Merge remote-tracking branch 'ce/master'

CHANGELOG

@@ -31,6 +31,7 @@ v 8.6.0 (unreleased)
   - Add ability to show archived projects on dashboard, explore and group pages
   - Allow SSL verification to be configurable when importing GitHub projects
   - Move group activity to separate page
+  - Continue parameters are checked to ensure redirection goes to the same instance
 
 v 8.5.5
   - Ensure removing a project removes associated Todo entries

app/assets/javascripts/gl_dropdown.js.coffee

@@ -238,13 +238,15 @@ class GitLabDropdown
         selectedObject = @renderedData[selectedIndex]
       value = if @options.id then @options.id(selectedObject, el) else selectedObject.id
 
+      if !value?
+        field.remove()
+
       if @options.multiSelect
         oldValue = field.val()
         if oldValue
           value = "#{oldValue},#{value}"
       else
         @dropdown.find(ACTIVE_CLASS).removeClass ACTIVE_CLASS
-        field.remove()
 
       # Toggle active class for the tick mark
       el.toggleClass "is-active"

app/controllers/concerns/continue_params.rb

+module ContinueParams
+  extend ActiveSupport::Concern
+
+  def continue_params
+    continue_params = params[:continue]
+    return nil unless continue_params
+
+    continue_params = continue_params.permit(:to, :notice, :notice_now)
+    return unless continue_params[:to] && continue_params[:to].start_with?('/')
+
+    continue_params
+  end
+end

app/controllers/projects/forks_controller.rb

 class Projects::ForksController < Projects::ApplicationController
+  include ContinueParams
+
   # Authorize
   before_action :require_non_empty_project
   before_action :authorize_download_code!
@@ -53,15 +55,4 @@ class Projects::ForksController < Projects::ApplicationController
       render :error
     end
   end
-
-  private
-
-  def continue_params
-    continue_params = params[:continue]
-    if continue_params
-      continue_params.permit(:to, :notice, :notice_now)
-    else
-      nil
-    end
-  end
 end

app/controllers/projects/imports_controller.rb

 class Projects::ImportsController < Projects::ApplicationController
+  include ContinueParams
+
   # Authorize
   before_action :authorize_admin_project!
   before_action :require_no_repo, only: [:new, :create]
@@ -42,16 +44,6 @@ class Projects::ImportsController < Projects::ApplicationController
 
   private
 
-  def continue_params
-    continue_params = params[:continue]
-
-    if continue_params
-      continue_params.permit(:to, :notice, :notice_now)
-    else
-      nil
-    end
-  end
-
   def finished_notice
     if @project.forked?
       'The project was successfully forked.'

app/views/shared/issuable/_filter.html.haml

@@ -15,7 +15,7 @@
         .filter-item.inline
           - if params[:assignee_id]
             = hidden_field_tag(:assignee_id, params[:assignee_id])
-          = dropdown_tag("Assignee", options: { toggle_class: "js-user-search js-filter-submit", title: "Filter by assignee", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable",
+          = dropdown_tag("Assignee", options: { toggle_class: "js-user-search js-filter-submit js-assignee-search", title: "Filter by assignee", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable dropdown-menu-assignee",
             placeholder: "Search assignee", data: { any_user: "Any Author", first_user: (current_user.username if current_user), null_user: true, current_user: true, project_id: (@project.id if @project), selected: params[:assignee_id], field_name: "assignee_id" } })
 
         .filter-item.inline.milestone-filter

doc/api/notes.md

@@ -145,6 +145,7 @@ Parameters:
     "state": "active",
     "created_at": "2013-09-30T13:46:01Z"
   },
+  "expires_at": null,
   "updated_at": "2013-10-02T07:34:20Z",
   "created_at": "2013-10-02T07:34:20Z"
 }

doc/api/project_snippets.md

@@ -51,6 +51,7 @@ Parameters:
     "state": "active",
     "created_at": "2012-05-23T08:00:58Z"
   },
+  "expires_at": null,
   "updated_at": "2012-06-28T10:52:04Z",
   "created_at": "2012-06-28T10:52:04Z"
 }

doc/install/installation.md

@@ -233,9 +233,9 @@ sudo usermod -aG redis git
 ### Clone the Source
 
     # Clone GitLab repository
-    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ee.git -b 8-5-stable-ee gitlab
+    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ee.git -b 8-6-stable-ee gitlab
 
-**Note:** You can change `8-5-stable-ee` to `master` if you want the *bleeding edge* version, but never install master on a production server!
+**Note:** You can change `8-6-stable-ee` to `master` if you want the *bleeding edge* version, but never install master on a production server!
 
 ### Configure It
 

doc/update/8.5-to-8.6.md

+# From 8.5 to 8.6
+
+### 1. Stop server
+
+    sudo service gitlab stop
+
+### 2. Backup
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
+```
+
+### 3. Get latest code
+
+```bash
+sudo -u git -H git fetch --all
+sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
+```
+
+For GitLab Community Edition:
+
+```bash
+sudo -u git -H git checkout 8-6-stable
+```
+
+OR
+
+For GitLab Enterprise Edition:
+
+```bash
+sudo -u git -H git checkout 8-6-stable-ee
+```
+
+### 4. Update gitlab-shell
+
+```bash
+cd /home/git/gitlab-shell
+sudo -u git -H git fetch --all
+sudo -u git -H git checkout v2.6.11
+```
+
+### 5. Update gitlab-workhorse
+
+Install and compile gitlab-workhorse. This requires
+[Go 1.5](https://golang.org/dl) which should already be on your system from
+GitLab 8.1.
+
+```bash
+cd /home/git/gitlab-workhorse
+sudo -u git -H git fetch --all
+sudo -u git -H git checkout 0.6.5
+sudo -u git -H make
+```
+
+### 6. Install libs, migrations, etc.
+
+```bash
+cd /home/git/gitlab
+
+# MySQL installations (note: the line below states '--without postgres')
+sudo -u git -H bundle install --without postgres development test --deployment
+
+# PostgreSQL installations (note: the line below states '--without mysql')
+sudo -u git -H bundle install --without mysql development test --deployment
+
+# Optional: clean up old gems
+sudo -u git -H bundle clean
+
+# Run database migrations
+sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
+
+# Clean up assets and cache
+sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production
+
+```
+
+### 7. Update configuration files
+
+#### New configuration options for `gitlab.yml`
+
+There are new configuration options available for [`gitlab.yml`](config/gitlab.yml.example). View them with the command below and apply them manually to your current `gitlab.yml`:
+
+```sh
+git diff origin/8-5-stable:config/gitlab.yml.example origin/8-6-stable:config/gitlab.yml.example
+```
+
+#### Nginx configuration
+
+Ensure you're still up-to-date with the latest NGINX configuration changes:
+
+```sh
+# For HTTPS configurations
+git diff origin/8-5-stable:lib/support/nginx/gitlab-ssl origin/8-6-stable:lib/support/nginx/gitlab-ssl
+
+# For HTTP configurations
+git diff origin/8-5-stable:lib/support/nginx/gitlab origin/8-6-stable:lib/support/nginx/gitlab
+```
+
+If you are using Apache instead of NGINX please see the updated [Apache templates].
+Also note that because Apache does not support upstreams behind Unix sockets you
+will need to let gitlab-workhorse listen on a TCP port. You can do this
+via [/etc/default/gitlab].
+
+[Apache templates]: https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache
+[/etc/default/gitlab]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-6-stable/lib/support/init.d/gitlab.default.example#L37
+
+#### Init script
+
+Ensure you're still up-to-date with the latest init script changes:
+
+    sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
+
+### 8. Updates for PostgreSQL Users
+
+Starting with 8.6 users using GitLab in combination with PostgreSQL are required
+to have the `pg_trgm` extension enabled for all GitLab databases. If you're
+using GitLab's Omnibus packages there's nothing you'll need to do manually as
+this extension is enabled automatically. Users who install GitLab without using
+Omnibus (e.g. by building from source) have to enable this extension manually.
+To enable this extension run the following SQL command as a PostgreSQL super
+user for _every_ GitLab database:
+
+```sql
+CREATE EXTENSION IF NOT EXISTS pg_trgm;
+```
+
+Certain operating systems might require the installation of extra packages for
+this extension to be available. For example, users using Ubuntu will have to
+install the `postgresql-contrib` package in order for this extension to be
+available.
+
+### 9. Start application
+
+    sudo service gitlab start
+    sudo service nginx restart
+
+### 10. Check application status
+
+Check if GitLab and its environment are configured correctly:
+
+    sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
+
+To make sure you didn't miss anything run a more thorough check:
+
+    sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
+
+If all items are green, then congratulations, the upgrade is complete!
+
+## Things went south? Revert to previous version (8.5)
+
+### 1. Revert the code to the previous version
+
+Follow the [upgrade guide from 8.4 to 8.5](8.4-to-8.5.md), except for the
+database migration (the backup is already migrated to the previous version).
+
+### 2. Restore from the backup
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production
+```
+
+If you have more than one backup `*.tar` file(s) please add `BACKUP=timestamp_of_backup` to the command above.

doc/web_hooks/web_hooks.md

@@ -586,6 +586,7 @@ X-Gitlab-Event: Note Hook
     "created_at": "2015-04-09 02:40:38 UTC",
     "updated_at": "2015-04-09 02:40:38 UTC",
     "file_name": "test.rb",
+    "expires_at": null,
     "type": "ProjectSnippet",
     "visibility_level": 0
   }

features/project/network_graph.feature

@@ -34,9 +34,10 @@ Feature: Project Network Graph
   @javascript
   Scenario: I should filter selected tag
     When I switch ref to "v1.0.0"
+    Then page should have "v1.0.0" in title
     Then page should have content not containing "v1.0.0"
     When click "Show only selected branch" checkbox
-    Then page should not have content not containing "v1.0.0"
+    Then page should only have content from "v1.0.0"
     When click "Show only selected branch" checkbox
     Then page should have content not containing "v1.0.0"
 

features/steps/dashboard/issues.rb

@@ -36,22 +36,17 @@ class Spinach::Features::DashboardIssues < Spinach::FeatureSteps
   end
 
   step 'I click "Authored by me" link' do
-    execute_script('$("#assignee_id").val("")')
-    execute_script('$(".js-user-search").first().click()')
-    sleep 1
-    execute_script("$('.dropdown-content li:contains(\"#{current_user.to_reference}\") a').click()")
-    sleep 1
+    find("#assignee_id").set("")
+    find(".js-author-search", match: :first).click
+    find(".dropdown-menu-author li a", match: :first, text: current_user.to_reference).click
   end
 
   step 'I click "All" link' do
-    execute_script('$(".js-user-search").first().click()')
-    sleep 1
-    execute_script('$(".js-user-search").first().parent().find("li a").first().click()')
-    sleep 1
-    execute_script('$(".js-user-search").eq(1).click()')
-    sleep 1
-    execute_script('$(".js-user-search").eq(1).parent().find("li a").first().click()')
-    sleep 1
+    find('.js-author-search').click
+    find('.dropdown-menu-user-full-name', match: :first).click
+
+    find('.js-assignee-search').click
+    find('.dropdown-menu-user-full-name', match: :first).click
   end
 
   def should_see(issue)

features/steps/dashboard/merge_requests.rb

@@ -40,22 +40,16 @@ class Spinach::Features::DashboardMergeRequests < Spinach::FeatureSteps
   end
 
   step 'I click "Authored by me" link' do
-    execute_script('$("#assignee_id").val("")')
-    execute_script('$(".js-user-search").first().click()')
-    sleep 0.5
-    execute_script("$('.dropdown-content li:contains(\"#{current_user.to_reference}\") a').click()")
-    sleep 2
+    find("#assignee_id").set("")
+    find(".js-author-search", match: :first).click
+    find(".dropdown-menu-author li a", match: :first, text: current_user.to_reference).click
   end
 
   step 'I click "All" link' do
-    execute_script('$(".js-user-search").first().click()')
-    sleep 0.5
-    execute_script('$(".js-user-search").first().parent().find("li a").first().click()')
-    sleep 2
-    execute_script('$(".js-user-search").eq(1).click()')
-    sleep 0.5
-    execute_script('$(".js-user-search").eq(1).parent().find("li a").first().click()')
-    sleep 2
+    find(".js-author-search").click
+    find(".dropdown-menu-author li a", match: :first).click
+    find(".js-assignee-search").click
+    find(".dropdown-menu-assignee li a", match: :first).click
   end
 
   def should_see(merge_request)

features/steps/project/network_graph.rb

@@ -41,17 +41,14 @@ class Spinach::Features::ProjectNetworkGraph < Spinach::FeatureSteps
 
   When 'I switch ref to "feature"' do
     select 'feature', from: 'ref'
-    sleep 2
   end
 
   When 'I switch ref to "v1.0.0"' do
     select 'v1.0.0', from: 'ref'
-    sleep 2
   end
 
   When 'click "Show only selected branch" checkbox' do
     find('#filter_ref').click
-    sleep 2
   end
 
   step 'page should have content not containing "v1.0.0"' do
@@ -60,7 +57,11 @@ class Spinach::Features::ProjectNetworkGraph < Spinach::FeatureSteps
     end
   end
 
-  step 'page should not have content not containing "v1.0.0"' do
+  step 'page should have "v1.0.0" in title' do
+    expect(page).to have_css 'title', text: 'Network · v1.0.0', visible: false
+  end
+
+  step 'page should only have content from "v1.0.0"' do
     page.within '.network-graph' do
       expect(page).not_to have_content 'Change some files'
     end

lib/api/entities.rb

@@ -154,6 +154,9 @@ module API
       expose :id, :title, :file_name
       expose :author, using: Entities::UserBasic
       expose :updated_at, :created_at
+
+      # TODO (rspeicher): Deprecated; remove in 9.0
+      expose(:expires_at) { |snippet| nil }
     end
 
     class ProjectEntity < Grape::Entity

spec/controllers/projects/imports_controller_spec.rb

@@ -19,7 +19,7 @@ describe Projects::ImportsController do
       end
 
       it 'sets flash.now if params is present' do
-        get :show, namespace_id: project.namespace.to_param, project_id: project.to_param, continue: { notice_now: 'Started' }
+        get :show, namespace_id: project.namespace.to_param, project_id: project.to_param, continue: { to: '/', notice_now: 'Started' }
 
         expect(flash.now[:notice]).to eq 'Started'
       end
@@ -45,7 +45,7 @@ describe Projects::ImportsController do
         end
 
         it 'sets flash.now if params is present' do
-          get :show, namespace_id: project.namespace.to_param, project_id: project.to_param, continue: { notice_now: 'In progress' }
+          get :show, namespace_id: project.namespace.to_param, project_id: project.to_param, continue: { to: '/', notice_now: 'In progress' }
 
           expect(flash.now[:notice]).to eq 'In progress'
         end

spec/requests/api/project_snippets_spec.rb

+require 'rails_helper'
+
+describe API::API, api: true do
+  include ApiHelpers
+
+  describe 'GET /projects/:project_id/snippets/:id' do
+    # TODO (rspeicher): Deprecated; remove in 9.0
+    it 'always exposes expires_at as nil' do
+      admin = create(:admin)
+      snippet = create(:project_snippet, author: admin)
+
+      get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}", admin)
+
+      expect(json_response).to have_key('expires_at')
+      expect(json_response['expires_at']).to be_nil
+    end
+  end
+end