- 27 Jun, 2016 2 commits
-
-
Robert Speicher authored
Fix an information disclosure when requesting access to a group containing private projects Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19102. The commit speaks for itself: Fix an information disclosure when requesting access to a group containing private projects The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. See merge request !1973
-
Rémy Coutable authored
Remove duplicate changelog entry ## What does this MR do? Removes a changelog entry from 8.9.1, which is only present in 8.10 See merge request !4937
-
- 26 Jun, 2016 2 commits
-
-
Robert Speicher authored
[ci skip]
-
Robert Speicher authored
[ci skip]
-
- 25 Jun, 2016 1 commit
-
-
Robert Speicher authored
-
- 24 Jun, 2016 7 commits
-
-
Stan Hu authored
Add SMTP as default delivery method to match gitlab-org/omnibus-gitlab!826 Something happened after upgrading to 8.9RC5 that caused mail settings to be set to sendmail by default. gitlab-com/infrastructure#128 describes the issue in more detail. This MR mirrors the change in omnibus with gitlab-org/omnibus-gitlab!826. Closes #19132 See merge request !4915
-
Stan Hu authored
Fix a wrong MR status when merge_when_build_succeeds & project.only_allow_merge_if_build_succeeds are true ## What does this MR do? Fix a wrong MR status when merge_when_build_succeeds & project.only_allow_merge_if_build_succeeds are true. ## Are there points in the code the reviewer needs to double check? @stanhu I reused your proposal from the issue, I think it's a good enough solution. ## What are the relevant issue numbers? Fixes #19035. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4912
-
Robert Speicher authored
[ci skip]
-
Yorick Peterse authored
Eager load award emoji on notes and participants See merge request !4628
-
Rémy Coutable authored
Fix temp file being deleted after the request while importing a GitLab project Fixes https://gitlab.com/gitlab-com/infrastructure/issues/151 In production, the temporary uploaded file is getting deleted straight after the request so the Sidekiq worker is unable to find it in `/tmp` Also, improved erroring/logging of this situation. See merge request !4894
-
Jacob Schatz authored
Remove width restriction for logo on sign-in page. Follow-up on !4661 since we didn't remove the width restriction on that. See merge request !4888
-
Yorick Peterse authored
Support for rendering/redacting multiple documents See merge request !4828
-
- 23 Jun, 2016 19 commits
-
-
Jacob Schatz authored
Resolve "Scrolling horz on iOS for the secondary nav is broken" ## What does this MR do? Moves absolutely positioned `div`s outside of the scrolling container because mobile safari causes those elements to jump around on scroll. ## Are there points in the code the reviewer needs to double check? Check on a real iPhone (was only able to check in iOS simulator) ## Why was this MR needed? Mobile Safari. ## What are the relevant issue numbers? Closes #18438 ## Screenshots (if relevant) ![mobile-safari-fix](/uploads/b38bba735530eb11507fe03036292dd8/mobile-safari-fix.gif) See merge request !4869
-
Jacob Schatz authored
Apply selected value as label ## What does this MR do? ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? ## What are the relevant issue numbers? ## Screenshots (if relevant) ![dropdown-label](/uploads/db2ea7cb3cc51fbdeea53c304f1bd7a5/dropdown-label.gif) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4886
-
Stan Hu authored
Bump gitlab_git to 10.2.3 to fix false truncated warnings with ISO-8559 files Closes #18690 See merge request !4884
-
Robert Speicher authored
Restore old behavior around diff notes to outdated discussions Fixes #18569 See merge request !4870
-
Jacob Schatz authored
Fix unwanted label unassignment ## What does this MR do? - When updating the milestone - [x] Do not remove labels when assigning a milestone - [x] Do not remove labels when unassigning a milestone - [x] Do not remove labels when assigning a milestone and adding another label - When toggling selected issues labels should be kept - [x] Select an issue with an assigned label -> pick another label from dropdown-> unselect the issue -> select the issue again -> submit the form: Existing label should not be removed. ## Are there points in the code the reviewer needs to double check? Labels should not be added or removed to issues when doing bulk actions unless we explicitly select a label from the dropdown ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4863
-
Robert Speicher authored
[ci skip]
-
Jacob Schatz authored
Set button label when picking an option from status dropdown ## What does this MR do? Fixes an issue with the status dropdown. It was not setting up the correct label after picking an option ## What are the relevant issue numbers? Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18536 ## Screenshots (if relevant) **Previous** ![status-select-previous](/uploads/7c6adbd6c5ba2660dc39a762d53d3b68/status-select-previous.gif) **After** ![status-select](/uploads/91483efed8fbd63a79a01c9ca2154b74/status-select.gif) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - [ ] Tests - [ ] Added for this feature/bug - [x] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4771
-
Jacob Schatz authored
Use jQuery objects in ref dropdown ## What does this MR do? Keeps the behaviour the same as the ref dropdown, however it now uses jQuery objects to handle the HTML creation instead of passing strings around. It pretty much worked out the box so not much was changed in the dropdowns themselves. Will be easy to transfer this over to other dropdown menus as well. cc. @jschatz1 @rspeicher @DouweM Do we want this to go into a patch release? See merge request !4850
-
Rémy Coutable authored
Fix 404 for pipelines ## What does this MR do? Allow to access pipelines of public project by logged guest. ## What are the relevant issue numbers? Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17885 ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4881
-
Stan Hu authored
Fix merge requests project settings help link anchor. ## What does this MR do? 8.9.0 added a new project option for merge requests which has a link for help. The link contained an anchor which was being encoded as ```%23``` so change the help link to properly configure the anchor. ## Are there points in the code the reviewer needs to double check? None ## Why was this MR needed? Current release causes 404 error when clicking on the help link in project settings. ## What are the relevant issue numbers? Closes #18982 ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4873
-
Jacob Schatz authored
Restrict header logo to 36px so it doesn't overflow. ## What does this MR do? Fixes the logo in the header. ## Are there points in the code the reviewer needs to double check? I don't think so. ## Why was this MR needed? Logos that weren't 36px by 36px were broken in 8.9.0 ## What are the relevant issue numbers? Fixes #18980 ## Screenshots (if relevant) Before: ![Screen_Shot_2016-06-22_at_1.52.54_PM](/uploads/de6e4d9ccf40b972565e3864173a9907/Screen_Shot_2016-06-22_at_1.52.54_PM.png) After: ![Screen_Shot_2016-06-22_at_1.52.37_PM](/uploads/d72e015263888b5155c1db5e25f54d66/Screen_Shot_2016-06-22_at_1.52.37_PM.png) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) cc: @jschatz1 @dzaporozhets @rspeicher See merge request !4861
-
Rémy Coutable authored
Fix errors found on importing GitLab CE repo Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18968 See merge request !4855
-
Jacob Schatz authored
Added bottom padding to label color suggestion link ## What does this MR do? Adds a bottom margin to label color suggestions to make sure that when wrapped there is enough whitespace between color rows. ## Are there points in the code the reviewer needs to double check?
😕 ## Why was this MR needed? Mobile UX. ## What are the relevant issue numbers? Closes #18857. ## Screenshots (if relevant) ![Screen_Shot_2016-06-22_at_00.31.26](/uploads/f49c7fa2b97b13e69f0dea97c5dfb319/Screen_Shot_2016-06-22_at_00.31.26.png) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4845 -
Jacob Schatz authored
Hide nav arrows by default ## What does this MR do? - Fixes the arrow icon flashing on page load - Removes settings dropdown at higher breakpoint - Removes unneeded CSS Closes #18941 ## Screenshots (if relevant) Arrow flashing bug: ![icon](/uploads/3db95626acd0adb37438bdbc2c4aa154/icon.gif) Settings dropdown breaking nav: <img src="/uploads/4351035f4cf8cb9fd892b621e6339e50/Screen_Shot_2016-06-21_at_4.25.50_PM.png" width="800px"> @alfredo1 would you mind double checking this to make sure the arrow flashing is definitely not happening? See merge request !4843
-
Robert Speicher authored
Update Todos documentation and screenshots to include new functionality. Updates documentation for todos, includes updated and new screenshots. See also !4502 and #18906 Closes #18923 [ci skip] See merge request !4840
-
Robert Speicher authored
Handle external issues in IssueReferenceFilter Handling of external issues was broken when I refactored `IssueReferenceFilter` to use fewer SQL queries. Fixes #18827 See merge request !4789
-
Stan Hu authored
Fix bug in `WikiLinkFilter`. Closes #18819 - [ ] #18819 Wiki link filter exception - [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/6d169d36cabda783116bcb8e2e6f73254566a670/builds) passes - [ ] Wait for merge - [ ] Pick into 8.9 See merge request !4775
-
Robert Speicher authored
Fix subsequent SAML sign ins Fixes a bug when `auto_link_ldap_user` is `true` that causes SAML users to be unable to sign in a second time. Fix the problem for https://gitlab.zendesk.com/agent/tickets/22546 See merge request !4718
-
Jacob Schatz authored
Fixes header vertical centering. Fixes header centering. ![ss__2016-05-16_at_5.26.30_PM](/uploads/300b64afc6585023f0e0dbbf721c359a/ss__2016-05-16_at_5.26.30_PM.png) cc @dzaporozhets See merge request !4170
-
- 22 Jun, 2016 9 commits
-
-
Achilleas Pipinellis authored
Expand on Award Emoji documentation, update/add screenshots. Adds documentation for award emoji now that comments can be awarded with emojis. See also !4291 and #18906 Closes #9091 cc: @virtuacreative @axil See merge request !4839 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Fix Network graph links. ## What does this MR do? Fixes the Network graph links so they no longer link to `/master#{escape_javascript(@commit_url)}` ## Are there points in the code the reviewer needs to double check? Don't think so. ## Why was this MR needed? Single quotes don't evaluate Ruby expressions. ## What are the relevant issue numbers? Fixes #18894. cc: @jschatz1 See merge request !4832 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Achilleas Pipinellis authored
Clarify artifact expiry ## What does this MR do? Clarifies documentation about artifact expiry. ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? ## What are the relevant issue numbers? ## Screenshots (if relevant) See merge request !4831 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Marin Jankovski authored
Add documentation and examples for configuring cloud storage for registry images. ## What does this MR do? Adds documentation and examples for configuring cloud storage for registry images. Waits for backend config to get merged in: https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/816 ## What are the relevant issue numbers? https://gitlab.com/gitlab-org/omnibus-gitlab/issues/1320 ## Does this MR meet the acceptance criteria? - [ ] ~~[CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added~~ - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] ~~API support added~~ - [ ] Tests - [ ] ~~Added for this feature/bug~~ - [x] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) cc\ @marin See merge request !4812 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Display group/project access requesters separately in admin ## What does this MR do? It displays the access requesters in a separate list in group & project members pages. It also harmonize the members counter UI to use `%span.badge` everywhere (in the admin & non-admin members views). ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? To not confuse access requesters with actual members. ## What are the relevant issue numbers? Closes #18871. ## Screenshots ### Group members | Before | After | | --------- | ---- | | ![group-members-before](/uploads/2f15137e073fd3a63bc2cb7b2217cb6c/group-members-before.png) | ![group-members-after](/uploads/5b643974505cfa57783fa0320d3bf8b2/group-members-after.png) | ### Project members | Before | After | | --------- | ---- | | ![project-members-before](/uploads/9c48dcd3736e42de84061b1201ee0b06/project-members-before.png) | ![project-members-after](/uploads/8e04c92ef0bba3de7e2405618632b27d/project-members-after.png) | ### Admin group members | Before | After | | --------- | ---- | | ![admin-group-members-before](/uploads/7fda8c2c94b697bea6655ba892ba45e7/admin-group-members-before.png) | ![admin-group-members-after](/uploads/ea25717001794f75939c679b80308c3a/admin-group-members-after.png) | ### Admin project members | Before | After | | --------- | ---- | | ![admin-project-members-before](/uploads/ba9d3ec52adbda6bb3d45ad9ac5243d3/admin-project-members-before.png) | ![admin-project-members-after](/uploads/3b889a029a9756e9ed2781b45c4dd9cb/admin-project-members-after.png) | ## Does this MR meet the acceptance criteria? - [x] No CHANGELOG since this is related to the original "request access" MR. - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4798 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Resolve "Destroying a project causes post_decline_request to be executed" ## What does this MR do? Ensure we don't send "access request declined" to access requesters when a project is deleted. ## Are there points in the code the reviewer needs to double check? I've created a service to decouple the notification sending from the AR model. ## Why was this MR needed? Because there was an issue. ## What are the relevant issue numbers? Fixes #18755, #18750. ## Does this MR meet the acceptance criteria? - [x] No CHANGELOG needed. - [x] Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4744 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Achilleas Pipinellis authored
Add some docs for Docker Registry configuration - Relatively important for anyone installing from source There have been a few issues created because of the lack of documentation for how to configure Docker Registry when installing from source, specifically what the `realm` needs to be and the `service` These 2 bits of info will stop a lot of headaches
👍 Issues: https://gitlab.com/gitlab-org/gitlab-ce/issues/17957 https://gitlab.com/gitlab-org/gitlab-ce/issues/17991 See merge request !4738 Signed-off-by: Rémy Coutable <remy@rymai.me> -
Achilleas Pipinellis authored
import/export docs Added documentation for and closes https://gitlab.com/gitlab-org/gitlab-ce/issues/3050 Also added a couple of rake tasks that might be useful. See merge request !4732 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Achilleas Pipinellis authored
Document `GIT_STRATEGY` and `GIT_DEPTH` ## What does this MR do? Documents `GIT_STRATEGY` and `GIT_DEPTH`. Also fixes the TOC since the anchors weren't working. ## Are there points in the code the reviewer needs to double check? The TOC and the location of the new entries. ## Why was this MR needed? ## What are the relevant issue numbers? https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/merge_requests/188 ## Screenshots (if relevant) ![image](/uploads/eccfd60199d81e6588c13aab817f0eb5/image.png) ![image](/uploads/bbbffe61db64ef17f1fa52907275f3d4/image.png) /cc @axil @ayufan See merge request !4720 Signed-off-by: Rémy Coutable <remy@rymai.me>
-