- While selecting user access for a protected branch.

-  When a user leaves a project, any access levels that they were
   granted specifically are destroyed.

-  When a user is removed from a project, any access levels that they
   were granted specifically are destroyed.

To work with restricting access to a specific user.

1. While creating a protected branch, you can set a single user / role
  for each setting ("Allowed to Merge", "Allowed to Push").

2. More users / roles can be set subsequently.

3. Repurposed 'users_select.js.coffee` for the needs of this page.

4. Move protected branch settings to the `show` page.

    - Too many settings on the single index page can be overwhelming. Also,
      if the number of users that can access a protected branch is large,
      the amount of space between protected branches in the table can be
      unwieldy.

    - This is the simplest design I can think of - we can use this
      until we have someone from the frontend/ux team take a look at
      this.

    - Move protected branches javascript under a `protected_branches`
      directory.

    - The dropdowns don't show access levels / users that have already been
      selected.

    - Allow deleting access levels using two new access level controllers.

- A protected branch now `has_many` access levels (as opposed to
  `has_one`, which CE will continue to have). Each access level
  represents either a user or a role that is allowed to access the
  protected branch.

- Update `git_access_spec` to test cases where a specific user is given
  access to a protected branch.

- Remove the explicit `push_check` for protected branches. This is
  because a non-developer user (such as a reporter) should be able to
  push code if they are added to a protected branch specifically.

- Fix specs (git_access_spec) that were implicitly depending on a
  master push access level being created (previously, a protected
  branch's default state was "masters can push + masters can merge").
  Since the current default is "none", the dependency needs to be
  explicitly declared.

- Update `git_push_service` so default branch protection (for new repos)
  works as expected.

[ES] Add explanation comments



See merge request !650

Allow LDAP `sync_ssh_keys` setting to be set to `true`

In that case `sync_ssh_keys` will default to the `sshPublicKey` value

Fixes #8

See merge request !670

In that case `sync_ssh_keys` will default to the `sshPublicKey` value.

[ES] Fix for unborn head

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/21038

See merge request !669

Allow syncing a group against all providers at once

## What does this MR do?

Allows `Sync::Group` to sync members for a single group across all providers at once. Closes #399 

## Are there points in the code the reviewer needs to double check?

No

## Why was this MR needed?

The current implementation of LDAP group sync manages members based on a single LDAP provider. This is optimal because we can open a single connection to a given LDAP server (provider) and run all queries needed to sync all GitLab groups with links to that provider. If we want to sync a single group at a time we need to flip that model - for a single group, run the sync for all providers. 

This presents a few challenges since we have a state machine on the group. In the former/current model we need to set the state inside the loop. However, if we do that in the latter model we will likely run into a race condition. At least, it will execute unnecessary queries against the database. Other than adding the functionality needed to sync a single group, the MR moves the state machine handling to the respective class method. 

## What are the relevant issue numbers?

#399

See merge request !636

[ES] Limit amount of retries for sidekiq jobs

ES index data is not that critical and in most of the cases sidekiq jobs fails due to bugs.
What do you think @jnijhof and @pcarranza 

See merge request !666

[ES] Rspec for code that used delete-by-query plugin

We need to reconfigure CI so elastic has `delete-by-query` plugin installed

See merge request !654

Remove tiny grammar mistake

Just removing the "it" at the end of the sentence, I think it was a mistake.

See merge request !667

Refactor description templates documentation

CE https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5839

See merge request !657

Optimize commit and diff changes access check to reduce git operations

Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/880

See merge request !647

Git operations are costly. Before, if file locks and all file locks were
enabled we would iterate over each commit twice and over each diff as much
as 4 times. This updates uses lambdas to go through all neccessary validations
in only one iteration per commit and per diff. It also removes some unused
code in lib/gitlab/git_access.rb and adds examples to ensure the code keeps
working as intended.

CE upstream

@pacoguzman Please resolve `spec/controllers/autocomplete_controller_spec.rb`

See merge request !656

[ES] Record deletion fix

Specs for deletion are in MR https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/654/diffs that is built on top of this MR. I've made it in a separate MR because there is complex stuff left to do. We need another docker image where elastic has plugin `delete-by-query`

No changelog item required because the bug was introduced in master a few days ago by https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/615

See merge request !653

Move to project dropdown with infinite scroll for better performance

See merge request !5828

Use just SQL to check is a user can admin_issue on a project

Tradeoff

- we duplicate how we check admin_issue in a SQL relation in the Ability class

Fix error message for existing labels in right sidebar.

## What does this MR do?
Fixes flash notification in right sidebar, if we want to create an existing label.

## Are there points in the code the reviewer needs to double check?
Nope.

## Why was this MR needed?
Because it was broken.

## What are the relevant issue numbers?
Fixes #20117 

## Screenshots (if relevant)

#### Before
![https://gitlab.com/gitlab-org/gitlab-ce/uploads/c1fa7e98d1a3f0daaf8197809bbb26d0/Screen_Shot_2016-07-22_at_11.33.35.png](https://gitlab.com/gitlab-org/gitlab-ce/uploads/c1fa7e98d1a3f0daaf8197809bbb26d0/Screen_Shot_2016-07-22_at_11.33.35.png)

#### After
![Screen_Shot_2016-07-28_at_13.38.03](/uploads/1dca73bf4c1b14c0044952a5032d9325/Screen_Shot_2016-07-28_at_13.38.03.png)
![Screen_Shot_2016-07-28_at_13.41.18](/uploads/9b814f7f03d0314050659e1ac6ace290/Screen_Shot_2016-07-28_at_13.41.18.png)

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
  - [ ] ~~Added for this feature/bug~~
  - [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !5546

Don't show comment button in gutter of diffs on MR discussion tab

When browsing to an MR, switching to the Changes tab, and switching back to the Discussions tab, the gutter of the diffs on that page would show the comment button on-hover, while it shouldn't, since comments on new lines can only be created from the Changes tab.

![Screen_Shot_2016-07-25_at_22.01.11](/uploads/6b044e1a3ecb34ddaa0af432833473aa/Screen_Shot_2016-07-25_at_22.01.11.png)

`8-10-stable` counterpart at https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5493

See merge request !5492

[ci skip]

Updated Akismet documentation

Updated Akismet documentation

See merge request !5821

[ci skip]

Add hover state to todos

## What does this MR do?

- Add a hover state to todos like for repository files.
- Fix button alignment in todos
- Add link to avatar in todos

## Are there points in the code the reviewer needs to double check?

The `border-collapse` part—is there any better way?

## Why was this MR needed?

Make hover states consistent.

## What are the relevant issue numbers?

fixes #19833 

## Screenshots

### Before

![before](/uploads/cd2e7b234bf08fac48aebb60cdfa26a9/before.png)

### After

![todos-list](/uploads/592457050cb3ff2c43dfcce78418c50b/todos-list.png)

![todos-list-last-hover](/uploads/532714333bc74d1656a5c767012b4cdd/todos-list-last-hover.png)

![todos-mobile](/uploads/d542b04ddebc9d4354d57151dd04c0d2/todos-mobile.png)

See merge request !5361