Merge gitlab.com:gitlab-org/gitlab-ce

CHANGELOG

@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
 
 v 8.4.0 (unreleased)
   - Add housekeeping function to project settings page
+  - Fix missing date of month in network graph when commits span a month (Stan Hu)
   - Expire view caches when application settings change (e.g. Gravatar disabled) (Stan Hu)
   - Don't notify users twice if they are both project watchers and subscribers (Stan Hu)
   - Implement new UI for group page
@@ -21,8 +22,10 @@ v 8.4.0 (unreleased)
   - Fix API project lookups when querying with a namespace with dots (Stan Hu)
   - Update version check images to use SVG
   - Validate README format before displaying
+  - Enable Microsoft Azure OAuth2 support (Janis Meybohm)
 
 v 8.3.3 (unreleased)
+  - Get "Merge when build succeeds" to work when commits were pushed to MR target branch while builds were running
   - Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu)
   - Enable "Add key" button when user fills in a proper key (Stan Hu)
 
@@ -105,6 +108,7 @@ v 8.3.0
   - Fix online editor should not remove newlines at the end of the file
   - Expose Git's version in the admin area
   - Show "New Merge Request" buttons on canonical repos when you have a fork (Josh Frye)
+  - Add file finder feature in tree view
 
 v 8.2.3
   - Fix application settings cache not expiring after changes (Stan Hu)

Gemfile

@@ -33,6 +33,7 @@ gem 'omniauth-saml',          '~> 1.4.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd'
+gem 'omniauth-azure-oauth2'
 gem 'rack-oauth2',            '~> 1.2.1'
 
 # reCAPTCHA protection
@@ -48,7 +49,7 @@ gem "browser", '~> 1.0.0'
 
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library
-gem "gitlab_git", '~> 7.2.20'
+gem "gitlab_git", '~> 7.2.22'
 
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes

Gemfile.lock

@@ -488,6 +488,10 @@ GEM
       activesupport
       nokogiri (>= 1.4.4)
       omniauth (~> 1.0)
+    omniauth-azure-oauth2 (0.0.6)
+      jwt (~> 1.0)
+      omniauth (~> 1.0)
+      omniauth-oauth2 (~> 1.1)
     opennebula (4.14.2)
       json
       nokogiri
@@ -883,7 +887,7 @@ DEPENDENCIES
   github-markup (~> 1.3.1)
   gitlab-flowdock-git-hook (~> 1.0.1)
   gitlab_emoji (~> 0.2.0)
-  gitlab_git (~> 7.2.20)
+  gitlab_git (~> 7.2.22)
   gitlab_meta (= 7.0)
   gitlab_omniauth-ldap (~> 1.2.1)
   gollum-lib (~> 4.1.0)
@@ -927,6 +931,7 @@ DEPENDENCIES
   omniauth-shibboleth (~> 1.2.0)
   omniauth-twitter (~> 1.2.0)
   omniauth_crowd
+  omniauth-azure-oauth2
   org-ruby (~> 0.9.12)
   paranoia (~> 2.0)
   pg (~> 0.18.2)

app/assets/javascripts/application.js.coffee

@@ -40,6 +40,7 @@
 #= require shortcuts_network
 #= require jquery.nicescroll.min
 #= require_tree .
+#= require fuzzaldrin-plus.min
 
 window.slugify = (text) ->
   text.replace(/[^-a-zA-Z0-9]+/g, '_').toLowerCase()

app/assets/javascripts/branch-graph.js.coffee

@@ -66,7 +66,7 @@ class @BranchGraph
     r.rect(40, 0, 30, @barHeight).attr fill: "#444"
 
     for day, mm in @days
-      if cuday isnt day[0]
+      if cuday isnt day[0] || cumonth isnt day[1]
         # Dates
         r.text(55, @offsetY + @unitTime * mm, day[0])
           .attr(

app/assets/javascripts/dispatcher.js.coffee

@@ -87,7 +87,9 @@ class Dispatcher
         new GroupAvatar()
       when 'projects:tree:show'
         new TreeView()
-        shortcut_handler = new ShortcutsNavigation()
+        shortcut_handler = new ShortcutsTree()
+      when 'projects:find_file:show'
+        shortcut_handler = true
       when 'projects:blob:show'
         new LineHighlighter()
         shortcut_handler = new ShortcutsNavigation()

app/assets/javascripts/project_find_file.js.coffee

+class @ProjectFindFile
+  constructor: (@element, @options)->
+    @filePaths = {}
+    @inputElement = @element.find(".file-finder-input")
+
+    # init event
+    @initEvent()
+
+    # focus text input box
+    @inputElement.focus()
+
+    # load file list
+    @load(@options.url)
+
+  # init event
+  initEvent: ->
+    @inputElement.off "keyup"
+    @inputElement.on "keyup", (event) =>
+      target = $(event.target)
+      value = target.val()
+      oldValue = target.data("oldValue") ? ""
+
+      if value != oldValue
+        target.data("oldValue", value)
+        @findFile()
+        @element.find("tr.tree-item").eq(0).addClass("selected").focus()
+
+    @element.find(".tree-content-holder .tree-table").on "click", (event) ->
+      if (event.target.nodeName != "A")
+        path = @element.find(".tree-item-file-name a", this).attr("href")
+        location.href = path if path
+
+  # find file
+  findFile: ->
+    searchText = @inputElement.val()
+    result = if searchText.length > 0 then fuzzaldrinPlus.filter(@filePaths, searchText) else @filePaths
+    @renderList result, searchText
+
+  # files pathes load
+  load: (url) ->
+    $.ajax
+      url: url
+      method: "get"
+      dataType: "json"
+      success: (data) =>
+        @element.find(".loading").hide()
+        @filePaths = data
+        @findFile()
+        @element.find(".files-slider tr.tree-item").eq(0).addClass("selected").focus()
+
+  # render result
+  renderList: (filePaths, searchText) ->
+    @element.find(".tree-table > tbody").empty()
+
+    for filePath, i in filePaths
+      break if i == 20
+
+      if searchText
+        matches = fuzzaldrinPlus.match(filePath, searchText)
+
+      blobItemUrl = "#{@options.blobUrlTemplate}/#{filePath}"
+
+      html = @makeHtml filePath, matches, blobItemUrl
+      @element.find(".tree-table > tbody").append(html)
+
+  # highlight text(awefwbwgtc -> <b>a</b>wefw<b>b</b>wgt<b>c</b> )
+  highlighter = (element, text, matches) ->
+    lastIndex = 0
+    highlightText = ""
+    matchedChars = []
+
+    for matchIndex in matches
+      unmatched = text.substring(lastIndex, matchIndex)
+
+      if unmatched
+        element.append(matchedChars.join("").bold()) if matchedChars.length
+        matchedChars = []
+        element.append(document.createTextNode(unmatched))
+
+      matchedChars.push(text[matchIndex])
+      lastIndex = matchIndex + 1
+
+    element.append(matchedChars.join("").bold()) if matchedChars.length
+    element.append(document.createTextNode(text.substring(lastIndex)))
+
+  # make tbody row html
+  makeHtml: (filePath, matches, blobItemUrl) ->
+    $tr = $("<tr class='tree-item'><td class='tree-item-file-name'><i class='fa fa-file-text-o fa-fw'></i><span class='str-truncated'><a></a></span></td></tr>")
+    if matches
+      $tr.find("a").replaceWith(highlighter($tr.find("a"), filePath, matches).attr("href", blobItemUrl))
+    else
+      $tr.find("a").attr("href", blobItemUrl).text(filePath)
+
+    return $tr
+
+  selectRow: (type) ->
+    rows = @element.find(".files-slider tr.tree-item")
+    selectedRow = @element.find(".files-slider tr.tree-item.selected")
+
+    if rows && rows.length > 0
+      if selectedRow && selectedRow.length > 0
+        if type == "UP"
+          next = selectedRow.prev()
+        else if type == "DOWN"
+          next = selectedRow.next()
+
+        if next.length > 0
+          selectedRow.removeClass "selected"
+          selectedRow = next
+      else
+        selectedRow = rows.eq(0)
+      selectedRow.addClass("selected").focus()
+
+  selectRowUp: =>
+    @selectRow "UP"
+
+  selectRowDown: =>
+    @selectRow "DOWN"
+
+  goToTree: =>
+    location.href = @options.treeUrl
+
+  goToBlob: =>
+    path = @element.find(".tree-item.selected .tree-item-file-name a").attr("href")
+    location.href = path if path

app/assets/javascripts/shortcuts_find_file.js.coffee

+#= require shortcuts_navigation
+
+class @ShortcutsFindFile extends ShortcutsNavigation
+  constructor: (@projectFindFile) ->
+    super()
+    _oldStopCallback = Mousetrap.stopCallback
+    # override to fire shortcuts action when focus in textbox
+    Mousetrap.stopCallback = (event, element, combo) =>
+      if element == @projectFindFile.inputElement[0] and (combo == 'up' or combo == 'down' or combo == 'esc' or combo == 'enter')
+        # when press up/down key in textbox, cusor prevent to move to home/end
+        event.preventDefault()
+        return false
+
+      return _oldStopCallback(event, element, combo)
+
+    Mousetrap.bind('up', @projectFindFile.selectRowUp)
+    Mousetrap.bind('down', @projectFindFile.selectRowDown)
+    Mousetrap.bind('esc', @projectFindFile.goToTree)
+    Mousetrap.bind('enter', @projectFindFile.goToBlob)

app/assets/javascripts/shortcuts_tree.coffee

+class @ShortcutsTree extends ShortcutsNavigation
+  constructor: ->
+    super()
+    Mousetrap.bind('t', -> ShortcutsTree.findAndFollowLink('.shortcuts-find-file'))

app/assets/stylesheets/pages/tree.scss

 .tree-holder {
 
+  .file-finder {
+    width: 50%;
+    .file-finder-input {
+      width: 95%;
+      display: inline-block;
+    }
+  }
+
   .tree-table {
     margin-bottom: 0;
 

app/controllers/admin/application_settings_controller.rb

@@ -70,8 +70,6 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
       :metrics_enabled,
       :metrics_host,
       :metrics_port,
-      :metrics_username,
-      :metrics_password,
       :metrics_pool_size,
       :metrics_timeout,
       :metrics_method_call_threshold,

app/controllers/projects/find_file_controller.rb

+# Controller for viewing a repository's file structure
+class Projects::FindFileController < Projects::ApplicationController
+  include ExtractsPath
+  include ActionView::Helpers::SanitizeHelper
+  include TreeHelper
+
+  before_action :require_non_empty_project
+  before_action :assign_ref_vars
+  before_action :authorize_download_code!
+
+  def show
+    return render_404 unless @repository.commit(@ref)
+
+    respond_to do |format|
+      format.html
+    end
+  end
+
+  def list
+    file_paths = @repo.ls_files(@ref)
+
+    respond_to do |format|
+      format.json { render json: file_paths }
+    end
+  end
+end

app/controllers/projects/merge_requests_controller.rb

@@ -153,7 +153,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   end
 
   def merge_check
-    @merge_request.check_if_can_be_merged if @merge_request.unchecked?
+    @merge_request.check_if_can_be_merged
 
     render partial: "projects/merge_requests/widget/show.html.haml", layout: false
   end

app/controllers/projects/refs_controller.rb

@@ -20,6 +20,8 @@ class Projects::RefsController < Projects::ApplicationController
             namespace_project_network_path(@project.namespace, @project, @id, @options)
           when "graphs"
             namespace_project_graph_path(@project.namespace, @project, @id)
+          when "find_file"
+            namespace_project_find_file_path(@project.namespace, @project, @id)
           when "graphs_commits"
             commits_namespace_project_graph_path(@project.namespace, @project, @id)
           else

app/helpers/auth_helper.rb

 module AuthHelper
-  PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook).freeze
+  PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2).freeze
   FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze
 
   def ldap_enabled?

app/helpers/page_layout_helper.rb

@@ -27,35 +27,20 @@ module PageLayoutHelper
   #
   # Returns an HTML-safe String.
   def page_description(description = nil)
-    @page_description ||= page_description_default
-
     if description.present?
       @page_description = description.squish
-    else
+    elsif @page_description.present?
       sanitize(@page_description, tags: []).truncate_words(30)
     end
   end
 
-  # Default value for page_description when one hasn't been defined manually by
-  # a view
-  def page_description_default
-    if @project
-      @project.description || brand_title
-    else
-      brand_title
-    end
-  end
-
   def page_image
     default = image_url('gitlab_logo.png')
 
-    if @project
-      @project.avatar_url || default
-    elsif @user
-      avatar_icon(@user)
-    else
-      default
-    end
+    subject = @project || @user || @group
+
+    image = subject.avatar_url if subject.present?
+    image || default
   end
 
   # Define or get attributes to be used as Twitter card metadata

app/models/concerns/mentionable.rb

@@ -51,8 +51,11 @@ module Mentionable
     else
       self.class.mentionable_attrs.each do |attr, options|
         text = send(attr)
-        options[:cache_key] = [self, attr] if options.delete(:cache) && self.persisted?
-        ext.analyze(text, options)
+
+        context = options.dup
+        context[:cache_key] = [self, attr] if context.delete(:cache) && self.persisted?
+
+        ext.analyze(text, context)
       end
     end
 

app/models/merge_request.rb

@@ -229,6 +229,8 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def check_if_can_be_merged
+    return unless unchecked?
+
     can_be_merged =
       project.repository.can_be_merged?(source_sha, target_branch)
 
@@ -252,7 +254,11 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def mergeable?
-    open? && !work_in_progress? && can_be_merged?
+    return false unless open? && !work_in_progress?
+
+    check_if_can_be_merged
+
+    can_be_merged?
   end
 
   def gitlab_merge_status
@@ -452,6 +458,10 @@ class MergeRequest < ActiveRecord::Base
     !source_branch_exists? || !target_branch_exists?
   end
 
+  def broken?
+    self.commits.blank? || branch_missing? || cannot_be_merged?
+  end
+
   def can_be_merged_by?(user)
     ::Gitlab::GitAccess.new(user, project).can_push_to_branch?(target_branch)
   end
@@ -507,8 +517,4 @@ class MergeRequest < ActiveRecord::Base
   def ci_commit
     @ci_commit ||= source_project.ci_commit(last_commit.id) if last_commit && source_project
   end
-
-  def broken?
-    self.commits.blank? || branch_missing? || cannot_be_merged?
-  end
 end

app/models/repository.rb

@@ -681,6 +681,11 @@ class Repository
     end
   end
 
+  def ls_files(ref)
+    actual_ref = ref || root_ref
+    raw_repository.ls_files(actual_ref)
+  end
+
   private
 
   def cache

app/views/admin/application_settings/_form.html.haml

@@ -179,14 +179,6 @@
           your server configuration specifies a database to store data in when
           sending messages to this port, without it metrics data will not be
           saved.
-    .form-group
-      = f.label :metrics_username, 'InfluxDB username', class: 'control-label col-sm-2'
-      .col-sm-10
-        = f.text_field :metrics_username, class: 'form-control'
-    .form-group
-      = f.label :metrics_password, 'InfluxDB password', class: 'control-label col-sm-2'
-      .col-sm-10
-        = f.text_field :metrics_password, class: 'form-control'
     .form-group
       = f.label :metrics_pool_size, 'Connection pool size', class: 'control-label col-sm-2'
       .col-sm-10

app/views/help/_shortcuts.html.haml

@@ -40,6 +40,32 @@
                 %td.shortcut
                   .key enter
                 %td Open Selection
+              %tr
+                %td.shortcut
+                  .key t
+                %td Go to finding file
+            %tbody
+              %tr
+                %th
+                %th Finding Project File
+              %tr
+                %td.shortcut
+                  .key
+                    %i.fa.fa-arrow-up
+                %td Move selection up
+              %tr
+                %td.shortcut
+                  .key
+                    %i.fa.fa-arrow-down
+                %td Move selection down
+              %tr
+                %td.shortcut
+                  .key enter
+                %td Open Selection
+              %tr
+                %td.shortcut
+                  .key esc
+                %td Go back
 
         .col-lg-4
           %table.shortcut-mappings

app/views/layouts/_head.html.haml

+- page_description brand_title unless page_description
+
+- site_name = "GitLab"
 %head{prefix: "og: http://ogp.me/ns#"}
   %meta{charset: "utf-8"}
   %meta{'http-equiv' => 'X-UA-Compatible', content: 'IE=edge'}
 
   -# Open Graph - http://ogp.me/
   %meta{property: 'og:type',        content: "object"}
-  %meta{property: 'og:site_name',   content: "GitLab"}
+  %meta{property: 'og:site_name',   content: site_name}
   %meta{property: 'og:title',       content: page_title}
   %meta{property: 'og:description', content: page_description}
   %meta{property: 'og:image',       content: page_image}
@@ -17,7 +20,7 @@
   %meta{property: 'twitter:image',        content: page_image}
   = page_card_meta_tags
 
-  %title= page_title('GitLab')
+  %title= page_title(site_name)
   %meta{name: "description", content: page_description}
 
   = favicon_link_tag 'favicon.ico'

app/views/layouts/group.html.haml

-- page_title    @group.name
-- header_title  group_title(@group) unless header_title
-- sidebar       "group"             unless sidebar
+- page_title       @group.name
+- page_description @group.description  unless page_description
+- header_title     group_title(@group) unless header_title
+- sidebar          "group"             unless sidebar
 
 = render template: "layouts/application"

app/views/layouts/nav/_project.html.haml

@@ -25,7 +25,7 @@
       %span
         Activity
   - if project_nav_tab? :files
-    = nav_link(controller: %w(tree blob blame edit_tree new_tree)) do
+    = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file)) do
       = link_to project_files_path(@project), title: 'Files',  class: 'shortcuts-tree' do
         = icon('files-o fw')
         %span
@@ -117,4 +117,3 @@
     %li.hidden
       = link_to namespace_project_network_path(@project.namespace, @project, current_ref), title: 'Network', class: 'shortcuts-network' do
         Network
-

app/views/layouts/project.html.haml

-- page_title    @project.name_with_namespace
-- header_title  project_title(@project) unless header_title
-- sidebar       "project"               unless sidebar
+- page_title       @project.name_with_namespace
+- page_description @project.description    unless page_description
+- header_title     project_title(@project) unless header_title
+- sidebar          "project"               unless sidebar
 
 - content_for :scripts_body_top do
   - project = @target_project || @project

app/views/projects/_find_file_link.html.haml

+= link_to namespace_project_find_file_path(@project.namespace, @project, @ref), class: 'btn btn-grouped shortcuts-find-file', rel: 'nofollow' do
+  = icon('search')
+  %span Find File

app/views/projects/commit/show.html.haml

-- page_title "#{@commit.title} (#{@commit.short_id})", "Commits"
+- page_title        "#{@commit.title} (#{@commit.short_id})", "Commits"
+- page_description  @commit.description
+
 = render "projects/commits/header_title"
 = render "commit_box"
 - if @ci_commit

app/views/projects/find_file/show.html.haml

+- page_title "Find File", @ref
+- header_title project_title(@project, "Files", project_files_path(@project))
+
+.file-finder-holder.tree-holder.clearfix
+  .gray-content-block.top-block
+    .tree-ref-holder
+      = render 'shared/ref_switcher', destination: 'find_file', path: @path
+    %ul.breadcrumb.repo-breadcrumb
+      %li
+        = link_to namespace_project_tree_path(@project.namespace, @project, @ref) do
+          = @project.path
+      %li.file-finder
+        %input#file_find.form-control.file-finder-input{type: "text", placeholder: 'Find by path'}
+
+  %div.tree-content-holder
+    .table-holder
+      %table.table.files-slider{class: "table_#{@hex_path} tree-table table-striped" }
+        %tbody
+      = spinner nil, true
+
+:coffeescript
+  projectFindFile = new ProjectFindFile($(".file-finder-holder"), {
+    url: "#{escape_javascript(namespace_project_files_path(@project.namespace, @project, @ref, @options.merge(format: :json)))}"
+    treeUrl: "#{escape_javascript(namespace_project_tree_path(@project.namespace, @project, @ref))}"
+    blobUrlTemplate: "#{escape_javascript(namespace_project_blob_path(@project.namespace, @project, @id || @commit.id))}"
+  })
+  new ShortcutsFindFile(projectFindFile)

app/views/projects/merge_requests/_show.html.haml

@@ -38,7 +38,7 @@
     = render "projects/merge_requests/show/how_to_merge"
     = render "projects/merge_requests/widget/show.html.haml"
 
-    - if @merge_request.open? && @merge_request.source_branch_exists? && @merge_request.can_be_merged? && @merge_request.can_be_merged_by?(current_user)
+    - if @merge_request.source_branch_exists? && @merge_request.mergeable? && @merge_request.can_be_merged_by?(current_user)
       .light.prepend-top-default
         You can also accept this merge request manually using the
         = succeed '.' do

app/views/projects/show.html.haml

@@ -68,4 +68,4 @@
     = render 'projects/last_commit', commit: @repository.commit, project: @project
 
 %div{class: "project-show-#{default_project_view}"}
-  = render default_project_view
\ No newline at end of file
+  = render default_project_view

app/views/projects/tree/show.html.haml

@@ -3,12 +3,12 @@
 = content_for :meta_tags do
   - if current_user
     = auto_discovery_link_tag(:atom, namespace_project_commits_url(@project.namespace, @project, @ref, format: :atom, private_token: current_user.private_token), title: "#{@project.name}:#{@ref} commits")
-
 = render 'projects/last_push'
 
-- if can? current_user, :download_code, @project
-  .tree-download-holder
-    = render 'projects/repositories/download_archive', ref: @ref, btn_class: 'btn-group pull-right hidden-xs hidden-sm', split_button: true
+.pull-right
+  = render 'projects/find_file_link'
+  - if can? current_user, :download_code, @project
+    = render 'projects/repositories/download_archive', ref: @ref, btn_class: 'hidden-xs hidden-sm btn-grouped', split_button: true
 
 #tree-holder.tree-holder.clearfix
   .gray-content-block.top-block

config/routes.rb

@@ -441,6 +441,24 @@ Rails.application.routes.draw do
           )
         end
 
+        scope do
+          get(
+            '/find_file/*id',
+            to: 'find_file#show',
+            constraints: { id: /.+/, format: /html/ },
+            as: :find_file
+          )
+        end
+
+        scope do
+          get(
+            '/files/*id',
+            to: 'find_file#list',
+            constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ },
+            as: :files
+          )
+        end
+
         scope do
           post(
             '/create_dir/*id',

db/migrate/20160106164438_remove_influxdb_credentials.rb

+class RemoveInfluxdbCredentials < ActiveRecord::Migration
+  def change
+    remove_column :application_settings, :metrics_username, :string
+    remove_column :application_settings, :metrics_password, :string
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20151229112614) do
+ActiveRecord::Schema.define(version: 20160106164438) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -50,16 +50,14 @@ ActiveRecord::Schema.define(version: 20151229112614) do
     t.boolean  "shared_runners_enabled",                        default: true,        null: false
     t.integer  "max_artifacts_size",                            default: 100,         null: false
     t.string   "runners_registration_token"
-    t.boolean  "require_two_factor_authentication",             default: false
-    t.integer  "two_factor_grace_period",                       default: 48
-    t.boolean  "metrics_enabled",                               default: false
-    t.string   "metrics_host",                                  default: "localhost"
-    t.string   "metrics_username"
-    t.string   "metrics_password"
-    t.integer  "metrics_pool_size",                             default: 16
-    t.integer  "metrics_timeout",                               default: 10
-    t.integer  "metrics_method_call_threshold",                 default: 10
-    t.boolean  "recaptcha_enabled",                             default: false
+    t.boolean  "require_two_factor_authentication", default: false
+    t.integer  "two_factor_grace_period",           default: 48
+    t.boolean  "metrics_enabled",                   default: false
+    t.string   "metrics_host",                      default: "localhost"
+    t.integer  "metrics_pool_size",                 default: 16
+    t.integer  "metrics_timeout",                   default: 10
+    t.integer  "metrics_method_call_threshold",     default: 10
+    t.boolean  "recaptcha_enabled",                 default: false
     t.string   "recaptcha_site_key"
     t.string   "recaptcha_private_key"
     t.integer  "metrics_port",                                  default: 8089

doc/README.md

@@ -19,6 +19,7 @@
 ## CI Documentation
 
 - [Quick Start](ci/quick_start/README.md)
+- [Enable or disable GitLab CI](ci/enable_or_disable_ci.md)
 - [Configuring project (.gitlab-ci.yml)](ci/yaml/README.md)
 - [Configuring runner](ci/runners/README.md)
 - [Configuring deployment](ci/deployment/README.md)

doc/ci/README.md

@@ -3,6 +3,7 @@
 ### User documentation
 
 * [Quick Start](quick_start/README.md)
+* [Enable or disable GitLab CI](enable_or_disable_ci.md)
 * [Configuring project (.gitlab-ci.yml)](yaml/README.md)
 * [Configuring runner](runners/README.md)
 * [Configuring deployment](deployment/README.md)

doc/ci/enable_or_disable_ci.md

+## Enable or disable GitLab CI
+
+_To effectively use GitLab CI, you need a valid [`.gitlab-ci.yml`](yaml/README.md)
+file present at the root directory of your project and a
+[runner](runners/README.md) properly set up. You can read our
+[quick start guide](quick_start/README.md) to get you started._
+
+If you are using an external CI server like Jenkins or Drone CI, it is advised
+to disable GitLab CI in order to not have any conflicts with the commits status
+API.
+
+---
+
+As of GitLab 8.2, GitLab CI is mainly exposed via the `/builds` page of a
+project. Disabling GitLab CI in a project does not delete any previous builds.
+In fact, the `/builds` page can still be accessed, although it's hidden from
+the left sidebar menu.
+
+GitLab CI is enabled by default on new installations and can be disabled either
+individually under each project's settings, or site-wide by modifying the
+settings in `gitlab.yml` and `gitlab.rb` for source and Omnibus installations
+respectively.
+
+### Per-project user setting
+
+The setting to enable or disable GitLab CI can be found with the name **Builds**
+under the **Features** area of a project's settings along with **Issues**,
+**Merge Requests**, **Wiki** and **Snippets**. Select or deselect the checkbox
+and hit **Save** for the settings to take effect.
+
+![Features settings](img/features_settings.png)
+
+---
+
+### Site-wide administrator setting
+
+You can disable GitLab CI site-wide, by modifying the settings in `gitlab.yml`
+and `gitlab.rb` for source and Omnibus installations respectively.
+
+Two things to note:
+
+1. Disabling GitLab CI, will affect only newly-created projects. Projects that
+   had it enabled prior to this modification, will work as before.
+1. Even if you disable GitLab CI, users will still be able to enable it in the
+   project's settings.
+
+---
+
+For installations from source, open `gitlab.yml` with your editor and set
+`builds` to `false`:
+
+```yaml
+## Default project features settings
+default_projects_features:
+  issues: true
+  merge_requests: true
+  wiki: true
+  snippets: false
+  builds: false
+```
+
+Save the file and restart GitLab: `sudo service gitlab restart`.
+
+For Omnibus installations, edit `/etc/gitlab/gitlab.rb` and add the line:
+
+```
+gitlab-rails['gitlab_default_projects_features_builds'] = false
+```
+
+Save the file and reconfigure GitLab: `sudo gitlab-ctl reconfigure`.

doc/integration/azure.md

+# Microsoft Azure OAuth2 OmniAuth Provider
+
+To enable the Microsoft Azure OAuth2 OmniAuth provider you must register your application with Azure. Azure will generate a client ID and secret key for you to use.
+
+1.  Sign in to the [Azure Management Portal](https://manage.windowsazure.com>).
+
+1.  Select "Active Directory" on the left and choose the directory you want to use to register GitLab.
+
+1.  Select "Applications" at the top bar and click the "Add" button the bottom.
+
+1.  Select "Add an application my organization is developing".
+
+1.  Provide the project information and click the "Next" button.
+    - Name: 'GitLab' works just fine here.
+    - Type: 'WEB APPLICATION AND/OR WEB API'
+
+1.  On the "App properties" page enter the needed URI's and click the "Complete" button.
+    - SIGN-IN URL: Enter the URL of your GitLab installation (e.g 'https://gitlab.mycompany.com/')
+    - APP ID URI: Enter the endpoint URL for Microsoft to use, just has to be unique (e.g 'https://mycompany.onmicrosoft.com/gitlab')
+
+1. Select "Configure" in the top menu.
+
+1. Add a "Reply URL" pointing to the Azure OAuth callback of your GitLab installation (e.g. https://gitlab.mycompany.com/users/auth/azure_oauth2/callback).
+
+1. Create a "Client secret" by selecting a duration, the secret will be generated as soon as you click the "Save" button in the bottom menu..
+
+1. Note the "CLIENT ID" and the "CLIENT SECRET".
+
+1. Select "View endpoints" from the bottom menu.
+
+1. You will see lots of endpoint URLs in the form 'https://login.microsoftonline.com/TENANT ID/...', note down the TENANT ID part of one of those endpoints.
+
+1.  On your GitLab server, open the configuration file.
+
+    For omnibus package:
+
+    ```sh
+      sudo editor /etc/gitlab/gitlab.rb
+    ```
+
+    For installations from source:
+
+    ```sh
+      cd /home/git/gitlab
+
+      sudo -u git -H editor config/gitlab.yml
+    ```
+
+1.  See [Initial OmniAuth Configuration](omniauth.md#initial-omniauth-configuration) for initial settings.
+
+1.  Add the provider configuration:
+
+    For omnibus package:
+
+    ```ruby
+      gitlab_rails['omniauth_providers'] = [
+        {
+          "name" => "azure_oauth2",
+          "args" => {
+            "client_id" => "CLIENT ID",
+            "client_secret" => "CLIENT SECRET",
+            "tenant_id" => "TENANT ID",
+          }
+        }
+      ]
+    ```
+
+    For installations from source:
+
+    ```
+     - { name: 'azure_oauth2',
+       args: { client_id: "CLIENT ID",
+       client_secret: "CLIENT SECRET",
+       tenant_id: "TENANT ID" } }
+    ```
+
+1.  Replace 'CLIENT ID', 'CLIENT SECRET' and 'TENANT ID' with the values you got above.
+
+1.  Save the configuration file.
+
+1.  Restart GitLab for the changes to take effect.
+
+On the sign in page there should now be a Microsoft icon below the regular sign in form. Click the icon to begin the authentication process. Microsoft will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.

doc/integration/omniauth.md

@@ -78,6 +78,7 @@ Now we can choose one or more of the Supported Providers below to continue confi
 - [Shibboleth](shibboleth.md)
 - [SAML](saml.md)
 - [Crowd](crowd.md)
+- [Azure](azure.md)
 
 ## Enable OmniAuth for an Existing User
 

features/project/find_file.feature

+@dashboard
+Feature: Project Find File
+  Background:
+    Given I sign in as a user
+    And I own a project
+    And I visit my project's files page
+
+  @javascript
+  Scenario: Navigate to find file by shortcut
+    Given I press "t"
+    Then I should see "find file" page
+
+  Scenario: Navigate to find file
+    Given I click Find File button
+    Then I should see "find file" page
+
+  @javascript
+  Scenario: I search file
+    Given I visit project find file page
+    And I fill in file find with "change"
+    Then I should not see ".gitignore" in files
+    And I should not see ".gitmodules" in files
+    And I should see "CHANGELOG" in files
+    And I should not see "VERSION" in files
+
+  @javascript
+  Scenario: I search file that not exist
+    Given I visit project find file page
+    And I fill in file find with "asdfghjklqwertyuizxcvbnm"
+    Then I should not see ".gitignore" in files
+    And I should not see ".gitmodules" in files
+    And I should not see "CHANGELOG" in files
+    And I should not see "VERSION" in files
+
+  @javascript
+  Scenario: I search file that partially matches
+    Given I visit project find file page
+    And I fill in file find with "git"
+    Then I should see ".gitignore" in files
+    And I should see ".gitmodules" in files
+    And I should not see "CHANGELOG" in files
+    And I should not see "VERSION" in files

features/steps/project/project_find_file.rb

+class Spinach::Features::ProjectFindFile < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedPaths
+  include SharedProject
+  include SharedProjectTab
+
+  step 'I press "t"' do
+    find('body').native.send_key('t')
+  end
+
+  step 'I click Find File button' do
+    click_link 'Find File'
+  end
+
+  step 'I should see "find file" page' do
+    ensure_active_main_tab('Files')
+    expect(page).to have_selector('.file-finder-holder', count: 1)
+  end
+
+  step 'I fill in Find by path with "git"' do
+    ensure_active_main_tab('Files')
+    expect(page).to have_selector('.file-finder-holder', count: 1)
+  end
+
+  step 'I fill in file find with "git"' do
+    find_file "git"
+  end
+
+  step 'I fill in file find with "change"' do
+    find_file "change"
+  end
+
+  step 'I fill in file find with "asdfghjklqwertyuizxcvbnm"' do
+    find_file "asdfghjklqwertyuizxcvbnm"
+  end
+
+  step 'I should see "VERSION" in files' do
+    expect(page).to have_content("VERSION")
+  end
+
+  step 'I should not see "VERSION" in files' do
+    expect(page).not_to have_content("VERSION")
+  end
+
+  step 'I should see "CHANGELOG" in files' do
+    expect(page).to have_content("CHANGELOG")
+  end
+
+  step 'I should not see "CHANGELOG" in files' do
+    expect(page).not_to have_content("CHANGELOG")
+  end
+
+  step 'I should see ".gitmodules" in files' do
+    expect(page).to have_content(".gitmodules")
+  end
+
+  step 'I should not see ".gitmodules" in files' do
+    expect(page).not_to have_content(".gitmodules")
+  end
+
+  step 'I should see ".gitignore" in files' do
+    expect(page).to have_content(".gitignore")
+  end
+
+  step 'I should not see ".gitignore" in files' do
+    expect(page).not_to have_content(".gitignore")
+  end
+
+
+  def find_file(text)
+    fill_in 'file_find', with: text
+  end
+end

features/steps/shared/paths.rb

@@ -259,6 +259,10 @@ module SharedPaths
     visit namespace_project_deploy_keys_path(@project.namespace, @project)
   end
 
+  step 'I visit project find file page' do
+    visit namespace_project_find_file_path(@project.namespace, @project, root_ref)
+  end
+
   # ----------------------------------------
   # "Shop" Project
   # ----------------------------------------

lib/api/merge_requests.rb

@@ -211,7 +211,7 @@ module API
         unauthorized! unless merge_request.can_be_merged_by?(current_user)
         not_allowed! if !merge_request.open? || merge_request.work_in_progress?
 
-        merge_request.check_if_can_be_merged if merge_request.unchecked?
+        merge_request.check_if_can_be_merged
 
         render_api_error!('Branch cannot be merged', 406) unless merge_request.can_be_merged?
 

lib/banzai/pipeline/single_line_pipeline.rb

@@ -3,7 +3,23 @@ require 'banzai'
 module Banzai
   module Pipeline
     class SingleLinePipeline < GfmPipeline
+      def self.filters
+        @filters ||= [
+          Filter::SanitizationFilter,
 
+          Filter::EmojiFilter,
+          Filter::AutolinkFilter,
+          Filter::ExternalLinkFilter,
+
+          Filter::UserReferenceFilter,
+          Filter::IssueReferenceFilter,
+          Filter::ExternalIssueReferenceFilter,
+          Filter::MergeRequestReferenceFilter,
+          Filter::SnippetReferenceFilter,
+          Filter::CommitRangeReferenceFilter,
+          Filter::CommitReferenceFilter,
+        ]
+      end
     end
   end
 end

lib/banzai/renderer.rb

@@ -18,22 +18,13 @@ module Banzai
       cache_key = context.delete(:cache_key)
       cache_key = full_cache_key(cache_key, context[:pipeline])
 
-      cacheless = cacheless_render(text, context)
-
-      if cache_key && ENV["DEBUG_BANZAI_CACHE"]
-        cached = Rails.cache.fetch(cache_key) { cacheless }
-
-        if cached != cacheless
-          Rails.logger.warn "Banzai cache mismatch"
-          Rails.logger.warn "Text: #{text.inspect}"
-          Rails.logger.warn "Context: #{context.inspect}"
-          Rails.logger.warn "Cache key: #{cache_key.inspect}"
-          Rails.logger.warn "Cacheless: #{cacheless.inspect}"
-          Rails.logger.warn "With cache: #{cached.inspect}"
+      if cache_key
+        Rails.cache.fetch(cache_key) do
+          cacheless_render(text, context)
         end
+      else
+        cacheless_render(text, context)
       end
-
-      cacheless
     end
 
     def self.render_result(text, context = {})

lib/gitlab/metrics.rb

@@ -13,8 +13,6 @@ module Gitlab
         timeout:               current_application_settings[:metrics_timeout],
         method_call_threshold: current_application_settings[:metrics_method_call_threshold],
         host:                  current_application_settings[:metrics_host],
-        username:              current_application_settings[:metrics_username],
-        password:              current_application_settings[:metrics_password],
         port:                  current_application_settings[:metrics_port]
       }
     end
@@ -90,12 +88,10 @@ module Gitlab
     if enabled?
       @pool = ConnectionPool.new(size: settings[:pool_size], timeout: settings[:timeout]) do
         host = settings[:host]
-        user = settings[:username]
-        pw   = settings[:password]
         port = settings[:port]
 
         InfluxDB::Client.
-          new(udp: { host: host, port: port }, username: user, password: pw)
+          new(udp: { host: host, port: port })
       end
     end
   end

lib/tasks/gitlab/check.rake

@@ -431,7 +431,7 @@ namespace :gitlab do
         try_fixing_it(
           "sudo chmod -R ug+rwX,o-rwx #{repo_base_path}",
           "sudo chmod -R ug-s #{repo_base_path}",
-          "find #{repo_base_path} -type d -print0 | sudo xargs -0 chmod g+s"
+          "sudo find #{repo_base_path} -type d -print0 | sudo xargs -0 chmod g+s"
         )
         for_more_information(
           see_installation_guide_section "GitLab Shell"

spec/controllers/projects/find_file_controller_spec.rb

+require 'spec_helper'
+
+describe Projects::FindFileController do
+  let(:project) { create(:project) }
+  let(:user)    { create(:user) }
+
+  before do
+    sign_in(user)
+
+    project.team << [user, :master]
+    controller.instance_variable_set(:@project, project)
+  end
+
+  describe "GET #show" do
+    # Make sure any errors accessing the tree in our views bubble up to this spec
+    render_views
+
+    before do
+      get(:show,
+          namespace_id: project.namespace.to_param,
+          project_id: project.to_param,
+          id: id)
+    end
+
+    context "valid branch" do
+      let(:id) { 'master' }
+      it { is_expected.to respond_with(:success) }
+    end
+
+    context "invalid branch" do
+      let(:id) { 'invalid-branch' }
+      it { is_expected.to respond_with(:not_found) }
+    end
+  end
+
+  describe "GET #list" do
+    def go(format: 'json')
+      get :list,
+          namespace_id: project.namespace.to_param,
+          project_id: project.to_param,
+          id: id,
+          format: format
+    end
+
+    context "valid branch" do
+      let(:id) { 'master' }
+      it 'returns an array of file path list' do
+        go
+
+        json = JSON.parse(response.body)
+        is_expected.to respond_with(:success)
+        expect(json).not_to eq(nil)
+        expect(json.length).to be >= 0
+      end
+    end
+
+    context "invalid branch" do
+      let(:id) { 'invalid-branch' }
+
+      it 'responds with status 404' do
+        go
+        is_expected.to respond_with(:not_found)
+      end
+    end
+  end
+end

spec/helpers/page_layout_helper_spec.rb

@@ -2,10 +2,8 @@ require 'rails_helper'
 
 describe PageLayoutHelper do
   describe 'page_description' do
-    it 'defaults to value returned by page_description_default helper' do
-      allow(helper).to receive(:page_description_default).and_return('Foo')
-
-      expect(helper.page_description).to eq 'Foo'
+    it 'defaults to nil' do
+      expect(helper.page_description).to eq nil
     end
 
     it 'returns the last-pushed description' do
@@ -42,58 +40,32 @@ describe PageLayoutHelper do
     end
   end
 
-  describe 'page_description_default' do
-    it 'uses Project description when available' do
-      project = double(description: 'Project Description')
-      helper.instance_variable_set(:@project, project)
-
-      expect(helper.page_description_default).to eq 'Project Description'
-    end
-
-    it 'uses brand_title when Project description is nil' do
-      project = double(description: nil)
-      helper.instance_variable_set(:@project, project)
-
-      expect(helper).to receive(:brand_title).and_return('Brand Title')
-      expect(helper.page_description_default).to eq 'Brand Title'
-    end
-
-    it 'falls back to brand_title' do
-      allow(helper).to receive(:brand_title).and_return('Brand Title')
-
-      expect(helper.page_description_default).to eq 'Brand Title'
-    end
-  end
-
   describe 'page_image' do
     it 'defaults to the GitLab logo' do
       expect(helper.page_image).to end_with 'assets/gitlab_logo.png'
     end
 
-    context 'with @project' do
-      it 'uses Project avatar if available' do
-        project = double(avatar_url: 'http://example.com/uploads/avatar.png')
-        helper.instance_variable_set(:@project, project)
+    %w(project user group).each do |type|
+      context "with @#{type} assigned" do
+        it "uses #{type.titlecase} avatar if available" do
+          object = double(avatar_url: 'http://example.com/uploads/avatar.png')
+          assign(type, object)
 
-        expect(helper.page_image).to eq project.avatar_url
-      end
+          expect(helper.page_image).to eq object.avatar_url
+        end
 
-      it 'falls back to the default' do
-        project = double(avatar_url: nil)
-        helper.instance_variable_set(:@project, project)
+        it 'falls back to the default when avatar_url is nil' do
+          object = double(avatar_url: nil)
+          assign(type, object)
 
-        expect(helper.page_image).to end_with 'assets/gitlab_logo.png'
+          expect(helper.page_image).to end_with 'assets/gitlab_logo.png'
+        end
       end
-    end
-
-    context 'with @user' do
-      it 'delegates to avatar_icon helper' do
-        user = double('User')
-        helper.instance_variable_set(:@user, user)
-
-        expect(helper).to receive(:avatar_icon).with(user)
 
-        helper.page_image
+      context "with no assignments" do
+        it 'falls back to the default' do
+          expect(helper.page_image).to end_with 'assets/gitlab_logo.png'
+        end
       end
     end
   end

spec/models/note_spec.rb

@@ -125,6 +125,19 @@ describe Note, models: true do
     let(:set_mentionable_text) { ->(txt) { subject.note = txt } }
   end
 
+  describe "#all_references" do
+    let!(:note1) { create(:note) }
+    let!(:note2) { create(:note) }
+
+    it "reads the rendered note body from the cache" do
+      expect(Banzai::Renderer).to receive(:render).with(note1.note, pipeline: :note, cache_key: [note1, "note"], project: note1.project)
+      expect(Banzai::Renderer).to receive(:render).with(note2.note, pipeline: :note, cache_key: [note2, "note"], project: note2.project)
+
+      note1.all_references
+      note2.all_references
+    end
+  end
+
   describe :search do
     let!(:note) { create(:note, note: "WoW") }
 
@@ -164,7 +177,7 @@ describe Note, models: true do
       expect(note.editable?).to be_falsy
     end
   end
-  
+
   describe "set_award!" do
     let(:issue) { create :issue }
 

spec/routing/project_routing_spec.rb

@@ -434,6 +434,18 @@ describe Projects::TreeController, 'routing' do
   end
 end
 
+# project_find_file GET /:namespace_id/:project_id/find_file/*id(.:format)  projects/find_file#show {:id=>/.+/, :namespace_id=>/[a-zA-Z.0-9_\-]+/, :project_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/, :format=>/html/}
+# project_files     GET /:namespace_id/:project_id/files/*id(.:format)      projects/find_file#list {:id=>/(?:[^.]|\.(?!json$))+/, :namespace_id=>/[a-zA-Z.0-9_\-]+/, :project_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/, :format=>/json/}
+describe Projects::FindFileController, 'routing' do
+  it 'to #show' do
+    expect(get('/gitlab/gitlabhq/find_file/master')).to route_to('projects/find_file#show', namespace_id: 'gitlab', project_id: 'gitlabhq', id: 'master')
+  end
+
+  it 'to #list' do
+    expect(get('/gitlab/gitlabhq/files/master.json')).to route_to('projects/find_file#list', namespace_id: 'gitlab', project_id: 'gitlabhq', id: 'master', format: 'json')
+  end
+end
+
 describe Projects::BlobController, 'routing' do
   it 'to #edit' do
     expect(get('/gitlab/gitlabhq/edit/master/app/models/project.rb')).to(