Merge remote-tracking branch 'upstream/master' into 36807-gc-unwanted-refs-after-import

* upstream/master: Don't use public_send in destroy_conditionally! helper Fix MySQL failure for emoji autocomplete max-width for lazy-loaded images (this was removed in the original MR through merge resolution most probably) Replace 'project/user_lookup.feature' spinach test with an rspec analog Move GPG signed commits docs to new location

Merge remote-tracking branch 'upstream/master' into 36807-gc-unwanted-refs-after-import
* upstream/master: Don't use public_send in destroy_conditionally! helper Fix MySQL failure for emoji autocomplete max-width for lazy-loaded images (this was removed in the original MR through merge resolution most probably) Replace 'project/user_lookup.feature' spinach test with an rspec analog Move GPG signed commits docs to new location
c6371ae9 · Lin Jen-Shin · c5553ce7 · f7c8434c · c6371ae9 · c6371ae9
Commit c6371ae9 authored Aug 31, 2017 by Lin Jen-Shin
21 changed files
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -25,6 +25,7 @@
    min-width: inherit;
    min-height: inherit;
    background-color: inherit;
+    max-width: 100%;
  }
  p a:not(.no-attachment-icon) img {

--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -55,7 +55,7 @@ class AutocompleteController < ApplicationController
      .limit(AWARD_EMOJI_MAX)
      .where(user: current_user)
      .group(:name)
-      .order(count: :desc, name: :asc)
+      .order('count_all DESC, name ASC')
      .count
    # Transform from hash to array to guarantee json order

--- a/app/views/profiles/gpg_keys/index.html.haml
+++ b/app/views/profiles/gpg_keys/index.html.haml
@@ -12,7 +12,7 @@
      Add a GPG key
    %p.profile-settings-content
      Before you can add a GPG key you need to
-      = link_to 'generate it.', help_page_path('user/project/gpg_signed_commits/index.md')
+      = link_to 'generate it.', help_page_path('user/project/repository/gpg_signed_commits/index.md')
    = render 'form'
    %hr
    %h5

--- a/app/views/projects/commit/_signature_badge.html.haml
+++ b/app/views/projects/commit/_signature_badge.html.haml
@@ -12,7 +12,7 @@
  %span.monospace= signature.gpg_key_primary_keyid
-  = link_to('Learn more about signing commits', help_page_path('user/project/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
+  = link_to('Learn more about signing commits', help_page_path('user/project/repository/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
 %button{ class: css_classes, data: { toggle: 'popover', html: 'true', placement: 'auto top', title: title, content: content } }
  = label
--- a/changelogs/unreleased/replace_spinach_user_lookup-feature.yml
+++ b/changelogs/unreleased/replace_spinach_user_lookup-feature.yml
+---
+title: Replace 'project/user_lookup.feature' spinach test with an rspec analog
+merge_request: 13863
+author: Vitaliy @blackst0ne Klachkov
+type: other
--- a/doc/README.md
+++ b/doc/README.md
@@ -77,6 +77,8 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
  - [Create a branch](user/project/repository/web_editor.md#create-a-new-branch)
  - [Protected branches](user/project/protected_branches.md#protected-branches)
  - [Delete merged branches](user/project/repository/branches/index.md#delete-merged-branches)
+- Commits
+  - [Signing commits](user/project/repository/gpg_signed_commits/index.md): use GPG to sign your commits.
 ### Issues and Merge Requests (MRs)
@@ -98,7 +100,6 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
 - [Git](topics/git/index.md): Getting started with Git, branching strategies, Git LFS, advanced use.
 - [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf): Download a PDF describing the most used Git operations.
 - [GitLab Flow](workflow/gitlab_flow.md): explore the best of Git with the GitLab Flow strategy.
- [Signing commits](user/project/gpg_signed_commits/index.md): use GPG to sign your commits.
 ### Migrate and import your projects from other platforms

--- a/doc/user/project/gpg_signed_commits/index.md
+++ b/doc/user/project/gpg_signed_commits/index.md
-# Signing commits with GPG
+This document was moved to [another location](../repository/gpg_signed_commits/index.md).
-> [Introduced][ce-9546] in GitLab 9.5.
-GitLab can show whether a commit is verified or not when signed with a GPG key.
-All you need to do is upload the public GPG key in your profile settings.
-GPG verified tags are not supported yet.
-## Getting started with GPG
-Here are a few guides to get you started with GPG:
- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
-## How GitLab handles GPG
-GitLab uses its own keyring to verify the GPG signature. It does not access any
-public key server.
-In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab. For a signature to be verified two prerequisites need
-to be met:
-1. The public key needs to be added your GitLab account
-1. One of the emails in the GPG key matches your **primary** email
-## Generating a GPG key
-If you don't already have a GPG key, the following steps will help you get
-started:
-1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
-1. Generate the private/public key pair with the following command:
-    ```sh
-    gpg --full-gen-key
-    ```
-    This will spawn a series of questions.
-1. The first question is which algorithm can be used.  Select the kind you want
-   or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
-    ```
-    Please select what kind of key you want:
-       (1) RSA and RSA (default)
-       (2) DSA and Elgamal
-       (3) DSA (sign only)
-       (4) RSA (sign only)
-    Your selection? 1
-    ```
-1. The next question is key length. We recommend to choose the highest value
-   which is `4096`:
-    ```
-    RSA keys may be between 1024 and 4096 bits long.
-    What keysize do you want? (2048) 4096
-    Requested keysize is 4096 bits
-    ```
-1. Next, you need to specify the validity period of your key. This is something
-   subjective, and you can use the default value which is to never expire:
-    ```
-    Please specify how long the key should be valid.
-             0 = key does not expire
-          <n>  = key expires in n days
-          <n>w = key expires in n weeks
-          <n>m = key expires in n months
-          <n>y = key expires in n years
-    Key is valid for? (0) 0
-    Key does not expire at all
-    ```
-1. Confirm that the answers you gave were correct by typing `y`:
-    ```
-    Is this correct? (y/N) y
-    ```
-1. Enter you real name, the email address to be associated with this key (should
-   match the primary email address you use in GitLab) and an optional comment
-   (press <kbd>Enter</kbd> to skip):
-    ```
-    GnuPG needs to construct a user ID to identify your key.
-    Real name: Mr. Robot
-    Email address: mr@robot.sh
-    Comment:
-    You selected this USER-ID:
-        "Mr. Robot <mr@robot.sh>"
-    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
-    ```
-1. Pick a strong password when asked and type it twice to confirm.
-1. Use the following command to list the private GPG key you just created:
-    ```
-    gpg --list-secret-keys mr@robot.sh
-    ```
-    Replace `mr@robot.sh` with the email address you entered above.
-1. Copy the GPG key ID that starts with `sec`. In the following example, that's
-   `0x30F2B65B9246B6CA`:
-    ```
-    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
-          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
-    uid                   [ultimate] Mr. Robot <mr@robot.sh>
-    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
-    ```
-1. Export the public key of that ID (replace your key ID from the previous step):
-    ```
-    gpg --armor --export 0x30F2B65B9246B6CA
-    ```
-1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
-## Adding a GPG key to your account
->**Note:**
-Once you add a key, you cannot edit it, only remove it. In case the paste
-didn't work, you'll have to remove the offending key and re-add it.
-You can add a GPG key in your profile's settings:
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-    ![Settings dropdown](../../profile/img/profile_settings_dropdown.png)
-1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
-   box.
-    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
-1. Finally, click on **Add key** to add it to GitLab. You will be able to see
-   its fingerprint, the corresponding email address and creation date.
-    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
-## Associating your GPG key with Git
-After you have [created your GPG key](#generating-a-gpg-key) and [added it to
-your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
-key to use.
-1. Use the following command to list the private GPG key you just created:
-    ```
-    gpg --list-secret-keys mr@robot.sh
-    ```
-    Replace `mr@robot.sh` with the email address you entered above.
-1. Copy the GPG key ID that starts with `sec`. In the following example, that's
-   `0x30F2B65B9246B6CA`:
-    ```
-    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
-          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
-    uid                   [ultimate] Mr. Robot <mr@robot.sh>
-    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
-    ```
-1. Tell Git to use that key to sign the commits:
-    ```
-    git config --global user.signingkey 0x30F2B65B9246B6CA
-    ```
-    Replace `0x30F2B65B9246B6CA` with your GPG key ID.
-## Signing commits
-After you have [created your GPG key](#generating-a-gpg-key) and [added it to
-your account](#adding-a-gpg-key-to-your-account), you can start signing your
-commits:
-1. Commit like you used to, the only difference is the addition of the `-S` flag:
-    ```
-    git commit -S -m "My commit msg"
-    ```
-1. Enter the passphrase of your GPG key when asked.
-1. Push to GitLab and check that your commits [are verified](#verifying-commits).
-If you don't want to type the `-S` flag every time you commit, you can tell Git
-to sign your commits automatically:
-```
-git config --global commit.gpgsign true
-```
-## Verifying commits
-1. Within a project or [merge request](../merge_requests/index.md), navigate to
-   the **Commits** tab. Signed commits will show a badge containing either
-   "Verified" or "Unverified", depending on the verification status of the GPG
-   signature.
-    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
-1. By clicking on the GPG badge, details of the signature are displayed.
-    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
-    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
-## Revoking a GPG key
-Revoking a key **unverifies** already signed commits. Commits that were
-verified by using this key will change to an unverified state. Future commits
-will also stay unverified once you revoke this key. This action should be used
-in case your key has been compromised.
-To revoke a GPG key:
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-1. Navigate to the **GPG keys** tab.
-1. Click on **Revoke** besides the GPG key you want to delete.
-## Removing a GPG key
-Removing a key **does not unverify** already signed commits. Commits that were
-verified by using this key will stay verified. Only unpushed commits will stay
-unverified once you remove this key. To unverify already signed commits, you need
-to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
-To remove a GPG key from your account:
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-1. Navigate to the **GPG keys** tab.
-1. Click on the trash icon besides the GPG key you want to delete.
-[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
--- a/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
+++ b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
--- a/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
+++ b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
--- a/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
--- a/doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
--- a/doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png
--- a/doc/user/project/repository/gpg_signed_commits/index.md
+++ b/doc/user/project/repository/gpg_signed_commits/index.md
+# Signing commits with GPG
+> [Introduced][ce-9546] in GitLab 9.5.
+GitLab can show whether a commit is verified or not when signed with a GPG key.
+All you need to do is upload the public GPG key in your profile settings.
+GPG verified tags are not supported yet.
+## Getting started with GPG
+Here are a few guides to get you started with GPG:
+- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
+- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
+- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
+- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
+## How GitLab handles GPG
+GitLab uses its own keyring to verify the GPG signature. It does not access any
+public key server.
+In order to have a commit verified on GitLab the corresponding public key needs
+to be uploaded to GitLab. For a signature to be verified two prerequisites need
+to be met:
+1. The public key needs to be added your GitLab account
+1. One of the emails in the GPG key matches your **primary** email
+## Generating a GPG key
+If you don't already have a GPG key, the following steps will help you get
+started:
+1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
+1. Generate the private/public key pair with the following command:
+    ```sh
+    gpg --full-gen-key
+    ```
+    This will spawn a series of questions.
+1. The first question is which algorithm can be used.  Select the kind you want
+   or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
+    ```
+    Please select what kind of key you want:
+       (1) RSA and RSA (default)
+       (2) DSA and Elgamal
+       (3) DSA (sign only)
+       (4) RSA (sign only)
+    Your selection? 1
+    ```
+1. The next question is key length. We recommend to choose the highest value
+   which is `4096`:
+    ```
+    RSA keys may be between 1024 and 4096 bits long.
+    What keysize do you want? (2048) 4096
+    Requested keysize is 4096 bits
+    ```
+1. Next, you need to specify the validity period of your key. This is something
+   subjective, and you can use the default value which is to never expire:
+    ```
+    Please specify how long the key should be valid.
+             0 = key does not expire
+          <n>  = key expires in n days
+          <n>w = key expires in n weeks
+          <n>m = key expires in n months
+          <n>y = key expires in n years
+    Key is valid for? (0) 0
+    Key does not expire at all
+    ```
+1. Confirm that the answers you gave were correct by typing `y`:
+    ```
+    Is this correct? (y/N) y
+    ```
+1. Enter you real name, the email address to be associated with this key (should
+   match the primary email address you use in GitLab) and an optional comment
+   (press <kbd>Enter</kbd> to skip):
+    ```
+    GnuPG needs to construct a user ID to identify your key.
+    Real name: Mr. Robot
+    Email address: mr@robot.sh
+    Comment:
+    You selected this USER-ID:
+        "Mr. Robot <mr@robot.sh>"
+    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
+    ```
+1. Pick a strong password when asked and type it twice to confirm.
+1. Use the following command to list the private GPG key you just created:
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+    Replace `mr@robot.sh` with the email address you entered above.
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+1. Export the public key of that ID (replace your key ID from the previous step):
+    ```
+    gpg --armor --export 0x30F2B65B9246B6CA
+    ```
+1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
+## Adding a GPG key to your account
+>**Note:**
+Once you add a key, you cannot edit it, only remove it. In case the paste
+didn't work, you'll have to remove the offending key and re-add it.
+You can add a GPG key in your profile's settings:
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+    ![Settings dropdown](../../../profile/img/profile_settings_dropdown.png)
+1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
+   box.
+    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
+1. Finally, click on **Add key** to add it to GitLab. You will be able to see
+   its fingerprint, the corresponding email address and creation date.
+    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
+## Associating your GPG key with Git
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
+key to use.
+1. Use the following command to list the private GPG key you just created:
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+    Replace `mr@robot.sh` with the email address you entered above.
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+1. Tell Git to use that key to sign the commits:
+    ```
+    git config --global user.signingkey 0x30F2B65B9246B6CA
+    ```
+    Replace `0x30F2B65B9246B6CA` with your GPG key ID.
+## Signing commits
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), you can start signing your
+commits:
+1. Commit like you used to, the only difference is the addition of the `-S` flag:
+    ```
+    git commit -S -m "My commit msg"
+    ```
+1. Enter the passphrase of your GPG key when asked.
+1. Push to GitLab and check that your commits [are verified](#verifying-commits).
+If you don't want to type the `-S` flag every time you commit, you can tell Git
+to sign your commits automatically:
+```
+git config --global commit.gpgsign true
+```
+## Verifying commits
+1. Within a project or [merge request](../../merge_requests/index.md), navigate to
+   the **Commits** tab. Signed commits will show a badge containing either
+   "Verified" or "Unverified", depending on the verification status of the GPG
+   signature.
+    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
+1. By clicking on the GPG badge, details of the signature are displayed.
+    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
+    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
+## Revoking a GPG key
+Revoking a key **unverifies** already signed commits. Commits that were
+verified by using this key will change to an unverified state. Future commits
+will also stay unverified once you revoke this key. This action should be used
+in case your key has been compromised.
+To revoke a GPG key:
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on **Revoke** besides the GPG key you want to delete.
+## Removing a GPG key
+Removing a key **does not unverify** already signed commits. Commits that were
+verified by using this key will stay verified. Only unpushed commits will stay
+unverified once you remove this key. To unverify already signed commits, you need
+to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
+To remove a GPG key from your account:
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on the trash icon besides the GPG key you want to delete.
+[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -22,7 +22,7 @@ you to [connect with GitLab via SSH](../../../ssh/README.md).
 ## Files
-## Create and edit files
+### Create and edit files
 Host your codebase in GitLab repositories by pushing your files to GitLab.
 You can either use the user interface (UI), or connect your local computer
@@ -111,6 +111,8 @@ right from the UI.
 - **Revert a commit:**
 Easily [revert a commit](../merge_requests/revert_changes.md#reverting-a-commit)
 from the UI to a selected branch.
+- **Sign a commit:**
+Use GPG to [sign your commits](gpg_signed_commits/index.md).
 ## Repository size

--- a/features/project/commits/user_lookup.feature
+++ b/features/project/commits/user_lookup.feature
-@project_commits
-Feature: Project Commits User Lookup
-  Background:
-    Given I sign in as a user
-    And I own a project
-    And I visit my project's commits page
-  Scenario: I browse commit from list
-    Given I have user with primary email
-    When I click on commit link
-    Then I see author based on primary email
-  Scenario: I browse another commit from list
-    Given I have user with secondary email
-    When I click on another commit link
-    Then I see author based on secondary email
--- a/features/steps/project/commits/user_lookup.rb
+++ b/features/steps/project/commits/user_lookup.rb
-class Spinach::Features::ProjectCommitsUserLookup < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-  step 'I click on commit link' do
-    visit project_commit_path(@project, sample_commit.id)
-  end
-  step 'I click on another commit link' do
-    visit project_commit_path(@project, sample_commit.parent_id)
-  end
-  step 'I have user with primary email' do
-    user_primary
-  end
-  step 'I have user with secondary email' do
-    user_secondary
-  end
-  step 'I see author based on primary email' do
-    check_author_link(sample_commit.author_email, user_primary)
-  end
-  step 'I see author based on secondary email' do
-    check_author_link(sample_commit.author_email, user_secondary)
-  end
-  def check_author_link(email, user)
-    author_link = find('.commit-author-link')
-    expect(author_link['href']).to eq user_path(user)
-    expect(author_link['title']).to eq email
-    expect(find('.commit-author-name').text).to eq user.name
-  end
-  def user_primary
-    @user_primary ||= create(:user, email: 'dmitriy.zaporozhets@gmail.com')
-  end
-  def user_secondary
-    @user_secondary ||= begin
-                          user = create(:user, email: 'dzaporozhets@example.com')
-                          create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
-                          user
-                        end
-  end
-end
--- a/lib/api/branches.rb
+++ b/lib/api/branches.rb
@@ -130,7 +130,7 @@ module API
        commit = user_project.repository.commit(branch.dereferenced_target)
-        destroy_conditionally!(commit, last_update_field: :authored_date) do
+        destroy_conditionally!(commit, last_updated: commit.authored_date) do
          result = DeleteBranchService.new(user_project, current_user)
                    .execute(params[:branch])

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -19,8 +19,10 @@ module API
      end
    end
-    def destroy_conditionally!(resource, last_update_field: :updated_at)
+    def destroy_conditionally!(resource, last_updated: nil)
-      check_unmodified_since!(resource.public_send(last_update_field))
+      last_updated ||= resource.updated_at
+      check_unmodified_since!(last_updated)
      status 204
      if block_given?

--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -70,7 +70,7 @@ module API
        commit = user_project.repository.commit(tag.dereferenced_target)
-        destroy_conditionally!(commit, last_update_field: :authored_date) do
+        destroy_conditionally!(commit, last_updated: commit.authored_date) do
          result = ::Tags::DestroyService.new(user_project, current_user)
                    .execute(params[:tag_name])

--- a/spec/features/projects/commit/rss_spec.rb
+++ b/spec/features/projects/commit/rss_spec.rb
--- a/spec/features/projects/commits/user_browses_commits_spec.rb
+++ b/spec/features/projects/commits/user_browses_commits_spec.rb
+require 'spec_helper'
+describe 'User broweses commits' do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :repository, namespace: user.namespace) }
+  before do
+    project.add_master(user)
+    sign_in(user)
+  end
+  context 'primary email' do
+    it 'finds a commit by a primary email' do
+      user = create(:user, email: 'dmitriy.zaporozhets@gmail.com')
+      visit(project_commit_path(project, RepoHelpers.sample_commit.id))
+      check_author_link(RepoHelpers.sample_commit.author_email, user)
+    end
+  end
+  context 'secondary email' do
+    it 'finds a commit by a secondary email' do
+      user =
+        create(:user) do |user|
+          create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
+        end
+      visit(project_commit_path(project, RepoHelpers.sample_commit.parent_id))
+      check_author_link(RepoHelpers.sample_commit.author_email, user)
+    end
+  end
+end
+private
+def check_author_link(email, author)
+  author_link = find('.commit-author-link')
+  expect(author_link['href']).to eq(user_path(author))
+  expect(author_link['title']).to eq(email)
+  expect(find('.commit-author-name').text).to eq(author.name)
+end