Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into pages-guides

.gitlab-ci.yml

@@ -240,7 +240,7 @@ rake db:seed_fu:
     paths:
       - log/development.log
 
-karma:
+rake karma:
   cache:
     paths:
       - vendor/ruby
@@ -387,7 +387,7 @@ pages:
   <<: *dedicated-runner
   dependencies:
     - coverage
-    - karma
+    - rake karma
     - lint:javascript:report
   script:
     - mv public/ .public/

GITLAB_PAGES_VERSION

-0.3.0
+0.3.1

Gemfile

 source 'https://rubygems.org'
 
-gem 'rails', '4.2.7.1'
+gem 'rails', '4.2.8'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 
 # Responders respond_to and respond_with
@@ -34,7 +34,7 @@ gem 'omniauth-saml',          '~> 1.7.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd',         '~> 2.2.0'
-gem 'omniauth-authentiq',     '~> 0.2.0'
+gem 'omniauth-authentiq',     '~> 0.3.0'
 gem 'rack-oauth2',            '~> 1.2.1'
 gem 'jwt',                    '~> 1.5.6'
 

Gemfile.lock

@@ -3,40 +3,39 @@ GEM
   specs:
     RedCloth (4.3.2)
     ace-rails-ap (4.1.0)
-    actionmailer (4.2.7.1)
-      actionpack (= 4.2.7.1)
-      actionview (= 4.2.7.1)
-      activejob (= 4.2.7.1)
+    actionmailer (4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.7.1)
-      actionview (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    actionpack (4.2.8)
+      actionview (= 4.2.8)
+      activesupport (= 4.2.8)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.7.1)
-      activesupport (= 4.2.7.1)
+    actionview (4.2.8)
+      activesupport (= 4.2.8)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    activejob (4.2.7.1)
-      activesupport (= 4.2.7.1)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (4.2.8)
+      activesupport (= 4.2.8)
       globalid (>= 0.3.0)
-    activemodel (4.2.7.1)
-      activesupport (= 4.2.7.1)
+    activemodel (4.2.8)
+      activesupport (= 4.2.8)
       builder (~> 3.1)
-    activerecord (4.2.7.1)
-      activemodel (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    activerecord (4.2.8)
+      activemodel (= 4.2.8)
+      activesupport (= 4.2.8)
       arel (~> 6.0)
     activerecord_sane_schema_dumper (0.2)
       rails (>= 4, < 5)
-    activesupport (4.2.7.1)
+    activesupport (4.2.8)
       i18n (~> 0.7)
-      json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
@@ -47,7 +46,7 @@ GEM
       activerecord (>= 3.0)
     akismet (2.0.0)
     allocations (1.0.5)
-    arel (6.0.3)
+    arel (6.0.4)
     asana (0.4.0)
       faraday (~> 0.9)
       faraday_middleware (~> 0.9)
@@ -86,7 +85,7 @@ GEM
       sass (>= 3.3.4)
     brakeman (3.4.1)
     browser (2.2.0)
-    builder (3.2.2)
+    builder (3.2.3)
     bullet (5.2.0)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.10.0)
@@ -127,7 +126,7 @@ GEM
       execjs
     coffee-script-source (1.10.0)
     colorize (0.7.7)
-    concurrent-ruby (1.0.2)
+    concurrent-ruby (1.0.4)
     connection_pool (2.2.1)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
@@ -354,7 +353,7 @@ GEM
       json (~> 1.8)
       multi_xml (>= 0.5.2)
     httpclient (2.8.2)
-    i18n (0.7.0)
+    i18n (0.8.0)
     ice_nine (0.11.1)
     influxdb (0.2.3)
       cause
@@ -370,7 +369,7 @@ GEM
       thor (>= 0.14, < 2.0)
     jquery-ui-rails (5.0.5)
       railties (>= 3.2.16)
-    json (1.8.3)
+    json (1.8.6)
     json-schema (2.6.2)
       addressable (~> 2.3.8)
     jwt (1.5.6)
@@ -429,9 +428,8 @@ GEM
     net-ssh (3.0.1)
     netrc (0.11.0)
     newrelic_rpm (3.16.0.318)
-    nokogiri (1.6.8)
+    nokogiri (1.6.8.1)
       mini_portile2 (~> 2.1.0)
-      pkg-config (~> 1.1.7)
     numerizer (0.1.1)
     oauth (0.5.1)
     oauth2 (1.2.0)
@@ -448,7 +446,7 @@ GEM
       rack (>= 1.0, < 3)
     omniauth-auth0 (1.4.1)
       omniauth-oauth2 (~> 1.1)
-    omniauth-authentiq (0.2.2)
+    omniauth-authentiq (0.3.0)
       omniauth-oauth2 (~> 1.3, >= 1.3.1)
     omniauth-azure-oauth2 (0.0.6)
       jwt (~> 1.0)
@@ -506,7 +504,6 @@ GEM
     parser (2.3.1.4)
       ast (~> 2.2)
     pg (0.18.4)
-    pkg-config (1.1.7)
     poltergeist (1.9.0)
       capybara (~> 2.1)
       cliver (~> 0.3.1)
@@ -548,28 +545,28 @@ GEM
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.7.1)
-      actionmailer (= 4.2.7.1)
-      actionpack (= 4.2.7.1)
-      actionview (= 4.2.7.1)
-      activejob (= 4.2.7.1)
-      activemodel (= 4.2.7.1)
-      activerecord (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    rails (4.2.8)
+      actionmailer (= 4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
+      activemodel (= 4.2.8)
+      activerecord (= 4.2.8)
+      activesupport (= 4.2.8)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.7.1)
+      railties (= 4.2.8)
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.7)
+    rails-dom-testing (1.0.8)
       activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+      nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.7.1)
-      actionpack (= 4.2.7.1)
-      activesupport (= 4.2.7.1)
+    railties (4.2.8)
+      actionpack (= 4.2.8)
+      activesupport (= 4.2.8)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rainbow (2.1.0)
@@ -733,10 +730,10 @@ GEM
       spring (>= 0.9.1)
     spring-commands-spinach (1.1.0)
       spring (>= 0.9.1)
-    sprockets (3.7.0)
+    sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.1.1)
+    sprockets-rails (3.2.0)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
@@ -760,7 +757,7 @@ GEM
       daemons (~> 1.0, >= 1.0.9)
       eventmachine (~> 1.0, >= 1.0.4)
       rack (>= 1, < 3)
-    thor (0.19.1)
+    thor (0.19.4)
     thread_safe (0.3.5)
     tilt (2.0.5)
     timecop (0.8.1)
@@ -925,7 +922,7 @@ DEPENDENCIES
   oj (~> 2.17.4)
   omniauth (~> 1.3.2)
   omniauth-auth0 (~> 1.4.1)
-  omniauth-authentiq (~> 0.2.0)
+  omniauth-authentiq (~> 0.3.0)
   omniauth-azure-oauth2 (~> 0.0.6)
   omniauth-cas3 (~> 1.1.2)
   omniauth-facebook (~> 4.0.0)
@@ -949,7 +946,7 @@ DEPENDENCIES
   rack-cors (~> 0.4.0)
   rack-oauth2 (~> 1.2.1)
   rack-proxy (~> 0.6.0)
-  rails (= 4.2.7.1)
+  rails (= 4.2.8)
   rails-deprecated_sanitizer (~> 1.0.3)
   rainbow (~> 2.1.0)
   rblineprof (~> 0.3.6)

README.md

@@ -29,7 +29,7 @@ We're hiring developers, support people, and production engineers all the time,
 There are two editions of GitLab:
 
 - GitLab Community Edition (CE) is available freely under the MIT Expat license.
-- GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/features/#compare) that are more useful for organizations with more than 100 users. To use EE and get official support please [become a subscriber](https://about.gitlab.com/pricing/).
+- GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/products/#compare-options) that are more useful for organizations with more than 100 users. To use EE and get official support please [become a subscriber](https://about.gitlab.com/products/).
 
 ## Website
 

app/assets/javascripts/filtered_search/filtered_search_manager.js.es6

@@ -173,7 +173,7 @@
       tokens.forEach((token) => {
         const condition = gl.FilteredSearchTokenKeys
           .searchByConditionKeyValue(token.key, token.value.toLowerCase());
-        const { param } = gl.FilteredSearchTokenKeys.searchByKey(token.key);
+        const { param } = gl.FilteredSearchTokenKeys.searchByKey(token.key) || {};
         const keyParam = param ? `${token.key}_${param}` : token.key;
         let tokenPath = '';
 

app/assets/javascripts/filtered_search/filtered_search_tokenizer.js.es6

+require('./filtered_search_token_keys');
+
 (() => {
   class FilteredSearchTokenizer {
     static processTokens(input) {
+      const allowedKeys = gl.FilteredSearchTokenKeys.get().map(i => i.key);
       // Regex extracts `(token):(symbol)(value)`
       // Values that start with a double quote must end in a double quote (same for single)
-      const tokenRegex = /(\w+):([~%@]?)(?:('[^']*'{0,1})|("[^"]*"{0,1})|(\S+))/g;
+      const tokenRegex = new RegExp(`(${allowedKeys.join('|')}):([~%@]?)(?:('[^']*'{0,1})|("[^"]*"{0,1})|(\\S+))`, 'g');
       const tokens = [];
       let lastToken = null;
       const searchToken = input.replace(tokenRegex, (match, key, symbol, v1, v2, v3) => {

app/assets/javascripts/gl_dropdown.js

@@ -47,9 +47,10 @@
           }
           // Only filter asynchronously only if option remote is set
           if (this.options.remote) {
-            $inputContainer.parent().addClass('is-loading');
             clearTimeout(timeout);
             return timeout = setTimeout(function() {
+              $inputContainer.parent().addClass('is-loading');
+
               return this.options.query(this.input.val(), function(data) {
                 $inputContainer.parent().removeClass('is-loading');
                 return this.options.callback(data);

app/assets/stylesheets/framework/header.scss

@@ -148,16 +148,11 @@ header {
     }
 
     .header-logo {
-      position: absolute;
-      left: 50%;
+      display: inline-block;
+      margin: 0 8px 0 3px;
+      position: relative;
       top: 7px;
       transition-duration: .3s;
-      z-index: 999;
-
-      #logo {
-        position: relative;
-        left: -50%;
-      }
 
       svg,
       img {
@@ -167,15 +162,6 @@ header {
       &:hover {
         cursor: pointer;
       }
-
-      @media (max-width: $screen-xs-max) {
-        right: 20px;
-        left: auto;
-
-        #logo {
-          left: auto;
-        }
-      }
     }
 
     .title {
@@ -183,7 +169,7 @@ header {
       padding-right: 20px;
       margin: 0;
       font-size: 18px;
-      max-width: 385px;
+      max-width: 450px;
       display: inline-block;
       line-height: $header-height;
       font-weight: normal;
@@ -193,10 +179,6 @@ header {
       vertical-align: top;
       white-space: nowrap;
 
-      @media (min-width: $screen-sm-min) and (max-width: $screen-sm-max) {
-        max-width: 300px;
-      }
-
       @media (max-width: $screen-xs-max) {
         max-width: 190px;
       }

app/assets/stylesheets/framework/nav.scss

 @mixin fade($gradient-direction, $gradient-color) {
   visibility: hidden;
   opacity: 0;
-  z-index: 2;
+  z-index: 1;
   position: absolute;
   bottom: 12px;
   width: 43px;
@@ -18,7 +18,7 @@
 
   .fa {
     position: relative;
-    top: 5px;
+    top: 6px;
     font-size: 18px;
   }
 }
@@ -79,7 +79,6 @@
   }
 
   &.sub-nav {
-    text-align: center;
     background-color: $gray-normal;
 
     .container-fluid {
@@ -287,7 +286,6 @@
   background: $gray-light;
   border-bottom: 1px solid $border-color;
   transition: padding $sidebar-transition-duration;
-  text-align: center;
 
   .container-fluid {
     position: relative;
@@ -353,7 +351,7 @@
     right: -5px;
 
     .fa {
-      right: -7px;
+      right: -28px;
     }
   }
 
@@ -383,7 +381,7 @@
       left: 0;
 
       .fa {
-        left: 10px;
+        left: -4px;
       }
     }
   }

app/assets/stylesheets/pages/pipelines.scss

@@ -222,6 +222,11 @@
       }
     }
 
+    .dropdown-menu {
+      max-height: 250px;
+      overflow-y: auto;
+    }
+
     .dropdown-toggle,
     .dropdown-menu {
       color: $gl-text-color-secondary;

app/assets/stylesheets/pages/projects.scss

@@ -268,6 +268,13 @@
   }
 }
 
+.project-repo-buttons {
+  .project-action-button .dropdown-menu {
+    max-height: 250px;
+    overflow-y: auto;
+  }
+}
+
 .split-one {
   display: inline-table;
   margin-right: 12px;
@@ -645,30 +652,24 @@ pre.light-well {
   }
 }
 
-.project-last-commit {
-  @media (min-width: $screen-sm-min) {
-    margin-top: $gl-padding;
+.container-fluid.project-stats-container {
+  @media (max-width: $screen-xs-max) {
+    padding: 12px 0;
   }
+}
 
-  &.container-fluid {
-    padding-top: 12px;
-    padding-bottom: 12px;
+.project-last-commit {
   background-color: $gray-light;
+  padding: 12px $gl-padding;
   border: 1px solid $border-color;
-    border-right-width: 0;
-    border-left-width: 0;
 
   @media (min-width: $screen-sm-min) {
-      border-right-width: 1px;
-      border-left-width: 1px;
-    }
+    margin-top: $gl-padding;
   }
 
-  &.container-limited {
-    @media (min-width: 1281px) {
+  @media (min-width: $screen-sm-min) {
     border-radius: $border-radius-base;
   }
-  }
 
   .ci-status {
     margin-right: $gl-padding;

app/assets/stylesheets/pages/todos.scss

@@ -43,6 +43,12 @@
     }
   }
 
+  .todo-avatar,
+  .todo-actions {
+    -webkit-flex: 0 0 auto;
+    flex: 0 0 auto;
+  }
+
   .todo-actions {
     display: -webkit-flex;
     display: flex;
@@ -55,8 +61,9 @@
   }
 
   .todo-item {
-    -webkit-flex: auto;
-    flex: auto;
+    -webkit-flex: 0 1 100%;
+    flex: 0 1 100%;
+    min-width: 0;
   }
 }
 
@@ -74,8 +81,29 @@
 
 .todo-item {
   .todo-title {
-    @include str-truncated(calc(100% - 174px));
-    overflow: visible;
+    display: flex;
+
+    & > .title-item {
+      -webkit-flex: 0 0 auto;
+      flex: 0 0 auto;
+      margin: 0 2px;
+
+      &:first-child {
+        margin-left: 0;
+      }
+
+      &:last-child {
+        margin-right: 0;
+      }
+    }
+
+    .todo-label {
+      -webkit-flex: 0 1 auto;
+      flex: 0 1 auto;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      white-space: nowrap;
+    }
   }
 
   .status-box {
@@ -154,10 +182,12 @@
 
   .todo-item {
     .todo-title {
-      white-space: normal;
-      overflow: visible;
-      max-width: 100%;
+      flex-flow: row wrap;
       margin-bottom: 10px;
+
+      .todo-label {
+        white-space: normal;
+      }
     }
 
     .todo-body {

app/controllers/concerns/creates_commit.rb

@@ -104,22 +104,14 @@ module CreatesCommit
     if can?(current_user, :push_code, @project)
       # Edit file in this project
       @mr_source_project = @project
-
-      if @project.forked?
-        # Merge request from this project to fork origin
-        @mr_target_project = @project.forked_from_project
-        @mr_target_branch = @mr_target_project.repository.root_ref
-      else
-        # Merge request to this project
-        @mr_target_project = @project
-        @mr_target_branch = @ref || @target_branch
-      end
     else
       # Merge request from fork to this project
       @mr_source_project = current_user.fork_of(@project)
+    end
+
+    # Merge request to this project
     @mr_target_project = @project
     @mr_target_branch = @ref || @target_branch
-    end
 
     @mr_source_branch = guess_mr_source_branch
   end

app/controllers/omniauth_callbacks_controller.rb

@@ -78,6 +78,13 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
     handle_omniauth
   end
 
+  def authentiq
+    if params['sid']
+      handle_service_ticket oauth['provider'], params['sid']
+    end
+    handle_omniauth
+  end
+
   private
 
   def handle_omniauth

app/helpers/namespaces_helper.rb

 module NamespacesHelper
+  def namespace_id_from(params)
+    params.dig(:project, :namespace_id) || params[:namespace_id]
+  end
+
   def namespaces_options(selected = :current_user, display_path: false, extra_group: nil)
     groups = current_user.owned_groups + current_user.masters_groups
 

app/models/concerns/spammable.rb

@@ -22,6 +22,10 @@ module Spammable
     delegate :ip_address, :user_agent, to: :user_agent_detail, allow_nil: true
   end
 
+  def submittable_as_spam_by?(current_user)
+    current_user && current_user.admin? && submittable_as_spam?
+  end
+
   def submittable_as_spam?
     if user_agent_detail
       user_agent_detail.submittable? && current_application_settings.akismet_enabled

app/services/users/destroy_service.rb

@@ -7,6 +7,10 @@ module Users
     end
 
     def execute(user, options = {})
+      unless current_user.admin? || current_user == user
+        raise Gitlab::Access::AccessDeniedError, "#{current_user} tried to destroy user #{user}!"
+      end
+
       if !options[:delete_solo_owned_groups] && user.solo_owned_groups.present?
         user.errors[:base] << 'You must transfer ownership or delete groups before you can remove user'
         return user

app/views/dashboard/todos/_todo.html.haml

 %li{ class: "todo todo-#{todo.done? ? 'done' : 'pending'}", id: dom_id(todo), data: { url: todo_target_path(todo) } }
+  .todo-avatar
     = author_avatar(todo, size: 40)
 
   .todo-item.todo-block
@@ -6,22 +7,26 @@
       - unless todo.build_failed? || todo.unmergeable?
         = todo_target_state_pill(todo)
 
-        %span.author-name
+        .title-item.author-name
           - if todo.author
             = link_to_author(todo)
           - else
             (removed)
 
-      %span.action-name
+      .title-item.action-name
         = todo_action_name(todo)
 
-      %span.todo-label
+      .title-item.todo-label
         - if todo.target
           = todo_target_link(todo)
         - else
           (removed)
 
-      · #{time_ago_with_tooltip(todo.created_at)}
+      .title-item
+        ·
+
+      .title-item
+        #{time_ago_with_tooltip(todo.created_at)}
         = todo_due_date(todo)
 
     .todo-body

app/views/layouts/_page.html.haml

 .page-with-sidebar{ class: page_gutter_class }
   - if defined?(nav) && nav
     .layout-nav
-      .container-fluid
+      %div{ class: container_class }
         = render "layouts/nav/#{nav}"
   .content-wrapper{ class: "#{layout_nav_class}" }
     = yield :sub_nav

app/views/layouts/header/_default.html.haml

@@ -61,12 +61,12 @@
               %div
                 = link_to "Sign in", new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in btn-success'
 
-      %h1.title= title
-
       .header-logo
         = link_to root_path, class: 'home', title: 'Dashboard', id: 'logo' do
           = brand_header_logo
 
+      %h1.title= title
+
       = yield :header_content
 
 = render 'shared/outdated_browser'

app/views/projects/commit/_pipeline.html.haml

@@ -3,7 +3,7 @@
     .pull-right
       - if can?(current_user, :update_pipeline, pipeline.project)
         - if pipeline.builds.latest.failed.any?(&:retryable?)
-          = link_to "Retry failed", retry_namespace_project_pipeline_path(pipeline.project.namespace, pipeline.project, pipeline.id), class: 'btn btn-grouped btn-primary', method: :post
+          = link_to "Retry", retry_namespace_project_pipeline_path(pipeline.project.namespace, pipeline.project, pipeline.id), class: 'js-retry-button btn btn-grouped btn-primary', method: :post
 
         - if pipeline.builds.running_or_pending.any?
           = link_to "Cancel running", cancel_namespace_project_pipeline_path(pipeline.project.namespace, pipeline.project, pipeline.id), data: { confirm: 'Are you sure?' }, class: 'btn btn-grouped btn-danger', method: :post

app/views/projects/issues/show.html.haml

@@ -40,7 +40,7 @@
                 = link_to 'Close issue', issue_path(@issue, issue: { state_event: :close }, format: 'json'), data: {no_turbolink: true}, class: "btn-close #{issue_button_visibility(@issue, true)}", title: 'Close issue'
               %li
                 = link_to 'Edit', edit_namespace_project_issue_path(@project.namespace, @project, @issue)
-            - if @issue.submittable_as_spam? && current_user.admin?
+            - if @issue.submittable_as_spam_by?(current_user)
               %li
                 = link_to 'Submit as spam', mark_as_spam_namespace_project_issue_path(@project.namespace, @project, @issue), method: :post, class: 'btn-spam', title: 'Submit as spam'
 
@@ -50,7 +50,7 @@
         - if can?(current_user, :update_issue, @issue)
           = link_to 'Reopen issue', issue_path(@issue, issue: { state_event: :reopen }, format: 'json'), data: {no_turbolink: true}, class: "hidden-xs hidden-sm btn btn-grouped btn-reopen #{issue_button_visibility(@issue, false)}", title: 'Reopen issue'
           = link_to 'Close issue', issue_path(@issue, issue: { state_event: :close }, format: 'json'), data: {no_turbolink: true}, class: "hidden-xs hidden-sm btn btn-grouped btn-close #{issue_button_visibility(@issue, true)}", title: 'Close issue'
-          - if @issue.submittable_as_spam? && current_user.admin?
+          - if @issue.submittable_as_spam_by?(current_user)
             = link_to 'Submit as spam', mark_as_spam_namespace_project_issue_path(@project.namespace, @project, @issue), method: :post, class: 'hidden-xs hidden-sm btn btn-grouped btn-spam', title: 'Submit as spam'
           = link_to 'Edit', edit_namespace_project_issue_path(@project.namespace, @project, @issue), class: 'hidden-xs hidden-sm btn btn-grouped issuable-edit'
 

app/views/projects/new.html.haml

@@ -22,7 +22,7 @@
                 - if current_user.can_select_namespace?
                   .input-group-addon
                     = root_url
-                  = f.select :namespace_id, namespaces_options(params[:namespace_id] || :current_user, display_path: true), {}, {class: 'select2 js-select-namespace', tabindex: 1}
+                  = f.select :namespace_id, namespaces_options(namespace_id_from(params) || :current_user, display_path: true), {}, {class: 'select2 js-select-namespace', tabindex: 1}
 
                 - else
                   .input-group-addon.static-namespace

app/views/projects/pipelines/_info.html.haml

@@ -8,7 +8,7 @@
   .header-action-buttons
     - if can?(current_user, :update_pipeline, @pipeline.project)
       - if @pipeline.retryable?
-        = link_to "Retry failed", retry_namespace_project_pipeline_path(@pipeline.project.namespace, @pipeline.project, @pipeline.id), class: 'btn btn-inverted-secondary', method: :post
+        = link_to "Retry", retry_namespace_project_pipeline_path(@pipeline.project.namespace, @pipeline.project, @pipeline.id), class: 'js-retry-button btn btn-inverted-secondary', method: :post
       - if @pipeline.cancelable?
         = link_to "Cancel running", cancel_namespace_project_pipeline_path(@pipeline.project.namespace, @pipeline.project, @pipeline.id), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post
 

app/views/projects/pipelines_settings/_show.html.haml

@@ -60,7 +60,7 @@
           = f.label :build_coverage_regex, "Test coverage parsing", class: 'label-light'
           .input-group
             %span.input-group-addon /
-            = f.text_field :build_coverage_regex, class: 'form-control', placeholder: '\(\d+.\d+\%\) covered'
+            = f.text_field :build_coverage_regex, class: 'form-control', placeholder: 'Regular expression'
             %span.input-group-addon /
           %p.help-block
             A regular expression that will be used to find the test coverage

app/views/projects/show.html.haml

@@ -13,7 +13,8 @@
 = render "home_panel"
 
 - if current_user && can?(current_user, :download_code, @project)
-  %nav.project-stats{ class: container_class }
+  .project-stats-container{ class: container_class }
+    %nav.project-stats
       %ul.nav
         %li
           = link_to project_files_path(@project) do
@@ -74,7 +75,7 @@
                 Set up auto deploy
 
     - if @repository.commit
-    .project-last-commit{ class: container_class }
+      .project-last-commit
         = render 'projects/last_commit', commit: @repository.commit, ref: current_ref, project: @project
 
 %div{ class: container_class }

app/views/projects/snippets/_actions.html.haml

@@ -10,7 +10,7 @@
   - if can?(current_user, :create_project_snippet, @project)
     = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: 'btn btn-grouped btn-inverted btn-create', title: "New snippet" do
       New snippet
-  - if @snippet.submittable_as_spam? && current_user.admin?
+  - if @snippet.submittable_as_spam_by?(current_user)
     = link_to 'Submit as spam', mark_as_spam_namespace_project_snippet_path(@project.namespace, @project, @snippet), method: :post, class: 'btn btn-grouped btn-spam', title: 'Submit as spam'
 - if can?(current_user, :create_project_snippet, @project) || can?(current_user, :update_project_snippet, @snippet)
   .visible-xs-block.dropdown
@@ -31,6 +31,6 @@
           %li
             = link_to edit_namespace_project_snippet_path(@project.namespace, @project, @snippet) do
               Edit
-        - if @snippet.submittable_as_spam? && current_user.admin?
+        - if @snippet.submittable_as_spam_by?(current_user)
           %li
             = link_to 'Submit as spam', mark_as_spam_namespace_project_snippet_path(@project.namespace, @project, @snippet), method: :post

app/views/search/_results.html.haml

@@ -11,7 +11,7 @@
 
   .results.prepend-top-10
     - if @scope == 'commits'
-      %ul.list-unstyled
+      %ul.content-list.commit-list.table-list.table-wide
         = render partial: "search/results/commit", collection: @search_objects
     - else
       .search-results

app/views/search/results/_snippet_blob.html.haml

@@ -12,9 +12,9 @@
     %span.light= time_ago_with_tooltip(snippet.created_at)
   %h4.snippet-title
   - snippet_path = reliable_snippet_path(snippet)
-  = link_to snippet_path do
   .file-holder
     .js-file-title.file-title
+      = link_to snippet_path do
         %i.fa.fa-file
         %strong= snippet.file_name
     - if markup?(snippet.file_name)
@@ -36,17 +36,10 @@
                 = link_to snippet_path+"#L#{i}", id: "L#{i}", rel: "#L#{i}", class: "diff-line-num" do
                   %i.fa.fa-link
                   = i
-                - unless snippet == snippet_chunks.last
-                  %a.diff-line-num
-                    = "."
-          %pre.code
-            %code
+        .blob-content
           - snippet_chunks.each do |chunk|
             - unless chunk[:data].empty?
-                  = chunk[:data]
-                  - unless chunk == snippet_chunks.last
-                    %a
-                      = "..."
+              = highlight(snippet.file_name, chunk[:data], repository: nil, plain: snippet.no_highlighting?)
             - else
               .file-content.code
                 .nothing-here-block Empty file

app/views/shared/members/_member.html.haml

@@ -61,7 +61,7 @@
                 = dropdown_title("Change permissions")
                 .dropdown-content
                   %ul
-                    - Gitlab::Access.options.each do |role, role_id|
+                    - member.class.access_level_roles.each do |role, role_id|
                       %li
                         = link_to role, "javascript:void(0)",
                           class: ("is-active" if member.access_level == role_id),

app/views/snippets/_actions.html.haml

@@ -9,7 +9,7 @@
       Delete
   = link_to new_snippet_path, class: "btn btn-grouped btn-inverted btn-create", title: "New snippet" do
     New snippet
-  - if @snippet.submittable_as_spam? && current_user.admin?
+  - if @snippet.submittable_as_spam_by?(current_user)
     = link_to 'Submit as spam', mark_as_spam_snippet_path(@snippet), method: :post, class: 'btn btn-grouped btn-spam', title: 'Submit as spam'
 .visible-xs-block.dropdown
   %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
@@ -28,6 +28,6 @@
         %li
           = link_to edit_snippet_path(@snippet) do
             Edit
-      - if @snippet.submittable_as_spam? && current_user.admin?
+      - if @snippet.submittable_as_spam_by?(current_user)
         %li
           = link_to 'Submit as spam', mark_as_spam_snippet_path(@snippet), method: :post

app/workers/delete_user_worker.rb

@@ -7,5 +7,7 @@ class DeleteUserWorker
     current_user = User.find(current_user_id)
 
     Users::DestroyService.new(current_user).execute(delete_user, options.symbolize_keys)
+  rescue Gitlab::Access::AccessDeniedError => e
+    Rails.logger.warn("User could not be destroyed: #{e}")
   end
 end

changelogs/unreleased/26206-fix-download-dropdown.yml

+---
+title: Set dropdown height fixed to 250px and make it scrollable
+merge_request: 9063
+author:

changelogs/unreleased/26315-unify-labels-filter-behavior.yml

+---
+title: Unify issues search behavior by always filtering when ALL labels matches
+merge_request: 8849
+author:

changelogs/unreleased/27934-left-align-nav.yml

+---
+title: Left align navigation
+merge_request:
+author:

changelogs/unreleased/28186-long-group-names-overflow-out-of-todos-view.yml

+---
+title: Truncate long Todo titles for non-mobile screens
+merge_request: 9311
+author:

changelogs/unreleased/28204-option-to-disable-webpack-dev-server-livereload.yml

+---
+title: Pick up option from GDK to disable webpack dev server livereload
+merge_request:
+author:

changelogs/unreleased/28357-colon-search.yml

+---
+title: Allow searching issues for strings containing colons
+merge_request:
+author:

changelogs/unreleased/28389-ux-problem-with-pipeline-coverage-placeholder.yml

+---
+title: Changed coverage reg expression placeholder text to be more like a placeholder
+merge_request:
+author:

changelogs/unreleased/9381-authentiq-backchannel-logout.yml

+---
+title: Adds remote logout functionality to the Authentiq OAuth provider
+merge_request: 9381
+author: Alexandros Keramidas

changelogs/unreleased/api-star-restful.yml

+---
+title: 'API: Moved `DELETE /projects/:id/star` to `POST /projects/:id/unstar`'
+merge_request: 9328
+author: Robert Schilling

changelogs/unreleased/api-todos-restful.yml

+---
+title: 'API: Use POST requests to mark todos as done'
+merge_request: 9410
+author: Robert Schilling

changelogs/unreleased/artifactsdoc.yml

+---
+title: Added documentation for permalinks to most recent build artifacts.
+merge_request: 8934
+author: Christian Godenschwager

changelogs/unreleased/commit-search-ui-fix.yml

+---
+title: Fixed commit search UI
+merge_request:
+author:

changelogs/unreleased/feature-github-find-users-by-email.yml

+---
+title: GitHub Importer - Find users based on GitHub email address
+merge_request: 8958
+author:

changelogs/unreleased/group-memebrs-owner-level.yml

+---
+title: Added option to update to owner for group members
+merge_request:
+author:

changelogs/unreleased/rename-retry-failed-pipeline-to-retry.yml

+---
+title: Rename retry failed button on pipeline page to just retry
+merge_request:
+author:

changelogs/unreleased/sh-delete-user-permission-check.yml

+---
+title: Add user deletion permission check in `Users::DestroyService`
+merge_request:
+author:

changelogs/unreleased/snippets-search.yml

+---
+title: Fix snippets search result spacing
+merge_request:
+author:

changelogs/unreleased/updated-pages-0-3-1.yml

+---
+title: Update GitLab Pages to v0.3.1
+merge_request:
+author:

config/initializers/devise.rb

@@ -240,6 +240,17 @@ Devise.setup do |config|
           true
         end
       end
+      if provider['name'] == 'authentiq'
+        provider['args'][:remote_sign_out_handler] = lambda do |request|
+          authentiq_session = request.params['sid']
+          if Gitlab::OAuth::Session.valid?(:authentiq, authentiq_session)
+            Gitlab::OAuth::Session.destroy(:authentiq, authentiq_session)
+            true
+          else
+            false
+          end
+        end
+      end
 
       if provider['name'] == 'shibboleth'
         provider['args'][:fail_with_empty_uid] = true

config/webpack.config.js

@@ -10,6 +10,7 @@ var ROOT_PATH = path.resolve(__dirname, '..');
 var IS_PRODUCTION = process.env.NODE_ENV === 'production';
 var IS_DEV_SERVER = process.argv[1].indexOf('webpack-dev-server') !== -1;
 var DEV_SERVER_PORT = parseInt(process.env.DEV_SERVER_PORT, 10) || 3808;
+var DEV_SERVER_LIVERELOAD = process.env.DEV_SERVER_LIVERELOAD !== 'false';
 
 var config = {
   context: path.join(ROOT_PATH, 'app/assets/javascripts'),
@@ -114,6 +115,7 @@ if (IS_DEV_SERVER) {
     port: DEV_SERVER_PORT,
     headers: { 'Access-Control-Allow-Origin': '*' },
     stats: 'errors-only',
+    inline: DEV_SERVER_LIVERELOAD
   };
   config.output.publicPath = '//localhost:' + DEV_SERVER_PORT + config.output.publicPath;
 }

db/migrate/20170210103609_add_index_to_user_agent_detail.rb

+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddIndexToUserAgentDetail < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def change
+    add_concurrent_index(:user_agent_details, [:subject_id, :subject_type])
+  end
+end

db/schema.rb

@@ -1218,6 +1218,8 @@ ActiveRecord::Schema.define(version: 20170215200045) do
     t.datetime "updated_at", null: false
   end
 
+  add_index "user_agent_details", ["subject_id", "subject_type"], name: "index_user_agent_details_on_subject_id_and_subject_type", using: :btree
+
   create_table "users", force: :cascade do |t|
     t.string "email", default: "", null: false
     t.string "encrypted_password", default: "", null: false

doc/administration/auth/authentiq.md

@@ -54,7 +54,7 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t
 5. The `scope` is set to request the user's name, email (required and signed), and permission to send push notifications to sign in on subsequent visits.
 See [OmniAuth Authentiq strategy](https://github.com/AuthentiqID/omniauth-authentiq#scopes-and-redirect-uri-configuration) for more information on scopes and modifiers.
 
-6. Change 'YOUR_CLIENT_ID' and 'YOUR_CLIENT_SECRET' to the Client credentials you received in step 1.
+6. Change `YOUR_CLIENT_ID` and `YOUR_CLIENT_SECRET` to the Client credentials you received in step 1.
 
 7. Save the configuration file.
 

doc/api/issues.md

@@ -30,7 +30,7 @@ GET /issues?milestone=1.0.0&state=opened
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `state`   | string  | no    | Return all issues or just those that are `opened` or `closed`|
-| `labels`  | string  | no    | Comma-separated list of label names, issues with any of the labels will be returned |
+| `labels`  | string  | no    | Comma-separated list of label names, issues must have all labels to be returned |
 | `milestone` | string| no    | The milestone title |
 | `order_by`| string  | no    | Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at` |
 | `sort`    | string  | no    | Return requests sorted in `asc` or `desc` order. Default is `desc`  |
@@ -188,7 +188,7 @@ GET /projects/:id/issues?milestone=1.0.0&state=opened
 | `id`      | integer | yes   | The ID of a project |
 | `iid`     | integer | no    | Return the issue having the given `iid` |
 | `state`   | string  | no    | Return all issues or just those that are `opened` or `closed`|
-| `labels`  | string  | no    | Comma-separated list of label names, issues with any of the labels will be returned |
+| `labels`  | string  | no    | Comma-separated list of label names, issues must have all labels to be returned |
 | `milestone` | string| no    | The milestone title |
 | `order_by`| string  | no    | Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at` |
 | `sort`    | string  | no    | Return requests sorted in `asc` or `desc` order. Default is `desc`  |

doc/api/pipelines.md

@@ -163,7 +163,7 @@ Example of response
 }
 ```
 
-## Retry failed builds in a pipeline
+## Retry builds in a pipeline
 
 > [Introduced][ce-5837] in GitLab 8.11
 

doc/api/projects.md

@@ -609,7 +609,7 @@ Example response:
 Unstars a given project. Returns status code `304` if the project is not starred.
 
 ```
-DELETE /projects/:id/star
+POST /projects/:id/unstar
 ```
 
 | Attribute | Type | Required | Description |
@@ -617,7 +617,7 @@ DELETE /projects/:id/star
 | `id` | integer/string | yes | The ID of the project or NAMESPACE/PROJECT_NAME |
 
 ```bash
-curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/5/star"
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/5/unstar"
 ```
 
 Example response:

doc/api/todos.md

@@ -184,7 +184,7 @@ Marks a single pending todo given by its ID for the current user as done. The
 todo marked as done is returned in the response.
 
 ```
-DELETE /todos/:id
+POST /todos/:id/mark_as_done
 ```
 
 Parameters:
@@ -194,7 +194,7 @@ Parameters:
 | `id` | integer | yes | The ID of a todo |
 
 ```bash
-curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/todos/130
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/todos/130/mark_as_done
 ```
 
 Example Response:
@@ -277,20 +277,15 @@ Example Response:
 
 ## Mark all todos as done
 
-Marks all pending todos for the current user as done. It returns the number of marked todos.
+Marks all pending todos for the current user as done. It returns the HTTP status code `204` with an empty response.
 
 ```
-DELETE /todos
+POST /todos/mark_as_done
 ```
 
 ```bash
-curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/todos
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/todos/donmark_as_donee
 ```
 
-Example Response:
-
-```json
-3
-```
 
 [ce-3188]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3188

doc/api/v3_to_v4.md

@@ -13,6 +13,7 @@ changes are in V4:
 - Project snippets do not return deprecated field `expires_at`
 - Endpoints under `projects/:id/keys` have been removed (use `projects/:id/deploy_keys`)
 - Status 409 returned for POST `project/:id/members` when a member already exists
+- Moved `DELETE /projects/:id/star` to `POST /projects/:id/unstar`
 - Removed the following deprecated Templates endpoints (these are still accessible with `/templates` prefix)
   - `/licences`
   - `/licences/:key`
@@ -23,7 +24,9 @@ changes are in V4:
   - `/gitlab_ci_ymls/:key`
   - `/dockerfiles/:key`
 - Moved `/projects/fork/:id` to `/projects/:id/fork`
+- Moved `DELETE /todos` to `POST /todos/mark_as_done` and `DELETE /todos/:todo_id` to `POST /todos/:todo_id/mark_as_done`
 - Endpoints `/projects/owned`, `/projects/visible`, `/projects/starred` & `/projects/all` are consolidated into `/projects` using query parameters
 - Return pagination headers for all endpoints that return an array
 - Removed `DELETE projects/:id/deploy_keys/:key_id/disable`. Use `DELETE projects/:id/deploy_keys/:key_id` instead
 - Moved `PUT /users/:id/(block|unblock)` to `POST /users/:id/(block|unblock)`
+- Labels filter on `projects/:id/issues` and `/issues` now matches only issues containing all labels (i.e.: Logical AND, not OR)

doc/ci/docker/using_docker_images.md

@@ -39,13 +39,15 @@ accessible during the build process.
 
 ## What is an image
 
-The `image` keyword is the name of the docker image that is present in the
-local Docker Engine (list all images with `docker images`) or any image that
-can be found at [Docker Hub][hub]. For more information about images and Docker
-Hub please read the [Docker Fundamentals][] documentation.
+The `image` keyword is the name of the docker image the docker executor
+will run to perform the CI tasks.  
 
-In short, with `image` we refer to the docker image, which will be used to
-create a container on which your job will run.
+By default the executor will only pull images from [Docker Hub][hub],
+but this can be configured in the `gitlab-runner/config.toml` by setting
+the [docker pull policy][] to allow using local images.
+
+For more information about images and Docker Hub please read
+the [Docker Fundamentals][] documentation.
 
 ## What is a service
 
@@ -271,6 +273,7 @@ containers as well as all volumes (`-v`) that were created with the container
 creation.
 
 [Docker Fundamentals]: https://docs.docker.com/engine/understanding-docker/
+[docker pull policy]: https://docs.gitlab.com/runner/executors/docker.html#how-pull-policies-work
 [hub]: https://hub.docker.com/
 [linking-containers]: https://docs.docker.com/engine/userguide/networking/default_network/dockerlinks/
 [tutum/wordpress]: https://hub.docker.com/r/tutum/wordpress/

doc/development/licensing.md

@@ -64,6 +64,10 @@ Libraries with the following licenses are unacceptable for use:
 - [GNU AGPLv3][AGPLv3]: AGPL-licensed libraries cannot be linked to from non-GPL projects.
 - [Open Software License (OSL)][OSL]: is a copyleft license. In addition, the FSF [recommend against its use][OSL-GNU].
 
+## Requesting Approval for Licenses
+
+Libraries that are not listed in the [Acceptable Licenses][Acceptable-Licenses] or [Unacceptable Licenses][Unacceptable-Licenses] list can be submitted to the legal team for review. Please create an issue in the [Organization Repository][Org-Repo] and cc `@gl-legal`. After a decision has been made, the original requestor is responsible for updating this document.
+
 ## Notes
 
 Decisions regarding the GNU GPL licenses are based on information provided by [The GNU Project][GNU-GPL-FAQ], as well as [the Open Source Initiative][OSI-GPL], which both state that linking GPL libraries makes the program itself GPL.
@@ -96,3 +100,6 @@ Gems which are included only in the "development" or "test" groups by Bundler ar
 [OSI-GPL]: https://opensource.org/faq#linking-proprietary-code
 [OSL]: https://opensource.org/licenses/OSL-3.0
 [OSL-GNU]: https://www.gnu.org/licenses/license-list.en.html#OSL
+[Org-Repo]: https://gitlab.com/gitlab-com/organization
+[Acceptable-Licenses]: #acceptable-licenses
+[Unacceptable-Licenses]: #unacceptable-licenses

doc/development/testing.md

@@ -95,6 +95,25 @@ so we need to set some guidelines for their use going forward:
 
 [lets-not]: https://robots.thoughtbot.com/lets-not
 
+### Time-sensitive tests
+
+[Timecop](https://github.com/travisjeffery/timecop) is available in our
+Ruby-based tests for verifying things that are time-sensitive. Any test that
+exercises or verifies something time-sensitive should make use of Timecop to
+prevent transient test failures.
+
+Example:
+
+```ruby
+it 'is overdue' do
+  issue = build(:issue, due_date: Date.tomorrow)
+
+  Timecop.freeze(3.days.from_now) do
+    expect(issue).to be_overdue
+  end
+end
+```
+
 ### Test speed
 
 GitLab has a massive test suite that, without parallelization, can take more

doc/user/project/pipelines/job_artifacts.md

@@ -90,18 +90,43 @@ inside GitLab that make that possible.
 It is possible to download the latest artifacts of a job via a well known URL
 so you can use it for scripting purposes.
 
-The structure of the URL is the following:
+The structure of the URL to download the whole artifacts archive is the following:
 
 ```
 https://example.com/<namespace>/<project>/builds/artifacts/<ref>/download?job=<job_name>
 ```
 
-For example, to download the latest artifacts of the job named `rspec 6 20` of
+To download a single file from the artifacts use the following URL:
+
+```
+https://example.com/<namespace>/<project>/builds/artifacts/<ref>/file/<path_to_file>?job=<job_name>
+```
+
+For example, to download the latest artifacts of the job named `coverage` of
 the `master` branch of the `gitlab-ce` project that belongs to the `gitlab-org`
 namespace, the URL would be:
 
 ```
-https://gitlab.com/gitlab-org/gitlab-ce/builds/artifacts/master/download?job=rspec+6+20
+https://gitlab.com/gitlab-org/gitlab-ce/builds/artifacts/master/download?job=coverage
+```
+
+To download the file `coverage/index.html` from the same
+artifacts use the following URL:
+
+```
+https://gitlab.com/gitlab-org/gitlab-ce/builds/artifacts/master/file/coverage/index.html?job=coverage
+```
+
+There is also a URL to browse the latest job artifacts:
+
+```
+https://example.com/<namespace>/<project>/builds/artifacts/<ref>/browse?job=<job_name>
+```
+
+For example:
+
+```
+https://gitlab.com/gitlab-org/gitlab-ce/builds/artifacts/master/browse?job=coverage
 ```
 
 The latest builds are also exposed in the UI in various places. Specifically,

features/project/merge_requests/revert.feature

@@ -5,6 +5,7 @@ Feature: Revert Merge Requests
       And I am signed in as a developer of the project
       And I am on the Merge Request detail page
       And I click on Accept Merge Request
+      And I am on the Merge Request detail page
 
   @javascript
   Scenario: I revert a merge request

lib/api/api.rb

@@ -19,6 +19,7 @@ module API
       mount ::API::V3::Repositories
       mount ::API::V3::SystemHooks
       mount ::API::V3::Tags
+      mount ::API::V3::Todos
       mount ::API::V3::Templates
       mount ::API::V3::Users
     end

lib/api/issues.rb

@@ -10,17 +10,9 @@ module API
 
         args.delete(:id)
         args[:milestone_title] = args.delete(:milestone)
+        args[:label_name] = args.delete(:labels)
 
-        match_all_labels = args.delete(:match_all_labels)
-        labels = args.delete(:labels)
-        args[:label_name] = labels if match_all_labels
-
-        issues = IssuesFinder.new(current_user, args).execute.inc_notes_with_associations
-
-        # TODO: Remove in 9.0  pass `label_name: args.delete(:labels)` to IssuesFinder
-        if !match_all_labels && labels.present?
-          issues = issues.includes(:labels).where('labels.title' => labels.split(','))
-        end
+        issues = IssuesFinder.new(current_user, args).execute
 
         issues.reorder(args[:order_by] => args[:sort])
       end
@@ -77,7 +69,7 @@ module API
       get ":id/issues" do
         group = find_group!(params[:id])
 
-        issues = find_issues(group_id: group.id, state: params[:state] || 'opened', match_all_labels: true)
+        issues = find_issues(group_id: group.id, state: params[:state] || 'opened')
 
         present paginate(issues), with: Entities::Issue, current_user: current_user
       end

lib/api/pipelines.rb

@@ -58,7 +58,7 @@ module API
         present pipeline, with: Entities::Pipeline
       end
 
-      desc 'Retry failed builds in the pipeline' do
+      desc 'Retry builds in the pipeline' do
         detail 'This feature was introduced in GitLab 8.11.'
         success Entities::Pipeline
       end

lib/api/projects.rb

@@ -266,7 +266,7 @@ module API
       desc 'Unstar a project' do
         success Entities::Project
       end
-      delete ':id/star' do
+      post ':id/unstar' do
         if current_user.starred?(user_project)
           current_user.toggle_star(user_project)
           user_project.reload

lib/api/todos.rb

@@ -58,7 +58,7 @@ module API
       params do
         requires :id, type: Integer, desc: 'The ID of the todo being marked as done'
       end
-      delete ':id' do
+      post ':id/mark_as_done' do
         todo = current_user.todos.find(params[:id])
         TodoService.new.mark_todos_as_done([todo], current_user)
 
@@ -66,9 +66,11 @@ module API
       end
 
       desc 'Mark all todos as done'
-      delete do
+      post '/mark_as_done' do
         todos = find_todos
         TodoService.new.mark_todos_as_done(todos, current_user)
+
+        no_content!
       end
     end
   end

lib/api/v3/todos.rb

+module API
+  module V3
+    class Todos < Grape::API
+      before { authenticate! }
+
+      resource :todos do
+        desc 'Mark a todo as done' do
+          success ::API::Entities::Todo
+        end
+        params do
+          requires :id, type: Integer, desc: 'The ID of the todo being marked as done'
+        end
+        delete ':id' do
+          todo = current_user.todos.find(params[:id])
+          TodoService.new.mark_todos_as_done([todo], current_user)
+
+          present todo.reload, with: ::API::Entities::Todo, current_user: current_user
+        end
+
+        desc 'Mark all todos as done'
+        delete do
+          todos = TodosFinder.new(current_user, params).execute
+          TodoService.new.mark_todos_as_done(todos, current_user)
+        end
+      end
+    end
+  end
+end

lib/gitlab/database/migration_helpers.rb

@@ -54,7 +54,7 @@ module Gitlab
 
         disable_statement_timeout
 
-        key_name = "fk_#{source}_#{target}_#{column}"
+        key_name = concurrent_foreign_key_name(source, column)
 
         # Using NOT VALID allows us to create a key without immediately
         # validating it. This means we keep the ALTER TABLE lock only for a
@@ -74,6 +74,15 @@ module Gitlab
         execute("ALTER TABLE #{source} VALIDATE CONSTRAINT #{key_name};")
       end
 
+      # Returns the name for a concurrent foreign key.
+      #
+      # PostgreSQL constraint names have a limit of 63 bytes. The logic used
+      # here is based on Rails' foreign_key_name() method, which unfortunately
+      # is private so we can't rely on it directly.
+      def concurrent_foreign_key_name(table, column)
+        "fk_#{Digest::SHA256.hexdigest("#{table}_#{column}_fk").first(10)}"
+      end
+
       # Long-running migrations may take more than the timeout allowed by
       # the database. Disable the session's statement timeout to ensure
       # migrations don't get killed prematurely. (PostgreSQL only)

lib/gitlab/github_import/base_formatter.rb

 module Gitlab
   module GithubImport
     class BaseFormatter
-      attr_reader :formatter, :project, :raw_data
+      attr_reader :client, :formatter, :project, :raw_data
 
-      def initialize(project, raw_data)
+      def initialize(project, raw_data, client = nil)
         @project = project
         @raw_data = raw_data
+        @client = client
         @formatter = Gitlab::ImportFormatter.new
       end
 
@@ -18,19 +19,6 @@ module Gitlab
       def url
         raw_data.url || ''
       end
-
-      private
-
-      def gitlab_user_id(github_id)
-        User.joins(:identities).
-          find_by("identities.extern_uid = ? AND identities.provider = 'github'", github_id.to_s).
-          try(:id)
-      end
-
-      def gitlab_author_id
-        return @gitlab_author_id if defined?(@gitlab_author_id)
-        @gitlab_author_id = gitlab_user_id(raw_data.user.id)
-      end
     end
   end
 end

lib/gitlab/github_import/client.rb

@@ -10,6 +10,7 @@ module Gitlab
         @access_token = access_token
         @host = host.to_s.sub(%r{/+\z}, '')
         @api_version = api_version
+        @users = {}
 
         if access_token
           ::Octokit.auto_paginate = false
@@ -64,6 +65,13 @@ module Gitlab
         api.respond_to?(method) || super
       end
 
+      def user(login)
+        return nil unless login.present?
+        return @users[login] if @users.key?(login)
+
+        @users[login] = api.user(login)
+      end
+
       private
 
       def api_endpoint

lib/gitlab/github_import/comment_formatter.rb

 module Gitlab
   module GithubImport
     class CommentFormatter < BaseFormatter
+      attr_writer :author_id
+
       def attributes
         {
           project: project,
@@ -17,11 +19,11 @@ module Gitlab
       private
 
       def author
-        raw_data.user.login
+        @author ||= UserFormatter.new(client, raw_data.user)
       end
 
       def author_id
-        gitlab_author_id || project.creator_id
+        author.gitlab_id || project.creator_id
       end
 
       def body
@@ -52,10 +54,10 @@ module Gitlab
       end
 
       def note
-        if gitlab_author_id
+        if author.gitlab_id
           body
         else
-          formatter.author_line(author) + body
+          formatter.author_line(author.login) + body
         end
       end
 

lib/gitlab/github_import/importer.rb

@@ -110,7 +110,7 @@ module Gitlab
       def import_issues
         fetch_resources(:issues, repo, state: :all, sort: :created, direction: :asc, per_page: 100) do |issues|
           issues.each do |raw|
-            gh_issue = IssueFormatter.new(project, raw)
+            gh_issue = IssueFormatter.new(project, raw, client)
 
             begin
               issuable =
@@ -131,7 +131,8 @@ module Gitlab
       def import_pull_requests
         fetch_resources(:pull_requests, repo, state: :all, sort: :created, direction: :asc, per_page: 100) do |pull_requests|
           pull_requests.each do |raw|
-            gh_pull_request = PullRequestFormatter.new(project, raw)
+            gh_pull_request = PullRequestFormatter.new(project, raw, client)
+
             next unless gh_pull_request.valid?
 
             begin
@@ -209,13 +210,15 @@ module Gitlab
         ActiveRecord::Base.no_touching do
           comments.each do |raw|
             begin
-              comment         = CommentFormatter.new(project, raw)
+              comment = CommentFormatter.new(project, raw, client)
+
               # GH does not return info about comment's parent, so we guess it by checking its URL!
               *_, parent, iid = URI(raw.html_url).path.split('/')
-              if parent == 'issues'
-                issuable = Issue.find_by(project_id: project.id, iid: iid)
+
+              issuable = if parent == 'issues'
+                           Issue.find_by(project_id: project.id, iid: iid)
                          else
-                issuable = MergeRequest.find_by(target_project_id: project.id, iid: iid)
+                           MergeRequest.find_by(target_project_id: project.id, iid: iid)
                          end
 
               next unless issuable

lib/gitlab/github_import/issuable_formatter.rb

 module Gitlab
   module GithubImport
     class IssuableFormatter < BaseFormatter
+      attr_writer :assignee_id, :author_id
+
       def project_association
         raise NotImplementedError
       end
@@ -23,18 +25,24 @@ module Gitlab
         raw_data.assignee.present?
       end
 
-      def assignee_id
-        if assigned?
-          gitlab_user_id(raw_data.assignee.id)
+      def author
+        @author ||= UserFormatter.new(client, raw_data.user)
       end
+
+      def author_id
+        @author_id ||= author.gitlab_id || project.creator_id
       end
 
-      def author
-        raw_data.user.login
+      def assignee
+        if assigned?
+          @assignee ||= UserFormatter.new(client, raw_data.assignee)
+        end
       end
 
-      def author_id
-        gitlab_author_id || project.creator_id
+      def assignee_id
+        return @assignee_id if defined?(@assignee_id)
+
+        @assignee_id = assignee.try(:gitlab_id)
       end
 
       def body
@@ -42,10 +50,10 @@ module Gitlab
       end
 
       def description
-        if gitlab_author_id
+        if author.gitlab_id
           body
         else
-          formatter.author_line(author) + body
+          formatter.author_line(author.login) + body
         end
       end
 

lib/gitlab/github_import/user_formatter.rb

+module Gitlab
+  module GithubImport
+    class UserFormatter
+      attr_reader :client, :raw
+
+      delegate :id, :login, to: :raw, allow_nil: true
+
+      def initialize(client, raw)
+        @client = client
+        @raw = raw
+      end
+
+      def gitlab_id
+        return @gitlab_id if defined?(@gitlab_id)
+
+        @gitlab_id = find_by_external_uid || find_by_email
+      end
+
+      private
+
+      def email
+        @email ||= client.user(raw.login).try(:email)
+      end
+
+      def find_by_email
+        return nil unless email
+
+        User.find_by_any_email(email)
+            .try(:id)
+      end
+
+      def find_by_external_uid
+        return nil unless id
+
+        identities = ::Identity.arel_table
+
+        User.select(:id)
+            .joins(:identities).where(identities[:provider].eq(:github)
+            .and(identities[:extern_uid].eq(id)))
+            .first
+            .try(:id)
+      end
+    end
+  end
+end

spec/controllers/projects/blob_controller_spec.rb

@@ -86,18 +86,32 @@ describe Projects::BlobController do
     end
 
     context 'when user has forked project' do
-      let(:guest) { create(:user) }
-      let!(:forked_project) { Projects::ForkService.new(project, guest).execute }
-      let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, source_branch: "fork-test-1", target_branch: "master") }
+      let(:forked_project_link) { create(:forked_project_link, forked_from_project: project) }
+      let!(:forked_project) { forked_project_link.forked_to_project }
+      let(:guest) { forked_project.owner }
 
-      before { sign_in(guest) }
+      before do
+        sign_in(guest)
+      end
 
+      context 'when editing on the fork' do
+        before do
+          default_params[:namespace_id] = forked_project.namespace.to_param
+          default_params[:project_id] = forked_project.to_param
+        end
+
+        it 'redirects to blob' do
+          put :update, default_params
+
+          expect(response).to redirect_to(namespace_project_blob_path(forked_project.namespace, forked_project, 'master/CHANGELOG'))
+        end
+      end
+
+      context 'when editing on the original repository' do
         it "redirects to forked project new merge request" do
           default_params[:target_branch] = "fork-test-1"
           default_params[:create_merge_request] = 1
 
-        allow_any_instance_of(Files::UpdateService).to receive(:commit).and_return(:success)
-
           put :update, default_params
 
           expect(response).to redirect_to(
@@ -115,4 +129,5 @@ describe Projects::BlobController do
         end
       end
     end
+  end
 end

spec/features/commits_spec.rb

@@ -153,7 +153,7 @@ describe 'Commits' do
           expect(page).to have_content pipeline.git_author_name
           expect(page).to have_link('Download artifacts')
           expect(page).not_to have_link('Cancel running')
-          expect(page).not_to have_link('Retry failed')
+          expect(page).not_to have_link('Retry')
         end
       end
 
@@ -172,7 +172,7 @@ describe 'Commits' do
           expect(page).to have_content pipeline.git_author_name
           expect(page).not_to have_link('Download artifacts')
           expect(page).not_to have_link('Cancel running')
-          expect(page).not_to have_link('Retry failed')
+          expect(page).not_to have_link('Retry')
         end
       end
     end

spec/features/groups/members/list_spec.rb

@@ -30,6 +30,21 @@ feature 'Groups members list', feature: true do
     expect(second_row).to be_blank
   end
 
+  it 'updates user to owner level', :js do
+    group.add_owner(user1)
+    group.add_developer(user2)
+
+    visit group_group_members_path(group)
+
+    page.within(second_row) do
+      click_button('Developer')
+
+      click_link('Owner')
+
+      expect(page).to have_button('Owner')
+    end
+  end
+
   def first_row
     page.all('ul.content-list > li')[0]
   end

spec/features/projects/new_project_spec.rb

@@ -19,6 +19,51 @@ feature "New project", feature: true do
     end
   end
 
+  context "Namespace selector" do
+    context "with user namespace" do
+      before do
+        visit new_project_path
+      end
+
+      it "selects the user namespace" do
+        namespace = find("#project_namespace_id")
+
+        expect(namespace.text).to eq user.username
+      end
+    end
+
+    context "with group namespace" do
+      let(:group) { create(:group, :private, owner: user) }
+
+      before do
+        group.add_owner(user)
+        visit new_project_path(namespace_id: group.id)
+      end
+
+      it "selects the group namespace" do
+        namespace = find("#project_namespace_id option[selected]")
+
+        expect(namespace.text).to eq group.name
+      end
+
+      context "on validation error" do
+        before do
+          fill_in('project_path', with: 'private-group-project')
+          choose('Internal')
+          click_button('Create project')
+
+          expect(page).to have_css '.project-edit-errors .alert.alert-danger'
+        end
+
+        it "selects the group namespace" do
+          namespace = find("#project_namespace_id option[selected]")
+
+          expect(namespace.text).to eq group.name
+        end
+      end
+    end
+  end
+
   context 'Import project options' do
     before do
       visit new_project_path

spec/features/projects/pipelines/pipeline_spec.rb

@@ -54,7 +54,7 @@ describe 'Pipeline', :feature, :js do
       expect(page).to have_content('Build')
       expect(page).to have_content('Test')
       expect(page).to have_content('Deploy')
-      expect(page).to have_content('Retry failed')
+      expect(page).to have_content('Retry')
       expect(page).to have_content('Cancel running')
     end
 
@@ -164,9 +164,9 @@ describe 'Pipeline', :feature, :js do
       it { expect(page).not_to have_content('retried') }
 
       context 'when retrying' do
-        before { click_on 'Retry failed' }
+        before { find('.js-retry-button').trigger('click') }
 
-        it { expect(page).not_to have_content('Retry failed') }
+        it { expect(page).not_to have_content('Retry') }
       end
     end
 
@@ -198,7 +198,7 @@ describe 'Pipeline', :feature, :js do
       expect(page).to have_content(build_failed.id)
       expect(page).to have_content(build_running.id)
       expect(page).to have_content(build_external.id)
-      expect(page).to have_content('Retry failed')
+      expect(page).to have_content('Retry')
       expect(page).to have_content('Cancel running')
       expect(page).to have_link('Play')
     end
@@ -226,9 +226,9 @@ describe 'Pipeline', :feature, :js do
       it { expect(page).not_to have_content('retried') }
 
       context 'when retrying' do
-        before { click_on 'Retry failed' }
+        before { find('.js-retry-button').trigger('click') }
 
-        it { expect(page).not_to have_content('Retry failed') }
+        it { expect(page).not_to have_content('Retry') }
         it { expect(page).to have_selector('.retried') }
       end
     end

spec/features/projects/ref_switcher_spec.rb

@@ -20,6 +20,8 @@ feature 'Ref switcher', feature: true, js: true do
       input.set 'binary'
       wait_for_ajax
 
+      expect(find('.dropdown-content ul')).to have_selector('li', count: 6)
+
       page.within '.dropdown-content ul' do
         input.native.send_keys :enter
       end

spec/javascripts/filtered_search/filtered_search_tokenizer_spec.js.es6

@@ -99,6 +99,29 @@ require('~/filtered_search/filtered_search_tokenizer');
         expect(results.tokens[2].value).toBe('Doing');
         expect(results.tokens[2].symbol).toBe('~');
       });
+
+      it('returns search value for invalid tokens', () => {
+        const results = gl.FilteredSearchTokenizer.processTokens('fake:token');
+        expect(results.lastToken).toBe('fake:token');
+        expect(results.searchToken).toBe('fake:token');
+        expect(results.tokens.length).toEqual(0);
+      });
+
+      it('returns search value and token for mix of valid and invalid tokens', () => {
+        const results = gl.FilteredSearchTokenizer.processTokens('label:real fake:token');
+        expect(results.tokens.length).toEqual(1);
+        expect(results.tokens[0].key).toBe('label');
+        expect(results.tokens[0].value).toBe('real');
+        expect(results.tokens[0].symbol).toBe('');
+        expect(results.lastToken).toBe('fake:token');
+        expect(results.searchToken).toBe('fake:token');
+      });
+
+      it('returns search value for invalid symbols', () => {
+        const results = gl.FilteredSearchTokenizer.processTokens('std::includes');
+        expect(results.lastToken).toBe('std::includes');
+        expect(results.searchToken).toBe('std::includes');
+      });
     });
   });
 })();

spec/lib/gitlab/database/migration_helpers_spec.rb

@@ -101,6 +101,16 @@ describe Gitlab::Database::MigrationHelpers, lib: true do
     end
   end
 
+  describe '#concurrent_foreign_key_name' do
+    it 'returns the name for a foreign key' do
+      name = model.concurrent_foreign_key_name(:this_is_a_very_long_table_name,
+                                               :with_a_very_long_column_name)
+
+      expect(name).to be_an_instance_of(String)
+      expect(name.length).to eq(13)
+    end
+  end
+
   describe '#disable_statement_timeout' do
     context 'using PostgreSQL' do
       it 'disables statement timeouts' do

spec/lib/gitlab/github_import/comment_formatter_spec.rb

 require 'spec_helper'
 
 describe Gitlab::GithubImport::CommentFormatter, lib: true do
+  let(:client) { double }
   let(:project) { create(:empty_project) }
-  let(:octocat) { double(id: 123456, login: 'octocat') }
+  let(:octocat) { double(id: 123456, login: 'octocat', email: 'octocat@example.com') }
   let(:created_at) { DateTime.strptime('2013-04-10T20:09:31Z') }
   let(:updated_at) { DateTime.strptime('2014-03-03T18:58:10Z') }
   let(:base) do
@@ -16,7 +17,11 @@ describe Gitlab::GithubImport::CommentFormatter, lib: true do
     }
   end
 
-  subject(:comment) { described_class.new(project, raw)}
+  subject(:comment) { described_class.new(project, raw, client) }
+
+  before do
+    allow(client).to receive(:user).and_return(octocat)
+  end
 
   describe '#attributes' do
     context 'when do not reference a portion of the diff' do
@@ -69,8 +74,15 @@ describe Gitlab::GithubImport::CommentFormatter, lib: true do
     context 'when author is a GitLab user' do
       let(:raw) { double(base.merge(user: octocat)) }
 
-      it 'returns GitLab user id as author_id' do
+      it 'returns GitLab user id associated with GitHub id as author_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
+
+        expect(comment.attributes.fetch(:author_id)).to eq gl_user.id
+      end
+
+      it 'returns GitLab user id associated with GitHub email as author_id' do
+        gl_user = create(:user, email: octocat.email)
+
         expect(comment.attributes.fetch(:author_id)).to eq gl_user.id
       end
 

spec/lib/gitlab/github_import/importer_spec.rb

@@ -44,6 +44,7 @@ describe Gitlab::GithubImport::Importer, lib: true do
       allow_any_instance_of(Octokit::Client).to receive(:rate_limit!).and_raise(Octokit::NotFound)
       allow_any_instance_of(Gitlab::Shell).to receive(:import_repository).and_raise(Gitlab::Shell::Error)
 
+      allow_any_instance_of(Octokit::Client).to receive(:user).and_return(octocat)
       allow_any_instance_of(Octokit::Client).to receive(:labels).and_return([label1, label2])
       allow_any_instance_of(Octokit::Client).to receive(:milestones).and_return([milestone, milestone])
       allow_any_instance_of(Octokit::Client).to receive(:issues).and_return([issue1, issue2])
@@ -53,7 +54,8 @@ describe Gitlab::GithubImport::Importer, lib: true do
       allow_any_instance_of(Octokit::Client).to receive(:last_response).and_return(double(rels: { next: nil }))
       allow_any_instance_of(Octokit::Client).to receive(:releases).and_return([release1, release2])
     end
-    let(:octocat) { double(id: 123456, login: 'octocat') }
+
+    let(:octocat) { double(id: 123456, login: 'octocat', email: 'octocat@example.com') }
     let(:created_at) { DateTime.strptime('2011-01-26T19:01:12Z') }
     let(:updated_at) { DateTime.strptime('2011-01-27T19:01:12Z') }
     let(:label1) do
@@ -125,6 +127,7 @@ describe Gitlab::GithubImport::Importer, lib: true do
       )
     end
 
+    let!(:user) { create(:user, email: octocat.email) }
     let(:repository) { double(id: 1, fork: false) }
     let(:source_sha) { create(:commit, project: project).id }
     let(:source_branch) { double(ref: 'feature', repo: repository, sha: source_sha) }

spec/lib/gitlab/github_import/issue_formatter_spec.rb

 require 'spec_helper'
 
 describe Gitlab::GithubImport::IssueFormatter, lib: true do
+  let(:client) { double }
   let!(:project) { create(:empty_project, namespace: create(:namespace, path: 'octocat')) }
-  let(:octocat) { double(id: 123456, login: 'octocat') }
+  let(:octocat) { double(id: 123456, login: 'octocat', email: 'octocat@example.com') }
   let(:created_at) { DateTime.strptime('2011-01-26T19:01:12Z') }
   let(:updated_at) { DateTime.strptime('2011-01-27T19:01:12Z') }
 
@@ -23,7 +24,11 @@ describe Gitlab::GithubImport::IssueFormatter, lib: true do
     }
   end
 
-  subject(:issue) { described_class.new(project, raw_data) }
+  subject(:issue) { described_class.new(project, raw_data, client) }
+
+  before do
+    allow(client).to receive(:user).and_return(octocat)
+  end
 
   shared_examples 'Gitlab::GithubImport::IssueFormatter#attributes' do
     context 'when issue is open' do
@@ -75,11 +80,17 @@ describe Gitlab::GithubImport::IssueFormatter, lib: true do
         expect(issue.attributes.fetch(:assignee_id)).to be_nil
       end
 
-      it 'returns GitLab user id as assignee_id when is a GitLab user' do
+      it 'returns GitLab user id associated with GitHub id as assignee_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 
         expect(issue.attributes.fetch(:assignee_id)).to eq gl_user.id
       end
+
+      it 'returns GitLab user id associated with GitHub email as assignee_id' do
+        gl_user = create(:user, email: octocat.email)
+
+        expect(issue.attributes.fetch(:assignee_id)).to eq gl_user.id
+      end
     end
 
     context 'when it has a milestone' do
@@ -100,16 +111,22 @@ describe Gitlab::GithubImport::IssueFormatter, lib: true do
     context 'when author is a GitLab user' do
       let(:raw_data) { double(base_data.merge(user: octocat)) }
 
-      it 'returns project#creator_id as author_id when is not a GitLab user' do
+      it 'returns project creator_id as author_id when is not a GitLab user' do
         expect(issue.attributes.fetch(:author_id)).to eq project.creator_id
       end
 
-      it 'returns GitLab user id as author_id when is a GitLab user' do
+      it 'returns GitLab user id associated with GitHub id as author_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 
         expect(issue.attributes.fetch(:author_id)).to eq gl_user.id
       end
 
+      it 'returns GitLab user id associated with GitHub email as author_id' do
+        gl_user = create(:user, email: octocat.email)
+
+        expect(issue.attributes.fetch(:author_id)).to eq gl_user.id
+      end
+
       it 'returns description without created at tag line' do
         create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 

spec/lib/gitlab/github_import/pull_request_formatter_spec.rb

 require 'spec_helper'
 
 describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
+  let(:client) { double }
   let(:project) { create(:project, :repository) }
   let(:source_sha) { create(:commit, project: project).id }
   let(:target_sha) { create(:commit, project: project, git_commit: RepoHelpers.another_sample_commit).id }
@@ -10,7 +11,7 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
   let(:target_repo) { repository }
   let(:target_branch) { double(ref: 'master', repo: target_repo, sha: target_sha) }
   let(:removed_branch) { double(ref: 'removed-branch', repo: source_repo, sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b') }
-  let(:octocat) { double(id: 123456, login: 'octocat') }
+  let(:octocat) { double(id: 123456, login: 'octocat', email: 'octocat@example.com') }
   let(:created_at) { DateTime.strptime('2011-01-26T19:01:12Z') }
   let(:updated_at) { DateTime.strptime('2011-01-27T19:01:12Z') }
   let(:base_data) do
@@ -32,7 +33,11 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
     }
   end
 
-  subject(:pull_request) { described_class.new(project, raw_data) }
+  subject(:pull_request) { described_class.new(project, raw_data, client) }
+
+  before do
+    allow(client).to receive(:user).and_return(octocat)
+  end
 
   shared_examples 'Gitlab::GithubImport::PullRequestFormatter#attributes' do
     context 'when pull request is open' do
@@ -121,26 +126,38 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
         expect(pull_request.attributes.fetch(:assignee_id)).to be_nil
       end
 
-      it 'returns GitLab user id as assignee_id when is a GitLab user' do
+      it 'returns GitLab user id associated with GitHub id as assignee_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 
         expect(pull_request.attributes.fetch(:assignee_id)).to eq gl_user.id
       end
+
+      it 'returns GitLab user id associated with GitHub email as assignee_id' do
+        gl_user = create(:user, email: octocat.email)
+
+        expect(pull_request.attributes.fetch(:assignee_id)).to eq gl_user.id
+      end
     end
 
     context 'when author is a GitLab user' do
       let(:raw_data) { double(base_data.merge(user: octocat)) }
 
-      it 'returns project#creator_id as author_id when is not a GitLab user' do
+      it 'returns project creator_id as author_id when is not a GitLab user' do
         expect(pull_request.attributes.fetch(:author_id)).to eq project.creator_id
       end
 
-      it 'returns GitLab user id as author_id when is a GitLab user' do
+      it 'returns GitLab user id associated with GitHub id as author_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 
         expect(pull_request.attributes.fetch(:author_id)).to eq gl_user.id
       end
 
+      it 'returns GitLab user id associated with GitHub email as author_id' do
+        gl_user = create(:user, email: octocat.email)
+
+        expect(pull_request.attributes.fetch(:author_id)).to eq gl_user.id
+      end
+
       it 'returns description without created at tag line' do
         create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
 

spec/lib/gitlab/github_import/user_formatter_spec.rb

+require 'spec_helper'
+
+describe Gitlab::GithubImport::UserFormatter, lib: true do
+  let(:client) { double }
+  let(:octocat) { double(id: 123456, login: 'octocat', email: 'octocat@example.com') }
+
+  subject(:user) { described_class.new(client, octocat) }
+
+  before do
+    allow(client).to receive(:user).and_return(octocat)
+  end
+
+  describe '#gitlab_id' do
+    context 'when GitHub user is a GitLab user' do
+      it 'return GitLab user id when user associated their account with GitHub' do
+        gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
+
+        expect(user.gitlab_id).to eq gl_user.id
+      end
+
+      it 'returns GitLab user id when user primary email matches GitHub email' do
+        gl_user = create(:user, email: octocat.email)
+
+        expect(user.gitlab_id).to eq gl_user.id
+      end
+
+      it 'returns GitLab user id when any of user linked emails matches GitHub email' do
+        gl_user = create(:user, email: 'johndoe@example.com')
+        create(:email, user: gl_user, email: octocat.email)
+
+        expect(user.gitlab_id).to eq gl_user.id
+      end
+    end
+
+    it 'returns nil when GitHub user is not a GitLab user' do
+      expect(user.gitlab_id).to be_nil
+    end
+  end
+end

spec/models/concerns/spammable_spec.rb

@@ -14,8 +14,9 @@ describe Issue, 'Spammable' do
   end
 
   describe 'InstanceMethods' do
+    let(:issue) { build(:issue, spam: true) }
+
     it 'should be invalid if spam' do
-      issue = build(:issue, spam: true)
       expect(issue.valid?).to be_falsey
     end
 
@@ -29,5 +30,20 @@ describe Issue, 'Spammable' do
         expect(issue.check_for_spam?).to eq(false)
       end
     end
+
+    describe '#submittable_as_spam_by?' do
+      let(:admin) { build(:admin) }
+      let(:user) { build(:user) }
+
+      before do
+        allow(issue).to receive(:submittable_as_spam?).and_return(true)
+      end
+
+      it 'tests if the user can submit spam' do
+        expect(issue.submittable_as_spam_by?(admin)).to be(true)
+        expect(issue.submittable_as_spam_by?(user)).to be(false)
+        expect(issue.submittable_as_spam_by?(nil)).to be_nil
+      end
+    end
   end
 end

spec/requests/api/commit_statuses_spec.rb

@@ -21,10 +21,6 @@ describe API::CommitStatuses, api: true do
       let!(:master) { project.pipelines.create(sha: commit.id, ref: 'master') }
       let!(:develop) { project.pipelines.create(sha: commit.id, ref: 'develop') }
 
-      it_behaves_like 'a paginated resources' do
-        let(:request) { get api(get_url, reporter) }
-      end
-
       context "reporter user" do
         let(:statuses_id) { json_response.map { |status| status['id'] } }
 
@@ -45,6 +41,7 @@ describe API::CommitStatuses, api: true do
           it 'returns latest commit statuses' do
             expect(response).to have_http_status(200)
 
+            expect(response).to include_pagination_headers
             expect(json_response).to be_an Array
             expect(statuses_id).to contain_exactly(status3.id, status4.id, status5.id, status6.id)
             json_response.sort_by!{ |status| status['id'] }

spec/requests/api/deployments_spec.rb

@@ -14,10 +14,6 @@ describe API::Deployments, api: true  do
 
   describe 'GET /projects/:id/deployments' do
     context 'as member of the project' do
-      it_behaves_like 'a paginated resources' do
-        let(:request) { get api("/projects/#{project.id}/deployments", user) }
-      end
-
       it 'returns projects deployments' do
         get api("/projects/#{project.id}/deployments", user)