- 18 Aug, 2016 40 commits
-
-
Robert Speicher authored
2FA checks for API workflows ## What does this MR do? It adds a check to the API `/session` endpoint that will deny authentication requests to users that have 2FA enabled. In the error message it will instruct them to use a Personal Access Token instead. It adds a check to the `/oauth/token` endpoint, when `grant_type: 'password'` is used, so that no OAuth2 access token can be generated if the user has 2FA enabled. This endpoint should not be used by OAuth applications, anyway. OAuth apps should follow the flow of redirecting the user to GitLab, where 2FA access restrictions apply and logging them in there. Once successfully authenticated, the OAuth token is passed to the client. ## Why was this MR needed? No 2FA check on API endpoints. ## What are the relevant issue numbers? Fixes #2979 See merge request !5820
-
Robert Speicher authored
Update Hamlit to 2.6.1 Fixes gitlab-org/gitlab-ce#21025 and gitlab-org/gitlab-ce#21017 See merge request !5873
-
Patricio Cano authored
-
Patricio Cano authored
-
Patricio Cano authored
-
Patricio Cano authored
Added checks for 2FA to the API `/sessions` endpoint and the Resource Owner Password Credentials flow.
-
Robert Speicher authored
Support slash commands in issues / MR description & comments See merge request !5021
-
Jacob Schatz authored
Merge branch '3225-ace-editor-causing-404-errors-every-time-you-try-to-edit-a-file-in-the-webui' into 'master' Fix Ace syntax highlighting with compiled assets ## What does this MR do? Update ACE to 4.1.0 to allow modes (syntax highlighting files for particular languages) to be lazily loaded. ## Are there points in the code the reviewer needs to double check? Don't think so. ## Why was this MR needed? Syntax highlighting in the file editor only worked in development and test modes, not in production! ## What are the relevant issue numbers? Closes #3225. ## Screenshots (if relevant) First, the test setup - add these lines to `development.rb`: ```ruby config.assets.debug = false config.assets.compile = false config.assets.digest = true ``` Then, before starting the server, run `bundle exec rake assets:clobber assets:precompile`. Before: ![image](/uploads/486198e273019f8969d2e90560d82928/image.png) There is an error in the console because `/assets/ace/mode-ruby.js` was not found (it's only available when assets are compiled on demand). After: ![image](/uploads/6aa0d69b7efdfd6fe6aa22b9a49e9716/image.png) This loads `/assets/ace/mode-ruby-3915f95a6cc47306b1305e4dcb7aca25b2ef9c49b18ec6011707135b6575d8f3.js`, which works because the precompile step included it and told ACE where to find it. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - ~~API support added~~ - Tests - ~~Added for this feature/bug~~ - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5501
-
Jacob Schatz authored
Abuse Reports message truncation ## What does this MR do? Adds dynamic message truncation to abuse reports ## Are there points in the code the reviewer needs to double check? Is the new UI OK? ## Why was this MR needed? Admin UX ## What are the relevant issue numbers? Closes #13664. ## Screenshots (if relevant) **UPDATED:** ![Screen_Shot_2016-07-07_at_03.02.43](/uploads/2e1a1122e0194f8ffa48054c18523ccd/Screen_Shot_2016-07-07_at_03.02.43.png) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) Closes #13664 See merge request !5032
-
Jacob Schatz authored
Truncated long user lists in award emoji tooltips ## What does this MR do? Truncates award emoji tooltips so that they only show 10 users maximum. Further users are indicated by appending "and X more." ## Are there points in the code the reviewer needs to double check? Is 10 too little, should it be raised? My test cases rely on join() to build the expected output. This feels a little iffy is it alright? ## Why was this MR needed? Some issues have a large number of thumbs causing tooltips to be very large. ## What are the relevant issue numbers? closes #18334, closes #19542 ## Screenshots (if relevant) ##### Before ![Screenshot_from_2016-06-20_19-49-12](/uploads/d7a14dd87bb3da2acd7c0818de99852b/Screenshot_from_2016-06-20_19-49-12.png) ##### After ![Screenshot_from_2016-06-20_19-50-58](/uploads/f7f05c44594bfe8cec7dfd48802753a6/Screenshot_from_2016-06-20_19-50-58.png) Truncation point modified for purposes of screenshot ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - [x] Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4780
-
Robert Speicher authored
Deployment and Play endpoints See merge request !5825
-
Douwe Maan authored
-
Douwe Maan authored
-
Douwe Maan authored
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
-
Douwe Maan authored
Attempted improvement to stop boards spec failing See merge request !5869
-
Robert Speicher authored
Allow naming (and deleting) U2F devices. ## What does this MR do? - Allow giving each U2F device a name (at the time of registration). - Allow deleting individual U2F devices. - Display a list of registered U2F devices. ## What are the relevant issue numbers? - Closes #17334 - Closes #17335 See merge request !5833
-
Robert Speicher authored
Fixes gitlab-org/gitlab-ce#21025 and gitlab-org/gitlab-ce#21017
-
Douwe Maan authored
edit_blob_link can receive the blob to avoid access to the repository ## What does this MR do? Avoid access to the repository to get the blob when can be passed on context ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? #20454 to try to speed up the diff pages ## What are the relevant issue numbers? Relates #20454 probably we want and UI solution not just a backend solution ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - ~~[ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~ - ~~[ ] API support added~~ - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5850
-
Douwe Maan authored
Add endpoints for pipelines - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5837
-
Douwe Maan authored
Add merge conflict resolution to CHANGELOG
😊 See merge request !5863 -
Douwe Maan authored
Fix email line-height in Outlook On Outlook.com: ![image](/uploads/4bfa8daacce39a640428dff6eec0c098/image.png) Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19060. See merge request !5843
-
Rubén Dávila Santos authored
Fix broken feature spec. This older spec was failing: features/project/issues/issues.feature Looks like before we were doing an exact match for queries, that's why it was passing with this existing issue: https://gitlab.com/gitlab-org/gitlab-ce/blob/59fa031e6f7d5a1b658c370f581c4caaf4493150/features/project/issues/issues.feature#L128 Failed build: https://gitlab.com/gitlab-org/gitlab-ce/builds/3178231 See merge request !5857
-
Sid Sijbrandij authored
Remove undefined word Corporation from CCLA ## What does this MR do? Removes the (undefined) word "Corporation" from the CCLA, per advice from legal counsel. ## Why was this MR needed? The word Corporation was undefined, while the word "You" already included "legal entities". ## What are the relevant issue numbers? - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3685 - https://gitlab.com/gitlab-org/gitlab-ce/issues/15156 \cc @pmachle See merge request !5835
-
Yorick Peterse authored
Simplify SQL queries of marking a todo as done See merge request !5832
-
Timothy Andrew authored
1. Remove an unnecessary (since we're fetching all the records anyway) `pluck` while fetching U2F registration records. 2. Align "Your device was successfully set up!" section with the "U2F Devices" table below.
-
Timothy Andrew authored
-
Timothy Andrew authored
-
Timothy Andrew authored
1. Display a list of U2F devices on the `two_factor_auth` page. 2. Allow deleting individual U2F devices. 3. Allow setting a (optional) name for a device (during registration).
-
Phil Hughes authored
-
Rubén Dávila Santos authored
Update changelog ## What does this MR do? Updates Changelog: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5485#note_14008742 See merge request !5854
-
Ahmad Sherif authored
-
Ahmad Sherif authored
Follow-up on 52b0c26
-
Ahmad Sherif authored
-
Yorick Peterse authored
Update gitlab_git gem to 10.4.7 See merge request !5851
-