Commit fd2b2dc1 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq

parents c6bfad2a f1a85747
...@@ -36,6 +36,8 @@ v 8.10.0 (unreleased) ...@@ -36,6 +36,8 @@ v 8.10.0 (unreleased)
- More descriptive message for git hooks and file locks - More descriptive message for git hooks and file locks
- Handle custom Git hook result in GitLab UI - Handle custom Git hook result in GitLab UI
v 8.9.4 (unreleased)
- Ensure references to private repos aren't shown to logged-out users
v 8.9.5 (unreleased) v 8.9.5 (unreleased)
- Improve the request / withdraw access button. !4860 - Improve the request / withdraw access button. !4860
- Fix assigning shared runners as admins. !4961 - Fix assigning shared runners as admins. !4961
......
...@@ -45,7 +45,7 @@ module Mentionable ...@@ -45,7 +45,7 @@ module Mentionable
def all_references(current_user = nil, text = nil, extractor: nil) def all_references(current_user = nil, text = nil, extractor: nil)
extractor ||= Gitlab::ReferenceExtractor. extractor ||= Gitlab::ReferenceExtractor.
new(project, current_user || author) new(project, current_user)
if text if text
extractor.analyze(text, author: author) extractor.analyze(text, author: author)
......
...@@ -237,7 +237,7 @@ class TodoService ...@@ -237,7 +237,7 @@ class TodoService
end end
def filter_mentioned_users(project, target, author) def filter_mentioned_users(project, target, author)
mentioned_users = target.mentioned_users mentioned_users = target.mentioned_users(author)
mentioned_users = reject_users_without_access(mentioned_users, project, target) mentioned_users = reject_users_without_access(mentioned_users, project, target)
mentioned_users.delete(author) mentioned_users.delete(author)
mentioned_users.uniq mentioned_users.uniq
......
...@@ -127,9 +127,15 @@ The chosen OmniAuth provider is now active and can be used to sign in to GitLab ...@@ -127,9 +127,15 @@ The chosen OmniAuth provider is now active and can be used to sign in to GitLab
This setting was introduced with version 8.7 of GitLab This setting was introduced with version 8.7 of GitLab
You can define which OmniAuth providers you want to be `external` so that all users You can define which OmniAuth providers you want to be `external` so that all users
creating accounts via these providers will not be able to have access to internal **creating accounts, or logging in via these providers** will not be able to have
projects. You will need to use the full name of the provider, like `google_oauth2` access to internal projects. You will need to use the full name of the provider,
for Google. Refer to the examples for the full names of the supported providers. like `google_oauth2` for Google. Refer to the examples for the full names of the
supported providers.
>**Note:**
If you decide to remove an OmniAuth provider from the external providers list
you will need to manually update the users that use this method to login, if you
want their accounts to be upgraded to full internal accounts.
**For Omnibus installations** **For Omnibus installations**
......
...@@ -56,8 +56,6 @@ module Gitlab ...@@ -56,8 +56,6 @@ module Gitlab
if external_provider? && @user if external_provider? && @user
@user.external = true @user.external = true
elsif @user
@user.external = false
end end
@user @user
......
...@@ -51,12 +51,25 @@ describe Gitlab::OAuth::User, lib: true do ...@@ -51,12 +51,25 @@ describe Gitlab::OAuth::User, lib: true do
end end
context 'provider was external, now has been removed' do context 'provider was external, now has been removed' do
it 'should mark existing user internal' do it 'should not mark external user as internal' do
create(:omniauth_user, extern_uid: 'my-uid', provider: 'twitter', external: true) create(:omniauth_user, extern_uid: 'my-uid', provider: 'twitter', external: true)
stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['facebook']) stub_omniauth_config(allow_single_sign_on: ['twitter'], external_providers: ['facebook'])
oauth_user.save oauth_user.save
expect(gl_user).to be_valid expect(gl_user).to be_valid
expect(gl_user.external).to be_falsey expect(gl_user.external).to be_truthy
end
end
context 'provider is not external' do
context 'when adding a new OAuth identity' do
it 'should not promote an external user to internal' do
user = create(:user, email: 'john@mail.com', external: true)
user.identities.create(provider: provider, extern_uid: uid)
oauth_user.save
expect(gl_user).to be_valid
expect(gl_user.external).to be_truthy
end
end end
end end
......
...@@ -29,6 +29,43 @@ describe Issue, "Mentionable" do ...@@ -29,6 +29,43 @@ describe Issue, "Mentionable" do
it { is_expected.not_to include(user2) } it { is_expected.not_to include(user2) }
end end
describe '#referenced_mentionables' do
context 'with an issue on a private project' do
let(:project) { create(:empty_project, :public) }
let(:issue) { create(:issue, project: project) }
let(:public_issue) { create(:issue, project: project) }
let(:private_project) { create(:empty_project, :private) }
let(:private_issue) { create(:issue, project: private_project) }
let(:user) { create(:user) }
def referenced_issues(current_user)
text = "#{private_issue.to_reference(project)} and #{public_issue.to_reference}"
issue.referenced_mentionables(current_user, text)
end
context 'when the current user can see the issue' do
before { private_project.team << [user, Gitlab::Access::DEVELOPER] }
it 'includes the reference' do
expect(referenced_issues(user)).to contain_exactly(private_issue, public_issue)
end
end
context 'when the current user cannot see the issue' do
it 'does not include the reference' do
expect(referenced_issues(user)).to contain_exactly(public_issue)
end
end
context 'when there is no current user' do
it 'does not include the reference' do
expect(referenced_issues(nil)).to contain_exactly(public_issue)
end
end
end
end
describe '#create_cross_references!' do describe '#create_cross_references!' do
let(:project) { create(:project) } let(:project) { create(:project) }
let(:author) { double('author') } let(:author) { double('author') }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment