An error occurred fetching the project authors.
  1. 14 Nov, 2016 1 commit
  2. 01 Nov, 2016 1 commit
  3. 27 Oct, 2016 1 commit
  4. 19 Oct, 2016 1 commit
  5. 06 Oct, 2016 2 commits
  6. 23 Sep, 2016 1 commit
  7. 19 Sep, 2016 1 commit
    • Nick Thomas's avatar
      Enable Warden for the Grape API · 10c07226
      Nick Thomas authored
      The practical effect of this commit is to make the API check the Rails session
      cookie for authentication details. If the cookie is present and valid, it will
      be used to authenticate.
      
      The API now has several authentication options for users. They follow in this
      order of precedence:
      
      * Authentication token
      * Personal access token
      * OAuth2 Bearer token (Doorkeeper - application access)
      * Rails session cookie
      10c07226
  8. 13 Sep, 2016 1 commit
  9. 30 Aug, 2016 5 commits
  10. 24 Aug, 2016 1 commit
  11. 18 Aug, 2016 3 commits
  12. 10 Aug, 2016 2 commits
  13. 20 Jul, 2016 1 commit
  14. 19 Jul, 2016 1 commit
  15. 18 Jul, 2016 1 commit
  16. 13 Jul, 2016 2 commits
    • Robert Speicher's avatar
      Revert "Merge branch '18193-developers-can-merge' into 'master' · 530f5158
      Robert Speicher authored
      This reverts commit 9ca633eb, reversing
      changes made to fb229bbf.
      530f5158
    • Timothy Andrew's avatar
      Refactor `Gitlab::GitAccess` · 60245bbe
      Timothy Andrew authored
      1. Don't use case statements for dispatch anymore. This leads to a lot
         of duplication, and makes the logic harder to follow.
      
      2. Remove duplicated logic.
      
          - For example, the `can_push_to_branch?` exists, but we also have a
            different way of checking the same condition within `change_access_check`.
      
          - This kind of duplication is removed, and the `can_push_to_branch?`
            method is used in both places.
      
      3. Move checks returning true/false to `UserAccess`.
      
          - All public methods in `GitAccess` now return an instance of
            `GitAccessStatus`. Previously, some methods would return
            true/false as well, which was confusing.
      
          - It makes sense for these kinds of checks to be at the level of a
            user, so the `UserAccess` class was repurposed for this. The prior
            `UserAccess.allowed?` classmethod is converted into an instance
            method.
      
          - All external uses of these checks have been migrated to use the
            `UserAccess` class
      
      4. Move the "change_access_check" into a separate class.
      
          - Create the `GitAccess::ChangeAccessCheck` class to run these
            checks, which are quite substantial.
      
          - `ChangeAccessCheck` returns an instance of `GitAccessStatus` as
            well.
      
      5. Break out the boolean logic in `ChangeAccessCheck` into `if/else`
         chains - this seems more readable.
      
      6. I can understand that this might look like overkill for !4892, but I
         think this is a good opportunity to clean it up.
      
          - http://martinfowler.com/bliki/OpportunisticRefactoring.html
      60245bbe
  17. 12 Jul, 2016 4 commits
  18. 06 Jul, 2016 2 commits
  19. 16 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Implement @DouweM's feedback. · 7ee0898a
      Timothy Andrew authored
      - Extract a duplicated `redirect_to`
      - Fix a typo: "token", not "certificate"
      - Have the "Expires at" datepicker be attached to a text field, not inline
      - Have both private tokens and personal access tokens verified in a
        single "authenticate_from_private_token" method, both in the
        application and API. Move relevant logic to
        `User#find_by_personal_access_token`
      - Remove unnecessary constants relating to API auth. We don't need a
        separate constant for personal access tokens since the param is the
        same as for private tokens.
      7ee0898a
  20. 12 Jun, 2016 1 commit
  21. 10 Jun, 2016 1 commit
  22. 06 Jun, 2016 1 commit
  23. 03 Jun, 2016 2 commits
  24. 23 May, 2016 1 commit
  25. 18 May, 2016 1 commit
  26. 16 May, 2016 1 commit