Merge branch '7-4-stable-ee' into 'master'

7-4 stable-ee to master

See merge request !212

README.md

 # ![logo](https://about.gitlab.com/images/gitlab_logo.png) GitLab
 
+For upgrading from GitLab CE to GitLab EE there is [upgrade guide](doc/update/7.4-ce-to-ee.md)
+
 ## Open source software to collaborate on code
 
 ![Animated screenshots](https://about.gitlab.com/images/animated/compiled.gif)

app/controllers/groups/group_members_controller.rb

@@ -19,6 +19,7 @@ class Groups::GroupMembersController < ApplicationController
 
   def destroy
     @users_group = @group.group_members.find(params[:id])
+
     if can?(current_user, :destroy, @users_group)  # May fail if last owner.
       @users_group.destroy
       respond_to do |format|

app/controllers/projects/blob_controller.rb

@@ -20,7 +20,7 @@ class Projects::BlobController < Projects::ApplicationController
       flash[:notice] = "Your changes have been successfully committed"
       redirect_to project_tree_path(@project, @ref)
     else
-      flash[:alert] = result[:error]
+      flash[:alert] = result[:message]
       render :show
     end
   end

app/controllers/projects/edit_tree_controller.rb

@@ -22,7 +22,7 @@ class Projects::EditTreeController < Projects::BaseTreeController
 
       redirect_to after_edit_path
     else
-      flash[:alert] = result[:error]
+      flash[:alert] = result[:message]
       render :show
     end
   end

app/models/project_services/slack_service.rb

@@ -40,7 +40,8 @@ class SlackService < Service
       project_name: project_name
     ))
 
-    credentials = webhook.match(/(\w*).slack.com.*services\/(.*)/)
+    credentials = webhook.match(/([\w-]*).slack.com.*services\/(.*)/)
+
     if credentials.present?
       subdomain =  credentials[1]
       token = credentials[2].split("token=").last

app/services/files/base_service.rb

@@ -10,12 +10,6 @@ module Files
 
     private
 
-    def success
-      out = super()
-      out[:error] = ''
-      out
-    end
-
     def repository
       project.repository
     end

app/views/admin/groups/show.html.haml

@@ -101,13 +101,13 @@
       %ul.well-list.group-users-list
         - @members.each do |member|
           - user = member.user
-          %li{class: dom_class(user)}
+          %li{class: dom_class(member), id: dom_id(user)}
             .list-item-name
               %strong
                 = link_to user.name, admin_user_path(user)
             %span.pull-right.light
               = member.human_access
-              = link_to group_group_members_path(@group, member), data: { confirm: remove_user_from_group_message(@group, user) }, method: :delete, remote: true, class: "btn-tiny btn btn-remove", title: 'Remove user from group' do
+              = link_to group_group_member_path(@group, member), data: { confirm: remove_user_from_group_message(@group, user) }, method: :delete, remote: true, class: "btn-tiny btn btn-remove", title: 'Remove user from group' do
                 %i.fa.fa-minus.fa-inverse
       .panel-footer
         = paginate @members, param_name: 'members_page', theme: 'gitlab'

config/initializers/1_settings.rb

@@ -69,8 +69,9 @@ if Settings.ldap['enabled'] || Rails.env.test?
     }
   end
 
-  Settings.ldap['servers'].map do |key, server|
+  Settings.ldap['servers'].each do |key, server|
     server = Settingslogic.new(server)
+    server['label'] ||= 'LDAP'
     server['allow_username_or_email_login'] = false if server['allow_username_or_email_login'].nil?
     server['active_directory'] = true if server['active_directory'].nil?
     server['provider_name'] ||= "ldap#{key}".downcase

config/initializers/7_omniauth.rb

@@ -12,4 +12,4 @@ if Gitlab::LDAP::Config.enabled?
       alias_method server['provider_name'], :ldap
     end
   end
-end
\ No newline at end of file
+end

doc/update/6.x-or-7.x-to-7.4.md

@@ -13,7 +13,11 @@ possible to edit the label text and color. The characters `?`, `&` and `,` are
 no longer allowed however so those will be removed from your tags during the
 database migrations for GitLab 7.2.
 
-## 0. Backup
+## 0. Stop server
+
+    sudo service gitlab stop
+
+## 1. Backup
 
 It's useful to make a backup just in case things go south:
 (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
@@ -23,10 +27,6 @@ cd /home/git/gitlab
 sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
 ```
 
-## 1. Stop server
-
-    sudo service gitlab stop
-
 ## 2. Update Ruby
 
 If you are still using Ruby 1.9.3 or below, you will need to update Ruby.
@@ -99,6 +99,8 @@ sudo apt-get install pkg-config cmake
     sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf
     # Enable Redis socket for default Debian / Ubuntu path
     echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf
+    # Be sure redis group can write to the socket, enable only if supported (>= redis 2.4.0).
+    sudo sed -i '/# unixsocketperm/ s/^# unixsocketperm.*/unixsocketperm 0775/' /etc/redis/redis.conf
     # Activate the changes to redis.conf
     sudo service redis-server restart
     # Add git to the redis group
@@ -158,8 +160,8 @@ git diff 6-0-stable:config/gitlab.yml.example 7-4-stable:config/gitlab.yml.examp
 * Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/config/gitlab.yml.example but with your settings.
 * Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/config/unicorn.rb.example but with your settings.
 * Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.0.1/config.yml.example but with your settings.
-* HTTP setups: Make `/etc/nginx/sites-available/nginx` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab but with your settings.
-* HTTPS setups: Make `/etc/nginx/sites-available/nginx-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab-ssl but with your settings.
+* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab but with your settings.
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab-ssl but with your settings.
 * Copy rack attack middleware config
 
 ```bash
@@ -196,6 +198,76 @@ When using Google omniauth login, changes of the Google account required.
 Ensure that `Contacts API` and the `Google+ API` are enabled in the [Google Developers Console](https://console.developers.google.com/).
 More details can be found at the [integration documentation](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/integration/google.md).
 
+## 12. Optional optimizations for GitLab setups with MySQL databases
+
+Only applies if running MySQL database created with GitLab 6.7 or earlier. If you are not experiencing any issues you may not need the following instructions however following them will bring your database in line with the latest recommended installation configuration and help avoid future issues. Be sure to follow these directions exactly. These directions should be safe for any MySQL instance but to be sure make a current MySQL database backup beforehand.
+
+```
+# Stop GitLab
+sudo service gitlab stop
+
+# Secure your MySQL installation (added in GitLab 6.2)
+sudo mysql_secure_installation
+
+# Login to MySQL
+mysql -u root -p
+
+# do not type the 'mysql>', this is part of the prompt
+
+# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
+SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
+
+# If previous query returned results, copy & run all outputed SQL statements
+
+# Convert all tables to correct character set
+SET foreign_key_checks = 0;
+SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
+
+# If previous query returned results, copy & run all outputed SQL statements
+
+# turn foreign key checks back on
+SET foreign_key_checks = 1;
+
+# Find MySQL users
+mysql> SELECT user FROM mysql.user WHERE user LIKE '%git%';
+
+# If git user exists and gitlab user does not exist 
+# you are done with the database cleanup tasks
+mysql> \q
+
+# If both users exist skip to Delete gitlab user
+
+# Create new user for GitLab (changed in GitLab 6.4)
+# change $password in the command below to a real password you pick
+mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
+
+# Grant the git user necessary permissions on the database
+mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';
+
+# Delete the old gitlab user
+mysql> DELETE FROM mysql.user WHERE user='gitlab';
+
+# Quit the database session
+mysql> \q
+
+# Try connecting to the new database with the new user
+sudo -u git -H mysql -u git -p -D gitlabhq_production
+
+# Type the password you replaced $password with earlier
+
+# You should now see a 'mysql>' prompt
+
+# Quit the database session
+mysql> \q
+
+# Update database configuration details
+# See config/database.yml.mysql for latest recommended configuration details
+#   Remove the reaping_frequency setting line if it exists (removed in GitLab 6.8)
+#   Set production -> pool: 10 (updated in GitLab 5.3)
+#   Set production -> username: git
+#   Set production -> password: the password your replaced $password with earlier
+sudo -u git -H editor /home/git/gitlab/config/database.yml
+
 ## Things went south? Revert to previous version (6.0)
 
 ### 1. Revert the code to the previous version

doc/update/7.3-to-7.4.md

 # From 7.3 to 7.4
 
-### 0. Backup
+### 0. Stop server
 
-```bash
-cd /home/git/gitlab
-sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
-```
+    sudo service gitlab stop
 
-### 1. Stop server
+### 1. Backup
 
 ```bash
-sudo service gitlab stop
-```
+cd /home/git/gitlab
+sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
 
 ### 2. Get latest code
 
 ```bash
-cd /home/git/gitlab
 sudo -u git -H git fetch --all
 sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
 ```
@@ -56,31 +52,7 @@ sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS
 sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
 ```
 
-
-### 4. Configure Redis to use sockets
-
-    # Configure redis to use sockets
-    sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.orig
-    # Disable Redis listening on TCP by setting 'port' to 0
-    sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf
-    # Enable Redis socket for default Debian / Ubuntu path
-    echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf
-    # Be sure redis group can write to the socket, enable only if supported (>= redis 2.4.0).
-    sed -i '/# unixsocketperm/ s/^# unixsocketperm.*/unixsocketperm 0775/' /etc/redis/redis.conf
-    # Activate the changes to redis.conf
-    sudo service redis-server restart
-    # Add git to the redis group
-    sudo usermod -aG redis git
-
-    # Configure Redis connection settings
-    sudo -u git -H cp config/resque.yml.example config/resque.yml
-    # Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
-    sudo -u git -H editor config/resque.yml
-
-    # Configure gitlab-shell to use Redis sockets
-    sudo -u git -H sed -i 's|^  # socket.*|  socket: /var/run/redis/redis.sock|' /home/git/gitlab-shell/config.yml
-
-### 5. Update config files
+### 4. Update config files
 
 #### New configuration options for gitlab.yml
 
@@ -93,25 +65,25 @@ git diff origin/7-3-stable:config/gitlab.yml.example origin/7-4-stable:config/gi
 #### Change timeout for unicorn
 
 ```
-# config/unicorn.rb
-timeout 60
+# set timeout to 60
+sudo -u git -H editor config/unicorn.rb
 ```
 
 #### Change nginx https settings
 
-* HTTPS setups: Make `/etc/nginx/sites-available/nginx-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab-ssl but with your setting
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-4-stable/lib/support/nginx/gitlab-ssl but with your setting
 
-#### Update database.yml config file(for mysql only) if needed (basically it is required for old gitlab installations)
+#### MySQL Databases: Update database.yml config file
 
 * Add `collation: utf8_general_ci` to config/database.yml as seen in [config/database.yml.mysql](config/database.yml.mysql)
 
 
-### 6. Start application
+### 5. Start application
 
     sudo service gitlab start
     sudo service nginx restart
 
-### 7. Check application status
+### 6. Check application status
 
 Check if GitLab and its environment are configured correctly:
 
@@ -123,17 +95,15 @@ To make sure you didn't miss anything run a more thorough check with:
 
 If all items are green, then congratulations upgrade is complete!
 
-### 8. Update OmniAuth configuration
 
-When using Google omniauth login, changes of the Google account required.
-Ensure that `Contacts API` and the `Google+ API` are enabled in the [Google Developers Console](https://console.developers.google.com/).
-More details can be found at the [integration documentation](../integration/google.md).
-
-### 9. Optional optimizations for GitLab setups with MySQL databases
+### 7. Optional optimizations for GitLab setups with MySQL databases
 
 Only applies if running MySQL database created with GitLab 6.7 or earlier. If you are not experiencing any issues you may not need the following instructions however following them will bring your database in line with the latest recommended installation configuration and help avoid future issues. Be sure to follow these directions exactly. These directions should be safe for any MySQL instance but to be sure make a current MySQL database backup beforehand.
 
 ```
+# Stop GitLab
+sudo service gitlab stop
+
 # Secure your MySQL installation (added in GitLab 6.2)
 sudo mysql_secure_installation
 
@@ -195,6 +165,9 @@ mysql> \q
 #   Set production -> username: git
 #   Set production -> password: the password your replaced $password with earlier
 sudo -u git -H editor /home/git/gitlab/config/database.yml
+
+# Run thorough check
+sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
 ```
 
 

features/admin/groups.feature

@@ -25,3 +25,10 @@ Feature: Admin Groups
     Given group has shared projects
     When I visit group page
     Then I should see project shared with group
+
+  @javascript
+  Scenario: Remove user from group
+    Given we have user "John Doe" in group
+    When I visit admin group page
+    And I remove user "John Doe" from group
+    Then I should not see "John Doe" in team list

features/project/source/browse_files.feature

@@ -34,6 +34,16 @@ Feature: Project Source Browse Files
     Then I am redirected to the new file
     And I should see its new content
 
+  @javascript
+  Scenario: If I enter an illegal file name I see an error message
+    Given I click on "new file" link in repo
+    And I fill the new file name with an illegal name
+    And I edit code
+    And I fill the commit message
+    And I click on "Commit changes"
+    Then I am on the new file page
+    And I see a commit error message
+
   @javascript
   Scenario: I can edit file
     Given I click on ".gitignore" file in repo
@@ -50,6 +60,16 @@ Feature: Project Source Browse Files
     Then I am redirected to the ".gitignore"
     And I should see its new content
 
+  @javascript  @wip
+  Scenario: If I don't change the content of the file I see an error message
+    Given I click on ".gitignore" file in repo
+    And I click button "edit"
+    And I fill the commit message
+    And I click on "Commit changes"
+    # Test fails because carriage returns are added to the file.
+    Then I am on the ".gitignore" edit file page
+    And I see a commit error message
+
   @javascript
   Scenario: I can see editing preview
     Given I click on ".gitignore" file in repo

features/steps/admin/groups.rb

@@ -37,8 +37,7 @@ class Spinach::Features::AdminGroups < Spinach::FeatureSteps
   end
 
   When 'I select user "John Doe" from user list as "Reporter"' do
-    user = User.find_by(name: "John Doe")
-    select2(user.id, from: "#user_ids", multiple: true)
+    select2(user_john.id, from: "#user_ids", multiple: true)
     within "#new_team_member" do
       select "Reporter", from: "access_level"
     end
@@ -73,6 +72,22 @@ class Spinach::Features::AdminGroups < Spinach::FeatureSteps
     page.should have_content "Projects shared with"
   end
 
+  step 'we have user "John Doe" in group' do
+    current_group.add_user(user_john, Gitlab::Access::REPORTER)
+  end
+
+  step 'I remove user "John Doe" from group' do
+    within "#user_#{user_john.id}" do
+      click_link 'Remove user from group'
+    end
+  end
+
+  step 'I should not see "John Doe" in team list' do
+    within ".group-users-list" do
+      page.should_not have_content "John Doe"
+    end
+  end
+
   protected
 
   def current_group
@@ -82,4 +97,8 @@ class Spinach::Features::AdminGroups < Spinach::FeatureSteps
   def shared_project
     @shared_project ||= create(:empty_project)
   end
+
+  def user_john
+    @user_john ||= User.find_by(name: "John Doe")
+  end
 end

features/steps/project/source/browse_files.rb

@@ -61,6 +61,10 @@ class Spinach::Features::ProjectSourceBrowseFiles < Spinach::FeatureSteps
     fill_in :file_name, with: new_file_name
   end
 
+  step 'I fill the new file name with an illegal name' do
+    fill_in :file_name, with: '.git'
+  end
+
   step 'I fill the commit message' do
     fill_in :commit_message, with: 'Not yet a commit message.'
   end
@@ -151,6 +155,10 @@ class Spinach::Features::ProjectSourceBrowseFiles < Spinach::FeatureSteps
     expect(page).not_to have_link('permalink')
   end
 
+  step 'I see a commit error message' do
+    expect(page).to have_content('Your changes could not be committed')
+  end
+
   private
 
   def set_new_content

features/steps/shared/paths.rb

@@ -280,6 +280,15 @@ module SharedPaths
     visit project_blob_path(@project, File.join(root_ref, '.gitignore'))
   end
 
+  step 'I am on the new file page' do
+    current_path.should eq(project_new_tree_path(@project, root_ref))
+  end
+
+  step 'I am on the ".gitignore" edit file page' do
+    current_path.should eq(project_edit_tree_path(
+      @project, File.join(root_ref, '.gitignore')))
+  end
+
   step 'I visit project source page for "6d39438"' do
     visit project_tree_path(@project, "6d39438")
   end

lib/api/files.rb

@@ -85,7 +85,7 @@ module API
             branch_name: branch_name
           }
         else
-          render_api_error!(result[:error], 400)
+          render_api_error!(result[:message], 400)
         end
       end
 
@@ -117,7 +117,7 @@ module API
             branch_name: branch_name
           }
         else
-          render_api_error!(result[:error], 400)
+          render_api_error!(result[:message], 400)
         end
       end
 
@@ -149,7 +149,7 @@ module API
             branch_name: branch_name
           }
         else
-          render_api_error!(result[:error], 400)
+          render_api_error!(result[:message], 400)
         end
       end
     end

lib/backup/repository.rb

@@ -30,7 +30,7 @@ module Backup
 
         if File.exists?(path_to_repo(wiki))
           print " * #{wiki.path_with_namespace} ... "
-          if wiki.empty?
+          if wiki.repository.empty?
             puts " [SKIPPED]".cyan
           else
             output, status = Gitlab::Popen.popen(%W(git --git-dir=#{path_to_repo(wiki)} bundle create #{path_to_bundle(wiki)} --all))

lib/gitlab/ldap/adapter.rb

@@ -46,7 +46,7 @@ module Gitlab
         groups(*args).first
       end
 
-      def users(field, value)
+      def users(field, value, limit = nil)
         if field.to_sym == :dn
           options = {
             base: value,
@@ -69,6 +69,10 @@ module Gitlab
                              end
         end
 
+        if limit.present?
+          options.merge!(size: limit)
+        end
+
         entries = ldap_search(options).select do |entry|
           entry.respond_to? config.uid
         end

lib/tasks/gitlab/check.rake

@@ -664,7 +664,7 @@ namespace :gitlab do
       warn_user_is_not_gitlab
       start_checking "LDAP"
 
-      if ldap_config.enabled
+      if Gitlab::LDAP::Config.enabled?
         print_users(args.limit)
       else
         puts 'LDAP is disabled in config/gitlab.yml'
@@ -675,39 +675,19 @@ namespace :gitlab do
 
     def print_users(limit)
       puts "LDAP users with access to your GitLab server (only showing the first #{limit} results)"
-      ldap.search(attributes: attributes, filter: filter, size: limit, return_result: false) do |entry|
-        puts "DN: #{entry.dn}\t#{ldap_config.uid}: #{entry[ldap_config.uid]}"
-      end
-    end
-
-    def attributes
-      [ldap_config.uid]
-    end
 
-    def filter
-      uid_filter = Net::LDAP::Filter.present?(ldap_config.uid)
-      if user_filter
-        Net::LDAP::Filter.join(uid_filter, user_filter)
-      else
-        uid_filter
-      end
-    end
+      servers = Gitlab::LDAP::Config.providers
 
-    def user_filter
-      if ldap_config['user_filter'] && ldap_config.user_filter.present?
-        Net::LDAP::Filter.construct(ldap_config.user_filter)
-      else
-        nil
+      servers.each do |server|
+        puts "Server: #{server}"
+        Gitlab::LDAP::Adapter.open(server) do |adapter|
+          users = adapter.users(adapter.config.uid, '*', 100)
+          users.each do |user|
+            puts "\tDN: #{user.dn}\t #{adapter.config.uid}: #{user.uid}"
+          end
+        end
       end
     end
-
-    def ldap
-      @ldap ||= OmniAuth::LDAP::Adaptor.new(ldap_config).connection
-    end
-
-    def ldap_config
-      @ldap_config ||= Gitlab.config.ldap
-    end
   end
 
   # Helper methods

spec/models/slack_service_spec.rb

@@ -77,5 +77,25 @@ describe SlackService do
         WebMock.should have_requested(:post, api_url).once
       end
     end
+
+    context 'with new webhook syntax with slack allowed team name' do
+      before do
+        @allowed_webhook = 'https://gitlab-hq-123.slack.com/services/hooks/incoming-webhook?token=cdIj4r4LfXUOySDUjp0tk3OI'
+        slack_service.stub(
+          project: project,
+          project_id: project.id,
+          service_hook: true,
+          webhook: @allowed_webhook
+        )
+
+        WebMock.stub_request(:post, @allowed_webhook)
+      end
+
+      it "should call Slack API" do
+        slack_service.execute(sample_data)
+
+        WebMock.should have_requested(:post, @allowed_webhook).once
+      end
+    end
   end
 end