Commits · ab14e1a86f0b1ab8f29b958d1666f001f4703d6b · nexedi / gitlab-ce

22 Oct, 2019 1 commit

Do not index system notes for issue update · ab14e1a8

Dylan Griffith authored Oct 10, 2019

Since `system` notes have different permissions to normal notes on
issues we do not want to include them in the ElasticSearch index. The
reason being that the authorization logic we have in place for searching
for notes is only accounting for the non-system notes.

We have been under the impression that `system` notes have not been
getting indexed already because we were filtering them out in 2
different places already:

1. When new notes are created
https://gitlab.com/gitlab-org/gitlab/blob/2b607f0916c880a6c947ebfe4f4ee32f43fba551/ee/app/models/concerns/elastic/application_versioned_search.rb#L37
2. When indexing a whole project https://gitlab.com/gitlab-org/gitlab/blob/2b607f0916c880a6c947ebfe4f4ee32f43fba551/ee/app/models/concerns/elastic/projects_search.rb#L29

But there is a 3rd way in which notes get updated in the index which was
added in
https://gitlab.com/gitlab-org/gitlab/commit/db6a45ec17b2d165e85979dd7357e967d4346faa
. This is triggered when some auth related settings of an Issue are
updated as this changes who will be able to read notes in the issue so
it is updating all the notes for that issue. This third piece of logic
was now inserting all the system notes and should have been skipping
them like all other places where notes are added.

Also ignore Rubocop since this was like this before and we're fixing a
security vulnerability.

ab14e1a8

08 Oct, 2019 39 commits
- Merge branch '12764-refactor-checksum-code' into 'master' · f6e5b2da
  Michael Kozono authored Oct 08, 2019
```
Refactor checksum code on uploads

Closes #12764

See merge request gitlab-org/gitlab!18065
```
  f6e5b2da
- Create Checksummable concern · 6da944d3
  Brian Kabiro authored Oct 08, 2019
```
- create the checksummable concern file
```
  6da944d3
- Merge branch 'sh-use-template-project-id-backend' into 'master' · 5c6b1b47
  Thong Kuah authored Oct 08, 2019
```
Add backend support for selecting custom templates by ID

See merge request gitlab-org/gitlab!18178
```
  5c6b1b47
- Merge branch 'tests-configurable-issue-board' into 'master' · e526ee6e
  Dan Davison authored Oct 08, 2019
```
Add test for configurable issue board

See merge request gitlab-org/gitlab!18228
```
  e526ee6e
- Add test for configurable issue board · 4ec32ad0
  Walmyr Lima e Silva Filho authored Oct 08, 2019
  
  4ec32ad0
- Merge branch '31427-flaky-spec-finders-members_finder_spec-rb-85' into 'master' · bb18b759
  Nick Thomas authored Oct 08, 2019
```
Resolve "Flaky spec/finders/members_finder_spec.rb:85"

Closes #31427

See merge request gitlab-org/gitlab!18257
```
  bb18b759
- Resolve "Flaky spec/finders/members_finder_spec.rb:85" · 61986ceb
  🙈 jacopo beschi 🙉 authored Oct 08, 2019
  
  61986ceb
- Merge branch '13052-create-design_registry-step2' into 'master' · e96d6f7f
  Michael Kozono authored Oct 08, 2019
```
Geo: Handle race condition on design update

Closes #13052

See merge request gitlab-org/gitlab!17814
```
  e96d6f7f
- Merge branch '32899-handle-race-condition-for-container-registry-sync' into 'master' · c4ae73ab
  Michael Kozono authored Oct 08, 2019
```
Geo: Handle race condition for container synchronization

Closes #32899

See merge request gitlab-org/gitlab!17823
```
  c4ae73ab
- Merge branch 'com-code-revert' into 'master' · f6eb5bf6
  Rémy Coutable authored Oct 08, 2019
```
Revert com code segregation

See merge request gitlab-org/gitlab!18212
```
  f6eb5bf6
- Revert "Merge branch 'default-gitlab-hosts' into 'master'" · 990f2779
  Aishwarya Subramanian authored Oct 08, 2019
```
This reverts commit 9ff8b86e, reversing
changes made to 2c163449.
```
  990f2779
- Merge branch 'mw-productivity-analytics-utils-transform-scatter-data' into 'master' · a674a8a0
  Filipa Lacerda authored Oct 08, 2019
```
Productivity Analytics: Add transformScatterData utility method

See merge request gitlab-org/gitlab!18249
```
  a674a8a0
- Add transformScatterData utility method · 389791f8
  Martin Wortschack authored Oct 08, 2019
```
Transforms the raw scatter data into
a two-dimensional array
```
  389791f8
- Merge branch 'jc-remove-list-directories' into 'master' · b385dc26
  Jan Provaznik authored Oct 08, 2019
```
Remove list_directoriers

See merge request gitlab-org/gitlab!18224
```
  b385dc26
- Merge branch 'jej/respect-sso-enforcement-on-projects-for-owners' into 'master' · d7743902
  Jan Provaznik authored Oct 08, 2019
```
Respect Group SSO Enforcement on projects where the user is an owner

Closes #33302

See merge request gitlab-org/gitlab!18154
```
  d7743902
- Merge branch 'mw-productivity-analytics-default-timeframe' into 'master' · c63d0262
  Clement Ho authored Oct 08, 2019
```
Productivity Analytics: Change default timeframe to 30 days

See merge request gitlab-org/gitlab!18215
```
  c63d0262
- Change default timeframe from 90 to 30 days · 584c5301
  Martin Wortschack authored Oct 08, 2019
```
- Fetches data for the last 30 days
```
  584c5301
- Merge branch 'allow-schedule-package-and-qa-to-fail' into 'master' · 016934ed
  Rémy Coutable authored Oct 08, 2019
```
Allow the 'schedule:package-and-qa' job to fail for now

See merge request gitlab-org/gitlab!18270
```
  016934ed
- Allow the 'schedule:package-and-qa' job to fail for now · 4bc0c934
  Rémy Coutable authored Oct 08, 2019
```
Signed-off-by: Rémy Coutable <remy@rymai.me>
```
  4bc0c934
- Merge branch 'mw-productivity-analytics-trendline-style' into 'master' · c825bc93
  Kushal Pandya authored Oct 08, 2019
```
Productivity Analytics: Tweak style for scatterplot trendline

See merge request gitlab-org/gitlab!18247
```
  c825bc93
- Tweak style for scatterplot trendline · 48ab3045
  Martin Wortschack authored Oct 08, 2019
```
Use different color for the trendline and bring to front
```
  48ab3045
- Add backend support for selecting custom templates by ID · f7952cf7
  Stan Hu authored Oct 06, 2019
```
This is the first step to fixing
https://gitlab.com/gitlab-org/gitlab/issues/9146 and adds the backend
support in https://gitlab.com/gitlab-org/gitlab/merge_requests/17205.

The backend support is added first to avoid no-downtime issues with
creating new projects.
```
  f7952cf7
- Merge branch '33216-fix-ecdsa-key-validator' into 'master' · 309457b7
  Lin Jen-Shin authored Oct 08, 2019
```
Change ECDSA key validator to check the asn1 flag instead

Closes #33216

See merge request gitlab-org/gitlab!18017
```
  309457b7
- Geo: Handle race condition on design update · 428fbf6e
  Valery Sizov authored Sep 27, 2019
```
Using optimistic locking when finishing design sync
```
  428fbf6e
- Merge branch 'bvl-internal-api-docs' into 'master' · ca1b4b17
  Nick Thomas authored Oct 08, 2019
```
[Docs] Start documenting our internal API

See merge request gitlab-org/gitlab!18089
```
  ca1b4b17
- Merge branch '17597-extract-issuables-system-note-service-pd' into 'master' · d83fea35
  Sean McGivern authored Oct 08, 2019
```
Extract Issuables System Note Service

Closes #17597

See merge request gitlab-org/gitlab!17818
```
  d83fea35
- Start documenting our internal API · 192974c9
  Bob Van Landuyt authored Oct 03, 2019
```
This is an attempt to get a grasp on what we're doing in our internal
API calls. Next steps would be removing dead code and perhaps
splitting up complicated calls.
```
  192974c9
- Change validator to check the asn1 flag instead · fc34335a
  Heinrich Lee Yu authored Oct 02, 2019
```
Fixes the validation with OpenSSL 1.1
```
  fc34335a
- Merge branch 'sh-fix-503-argument-errors' into 'master' · 4055c2fe
  Nick Thomas authored Oct 08, 2019
```
Properly handle 503 errors in info/refs endpoint

Closes #32925

See merge request gitlab-org/gitlab!18177
```
  4055c2fe
- Merge branch 'eb-custom-max-artifacts-size' into 'master' · 418ad84e
  Sean McGivern authored Oct 08, 2019
```
Update artifact size authorization

See merge request gitlab-org/gitlab!17769
```
  418ad84e
- Merge branch 'frozen-string-enable-spec-views' into 'master' · 3079aa62
  Jan Provaznik authored Oct 08, 2019
```
Enable frozen string for spec/views

See merge request gitlab-org/gitlab!18171
```
  3079aa62
- Enable frozen string for spec/views · 8c299992
  gfyoung authored Oct 08, 2019
```
Partially addresses:

https://gitlab.com/gitlab-org/gitlab/issues/27703
```
  8c299992
- Merge branch 'add-eng-prod-codeowners' into 'master' · fc655f32
  Lin Jen-Shin authored Oct 08, 2019
```
Add Engineering Productivity code owners

See merge request gitlab-org/gitlab!17959
```
  fc655f32
- Merge branch 'fix-prometheus-alert-worker-spec' into 'master' · b9c1f592
  Rémy Coutable authored Oct 08, 2019
```
Fix Prometheus Alert Worker spec

Closes #33605

See merge request gitlab-org/gitlab!18243
```
  b9c1f592
- Fix Prometheus Alert Worker spec · 1e62a07f
  Sean Arnold authored Oct 08, 2019
  
  1e62a07f
- Merge branch 'design-list-of-alert-summary' into 'master' · 3a99cda1
  Grzegorz Bizon authored Oct 08, 2019
```
Change Prometheus Alert issue details list from bulleted to description list

See merge request gitlab-org/gitlab!18116
```
  3a99cda1
- Geo: Handle race condition on containers syncs · cdfb06dc
  Valery Sizov authored Sep 27, 2019
```
Using optimistic locking when finishing container sync
```
  cdfb06dc
- Merge branch 'docs-exists-rule' into 'master' · 3e23689a
  Evan Read authored Oct 08, 2019
```
Add version information to CI exists rule

See merge request gitlab-org/gitlab!18251
```
  3e23689a
- Add version information to CI exists rule · be63a7f0
  Marcel Amirault authored Oct 08, 2019
  
  be63a7f0