Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ee into ce_upstream

aefea581 · Valery Sizov · 85201751 · 4c2d4315 · aefea581 · aefea581
Commit aefea581 authored Oct 25, 2016 by Valery Sizov
10 changed files
--- a/CHANGELOG-EE.md
+++ b/CHANGELOG-EE.md
 Please view this file on the master branch, on stable branches it's out of date.

+## 8.13.1
+
+  - Fix Elasticsearch::Transport::Transport::Errors::BadRequest when ES is enabled. #21036
+  - Hides multiple board actions if user doesnt have permissions
+
 ## 8.13.0 (2016-10-22)

  - Cache the last usage data to avoid unicorn timeouts

--- a/app/models/concerns/protected_branch_access.rb
+++ b/app/models/concerns/protected_branch_access.rb
@@ -8,6 +8,9 @@ module ProtectedBranchAccess
                            scope: :protected_branch,
                            unless: Proc.new { |access_level| access_level.user_id? || access_level.group_id? },
                            conditions: -> { where(user_id: nil, group_id: nil) }
+
+    scope :master, -> { where(access_level: Gitlab::Access::MASTER) }
+    scope :developer, -> { where(access_level: Gitlab::Access::DEVELOPER) }
  end

  def type

--- a/app/models/diff_note.rb
+++ b/app/models/diff_note.rb
 class DiffNote < Note
+  # Elastic search configuration (it does not support STI properly)
+  document_type 'note'
+  index_name [Rails.application.class.parent_name.downcase, Rails.env].join('-')
+  include Elastic::NotesSearch
+
  include NoteOnDiff

  serialize :original_position, Gitlab::Diff::Position

--- a/app/models/legacy_diff_note.rb
+++ b/app/models/legacy_diff_note.rb
 class LegacyDiffNote < Note
+  # Elastic search configuration (it does not support STI properly)
+  document_type 'note'
+  index_name [Rails.application.class.parent_name.downcase, Rails.env].join('-')
+  include Elastic::NotesSearch
+
  include NoteOnDiff

  serialize :st_diff

--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -58,6 +58,7 @@ class ProjectPolicy < BasePolicy
    can! :update_issue
    can! :admin_issue
    can! :admin_label
+    can! :admin_board
    can! :admin_list
    can! :read_commit_status
    can! :read_build

--- a/app/services/protected_branches/api_update_service.rb
+++ b/app/services/protected_branches/api_update_service.rb
@@ -12,6 +12,7 @@ module ProtectedBranches

      protected_branch.transaction do
        delete_redundant_access_levels
+        delete_redundant_ee_access_levels

        case @developers_can_push
        when true
@@ -43,5 +44,26 @@ module ProtectedBranches
        @protected_branch.push_access_levels.destroy_all
      end
    end
+
+    # If a protected branch can have more than one access level (EE), only
+    # remove the relevant access levels. If we don't do this, we'll have a
+    # failed validation.
+    def delete_redundant_ee_access_levels
+      case @developers_can_merge
+      when true
+        @protected_branch.merge_access_levels.developer.destroy_all
+      when false
+        @protected_branch.merge_access_levels.developer.destroy_all
+        @protected_branch.merge_access_levels.master.destroy_all
+      end
+
+      case @developers_can_push
+      when true
+        @protected_branch.push_access_levels.developer.destroy_all
+      when false
+        @protected_branch.push_access_levels.developer.destroy_all
+        @protected_branch.push_access_levels.master.destroy_all
+      end
+    end
  end
 end
--- a/app/views/projects/boards/_title.html.haml
+++ b/app/views/projects/boards/_title.html.haml
@@ -23,39 +23,41 @@
              {{ board.name }}
      .dropdown-loading{ "v-if" => "loading" }
        = icon("spin spinner")
-      %board-selector-form{ "inline-template" => true,
-        "v-if" => "currentPage === 'edit'",
-        "type" => "edit",
-        ":current-board.sync" => "currentBoard",
-        ":current-page.sync" => "currentPage",
-        ":reload.sync" => "reload" }
-        = render "projects/boards/components/form"
-      %board-selector-form{ "inline-template" => true,
-        "v-if" => "currentPage === 'new'",
-        "type" => "new",
-        ":current-page.sync" => "currentPage",
-        ":reload.sync" => "reload" }
-        = render "projects/boards/components/form"
-      .dropdown-content.board-selector-page-two{ "v-if" => "currentPage === 'delete'" }
-        %p
-          Are you sure you want to delete this board?
-        .board-delete-btns.clearfix
-          = link_to "",
-            class: "btn btn-danger pull-left",
-            method: :delete,
-            ":href" => "'#{namespace_project_boards_path(@project.namespace, @project)}/' + currentBoard.id" do
-            Delete
-          %button.btn.btn-default.pull-right{ type: "button",
-            "@click.stop.prevent" => "currentPage = ''" }
-            Cancel
-      .dropdown-footer{ "v-if" => "currentPage === ''" }
-        %ul.dropdown-footer-list
-          %li
-            %a{ "href" => "#", "@click.stop.prevent" => "showPage('new')" }
-              Create new board
-          %li
-            %a{ "href" => "#", "@click.stop.prevent" => "showPage('edit')" }
-              Edit board name
-          %li{ "v-if" => "showDelete" }
-            %a.text-danger{ "href" => "#", "@click.stop.prevent" => "showPage('delete')" }
-              Delete board
+      - if can?(current_user, :admin_board, @project)
+        %board-selector-form{ "inline-template" => true,
+          "v-if" => "currentPage === 'edit'",
+          "type" => "edit",
+          ":current-board.sync" => "currentBoard",
+          ":current-page.sync" => "currentPage",
+          ":reload.sync" => "reload" }
+          = render "projects/boards/components/form"
+        %board-selector-form{ "inline-template" => true,
+          "v-if" => "currentPage === 'new'",
+          "type" => "new",
+          ":current-page.sync" => "currentPage",
+          ":reload.sync" => "reload" }
+          = render "projects/boards/components/form"
+        .dropdown-content.board-selector-page-two{ "v-if" => "currentPage === 'delete'" }
+          %p
+            Are you sure you want to delete this board?
+          .board-delete-btns.clearfix
+            = link_to "",
+              class: "btn btn-danger pull-left",
+              method: :delete,
+              ":href" => "'#{namespace_project_boards_path(@project.namespace, @project)}/' + currentBoard.id" do
+              Delete
+            %button.btn.btn-default.pull-right{ type: "button",
+              "@click.stop.prevent" => "currentPage = ''" }
+              Cancel
+      - if can?(current_user, :admin_board, @project)
+        .dropdown-footer{ "v-if" => "currentPage === ''" }
+          %ul.dropdown-footer-list
+            %li
+              %a{ "href" => "#", "@click.stop.prevent" => "showPage('new')" }
+                Create new board
+            %li
+              %a{ "href" => "#", "@click.stop.prevent" => "showPage('edit')" }
+                Edit board name
+            %li{ "v-if" => "showDelete" }
+              %a.text-danger{ "href" => "#", "@click.stop.prevent" => "showPage('delete')" }
+                Delete board
--- a/spec/features/boards/multiple_boards_spec.rb
+++ b/spec/features/boards/multiple_boards_spec.rb
@@ -10,136 +10,155 @@ describe 'Multiple Issue Boards', feature: true, js: true do
  let!(:board)    { create(:board, project: project) }
  let!(:board2)   { create(:board, project: project) }

-  before do
-    project.team << [user, :master]
+  context 'authorized user' do
+    before do
+      project.team << [user, :master]

-    login_as(user)
+      login_as(user)

-    visit namespace_project_boards_path(project.namespace, project)
-    wait_for_vue_resource
-  end
+      visit namespace_project_boards_path(project.namespace, project)
+      wait_for_vue_resource
+    end

-  it 'shows current board name' do
-    page.within('.boards-switcher') do
-      expect(page).to have_content(board.name)
+    it 'shows current board name' do
+      page.within('.boards-switcher') do
+        expect(page).to have_content(board.name)
+      end
    end
-  end

-  it 'shows a list of boards' do
-    click_button board.name
+    it 'shows a list of boards' do
+      click_button board.name

-    page.within('.boards-title-holder .dropdown-menu') do
-      expect(page).to have_content(board.name)
-      expect(page).to have_content(board2.name)
+      page.within('.boards-title-holder .dropdown-menu') do
+        expect(page).to have_content(board.name)
+        expect(page).to have_content(board2.name)
+      end
    end
-  end

-  it 'switches current board' do
-    click_button board.name
+    it 'switches current board' do
+      click_button board.name

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link board2.name
-    end
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link board2.name
+      end

-    wait_for_vue_resource
+      wait_for_vue_resource

-    page.within('.boards-switcher') do
-      expect(page).to have_content(board2.name)
+      page.within('.boards-switcher') do
+        expect(page).to have_content(board2.name)
+      end
    end
-  end

-  it 'creates new board' do
-    click_button board.name
+    it 'creates new board' do
+      click_button board.name

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link 'Edit board name'
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link 'Edit board name'

-      fill_in 'board-new-name', with: 'Testing'
+        fill_in 'board-new-name', with: 'Testing'

-      click_button 'Save'
-    end
+        click_button 'Save'
+      end

-    wait_for_vue_resource
+      wait_for_vue_resource

-    page.within('.boards-title-holder .dropdown-menu') do
-      expect(page).to have_content('Testing')
+      page.within('.boards-title-holder .dropdown-menu') do
+        expect(page).to have_content('Testing')
+      end
    end
-  end

-  it 'edits board name' do
-    click_button board.name
+    it 'edits board name' do
+      click_button board.name

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link 'Edit board name'
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link 'Edit board name'

-      fill_in 'board-new-name', with: 'Testing'
+        fill_in 'board-new-name', with: 'Testing'

-      click_button 'Save'
-    end
+        click_button 'Save'
+      end

-    wait_for_vue_resource
+      wait_for_vue_resource

-    page.within('.boards-title-holder .dropdown-menu') do
-      expect(page).to have_content('Testing')
+      page.within('.boards-title-holder .dropdown-menu') do
+        expect(page).to have_content('Testing')
+      end
    end
-  end

-  it 'deletes board' do
-    click_button board.name
+    it 'deletes board' do
+      click_button board.name

-    wait_for_vue_resource
+      wait_for_vue_resource

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link 'Delete board'
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link 'Delete board'

-      page.within('.dropdown-title') do
-        expect(page).to have_content('Delete board')
+        page.within('.dropdown-title') do
+          expect(page).to have_content('Delete board')
+        end
+
+        click_link 'Delete'
      end

-      click_link 'Delete'
+      click_button board2.name
+
+      page.within('.boards-title-holder .dropdown-menu') do
+        expect(page).not_to have_content(board.name)
+        expect(page).to have_content(board2.name)
+      end
    end

-    click_button board2.name
+    it 'adds a list to the none default board' do
+      click_button board.name

-    page.within('.boards-title-holder .dropdown-menu') do
-      expect(page).not_to have_content(board.name)
-      expect(page).to have_content(board2.name)
-    end
-  end
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link board2.name
+      end

-  it 'adds a list to the none default board' do
-    click_button board.name
+      wait_for_vue_resource

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link board2.name
-    end
+      page.within('.boards-switcher') do
+        expect(page).to have_content(board2.name)
+      end

-    wait_for_vue_resource
+      click_button 'Create new list'

-    page.within('.boards-switcher') do
-      expect(page).to have_content(board2.name)
-    end
+      wait_for_ajax

-    click_button 'Create new list'
+      page.within '.dropdown-menu-issues-board-new' do
+        click_link planning.title
+      end

-    wait_for_ajax
+      wait_for_vue_resource

-    page.within '.dropdown-menu-issues-board-new' do
-      click_link planning.title
-    end
+      expect(page).to have_selector('.board', count: 3)

-    wait_for_vue_resource
+      click_button board2.name
+
+      page.within('.boards-title-holder .dropdown-menu') do
+        click_link board.name
+      end

-    expect(page).to have_selector('.board', count: 3)
+      wait_for_vue_resource

-    click_button board2.name
+      expect(page).to have_selector('.board', count: 2)
+    end
+  end

-    page.within('.boards-title-holder .dropdown-menu') do
-      click_link board.name
+  context 'unauthorized user' do
+    before do
+      visit namespace_project_boards_path(project.namespace, project)
+      wait_for_vue_resource
    end

-    wait_for_vue_resource
+    it 'does not show action links' do
+      click_button board.name

-    expect(page).to have_selector('.board', count: 2)
+      page.within('.boards-title-holder .dropdown-menu') do
+        expect(page).not_to have_content('Create new board')
+        expect(page).not_to have_content('Edit board name')
+        expect(page).not_to have_content('Delete board')
+      end
+    end
  end
 end
--- a/spec/models/concerns/elastic/note_spec.rb
+++ b/spec/models/concerns/elastic/note_spec.rb
@@ -29,6 +29,24 @@ describe Note, elastic: true do
    expect(described_class.elastic_search('term', options: options).total_count).to eq(1)
  end

+  it "indexes && searches diff notes" do
+    notes = []
+
+    Sidekiq::Testing.inline! do
+      notes << create(:diff_note_on_merge_request, note: "term")
+      notes << create(:diff_note_on_commit, note: "term")
+      notes << create(:legacy_diff_note_on_merge_request, note: "term")
+      notes << create(:legacy_diff_note_on_commit, note: "term")
+
+      Gitlab::Elastic::Helper.refresh_index
+    end
+
+    project_ids = notes.map { |note| note.noteable.project.id }
+    options = { project_ids: project_ids }
+
+    expect(described_class.elastic_search('term', options: options).total_count).to eq(4)
+  end
+
  it "returns json with all needed elements" do
    note = create :note


--- a/spec/requests/api/branches_spec.rb
+++ b/spec/requests/api/branches_spec.rb
@@ -163,6 +163,19 @@ describe API::API, api: true  do
          expect(json_response['developers_can_merge']).to eq(true)
        end
      end
+
+      context "when no one can push" do
+        let(:protected_branch) { create(:protected_branch, :no_one_can_push, project: project, name: 'protected_branch') }
+
+        it "updates 'developers_can_push' without removing the 'no_one' access level" do
+          put api("/projects/#{project.id}/repository/branches/#{protected_branch.name}/protect", user),
+              developers_can_push: true, developers_can_merge: true
+
+          expect(response).to have_http_status(200)
+          expect(json_response['name']).to eq(protected_branch.name)
+          expect(protected_branch.reload.push_access_levels.pluck(:access_level)).to include(Gitlab::Access::NO_ACCESS)
+        end
+      end
    end

    context "multiple API calls" do