config/database.yml as seen in [config/database.yml.mysql](config/database.yml.mysql)
+
+## Optional optimizations for GitLab setups with MySQL databases
+
+Only applies if running MySQL database created with GitLab 6.7 or earlier. If you are not experiencing any issues you may not need the following instructions however following them will bring your database in line with the latest recommended installation configuration and help avoid future issues. Be sure to follow these directions exactly. These directions should be safe for any MySQL instance but to be sure make a current MySQL database backup beforehand.
+
+```
+# Secure your MySQL installation (added in GitLab 6.2)
+sudo mysql_secure_installation
+
+# Login to MySQL
+mysql -u root -p
+
+# do not type the 'mysql>', this is part of the prompt
+
+# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
+SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
+
+# If previous query returned results, copy & run all outputed SQL statements
+
+# Find MySQL users
+mysql> SELECT user FROM mysql.user WHERE user LIKE '%git%';
+
+# If git user exists and gitlab user does not exist 
+# you are done with the database cleanup tasks
+mysql> \q
+
+# If both users exist skip to Delete gitlab user
+
+# Create new user for GitLab (changed in GitLab 6.4)
+# change $password in the command below to a real password you pick
+mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
+
+# Grant the git user necessary permissions on the database
+mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';
+
+# Delete the old gitlab user
+mysql> DELETE FROM mysql.user WHERE user='gitlab';
+
+# Quit the database session
+mysql> \q
+
+# Try connecting to the new database with the new user
+sudo -u git -H mysql -u git -p -D gitlabhq_production
+
+# Type the password you replaced $password with earlier
+
+# You should now see a 'mysql>' prompt
+
+# Quit the database session
+mysql> \q
+
+# Update database configuration details
+# See config/database.yml.mysql for latest recommended configuration details
+#   Remove the reaping_frequency setting line if it exists (removed in GitLab 6.8)
+#   Set production -> pool: 10 (updated in GitLab 5.3)
+#   Set production -> username: git
+#   Set production -> password: the password your replaced $password with earlier
+sudo -u git -H editor /home/git/gitlab/config/database.yml
+```

doc/workflow/gitlab_flow.md

@@ -26,7 +26,7 @@ After getting used to these three steps the branching model becomes the challeng
 Since many organizations new to git have no conventions how to work with it, it can quickly become a mess.
 The biggest problem they run into is that many long running branches that each contain part of the changes are around.
 People have a hard time figuring out which branch they should develop on or deploy to production.
-Frequently the reaction to this problem is to adopt a standardized pattern such as [git flow](http://nvie.com/posts/a-successful-git-branching-model/) and [GitHub flow](https://guides.github.com/introduction/flow/index.html)
+Frequently the reaction to this problem is to adopt a standardized pattern such as [git flow](http://nvie.com/posts/a-successful-git-branching-model/) and [GitHub flow](http://scottchacon.com/2011/08/31/github-flow.html)
 We think there is still room for improvement and will detail a set of practices we call GitLab flow.
 
 # Git flow and its problems
@@ -309,3 +309,8 @@ If you need to merge in another branch after starting explain the reason in the
 If you have not pushed your commits to a shared location yet you can also rebase on master or another feature branch.
 Do not merge in upstream if your code will work and merge cleanly without doing so, Linus even says that [you should never merge in upstream at random points, only at major releases](http://lwn.net/Articles/328438/).
 Merging only when needed prevents creating merge commits in your feature branch that later end up littering the master history.
+
+### References
+
+- [Sketch file](https://www.dropbox.com/s/58dvsj5votbwrzv/git_flows.sketch?dl=0) with vectors of images in this article
+- [Git Flow by Vincent Driessen](http://nvie.com/posts/a-successful-git-branching-model/)

features/admin/active_tab.feature

 @admin
-Feature: Admin active tab
+Feature: Admin Active Tab
   Background:
     Given I sign in as an admin
 

features/dashboard/active_tab.feature

 @dashboard
-Feature: Dashboard active tab
+Feature: Dashboard Active Tab
   Background:
     Given I sign in as a user
 

features/dashboard/archived_projects.feature

 @dashboard
-Feature: Dashboard with archived projects
+Feature: Dashboard Archived Projects
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/dashboard/event_filters.feature

 @dashboard
-Feature: Event filters
+Feature: Event Filters
   Background:
     Given I sign in as a user
     And I own a project

features/dashboard/help.feature

 @dashboard
-Feature: Help
+Feature: Dashboard Help
   Background:
     Given I sign in as a user
     And I visit the "Rake Tasks" help page

features/dashboard/projects.feature

 @dashboard
-Feature: Dashboard projects
+Feature: Dashboard Projects
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/dashboard/shortcuts.feature

 @dashboard
-Feature: Dashboard shortcuts
+Feature: Dashboard Shortcuts
   Background:
     Given I sign in as a user
     And I visit dashboard page

features/explore/public_groups.feature → features/explore/groups.feature

 @public
-Feature: Explore Groups Feature
+Feature: Explore Groups
   Background:
     Given group "TestGroup" has private project "Enterprise"
 

features/explore/projects.feature

 @public
-Feature: Explore Projects Feature
+Feature: Explore Projects
   Background:
     Given public project "Community"
     And internal project "Internal"

features/profile/active_tab.feature

 @profile
-Feature: Profile active tab
+Feature: Profile Active Tab
   Background:
     Given I sign in as a user
 

features/project/active_tab.feature

-Feature: Project active tab
+Feature: Project Active Tab
   Background:
     Given I sign in as a user
     And I own a project

features/project/commits/branches.feature

-Feature: Project Browse branches
+Feature: Project Commits Branches
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/commits/comments.feature

-Feature: Comments on commits
+Feature: Project Commits Comments
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/commits/commits.feature

-Feature: Project Browse commits
+Feature: Project Commits
   Background:
     Given I sign in as a user
     And I own a project

features/project/commits/diff_comments.feature

-Feature: Comments on commit diffs
+Feature: Project Commits Diff Comments
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/commits/tags.feature

-Feature: Project Browse tags
+Feature: Project Commits Tags
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/commits/user_lookup.feature

-Feature: Project Browse Commits User Lookup
+Feature: Project Commits User Lookup
   Background:
     Given I sign in as a user
     And I own a project

features/project/create.feature

-Feature: Create Project
+Feature: Project Create
   In order to get access to project sections
   A user with ability to create a project
   Should be able to create a new one

features/project/fork.feature

-Feature: Fork Project
+Feature: Project Fork
   Background:
     Given I sign in as a user
     And I am a member of project "Shop"

features/project/issues/filter_labels.feature

-Feature: Project Filter Labels
+Feature: Project Issues Filter Labels
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/issues/issues.feature

@@ -126,3 +126,36 @@ Feature: Project Issues
     When I click label 'bug'
     And I should see "Release 0.4" in issues
     And I should not see "Tweet control" in issues
+
+  Scenario: Issue description should render task checkboxes
+    Given project "Shop" has "Tasks-open" open issue with task markdown
+    When I visit issue page "Tasks-open"
+    Then I should see task checkboxes in the description
+
+  @javascript
+  Scenario: Issue notes should not render task checkboxes
+    Given project "Shop" has "Tasks-open" open issue with task markdown
+    When I visit issue page "Tasks-open"
+    And I leave a comment with task markdown
+    Then I should not see task checkboxes in the comment
+
+  # Task status in issues list
+
+  Scenario: Issues list should display task status
+    Given project "Shop" has "Tasks-open" open issue with task markdown
+    When I visit project "Shop" issues page
+    Then I should see the task status for the Taskable
+
+  # Toggling task items
+
+  @javascript
+  Scenario: Task checkboxes should be enabled for an open issue
+    Given project "Shop" has "Tasks-open" open issue with task markdown
+    When I visit issue page "Tasks-open"
+    Then Task checkboxes should be enabled
+
+  @javascript
+  Scenario: Task checkboxes should be disabled for a closed issue
+    Given project "Shop" has "Tasks-closed" closed issue with task markdown
+    When I visit issue page "Tasks-closed"
+    Then Task checkboxes should be disabled

features/project/issues/labels.feature

-Feature: Project Labels
+Feature: Project Issues Labels
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/issues/milestones.feature

-Feature: Project Milestones
+Feature: Project Issues Milestones
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/merge_requests.feature

@@ -96,6 +96,16 @@ Feature: Project Merge Requests
     And I leave a comment with a header containing "Comment with a header"
     Then The comment with the header should not have an ID
 
+  Scenario: Merge request description should render task checkboxes
+    Given project "Shop" has "MR-task-open" open MR with task markdown
+    When I visit merge request page "MR-task-open"
+    Then I should see task checkboxes in the description
+
+  Scenario: Merge request notes should not render task checkboxes
+    Given project "Shop" has "MR-task-open" open MR with task markdown
+    When I visit merge request page "MR-task-open"
+    Then I should not see task checkboxes in the comment
+
   # Toggling inline comments
 
   @javascript
@@ -105,7 +115,7 @@ Feature: Project Merge Requests
     And I switch to the diff tab
     And I leave a comment like "Line is wrong" on line 39 of the second file
     And I click link "Hide inline discussion" of the second file
-    Then I should not see a comment like "Line is wrong" in the second file
+    Then I should not see a comment like "Line is wrong here" in the second file
 
   @javascript
   Scenario: I show comments on a merge request diff with comments in a single file
@@ -113,8 +123,6 @@ Feature: Project Merge Requests
     And I visit merge request page "Bug NS-05"
     And I switch to the diff tab
     And I leave a comment like "Line is wrong" on line 39 of the second file
-    And I click link "Hide inline discussion" of the second file
-    And I click link "Show inline discussion" of the second file
     Then I should see a comment like "Line is wrong" in the second file
 
   @javascript
@@ -125,7 +133,7 @@ Feature: Project Merge Requests
     And I leave a comment like "Line is correct" on line 12 of the first file
     And I leave a comment like "Line is wrong" on line 39 of the second file
     And I click link "Hide inline discussion" of the second file
-    Then I should not see a comment like "Line is wrong" in the second file
+    Then I should not see a comment like "Line is wrong here" in the second file
     And I should still see a comment like "Line is correct" in the first file
 
   @javascript
@@ -162,3 +170,25 @@ Feature: Project Merge Requests
     And I leave a comment like "Line is wrong" on line 39 of the second file
     And I click Side-by-side Diff tab
     Then I should see comments on the side-by-side diff page
+
+  # Task status in issues list
+
+  Scenario: Merge requests list should display task status
+    Given project "Shop" has "MR-task-open" open MR with task markdown
+    When I visit project "Shop" merge requests page
+    Then I should see the task status for the Taskable
+
+  # Toggling task items
+
+  @javascript
+  Scenario: Task checkboxes should be enabled for an open merge request
+    Given project "Shop" has "MR-task-open" open MR with task markdown
+    When I visit merge request page "MR-task-open"
+    Then Task checkboxes should be enabled
+
+  @javascript
+  Scenario: Task checkboxes should be disabled for a closed merge request
+    Given project "Shop" has "MR-task-open" open MR with task markdown
+    And I visit merge request page "MR-task-open"
+    And I click link "Close"
+    Then Task checkboxes should be disabled

features/project/project.feature

-Feature: Project Feature
+Feature: Project
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/service.feature

@@ -43,6 +43,12 @@ Feature: Project Services
     And I fill Slack settings
     Then I should see Slack service settings saved
 
+  Scenario: Activate Pushover service
+    When I visit project "Shop" services page
+    And I click Pushover service link
+    And I fill Pushover settings
+    Then I should see Pushover service settings saved
+
   Scenario: Activate email on push service
     When I visit project "Shop" services page
     And I click email on push service link

features/project/shortcuts.feature

 @dashboard
-Feature: Project shortcuts
+Feature: Project Shortcuts
   Background:
     Given I sign in as a user
     And I own a project

features/project/source/browse_files.feature

-Feature: Project Browse files
+Feature: Project Source Browse Files
   Background:
     Given I sign in as a user
     And I own project "Shop"
@@ -30,7 +30,7 @@ Feature: Project Browse files
     And I edit code
     And I fill the new file name
     And I fill the commit message
-    And I click on "Commit changes"
+    And I click on "Commit Changes"
     Then I am redirected to the new file
     And I should see its new content
 
@@ -46,7 +46,7 @@ Feature: Project Browse files
     And I click button "Edit"
     And I edit code
     And I fill the commit message
-    And I click on "Commit changes"
+    And I click on "Commit Changes"
     Then I am redirected to the ".gitignore"
     And I should see its new content
 

features/project/source/git_blame.feature

-Feature: Project Browse git repo
+Feature: Project Source Git Blame
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/source/markdown_render.feature

-Feature: Project markdown render
+Feature: Project Source Markdown Render
   Background:
     Given I sign in as a user
     And I own project "Delta"

features/project/source/multiselect_blob.feature

-Feature: Project Multiselect Blob
+Feature: Project Source Multiselect Blob
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/project/source/search_code.feature

-Feature: Project Search code
+Feature: Project Source Search Code
   Background:
     Given I sign in as a user
 

features/project/team_management.feature

-Feature: Project Team management
+Feature: Project Team Management
   Background:
     Given I sign in as a user
     And I own project "Shop"

features/snippets/discover.feature

 @snippets
-Feature: Discover Snippets
+Feature: Snippets Discover
   Background:
     Given I sign in as a user
     And I have public "Personal snippet one" snippet
     And I have private "Personal snippet private" snippet
+    And I have internal "Personal snippet internal" snippet
 
   Scenario: I should see snippets
     Given I visit snippets page
     Then I should see "Personal snippet one" in snippets
+    And I should see "Personal snippet internal" in snippets
     And I should not see "Personal snippet private" in snippets

features/snippets/snippets.feature

 @snippets
-Feature: Snippets Feature
+Feature: Snippets
   Background:
     Given I sign in as a user
     And I have public "Personal snippet one" snippet

features/snippets/user.feature

 @snippets
-Feature: User Snippets
+Feature: Snippets User
   Background:
     Given I sign in as a user
     And I have public "Personal snippet one" snippet
     And I have private "Personal snippet private" snippet
+    And I have internal "Personal snippet internal" snippet
 
   Scenario: I should see all my snippets
     Given I visit my snippets page
     Then I should see "Personal snippet one" in snippets
     And I should see "Personal snippet private" in snippets
+    And I should see "Personal snippet internal" in snippets
 
   Scenario: I can see only my private snippets
     Given I visit my snippets page
     And I click "Private" filter
     Then I should not see "Personal snippet one" in snippets
+    And I should not see "Personal snippet internal" in snippets
     And I should see "Personal snippet private" in snippets
 
   Scenario: I can see only my public snippets
@@ -21,3 +24,11 @@ Feature: User Snippets
     And I click "Public" filter
     Then I should see "Personal snippet one" in snippets
     And I should not see "Personal snippet private" in snippets
+    And I should not see "Personal snippet internal" in snippets
+
+  Scenario: I can see only my internal snippets
+    Given I visit my snippets page
+    And I click "Internal" filter
+    Then I should see "Personal snippet internal" in snippets
+    And I should not see "Personal snippet private" in snippets
+    And I should not see "Personal snippet one" in snippets

features/steps/dashboard/with_archived_projects.rb → features/steps/dashboard/archived_projects.rb

-class Spinach::Features::DashboardWithArchivedProjects < Spinach::FeatureSteps
+class Spinach::Features::DashboardArchivedProjects < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedProject

features/steps/help.rb → features/steps/dashboard/help.rb

-class Spinach::Features::Help < Spinach::FeatureSteps
+class Spinach::Features::DashboardHelp < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedMarkdown

features/steps/explore/groups_feature.rb → features/steps/explore/groups.rb

-class Spinach::Features::ExploreGroupsFeature < Spinach::FeatureSteps
+class Spinach::Features::ExploreGroups < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedGroup

features/steps/explore/projects.rb

-class Spinach::Features::ExploreProjectsFeature < Spinach::FeatureSteps
+class Spinach::Features::ExploreProjects < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedProject

features/steps/project/browse_branches.rb → features/steps/project/commits/branches.rb

-class Spinach::Features::ProjectBrowseBranches < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommitsBranches < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/comments_on_commits.rb → features/steps/project/commits/comments.rb

-class Spinach::Features::CommentsOnCommits < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommitsComments < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedNote
   include SharedPaths

features/steps/project/browse_commits.rb → features/steps/project/commits/commits.rb

-class Spinach::Features::ProjectBrowseCommits < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommits < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths
@@ -8,7 +8,7 @@ class Spinach::Features::ProjectBrowseCommits < Spinach::FeatureSteps
     commit = @project.repository.commit
     page.should have_content(@project.name)
     page.should have_content(commit.message[0..20])
-    page.should have_content(commit.id.to_s[0..5])
+    page.should have_content(commit.short_id)
   end
 
   step 'I click atom feed link' do

features/steps/project/comments_on_commit_diffs.rb → features/steps/project/commits/diff_comments.rb

-class Spinach::Features::CommentsOnCommitDiffs < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommitsDiffComments < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedDiffNote
   include SharedPaths

features/steps/project/browse_tags.rb → features/steps/project/commits/tags.rb

-class Spinach::Features::ProjectBrowseTags < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommitsTags < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/browse_commits_user_lookup.rb → features/steps/project/commits/user_lookup.rb

-class Spinach::Features::ProjectBrowseCommitsUserLookup < Spinach::FeatureSteps
+class Spinach::Features::ProjectCommitsUserLookup < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/create.rb

-class Spinach::Features::CreateProject < Spinach::FeatureSteps
+class Spinach::Features::ProjectCreate < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
 

features/steps/project/fork.rb

-class Spinach::Features::ForkProject < Spinach::FeatureSteps
+class Spinach::Features::ProjectFork < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedProject

features/steps/project/filter_labels.rb → features/steps/project/issues/filter_labels.rb

-class Spinach::Features::ProjectFilterLabels < Spinach::FeatureSteps
+class Spinach::Features::ProjectIssuesFilterLabels < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/issues.rb → features/steps/project/issues/issues.rb

@@ -153,6 +153,14 @@ class Spinach::Features::ProjectIssues < Spinach::FeatureSteps
            author: project.users.first)
   end
 
+  step 'project "Shop" has "Tasks-open" open issue with task markdown' do
+    create_taskable(:issue, 'Tasks-open')
+  end
+
+  step 'project "Shop" has "Tasks-closed" closed issue with task markdown' do
+    create_taskable(:closed_issue, 'Tasks-closed')
+  end
+
   step 'empty project "Empty Project"' do
     create :empty_project, name: 'Empty Project', namespace: @user.namespace
   end

features/steps/project/labels.rb → features/steps/project/issues/labels.rb

-class Spinach::Features::ProjectLabels < Spinach::FeatureSteps
+class Spinach::Features::ProjectIssuesLabels < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/milestones.rb → features/steps/project/issues/milestones.rb

-class Spinach::Features::ProjectMilestones < Spinach::FeatureSteps
+class Spinach::Features::ProjectIssuesMilestones < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/merge_requests.rb

@@ -97,6 +97,10 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
            author: project.users.first)
   end
 
+  step 'project "Shop" has "MR-task-open" open MR with task markdown' do
+    create_taskable(:merge_request, 'MR-task-open')
+  end
+
   step 'I switch to the diff tab' do
     visit diffs_project_merge_request_path(project, merge_request)
   end
@@ -107,7 +111,7 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
 
   step 'I click on the commit in the merge request' do
     within '.mr-commits' do
-      click_link sample_commit.id[0..8]
+      click_link Commit.truncate_sha(sample_commit.id)
     end
   end
 
@@ -211,6 +215,18 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
     end
   end
 
+  step 'I should not see a comment like "Line is wrong here" in the second file' do
+    within '.files [id^=diff]:nth-child(2)' do
+      page.should_not have_visible_content "Line is wrong here"
+    end
+  end
+
+  step 'I should see a comment like "Line is wrong here" in the second file' do
+    within '.files [id^=diff]:nth-child(2) .note-text' do
+      page.should have_visible_content "Line is wrong here"
+    end
+  end
+
   step 'I leave a comment like "Line is correct" on line 12 of the first file' do
     init_diff_note_first_file
 
@@ -228,13 +244,9 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
     init_diff_note_second_file
 
     within(".js-discussion-note-form") do
-      fill_in "note_note", with: "Line is wrong"
+      fill_in "note_note", with: "Line is wrong on here"
       click_button "Add Comment"
     end
-
-    within ".files [id^=diff]:nth-child(2) .note-text" do
-      page.should have_content "Line is wrong"
-    end
   end
 
   step 'I should still see a comment like "Line is correct" in the first file' do

features/steps/project/project.rb

-class Spinach::Features::ProjectFeature < Spinach::FeatureSteps
+class Spinach::Features::Project < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/services.rb

@@ -13,6 +13,7 @@ class Spinach::Features::ProjectServices < Spinach::FeatureSteps
     page.should have_content 'Hipchat'
     page.should have_content 'GitLab CI'
     page.should have_content 'Assembla'
+    page.should have_content 'Pushover'
   end
 
   step 'I click gitlab-ci service link' do
@@ -107,16 +108,34 @@ class Spinach::Features::ProjectServices < Spinach::FeatureSteps
 
   step 'I fill Slack settings' do
     check 'Active'
-    fill_in 'Subdomain', with: 'gitlab'
-    fill_in 'Room', with: '#gitlab'
-    fill_in 'Token', with: 'verySecret'
+    fill_in 'Webhook', with: 'https://gitlabhq.slack.com/services/hooks?token=cdIj4r4LfXUOySDUjp0tk3OI'
     click_button 'Save'
   end
 
   step 'I should see Slack service settings saved' do
-    find_field('Subdomain').value.should == 'gitlab'
-    find_field('Room').value.should == '#gitlab'
-    find_field('Token').value.should == 'verySecret'
+    find_field('Webhook').value.should == 'https://gitlabhq.slack.com/services/hooks?token=cdIj4r4LfXUOySDUjp0tk3OI'
+  end
+
+  step 'I click Pushover service link' do
+    click_link 'Pushover'
+  end
+
+  step 'I fill Pushover settings' do
+    check 'Active'
+    fill_in 'Api key', with: 'verySecret'
+    fill_in 'User key', with: 'verySecret'
+    fill_in 'Device', with: 'myDevice'
+    select 'High Priority', from: 'Priority'
+    select 'Bike', from: 'Sound'
+    click_button 'Save'
+  end
+
+  step 'I should see Pushover service settings saved' do
+    find_field('Api key').value.should == 'verySecret'
+    find_field('User key').value.should == 'verySecret'
+    find_field('Device').value.should == 'myDevice'
+    find_field('Priority').find('option[selected]').value.should == '1'
+    find_field('Sound').find('option[selected]').value.should == 'bike'
   end
 
   step 'I click jira service link' do

features/steps/project/browse_files.rb → features/steps/project/source/browse_files.rb

-class Spinach::Features::ProjectBrowseFiles < Spinach::FeatureSteps
+class Spinach::Features::ProjectSourceBrowseFiles < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths
@@ -69,8 +69,8 @@ class Spinach::Features::ProjectBrowseFiles < Spinach::FeatureSteps
     click_link 'Diff'
   end
 
-  step 'I click on "Commit changes"' do
-    click_button 'Commit changes'
+  step 'I click on "Commit Changes"' do
+    click_button 'Commit Changes'
   end
 
   step 'I click on "Remove"' do

features/steps/project/browse_git_repo.rb → features/steps/project/source/git_blame.rb

-class Spinach::Features::ProjectBrowseGitRepo < Spinach::FeatureSteps
+class Spinach::Features::ProjectSourceGitBlame < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/markdown_render.rb → features/steps/project/source/markdown_render.rb

 # If you need to modify the existing seed repository for your tests,
 # it is recommended that you make the changes on the `markdown` branch of the seed project repository,
 # which should only be used by tests in this file. See `/spec/factories.rb#project` for more info.
-class Spinach::Features::ProjectMarkdownRender < Spinach::FeatureSteps
+class Spinach::Features::ProjectSourceMarkdownRender < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedMarkdown

features/steps/project/multiselect_blob.rb → features/steps/project/source/multiselect_blob.rb

-class Spinach::Features::ProjectMultiselectBlob < Spinach::FeatureSteps
+class Spinach::Features::ProjectSourceMultiselectBlob < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/project/search_code.rb → features/steps/project/source/search_code.rb

-class Spinach::Features::ProjectSearchCode < Spinach::FeatureSteps
+class Spinach::Features::ProjectSourceSearchCode < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths

features/steps/shared/markdown.rb

@@ -6,7 +6,52 @@ module SharedMarkdown
     find(:css, "#{parent} h#{level}##{id} > :last-child")[:href].should =~ /##{id}$/
   end
 
+  def create_taskable(type, title)
+    desc_text = <<EOT.gsub(/^ {6}/, '')
+      * [ ] Task 1
+      * [x] Task 2
+EOT
+
+    case type
+    when :issue, :closed_issue
+      options = { project: project }
+    when :merge_request
+      options = { source_project: project, target_project: project }
+    end
+
+    create(
+      type,
+      options.merge(title: title,
+                    author: project.users.first,
+                    description: desc_text)
+    )
+  end
+
   step 'Header "Description header" should have correct id and link' do
     header_should_have_correct_id_and_link(1, 'Description header', 'description-header')
   end
+
+  step 'I should see task checkboxes in the description' do
+    expect(page).to have_selector(
+      'div.description li.task-list-item input[type="checkbox"]'
+    )
+  end
+
+  step 'I should see the task status for the Taskable' do
+    expect(find(:css, 'span.task-status').text).to eq(
+      '2 tasks (1 done, 1 unfinished)'
+    )
+  end
+
+  step 'Task checkboxes should be enabled' do
+    expect(page).to have_selector(
+      'div.description li.task-list-item input[type="checkbox"]:enabled'
+    )
+  end
+
+  step 'Task checkboxes should be disabled' do
+    expect(page).to have_selector(
+      'div.description li.task-list-item input[type="checkbox"]:disabled'
+    )
+  end
 end

features/steps/shared/note.rb

@@ -119,4 +119,18 @@ module SharedNote
       page.should_not have_css("#comment-with-a-header")
     end
   end
+
+  step 'I leave a comment with task markdown' do
+    within('.js-main-target-form') do
+      fill_in 'note[note]', with: '* [x] Task item'
+      click_button 'Add Comment'
+      sleep 0.05
+    end
+  end
+
+  step 'I should not see task checkboxes in the comment' do
+    expect(page).not_to have_selector(
+      'li.note div.timeline-content input[type="checkbox"]'
+    )
+  end
 end

features/steps/shared/paths.rb

@@ -307,6 +307,16 @@ module SharedPaths
     visit project_issue_path(issue.project, issue)
   end
 
+  step 'I visit issue page "Tasks-open"' do
+    issue = Issue.find_by(title: 'Tasks-open')
+    visit project_issue_path(issue.project, issue)
+  end
+
+  step 'I visit issue page "Tasks-closed"' do
+    issue = Issue.find_by(title: 'Tasks-closed')
+    visit project_issue_path(issue.project, issue)
+  end
+
   step 'I visit project "Shop" labels page' do
     project = Project.find_by(name: 'Shop')
     visit project_labels_path(project)
@@ -337,6 +347,16 @@ module SharedPaths
     visit project_merge_request_path(mr.target_project, mr)
   end
 
+  step 'I visit merge request page "MR-task-open"' do
+    mr = MergeRequest.find_by(title: 'MR-task-open')
+    visit project_merge_request_path(mr.target_project, mr)
+  end
+
+  step 'I visit merge request page "MR-task-closed"' do
+    mr = MergeRequest.find_by(title: 'MR-task-closed')
+    visit project_merge_request_path(mr.target_project, mr)
+  end
+
   step 'I visit project "Shop" merge requests page' do
     visit project_merge_requests_path(project)
   end

features/steps/shared/snippet.rb

@@ -6,7 +6,7 @@ module SharedSnippet
            title: "Personal snippet one",
            content: "Test content",
            file_name: "snippet.rb",
-           private: false,
+           visibility_level: Snippet::PUBLIC,
            author: current_user)
   end
 
@@ -15,9 +15,19 @@ module SharedSnippet
            title: "Personal snippet private",
            content: "Provate content",
            file_name: "private_snippet.rb",
-           private: true,
+           visibility_level: Snippet::PRIVATE,
            author: current_user)
   end
+  
+  step 'I have internal "Personal snippet internal" snippet' do
+    create(:personal_snippet,
+           title: "Personal snippet internal",
+           content: "Provate content",
+           file_name: "internal_snippet.rb",
+           visibility_level: Snippet::INTERNAL,
+           author: current_user)
+  end
+  
   step 'I have a public many lined snippet' do
     create(:personal_snippet,
            title: 'Many lined snippet',
@@ -38,7 +48,7 @@ module SharedSnippet
              |line fourteen
            END
            file_name: 'many_lined_snippet.rb',
-           private: true,
+           visibility_level: Snippet::PUBLIC,
            author: current_user)
   end
 end

features/steps/snippets/discover.rb

-class Spinach::Features::DiscoverSnippets < Spinach::FeatureSteps
+class Spinach::Features::SnippetsDiscover < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedSnippet
@@ -7,6 +7,10 @@ class Spinach::Features::DiscoverSnippets < Spinach::FeatureSteps
     page.should have_content "Personal snippet one"
   end
 
+  step 'I should see "Personal snippet internal" in snippets' do
+    page.should have_content "Personal snippet internal"
+  end
+
   step 'I should not see "Personal snippet private" in snippets' do
     page.should_not have_content "Personal snippet private"
   end

features/steps/snippets/snippets.rb

-class Spinach::Features::SnippetsFeature < Spinach::FeatureSteps
+class Spinach::Features::Snippets < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedProject
@@ -46,7 +46,7 @@ class Spinach::Features::SnippetsFeature < Spinach::FeatureSteps
   end
 
   step 'I uncheck "Private" checkbox' do
-    choose "Public"
+    choose "Internal"
     click_button "Save"
   end
 

features/steps/snippets/user.rb

-class Spinach::Features::UserSnippets < Spinach::FeatureSteps
+class Spinach::Features::SnippetsUser < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedPaths
   include SharedSnippet
@@ -15,6 +15,10 @@ class Spinach::Features::UserSnippets < Spinach::FeatureSteps
     page.should have_content "Personal snippet private"
   end
 
+  step 'I should see "Personal snippet internal" in snippets' do
+    page.should have_content "Personal snippet internal"
+  end
+
   step 'I should not see "Personal snippet one" in snippets' do
     page.should_not have_content "Personal snippet one"
   end
@@ -23,9 +27,13 @@ class Spinach::Features::UserSnippets < Spinach::FeatureSteps
     page.should_not have_content "Personal snippet private"
   end
 
-  step 'I click "Public" filter' do
+  step 'I should not see "Personal snippet internal" in snippets' do
+    page.should_not have_content "Personal snippet internal"
+  end
+
+  step 'I click "Internal" filter' do
     within('.nav-stacked') do
-      click_link "Public"
+      click_link "Internal"
     end
   end
 
@@ -35,6 +43,12 @@ class Spinach::Features::UserSnippets < Spinach::FeatureSteps
     end
   end
 
+  step 'I click "Public" filter' do
+    within('.nav-stacked') do
+      click_link "Public"
+    end
+  end
+
   def snippet
     @snippet ||= PersonalSnippet.find_by!(title: "Personal snippet one")
   end

lib/api/internal.rb

@@ -14,13 +14,20 @@ module API
       #
       post "/allowed" do
         status 200
+        project_path = params[:project]
 
         # Check for *.wiki repositories.
         # Strip out the .wiki from the pathname before finding the
         # project. This applies the correct project permissions to
         # the wiki repository as well.
-        project_path = params[:project]
-        project_path.gsub!(/\.wiki/,'') if project_path =~ /\.wiki/
+        access =
+          if project_path =~ /\.wiki\Z/
+            project_path.sub!(/\.wiki\Z/, '')
+            Gitlab::GitAccessWiki.new
+          else
+            Gitlab::GitAccess.new
+          end
+
         project = Project.find_with_namespace(project_path)
         return false unless project
 
@@ -32,7 +39,7 @@ module API
 
         return false unless actor
 
-        Gitlab::GitAccess.new.allowed?(
+        access.allowed?(
           actor,
           params[:action],
           project,

lib/api/ldap.rb

@@ -16,8 +16,8 @@ module API
       # Example Request:
       #  GET /ldap/groups
       get 'groups' do
-        provider = Gitlab::LDAP::Config.servers.first.provider_name
-        @groups = get_group_list(provider, params[:search])
+        provider = Gitlab::LDAP::Config.servers.first['provider_name']
+        @groups = Gitlab::LDAP::Adapter.new(provider).groups("#{params[:search]}*", 20)
         present @groups, with: Entities::LdapGroup
       end
 
@@ -28,6 +28,9 @@ module API
       #  GET /ldap/ldapmain/groups
       get ':provider/groups' do
         @groups = get_group_list(params[:provider], params[:search])
+
+        # NOTE: this should be deprecated in favour of /ldap/PROVIDER_NAME/groups
+        # for now we just select the first LDAP server
         present @groups, with: Entities::LdapGroup
       end
     end

lib/gitlab/auth.rb

@@ -9,18 +9,10 @@ module Gitlab
         # Second chance - try LDAP authentication
         return nil unless Gitlab::LDAP::Config.enabled?
 
-        Gitlab::LDAP::User.authenticate(login, password)
+        Gitlab::LDAP::Authentication.login(login, password)
       else
         user if user.valid_password?(password)
       end
     end
-
-    def log
-      Gitlab::AppLogger
-    end
-
-    def ldap_conf
-      @ldap_conf ||= Gitlab.config.ldap
-    end
   end
 end

lib/gitlab/closing_issue_extractor.rb

@@ -6,7 +6,7 @@ module Gitlab
       md = ISSUE_CLOSING_REGEX.match(message)
       if md
         extractor = Gitlab::ReferenceExtractor.new
-        extractor.analyze(md[0])
+        extractor.analyze(md[0], project)
         extractor.issues_for(project)
       else
         []

lib/gitlab/git_access.rb

@@ -49,6 +49,17 @@ module Gitlab
 
       # Iterate over all changes to find if user allowed all of them to be applied
       changes.each do |change|
+        unless change_allowed?(user, project, change)
+          # If user does not have access to make at least one change - cancel all push
+          return false
+        end
+      end
+
+      # If user has access to make all changes
+      true
+    end
+
+    def change_allowed?(user, project, change)
       oldrev, newrev, ref = change.split(' ')
 
       action = if project.protected_branch?(branch_name(ref))
@@ -67,15 +78,9 @@ module Gitlab
                else
                  :push_code
                end
-        unless user.can?(action, project) &&
-          pass_git_hooks?(user, project, ref, oldrev, newrev)
-          # If user does not have access to make at least one change - cancel all push
-          return false
-        end
-      end
 
-      # If user has access to make all changes
-      true
+      user.can?(action, project) &&
+        pass_git_hooks?(user, project, ref, oldrev, newrev)
     end
 
     def forced_push?(project, oldrev, newrev)

lib/gitlab/git_access_wiki.rb

+module Gitlab
+  class GitAccessWiki < GitAccess
+    def change_allowed?(user, project, change)
+      user.can?(:write_wiki, project)
+    end
+  end
+end

lib/gitlab/ldap/access.rb

@@ -49,6 +49,10 @@ module Gitlab
         @adapter ||= Gitlab::LDAP::Adapter.new(provider)
       end
 
+      def ldap_config
+        Gitlab::LDAP::Config.new(provider)
+      end
+
       def ldap_user
         @ldap_user ||= Gitlab::LDAP::Person.find_by_dn(user.extern_uid, adapter)
       end
@@ -146,10 +150,6 @@ module Gitlab
         end.map(&:cn)
       end
 
-      def ldap_config
-        Gitlab::LDAP::Config.new(provider)
-      end
-
       def sync_ssh_keys?
         ldap_config.sync_ssh_keys?
       end

lib/gitlab/ldap/authentication.rb

+# This calls helps to authenticate to LDAP by providing username and password
+#
+# Since multiple LDAP servers are supported, it will loop through all of them
+# until a valid bind is found
+#
+
+module Gitlab
+  module LDAP
+    class Authentication
+      def self.login(login, password)
+        return unless Gitlab::LDAP::Config.enabled?
+        return unless login.present? && password.present?
+
+        auth = nil
+        # loop through providers until valid bind
+        providers.find do |provider|
+          auth = new(provider)
+          auth.login(login, password) # true will exit the loop
+        end
+
+        # If (login, password) was invalid for all providers, the value of auth is now the last
+        # Gitlab::LDAP::Authentication instance we tried.
+        auth.user
+      end
+
+      def self.providers
+        Gitlab::LDAP::Config.providers
+      end
+
+      attr_accessor :provider, :ldap_user
+
+      def initialize(provider)
+        @provider = provider
+      end
+
+      def login(login, password)
+        @ldap_user = adapter.bind_as(
+          filter: user_filter(login),
+          size: 1,
+          password: password
+        )
+      end
+
+      def adapter
+        OmniAuth::LDAP::Adaptor.new(config.options)
+      end
+
+      def config
+        Gitlab::LDAP::Config.new(provider)
+      end
+
+      def user_filter(login)
+        filter = Net::LDAP::Filter.eq(config.uid, login)
+
+        # Apply LDAP user filter if present
+        if config.user_filter.present?
+          filter = Net::LDAP::Filter.join(
+            filter,
+            Net::LDAP::Filter.construct(config.user_filter)
+          )
+        end
+        filter
+      end
+
+      def user
+        return nil unless ldap_user
+        Gitlab::LDAP::User.find_by_uid_and_provider(ldap_user.dn, provider)
+      end
+    end
+  end
+end
\ No newline at end of file

lib/gitlab/ldap/config.rb

@@ -9,11 +9,11 @@ module Gitlab
       end
 
       def self.servers
-        Gitlab.config.ldap.servers
+        Gitlab.config.ldap.servers.values
       end
 
       def self.providers
-        servers.map &:provider_name
+        servers.map {|server| server['provider_name'] }
       end
 
       def initialize(provider)
@@ -79,7 +79,7 @@ module Gitlab
       end
 
       def config_for(provider)
-        base_config.servers.find { |server| server.provider_name == provider }
+        base_config.servers.values.find { |server| server['provider_name'] == provider }
       end
 
       def encryption

lib/gitlab/ldap/group.rb

@@ -36,7 +36,7 @@ module Gitlab
           member_uids.include?(user.uid)
         elsif member_dns.include?(user.dn)
           true
-        else
+        elsif Gitlab.config.ldap.active_directory
           adapter.dn_matches_filter?(user.dn, active_directory_recursive_memberof_filter)
         end
       end

lib/gitlab/ldap/person.rb

@@ -9,7 +9,7 @@ module Gitlab
       attr_accessor :entry, :provider
 
       def self.find_by_uid(uid, adapter)
-        adapter.user(Gitlab.config.ldap.uid, uid)
+        adapter.user(adapter.config.uid, uid)
       end
 
       def self.find_by_dn(dn, adapter)

lib/gitlab/ldap/user.rb

@@ -10,52 +10,12 @@ module Gitlab
   module LDAP
     class User < Gitlab::OAuth::User
       class << self
-        # TODO: Look through LDAP servers until valid credentials are found?
-        def authenticate(login, password)
-          # Check user against LDAP backend if user is not authenticated
-          # Only check with valid login and password to prevent anonymous bind results
-          return nil unless ldap_conf.enabled? && login.present? && password.present?
-
-          ldap_user = adapter.bind_as(
-            filter: user_filter(login),
-            size: 1,
-            password: password
-          )
-
-          find_by_uid(ldap_user.dn) if ldap_user
-        end
-
-        def adapter
-          @adapter ||= OmniAuth::LDAP::Adaptor.new(ldap_conf.options)
-        end
-
-        def user_filter(login)
-          filter = Net::LDAP::Filter.eq(adapter.uid, login)
-          # Apply LDAP user filter if present
-          if ldap_conf.user_filter.present?
-            user_filter = Net::LDAP::Filter.construct(ldap_conf.user_filter)
-            filter = Net::LDAP::Filter.join(filter, user_filter)
-          end
-          filter
-        end
-
-        def ldap_conf
-          Gitlab::LDAP::Config.new(provider)
-        end
-
-        def find_by_uid(uid)
+        def find_by_uid_and_provider(uid, provider)
           # LDAP distinguished name is case-insensitive
-          model.
+          ::User.
             where(provider: [provider, :ldap]).
             where('lower(extern_uid) = ?', uid.downcase).last
         end
-
-        def provider
-          # Note: for backwards compatibility we just get the first provider
-          # Later on, we should loop through all servers until a successful
-          # authentication
-          Gitlab::LDAP::Config.servers.first.provider_name
-        end
       end
 
       def initialize(auth_hash)
@@ -69,10 +29,8 @@ module Gitlab
       end
 
       def find_by_uid_and_provider
-        # LDAP distinguished name is case-insensitive
-        model.
-          where(provider: [auth_hash.provider, :ldap]).
-          where('lower(extern_uid) = ?', auth_hash.uid.downcase).last
+        self.class.find_by_uid_and_provider(
+          auth_hash.uid.downcase, auth_hash.provider)
       end
 
       def find_by_email

lib/gitlab/markdown.rb

@@ -33,6 +33,11 @@ module Gitlab
 
     attr_reader :html_options
 
+    def gfm_with_tasks(text, project = @project, html_options = {})
+      text = gfm(text, project, html_options)
+      parse_tasks(text)
+    end
+
     # Public: Parse the provided text with GitLab-Flavored Markdown
     #
     # text         - the source text
@@ -65,14 +70,22 @@ module Gitlab
         insert_piece($1)
       end
 
-      # Context passed to the markdoqwn pipeline
+      # Used markdown pipelines in GitLab:
+      # GitlabEmojiFilter - performs emoji replacement.
+      #
+      # see https://gitlab.com/gitlab-org/html-pipeline-gitlab for more filters
+      filters = [
+        HTML::Pipeline::Gitlab::GitlabEmojiFilter
+      ]
+
       markdown_context = {
-        asset_root: File.join(root_url,
-                              Gitlab::Application.config.assets.prefix)
+              asset_root: Gitlab.config.gitlab.url,
+              asset_host: Gitlab::Application.config.asset_host
       }
 
-      result = HTML::Pipeline::Gitlab::MarkdownPipeline.call(text,
-                                                             markdown_context)
+      markdown_pipeline = HTML::Pipeline::Gitlab.new(filters).pipeline
+
+      result = markdown_pipeline.call(text, markdown_context)
       text = result[:output].to_html(save_with: 0)
 
       allowed_attributes = ActionView::Base.sanitized_allowed_attributes
@@ -108,15 +121,18 @@ module Gitlab
       text
     end
 
+    NAME_STR = '[a-zA-Z][a-zA-Z0-9_\-\.]*'
+    PROJ_STR = "(?<project>#{NAME_STR}/#{NAME_STR})"
+
     REFERENCE_PATTERN = %r{
       (?<prefix>\W)?                         # Prefix
       (                                      # Reference
-         @(?<user>[a-zA-Z][a-zA-Z0-9_\-\.]*) # User name
+         @(?<user>#{NAME_STR})               # User name
         |(?<issue>([A-Z\-]+-)\d+)            # JIRA Issue ID
-        |\#(?<issue>([a-zA-Z\-]+-)?\d+)      # Issue ID
-        |!(?<merge_request>\d+)              # MR ID
+        |#{PROJ_STR}?\#(?<issue>([a-zA-Z\-]+-)?\d+) # Issue ID
+        |#{PROJ_STR}?!(?<merge_request>\d+)  # MR ID
         |\$(?<snippet>\d+)                   # Snippet ID
-        |(?<commit>[\h]{6,40})               # Commit ID
+        |(#{PROJ_STR}@)?(?<commit>[\h]{6,40}) # Commit ID
         |(?<skip>gfm-extraction-[\h]{6,40})  # Skip gfm extractions. Otherwise will be parsed as commit
       )
       (?<suffix>\W)?                         # Suffix
@@ -127,25 +143,46 @@ module Gitlab
     def parse_references(text, project = @project)
       # parse reference links
       text.gsub!(REFERENCE_PATTERN) do |match|
-        prefix     = $~[:prefix]
-        suffix     = $~[:suffix]
         type       = TYPES.select{|t| !$~[t].nil?}.first
 
-        if type
-          identifier = $~[type]
+        actual_project = project
+        project_prefix = nil
+        project_path = $LAST_MATCH_INFO[:project]
+        if project_path
+          actual_project = ::Project.find_with_namespace(project_path)
+          project_prefix = project_path
+        end
 
-          # Avoid HTML entities
-          if prefix && suffix && prefix[0] == '&' && suffix[-1] == ';'
-            match
-          elsif ref_link = reference_link(type, identifier, project)
-            "#{prefix}#{ref_link}#{suffix}"
-          else
-            match
+        parse_result($LAST_MATCH_INFO, type,
+                     actual_project, project_prefix) || match
       end
+    end
+
+    # Called from #parse_references.  Attempts to build a gitlab reference
+    # link.  Returns nil if +type+ is nil, if the match string is an HTML
+    # entity, if the reference is invalid, or if the matched text includes an
+    # invalid project path.
+    def parse_result(match_info, type, project, project_prefix)
+      prefix = match_info[:prefix]
+      suffix = match_info[:suffix]
+
+      return nil if html_entity?(prefix, suffix) || type.nil?
+      return nil if project.nil? && !project_prefix.nil?
+
+      identifier = match_info[type]
+      ref_link = reference_link(type, identifier, project, project_prefix)
+
+      if ref_link
+        "#{prefix}#{ref_link}#{suffix}"
       else
-          match
+        nil
       end
     end
+
+    # Return true if the +prefix+ and +suffix+ indicate that the matched string
+    # is an HTML entity like &amp;
+    def html_entity?(prefix, suffix)
+      prefix && suffix && prefix[0] == '&' && suffix[-1] == ';'
     end
 
     # Private: Dispatches to a dedicated processing method based on reference
@@ -154,11 +191,11 @@ module Gitlab
     # identifier - Object identifier (Issue ID, SHA hash, etc.)
     #
     # Returns string rendered by the processing method
-    def reference_link(type, identifier, project = @project)
-      send("reference_#{type}", identifier, project)
+    def reference_link(type, identifier, project = @project, prefix_text = nil)
+      send("reference_#{type}", identifier, project, prefix_text)
     end
 
-    def reference_user(identifier, project = @project)
+    def reference_user(identifier, project = @project, _ = nil)
       options = html_options.merge(
           class: "gfm gfm-team_member #{html_options[:class]}"
         )
@@ -170,39 +207,41 @@ module Gitlab
       end
     end
 
-    def reference_issue(identifier, project = @project)
+    def reference_issue(identifier, project = @project, prefix_text = nil)
       if project.used_default_issues_tracker? || !external_issues_tracker_enabled?
         if project.issue_exists? identifier
           url = url_for_issue(identifier, project)
-          title = title_for_issue(identifier)
+          title = title_for_issue(identifier, project)
           options = html_options.merge(
             title: "Issue: #{title}",
             class: "gfm gfm-issue #{html_options[:class]}"
           )
 
-          link_to("##{identifier}", url, options)
+          link_to("#{prefix_text}##{identifier}", url, options)
         end
       else
         config = Gitlab.config
         external_issue_tracker = config.issues_tracker[project.issues_tracker]
         if external_issue_tracker.present?
-          reference_external_issue(identifier, external_issue_tracker, project)
+          reference_external_issue(identifier, external_issue_tracker, project,
+                                   prefix_text)
         end
       end
     end
 
-    def reference_merge_request(identifier, project = @project)
+    def reference_merge_request(identifier, project = @project,
+                                prefix_text = nil)
       if merge_request = project.merge_requests.find_by(iid: identifier)
         options = html_options.merge(
           title: "Merge Request: #{merge_request.title}",
           class: "gfm gfm-merge_request #{html_options[:class]}"
         )
         url = project_merge_request_url(project, merge_request)
-        link_to("!#{identifier}", url, options)
+        link_to("#{prefix_text}!#{identifier}", url, options)
       end
     end
 
-    def reference_snippet(identifier, project = @project)
+    def reference_snippet(identifier, project = @project, _ = nil)
       if snippet = project.snippets.find_by(id: identifier)
         options = html_options.merge(
           title: "Snippet: #{snippet.title}",
@@ -213,17 +252,23 @@ module Gitlab
       end
     end
 
-    def reference_commit(identifier, project = @project)
+    def reference_commit(identifier, project = @project, prefix_text = nil)
       if project.valid_repo? && commit = project.repository.commit(identifier)
         options = html_options.merge(
           title: commit.link_title,
           class: "gfm gfm-commit #{html_options[:class]}"
         )
-        link_to(identifier, project_commit_url(project, commit), options)
+        prefix_text = "#{prefix_text}@" if prefix_text
+        link_to(
+          "#{prefix_text}#{identifier}",
+          project_commit_url(project, commit),
+          options
+        )
       end
     end
 
-    def reference_external_issue(identifier, issue_tracker, project = @project)
+    def reference_external_issue(identifier, issue_tracker, project = @project,
+                                 prefix_text = nil)
       url = url_for_issue(identifier, project)
       title = issue_tracker['title']
 
@@ -231,7 +276,26 @@ module Gitlab
         title: "Issue in #{title}",
         class: "gfm gfm-issue #{html_options[:class]}"
       )
-      link_to("##{identifier}", url, options)
+      link_to("#{prefix_text}##{identifier}", url, options)
+    end
+
+    # Turn list items that start with "[ ]" into HTML checkbox inputs.
+    def parse_tasks(text)
+      li_tag = '<li class="task-list-item">'
+      unchecked_box = '<input type="checkbox" value="on" disabled />'
+      checked_box = unchecked_box.sub(/\/>$/, 'checked="checked" />')
+
+      # Regexp captures don't seem to work when +text+ is an
+      # ActiveSupport::SafeBuffer, hence the `String.new`
+      String.new(text).gsub(Taskable::TASK_PATTERN_HTML) do
+        checked = $LAST_MATCH_INFO[:checked].downcase == 'x'
+
+        if checked
+          "#{li_tag}#{checked_box}"
+        else
+          "#{li_tag}#{unchecked_box}"
+        end
+      end
     end
   end
 end

lib/gitlab/markdown_helper.rb

@@ -21,5 +21,9 @@ module Gitlab
     def gitlab_markdown?(filename)
       filename.downcase.end_with?(*%w(.mdown .md .markdown))
     end
+
+    def previewable?(filename)
+      gitlab_markdown?(filename) || markup?(filename)
+    end
   end
 end

lib/gitlab/oauth/user.rb

@@ -70,10 +70,6 @@ module Gitlab
         Gitlab::AppLogger
       end
 
-      def raise_error(message)
-        raise OmniAuth::Error, "(OAuth) " + message
-      end
-
       def needs_blocking?
         Gitlab.config.omniauth['block_auto_created_users']
       end

lib/gitlab/reference_extractor.rb

@@ -9,57 +9,69 @@ module Gitlab
       @users, @issues, @merge_requests, @snippets, @commits = [], [], [], [], []
     end
 
-    def analyze(string)
-      parse_references(string.dup)
+    def analyze(string, project)
+      parse_references(string.dup, project)
     end
 
     # Given a valid project, resolve the extracted identifiers of the requested type to
     # model objects.
 
     def users_for(project)
-      users.map do |identifier|
-        project.users.where(username: identifier).first
+      users.map do |entry|
+        project.users.where(username: entry[:id]).first
       end.reject(&:nil?)
     end
 
-    def issues_for(project)
-      if project.jira_tracker?
+    def issues_for(project = nil)
+      if project && project.jira_tracker?
         issues.uniq.map do |jira_identifier|
-          JiraIssue.new(jira_identifier)
+          JiraIssue.new(jira_identifier[:id])
         end
       else
-        issues.map do |identifier|
-          project.issues.where(iid: identifier).first
+        issues.map do |entry|
+          if should_lookup?(project, entry[:project])
+            entry[:project].issues.where(iid: entry[:id]).first
+          end
         end.reject(&:nil?)
       end
     end
 
-    def merge_requests_for(project)
-      merge_requests.map do |identifier|
-        project.merge_requests.where(iid: identifier).first
+    def merge_requests_for(project = nil)
+      merge_requests.map do |entry|
+        if should_lookup?(project, entry[:project])
+          entry[:project].merge_requests.where(iid: entry[:id]).first
+        end
       end.reject(&:nil?)
     end
 
     def snippets_for(project)
-      snippets.map do |identifier|
-        project.snippets.where(id: identifier).first
+      snippets.map do |entry|
+        project.snippets.where(id: entry[:id]).first
       end.reject(&:nil?)
     end
 
-    def commits_for(project)
-      repo = project.repository
-      return [] if repo.nil?
-
-      commits.map do |identifier|
-        repo.commit(identifier)
+    def commits_for(project = nil)
+      commits.map do |entry|
+        repo = entry[:project].repository if entry[:project]
+        if should_lookup?(project, entry[:project])
+          repo.commit(entry[:id]) if repo
+        end
       end.reject(&:nil?)
     end
 
     private
 
-    def reference_link(type, identifier, project)
+    def reference_link(type, identifier, project, _)
       # Append identifier to the appropriate collection.
-      send("#{type}s") << identifier
+      send("#{type}s") << { project: project, id: identifier }
+    end
+
+    def should_lookup?(project, entry_project)
+      if entry_project.nil?
+        false
+      else
+        project.nil? || project.id == entry_project.id
+      end
     end
   end
 end

lib/redcarpet/render/gitlab_html.rb

@@ -10,6 +10,17 @@ class Redcarpet::Render::GitlabHTML < Redcarpet::Render::HTML
     super options
   end
 
+  # If project has issue number 39, apostrophe will be linked in
+  # regular text to the issue as Redcarpet will convert apostrophe to
+  # #39;
+  # We replace apostrophe with right single quote before Redcarpet
+  # does the processing and put the apostrophe back in postprocessing.
+  # This only influences regular text, code blocks are untouched.
+  def normal_text(text)
+    return text unless text.present?
+    text.gsub("'", "&rsquo;")
+  end
+
   def block_code(code, language)
     # New lines are placed to fix an rendering issue
     # with code wrapped inside <h1> tag for next case:
@@ -44,9 +55,14 @@ class Redcarpet::Render::GitlabHTML < Redcarpet::Render::HTML
   end
 
   def postprocess(full_document)
+    full_document.gsub!("&rsquo;", "'")
     unless @template.instance_variable_get("@project_wiki") || @project.nil?
       full_document = h.create_relative_links(full_document)
     end
+    if @options[:parse_tasks]
+      h.gfm_with_tasks(full_document)
+    else
       h.gfm(full_document)
     end
+  end
 end

lib/support/nginx/gitlab-ssl

@@ -65,7 +65,8 @@ server {
   ssl_certificate /etc/nginx/ssl/gitlab.crt;
   ssl_certificate_key /etc/nginx/ssl/gitlab.key;
 
-  ssl_ciphers 'AES256+EECDH:AES256+EDH';
+  # GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs
+  ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';
 
   ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
   ssl_session_cache  builtin:1000  shared:SSL:10m;

lib/tasks/gitlab/import.rake

@@ -27,7 +27,10 @@ namespace :gitlab do
         group_name = nil if group_name == '.'
 
         # Skip if group or user
-        next if namespaces.include?(name)
+        if namespaces.include?(name)
+          puts "Skipping #{project.name} due to namespace conflict with group or user".yellow
+          next
+        end
 
         puts "Processing #{repo_path}".yellow
 

spec/features/projects_spec.rb

@@ -10,8 +10,12 @@ describe "Projects", feature: true  do
       visit edit_project_path(@project)
     end
 
-    it "should be correct path" do
-      expect { click_link "Remove project" }.to change {Project.count}.by(-1)
+    it "should be correct path", js: true do
+      expect {
+        click_link "Remove project"
+        fill_in 'confirm_name_input', with: @project.path
+        click_button 'Confirm'
+      }.to change {Project.count}.by(-1)
     end
   end
 end

spec/finders/snippets_finder_spec.rb

+require 'spec_helper'
+
+describe SnippetsFinder do
+  let(:user) { create :user }
+  let(:user1) { create :user }
+  let(:group) { create :group }
+
+  let(:project1) { create(:empty_project, :public,   group: group) }
+  let(:project2) { create(:empty_project, :private,  group: group) }
+  
+
+  context ':all filter' do
+    before do
+      @snippet1 = create(:personal_snippet, visibility_level: Snippet::PRIVATE)
+      @snippet2 = create(:personal_snippet, visibility_level: Snippet::INTERNAL)
+      @snippet3 = create(:personal_snippet, visibility_level: Snippet::PUBLIC)
+    end
+
+    it "returns all private and internal snippets" do
+      snippets = SnippetsFinder.new.execute(user, filter: :all)
+      snippets.should include(@snippet2, @snippet3)
+      snippets.should_not include(@snippet1)
+    end
+
+    it "returns all public snippets" do
+      snippets = SnippetsFinder.new.execute(nil, filter: :all)
+      snippets.should include(@snippet3)
+      snippets.should_not include(@snippet1, @snippet2)
+    end
+  end
+
+  context ':by_user filter' do
+    before do
+      @snippet1 = create(:personal_snippet, visibility_level: Snippet::PRIVATE, author: user)
+      @snippet2 = create(:personal_snippet, visibility_level: Snippet::INTERNAL, author: user)
+      @snippet3 = create(:personal_snippet, visibility_level: Snippet::PUBLIC, author: user)
+    end
+
+    it "returns all public and internal snippets" do
+      snippets = SnippetsFinder.new.execute(user1, filter: :by_user, user: user)
+      snippets.should include(@snippet2, @snippet3)
+      snippets.should_not include(@snippet1)
+    end
+
+    it "returns internal snippets" do
+      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_internal")
+      snippets.should include(@snippet2)
+      snippets.should_not include(@snippet1, @snippet3)
+    end
+
+    it "returns private snippets" do
+      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_private")
+      snippets.should include(@snippet1)
+      snippets.should_not include(@snippet2, @snippet3)
+    end
+
+    it "returns public snippets" do
+      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_public")
+      snippets.should include(@snippet3)
+      snippets.should_not include(@snippet1, @snippet2)
+    end
+
+    it "returns all snippets" do
+      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user)
+      snippets.should include(@snippet1, @snippet2, @snippet3)
+    end
+  end
+
+  context 'by_project filter' do
+    before do
+      @snippet1 = create(:project_snippet, visibility_level: Snippet::PRIVATE, project: project1)
+      @snippet2 = create(:project_snippet, visibility_level: Snippet::INTERNAL, project: project1)
+      @snippet3 = create(:project_snippet, visibility_level: Snippet::PUBLIC, project: project1)
+    end
+
+    it "returns public snippets for unauthorized user" do
+      snippets = SnippetsFinder.new.execute(nil, filter: :by_project, project: project1)
+      snippets.should include(@snippet3)
+      snippets.should_not include(@snippet1, @snippet2)
+    end
+
+    it "returns public and internal snippets for none project members" do
+      snippets = SnippetsFinder.new.execute(user, filter: :by_project, project: project1)
+      snippets.should include(@snippet2, @snippet3)
+      snippets.should_not include(@snippet1)
+    end
+
+    it "returns all snippets for project members" do
+      project1.team << [user, :developer] 
+      snippets = SnippetsFinder.new.execute(user, filter: :by_project, project: project1)
+      snippets.should include(@snippet1, @snippet2, @snippet3)
+    end
+  end
+end

spec/helpers/events_helper_spec.rb

+require 'spec_helper'
+
+describe EventsHelper do
+  include ApplicationHelper
+  include GitlabMarkdownHelper
+
+  it 'should display one line of plain text without alteration' do
+    input = 'A short, plain note'
+    expect(event_note(input)).to match(input)
+    expect(event_note(input)).not_to match(/\.\.\.\z/)
+  end
+
+  it 'should display inline code' do
+    input = 'A note with `inline code`'
+    expected = 'A note with <code>inline code</code>'
+
+    expect(event_note(input)).to match(expected)
+  end
+
+  it 'should truncate a note with multiple paragraphs' do
+    input = "Paragraph 1\n\nParagraph 2"
+    expected = 'Paragraph 1...'
+
+    expect(event_note(input)).to match(expected)
+  end
+
+  it 'should display the first line of a code block' do
+    input = "```\nCode block\nwith two lines\n```"
+    expected = '<pre><code class="">Code block...</code></pre>'
+
+    expect(event_note(input)).to match(expected)
+  end
+
+  it 'should truncate a single long line of text' do
+    text = 'The quick brown fox jumped over the lazy dog twice' # 50 chars
+    input = "#{text}#{text}#{text}#{text}" # 200 chars
+    expected = "#{text}#{text}".sub(/.{3}/, '...')
+
+    expect(event_note(input)).to match(expected)
+  end
+
+  it 'should preserve a link href when link text is truncated' do
+    text = 'The quick brown fox jumped over the lazy dog' # 44 chars
+    input = "#{text}#{text}#{text} " # 133 chars
+    link_url = 'http://example.com/foo/bar/baz' # 30 chars
+    input << link_url
+    expected_link_text = 'http://example...</a>'
+
+    expect(event_note(input)).to match(link_url)
+    expect(event_note(input)).to match(expected_link_text)
+  end
+end

spec/helpers/gitlab_markdown_helper_spec.rb

@@ -60,7 +60,7 @@ describe GitlabMarkdownHelper do
       end
 
       it "should link using a short id" do
-        actual = "Backported from #{commit.short_id(6)}"
+        actual = "Backported from #{commit.short_id}"
         gfm(actual).should match(expected)
       end
 
@@ -181,6 +181,76 @@ describe GitlabMarkdownHelper do
       end
     end
 
+    # Shared examples for referencing an object in a different project
+    #
+    # Expects the following attributes to be available in the example group:
+    #
+    # - object    - The object itself
+    # - reference - The object reference string (e.g., #1234, $1234, !1234)
+    # - other_project - The project that owns the target object
+    #
+    # Currently limited to Snippets, Issues and MergeRequests
+    shared_examples 'cross-project referenced object' do
+      let(:project_path) { @other_project.path_with_namespace }
+      let(:full_reference) { "#{project_path}#{reference}" }
+      let(:actual)   { "Reference to #{full_reference}" }
+      let(:expected) do
+        if object.is_a?(Commit)
+          project_commit_path(@other_project, object)
+        else
+          polymorphic_path([@other_project, object])
+        end
+      end
+
+      it 'should link using a valid id' do
+        gfm(actual).should match(
+          /#{expected}.*#{Regexp.escape(full_reference)}/
+        )
+      end
+
+      it 'should link with adjacent text' do
+        # Wrap the reference in parenthesis
+        gfm(actual.gsub(full_reference, "(#{full_reference})")).should(
+          match(expected)
+        )
+
+        # Append some text to the end of the reference
+        gfm(actual.gsub(full_reference, "#{full_reference}, right?")).should(
+          match(expected)
+        )
+      end
+
+      it 'should keep whitespace intact' do
+        actual   = "Referenced #{full_reference} already."
+        expected = /Referenced <a.+>[^\s]+<\/a> already/
+        gfm(actual).should match(expected)
+      end
+
+      it 'should not link with an invalid id' do
+        # Modify the reference string so it's still parsed, but is invalid
+        if object.is_a?(Commit)
+          reference.gsub!(/^(.).+$/, '\1' + '12345abcd')
+        else
+          reference.gsub!(/^(.)(\d+)$/, '\1' + ('\2' * 2))
+        end
+        gfm(actual).should == actual
+      end
+
+      it 'should include a title attribute' do
+        if object.is_a?(Commit)
+          title = object.link_title
+        else
+          title = "#{object.class.to_s.titlecase}: #{object.title}"
+        end
+        gfm(actual).should match(/title="#{title}"/)
+      end
+
+      it 'should include standard gfm classes' do
+        css = object.class.to_s.underscore
+        gfm(actual).should match(/class="\s?gfm gfm-#{css}\s?"/)
+      end
+    end
+
     describe "referencing an issue" do
       let(:object)    { issue }
       let(:reference) { "##{issue.iid}" }
@@ -188,6 +258,38 @@ describe GitlabMarkdownHelper do
       include_examples 'referenced object'
     end
 
+    context 'cross-repo references' do
+      before(:all) do
+        @other_project = create(:project, :public)
+        @commit2 = @other_project.repository.commit
+        @issue2 = create(:issue, project: @other_project)
+        @merge_request2 = create(:merge_request,
+                                 source_project: @other_project,
+                                 target_project: @other_project)
+      end
+
+      describe 'referencing an issue in another project' do
+        let(:object)    { @issue2 }
+        let(:reference) { "##{@issue2.iid}" }
+
+        include_examples 'cross-project referenced object'
+      end
+
+      describe 'referencing an merge request in another project' do
+        let(:object)    { @merge_request2 }
+        let(:reference) { "!#{@merge_request2.iid}" }
+
+        include_examples 'cross-project referenced object'
+      end
+
+      describe 'referencing a commit in another project' do
+        let(:object)    { @commit2 }
+        let(:reference) { "@#{@commit2.id}" }
+
+        include_examples 'cross-project referenced object'
+      end
+    end
+
     describe "referencing a Jira issue" do
       let(:actual)   { "Reference to JIRA-#{issue.iid}" }
       let(:expected) { "http://jira.example/browse/JIRA-#{issue.iid}" }
@@ -474,6 +576,24 @@ describe GitlabMarkdownHelper do
       markdown(actual).should match(%r{<li>light by <a.+>@#{member.user.username}</a></li>})
     end
 
+    it "should not link the apostrophe to issue 39" do
+      project.team << [user, :master]
+      project.issues.stub(:where).with(iid: '39').and_return([issue])
+
+      actual   = "Yes, it is @#{member.user.username}'s task."
+      expected = /Yes, it is <a.+>@#{member.user.username}<\/a>'s task/
+      markdown(actual).should match(expected)
+    end
+
+    it "should not link the apostrophe to issue 39 in code blocks" do
+      project.team << [user, :master]
+      project.issues.stub(:where).with(iid: '39').and_return([issue])
+
+      actual   = "Yes, `it is @#{member.user.username}'s task.`"
+      expected = /Yes, <code>it is @gfm\'s task.<\/code>/
+      markdown(actual).should match(expected)
+    end
+
     it "should handle references in <em>" do
       actual = "Apply _!#{merge_request.iid}_ ASAP"
 
@@ -520,9 +640,21 @@ describe GitlabMarkdownHelper do
     end
 
     it "should generate absolute urls for emoji" do
-      markdown(":smile:").should include("src=\"#{url_helper('emoji/smile')}")
+      markdown(":smile:").should include("src=\"http://localhost/assets/emoji/smile.png")
+    end
+
+    it "should generate absolute urls for emoji if relative url is present" do
+      Gitlab.config.gitlab.stub(:url).and_return('http://localhost/gitlab/root')
+      markdown(":smile:").should include("src=\"http://localhost/gitlab/root/assets/emoji/smile.png")
     end
 
+    it "should generate absolute urls for emoji if asset_host is present" do
+      Gitlab::Application.config.stub(:asset_host).and_return("https://cdn.example.com")
+      ActionView::Base.any_instance.stub_chain(:config, :asset_host).and_return("https://cdn.example.com")
+      markdown(":smile:").should include("src=\"https://cdn.example.com/assets/emoji/smile.png")
+    end
+
+
     it "should handle relative urls for a file in master" do
       actual = "[GitLab API doc](doc/api/README.md)\n"
       expected = "<p><a href=\"/#{project.path_with_namespace}/blob/#{@ref}/doc/api/README.md\">GitLab API doc</a></p>\n"
@@ -560,7 +692,7 @@ describe GitlabMarkdownHelper do
     end
   end
 
-  describe "markdwon for empty repository" do
+  describe 'markdown for empty repository' do
     before do
       @project = empty_project
       @repository = empty_project.repository
@@ -596,4 +728,103 @@ describe GitlabMarkdownHelper do
       helper.render_wiki_content(@wiki)
     end
   end
+
+  describe '#gfm_with_tasks' do
+    before(:all) do
+      @source_text_asterisk = <<EOT.gsub(/^\s{8}/, '')
+        * [ ] valid unchecked task
+        * [x] valid lowercase checked task
+        * [X] valid uppercase checked task
+            * [ ] valid unchecked nested task
+            * [x] valid checked nested task
+
+        [ ] not an unchecked task - no list item
+        [x] not a checked task - no list item
+
+        * [  ] not an unchecked task - too many spaces
+        * [x ] not a checked task - too many spaces
+        * [] not an unchecked task - no spaces
+        * Not a task [ ] - not at beginning
+EOT
+
+      @source_text_dash = <<EOT.gsub(/^\s{8}/, '')
+        - [ ] valid unchecked task
+        - [x] valid lowercase checked task
+        - [X] valid uppercase checked task
+            - [ ] valid unchecked nested task
+            - [x] valid checked nested task
+EOT
+    end
+
+    it 'should render checkboxes at beginning of asterisk list items' do
+      rendered_text = markdown(@source_text_asterisk, parse_tasks: true)
+
+      expect(rendered_text).to match(/<input.*checkbox.*valid unchecked task/)
+      expect(rendered_text).to match(
+        /<input.*checkbox.*valid lowercase checked task/
+      )
+      expect(rendered_text).to match(
+        /<input.*checkbox.*valid uppercase checked task/
+      )
+    end
+
+    it 'should render checkboxes at beginning of dash list items' do
+      rendered_text = markdown(@source_text_dash, parse_tasks: true)
+
+      expect(rendered_text).to match(/<input.*checkbox.*valid unchecked task/)
+      expect(rendered_text).to match(
+        /<input.*checkbox.*valid lowercase checked task/
+      )
+      expect(rendered_text).to match(
+        /<input.*checkbox.*valid uppercase checked task/
+      )
+    end
+
+    it 'should not be confused by whitespace before bullets' do
+      rendered_text_asterisk = markdown(@source_text_asterisk,
+                                        parse_tasks: true)
+      rendered_text_dash = markdown(@source_text_dash, parse_tasks: true)
+
+      expect(rendered_text_asterisk).to match(
+        /<input.*checkbox.*valid unchecked nested task/
+      )
+      expect(rendered_text_asterisk).to match(
+        /<input.*checkbox.*valid checked nested task/
+      )
+      expect(rendered_text_dash).to match(
+        /<input.*checkbox.*valid unchecked nested task/
+      )
+      expect(rendered_text_dash).to match(
+        /<input.*checkbox.*valid checked nested task/
+      )
+    end
+
+    it 'should not render checkboxes outside of list items' do
+      rendered_text = markdown(@source_text_asterisk, parse_tasks: true)
+
+      expect(rendered_text).not_to match(
+        /<input.*checkbox.*not an unchecked task - no list item/
+      )
+      expect(rendered_text).not_to match(
+        /<input.*checkbox.*not a checked task - no list item/
+      )
+    end
+
+    it 'should not render checkboxes with invalid formatting' do
+      rendered_text = markdown(@source_text_asterisk, parse_tasks: true)
+
+      expect(rendered_text).not_to match(
+        /<input.*checkbox.*not an unchecked task - too many spaces/
+      )
+      expect(rendered_text).not_to match(
+        /<input.*checkbox.*not a checked task - too many spaces/
+      )
+      expect(rendered_text).not_to match(
+        /<input.*checkbox.*not an unchecked task - no spaces/
+      )
+      expect(rendered_text).not_to match(
+        /Not a task.*<input.*checkbox.*not at beginning/
+      )
+    end
+  end
 end

spec/lib/gitlab/auth_spec.rb

@@ -31,13 +31,13 @@ describe Gitlab::Auth do
       before { Gitlab::LDAP::Config.stub(enabled?: true) }
 
       it "tries to autheticate with db before ldap" do
-        expect(Gitlab::LDAP::User).not_to receive(:authenticate)
+        expect(Gitlab::LDAP::Authentication).not_to receive(:login)
 
         gl_auth.find(username, password)
       end
 
       it "uses ldap as fallback to for authentication" do
-        expect(Gitlab::LDAP::User).to receive(:authenticate)
+        expect(Gitlab::LDAP::Authentication).to receive(:login)
 
         gl_auth.find('ldap_user', 'password')
       end

spec/lib/gitlab/git_access_wiki_spec.rb

+require 'spec_helper'
+
+describe Gitlab::GitAccessWiki do
+  let(:access) { Gitlab::GitAccessWiki.new }
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+  describe 'push_allowed?' do
+    before do
+      create(:protected_branch, name: 'master', project: project)
+      project.team << [user, :developer]
+    end
+
+    subject { access.push_allowed?(user, project, changes) }
+
+    it { should be_true }
+  end
+
+  def changes
+    ['6f6d7e7ed 570e7b2ab refs/heads/master']
+  end
+end

spec/lib/gitlab/ldap/authentication_spec.rb

+require 'spec_helper'
+
+describe Gitlab::LDAP::Authentication do
+  let(:klass) { Gitlab::LDAP::Authentication }
+  let(:user) { create(:user, :ldap, extern_uid: dn) }
+  let(:dn) { 'uid=john,ou=people,dc=example,dc=com' }
+  let(:login) { 'john' }
+  let(:password) { 'password' }
+
+  describe :login do
+    let(:adapter) { double :adapter }
+    before do
+      Gitlab::LDAP::Config.stub(enabled?: true)
+    end
+
+    it "finds the user if authentication is successful" do
+      user
+      # try only to fake the LDAP call
+      klass.any_instance.stub(adapter: double(:adapter,
+        bind_as: double(:ldap_user, dn: dn)
+      ))
+      expect(klass.login(login, password)).to be_true
+    end
+
+    it "is false if the user does not exist" do
+      # try only to fake the LDAP call
+      klass.any_instance.stub(adapter: double(:adapter,
+        bind_as: double(:ldap_user, dn: dn)
+      ))
+      expect(klass.login(login, password)).to be_false
+    end
+
+    it "is false if authentication fails" do
+      user
+      # try only to fake the LDAP call
+      klass.any_instance.stub(adapter: double(:adapter, bind_as: nil))
+      expect(klass.login(login, password)).to be_false
+    end
+
+    it "fails if ldap is disabled" do
+      Gitlab::LDAP::Config.stub(enabled?: false)
+      expect(klass.login(login, password)).to be_false
+    end
+
+    it "fails if no login is supplied" do
+      expect(klass.login('', password)).to be_false
+    end
+
+    it "fails if no password is supplied" do
+      expect(klass.login(login, '')).to be_false
+    end
+  end
+end
\ No newline at end of file

spec/lib/gitlab/ldap/user_spec.rb

@@ -33,21 +33,4 @@ describe Gitlab::LDAP::User do
       expect{ gl_user.save }.to change{ User.count }.by(1)
     end
   end
-
-  describe "authenticate" do
-    let(:login) { 'john' }
-    let(:password) { 'my-secret' }
-
-    # before {
-    #   Gitlab.config.ldap['enabled'] = true
-    #   Gitlab.config.ldap['user_filter'] = 'employeeType=developer'
-    # }
-    # after  { Gitlab.config.ldap['enabled'] = false }
-
-    it "send an authentication request to ldap" do
-      pending('needs refactoring')
-      expect( Gitlab::LDAP::User.adapter ).to receive(:bind_as)
-      Gitlab::LDAP::User.authenticate(login, password)
-    end
-  end
 end

spec/lib/gitlab/reference_extractor_spec.rb

@@ -2,45 +2,48 @@ require 'spec_helper'
 
 describe Gitlab::ReferenceExtractor do
   it 'extracts username references' do
-    subject.analyze "this contains a @user reference"
-    subject.users.should == ["user"]
+    subject.analyze('this contains a @user reference', nil)
+    subject.users.should == [{ project: nil, id: 'user' }]
   end
 
   it 'extracts issue references' do
-    subject.analyze "this one talks about issue #1234"
-    subject.issues.should == ["1234"]
+    subject.analyze('this one talks about issue #1234', nil)
+    subject.issues.should == [{ project: nil, id: '1234' }]
   end
 
   it 'extracts JIRA issue references' do
-    Gitlab.config.gitlab.stub(:issues_tracker).and_return("jira")
-    subject.analyze "this one talks about issue JIRA-1234"
-    subject.issues.should == ["JIRA-1234"]
+    Gitlab.config.gitlab.stub(:issues_tracker).and_return('jira')
+    subject.analyze('this one talks about issue JIRA-1234', nil)
+    subject.issues.should == [{ project: nil, id: 'JIRA-1234' }]
   end
 
   it 'extracts merge request references' do
-    subject.analyze "and here's !43, a merge request"
-    subject.merge_requests.should == ["43"]
+    subject.analyze("and here's !43, a merge request", nil)
+    subject.merge_requests.should == [{ project: nil, id: '43' }]
   end
 
   it 'extracts snippet ids' do
-    subject.analyze "snippets like $12 get extracted as well"
-    subject.snippets.should == ["12"]
+    subject.analyze('snippets like $12 get extracted as well', nil)
+    subject.snippets.should == [{ project: nil, id: '12' }]
   end
 
   it 'extracts commit shas' do
-    subject.analyze "commit shas 98cf0ae3 are pulled out as Strings"
-    subject.commits.should == ["98cf0ae3"]
+    subject.analyze('commit shas 98cf0ae3 are pulled out as Strings', nil)
+    subject.commits.should == [{ project: nil, id: '98cf0ae3' }]
   end
 
   it 'extracts multiple references and preserves their order' do
-    subject.analyze "@me and @you both care about this"
-    subject.users.should == ["me", "you"]
+    subject.analyze('@me and @you both care about this', nil)
+    subject.users.should == [
+      { project: nil, id: 'me' },
+      { project: nil, id: 'you' }
+    ]
   end
 
   it 'leaves the original note unmodified' do
-    text = "issue #123 is just the worst, @user"
-    subject.analyze text
-    text.should == "issue #123 is just the worst, @user"
+    text = 'issue #123 is just the worst, @user'
+    subject.analyze(text, nil)
+    text.should == 'issue #123 is just the worst, @user'
   end
 
   it 'handles all possible kinds of references' do
@@ -59,7 +62,7 @@ describe Gitlab::ReferenceExtractor do
       project.team << [@u_foo, :reporter]
       project.team << [@u_bar, :guest]
 
-      subject.analyze "@foo, @baduser, @bar, and @offteam"
+      subject.analyze('@foo, @baduser, @bar, and @offteam', project)
       subject.users_for(project).should == [@u_foo, @u_bar]
     end
 
@@ -67,14 +70,14 @@ describe Gitlab::ReferenceExtractor do
       @i0 = create(:issue, project: project)
       @i1 = create(:issue, project: project)
 
-      subject.analyze "##{@i0.iid}, ##{@i1.iid}, and #999."
+      subject.analyze("##{@i0.iid}, ##{@i1.iid}, and #999.", project)
       subject.issues_for(project).should == [@i0, @i1]
     end
 
     it 'returns JIRA issues for a JIRA-integrated project' do
       project.stub(jira_tracker?: true)
 
-      subject.analyze('JIRA-123 and FOOBAR-4567')
+      subject.analyze('JIRA-123 and FOOBAR-4567', project)
       subject.issues_for(project).should eq(
         [JiraIssue.new('JIRA-123'), JiraIssue.new('FOOBAR-4567')]
       )
@@ -84,7 +87,7 @@ describe Gitlab::ReferenceExtractor do
       @m0 = create(:merge_request, source_project: project, target_project: project, source_branch: 'aaa')
       @m1 = create(:merge_request, source_project: project, target_project: project, source_branch: 'bbb')
 
-      subject.analyze "!999, !#{@m1.iid}, and !#{@m0.iid}."
+      subject.analyze("!999, !#{@m1.iid}, and !#{@m0.iid}.", project)
       subject.merge_requests_for(project).should == [@m1, @m0]
     end
 
@@ -93,14 +96,15 @@ describe Gitlab::ReferenceExtractor do
       @s1 = create(:project_snippet, project: project)
       @s2 = create(:project_snippet)
 
-      subject.analyze "$#{@s0.id}, $999, $#{@s2.id}, $#{@s1.id}"
+      subject.analyze("$#{@s0.id}, $999, $#{@s2.id}, $#{@s1.id}", project)
       subject.snippets_for(project).should == [@s0, @s1]
     end
 
     it 'accesses valid commits' do
-      commit = project.repository.commit("master")
+      commit = project.repository.commit('master')
 
-      subject.analyze "this references commits #{commit.sha[0..6]} and 012345"
+      subject.analyze("this references commits #{commit.sha[0..6]} and 012345",
+                      project)
       extracted = subject.commits_for(project)
       extracted.should have(1).item
       extracted[0].sha.should == commit.sha

spec/models/buildbox_service_spec.rb

+# == Schema Information
+#
+# Table name: services
+#
+#  id         :integer          not null, primary key
+#  type       :string(255)
+#  title      :string(255)
+#  project_id :integer          not null
+#  created_at :datetime
+#  updated_at :datetime
+#  active     :boolean          default(FALSE), not null
+#  properties :text
+#
+
+require 'spec_helper'
+
+describe BuildboxService do
+  describe 'Associations' do
+    it { should belong_to :project }
+    it { should have_one :service_hook }
+  end
+
+  describe 'commits methods' do
+    before do
+      @project = Project.new
+      @project.stub(
+        default_branch: 'default-brancho'
+      )
+
+      @service = BuildboxService.new
+      @service.stub(
+        project: @project,
+        service_hook: true,
+        project_url: 'https://buildbox.io/account-name/example-project',
+        token: 'secret-sauce-webhook-token:secret-sauce-status-token'
+      )
+    end
+
+    describe :webhook_url do
+      it 'returns the webhook url' do
+        @service.webhook_url.should ==
+          'https://webhook.buildbox.io/deliver/secret-sauce-webhook-token'
+      end
+    end
+
+    describe :commit_status_path do
+      it 'returns the correct status page' do
+        @service.commit_status_path('2ab7834c').should ==
+          'https://gitlab.buildbox.io/status/secret-sauce-status-token.json?commit=2ab7834c'
+      end
+    end
+
+    describe :build_page do
+      it 'returns the correct build page' do
+        @service.build_page('2ab7834c').should ==
+          'https://buildbox.io/account-name/example-project/builds?commit=2ab7834c'
+      end
+    end
+
+    describe :builds_page do
+      it 'returns the correct path to the builds page' do
+        @service.builds_path.should ==
+          'https://buildbox.io/account-name/example-project/builds?branch=default-brancho'
+      end
+    end
+
+    describe :status_img_path do
+      it 'returns the correct path to the status image' do
+        @service.status_img_path.should == 'https://badge.buildbox.io/secret-sauce-status-token.svg'
+      end
+    end
+  end
+end

spec/models/commit_spec.rb

@@ -53,17 +53,29 @@ eos
 
   describe '#closes_issues' do
     let(:issue) { create :issue, project: project }
+    let(:other_project) { create :project, :public }
+    let(:other_issue) { create :issue, project: other_project }
 
     it 'detects issues that this commit is marked as closing' do
-      commit.stub(issue_closing_regex: /^([Cc]loses|[Ff]ixes) #\d+/, safe_message: "Fixes ##{issue.iid}")
+      stub_const('Gitlab::ClosingIssueExtractor::ISSUE_CLOSING_REGEX',
+                 /Fixes #\d+/)
+      commit.stub(safe_message: "Fixes ##{issue.iid}")
       commit.closes_issues(project).should == [issue]
     end
+
+    it 'does not detect issues from other projects' do
+      ext_ref = "#{other_project.path_with_namespace}##{other_issue.iid}"
+      stub_const('Gitlab::ClosingIssueExtractor::ISSUE_CLOSING_REGEX',
+                 /^([Cc]loses|[Ff]ixes)/)
+      commit.stub(safe_message: "Fixes #{ext_ref}")
+      commit.closes_issues(project).should be_empty
+    end
   end
 
   it_behaves_like 'a mentionable' do
     let(:subject) { commit }
     let(:mauthor) { create :user, email: commit.author_email }
-    let(:backref_text) { "commit #{subject.sha[0..5]}" }
+    let(:backref_text) { "commit #{subject.id}" }
     let(:set_mentionable_text) { ->(txt){ subject.stub(safe_message: txt) } }
 
     # Include the subject in the repository stub.

spec/models/group_member_spec.rb

 # == Schema Information
 #
-# Table name: group_members
+# Table name: members
 #
 #  id                 :integer          not null, primary key
 #  access_level       :integer          not null
-#  group_id           :integer          not null
+#  source_id          :integer          not null
+#  source_type        :string(255)      not null
 #  user_id            :integer          not null
+#  notification_level :integer          not null
+#  type               :string(255)
 #  created_at         :datetime
 #  updated_at         :datetime
-#  notification_level :integer          default(3), not null
 #
 
 require 'spec_helper'

spec/models/issue_spec.rb

@@ -60,4 +60,8 @@ describe Issue do
     let(:backref_text) { "issue ##{subject.iid}" }
     let(:set_mentionable_text) { ->(txt){ subject.description = txt } }
   end
+
+  it_behaves_like 'a Taskable' do
+    let(:subject) { create :issue }
+  end
 end

spec/models/merge_request_spec.rb

@@ -130,4 +130,8 @@ describe MergeRequest do
     let(:backref_text) { "merge request !#{subject.iid}" }
     let(:set_mentionable_text) { ->(txt){ subject.title = txt } }
   end
+
+  it_behaves_like 'a Taskable' do
+    let(:subject) { create :merge_request, :simple }
+  end
 end

spec/models/note_spec.rb

@@ -228,7 +228,7 @@ describe Note do
 
       it { should be_valid }
       its(:noteable) { should == issue }
-      its(:note) { should == "_mentioned in commit #{commit.sha[0..5]}_" }
+      its(:note) { should == "_mentioned in commit #{commit.sha}_" }
     end
 
     context 'merge request from an issue' do
@@ -258,14 +258,25 @@ describe Note do
       its(:commit_id) { should == commit.id }
       its(:note) { should == "_mentioned in issue ##{issue.iid}_" }
     end
+
+    context 'commit from commit' do
+      let(:parent_commit) { commit.parents.first }
+      subject { Note.create_cross_reference_note(commit, parent_commit, author, project) }
+
+      it { should be_valid }
+      its(:noteable_type) { should == "Commit" }
+      its(:noteable_id) { should be_nil }
+      its(:commit_id) { should == commit.id }
+      its(:note) { should == "_mentioned in commit #{parent_commit.id}_" }
+    end
   end
 
   describe '#cross_reference_exists?' do
     let(:project) { create :project }
     let(:author) { create :user }
     let(:issue) { create :issue }
-    let(:commit0) { double 'commit0', gfm_reference: 'commit 123456' }
-    let(:commit1) { double 'commit1', gfm_reference: 'commit 654321' }
+    let(:commit0) { project.repository.commit }
+    let(:commit1) { project.repository.commit('HEAD~2') }
 
     before do
       Note.create_cross_reference_note(issue, commit0, author, project)
@@ -278,6 +289,15 @@ describe Note do
     it 'detects if a mentionable has not already been mentioned' do
       Note.cross_reference_exists?(issue, commit1).should be_false
     end
+
+    context 'commit on commit' do
+      before do
+        Note.create_cross_reference_note(commit0, commit1, author, project)
+      end
+
+      it { Note.cross_reference_exists?(commit0, commit1).should be_true }
+      it { Note.cross_reference_exists?(commit1, commit0).should be_false }
+    end
   end
 
   describe '#system?' do

spec/models/project_member_spec.rb

 # == Schema Information
 #
-# Table name: project_members
+# Table name: members
 #
 #  id                 :integer          not null, primary key
+#  access_level       :integer          not null
+#  source_id          :integer          not null
+#  source_type        :string(255)      not null
 #  user_id            :integer          not null
-#  project_id         :integer          not null
+#  notification_level :integer          not null
+#  type               :string(255)
 #  created_at         :datetime
 #  updated_at         :datetime
-#  project_access     :integer          default(0), not null
-#  notification_level :integer          default(3), not null
 #
 
 require 'spec_helper'

spec/models/project_snippet_spec.rb

@@ -11,8 +11,8 @@
 #  updated_at       :datetime
 #  file_name        :string(255)
 #  expires_at       :datetime
-#  private    :boolean          default(TRUE), not null
 #  type             :string(255)
+#  visibility_level :integer          default(0), not null
 #
 
 require 'spec_helper'

spec/models/project_spec.rb

@@ -47,6 +47,7 @@ describe Project do
     it { should have_many(:protected_branches).dependent(:destroy) }
     it { should have_one(:forked_project_link).dependent(:destroy) }
     it { should have_one(:slack_service).dependent(:destroy) }
+    it { should have_one(:pushover_service).dependent(:destroy) }
   end
 
   describe "Mass assignment" do

spec/models/project_team_spec.rb

@@ -27,6 +27,8 @@ describe ProjectTeam do
       it { project.team.master?(guest).should be_false }
       it { project.team.master?(reporter).should be_false }
       it { project.team.master?(nonmember).should be_false }
+      it { project.team.member?(nonmember).should be_false }
+      it { project.team.member?(guest).should be_true }
     end
   end
 
@@ -60,6 +62,8 @@ describe ProjectTeam do
       it { project.team.master?(guest).should be_true }
       it { project.team.master?(reporter).should be_false }
       it { project.team.master?(nonmember).should be_false }
+      it { project.team.member?(nonmember).should be_false }
+      it { project.team.member?(guest).should be_true }
     end
   end
 

spec/models/pushover_service_spec.rb

+# == Schema Information
+#
+# Table name: services
+#
+#  id         :integer          not null, primary key
+#  type       :string(255)
+#  title      :string(255)
+#  project_id :integer          not null
+#  created_at :datetime
+#  updated_at :datetime
+#  active     :boolean          default(FALSE), not null
+#  properties :text
+#
+
+require 'spec_helper'
+
+describe PushoverService do
+  describe 'Associations' do
+    it { should belong_to :project }
+    it { should have_one :service_hook }
+  end
+
+  describe 'Validations' do
+    context 'active' do
+      before do
+        subject.active = true
+      end
+
+      it { should validate_presence_of :api_key }
+      it { should validate_presence_of :user_key }
+      it { should validate_presence_of :priority }
+    end
+  end
+
+  describe 'Execute' do
+    let(:pushover) { PushoverService.new }
+    let(:user) { create(:user) }
+    let(:project) { create(:project) }
+    let(:sample_data) { GitPushService.new.sample_data(project, user) }
+
+    let(:api_key) { 'verySecret' }
+    let(:user_key) { 'verySecret' }
+    let(:device) { 'myDevice' }
+    let(:priority) { 0 }
+    let(:sound) { 'bike' }
+    let(:api_url) { 'https://api.pushover.net/1/messages.json' }
+
+    before do
+      pushover.stub(
+        project: project,
+        project_id: project.id,
+        service_hook: true,
+        api_key: api_key,
+        user_key: user_key,
+        device: device,
+        priority: priority,
+        sound: sound
+      )
+
+      WebMock.stub_request(:post, api_url)
+    end
+
+    it 'should call Pushover API' do
+      pushover.execute(sample_data)
+
+      WebMock.should have_requested(:post, api_url).once
+    end
+  end
+end

spec/models/slack_service_spec.rb

@@ -26,31 +26,28 @@ describe SlackService do
         subject.active = true
       end
 
-      it { should validate_presence_of :room }
-      it { should validate_presence_of :subdomain }
-      it { should validate_presence_of :token }
+      it { should validate_presence_of :webhook }
     end
   end
 
   describe "Execute" do
     let(:slack) { SlackService.new }
+    let(:slack_service) { SlackService.new }
     let(:user) { create(:user) }
     let(:project) { create(:project) }
     let(:sample_data) { GitPushService.new.sample_data(project, user) }
-    let(:subdomain) { 'gitlab' }
-    let(:token) { 'verySecret' }
+    let(:webhook) { 'https://gitlabhq.slack.com/services/hooks?token=cdIj4r4LfXUOySDUjp0tk3OI' }
+    let(:new_webhook) { 'https://hooks.gitlabhq.slack.com/services/cdIj4r4LfXUOySDUjp0tk3OI' }
     let(:api_url) {
-      "https://#{subdomain}.slack.com/services/hooks/incoming-webhook?token=#{token}"
+      'https://gitlabhq.slack.com/services/hooks/incoming-webhook?token=cdIj4r4LfXUOySDUjp0tk3OI'
     }
 
     before do
       slack.stub(
         project: project,
         project_id: project.id,
-        room: '#gitlab',
         service_hook: true,
-        subdomain: subdomain,
-        token: token
+        webhook: webhook
       )
 
       WebMock.stub_request(:post, api_url)
@@ -61,5 +58,24 @@ describe SlackService do
 
       WebMock.should have_requested(:post, api_url).once
     end
+
+    context 'with new webhook syntax' do
+      before do
+        slack_service.stub(
+          project: project,
+          project_id: project.id,
+          service_hook: true,
+          webhook: new_webhook
+        )
+
+        WebMock.stub_request(:post, api_url)
+      end
+
+      it "should call Slack API" do
+        slack_service.execute(sample_data)
+
+        WebMock.should have_requested(:post, api_url).once
+      end
+    end
   end
 end

spec/models/snippet_spec.rb

@@ -11,8 +11,8 @@
 #  updated_at       :datetime
 #  file_name        :string(255)
 #  expires_at       :datetime
-#  private    :boolean          default(TRUE), not null
 #  type             :string(255)
+#  visibility_level :integer          default(0), not null
 #
 
 require 'spec_helper'

spec/models/user_spec.rb

@@ -448,4 +448,32 @@ describe User do
       expect(user.starred?(project)).to be_false
     end
   end
+
+  describe "#sort" do
+    before do
+      User.delete_all
+      @user = create :user, created_at: Date.today, last_sign_in_at: Date.today, name: 'Alpha'
+      @user1 = create :user, created_at: Date.today - 1, last_sign_in_at: Date.today - 1, name: 'Omega'
+    end
+    
+    it "sorts users as recently_signed_in" do
+      User.sort('recent_sign_in').first.should == @user
+    end
+
+    it "sorts users as late_signed_in" do
+      User.sort('oldest_sign_in').first.should == @user1
+    end
+
+    it "sorts users as recently_created" do
+      User.sort('recently_created').first.should == @user
+    end
+
+    it "sorts users as late_created" do
+      User.sort('late_created').first.should == @user1
+    end
+
+    it "sorts users by name when nil is passed" do
+      User.sort(nil).first.should == @user
+    end
+  end
 end

spec/requests/api/namespaces_spec.rb

@@ -20,8 +20,7 @@ describe API::API, api: true  do
         response.status.should == 200
         json_response.should be_an Array
 
-        # Admin namespace + 2 group namespaces
-        json_response.length.should == 3
+        json_response.length.should == Namespace.count
       end
     end
   end

spec/requests/api/projects_spec.rb

@@ -54,8 +54,15 @@ describe API::API, api: true  do
         get api("/projects/all", admin)
         response.status.should == 200
         json_response.should be_an Array
-        json_response.first['name'].should == project.name
-        json_response.first['owner']['username'].should == user.username
+        project_name = project.name
+
+        json_response.detect {
+          |project| project['name'] == project_name
+        }['name'].should == project_name
+
+        json_response.detect {
+          |project| project['owner']['username'] == user.username
+        }['owner']['username'].should == user.username
       end
     end
   end

spec/requests/api/users_spec.rb

@@ -20,7 +20,10 @@ describe API::API, api: true  do
         get api("/users", user)
         response.status.should == 200
         json_response.should be_an Array
-        json_response.first['username'].should == user.username
+        username = user.username
+        json_response.detect {
+          |user| user['username'] == username
+          }['username'].should == username
       end
     end
 

spec/support/mentionable_shared_examples.rb

@@ -14,21 +14,31 @@ def common_mentionable_setup
   let(:mentioned_mr) { create :merge_request, :simple, source_project: mproject }
   let(:mentioned_commit) { double('commit', sha: '1234567890abcdef').as_null_object }
 
+  let(:ext_proj) { create :project, :public }
+  let(:ext_issue) { create :issue, project: ext_proj }
+  let(:other_ext_issue) { create :issue, project: ext_proj }
+  let(:ext_mr) { create :merge_request, :simple, source_project: ext_proj }
+  let(:ext_commit) { ext_proj.repository.commit }
+
   # Override to add known commits to the repository stub.
   let(:extra_commits) { [] }
 
   # A string that mentions each of the +mentioned_.*+ objects above. Mentionables should add a self-reference
   # to this string and place it in their +mentionable_text+.
   let(:ref_string) do
-    "mentions ##{mentioned_issue.iid} twice ##{mentioned_issue.iid}, !#{mentioned_mr.iid}, " +
-    "#{mentioned_commit.sha[0..5]} and itself as #{backref_text}"
+    "mentions ##{mentioned_issue.iid} twice ##{mentioned_issue.iid}, " +
+    "!#{mentioned_mr.iid}, " +
+    "#{ext_proj.path_with_namespace}##{ext_issue.iid}, " +
+    "#{ext_proj.path_with_namespace}!#{ext_mr.iid}, " +
+    "#{ext_proj.path_with_namespace}@#{ext_commit.short_id}, " +
+    "#{mentioned_commit.sha[0..10]} and itself as #{backref_text}"
   end
 
   before do
     # Wire the project's repository to return the mentioned commit, and +nil+ for any
     # unrecognized commits.
-    commitmap = { '123456' => mentioned_commit }
-    extra_commits.each { |c| commitmap[c.sha[0..5]] = c }
+    commitmap = { '1234567890a' => mentioned_commit }
+    extra_commits.each { |c| commitmap[c.short_id] = c }
     mproject.repository.stub(:commit) { |sha| commitmap[sha] }
     set_mentionable_text.call(ref_string)
   end
@@ -44,15 +54,20 @@ shared_examples 'a mentionable' do
   it "extracts references from its reference property" do
     # De-duplicate and omit itself
     refs = subject.references(mproject)
-
-    refs.should have(3).items
+    refs.should have(6).items
     refs.should include(mentioned_issue)
     refs.should include(mentioned_mr)
     refs.should include(mentioned_commit)
+    refs.should include(ext_issue)
+    refs.should include(ext_mr)
+    refs.should include(ext_commit)
   end
 
   it 'creates cross-reference notes' do
-    [mentioned_issue, mentioned_mr, mentioned_commit].each do |referenced|
+    mentioned_objects = [mentioned_issue, mentioned_mr, mentioned_commit,
+                         ext_issue, ext_mr, ext_commit]
+
+    mentioned_objects.each do |referenced|
       Note.should_receive(:create_cross_reference_note).with(referenced, subject.local_reference, mauthor, mproject)
     end
 
@@ -73,15 +88,25 @@ shared_examples 'an editable mentionable' do
   it_behaves_like 'a mentionable'
 
   it 'creates new cross-reference notes when the mentionable text is edited' do
-    new_text = "this text still mentions ##{mentioned_issue.iid} and #{mentioned_commit.sha[0..5]}, " +
-      "but now it mentions ##{other_issue.iid}, too."
+    new_text = "still mentions ##{mentioned_issue.iid}, " +
+      "#{mentioned_commit.sha[0..10]}, " +
+      "#{ext_issue.iid}, " +
+      "new refs: ##{other_issue.iid}, " +
+      "#{ext_proj.path_with_namespace}##{other_ext_issue.iid}"
 
-    [mentioned_issue, mentioned_commit].each do |oldref|
+    [mentioned_issue, mentioned_commit, ext_issue].each do |oldref|
       Note.should_not_receive(:create_cross_reference_note).with(oldref, subject.local_reference,
         mauthor, mproject)
     end
 
-    Note.should_receive(:create_cross_reference_note).with(other_issue, subject.local_reference, mauthor, mproject)
+    [other_issue, other_ext_issue].each do |newref|
+      Note.should_receive(:create_cross_reference_note).with(
+        newref,
+        subject.local_reference,
+        mauthor,
+        mproject
+      )
+    end
 
     subject.save
     set_mentionable_text.call(new_text)

spec/support/taskable_shared_examples.rb

+# Specs for task state functionality for issues and merge requests.
+#
+# Requires a context containing:
+#   let(:subject) { Issue or MergeRequest }
+shared_examples 'a Taskable' do
+  before do
+    subject.description = <<EOT.gsub(/ {6}/, '')
+      * [ ] Task 1
+      * [x] Task 2
+      * [x] Task 3
+      * [ ] Task 4
+      * [ ] Task 5
+EOT
+  end
+
+  it 'updates the Nth task correctly' do
+    subject.update_nth_task(1, true)
+    expect(subject.description).to match(/\[x\] Task 1/)
+
+    subject.update_nth_task(2, true)
+    expect(subject.description).to match('\[x\] Task 2')
+
+    subject.update_nth_task(3, false)
+    expect(subject.description).to match('\[ \] Task 3')
+
+    subject.update_nth_task(4, false)
+    expect(subject.description).to match('\[ \] Task 4')
+  end
+
+  it 'returns the correct task status' do
+    expect(subject.task_status).to match('5 tasks')
+    expect(subject.task_status).to match('2 done')
+    expect(subject.task_status).to match('3 unfinished')
+  end
+
+  it 'knows if it has tasks' do
+    expect(subject.tasks?).to be_true
+
+    subject.description = 'Now I have no tasks'
+    expect(subject.tasks?).to be_false
+  end
+end