Commit 70a08ace authored by karen Carias's avatar karen Carias

fixed conflict

parents 53d40b8a 9b6f1c59
Please view this file on the master branch, on stable branches it's out of date. Please view this file on the master branch, on stable branches it's out of date.
v 7.13.0 (unreleased) v 7.13.0 (unreleased)
- Only enable HSTS header for HTTPS and port 443 (Stan Hu)
- Fix user autocomplete for unauthenticated users accessing public projects (Stan Hu)
- Fix redirection to home page URL for unauthorized users (Daniel Gerhardt) - Fix redirection to home page URL for unauthorized users (Daniel Gerhardt)
- Add branch switching support for graphs (Daniel Gerhardt) - Add branch switching support for graphs (Daniel Gerhardt)
- Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt) - Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt)
- Remove link leading to a 404 error in Deploy Keys page (Stan Hu) - Remove link leading to a 404 error in Deploy Keys page (Stan Hu)
- Add support for unlocking users in admin settings (Stan Hu) - Add support for unlocking users in admin settings (Stan Hu)
- Add Irker service configuration options (Stan Hu) - Add Irker service configuration options (Stan Hu)
- Fix order of issues imported form GitHub (Hiroyuki Sato) - Fix order of issues imported from GitHub (Hiroyuki Sato)
- Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart) - Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart)
- Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI - Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI
- Add `two_factor_enabled` field to admin user API (Stan Hu) - Add `two_factor_enabled` field to admin user API (Stan Hu)
- Fix invalid timestamps in RSS feeds (Rowan Wookey) - Fix invalid timestamps in RSS feeds (Rowan Wookey)
- Fix error when deleting a user who has projects (Stan Hu)
- Fix downloading of patches on public merge requests when user logged out (Stan Hu) - Fix downloading of patches on public merge requests when user logged out (Stan Hu)
- The password for the default administrator (root) account has been changed from "5iveL!fe" to "password".
- Fix Error 500 when relative submodule resolves to a namespace that has a different name from its path (Stan Hu) - Fix Error 500 when relative submodule resolves to a namespace that has a different name from its path (Stan Hu)
- Extract the longest-matching ref from a commit path when multiple matches occur (Stan Hu) - Extract the longest-matching ref from a commit path when multiple matches occur (Stan Hu)
- Update maintenance documentation to explain no need to recompile asssets for omnibus installations (Stan Hu) - Update maintenance documentation to explain no need to recompile asssets for omnibus installations (Stan Hu)
...@@ -41,11 +41,17 @@ v 7.13.0 (unreleased) ...@@ -41,11 +41,17 @@ v 7.13.0 (unreleased)
- Allow users to be blocked and unblocked via the API - Allow users to be blocked and unblocked via the API
- Use native Postgres database cleaning during backup restore - Use native Postgres database cleaning during backup restore
- Redesign project page. Show README as default instead of activity. Move project activity to separate page - Redesign project page. Show README as default instead of activity. Move project activity to separate page
- Make left menu more hierarchical and less contextual by adding back item at top
- A fork can’t have a visibility level that is greater than the original project.
- Faster code search in repository and wiki. Fixes search page timeout for big repositories
- Allow administrators to disable 2FA for a specific user
- Add error message for SSH key linebreaks
v 7.12.2 v 7.12.2
- Correctly show anonymous authorized applications under Profile > Applications. - Correctly show anonymous authorized applications under Profile > Applications.
- Faster automerge check and merge itself when source and target branches are in same repository - Faster automerge check and merge itself when source and target branches are in same repository
- Audit log for user authentication - Audit log for user authentication
- Fix transferring of project to another group using the API.
v 7.12.1 v 7.12.1
- Fix error when deleting a user who has projects (Stan Hu) - Fix error when deleting a user who has projects (Stan Hu)
......
...@@ -231,19 +231,13 @@ group :development, :test do ...@@ -231,19 +231,13 @@ group :development, :test do
gem 'fuubar', '~> 2.0.0' gem 'fuubar', '~> 2.0.0'
gem 'pry-rails' gem 'pry-rails'
gem 'coveralls', require: false gem 'coveralls', '~> 0.8.2', require: false
gem 'database_cleaner', '~> 1.4.0' gem 'database_cleaner', '~> 1.4.0'
gem 'factory_girl_rails' gem 'factory_girl_rails'
gem 'rspec-rails', '~> 3.3.0' gem 'rspec-rails', '~> 3.3.0'
gem 'rubocop', '0.28.0', require: false gem 'rubocop', '0.28.0', require: false
gem 'spinach-rails' gem 'spinach-rails'
# rest-client is a coveralls dependency and not used directly in GitLab, but
# we specify a version here to pick up some security fixes.
# See https://github.com/rest-client/rest-client/issues/369
# and http://www.osvdb.org/show/osvdb/117461
gem 'rest-client', '~> 1.8.0'
# Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
gem 'minitest', '~> 5.3.0' gem 'minitest', '~> 5.3.0'
......
...@@ -703,7 +703,7 @@ GEM ...@@ -703,7 +703,7 @@ GEM
underscore-rails (1.4.4) underscore-rails (1.4.4)
unf (0.1.4) unf (0.1.4)
unf_ext unf_ext
unf_ext (0.0.6) unf_ext (0.0.7.1)
unicorn (4.6.3) unicorn (4.6.3)
kgio (~> 2.6) kgio (~> 2.6)
rack rack
...@@ -759,7 +759,7 @@ DEPENDENCIES ...@@ -759,7 +759,7 @@ DEPENDENCIES
charlock_holmes charlock_holmes
coffee-rails coffee-rails
colored colored
coveralls coveralls (~> 0.8.2)
creole (~> 0.3.6) creole (~> 0.3.6)
d3_rails (~> 3.5.5) d3_rails (~> 3.5.5)
database_cleaner (~> 1.4.0) database_cleaner (~> 1.4.0)
...@@ -833,7 +833,6 @@ DEPENDENCIES ...@@ -833,7 +833,6 @@ DEPENDENCIES
redis-rails redis-rails
request_store request_store
rerun (~> 0.10.0) rerun (~> 0.10.0)
rest-client (~> 1.8.0)
rqrcode-rails3 rqrcode-rails3
rspec-rails (~> 3.3.0) rspec-rails (~> 3.3.0)
rubocop (= 0.28.0) rubocop (= 0.28.0)
......
...@@ -25,7 +25,7 @@ To use EE and get official support please [become a subscriber](https://about.gi ...@@ -25,7 +25,7 @@ To use EE and get official support please [become a subscriber](https://about.gi
## Code status ## Code status
- [![build status](https://ci.gitlab.org/projects/1/status.png?ref=master)](https://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch) - [![build status](https://ci.gitlab.com/projects/1/status.png?ref=master)](https://ci.gitlab.com/projects/1?ref=master) on ci.gitlab.com (master branch)
- [![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq) - [![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq)
...@@ -62,7 +62,7 @@ The recommended way to install GitLab is using the provided [Omnibus packages](h ...@@ -62,7 +62,7 @@ The recommended way to install GitLab is using the provided [Omnibus packages](h
There are various other options to install GitLab, please refer to the [installation page on the GitLab website](https://about.gitlab.com/installation/) for more information. There are various other options to install GitLab, please refer to the [installation page on the GitLab website](https://about.gitlab.com/installation/) for more information.
You can access a new installation with the login **`root`** and password **`password`**, after login you are required to set a unique password. You can access a new installation with the login **`root`** and password **`5iveL!fe`**, after login you are required to set a unique password.
## Third-party applications ## Third-party applications
......
...@@ -40,6 +40,7 @@ ...@@ -40,6 +40,7 @@
#= require shortcuts_issuable #= require shortcuts_issuable
#= require shortcuts_network #= require shortcuts_network
#= require cal-heatmap #= require cal-heatmap
#= require jquery.nicescroll.min
#= require_tree . #= require_tree .
window.slugify = (text) -> window.slugify = (text) ->
...@@ -104,6 +105,8 @@ if location.hash ...@@ -104,6 +105,8 @@ if location.hash
window.addEventListener "hashchange", shiftWindow window.addEventListener "hashchange", shiftWindow
$ -> $ ->
$(".nicescroll").niceScroll(cursoropacitymax: '0.4', cursorcolor: '#FFF', cursorborder: "1px solid #FFF")
# Click a .js-select-on-focus field, select the contents # Click a .js-select-on-focus field, select the contents
$(".js-select-on-focus").on "focusin", -> $(".js-select-on-focus").on "focusin", ->
# Prevent a mouseup event from deselecting the input # Prevent a mouseup event from deselecting the input
......
...@@ -63,7 +63,6 @@ class Dispatcher ...@@ -63,7 +63,6 @@ class Dispatcher
when 'projects:commits:show' when 'projects:commits:show'
shortcut_handler = new ShortcutsNavigation() shortcut_handler = new ShortcutsNavigation()
when 'projects:activity' when 'projects:activity'
new Activities()
shortcut_handler = new ShortcutsNavigation() shortcut_handler = new ShortcutsNavigation()
when 'projects:show' when 'projects:show'
shortcut_handler = new ShortcutsNavigation() shortcut_handler = new ShortcutsNavigation()
......
...@@ -25,10 +25,10 @@ class @DropzoneInput ...@@ -25,10 +25,10 @@ class @DropzoneInput
form_dropzone = $(form).find('.div-dropzone') form_dropzone = $(form).find('.div-dropzone')
form_dropzone.parent().addClass "div-dropzone-wrapper" form_dropzone.parent().addClass "div-dropzone-wrapper"
form_dropzone.append divHover form_dropzone.append divHover
$(".div-dropzone-hover").append iconPaperclip form_dropzone.find(".div-dropzone-hover").append iconPaperclip
form_dropzone.append divSpinner form_dropzone.append divSpinner
$(".div-dropzone-spinner").append iconSpinner form_dropzone.find(".div-dropzone-spinner").append iconSpinner
$(".div-dropzone-spinner").css form_dropzone.find(".div-dropzone-spinner").css
"opacity": 0 "opacity": 0
"display": "none" "display": "none"
......
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
@loading.show() @loading.show()
$.ajax $.ajax
type: "GET" type: "GET"
url: location.href url: $(".content_list").data('href') || location.href
data: "limit=" + @limit + "&offset=" + @offset data: "limit=" + @limit + "&offset=" + @offset
complete: => complete: =>
@loading.hide() @loading.hide()
......
...@@ -109,7 +109,7 @@ ...@@ -109,7 +109,7 @@
font-size: 1.2em; font-size: 1.2em;
} }
blockquote p { blockquote {
color: #888; color: #888;
font-size: 15px; font-size: 15px;
line-height: 1.5; line-height: 1.5;
......
...@@ -2,6 +2,9 @@ ...@@ -2,6 +2,9 @@
.sidebar-wrapper { .sidebar-wrapper {
position: fixed; position: fixed;
top: 0; top: 0;
bottom: 0;
overflow-y: auto;
overflow-x: hidden;
left: 0; left: 0;
height: 100%; height: 100%;
transition-duration: .3s; transition-duration: .3s;
...@@ -21,8 +24,9 @@ ...@@ -21,8 +24,9 @@
} }
.nav-sidebar { .nav-sidebar {
margin-top: 29 + $header-height;
margin-bottom: 50px;
transition-duration: .3s; transition-duration: .3s;
margin: 0;
list-style: none; list-style: none;
overflow: hidden; overflow: hidden;
...@@ -39,12 +43,12 @@ ...@@ -39,12 +43,12 @@
} }
a { a {
padding: 8px 15px;
font-size: 13px;
line-height: 18px;
color: $gray; color: $gray;
display: block; display: block;
text-decoration: none; text-decoration: none;
padding: 8px 15px;
font-size: 14px;
line-height: 20px;
padding-left: 16px; padding-left: 16px;
&:hover { &:hover {
...@@ -88,14 +92,17 @@ ...@@ -88,14 +92,17 @@
width: $sidebar_width; width: $sidebar_width;
.nav-sidebar { .nav-sidebar {
margin-top: 29px;
position: fixed;
top: $header-height;
width: $sidebar_width; width: $sidebar_width;
} }
.nav-sidebar li a{ .nav-sidebar li a{
width: 230px; width: 230px;
&.back-link {
i {
visibility: hidden;
}
}
} }
} }
} }
...@@ -108,15 +115,9 @@ ...@@ -108,15 +115,9 @@
width: $sidebar_collapsed_width; width: $sidebar_collapsed_width;
.nav-sidebar { .nav-sidebar {
margin-top: 29px;
position: fixed;
top: $header-height;
width: $sidebar_collapsed_width; width: $sidebar_collapsed_width;
li a { li a {
font-size: 14px;
padding: 8px 15px;
text-align: left;
padding-left: 16px; padding-left: 16px;
} }
} }
...@@ -175,7 +176,7 @@ ...@@ -175,7 +176,7 @@
} }
.sidebar-user { .sidebar-user {
position: absolute; position: fixed;
bottom: 0; bottom: 0;
width: $sidebar_width; width: $sidebar_width;
padding: 10px; padding: 10px;
......
...@@ -72,13 +72,28 @@ ul.notes { ...@@ -72,13 +72,28 @@ ul.notes {
.note { .note {
display: block; display: block;
position:relative; position:relative;
.note-body { .note-body {
overflow: auto; overflow: auto;
.note-text { .note-text {
overflow: auto; overflow: auto;
word-wrap: break-word; word-wrap: break-word;
@include md-typography; @include md-typography;
// Reset ul style types since we're nested inside a ul already
& > ul {
list-style-type: disc;
ul {
list-style-type: circle;
ul {
list-style-type: square;
}
}
}
// Reduce left padding of first task list ul element // Reduce left padding of first task list ul element
ul.task-list:first-child { ul.task-list:first-child {
padding-left: 10px; padding-left: 10px;
...@@ -94,6 +109,7 @@ ul.notes { ...@@ -94,6 +109,7 @@ ul.notes {
} }
} }
} }
.note-header { .note-header {
padding-bottom: 3px; padding-bottom: 3px;
} }
......
...@@ -35,9 +35,9 @@ ...@@ -35,9 +35,9 @@
.sidebar-wrapper { .sidebar-wrapper {
background: $color-darker; background: $color-darker;
border-right: 1px solid $color-darker;
.sidebar-user { .sidebar-user {
background: $color-darker;
color: $color-light; color: $color-light;
&:hover { &:hover {
......
...@@ -23,7 +23,8 @@ class Admin::ProjectsController < Admin::ApplicationController ...@@ -23,7 +23,8 @@ class Admin::ProjectsController < Admin::ApplicationController
end end
def transfer def transfer
::Projects::TransferService.new(@project, current_user, params.dup).execute namespace = Namespace.find_by(id: params[:new_namespace_id])
::Projects::TransferService.new(@project, current_user, params.dup).execute(namespace)
@project.reload @project.reload
redirect_to admin_namespace_project_path(@project.namespace, @project) redirect_to admin_namespace_project_path(@project.namespace, @project)
......
...@@ -55,6 +55,12 @@ class Admin::UsersController < Admin::ApplicationController ...@@ -55,6 +55,12 @@ class Admin::UsersController < Admin::ApplicationController
end end
end end
def disable_two_factor
user.disable_two_factor!
redirect_to admin_user_path(user),
notice: 'Two-factor Authentication has been disabled for this user'
end
def create def create
opts = { opts = {
force_random_password: true, force_random_password: true,
......
...@@ -183,7 +183,10 @@ class ApplicationController < ActionController::Base ...@@ -183,7 +183,10 @@ class ApplicationController < ActionController::Base
headers['X-XSS-Protection'] = '1; mode=block' headers['X-XSS-Protection'] = '1; mode=block'
headers['X-UA-Compatible'] = 'IE=edge' headers['X-UA-Compatible'] = 'IE=edge'
headers['X-Content-Type-Options'] = 'nosniff' headers['X-Content-Type-Options'] = 'nosniff'
headers['Strict-Transport-Security'] = 'max-age=31536000' if Gitlab.config.gitlab.https # Enabling HSTS for non-standard ports would send clients to the wrong port
if Gitlab.config.gitlab.https and Gitlab.config.gitlab.port == 443
headers['Strict-Transport-Security'] = 'max-age=31536000'
end
end end
def add_gon_variables def add_gon_variables
......
class AutocompleteController < ApplicationController class AutocompleteController < ApplicationController
skip_before_action :authenticate_user!, only: [:users]
def users def users
begin
@users = @users =
if params[:project_id].present? if params[:project_id].present?
project = Project.find(params[:project_id]) project = Project.find(params[:project_id])
...@@ -13,10 +16,20 @@ class AutocompleteController < ApplicationController ...@@ -13,10 +16,20 @@ class AutocompleteController < ApplicationController
if can?(current_user, :read_group, group) if can?(current_user, :read_group, group)
group.users group.users
end end
else elsif current_user
User.all User.all
end end
rescue ActiveRecord::RecordNotFound
if current_user
return render json: {}, status: 404
end
end
if @users.nil? && current_user.nil?
authenticate_user!
end
@users ||= User.none
@users = @users.search(params[:search]) if params[:search].present? @users = @users.search(params[:search]) if params[:search].present?
@users = @users.active @users = @users.active
@users = @users.page(params[:page]).per(PER_PAGE) @users = @users.page(params[:page]).per(PER_PAGE)
......
...@@ -32,6 +32,7 @@ class Profiles::PreferencesController < Profiles::ApplicationController ...@@ -32,6 +32,7 @@ class Profiles::PreferencesController < Profiles::ApplicationController
params.require(:user).permit( params.require(:user).permit(
:color_scheme_id, :color_scheme_id,
:dashboard, :dashboard,
:project_view,
:theme_id :theme_id
) )
end end
......
...@@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController ...@@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end end
def destroy def destroy
current_user.update_attributes({ current_user.disable_two_factor!
two_factor_enabled: false,
encrypted_otp_secret: nil,
encrypted_otp_secret_iv: nil,
encrypted_otp_secret_salt: nil,
otp_backup_codes: nil
})
redirect_to profile_account_path redirect_to profile_account_path
end end
......
...@@ -52,10 +52,11 @@ class ProjectsController < ApplicationController ...@@ -52,10 +52,11 @@ class ProjectsController < ApplicationController
end end
def transfer def transfer
transfer_params = params.permit(:new_namespace_id) namespace = Namespace.find_by(id: params[:new_namespace_id])
::Projects::TransferService.new(project, current_user, transfer_params).execute ::Projects::TransferService.new(project, current_user).execute(namespace)
if @project.errors[:namespace_id].present?
flash[:alert] = @project.errors[:namespace_id].first if @project.errors[:new_namespace].present?
flash[:alert] = @project.errors[:new_namespace].first
end end
end end
......
...@@ -28,7 +28,7 @@ module ApplicationSettingsHelper ...@@ -28,7 +28,7 @@ module ApplicationSettingsHelper
def restricted_level_checkboxes(help_block_id) def restricted_level_checkboxes(help_block_id)
Gitlab::VisibilityLevel.options.map do |name, level| Gitlab::VisibilityLevel.options.map do |name, level|
checked = restricted_visibility_levels(true).include?(level) checked = restricted_visibility_levels(true).include?(level)
css_class = 'btn btn-primary' css_class = 'btn'
css_class += ' active' if checked css_class += ' active' if checked
checkbox_name = 'application_setting[restricted_visibility_levels][]' checkbox_name = 'application_setting[restricted_visibility_levels][]'
......
...@@ -118,7 +118,7 @@ module GitlabMarkdownHelper ...@@ -118,7 +118,7 @@ module GitlabMarkdownHelper
# Returns a random markdown tip for use as a textarea placeholder # Returns a random markdown tip for use as a textarea placeholder
def random_markdown_tip def random_markdown_tip
"Tip: #{MARKDOWN_TIPS.sample}" MARKDOWN_TIPS.sample
end end
private private
......
...@@ -42,6 +42,13 @@ module PreferencesHelper ...@@ -42,6 +42,13 @@ module PreferencesHelper
end end
end end
def project_view_choices
[
['Readme (default)', :readme],
['Activity view', :activity]
]
end
def user_application_theme def user_application_theme
theme = Gitlab::Themes.by_id(current_user.try(:theme_id)) theme = Gitlab::Themes.by_id(current_user.try(:theme_id))
theme.css_class theme.css_class
...@@ -50,4 +57,9 @@ module PreferencesHelper ...@@ -50,4 +57,9 @@ module PreferencesHelper
def user_color_scheme_class def user_color_scheme_class
COLOR_SCHEMES[current_user.try(:color_scheme_id)] if defined?(current_user) COLOR_SCHEMES[current_user.try(:color_scheme_id)] if defined?(current_user)
end end
def prefer_readme?
!current_user ||
current_user.project_view == 'readme'
end
end end
...@@ -92,6 +92,16 @@ module ProjectsHelper ...@@ -92,6 +92,16 @@ module ProjectsHelper
end end
end end
def can_change_visibility_level?(project, current_user)
return false unless can?(current_user, :change_visibility_level, project)
if project.forked?
project.forked_from_project.visibility_level > Gitlab::VisibilityLevel::PRIVATE
else
true
end
end
private private
def get_project_nav_tabs(project, current_user) def get_project_nav_tabs(project, current_user)
...@@ -238,16 +248,6 @@ module ProjectsHelper ...@@ -238,16 +248,6 @@ module ProjectsHelper
end end
end end
def service_field_value(type, value)
return value unless type == 'password'
if value.present?
"***********"
else
nil
end
end
def user_max_access_in_project(user, project) def user_max_access_in_project(user, project)
level = project.team.max_member_access(user) level = project.team.max_member_access(user)
......
...@@ -86,4 +86,10 @@ module VisibilityLevelHelper ...@@ -86,4 +86,10 @@ module VisibilityLevelHelper
def default_snippet_visibility def default_snippet_visibility
current_application_settings.default_snippet_visibility current_application_settings.default_snippet_visibility
end end
def skip_level?(form_model, level)
form_model.is_a?(Project) &&
form_model.forked? &&
!Gitlab::VisibilityLevel.allowed_fork_levels(form_model.forked_from_project.visibility_level).include?(level)
end
end end
...@@ -79,22 +79,36 @@ module Mentionable ...@@ -79,22 +79,36 @@ module Mentionable
end end
end end
# If the mentionable_text field is about to change, locate any *added* references and create cross references for # When a mentionable field is changed, creates cross-reference notes that
# them. Invoke from an observer's #before_save implementation. # don't already exist
def notice_added_references(p = project, a = author) def create_new_cross_references!(p = project, a = author)
ch = changed_attributes changes = detect_mentionable_changes
original, mentionable_changed = "", false
self.class.mentionable_attrs.each do |attr| return if changes.empty?
if ch[attr]
original << ch[attr]
mentionable_changed = true
end
end
# Only proceed if the saved changes actually include a chance to an attr_mentionable field. original_text = changes.collect { |_, vals| vals.first }.join(' ')
return unless mentionable_changed
preexisting = references(p, self.author, original) preexisting = references(p, self.author, original_text)
create_cross_references!(p, a, preexisting) create_cross_references!(p, a, preexisting)
end end
private
# Returns a Hash of changed mentionable fields
#
# Preference is given to the `changes` Hash, but falls back to
# `previous_changes` if it's empty (i.e., the changes have already been
# persisted).
#
# See ActiveModel::Dirty.
#
# Returns a Hash.
def detect_mentionable_changes
source = (changes.present? ? changes : previous_changes).dup
mentionable = self.class.mentionable_attrs
# Only include changed fields that are mentionable
source.select { |key, val| mentionable.include?(key) }
end
end end
...@@ -24,6 +24,7 @@ class Key < ActiveRecord::Base ...@@ -24,6 +24,7 @@ class Key < ActiveRecord::Base
validates :title, presence: true, length: { within: 0..255 } validates :title, presence: true, length: { within: 0..255 }
validates :key, presence: true, length: { within: 0..5000 }, format: { with: /\A(ssh|ecdsa)-.*\Z/ }, uniqueness: true validates :key, presence: true, length: { within: 0..5000 }, format: { with: /\A(ssh|ecdsa)-.*\Z/ }, uniqueness: true
validates :key, format: { without: /\n|\r/, message: 'should be a single line' }
validates :fingerprint, uniqueness: true, presence: { message: 'cannot be generated' } validates :fingerprint, uniqueness: true, presence: { message: 'cannot be generated' }
delegate :name, :email, to: :user, prefix: true delegate :name, :email, to: :user, prefix: true
......
...@@ -356,7 +356,7 @@ class Note < ActiveRecord::Base ...@@ -356,7 +356,7 @@ class Note < ActiveRecord::Base
end end
def set_references def set_references
notice_added_references(project, author) create_new_cross_references!(project, author)
end end
def editable? def editable?
......
...@@ -431,6 +431,40 @@ class Repository ...@@ -431,6 +431,40 @@ class Repository
end end
end end
def search_files(query, ref)
offset = 2
args = %W(git grep -i -n --before-context #{offset} --after-context #{offset} #{query} #{ref || root_ref})
Gitlab::Popen.popen(args, path_to_repo).first.scrub.split(/^--$/)
end
def parse_search_result(result)
ref = nil
filename = nil
startline = 0
lines = result.lines
lines.each_with_index do |line, index|
if line =~ /^.*:.*:\d+:/
ref, filename, startline = line.split(':')
startline = startline.to_i - index
break
end
end
data = lines.map do |line|
line.sub(ref, '').sub(filename, '').sub(/^:-\d+-/, '').sub(/^::\d+:/, '')
end
data = data.join("")
OpenStruct.new(
filename: filename,
ref: ref,
startline: startline,
data: data
)
end
private private
def cache def cache
......
...@@ -177,6 +177,10 @@ class User < ActiveRecord::Base ...@@ -177,6 +177,10 @@ class User < ActiveRecord::Base
# Note: When adding an option, it MUST go on the end of the array. # Note: When adding an option, it MUST go on the end of the array.
enum dashboard: [:projects, :stars] enum dashboard: [:projects, :stars]
# User's Project preference
# Note: When adding an option, it MUST go on the end of the array.
enum project_view: [:readme, :activity]
alias_attribute :private_token, :authentication_token alias_attribute :private_token, :authentication_token
delegate :path, to: :namespace, allow_nil: true, prefix: true delegate :path, to: :namespace, allow_nil: true, prefix: true
...@@ -322,6 +326,16 @@ class User < ActiveRecord::Base ...@@ -322,6 +326,16 @@ class User < ActiveRecord::Base
@reset_token @reset_token
end end
def disable_two_factor!
update_attributes(
two_factor_enabled: false,
encrypted_otp_secret: nil,
encrypted_otp_secret_iv: nil,
encrypted_otp_secret_salt: nil,
otp_backup_codes: nil
)
end
def namespace_uniq def namespace_uniq
namespace_name = self.username namespace_name = self.username
existing_namespace = Namespace.by_path(namespace_name) existing_namespace = Namespace.by_path(namespace_name)
......
...@@ -35,7 +35,7 @@ module Issues ...@@ -35,7 +35,7 @@ module Issues
create_title_change_note(issue, issue.previous_changes['title'].first) create_title_change_note(issue, issue.previous_changes['title'].first)
end end
issue.notice_added_references(issue.project, current_user) issue.create_new_cross_references!(issue.project, current_user)
execute_hooks(issue, 'update') execute_hooks(issue, 'update')
end end
......
...@@ -59,7 +59,7 @@ module MergeRequests ...@@ -59,7 +59,7 @@ module MergeRequests
merge_request.mark_as_unchecked merge_request.mark_as_unchecked
end end
merge_request.notice_added_references(merge_request.project, current_user) merge_request.create_new_cross_references!(merge_request.project, current_user)
execute_hooks(merge_request, 'update') execute_hooks(merge_request, 'update')
end end
......
...@@ -11,19 +11,16 @@ module Projects ...@@ -11,19 +11,16 @@ module Projects
include Gitlab::ShellAdapter include Gitlab::ShellAdapter
class TransferError < StandardError; end class TransferError < StandardError; end
def execute def execute(new_namespace)
namespace_id = params[:new_namespace_id] if allowed_transfer?(current_user, project, new_namespace)
namespace = Namespace.find_by(id: namespace_id) transfer(project, new_namespace)
if allowed_transfer?(current_user, project, namespace)
transfer(project, namespace)
else else
project.errors.add(:namespace, 'is invalid') project.errors.add(:new_namespace, 'is invalid')
false false
end end
rescue Projects::TransferService::TransferError => ex rescue Projects::TransferService::TransferError => ex
project.reload project.reload
project.errors.add(:namespace_id, ex.message) project.errors.add(:new_namespace, ex.message)
false false
end end
......
...@@ -43,6 +43,7 @@ ...@@ -43,6 +43,7 @@
%strong{class: @user.two_factor_enabled? ? 'cgreen' : 'cred'} %strong{class: @user.two_factor_enabled? ? 'cgreen' : 'cred'}
- if @user.two_factor_enabled? - if @user.two_factor_enabled?
Enabled Enabled
= link_to 'Disable', disable_two_factor_admin_user_path(@user), data: {confirm: 'Are you sure?'}, method: :patch, class: 'btn btn-xs btn-remove pull-right', title: 'Disable Two-factor Authentication'
- else - else
Disabled Disabled
......
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
- if event.created_project? - if event.created_project?
= cache [event, current_user] do = cache [event, current_user] do
= image_tag avatar_icon(event.author_email, 24), class: "avatar s24", alt:''
= render "events/event/created_project", event: event = render "events/event/created_project", event: event
- else - else
= cache event do = cache event do
......
...@@ -7,14 +7,29 @@ ...@@ -7,14 +7,29 @@
%title= page_title %title= page_title
= favicon_link_tag 'favicon.ico' = favicon_link_tag 'favicon.ico'
= stylesheet_link_tag "application", :media => "all"
= stylesheet_link_tag "print", :media => "print" = stylesheet_link_tag "application", media: "all"
= stylesheet_link_tag "print", media: "print"
= javascript_include_tag "application" = javascript_include_tag "application"
= csrf_meta_tags = csrf_meta_tags
= include_gon = include_gon
%meta{name: 'viewport', content: 'width=device-width, initial-scale=1, maximum-scale=1'} %meta{name: 'viewport', content: 'width=device-width, initial-scale=1, maximum-scale=1'}
%meta{name: 'theme-color', content: '#474D57'} %meta{name: 'theme-color', content: '#474D57'}
-# Apple Safari/iOS home screen icons
= favicon_link_tag 'touch-icon-iphone.png', rel: 'apple-touch-icon'
= favicon_link_tag 'touch-icon-ipad.png', rel: 'apple-touch-icon', sizes: '76x76'
= favicon_link_tag 'touch-icon-iphone-retina.png', rel: 'apple-touch-icon', sizes: '120x120'
= favicon_link_tag 'touch-icon-ipad-retina.png', rel: 'apple-touch-icon', sizes: '152x152'
-# Windows 8 pinned site tile
%meta{name: 'msapplication-TileImage', content: image_url('msapplication-tile.png')}
%meta{name: 'msapplication-TileColor', content: '#30353E'}
= yield :meta_tags = yield :meta_tags
= render 'layouts/google_analytics' if extra_config.has_key?('google_analytics_id') = render 'layouts/google_analytics' if extra_config.has_key?('google_analytics_id')
......
.page-with-sidebar{ class: nav_sidebar_class } .page-with-sidebar{ class: nav_sidebar_class }
= render "layouts/broadcast" = render "layouts/broadcast"
.sidebar-wrapper .sidebar-wrapper.nicescroll
- if defined?(sidebar) && sidebar - if defined?(sidebar) && sidebar
= render "layouts/nav/#{sidebar}" = render "layouts/nav/#{sidebar}"
- elsif current_user - elsif current_user
......
%ul.nav.nav-sidebar %ul.nav.nav-sidebar
= nav_link do
= link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw')
%span
Back to Dashboard
%li.separate-item
= nav_link(path: 'groups#show', html_options: {class: 'home'}) do = nav_link(path: 'groups#show', html_options: {class: 'home'}) do
= link_to group_path(@group), title: 'Home', data: {placement: 'right'} do = link_to group_path(@group), title: 'Home', data: {placement: 'right'} do
= icon('dashboard fw') = icon('dashboard fw')
%span %span
Activity Group
- if current_user - if current_user
= nav_link(controller: [:group, :milestones]) do = nav_link(controller: [:group, :milestones]) do
= link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do = link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do
......
%ul.nav.nav-sidebar %ul.nav.nav-sidebar
= nav_link do = nav_link do
= link_to group_path(@group), title: 'Back to group', data: {placement: 'right'} do = link_to group_path(@group), title: 'Back to group', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw') = icon('caret-square-o-left fw')
%span %span
Back to group Back to group
......
%ul.nav.nav-sidebar %ul.nav.nav-sidebar
= nav_link do
= link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw')
%span
Back to Dashboard
%li.separate-item
= nav_link(path: 'profiles#show', html_options: {class: 'home'}) do = nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
= link_to profile_path, title: 'Profile', data: {placement: 'right'} do = link_to profile_path, title: 'Profile', data: {placement: 'right'} do
= icon('user fw') = icon('user fw')
......
%ul.nav.nav-sidebar %ul.nav.nav-sidebar
- if @project.group
= nav_link do
= link_to group_path(@project.group), title: 'Back to group', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw')
%span
Back to Group
- else
= nav_link do
= link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw')
%span
Back to Dashboard
%li.separate-item
= nav_link(path: 'projects#show', html_options: {class: 'home'}) do = nav_link(path: 'projects#show', html_options: {class: 'home'}) do
= link_to project_path(@project), title: 'Project', class: 'shortcuts-project', data: {placement: 'right'} do = link_to project_path(@project), title: 'Project', class: 'shortcuts-project', data: {placement: 'right'} do
= icon('home fw') = icon('home fw')
......
%ul.nav.nav-sidebar %ul.nav.nav-sidebar
= nav_link do = nav_link do
= link_to project_path(@project), title: 'Back to project', data: {placement: 'right'} do = link_to project_path(@project), title: 'Back to project', data: {placement: 'right'}, class: 'back-link' do
= icon('caret-square-o-left fw') = icon('caret-square-o-left fw')
%span %span
Back to project Back to project
......
...@@ -38,5 +38,13 @@ ...@@ -38,5 +38,13 @@
= link_to('(?)', help_page_path('profile', 'preferences') + '#default-dashboard', target: '_blank') = link_to('(?)', help_page_path('profile', 'preferences') + '#default-dashboard', target: '_blank')
.col-sm-10 .col-sm-10
= f.select :dashboard, dashboard_choices, {}, class: 'form-control' = f.select :dashboard, dashboard_choices, {}, class: 'form-control'
.form-group
= f.label :project_view, class: 'control-label' do
Project view
= link_to('(?)', help_page_path('profile', 'preferences') + '#default-project-view', target: '_blank')
.col-sm-10
= f.select :project_view, project_view_choices, {}, class: 'form-control'
.help-block
Choose what content you want to see when visit project page
.panel-footer .panel-footer
= f.submit 'Save', class: 'btn btn-save' = f.submit 'Save', class: 'btn btn-save'
= render 'projects/last_push'
.hidden-xs
- if current_user
%ul.nav.nav-pills.event_filter.pull-right
%li
= link_to namespace_project_path(@project.namespace, @project, format: :atom, private_token: current_user.private_token), title: "Feed", class: 'rss-btn' do
%i.fa.fa-rss
= render 'shared/event_filter'
%hr
.content_list{:"data-href" => activity_project_path(@project)}
= spinner
:coffeescript
new Activities()
...@@ -23,4 +23,6 @@ ...@@ -23,4 +23,6 @@
= link_to archive_namespace_project_repository_path(@project.namespace, @project, ref: @ref, format: 'zip'), class: 'btn', rel: 'nofollow' do = link_to archive_namespace_project_repository_path(@project.namespace, @project, ref: @ref, format: 'zip'), class: 'btn', rel: 'nofollow' do
%i.fa.fa-download %i.fa.fa-download
= render 'projects/buttons/dropdown'
= render "shared/clone_panel" = render "shared/clone_panel"
- if readme = @repository.readme
%article.readme-holder#README
.clearfix
.pull-right
&nbsp;
- if can?(current_user, :push_code, @project)
= link_to namespace_project_edit_blob_path(@project.namespace, @project, tree_join(@repository.root_ref, readme.name)), class: 'light' do
%i.fa.fa-pencil
.wiki
= cache(readme_cache_key) do
= render_readme(readme)
- else
%h3.page-title
This project does not have README yet
- if can?(current_user, :push_code, @project)
%p.slead
A
%code README
file contains information about other files in a repository and is commonly
distributed with computer software, forming part of its documentation.
%br
We recommend you to
= link_to "add README", new_readme_path, class: 'underlined-link'
file to the repository and GitLab will render it here instead of this message.
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
%input#zen-toggle-comment.zen-toggle-comment{ tabindex: '-1', type: 'checkbox' } %input#zen-toggle-comment.zen-toggle-comment{ tabindex: '-1', type: 'checkbox' }
.zen-backdrop .zen-backdrop
- classes << ' js-gfm-input markdown-area' - classes << ' js-gfm-input markdown-area'
= f.text_area attr, class: classes, placeholder: random_markdown_tip = f.text_area attr, class: classes, placeholder: ''
= link_to nil, class: 'zen-enter-link', tabindex: '-1' do = link_to nil, class: 'zen-enter-link', tabindex: '-1' do
%i.fa.fa-expand %i.fa.fa-expand
Edit in fullscreen Edit in fullscreen
......
= render 'projects/last_push' = render 'projects/activity'
.hidden-xs
- if current_user
%ul.nav.nav-pills.event_filter.pull-right
%li
= link_to namespace_project_path(@project.namespace, @project, format: :atom, private_token: current_user.private_token), title: "Feed", class: 'rss-btn' do
%i.fa.fa-rss
= render 'shared/event_filter'
%hr
.content_list
= spinner
- if current_user
%span.dropdown
%a.dropdown-toggle.btn.btn-new{href: '#', "data-toggle" => "dropdown"}
%i.fa.fa-plus
%ul.dropdown-menu
- if @project.issues_enabled && can?(current_user, :create_issue, @project)
%li
= link_to url_for_new_issue, title: "New Issue" do
New issue
- if @project.merge_requests_enabled && can?(current_user, :create_merge_request, @project)
%li
= link_to new_namespace_project_merge_request_path(@project.namespace, @project), title: "New Merge Request" do
New merge request
- if @project.snippets_enabled && can?(current_user, :create_snippet, @project)
%li
= link_to new_namespace_project_snippet_path(@project.namespace, @project), title: "New Snippet" do
New snippet
- if can?(current_user, :admin_project_member, @project)
%li
= link_to namespace_project_project_members_path(@project.namespace, @project), title: "New project member" do
New project member
- if can? current_user, :push_code, @project
%li.divider
%li
= link_to new_namespace_project_branch_path(@project.namespace, @project) do
New git branch
%li
= link_to new_namespace_project_tag_path(@project.namespace, @project) do
New git tag
...@@ -29,7 +29,7 @@ ...@@ -29,7 +29,7 @@
.col-sm-10= f.select(:default_branch, @repository.branch_names, {}, {class: 'select2 select-wide'}) .col-sm-10= f.select(:default_branch, @repository.branch_names, {}, {class: 'select2 select-wide'})
= render 'shared/visibility_level', f: f, visibility_level: @project.visibility_level, can_change_visibility_level: can?(current_user, :change_visibility_level, @project), form_model: @project = render 'shared/visibility_level', f: f, visibility_level: @project.visibility_level, can_change_visibility_level: can_change_visibility_level?(@project, current_user), form_model: @project
.form-group .form-group
= f.label :tag_list, "Tags", class: 'control-label' = f.label :tag_list, "Tags", class: 'control-label'
......
...@@ -6,5 +6,5 @@ ...@@ -6,5 +6,5 @@
= pluralize label.open_issues_count, 'open issue' = pluralize label.open_issues_count, 'open issue'
- if can? current_user, :admin_label, @project - if can? current_user, :admin_label, @project
= link_to 'Edit', edit_namespace_project_label_path(@project.namespace, @project, label), class: 'btn' = link_to 'Edit', edit_namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-sm'
= link_to 'Remove', namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-remove remove-row', method: :delete, remote: true, data: {confirm: "Remove this label? Are you sure?"} = link_to 'Remove', namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-sm btn-remove remove-row', method: :delete, remote: true, data: {confirm: "Remove this label? Are you sure?"}
:plain :plain
$(".mr_source_commit").html("#{commit_to_html(@commit, @source_project, false)}"); $(".mr_source_commit").html("#{commit_to_html(@commit, @source_project, false)}");
$('.js-timeago').timeago()
:plain :plain
$(".mr_target_commit").html("#{commit_to_html(@commit, @target_project, false)}"); $(".mr_target_commit").html("#{commit_to_html(@commit, @target_project, false)}");
$('.js-timeago').timeago()
...@@ -85,7 +85,7 @@ ...@@ -85,7 +85,7 @@
%li %li
The import will time out after 4 minutes. For big repositories, use a clone/push combination. The import will time out after 4 minutes. For big repositories, use a clone/push combination.
%li %li
To migrate an SVN repository, check out #{link_to "this document", "http://doc.gitlab.com/ce/workflow/migrating_from_svn.html"}. To migrate an SVN repository, check out #{link_to "this document", "http://doc.gitlab.com/ce/workflow/importing/migrating_from_svn.html"}.
%hr.prepend-botton-10 %hr.prepend-botton-10
......
...@@ -5,8 +5,8 @@ ...@@ -5,8 +5,8 @@
= render 'projects/zen', f: f, attr: :note, classes: 'note_text js-note-text js-task-list-field' = render 'projects/zen', f: f, attr: :note, classes: 'note_text js-note-text js-task-list-field'
.comment-hints.clearfix .comment-hints.clearfix
.pull-left Comments are parsed with #{link_to 'GitLab Flavored Markdown', help_page_path('markdown', 'markdown'),{ target: '_blank', tabindex: -1 }} .pull-left #{link_to 'Markdown ', help_page_path('markdown', 'markdown'),{ target: '_blank', tabindex: -1 }}
.pull-right Attach files by dragging &amp; dropping or #{link_to 'selecting them', '#', class: 'markdown-selector', tabindex: -1 }. .pull-right #{link_to 'Attach a file', '#', class: 'markdown-selector', tabindex: -1 }
.note-form-actions .note-form-actions
.buttons .buttons
......
...@@ -12,8 +12,14 @@ ...@@ -12,8 +12,14 @@
classes: 'note_text js-note-text' classes: 'note_text js-note-text'
.comment-hints.clearfix .comment-hints.clearfix
.pull-left Comments are parsed with #{link_to "GitLab Flavored Markdown", help_page_path("markdown", "markdown"),{ target: '_blank', tabindex: -1 }} .pull-left
.pull-right Attach files by dragging &amp; dropping or #{link_to "selecting them", '#', class: 'markdown-selector', tabindex: -1 }. = link_to "Markdown ", help_page_path("markdown", "markdown"),{ target: '_blank', tabindex: -1 }
tip:
= random_markdown_tip
.pull-right
= link_to '#', class: 'markdown-selector', tabindex: -1 do
Attach a file
= icon('paperclip')
.error-alert .error-alert
.note-form-actions .note-form-actions
......
...@@ -41,31 +41,10 @@ ...@@ -41,31 +41,10 @@
%hr %hr
%section %section
- if readme = @repository.readme - if prefer_readme?
%article.readme-holder#README = render 'projects/readme'
.clearfix
.pull-right
&nbsp;
- if can?(current_user, :push_code, @project)
= link_to namespace_project_edit_blob_path(@project.namespace, @project, tree_join(@repository.root_ref, readme.name)), class: 'light' do
%i.fa.fa-pencil
.wiki
= cache(readme_cache_key) do
= render_readme(readme)
- else - else
%h3.page-title = render 'projects/activity'
This project does not have README yet
- if can?(current_user, :push_code, @project)
%p.slead
A
%code README
file contains information about other files in a repository and is commonly
distributed with computer software, forming part of its documentation.
%br
We recommend you to
= link_to "add README", new_readme_path, class: 'underlined-link'
file to the repository and GitLab will render it here instead of this message.
- if current_user - if current_user
......
- blob = @project.repository.parse_search_result(blob)
.blob-result .blob-result
.file-holder .file-holder
.file-title .file-title
......
- wiki_blob = @project.repository.parse_search_result(wiki_blob)
.blob-result .blob-result
.file-holder .file-holder
.file-title .file-title
......
- name = field[:name] - name = field[:name]
- title = field[:title] || name.humanize - title = field[:title] || name.humanize
- value = service_field_value(field[:type], @service.send(name)) - value = @service.send(name)
- type = field[:type] - type = field[:type]
- placeholder = field[:placeholder] - placeholder = field[:placeholder]
- choices = field[:choices] - choices = field[:choices]
...@@ -19,6 +19,6 @@ ...@@ -19,6 +19,6 @@
- elsif type == 'select' - elsif type == 'select'
= form.select name, options_for_select(choices, value ? value : default_choice), {}, { class: "form-control" } = form.select name, options_for_select(choices, value ? value : default_choice), {}, { class: "form-control" }
- elsif type == 'password' - elsif type == 'password'
= form.password_field name, placeholder: value, class: 'form-control' = form.password_field name, value: value, class: 'form-control'
- if help - if help
%span.help-block= help %span.help-block= help
- Gitlab::VisibilityLevel.values.each do |level| - Gitlab::VisibilityLevel.values.each do |level|
- next if skip_level?(form_model, level)
.radio .radio
- restricted = restricted_visibility_levels.include?(level) - restricted = restricted_visibility_levels.include?(level)
= form.label "#{model_method}_#{level}" do = form.label "#{model_method}_#{level}" do
......
...@@ -159,6 +159,7 @@ Gitlab::Application.routes.draw do ...@@ -159,6 +159,7 @@ Gitlab::Application.routes.draw do
put :block put :block
put :unblock put :unblock
put :unlock put :unlock
patch :disable_two_factor
delete 'remove/:email_id', action: 'remove_email', as: 'remove_email' delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
end end
end end
......
...@@ -5,7 +5,7 @@ Gitlab::Seeder.quiet do ...@@ -5,7 +5,7 @@ Gitlab::Seeder.quiet do
s.email = 'admin@example.com' s.email = 'admin@example.com'
s.notification_email = 'admin@example.com' s.notification_email = 'admin@example.com'
s.username = 'root' s.username = 'root'
s.password = 'password' s.password = '5iveL!fe'
s.admin = true s.admin = true
s.projects_limit = 100 s.projects_limit = 100
s.confirmed_at = DateTime.now s.confirmed_at = DateTime.now
......
if ENV['GITLAB_ROOT_PASSWORD'].blank? if ENV['GITLAB_ROOT_PASSWORD'].blank?
password = 'password' password = '5iveL!fe'
expire_time = Time.now expire_time = Time.now
else else
password = ENV['GITLAB_ROOT_PASSWORD'] password = ENV['GITLAB_ROOT_PASSWORD']
......
class AddProjectViewToUsers < ActiveRecord::Migration
def change
add_column :users, :project_view, :integer, default: 0
end
end
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150620233230) do ActiveRecord::Schema.define(version: 20150713160110) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
...@@ -517,6 +517,7 @@ ActiveRecord::Schema.define(version: 20150620233230) do ...@@ -517,6 +517,7 @@ ActiveRecord::Schema.define(version: 20150620233230) do
t.text "otp_backup_codes" t.text "otp_backup_codes"
t.string "public_email", default: "", null: false t.string "public_email", default: "", null: false
t.integer "dashboard", default: 0 t.integer "dashboard", default: 0
t.integer "project_view", default: 0
end end
add_index "users", ["admin"], name: "index_users_on_admin", using: :btree add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
......
...@@ -49,7 +49,8 @@ Parameters: ...@@ -49,7 +49,8 @@ Parameters:
"state": "active", "state": "active",
"created_at": "2012-04-29T08:46:00Z" "created_at": "2012-04-29T08:46:00Z"
}, },
"description":"fixed login page css paddings" "description":"fixed login page css paddings",
"work_in_progress": false
} }
] ]
``` ```
...@@ -94,7 +95,8 @@ Parameters: ...@@ -94,7 +95,8 @@ Parameters:
"state": "active", "state": "active",
"created_at": "2012-04-29T08:46:00Z" "created_at": "2012-04-29T08:46:00Z"
}, },
"description":"fixed login page css paddings" "description":"fixed login page css paddings",
"work_in_progress": false
} }
``` ```
...@@ -118,6 +120,7 @@ Parameters: ...@@ -118,6 +120,7 @@ Parameters:
"project_id": 4, "project_id": 4,
"title": "Blanditiis beatae suscipit hic assumenda et molestias nisi asperiores repellat et.", "title": "Blanditiis beatae suscipit hic assumenda et molestias nisi asperiores repellat et.",
"description": "Qui voluptatibus placeat ipsa alias quasi. Deleniti rem ut sint. Optio velit qui distinctio.", "description": "Qui voluptatibus placeat ipsa alias quasi. Deleniti rem ut sint. Optio velit qui distinctio.",
"work_in_progress": false,
"state": "reopened", "state": "reopened",
"created_at": "2015-02-02T19:49:39.159Z", "created_at": "2015-02-02T19:49:39.159Z",
"updated_at": "2015-02-02T20:08:49.959Z", "updated_at": "2015-02-02T20:08:49.959Z",
...@@ -336,14 +339,6 @@ Parameters: ...@@ -336,14 +339,6 @@ Parameters:
```json ```json
{ {
"author": {
"id": 1,
"username": "admin",
"email": "admin@example.com",
"name": "Administrator",
"blocked": false,
"created_at": "2012-04-29T08:46:00Z"
},
"note": "text1" "note": "text1"
} }
``` ```
......
...@@ -31,10 +31,7 @@ Parameters: ...@@ -31,10 +31,7 @@ Parameters:
"state": "active", "state": "active",
"created_at": "2013-09-30T13:46:01Z" "created_at": "2013-09-30T13:46:01Z"
}, },
"created_at": "2013-10-02T09:22:45Z", "created_at": "2013-10-02T09:22:45Z"
"system": true,
"upvote": false,
"downvote": false
}, },
{ {
"id": 305, "id": 305,
...@@ -48,10 +45,7 @@ Parameters: ...@@ -48,10 +45,7 @@ Parameters:
"state": "active", "state": "active",
"created_at": "2013-09-30T13:46:01Z" "created_at": "2013-09-30T13:46:01Z"
}, },
"created_at": "2013-10-02T09:56:03Z", "created_at": "2013-10-02T09:56:03Z"
"system": false,
"upvote": false,
"downvote": false
} }
] ]
``` ```
......
...@@ -404,7 +404,7 @@ NOTE: Supply `SANITIZE=true` environment variable to `gitlab:check` to omit proj ...@@ -404,7 +404,7 @@ NOTE: Supply `SANITIZE=true` environment variable to `gitlab:check` to omit proj
Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created a default admin account for you. You can use it to log in: Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created a default admin account for you. You can use it to log in:
root root
password 5iveL!fe
**Important Note:** On login you'll be prompted to change the password. **Important Note:** On login you'll be prompted to change the password.
......
...@@ -30,3 +30,9 @@ will be. Setting it to **Starred Projects** will make that Dashboard view the ...@@ -30,3 +30,9 @@ will be. Setting it to **Starred Projects** will make that Dashboard view the
default when signing in or clicking the application logo in the upper left. default when signing in or clicking the application logo in the upper left.
The default is **Your Projects**. The default is **Your Projects**.
### Default Project view
It allows user to choose what content he or she want to see on project page.
The default is **Readme**.
# From 6.x or 7.x to 7.12 # From 6.x or 7.x to 7.13
*Make sure you view this [upgrade guide from the `master` branch](../../../master/doc/update/6.x-or-7.x-to-7.12.md) for the most up to date instructions.* *Make sure you view this [upgrade guide from the `master` branch](../../../master/doc/update/6.x-or-7.x-to-7.13.md) for the most up to date instructions.*
This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.12. This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.13.
## Global issue numbers ## Global issue numbers
...@@ -71,7 +71,7 @@ sudo -u git -H git checkout -- db/schema.rb # local changes will be restored aut ...@@ -71,7 +71,7 @@ sudo -u git -H git checkout -- db/schema.rb # local changes will be restored aut
For GitLab Community Edition: For GitLab Community Edition:
```bash ```bash
sudo -u git -H git checkout 7-12-stable sudo -u git -H git checkout 7-13-stable
``` ```
OR OR
...@@ -79,7 +79,7 @@ OR ...@@ -79,7 +79,7 @@ OR
For GitLab Enterprise Edition: For GitLab Enterprise Edition:
```bash ```bash
sudo -u git -H git checkout 7-12-stable-ee sudo -u git -H git checkout 7-13-stable-ee
``` ```
## 4. Install additional packages ## 4. Install additional packages
...@@ -162,11 +162,11 @@ sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab ...@@ -162,11 +162,11 @@ sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
TIP: to see what changed in `gitlab.yml.example` in this release use next command: TIP: to see what changed in `gitlab.yml.example` in this release use next command:
``` ```
git diff 6-0-stable:config/gitlab.yml.example 7-12-stable:config/gitlab.yml.example git diff 6-0-stable:config/gitlab.yml.example 7-13-stable:config/gitlab.yml.example
``` ```
* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/config/gitlab.yml.example but with your settings. * Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/config/unicorn.rb.example but with your settings. * Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/config/unicorn.rb.example but with your settings.
* Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.6.0/config.yml.example but with your settings. * Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.6.0/config.yml.example but with your settings.
* Copy rack attack middleware config * Copy rack attack middleware config
...@@ -182,14 +182,14 @@ sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab ...@@ -182,14 +182,14 @@ sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
### Change Nginx settings ### Change Nginx settings
* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/lib/support/nginx/gitlab but with your settings. * HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/lib/support/nginx/gitlab but with your settings.
* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/lib/support/nginx/gitlab-ssl but with your settings. * HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/lib/support/nginx/gitlab-ssl but with your settings.
* A new `location /uploads/` section has been added that needs to have the same content as the existing `location @gitlab` section. * A new `location /uploads/` section has been added that needs to have the same content as the existing `location @gitlab` section.
### Check the version of /usr/local/bin/git ### Check the version of /usr/local/bin/git
If you installed Git from source into /usr/local/bin/git then please [check If you installed Git from source into /usr/local/bin/git then please [check
your version](7.11-to-7.12.md). your version](7.12-to-7.13.md).
## 9. Start application ## 9. Start application
......
# From 7.12 to 7.13
### 0. Double-check your Git version
**This notice applies only to /usr/local/bin/git**
If you compiled Git from source on your GitLab server then please double-check
that you are using a version that protects against CVE-2014-9390. For six
months after this vulnerability became known the GitLab installation guide
still contained instructions that would install the outdated, 'vulnerable' Git
version 2.1.2.
Run the following command to get your current Git version.
```
/usr/local/bin/git --version
```
If you see 'No such file or directory' then you did not install Git according
to the outdated instructions from the GitLab installation guide and you can go
to the next step 'Stop server' below.
If you see a version string then it should be v1.8.5.6, v1.9.5, v2.0.5, v2.1.4,
v2.2.1 or newer. You can use the [instructions in the GitLab source
installation
guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md#1-packages-dependencies)
to install a newer version of Git.
### 1. Stop server
sudo service gitlab stop
### 2. Backup
```bash
cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
```
### 3. Get latest code
```bash
sudo -u git -H git fetch --all
sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
```
For GitLab Community Edition:
```bash
sudo -u git -H git checkout 7-13-stable
```
OR
For GitLab Enterprise Edition:
```bash
sudo -u git -H git checkout 7-13-stable-ee
```
### 4. Update gitlab-shell
```bash
cd /home/git/gitlab-shell
sudo -u git -H git fetch
sudo -u git -H git checkout v2.6.3
```
### 5. Install libs, migrations, etc.
```bash
cd /home/git/gitlab
# MySQL installations (note: the line below states '--without ... postgres')
sudo -u git -H bundle install --without development test postgres --deployment
# PostgreSQL installations (note: the line below states '--without ... mysql')
sudo -u git -H bundle install --without development test mysql --deployment
# Run database migrations
sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
# Clean up assets and cache
sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production
# Update init.d script
sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
```
### 6. Update config files
#### New configuration options for `gitlab.yml`
There are new configuration options available for [`gitlab.yml`](config/gitlab.yml.example). View them with the command below and apply them to your current `gitlab.yml`.
```
git diff origin/7-12-stable:config/gitlab.yml.example origin/7-13-stable:config/gitlab.yml.example
``````
### 7. Start application
sudo service gitlab start
sudo service nginx restart
### 8. Check application status
Check if GitLab and its environment are configured correctly:
sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
To make sure you didn't miss anything run a more thorough check with:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
If all items are green, then congratulations, the upgrade is complete!
## Things went south? Revert to previous version (7.12)
### 1. Revert the code to the previous version
Follow the [upgrade guide from 7.11 to 7.12](7.11-to-7.12.md), except for the database migration
(The backup is already migrated to the previous version)
### 2. Restore from the backup:
```bash
cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production
```
If you have more than one backup *.tar file(s) please add `BACKUP=timestamp_of_backup` to the command above.
...@@ -16,6 +16,7 @@ git clone https://github.com/gitlabhq/mysql-postgresql-converter.git -b gitlab ...@@ -16,6 +16,7 @@ git clone https://github.com/gitlabhq/mysql-postgresql-converter.git -b gitlab
cd mysql-postgresql-converter cd mysql-postgresql-converter
mysqldump --compatible=postgresql --default-character-set=utf8 -r gitlabhq_production.mysql -u root gitlabhq_production -p mysqldump --compatible=postgresql --default-character-set=utf8 -r gitlabhq_production.mysql -u root gitlabhq_production -p
python db_converter.py gitlabhq_production.mysql gitlabhq_production.psql python db_converter.py gitlabhq_production.mysql gitlabhq_production.psql
ed -s gitlabhq_production.psql < move_drop_indexes.ed
# Import the database dump as the application database user # Import the database dump as the application database user
sudo -u git psql -f gitlabhq_production.psql -d gitlabhq_production sudo -u git psql -f gitlabhq_production.psql -d gitlabhq_production
...@@ -56,6 +57,7 @@ sudo -u git -H git clone https://github.com/gitlabhq/mysql-postgresql-converter. ...@@ -56,6 +57,7 @@ sudo -u git -H git clone https://github.com/gitlabhq/mysql-postgresql-converter.
# Convert gitlabhq_production.mysql # Convert gitlabhq_production.mysql
sudo -u git -H mkdir db sudo -u git -H mkdir db
sudo -u git -H python mysql-postgresql-converter/db_converter.py gitlabhq_production.mysql db/database.sql sudo -u git -H python mysql-postgresql-converter/db_converter.py gitlabhq_production.mysql db/database.sql
sudo -u git -H ed -s db/database.sql < mysql-postgresql-converter/move_drop_indexes.ed
# Compress database backup # Compress database backup
sudo -u git -H gzip db/database.sql sudo -u git -H gzip db/database.sql
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
- [Groups](groups.md) - [Groups](groups.md)
- [Keyboard shortcuts](shortcuts.md) - [Keyboard shortcuts](shortcuts.md)
- [Labels](labels.md) - [Labels](labels.md)
- [Notifications](notifications.md) - [Notification emails](notifications.md)
- [Project Features](project_features.md) - [Project Features](project_features.md)
- [Project forking workflow](forking_workflow.md) - [Project forking workflow](forking_workflow.md)
- [Protected branches](protected_branches.md) - [Protected branches](protected_branches.md)
......
# GitLab Notifications # GitLab Notification Emails
GitLab has notifications system in place to notify a user of events important for the workflow. GitLab has a notification system in place to notify a user of events that are important for the workflow.
## Notification settings ## Notification settings
...@@ -67,5 +67,3 @@ Below is the table of events users can be notified of: ...@@ -67,5 +67,3 @@ Below is the table of events users can be notified of:
| Reopen merge request | Project members [1] | [1] higher than participating | | Reopen merge request | Project members [1] | [1] higher than participating |
| Merge merge request | MR author [1], MR assignee [2], project members [3] | [1] [2] not disabled, [3] higher than participating | | Merge merge request | MR author [1], MR assignee [2], project members [3] | [1] [2] not disabled, [3] higher than participating |
| New comment | Mentioned users [1], users participating [2], project members [3] | [1] [2] not disabled, [3] higher than participating | | New comment | Mentioned users [1], users participating [2], project members [3] | [1] [2] not disabled, [3] higher than participating |
...@@ -30,7 +30,9 @@ RUN ( \ ...@@ -30,7 +30,9 @@ RUN ( \
echo "" && \ echo "" && \
echo "# Docker options" && \ echo "# Docker options" && \
echo "# Prevent Postgres from trying to allocate 25% of total memory" && \ echo "# Prevent Postgres from trying to allocate 25% of total memory" && \
echo "postgresql['shared_buffers'] = '1MB'" ) >> /etc/gitlab/gitlab.rb echo "postgresql['shared_buffers'] = '1MB'" ) >> /etc/gitlab/gitlab.rb && \
mkdir -p /assets/ && \
cp /etc/gitlab/gitlab.rb /assets/gitlab.rb
# Expose web & ssh # Expose web & ssh
EXPOSE 443 80 22 EXPOSE 443 80 22
......
# GitLab Docker images # GitLab Docker images
## What is GitLab? The GitLab docker image is [available on Docker Hub](https://registry.hub.docker.com/u/gitlab/gitlab-ce/).
GitLab offers git repository management, code reviews, issue tracking, activity feeds, wikis. It has LDAP/AD integration, handles 25,000 users on a single server but can also run on a highly available active/active cluster.
Learn more on [https://about.gitlab.com](https://about.gitlab.com)
## After starting a container ## After starting a container
...@@ -13,7 +10,7 @@ It might take a while before the docker container is responding to queries. ...@@ -13,7 +10,7 @@ It might take a while before the docker container is responding to queries.
You can check the status with something like `sudo docker logs -f gitlab`. You can check the status with something like `sudo docker logs -f gitlab`.
You can login to the web interface with username `root` and password `password`. You can login to the web interface with username `root` and password `5iveL!fe`.
Next time, you can just use docker start and stop to run the container. Next time, you can just use docker start and stop to run the container.
...@@ -166,3 +163,5 @@ sudo docker push gitlab/gitlab-ce:latest ...@@ -166,3 +163,5 @@ sudo docker push gitlab/gitlab-ce:latest
## Troubleshooting ## Troubleshooting
Please see the [troubleshooting](troubleshooting.md) file in this directory. Please see the [troubleshooting](troubleshooting.md) file in this directory.
Note: We use `fig.yml` to have compatibility with fig and because docker-compose also supports it.
...@@ -13,4 +13,9 @@ function entrypoint() { ...@@ -13,4 +13,9 @@ function entrypoint() {
gitlab-ctl tail # tail all logs gitlab-ctl tail # tail all logs
} }
if [[ ! -e /etc/gitlab/gitlab.rb ]]; then
cp /assets/gitlab.rb /etc/gitlab/gitlab.rb
chmod 0600 /etc/gitlab/gitlab.rb
fi
entrypoint entrypoint
...@@ -8,7 +8,24 @@ ...@@ -8,7 +8,24 @@
"type": "DOCKER", "type": "DOCKER",
"docker": { "docker": {
"network": "HOST", "network": "HOST",
"image": "sytse/gitlab-ce:7.10.1" "image": "gitlab/gitlab-ce:latest"
},
"volumes": [
{
"containerPath": "/etc/gitlab",
"hostPath": "/var/data/etc/gitlab",
"mode": "RW"
},
{
"containerPath": "/var/opt/gitlab",
"hostPath": "/var/data/opt/gitlab",
"mode": "RW"
},
{
"containerPath": "/var/log/gitlab",
"hostPath": "/var/data/log/gitlab",
"mode": "RW"
} }
]
} }
} }
\ No newline at end of file
...@@ -4,6 +4,10 @@ Feature: Groups ...@@ -4,6 +4,10 @@ Feature: Groups
And "John Doe" is owner of group "Owned" And "John Doe" is owner of group "Owned"
And "John Doe" is guest of group "Guest" And "John Doe" is guest of group "Guest"
Scenario: I should have back to group button
When I visit group "Owned" page
Then I should see back to dashboard button
@javascript @javascript
Scenario: I should see group "Owned" dashboard list Scenario: I should see group "Owned" dashboard list
When I visit group "Owned" page When I visit group "Owned" page
......
...@@ -18,6 +18,15 @@ Feature: Project ...@@ -18,6 +18,15 @@ Feature: Project
Then I should see the default project avatar Then I should see the default project avatar
And I should not see the "Remove avatar" button And I should not see the "Remove avatar" button
Scenario: I should have back to group button
And project "Shop" belongs to group
And I visit project "Shop" page
Then I should see back to group button
Scenario: I should have back to group button
And I visit project "Shop" page
Then I should see back to dashboard button
Scenario: I should have readme on page Scenario: I should have readme on page
And I visit project "Shop" page And I visit project "Shop" page
Then I should see project "Shop" README Then I should see project "Shop" README
......
...@@ -5,6 +5,10 @@ class Spinach::Features::Groups < Spinach::FeatureSteps ...@@ -5,6 +5,10 @@ class Spinach::Features::Groups < Spinach::FeatureSteps
include SharedUser include SharedUser
include Select2Helper include Select2Helper
step 'I should see back to dashboard button' do
expect(page).to have_content 'Back to Dashboard'
end
step 'gitlab user "Mike"' do step 'gitlab user "Mike"' do
create(:user, name: "Mike") create(:user, name: "Mike")
end end
......
...@@ -116,4 +116,18 @@ class Spinach::Features::Project < Spinach::FeatureSteps ...@@ -116,4 +116,18 @@ class Spinach::Features::Project < Spinach::FeatureSteps
step 'I should not see "Snippets" button' do step 'I should not see "Snippets" button' do
expect(page).not_to have_link 'Snippets' expect(page).not_to have_link 'Snippets'
end end
step 'project "Shop" belongs to group' do
group = create(:group)
@project.namespace = group
@project.save!
end
step 'I should see back to dashboard button' do
expect(page).to have_content 'Back to Dashboard'
end
step 'I should see back to group button' do
expect(page).to have_content 'Back to Group'
end
end end
...@@ -171,6 +171,7 @@ module API ...@@ -171,6 +171,7 @@ module API
expose :source_project_id, :target_project_id expose :source_project_id, :target_project_id
expose :label_names, as: :labels expose :label_names, as: :labels
expose :description expose :description
expose :work_in_progress?, as: :work_in_progress
expose :milestone, using: Entities::Milestone expose :milestone, using: Entities::Milestone
end end
...@@ -190,9 +191,6 @@ module API ...@@ -190,9 +191,6 @@ module API
expose :attachment_identifier, as: :attachment expose :attachment_identifier, as: :attachment
expose :author, using: Entities::UserBasic expose :author, using: Entities::UserBasic
expose :created_at expose :created_at
expose :system
expose :upvote?, as: :upvote
expose :downvote?, as: :downvote
end end
class MRNote < Grape::Entity class MRNote < Grape::Entity
......
...@@ -74,9 +74,9 @@ module API ...@@ -74,9 +74,9 @@ module API
# POST /groups/:id/projects/:project_id # POST /groups/:id/projects/:project_id
post ":id/projects/:project_id" do post ":id/projects/:project_id" do
authenticated_as_admin! authenticated_as_admin!
group = Group.find(params[:id]) group = Group.find_by(id: params[:id])
project = Project.find(params[:project_id]) project = Project.find(params[:project_id])
result = ::Projects::TransferService.new(project, current_user, namespace_id: group.id).execute result = ::Projects::TransferService.new(project, current_user).execute(group)
if result if result
present group present group
......
...@@ -47,6 +47,10 @@ module Gitlab ...@@ -47,6 +47,10 @@ module Gitlab
def valid_level?(level) def valid_level?(level)
options.has_value?(level) options.has_value?(level)
end end
def allowed_fork_levels(origin_level)
[PRIVATE, INTERNAL, PUBLIC].select{ |level| level <= origin_level }
end
end end
def private? def private?
......
...@@ -36,4 +36,32 @@ describe Admin::UsersController do ...@@ -36,4 +36,32 @@ describe Admin::UsersController do
expect(user.access_locked?).to be_falsey expect(user.access_locked?).to be_falsey
end end
end end
describe 'PATCH disable_two_factor' do
let(:user) { create(:user) }
it 'disables 2FA for the user' do
expect(user).to receive(:disable_two_factor!)
allow(subject).to receive(:user).and_return(user)
go
end
it 'redirects back' do
go
expect(response).to redirect_to(admin_user_path(user))
end
it 'displays an alert' do
go
expect(flash[:notice]).
to eq 'Two-factor Authentication has been disabled for this user'
end
def go
patch :disable_two_factor, id: user.to_param
end
end
end end
...@@ -9,34 +9,58 @@ describe AutocompleteController do ...@@ -9,34 +9,58 @@ describe AutocompleteController do
before do before do
sign_in(user) sign_in(user)
project.team << [user, :master] project.team << [user, :master]
get(:users, project_id: project.id)
end end
let(:body) { JSON.parse(response.body) } let(:body) { JSON.parse(response.body) }
describe 'GET #users with project ID' do
before do
get(:users, project_id: project.id)
end
it { expect(body).to be_kind_of(Array) } it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq 1 } it { expect(body.size).to eq 1 }
it { expect(body.first["username"]).to eq user.username } it { expect(body.first["username"]).to eq user.username }
end end
describe 'GET #users with unknown project' do
before do
get(:users, project_id: 'unknown')
end
it { expect(response.status).to eq(404) }
end
end
context 'group members' do context 'group members' do
let(:group) { create(:group) } let(:group) { create(:group) }
before do before do
sign_in(user) sign_in(user)
group.add_owner(user) group.add_owner(user)
get(:users, group_id: group.id)
end end
let(:body) { JSON.parse(response.body) } let(:body) { JSON.parse(response.body) }
describe 'GET #users with group ID' do
before do
get(:users, group_id: group.id)
end
it { expect(body).to be_kind_of(Array) } it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq 1 } it { expect(body.size).to eq 1 }
it { expect(body.first["username"]).to eq user.username } it { expect(body.first["username"]).to eq user.username }
end end
describe 'GET #users with unknown group ID' do
before do
get(:users, group_id: 'unknown')
end
it { expect(response.status).to eq(404) }
end
end
context 'all users' do context 'all users' do
before do before do
sign_in(user) sign_in(user)
...@@ -48,4 +72,52 @@ describe AutocompleteController do ...@@ -48,4 +72,52 @@ describe AutocompleteController do
it { expect(body).to be_kind_of(Array) } it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq User.count } it { expect(body.size).to eq User.count }
end end
context 'unauthenticated user' do
let(:public_project) { create(:project, :public) }
let(:body) { JSON.parse(response.body) }
describe 'GET #users with public project' do
before do
public_project.team << [user, :guest]
get(:users, project_id: public_project.id)
end
it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq 1 }
end
describe 'GET #users with project' do
before do
get(:users, project_id: project.id)
end
it { expect(response.status).to eq(302) }
end
describe 'GET #users with unknown project' do
before do
get(:users, project_id: 'unknown')
end
it { expect(response.status).to eq(302) }
end
describe 'GET #users with inaccessible group' do
before do
project.team << [user, :guest]
get(:users, group_id: user.namespace.id)
end
it { expect(response.status).to eq(302) }
end
describe 'GET #users with no project' do
before do
get(:users)
end
it { expect(response.status).to eq(302) }
end
end
end end
...@@ -106,18 +106,11 @@ describe Profiles::TwoFactorAuthsController do ...@@ -106,18 +106,11 @@ describe Profiles::TwoFactorAuthsController do
describe 'DELETE destroy' do describe 'DELETE destroy' do
let(:user) { create(:user, :two_factor) } let(:user) { create(:user, :two_factor) }
let!(:codes) { user.generate_otp_backup_codes! }
it 'clears all 2FA-related fields' do it 'disables two factor' do
expect(user).to be_two_factor_enabled expect(user).to receive(:disable_two_factor!)
expect(user.otp_backup_codes).not_to be_nil
expect(user.encrypted_otp_secret).not_to be_nil
delete :destroy delete :destroy
expect(user).not_to be_two_factor_enabled
expect(user.otp_backup_codes).to be_nil
expect(user.encrypted_otp_secret).to be_nil
end end
it 'redirects to profile_account_path' do it 'redirects to profile_account_path' do
......
...@@ -32,6 +32,7 @@ FactoryGirl.define do ...@@ -32,6 +32,7 @@ FactoryGirl.define do
before(:create) do |user| before(:create) do |user|
user.two_factor_enabled = true user.two_factor_enabled = true
user.otp_secret = User.generate_otp_secret(32) user.otp_secret = User.generate_otp_secret(32)
user.generate_otp_backup_codes!
end end
end end
......
require 'rails_helper'
feature 'Admin disables 2FA for a user', feature: true do
scenario 'successfully', js: true do
login_as(:admin)
user = create(:user, :two_factor)
edit_user(user)
page.within('.two-factor-status') do
click_link 'Disable'
end
page.within('.two-factor-status') do
expect(page).to have_content 'Disabled'
expect(page).not_to have_button 'Disable'
end
end
scenario 'for a user without 2FA enabled' do
login_as(:admin)
user = create(:user)
edit_user(user)
page.within('.two-factor-status') do
expect(page).not_to have_button 'Disable'
end
end
def edit_user(user)
visit admin_user_path(user)
end
end
...@@ -137,7 +137,7 @@ describe GitlabMarkdownHelper do ...@@ -137,7 +137,7 @@ describe GitlabMarkdownHelper do
describe 'random_markdown_tip' do describe 'random_markdown_tip' do
it 'returns a random Markdown tip' do it 'returns a random Markdown tip' do
stub_const("#{described_class}::MARKDOWN_TIPS", ['Random tip']) stub_const("#{described_class}::MARKDOWN_TIPS", ['Random tip'])
expect(random_markdown_tip).to eq 'Tip: Random tip' expect(random_markdown_tip).to eq 'Random tip'
end end
end end
end end
...@@ -8,4 +8,48 @@ describe ProjectsHelper do ...@@ -8,4 +8,48 @@ describe ProjectsHelper do
expect(project_status_css_class("finished")).to eq("success") expect(project_status_css_class("finished")).to eq("success")
end end
end end
describe "can_change_visibility_level?" do
let(:project) { create(:project) }
let(:fork_project) do
fork_project = create(:forked_project_with_submodules)
fork_project.build_forked_project_link(forked_to_project_id: fork_project.id, forked_from_project_id: project.id)
fork_project.save
fork_project
end
let(:user) { create(:user) }
it "returns false if there are no approipriate permissions" do
allow(helper).to receive(:can?) { false }
expect(helper.can_change_visibility_level?(project, user)).to be_falsey
end
it "returns true if there are permissions and it is not fork" do
allow(helper).to receive(:can?) { true }
expect(helper.can_change_visibility_level?(project, user)).to be_truthy
end
context "forks" do
it "returns false if there are permissions and origin project is PRIVATE" do
allow(helper).to receive(:can?) { true }
project.update visibility_level: Gitlab::VisibilityLevel::PRIVATE
expect(helper.can_change_visibility_level?(fork_project, user)).to be_falsey
end
it "returns true if there are permissions and origin project is INTERNAL" do
allow(helper).to receive(:can?) { true }
project.update visibility_level: Gitlab::VisibilityLevel::INTERNAL
expect(helper.can_change_visibility_level?(fork_project, user)).to be_truthy
end
end
end
end end
...@@ -72,4 +72,43 @@ describe VisibilityLevelHelper do ...@@ -72,4 +72,43 @@ describe VisibilityLevelHelper do
end end
end end
end end
describe "skip_level?" do
describe "forks" do
let(:project) { create(:project, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
let(:fork_project) { create(:forked_project_with_submodules) }
before do
fork_project.build_forked_project_link(forked_to_project_id: fork_project.id, forked_from_project_id: project.id)
fork_project.save
end
it "skips levels" do
expect(skip_level?(fork_project, Gitlab::VisibilityLevel::PUBLIC)).to be_truthy
expect(skip_level?(fork_project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
expect(skip_level?(fork_project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
end
end
describe "non-forked project" do
let(:project) { create(:project, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
it "skips levels" do
expect(skip_level?(project, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
expect(skip_level?(project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
expect(skip_level?(project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
end
end
describe "Snippet" do
let(:snippet) { create(:snippet, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
it "skips levels" do
expect(skip_level?(snippet, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
expect(skip_level?(snippet, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
expect(skip_level?(snippet, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
end
end
end
end end
...@@ -28,4 +28,53 @@ describe Issue, "Mentionable" do ...@@ -28,4 +28,53 @@ describe Issue, "Mentionable" do
issue.create_cross_references!(project, author, [commit2]) issue.create_cross_references!(project, author, [commit2])
end end
end end
describe '#create_new_cross_references!' do
let(:project) { create(:project) }
let(:issues) { create_list(:issue, 2, project: project) }
context 'before changes are persisted' do
it 'ignores pre-existing references' do
issue = create_issue(description: issues[0].to_reference)
expect(SystemNoteService).not_to receive(:cross_reference)
issue.description = 'New description'
issue.create_new_cross_references!
end
it 'notifies new references' do
issue = create_issue(description: issues[0].to_reference)
expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
issue.description = issues[1].to_reference
issue.create_new_cross_references!
end
end
context 'after changes are persisted' do
it 'ignores pre-existing references' do
issue = create_issue(description: issues[0].to_reference)
expect(SystemNoteService).not_to receive(:cross_reference)
issue.update_attributes(description: 'New description')
issue.create_new_cross_references!
end
it 'notifies new references' do
issue = create_issue(description: issues[0].to_reference)
expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
issue.update_attributes(description: issues[1].to_reference)
issue.create_new_cross_references!
end
end
def create_issue(description:)
create(:issue, project: project, description: description)
end
end
end end
...@@ -63,7 +63,7 @@ describe Key do ...@@ -63,7 +63,7 @@ describe Key do
key = build(:key) key = build(:key)
# Not always the middle, but close enough # Not always the middle, but close enough
key.key = key.key[0..100] + ' ' + key.key[100..-1] key.key = key.key[0..100] + ' ' + key.key[101..-1]
expect(key).not_to be_valid expect(key).not_to be_valid
end end
...@@ -71,6 +71,12 @@ describe Key do ...@@ -71,6 +71,12 @@ describe Key do
it 'rejects the unfingerprintable key (not a key)' do it 'rejects the unfingerprintable key (not a key)' do
expect(build(:key, key: 'ssh-rsa an-invalid-key==')).not_to be_valid expect(build(:key, key: 'ssh-rsa an-invalid-key==')).not_to be_valid
end end
it 'rejects the multiple line key' do
key = build(:key)
key.key.gsub!(' ', "\n")
expect(key).not_to be_valid
end
end end
context 'callbacks' do context 'callbacks' do
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment