fixed conflict

CHANGELOG

 Please view this file on the master branch, on stable branches it's out of date.
 
 v 7.13.0 (unreleased)
+  - Only enable HSTS header for HTTPS and port 443 (Stan Hu)
+  - Fix user autocomplete for unauthenticated users accessing public projects (Stan Hu)
   - Fix redirection to home page URL for unauthorized users (Daniel Gerhardt)
   - Add branch switching support for graphs (Daniel Gerhardt)
   - Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt)
   - Remove link leading to a 404 error in Deploy Keys page (Stan Hu)
   - Add support for unlocking users in admin settings (Stan Hu)
   - Add Irker service configuration options (Stan Hu)
-  - Fix order of issues imported form GitHub (Hiroyuki Sato)
+  - Fix order of issues imported from GitHub (Hiroyuki Sato)
   - Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart)
   - Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI
   - Add `two_factor_enabled` field to admin user API (Stan Hu)
   - Fix invalid timestamps in RSS feeds (Rowan Wookey)
-  - Fix error when deleting a user who has projects (Stan Hu)
   - Fix downloading of patches on public merge requests when user logged out (Stan Hu)
-  - The password for the default administrator (root) account has been changed from "5iveL!fe" to "password".
   - Fix Error 500 when relative submodule resolves to a namespace that has a different name from its path (Stan Hu)
   - Extract the longest-matching ref from a commit path when multiple matches occur (Stan Hu)
   - Update maintenance documentation to explain no need to recompile asssets for omnibus installations (Stan Hu)
@@ -41,11 +41,17 @@ v 7.13.0 (unreleased)
   - Allow users to be blocked and unblocked via the API
   - Use native Postgres database cleaning during backup restore
   - Redesign project page. Show README as default instead of activity. Move project activity to separate page
+  - Make left menu more hierarchical and less contextual by adding back item at top
+  - A fork can’t have a visibility level that is greater than the original project.
+  - Faster code search in repository and wiki. Fixes search page timeout for big repositories 
+  - Allow administrators to disable 2FA for a specific user
+  - Add error message for SSH key linebreaks
 
 v 7.12.2
   - Correctly show anonymous authorized applications under Profile > Applications.
   - Faster automerge check and merge itself when source and target branches are in same repository
   - Audit log for user authentication
+  - Fix transferring of project to another group using the API.
 
 v 7.12.1
   - Fix error when deleting a user who has projects (Stan Hu)

Gemfile

@@ -231,19 +231,13 @@ group :development, :test do
   gem 'fuubar', '~> 2.0.0'
   gem 'pry-rails'
 
-  gem 'coveralls', require: false
+  gem 'coveralls',        '~> 0.8.2', require: false
   gem 'database_cleaner', '~> 1.4.0'
   gem 'factory_girl_rails'
-  gem 'rspec-rails', '~> 3.3.0'
-  gem 'rubocop', '0.28.0', require: false
+  gem 'rspec-rails',      '~> 3.3.0'
+  gem 'rubocop',          '0.28.0',   require: false
   gem 'spinach-rails'
 
-  # rest-client is a coveralls dependency and not used directly in GitLab, but
-  # we specify a version here to pick up some security fixes.
-  # See https://github.com/rest-client/rest-client/issues/369
-  # and http://www.osvdb.org/show/osvdb/117461
-  gem 'rest-client', '~> 1.8.0'
-
   # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
   gem 'minitest', '~> 5.3.0'
 

Gemfile.lock

@@ -703,7 +703,7 @@ GEM
     underscore-rails (1.4.4)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.6)
+    unf_ext (0.0.7.1)
     unicorn (4.6.3)
       kgio (~> 2.6)
       rack
@@ -759,7 +759,7 @@ DEPENDENCIES
   charlock_holmes
   coffee-rails
   colored
-  coveralls
+  coveralls (~> 0.8.2)
   creole (~> 0.3.6)
   d3_rails (~> 3.5.5)
   database_cleaner (~> 1.4.0)
@@ -833,7 +833,6 @@ DEPENDENCIES
   redis-rails
   request_store
   rerun (~> 0.10.0)
-  rest-client (~> 1.8.0)
   rqrcode-rails3
   rspec-rails (~> 3.3.0)
   rubocop (= 0.28.0)

README.md

@@ -25,7 +25,7 @@ To use EE and get official support please [become a subscriber](https://about.gi
 
 ## Code status
 
-- [![build status](https://ci.gitlab.org/projects/1/status.png?ref=master)](https://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch)
+- [![build status](https://ci.gitlab.com/projects/1/status.png?ref=master)](https://ci.gitlab.com/projects/1?ref=master) on ci.gitlab.com (master branch)
 
 - [![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq)
 
@@ -62,7 +62,7 @@ The recommended way to install GitLab is using the provided [Omnibus packages](h
 
 There are various other options to install GitLab, please refer to the [installation page on the GitLab website](https://about.gitlab.com/installation/) for more information.
 
-You can access a new installation with the login **`root`** and password **`password`**, after login you are required to set a unique password.
+You can access a new installation with the login **`root`** and password **`5iveL!fe`**, after login you are required to set a unique password.
 
 ## Third-party applications
 

app/assets/javascripts/application.js.coffee

@@ -40,6 +40,7 @@
 #= require shortcuts_issuable
 #= require shortcuts_network
 #= require cal-heatmap
+#= require jquery.nicescroll.min
 #= require_tree .
 
 window.slugify = (text) ->
@@ -104,6 +105,8 @@ if location.hash
 window.addEventListener "hashchange", shiftWindow
 
 $ ->
+  $(".nicescroll").niceScroll(cursoropacitymax: '0.4', cursorcolor: '#FFF', cursorborder: "1px solid #FFF")
+
   # Click a .js-select-on-focus field, select the contents
   $(".js-select-on-focus").on "focusin", ->
     # Prevent a mouseup event from deselecting the input

app/assets/javascripts/dispatcher.js.coffee

@@ -63,7 +63,6 @@ class Dispatcher
       when 'projects:commits:show'
         shortcut_handler = new ShortcutsNavigation()
       when 'projects:activity'
-        new Activities()
         shortcut_handler = new ShortcutsNavigation()
       when 'projects:show'
         shortcut_handler = new ShortcutsNavigation()

app/assets/javascripts/dropzone_input.js.coffee

@@ -25,10 +25,10 @@ class @DropzoneInput
     form_dropzone = $(form).find('.div-dropzone')
     form_dropzone.parent().addClass "div-dropzone-wrapper"
     form_dropzone.append divHover
-    $(".div-dropzone-hover").append iconPaperclip
+    form_dropzone.find(".div-dropzone-hover").append iconPaperclip
     form_dropzone.append divSpinner
-    $(".div-dropzone-spinner").append iconSpinner
-    $(".div-dropzone-spinner").css
+    form_dropzone.find(".div-dropzone-spinner").append iconSpinner
+    form_dropzone.find(".div-dropzone-spinner").css
       "opacity": 0
       "display": "none"
 

app/assets/javascripts/pager.js.coffee

@@ -12,7 +12,7 @@
     @loading.show()
     $.ajax
       type: "GET"
-      url: location.href
+      url: $(".content_list").data('href') || location.href
       data: "limit=" + @limit + "&offset=" + @offset
       complete: =>
         @loading.hide()

app/assets/stylesheets/base/mixins.scss

@@ -109,7 +109,7 @@
     font-size: 1.2em;
   }
 
-  blockquote p {
+  blockquote {
     color: #888;
     font-size: 15px;
     line-height: 1.5;

app/assets/stylesheets/generic/sidebar.scss

@@ -2,6 +2,9 @@
   .sidebar-wrapper {
     position: fixed;
     top: 0;
+    bottom: 0;
+    overflow-y: auto;
+    overflow-x: hidden;
     left: 0;
     height: 100%;
     transition-duration: .3s;
@@ -21,8 +24,9 @@
 }
 
 .nav-sidebar {
+  margin-top: 29 + $header-height;
+  margin-bottom: 50px;
   transition-duration: .3s;
-  margin: 0;
   list-style: none;
   overflow: hidden;
 
@@ -39,12 +43,12 @@
     }
 
     a {
+      padding: 8px 15px;
+      font-size: 13px;
+      line-height: 18px;
       color: $gray;
       display: block;
       text-decoration: none;
-      padding: 8px 15px;
-      font-size: 14px;
-      line-height: 20px;
       padding-left: 16px;
 
       &:hover {
@@ -88,14 +92,17 @@
     width: $sidebar_width;
 
     .nav-sidebar {
-      margin-top: 29px;
-      position: fixed;
-      top: $header-height;
       width: $sidebar_width;
     }
 
     .nav-sidebar li a{
       width: 230px;
+
+      &.back-link {
+        i {
+          visibility: hidden;
+        }
+      }
     }
   }
 }
@@ -108,15 +115,9 @@
     width: $sidebar_collapsed_width;
 
     .nav-sidebar {
-      margin-top: 29px;
-      position: fixed;
-      top: $header-height;
       width: $sidebar_collapsed_width;
 
       li a {
-        font-size: 14px;
-        padding: 8px 15px;
-        text-align: left;
         padding-left: 16px;
       }
     }
@@ -175,7 +176,7 @@
 }
 
 .sidebar-user {
-  position: absolute;
+  position: fixed;
   bottom: 0;
   width: $sidebar_width;
   padding: 10px;

app/assets/stylesheets/pages/notes.scss

@@ -72,13 +72,28 @@ ul.notes {
   .note {
     display: block;
     position:relative;
+
     .note-body {
       overflow: auto;
+
       .note-text {
         overflow: auto;
         word-wrap: break-word;
         @include md-typography;
 
+        // Reset ul style types since we're nested inside a ul already
+        & > ul {
+          list-style-type: disc;
+
+          ul {
+            list-style-type: circle;
+
+            ul {
+              list-style-type: square;
+            }
+          }
+        }
+
         // Reduce left padding of first task list ul element
         ul.task-list:first-child {
           padding-left: 10px;
@@ -94,6 +109,7 @@ ul.notes {
         }
       }
     }
+
     .note-header {
       padding-bottom: 3px;
     }

app/assets/stylesheets/themes/gitlab-theme.scss

@@ -35,9 +35,9 @@
 
     .sidebar-wrapper {
       background: $color-darker;
-      border-right: 1px solid $color-darker;
 
       .sidebar-user {
+        background: $color-darker;
         color: $color-light;
 
         &:hover {

app/controllers/admin/projects_controller.rb

@@ -23,7 +23,8 @@ class Admin::ProjectsController < Admin::ApplicationController
   end
 
   def transfer
-    ::Projects::TransferService.new(@project, current_user, params.dup).execute
+    namespace = Namespace.find_by(id: params[:new_namespace_id])
+    ::Projects::TransferService.new(@project, current_user, params.dup).execute(namespace)
 
     @project.reload
     redirect_to admin_namespace_project_path(@project.namespace, @project)

app/controllers/admin/users_controller.rb

@@ -55,6 +55,12 @@ class Admin::UsersController < Admin::ApplicationController
     end
   end
 
+  def disable_two_factor
+    user.disable_two_factor!
+    redirect_to admin_user_path(user),
+      notice: 'Two-factor Authentication has been disabled for this user'
+  end
+
   def create
     opts = {
       force_random_password: true,

app/controllers/application_controller.rb

@@ -183,7 +183,10 @@ class ApplicationController < ActionController::Base
     headers['X-XSS-Protection'] = '1; mode=block'
     headers['X-UA-Compatible'] = 'IE=edge'
     headers['X-Content-Type-Options'] = 'nosniff'
-    headers['Strict-Transport-Security'] = 'max-age=31536000' if Gitlab.config.gitlab.https
+    # Enabling HSTS for non-standard ports would send clients to the wrong port
+    if Gitlab.config.gitlab.https and Gitlab.config.gitlab.port == 443
+      headers['Strict-Transport-Security'] = 'max-age=31536000'
+    end
   end
 
   def add_gon_variables

app/controllers/autocomplete_controller.rb

 class AutocompleteController < ApplicationController
+  skip_before_action :authenticate_user!, only: [:users]
+
   def users
-    @users =
-      if params[:project_id].present?
-        project = Project.find(params[:project_id])
+    begin
+      @users =
+        if params[:project_id].present?
+          project = Project.find(params[:project_id])
 
-        if can?(current_user, :read_project, project)
-          project.team.users
-        end
-      elsif params[:group_id]
-        group = Group.find(params[:group_id])
+          if can?(current_user, :read_project, project)
+            project.team.users
+          end
+        elsif params[:group_id]
+          group = Group.find(params[:group_id])
 
-        if can?(current_user, :read_group, group)
-          group.users
+          if can?(current_user, :read_group, group)
+            group.users
+          end
+        elsif current_user
+          User.all
         end
-      else
-        User.all
+    rescue ActiveRecord::RecordNotFound
+      if current_user
+        return render json: {}, status: 404
       end
+    end
+
+    if @users.nil? && current_user.nil?
+      authenticate_user!
+    end
 
+    @users ||= User.none
     @users = @users.search(params[:search]) if params[:search].present?
     @users = @users.active
     @users = @users.page(params[:page]).per(PER_PAGE)

app/controllers/profiles/preferences_controller.rb

@@ -32,6 +32,7 @@ class Profiles::PreferencesController < Profiles::ApplicationController
     params.require(:user).permit(
       :color_scheme_id,
       :dashboard,
+      :project_view,
       :theme_id
     )
   end

app/controllers/profiles/two_factor_auths_controller.rb

@@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
   end
 
   def destroy
-    current_user.update_attributes({
-      two_factor_enabled:        false,
-      encrypted_otp_secret:      nil,
-      encrypted_otp_secret_iv:   nil,
-      encrypted_otp_secret_salt: nil,
-      otp_backup_codes:          nil
-    })
+    current_user.disable_two_factor!
 
     redirect_to profile_account_path
   end

app/controllers/projects_controller.rb

@@ -52,10 +52,11 @@ class ProjectsController < ApplicationController
   end
 
   def transfer
-    transfer_params = params.permit(:new_namespace_id)
-    ::Projects::TransferService.new(project, current_user, transfer_params).execute
-    if @project.errors[:namespace_id].present?
-      flash[:alert] = @project.errors[:namespace_id].first
+    namespace = Namespace.find_by(id: params[:new_namespace_id])
+    ::Projects::TransferService.new(project, current_user).execute(namespace)
+
+    if @project.errors[:new_namespace].present?
+      flash[:alert] = @project.errors[:new_namespace].first
     end
   end
 

app/helpers/application_settings_helper.rb

@@ -28,7 +28,7 @@ module ApplicationSettingsHelper
   def restricted_level_checkboxes(help_block_id)
     Gitlab::VisibilityLevel.options.map do |name, level|
       checked = restricted_visibility_levels(true).include?(level)
-      css_class = 'btn btn-primary'
+      css_class = 'btn'
       css_class += ' active' if checked
       checkbox_name = 'application_setting[restricted_visibility_levels][]'
 

app/helpers/gitlab_markdown_helper.rb

@@ -118,7 +118,7 @@ module GitlabMarkdownHelper
 
   # Returns a random markdown tip for use as a textarea placeholder
   def random_markdown_tip
-    "Tip: #{MARKDOWN_TIPS.sample}"
+    MARKDOWN_TIPS.sample
   end
 
   private

app/helpers/preferences_helper.rb

@@ -42,6 +42,13 @@ module PreferencesHelper
     end
   end
 
+  def project_view_choices
+    [
+      ['Readme (default)', :readme],
+      ['Activity view', :activity]
+    ]
+  end
+
   def user_application_theme
     theme = Gitlab::Themes.by_id(current_user.try(:theme_id))
     theme.css_class
@@ -50,4 +57,9 @@ module PreferencesHelper
   def user_color_scheme_class
     COLOR_SCHEMES[current_user.try(:color_scheme_id)] if defined?(current_user)
   end
+
+  def prefer_readme?
+    !current_user ||
+      current_user.project_view == 'readme'
+  end
 end

app/helpers/projects_helper.rb

@@ -92,6 +92,16 @@ module ProjectsHelper
     end
   end
 
+  def can_change_visibility_level?(project, current_user)
+    return false unless can?(current_user, :change_visibility_level, project)
+
+    if project.forked?
+      project.forked_from_project.visibility_level > Gitlab::VisibilityLevel::PRIVATE
+    else
+      true
+    end
+  end
+
   private
 
   def get_project_nav_tabs(project, current_user)
@@ -238,16 +248,6 @@ module ProjectsHelper
     end
   end
 
-  def service_field_value(type, value)
-    return value unless type == 'password'
-
-    if value.present?
-      "***********"
-    else
-      nil
-    end
-  end
-
   def user_max_access_in_project(user, project)
     level = project.team.max_member_access(user)
 

app/helpers/visibility_level_helper.rb

@@ -86,4 +86,10 @@ module VisibilityLevelHelper
   def default_snippet_visibility
     current_application_settings.default_snippet_visibility
   end
+
+  def skip_level?(form_model, level)
+    form_model.is_a?(Project) &&
+    form_model.forked? &&
+    !Gitlab::VisibilityLevel.allowed_fork_levels(form_model.forked_from_project.visibility_level).include?(level)
+  end
 end

app/models/concerns/mentionable.rb

@@ -79,22 +79,36 @@ module Mentionable
     end
   end
 
-  # If the mentionable_text field is about to change, locate any *added* references and create cross references for
-  # them. Invoke from an observer's #before_save implementation.
-  def notice_added_references(p = project, a = author)
-    ch = changed_attributes
-    original, mentionable_changed = "", false
-    self.class.mentionable_attrs.each do |attr|
-      if ch[attr]
-        original << ch[attr]
-        mentionable_changed = true
-      end
-    end
+  # When a mentionable field is changed, creates cross-reference notes that
+  # don't already exist
+  def create_new_cross_references!(p = project, a = author)
+    changes = detect_mentionable_changes
+
+    return if changes.empty?
 
-    # Only proceed if the saved changes actually include a chance to an attr_mentionable field.
-    return unless mentionable_changed
+    original_text = changes.collect { |_, vals| vals.first }.join(' ')
 
-    preexisting = references(p, self.author, original)
+    preexisting = references(p, self.author, original_text)
     create_cross_references!(p, a, preexisting)
   end
+
+  private
+
+  # Returns a Hash of changed mentionable fields
+  #
+  # Preference is given to the `changes` Hash, but falls back to
+  # `previous_changes` if it's empty (i.e., the changes have already been
+  # persisted).
+  #
+  # See ActiveModel::Dirty.
+  #
+  # Returns a Hash.
+  def detect_mentionable_changes
+    source = (changes.present? ? changes : previous_changes).dup
+
+    mentionable = self.class.mentionable_attrs
+
+    # Only include changed fields that are mentionable
+    source.select { |key, val| mentionable.include?(key) }
+  end
 end

app/models/key.rb

@@ -24,6 +24,7 @@ class Key < ActiveRecord::Base
 
   validates :title, presence: true, length: { within: 0..255 }
   validates :key, presence: true, length: { within: 0..5000 }, format: { with: /\A(ssh|ecdsa)-.*\Z/ }, uniqueness: true
+  validates :key, format: { without: /\n|\r/, message: 'should be a single line' }
   validates :fingerprint, uniqueness: true, presence: { message: 'cannot be generated' }
 
   delegate :name, :email, to: :user, prefix: true

app/models/note.rb

@@ -356,7 +356,7 @@ class Note < ActiveRecord::Base
   end
 
   def set_references
-    notice_added_references(project, author)
+    create_new_cross_references!(project, author)
   end
 
   def editable?

app/models/repository.rb

@@ -431,6 +431,40 @@ class Repository
     end
   end
 
+  def search_files(query, ref)
+    offset = 2
+    args = %W(git grep -i -n --before-context #{offset} --after-context #{offset} #{query} #{ref || root_ref})
+    Gitlab::Popen.popen(args, path_to_repo).first.scrub.split(/^--$/)
+  end
+
+  def parse_search_result(result)
+    ref = nil
+    filename = nil
+    startline = 0
+
+    lines = result.lines
+    lines.each_with_index do |line, index|
+      if line =~ /^.*:.*:\d+:/
+        ref, filename, startline = line.split(':')
+        startline = startline.to_i - index
+        break
+      end
+    end
+
+    data = lines.map do |line|
+      line.sub(ref, '').sub(filename, '').sub(/^:-\d+-/, '').sub(/^::\d+:/, '')
+    end
+
+    data = data.join("")
+
+    OpenStruct.new(
+      filename: filename,
+      ref: ref,
+      startline: startline,
+      data: data
+    )
+  end
+
   private
 
   def cache

app/models/user.rb

@@ -177,6 +177,10 @@ class User < ActiveRecord::Base
   # Note: When adding an option, it MUST go on the end of the array.
   enum dashboard: [:projects, :stars]
 
+  # User's Project preference
+  # Note: When adding an option, it MUST go on the end of the array.
+  enum project_view: [:readme, :activity]
+
   alias_attribute :private_token, :authentication_token
 
   delegate :path, to: :namespace, allow_nil: true, prefix: true
@@ -322,6 +326,16 @@ class User < ActiveRecord::Base
     @reset_token
   end
 
+  def disable_two_factor!
+    update_attributes(
+      two_factor_enabled:        false,
+      encrypted_otp_secret:      nil,
+      encrypted_otp_secret_iv:   nil,
+      encrypted_otp_secret_salt: nil,
+      otp_backup_codes:          nil
+    )
+  end
+
   def namespace_uniq
     namespace_name = self.username
     existing_namespace = Namespace.by_path(namespace_name)

app/services/issues/update_service.rb

@@ -35,7 +35,7 @@ module Issues
           create_title_change_note(issue, issue.previous_changes['title'].first)
         end
 
-        issue.notice_added_references(issue.project, current_user)
+        issue.create_new_cross_references!(issue.project, current_user)
         execute_hooks(issue, 'update')
       end
 

app/services/merge_requests/update_service.rb

@@ -59,7 +59,7 @@ module MergeRequests
           merge_request.mark_as_unchecked
         end
 
-        merge_request.notice_added_references(merge_request.project, current_user)
+        merge_request.create_new_cross_references!(merge_request.project, current_user)
         execute_hooks(merge_request, 'update')
       end
 

app/services/projects/transfer_service.rb

@@ -11,19 +11,16 @@ module Projects
     include Gitlab::ShellAdapter
     class TransferError < StandardError; end
 
-    def execute
-      namespace_id = params[:new_namespace_id]
-      namespace = Namespace.find_by(id: namespace_id)
-
-      if allowed_transfer?(current_user, project, namespace)
-        transfer(project, namespace)
+    def execute(new_namespace)
+      if allowed_transfer?(current_user, project, new_namespace)
+        transfer(project, new_namespace)
       else
-        project.errors.add(:namespace, 'is invalid')
+        project.errors.add(:new_namespace, 'is invalid')
         false
       end
     rescue Projects::TransferService::TransferError => ex
       project.reload
-      project.errors.add(:namespace_id, ex.message)
+      project.errors.add(:new_namespace, ex.message)
       false
     end
 

app/views/admin/users/show.html.haml

@@ -43,6 +43,7 @@
           %strong{class: @user.two_factor_enabled? ? 'cgreen' : 'cred'}
             - if @user.two_factor_enabled?
               Enabled
+              = link_to 'Disable', disable_two_factor_admin_user_path(@user), data: {confirm: 'Are you sure?'}, method: :patch, class: 'btn btn-xs btn-remove pull-right', title: 'Disable Two-factor Authentication'
             - else
               Disabled
 

app/views/events/_event.html.haml

@@ -5,6 +5,7 @@
 
     - if event.created_project?
       = cache [event, current_user] do
+        = image_tag avatar_icon(event.author_email, 24), class: "avatar s24", alt:''
         = render "events/event/created_project", event: event
     - else
       = cache event do

app/views/layouts/_head.html.haml

@@ -7,14 +7,29 @@
   %title= page_title
 
   = favicon_link_tag 'favicon.ico'
-  = stylesheet_link_tag    "application", :media => "all"
-  = stylesheet_link_tag    "print", :media => "print"
+
+  = stylesheet_link_tag "application", media: "all"
+  = stylesheet_link_tag "print",       media: "print"
+
   = javascript_include_tag "application"
+
   = csrf_meta_tags
+
   = include_gon
+
   %meta{name: 'viewport', content: 'width=device-width, initial-scale=1, maximum-scale=1'}
   %meta{name: 'theme-color', content: '#474D57'}
 
+  -# Apple Safari/iOS home screen icons
+  = favicon_link_tag 'touch-icon-iphone.png',        rel: 'apple-touch-icon'
+  = favicon_link_tag 'touch-icon-ipad.png',          rel: 'apple-touch-icon', sizes: '76x76'
+  = favicon_link_tag 'touch-icon-iphone-retina.png', rel: 'apple-touch-icon', sizes: '120x120'
+  = favicon_link_tag 'touch-icon-ipad-retina.png',   rel: 'apple-touch-icon', sizes: '152x152'
+
+  -# Windows 8 pinned site tile
+  %meta{name: 'msapplication-TileImage', content: image_url('msapplication-tile.png')}
+  %meta{name: 'msapplication-TileColor', content: '#30353E'}
+
   = yield :meta_tags
 
   = render 'layouts/google_analytics' if extra_config.has_key?('google_analytics_id')

app/views/layouts/_page.html.haml

 .page-with-sidebar{ class: nav_sidebar_class }
   = render "layouts/broadcast"
-  .sidebar-wrapper
+  .sidebar-wrapper.nicescroll
     - if defined?(sidebar) && sidebar
       = render "layouts/nav/#{sidebar}"
     - elsif current_user

app/views/layouts/nav/_group.html.haml

 %ul.nav.nav-sidebar
+  = nav_link do
+    = link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
+      = icon('caret-square-o-left fw')
+      %span
+        Back to Dashboard
+
+  %li.separate-item
+
   = nav_link(path: 'groups#show', html_options: {class: 'home'}) do
     = link_to group_path(@group), title: 'Home', data: {placement: 'right'} do
       = icon('dashboard fw')
       %span
-        Activity
+        Group
   - if current_user
     = nav_link(controller: [:group, :milestones]) do
       = link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do

app/views/layouts/nav/_group_settings.html.haml

 %ul.nav.nav-sidebar
   = nav_link do
-    = link_to group_path(@group), title: 'Back to group', data: {placement: 'right'} do
+    = link_to group_path(@group), title: 'Back to group', data: {placement: 'right'}, class: 'back-link' do
       = icon('caret-square-o-left fw')
       %span
         Back to group

app/views/layouts/nav/_profile.html.haml

 %ul.nav.nav-sidebar
+  = nav_link do
+    = link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
+      = icon('caret-square-o-left fw')
+      %span
+        Back to Dashboard
+
+  %li.separate-item
+
   = nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
     = link_to profile_path, title: 'Profile', data: {placement: 'right'} do
       = icon('user fw')

app/views/layouts/nav/_project.html.haml

 %ul.nav.nav-sidebar
+  - if @project.group
+    = nav_link do
+      = link_to group_path(@project.group), title: 'Back to group', data: {placement: 'right'}, class: 'back-link' do
+        = icon('caret-square-o-left fw')
+        %span
+          Back to Group
+  - else
+    = nav_link do
+      = link_to root_path, title: 'Back to dashboard', data: {placement: 'right'}, class: 'back-link' do
+        = icon('caret-square-o-left fw')
+        %span
+          Back to Dashboard
+
+  %li.separate-item
+
   = nav_link(path: 'projects#show', html_options: {class: 'home'}) do
     = link_to project_path(@project), title: 'Project', class: 'shortcuts-project', data: {placement: 'right'} do
       = icon('home fw')

app/views/layouts/nav/_project_settings.html.haml

 %ul.nav.nav-sidebar
   = nav_link do
-    = link_to project_path(@project), title: 'Back to project', data: {placement: 'right'} do
+    = link_to project_path(@project), title: 'Back to project', data: {placement: 'right'}, class: 'back-link' do
       = icon('caret-square-o-left fw')
       %span
         Back to project

app/views/profiles/preferences/show.html.haml

@@ -38,5 +38,13 @@
           = link_to('(?)', help_page_path('profile', 'preferences') + '#default-dashboard', target: '_blank')
         .col-sm-10
           = f.select :dashboard, dashboard_choices, {}, class: 'form-control'
+      .form-group
+        = f.label :project_view, class: 'control-label' do
+          Project view
+          = link_to('(?)', help_page_path('profile', 'preferences') + '#default-project-view', target: '_blank')
+        .col-sm-10
+          = f.select :project_view, project_view_choices, {}, class: 'form-control'
+          .help-block
+            Choose what content you want to see when visit project page
     .panel-footer
       = f.submit 'Save', class: 'btn btn-save'

app/views/projects/_activity.html.haml

+= render 'projects/last_push'
+.hidden-xs
+  - if current_user
+    %ul.nav.nav-pills.event_filter.pull-right
+      %li
+        = link_to namespace_project_path(@project.namespace, @project, format: :atom, private_token: current_user.private_token), title: "Feed", class: 'rss-btn' do
+          %i.fa.fa-rss
+
+  = render 'shared/event_filter'
+  %hr
+.content_list{:"data-href" => activity_project_path(@project)}
+= spinner
+
+:coffeescript
+  new Activities()

app/views/projects/_home_panel.html.haml

@@ -23,4 +23,6 @@
         = link_to archive_namespace_project_repository_path(@project.namespace, @project, ref: @ref, format: 'zip'), class: 'btn', rel: 'nofollow' do
           %i.fa.fa-download
 
+    = render 'projects/buttons/dropdown'
+
   = render "shared/clone_panel"

app/views/projects/_readme.html.haml

+- if readme = @repository.readme
+  %article.readme-holder#README
+    .clearfix
+      .pull-right
+         
+        - if can?(current_user, :push_code, @project)
+          = link_to namespace_project_edit_blob_path(@project.namespace, @project, tree_join(@repository.root_ref, readme.name)), class: 'light' do
+            %i.fa.fa-pencil
+    .wiki
+      = cache(readme_cache_key) do
+        = render_readme(readme)
+- else
+  %h3.page-title
+    This project does not have README yet
+  - if can?(current_user, :push_code, @project)
+    %p.slead
+      A
+      %code README
+      file contains information about other files in a repository and is commonly
+      distributed with computer software, forming part of its documentation.
+      %br
+      We recommend you to
+      = link_to "add README", new_readme_path, class: 'underlined-link'
+      file to the repository and GitLab will render it here instead of this message.

app/views/projects/_zen.html.haml

@@ -2,7 +2,7 @@
   %input#zen-toggle-comment.zen-toggle-comment{ tabindex: '-1', type: 'checkbox' }
   .zen-backdrop
     - classes << ' js-gfm-input markdown-area'
-    = f.text_area attr, class: classes, placeholder: random_markdown_tip
+    = f.text_area attr, class: classes, placeholder: ''
     = link_to nil, class: 'zen-enter-link', tabindex: '-1' do
       %i.fa.fa-expand
       Edit in fullscreen

app/views/projects/activity.html.haml

-= render 'projects/last_push'
-.hidden-xs
-  - if current_user
-    %ul.nav.nav-pills.event_filter.pull-right
-      %li
-        = link_to namespace_project_path(@project.namespace, @project, format: :atom, private_token: current_user.private_token), title: "Feed", class: 'rss-btn' do
-          %i.fa.fa-rss
-
-  = render 'shared/event_filter'
-  %hr
-.content_list
-= spinner
+= render 'projects/activity'

app/views/projects/buttons/_dropdown.html.haml

+- if current_user
+  %span.dropdown
+    %a.dropdown-toggle.btn.btn-new{href: '#', "data-toggle" => "dropdown"}
+      %i.fa.fa-plus
+    %ul.dropdown-menu
+      - if @project.issues_enabled && can?(current_user, :create_issue, @project)
+        %li
+          = link_to url_for_new_issue, title: "New Issue" do
+            New issue
+      - if @project.merge_requests_enabled && can?(current_user, :create_merge_request, @project)
+        %li
+          = link_to new_namespace_project_merge_request_path(@project.namespace, @project), title: "New Merge Request" do
+            New merge request
+      - if @project.snippets_enabled && can?(current_user, :create_snippet, @project)
+        %li
+          = link_to new_namespace_project_snippet_path(@project.namespace, @project), title: "New Snippet" do
+            New snippet
+      - if can?(current_user, :admin_project_member, @project)
+        %li
+          = link_to namespace_project_project_members_path(@project.namespace, @project), title: "New project member" do
+            New project member
+      - if can? current_user, :push_code, @project
+        %li.divider
+        %li
+          = link_to new_namespace_project_branch_path(@project.namespace, @project) do
+            New git branch
+        %li
+          = link_to new_namespace_project_tag_path(@project.namespace, @project) do
+            New git tag
+
+

app/views/projects/edit.html.haml

@@ -29,7 +29,7 @@
                 .col-sm-10= f.select(:default_branch, @repository.branch_names, {}, {class: 'select2 select-wide'})
 
 
-          = render 'shared/visibility_level', f: f, visibility_level: @project.visibility_level, can_change_visibility_level: can?(current_user, :change_visibility_level, @project), form_model: @project
+          = render 'shared/visibility_level', f: f, visibility_level: @project.visibility_level, can_change_visibility_level: can_change_visibility_level?(@project, current_user), form_model: @project
 
           .form-group
             = f.label :tag_list, "Tags", class: 'control-label'

app/views/projects/labels/_label.html.haml

@@ -6,5 +6,5 @@
         = pluralize label.open_issues_count, 'open issue'
 
     - if can? current_user, :admin_label, @project
-      = link_to 'Edit', edit_namespace_project_label_path(@project.namespace, @project, label), class: 'btn'
-      = link_to 'Remove', namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-remove remove-row', method: :delete, remote: true, data: {confirm: "Remove this label? Are you sure?"}
+      = link_to 'Edit', edit_namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-sm'
+      = link_to 'Remove', namespace_project_label_path(@project.namespace, @project, label), class: 'btn btn-sm btn-remove remove-row', method: :delete, remote: true, data: {confirm: "Remove this label? Are you sure?"}

app/views/projects/merge_requests/branch_from.js.haml

 :plain
   $(".mr_source_commit").html("#{commit_to_html(@commit, @source_project, false)}");
+  $('.js-timeago').timeago()

app/views/projects/merge_requests/branch_to.js.haml

 :plain
   $(".mr_target_commit").html("#{commit_to_html(@commit, @target_project, false)}");
+  $('.js-timeago').timeago()

app/views/projects/new.html.haml

@@ -85,7 +85,7 @@
                   %li
                     The import will time out after 4 minutes. For big repositories, use a clone/push combination.
                   %li
-                    To migrate an SVN repository, check out #{link_to "this document", "http://doc.gitlab.com/ce/workflow/migrating_from_svn.html"}.
+                    To migrate an SVN repository, check out #{link_to "this document", "http://doc.gitlab.com/ce/workflow/importing/migrating_from_svn.html"}.
 
       %hr.prepend-botton-10
 

app/views/projects/notes/_edit_form.html.haml

@@ -5,8 +5,8 @@
       = render 'projects/zen', f: f, attr: :note, classes: 'note_text js-note-text js-task-list-field'
 
       .comment-hints.clearfix
-        .pull-left Comments are parsed with #{link_to 'GitLab Flavored Markdown', help_page_path('markdown', 'markdown'),{ target: '_blank', tabindex: -1 }}
-        .pull-right Attach files by dragging & dropping or #{link_to 'selecting them', '#', class: 'markdown-selector', tabindex: -1 }.
+        .pull-left #{link_to 'Markdown ', help_page_path('markdown', 'markdown'),{ target: '_blank', tabindex: -1 }}
+        .pull-right #{link_to 'Attach a file', '#', class: 'markdown-selector', tabindex: -1 }
 
     .note-form-actions
       .buttons

app/views/projects/notes/_form.html.haml

@@ -12,8 +12,14 @@
       classes: 'note_text js-note-text'
 
     .comment-hints.clearfix
-      .pull-left Comments are parsed with #{link_to "GitLab Flavored Markdown", help_page_path("markdown", "markdown"),{ target: '_blank', tabindex: -1 }}
-      .pull-right Attach files by dragging & dropping or #{link_to "selecting them", '#', class: 'markdown-selector', tabindex: -1 }.
+      .pull-left
+        = link_to "Markdown ", help_page_path("markdown", "markdown"),{ target: '_blank', tabindex: -1 }
+        tip:
+        = random_markdown_tip
+      .pull-right
+        = link_to '#', class: 'markdown-selector', tabindex: -1 do
+          Attach a file
+          = icon('paperclip')
     .error-alert
 
   .note-form-actions

app/views/projects/show.html.haml

@@ -41,31 +41,10 @@
 
 %hr
 %section
-  - if readme = @repository.readme
-    %article.readme-holder#README
-      .clearfix
-        .pull-right
-           
-          - if can?(current_user, :push_code, @project)
-            = link_to namespace_project_edit_blob_path(@project.namespace, @project, tree_join(@repository.root_ref, readme.name)), class: 'light' do
-              %i.fa.fa-pencil
-      .wiki
-        = cache(readme_cache_key) do
-          = render_readme(readme)
+  - if prefer_readme?
+    = render 'projects/readme'
   - else
-    %h3.page-title
-      This project does not have README yet
-    - if can?(current_user, :push_code, @project)
-      %p.slead
-        A
-        %code README
-        file contains information about other files in a repository and is commonly
-        distributed with computer software, forming part of its documentation.
-        %br
-        We recommend you to
-        = link_to "add README", new_readme_path, class: 'underlined-link'
-        file to the repository and GitLab will render it here instead of this message.
-
+    = render 'projects/activity'
 
 
 - if current_user

app/views/search/results/_blob.html.haml

+- blob = @project.repository.parse_search_result(blob)
 .blob-result
   .file-holder
     .file-title

app/views/search/results/_wiki_blob.html.haml

+- wiki_blob = @project.repository.parse_search_result(wiki_blob)
 .blob-result
   .file-holder
     .file-title

app/views/shared/_field.html.haml

 - name = field[:name]
 - title = field[:title] || name.humanize
-- value = service_field_value(field[:type], @service.send(name))
+- value = @service.send(name)
 - type = field[:type]
 - placeholder = field[:placeholder]
 - choices = field[:choices]
@@ -19,6 +19,6 @@
     - elsif type == 'select'
       = form.select name, options_for_select(choices, value ? value : default_choice), {}, { class: "form-control" }
     - elsif type == 'password'
-      = form.password_field name, placeholder: value, class: 'form-control'
+      = form.password_field name, value: value, class: 'form-control'
     - if help
       %span.help-block= help

app/views/shared/_visibility_radios.html.haml

 - Gitlab::VisibilityLevel.values.each do |level|
+  - next if skip_level?(form_model, level)
   .radio
     - restricted = restricted_visibility_levels.include?(level)
     = form.label "#{model_method}_#{level}" do

config/routes.rb

@@ -159,6 +159,7 @@ Gitlab::Application.routes.draw do
         put :block
         put :unblock
         put :unlock
+        patch :disable_two_factor
         delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
       end
     end

db/fixtures/development/01_admin.rb

@@ -5,7 +5,7 @@ Gitlab::Seeder.quiet do
     s.email = 'admin@example.com'
     s.notification_email = 'admin@example.com'
     s.username = 'root'
-    s.password = 'password'
+    s.password = '5iveL!fe'
     s.admin = true
     s.projects_limit = 100
     s.confirmed_at = DateTime.now

db/fixtures/production/001_admin.rb

 if ENV['GITLAB_ROOT_PASSWORD'].blank?
-  password = 'password'
+  password = '5iveL!fe'
   expire_time = Time.now
 else
   password = ENV['GITLAB_ROOT_PASSWORD']

db/migrate/20150713160110_add_project_view_to_users.rb

+class AddProjectViewToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :project_view, :integer, default: 0
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20150620233230) do
+ActiveRecord::Schema.define(version: 20150713160110) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -517,6 +517,7 @@ ActiveRecord::Schema.define(version: 20150620233230) do
     t.text     "otp_backup_codes"
     t.string   "public_email",                  default: "",    null: false
     t.integer  "dashboard",                     default: 0
+    t.integer  "project_view",                  default: 0
   end
 
   add_index "users", ["admin"], name: "index_users_on_admin", using: :btree

doc/api/merge_requests.md

@@ -49,7 +49,8 @@ Parameters:
       "state": "active",
       "created_at": "2012-04-29T08:46:00Z"
     },
-    "description":"fixed login page css paddings"
+    "description":"fixed login page css paddings",
+    "work_in_progress": false
   }
 ]
 ```
@@ -94,7 +95,8 @@ Parameters:
     "state": "active",
     "created_at": "2012-04-29T08:46:00Z"
   },
-  "description":"fixed login page css paddings"
+  "description":"fixed login page css paddings",
+  "work_in_progress": false
 }
 ```
 
@@ -118,6 +120,7 @@ Parameters:
   "project_id": 4,
   "title": "Blanditiis beatae suscipit hic assumenda et molestias nisi asperiores repellat et.",
   "description": "Qui voluptatibus placeat ipsa alias quasi. Deleniti rem ut sint. Optio velit qui distinctio.",
+  "work_in_progress": false,
   "state": "reopened",
   "created_at": "2015-02-02T19:49:39.159Z",
   "updated_at": "2015-02-02T20:08:49.959Z",
@@ -336,14 +339,6 @@ Parameters:
 
 ```json
 {
-  "author": {
-    "id": 1,
-    "username": "admin",
-    "email": "admin@example.com",
-    "name": "Administrator",
-    "blocked": false,
-    "created_at": "2012-04-29T08:46:00Z"
-  },
   "note": "text1"
 }
 ```

doc/api/notes.md

@@ -31,10 +31,7 @@ Parameters:
       "state": "active",
       "created_at": "2013-09-30T13:46:01Z"
     },
-    "created_at": "2013-10-02T09:22:45Z",
-    "system": true,
-    "upvote": false,
-    "downvote": false
+    "created_at": "2013-10-02T09:22:45Z"
   },
   {
     "id": 305,
@@ -48,10 +45,7 @@ Parameters:
       "state": "active",
       "created_at": "2013-09-30T13:46:01Z"
     },
-    "created_at": "2013-10-02T09:56:03Z",
-    "system": false,
-    "upvote": false,
-    "downvote": false
+    "created_at": "2013-10-02T09:56:03Z"
   }
 ]
 ```

doc/install/installation.md

@@ -404,7 +404,7 @@ NOTE: Supply `SANITIZE=true` environment variable to `gitlab:check` to omit proj
 Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created a default admin account for you. You can use it to log in:
 
     root
-    password
+    5iveL!fe
 
 **Important Note:** On login you'll be prompted to change the password.
 

doc/profile/preferences.md

@@ -30,3 +30,9 @@ will be. Setting it to **Starred Projects** will make that Dashboard view the
 default when signing in or clicking the application logo in the upper left.
 
 The default is **Your Projects**.
+
+### Default Project view
+
+It allows user to choose what content he or she want to see on project page.
+
+The default is **Readme**.

doc/update/6.x-or-7.x-to-7.12.md → doc/update/6.x-or-7.x-to-7.13.md

-# From 6.x or 7.x to 7.12
-*Make sure you view this [upgrade guide from the `master` branch](../../../master/doc/update/6.x-or-7.x-to-7.12.md) for the most up to date instructions.*
+# From 6.x or 7.x to 7.13
+*Make sure you view this [upgrade guide from the `master` branch](../../../master/doc/update/6.x-or-7.x-to-7.13.md) for the most up to date instructions.*
 
-This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.12.
+This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.13.
 
 ## Global issue numbers
 
@@ -71,7 +71,7 @@ sudo -u git -H git checkout -- db/schema.rb # local changes will be restored aut
 For GitLab Community Edition:
 
 ```bash
-sudo -u git -H git checkout 7-12-stable
+sudo -u git -H git checkout 7-13-stable
 ```
 
 OR
@@ -79,7 +79,7 @@ OR
 For GitLab Enterprise Edition:
 
 ```bash
-sudo -u git -H git checkout 7-12-stable-ee
+sudo -u git -H git checkout 7-13-stable-ee
 ```
 
 ## 4. Install additional packages
@@ -162,11 +162,11 @@ sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
 TIP: to see what changed in `gitlab.yml.example` in this release use next command:
 
 ```
-git diff 6-0-stable:config/gitlab.yml.example 7-12-stable:config/gitlab.yml.example
+git diff 6-0-stable:config/gitlab.yml.example 7-13-stable:config/gitlab.yml.example
 ```
 
-* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/config/gitlab.yml.example but with your settings.
-* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/config/unicorn.rb.example but with your settings.
+* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/config/gitlab.yml.example but with your settings.
+* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/config/unicorn.rb.example but with your settings.
 * Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.6.0/config.yml.example but with your settings.
 * Copy rack attack middleware config
 
@@ -182,14 +182,14 @@ sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
 
 ### Change Nginx settings
 
-* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/lib/support/nginx/gitlab but with your settings.
-* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-12-stable/lib/support/nginx/gitlab-ssl but with your settings.
+* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/lib/support/nginx/gitlab but with your settings.
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/lib/support/nginx/gitlab-ssl but with your settings.
 * A new `location /uploads/` section has been added that needs to have the same content as the existing `location @gitlab` section.
 
 ### Check the version of /usr/local/bin/git
 
 If you installed Git from source into /usr/local/bin/git then please [check
-your version](7.11-to-7.12.md).
+your version](7.12-to-7.13.md).
 
 ## 9. Start application
 

doc/update/7.12-to-7.13.md

+# From 7.12 to 7.13
+
+### 0. Double-check your Git version
+
+**This notice applies only to /usr/local/bin/git**
+
+If you compiled Git from source on your GitLab server then please double-check
+that you are using a version that protects against CVE-2014-9390. For six
+months after this vulnerability became known the GitLab installation guide
+still contained instructions that would install the outdated, 'vulnerable' Git
+version 2.1.2.
+
+Run the following command to get your current Git version.
+
+```
+/usr/local/bin/git --version
+```
+
+If you see 'No such file or directory' then you did not install Git according
+to the outdated instructions from the GitLab installation guide and you can go
+to the next step 'Stop server' below.
+
+If you see a version string then it should be v1.8.5.6, v1.9.5, v2.0.5, v2.1.4,
+v2.2.1 or newer. You can use the [instructions in the GitLab source
+installation
+guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md#1-packages-dependencies)
+to install a newer version of Git.
+
+### 1. Stop server
+
+    sudo service gitlab stop
+
+### 2. Backup
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
+```
+
+### 3. Get latest code
+
+```bash
+sudo -u git -H git fetch --all
+sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
+```
+
+For GitLab Community Edition:
+
+```bash
+sudo -u git -H git checkout 7-13-stable
+```
+
+OR
+
+For GitLab Enterprise Edition:
+
+```bash
+sudo -u git -H git checkout 7-13-stable-ee
+```
+
+### 4. Update gitlab-shell
+
+```bash
+cd /home/git/gitlab-shell
+sudo -u git -H git fetch
+sudo -u git -H git checkout v2.6.3
+```
+
+### 5. Install libs, migrations, etc.
+
+```bash
+cd /home/git/gitlab
+
+# MySQL installations (note: the line below states '--without ... postgres')
+sudo -u git -H bundle install --without development test postgres --deployment
+
+# PostgreSQL installations (note: the line below states '--without ... mysql')
+sudo -u git -H bundle install --without development test mysql --deployment
+
+# Run database migrations
+sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
+
+# Clean up assets and cache
+sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production
+
+# Update init.d script
+sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
+```
+
+### 6. Update config files
+
+#### New configuration options for `gitlab.yml`
+
+There are new configuration options available for [`gitlab.yml`](config/gitlab.yml.example). View them with the command below and apply them to your current `gitlab.yml`.
+
+```
+git diff origin/7-12-stable:config/gitlab.yml.example origin/7-13-stable:config/gitlab.yml.example
+``````
+
+### 7. Start application
+
+    sudo service gitlab start
+    sudo service nginx restart
+
+### 8. Check application status
+
+Check if GitLab and its environment are configured correctly:
+
+    sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
+
+To make sure you didn't miss anything run a more thorough check with:
+
+    sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
+
+If all items are green, then congratulations, the upgrade is complete!
+
+## Things went south? Revert to previous version (7.12)
+
+### 1. Revert the code to the previous version
+Follow the [upgrade guide from 7.11 to 7.12](7.11-to-7.12.md), except for the database migration
+(The backup is already migrated to the previous version)
+
+### 2. Restore from the backup:
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production
+```
+If you have more than one backup *.tar file(s) please add `BACKUP=timestamp_of_backup` to the command above.

doc/update/mysql_to_postgresql.md

@@ -16,6 +16,7 @@ git clone https://github.com/gitlabhq/mysql-postgresql-converter.git -b gitlab
 cd mysql-postgresql-converter
 mysqldump --compatible=postgresql --default-character-set=utf8 -r gitlabhq_production.mysql -u root gitlabhq_production -p
 python db_converter.py gitlabhq_production.mysql gitlabhq_production.psql
+ed -s gitlabhq_production.psql < move_drop_indexes.ed
 
 # Import the database dump as the application database user
 sudo -u git psql -f gitlabhq_production.psql -d gitlabhq_production
@@ -56,6 +57,7 @@ sudo -u git -H git clone https://github.com/gitlabhq/mysql-postgresql-converter.
 # Convert gitlabhq_production.mysql
 sudo -u git -H mkdir db
 sudo -u git -H python mysql-postgresql-converter/db_converter.py gitlabhq_production.mysql db/database.sql
+sudo -u git -H ed -s db/database.sql < mysql-postgresql-converter/move_drop_indexes.ed
 
 # Compress database backup
 sudo -u git -H gzip db/database.sql

doc/workflow/README.md

@@ -7,7 +7,7 @@
 - [Groups](groups.md)
 - [Keyboard shortcuts](shortcuts.md)
 - [Labels](labels.md)
-- [Notifications](notifications.md)
+- [Notification emails](notifications.md)
 - [Project Features](project_features.md)
 - [Project forking workflow](forking_workflow.md)
 - [Protected branches](protected_branches.md)

doc/workflow/notifications.md

-# GitLab Notifications
+# GitLab Notification Emails
 
-GitLab has notifications system in place to notify a user of events important for the workflow.
+GitLab has a notification system in place to notify a user of events that are important for the workflow.
 
 ## Notification settings
 
@@ -67,5 +67,3 @@ Below is the table of events users can be notified of:
 | Reopen merge request         | Project members [1]                                               | [1] higher than participating |
 | Merge merge request          | MR author [1], MR assignee [2], project members [3]               | [1] [2] not disabled, [3] higher than participating |
 | New comment                  | Mentioned users [1], users participating [2], project members [3] | [1] [2] not disabled, [3] higher than participating |
-
-

docker/Dockerfile

@@ -30,7 +30,9 @@ RUN ( \
   echo "" && \
   echo "# Docker options" && \
   echo "# Prevent Postgres from trying to allocate 25% of total memory" && \
-  echo "postgresql['shared_buffers'] = '1MB'" ) >> /etc/gitlab/gitlab.rb
+  echo "postgresql['shared_buffers'] = '1MB'" ) >> /etc/gitlab/gitlab.rb && \
+  mkdir -p /assets/ && \
+  cp /etc/gitlab/gitlab.rb /assets/gitlab.rb
 
 # Expose web & ssh
 EXPOSE 443 80 22

docker/README.md

 # GitLab Docker images
 
-## What is GitLab?
-
-GitLab offers git repository management, code reviews, issue tracking, activity feeds, wikis. It has LDAP/AD integration, handles 25,000 users on a single server but can also run on a highly available active/active cluster.
-Learn more on [https://about.gitlab.com](https://about.gitlab.com)
+The GitLab docker image is [available on Docker Hub](https://registry.hub.docker.com/u/gitlab/gitlab-ce/).
 
 ## After starting a container
 
@@ -13,7 +10,7 @@ It might take a while before the docker container is responding to queries.
 
 You can check the status with something like `sudo docker logs -f gitlab`.
 
-You can login to the web interface with username `root` and password `password`.
+You can login to the web interface with username `root` and password `5iveL!fe`.
 
 Next time, you can just use docker start and stop to run the container.
 
@@ -97,12 +94,12 @@ To upgrade GitLab to new version you have to do:
 sudo docker stop gitlab
 ```
 
-1. stop running container, 
+1. stop running container,
 ```bash
 sudo docker rm gitlab
 ```
 
-1. remove existing container, 
+1. remove existing container,
 ```bash
 sudo docker pull gitlab/gitlab-ce:latest
 ```
@@ -166,3 +163,5 @@ sudo docker push gitlab/gitlab-ce:latest
 ## Troubleshooting
 
 Please see the [troubleshooting](troubleshooting.md) file in this directory.
+
+Note: We use `fig.yml` to have compatibility with fig and because docker-compose also supports it.

docker/assets/wrapper

@@ -13,4 +13,9 @@ function entrypoint() {
     gitlab-ctl tail # tail all logs
 }
 
+if [[ ! -e /etc/gitlab/gitlab.rb ]]; then
+	cp /assets/gitlab.rb /etc/gitlab/gitlab.rb
+	chmod 0600 /etc/gitlab/gitlab.rb
+fi
+
 entrypoint

docker/marathon.json

@@ -8,7 +8,24 @@
     "type": "DOCKER",
     "docker": {
       "network": "HOST",
-      "image": "sytse/gitlab-ce:7.10.1"
-    }
+      "image": "gitlab/gitlab-ce:latest"
+    },
+    "volumes": [
+      {
+          "containerPath": "/etc/gitlab",
+          "hostPath": "/var/data/etc/gitlab",
+          "mode": "RW"
+      },
+      {
+          "containerPath": "/var/opt/gitlab",
+          "hostPath": "/var/data/opt/gitlab",
+          "mode": "RW"
+      },
+      {
+          "containerPath": "/var/log/gitlab",
+          "hostPath": "/var/data/log/gitlab",
+          "mode": "RW"
+      }
+    ]
   }
 }
\ No newline at end of file

features/groups.feature

@@ -4,6 +4,10 @@ Feature: Groups
     And "John Doe" is owner of group "Owned"
     And "John Doe" is guest of group "Guest"
 
+  Scenario: I should have back to group button
+    When I visit group "Owned" page
+    Then I should see back to dashboard button
+
   @javascript
   Scenario: I should see group "Owned" dashboard list
     When I visit group "Owned" page

features/project/project.feature

@@ -18,6 +18,15 @@ Feature: Project
     Then I should see the default project avatar
     And I should not see the "Remove avatar" button
 
+  Scenario: I should have back to group button
+    And project "Shop" belongs to group
+    And I visit project "Shop" page
+    Then I should see back to group button
+
+  Scenario: I should have back to group button
+    And I visit project "Shop" page
+    Then I should see back to dashboard button
+
   Scenario: I should have readme on page
     And I visit project "Shop" page
     Then I should see project "Shop" README

features/steps/groups.rb

@@ -5,6 +5,10 @@ class Spinach::Features::Groups < Spinach::FeatureSteps
   include SharedUser
   include Select2Helper
 
+  step 'I should see back to dashboard button' do
+    expect(page).to have_content 'Back to Dashboard'
+  end
+
   step 'gitlab user "Mike"' do
     create(:user, name: "Mike")
   end

features/steps/project/project.rb

@@ -116,4 +116,18 @@ class Spinach::Features::Project < Spinach::FeatureSteps
   step 'I should not see "Snippets" button' do
     expect(page).not_to have_link 'Snippets'
   end
+
+  step 'project "Shop" belongs to group' do
+    group = create(:group)
+    @project.namespace = group
+    @project.save!
+  end
+
+  step 'I should see back to dashboard button' do
+    expect(page).to have_content 'Back to Dashboard'
+  end
+
+  step 'I should see back to group button' do
+    expect(page).to have_content 'Back to Group'
+  end
 end

lib/api/entities.rb

@@ -171,6 +171,7 @@ module API
       expose :source_project_id, :target_project_id
       expose :label_names, as: :labels
       expose :description
+      expose :work_in_progress?, as: :work_in_progress
       expose :milestone, using: Entities::Milestone
     end
 
@@ -190,9 +191,6 @@ module API
       expose :attachment_identifier, as: :attachment
       expose :author, using: Entities::UserBasic
       expose :created_at
-      expose :system
-      expose :upvote?, as: :upvote
-      expose :downvote?, as: :downvote
     end
 
     class MRNote < Grape::Entity

lib/api/groups.rb

@@ -74,9 +74,9 @@ module API
       #   POST /groups/:id/projects/:project_id
       post ":id/projects/:project_id" do
         authenticated_as_admin!
-        group = Group.find(params[:id])
+        group = Group.find_by(id: params[:id])
         project = Project.find(params[:project_id])
-        result = ::Projects::TransferService.new(project, current_user, namespace_id: group.id).execute
+        result = ::Projects::TransferService.new(project, current_user).execute(group)
 
         if result
           present group

lib/gitlab/visibility_level.rb

@@ -47,6 +47,10 @@ module Gitlab
       def valid_level?(level)
         options.has_value?(level)
       end
+
+      def allowed_fork_levels(origin_level)
+        [PRIVATE, INTERNAL, PUBLIC].select{ |level| level <= origin_level }
+      end
     end
 
     def private?

spec/controllers/admin/users_controller_spec.rb

@@ -36,4 +36,32 @@ describe Admin::UsersController do
       expect(user.access_locked?).to be_falsey
     end
   end
+
+  describe 'PATCH disable_two_factor' do
+    let(:user) { create(:user) }
+
+    it 'disables 2FA for the user' do
+      expect(user).to receive(:disable_two_factor!)
+      allow(subject).to receive(:user).and_return(user)
+
+      go
+    end
+
+    it 'redirects back' do
+      go
+
+      expect(response).to redirect_to(admin_user_path(user))
+    end
+
+    it 'displays an alert' do
+      go
+
+      expect(flash[:notice]).
+        to eq 'Two-factor Authentication has been disabled for this user'
+    end
+
+    def go
+      patch :disable_two_factor, id: user.to_param
+    end
+  end
 end

spec/controllers/autocomplete_controller_spec.rb

@@ -9,15 +9,27 @@ describe AutocompleteController do
     before do
       sign_in(user)
       project.team << [user, :master]
-
-      get(:users, project_id: project.id)
     end
 
     let(:body) { JSON.parse(response.body) }
 
-    it { expect(body).to be_kind_of(Array) }
-    it { expect(body.size).to eq 1 }
-    it { expect(body.first["username"]).to eq user.username }
+    describe 'GET #users with project ID' do
+      before do
+        get(:users, project_id: project.id)
+      end
+
+      it { expect(body).to be_kind_of(Array) }
+      it { expect(body.size).to eq 1 }
+      it { expect(body.first["username"]).to eq user.username }
+    end
+
+    describe 'GET #users with unknown project' do
+      before do
+        get(:users, project_id: 'unknown')
+      end
+
+      it { expect(response.status).to eq(404) }
+    end
   end
 
   context 'group members' do
@@ -26,15 +38,27 @@ describe AutocompleteController do
     before do
       sign_in(user)
       group.add_owner(user)
-
-      get(:users, group_id: group.id)
     end
 
     let(:body) { JSON.parse(response.body) }
 
-    it { expect(body).to be_kind_of(Array) }
-    it { expect(body.size).to eq 1 }
-    it { expect(body.first["username"]).to eq user.username }
+    describe 'GET #users with group ID' do
+      before do
+        get(:users, group_id: group.id)
+      end
+
+      it { expect(body).to be_kind_of(Array) }
+      it { expect(body.size).to eq 1 }
+      it { expect(body.first["username"]).to eq user.username }
+    end
+
+    describe 'GET #users with unknown group ID' do
+      before do
+        get(:users, group_id: 'unknown')
+      end
+
+      it { expect(response.status).to eq(404) }
+    end
   end
 
   context 'all users' do
@@ -48,4 +72,52 @@ describe AutocompleteController do
     it { expect(body).to be_kind_of(Array) }
     it { expect(body.size).to eq User.count }
   end
+
+  context 'unauthenticated user' do
+    let(:public_project) { create(:project, :public) }
+    let(:body) { JSON.parse(response.body) }
+
+    describe 'GET #users with public project' do
+      before do
+        public_project.team << [user, :guest]
+        get(:users, project_id: public_project.id)
+      end
+
+      it { expect(body).to be_kind_of(Array) }
+      it { expect(body.size).to eq 1 }
+    end
+
+    describe 'GET #users with project' do
+      before do
+        get(:users, project_id: project.id)
+      end
+
+      it { expect(response.status).to eq(302) }
+    end
+
+    describe 'GET #users with unknown project' do
+      before do
+        get(:users, project_id: 'unknown')
+      end
+
+      it { expect(response.status).to eq(302) }
+    end
+
+    describe 'GET #users with inaccessible group' do
+      before do
+        project.team << [user, :guest]
+        get(:users, group_id: user.namespace.id)
+      end
+
+      it { expect(response.status).to eq(302) }
+    end
+
+    describe 'GET #users with no project' do
+      before do
+        get(:users)
+      end
+
+      it { expect(response.status).to eq(302) }
+    end
+  end
 end

spec/controllers/profiles/two_factor_auths_controller_spec.rb

@@ -105,19 +105,12 @@ describe Profiles::TwoFactorAuthsController do
   end
 
   describe 'DELETE destroy' do
-    let(:user)   { create(:user, :two_factor) }
-    let!(:codes) { user.generate_otp_backup_codes! }
+    let(:user) { create(:user, :two_factor) }
 
-    it 'clears all 2FA-related fields' do
-      expect(user).to be_two_factor_enabled
-      expect(user.otp_backup_codes).not_to be_nil
-      expect(user.encrypted_otp_secret).not_to be_nil
+    it 'disables two factor' do
+      expect(user).to receive(:disable_two_factor!)
 
       delete :destroy
-
-      expect(user).not_to be_two_factor_enabled
-      expect(user.otp_backup_codes).to be_nil
-      expect(user.encrypted_otp_secret).to be_nil
     end
 
     it 'redirects to profile_account_path' do

spec/factories.rb

@@ -32,6 +32,7 @@ FactoryGirl.define do
       before(:create) do |user|
         user.two_factor_enabled = true
         user.otp_secret = User.generate_otp_secret(32)
+        user.generate_otp_backup_codes!
       end
     end
 

spec/features/admin/admin_disables_two_factor_spec.rb

+require 'rails_helper'
+
+feature 'Admin disables 2FA for a user', feature: true do
+  scenario 'successfully', js: true do
+    login_as(:admin)
+    user = create(:user, :two_factor)
+
+    edit_user(user)
+    page.within('.two-factor-status') do
+      click_link 'Disable'
+    end
+
+    page.within('.two-factor-status') do
+      expect(page).to have_content 'Disabled'
+      expect(page).not_to have_button 'Disable'
+    end
+  end
+
+  scenario 'for a user without 2FA enabled' do
+    login_as(:admin)
+    user = create(:user)
+
+    edit_user(user)
+
+    page.within('.two-factor-status') do
+      expect(page).not_to have_button 'Disable'
+    end
+  end
+
+  def edit_user(user)
+    visit admin_user_path(user)
+  end
+end

spec/helpers/gitlab_markdown_helper_spec.rb

@@ -137,7 +137,7 @@ describe GitlabMarkdownHelper do
   describe 'random_markdown_tip' do
     it 'returns a random Markdown tip' do
       stub_const("#{described_class}::MARKDOWN_TIPS", ['Random tip'])
-      expect(random_markdown_tip).to eq 'Tip: Random tip'
+      expect(random_markdown_tip).to eq 'Random tip'
     end
   end
 end

spec/helpers/projects_helper_spec.rb

@@ -8,4 +8,48 @@ describe ProjectsHelper do
       expect(project_status_css_class("finished")).to eq("success")
     end
   end
+
+  describe "can_change_visibility_level?" do
+    let(:project) { create(:project) }
+
+    let(:fork_project) do
+      fork_project = create(:forked_project_with_submodules)
+      fork_project.build_forked_project_link(forked_to_project_id: fork_project.id, forked_from_project_id: project.id)
+      fork_project.save
+
+      fork_project
+    end
+
+    let(:user) { create(:user) }
+
+    it "returns false if there are no approipriate permissions" do
+      allow(helper).to receive(:can?) { false }
+
+      expect(helper.can_change_visibility_level?(project, user)).to be_falsey
+    end
+
+    it "returns true if there are permissions and it is not fork" do
+      allow(helper).to receive(:can?) { true }
+
+      expect(helper.can_change_visibility_level?(project, user)).to be_truthy
+    end
+
+    context "forks" do
+      it "returns false if there are permissions and origin project is PRIVATE" do
+        allow(helper).to receive(:can?) { true }
+
+        project.update visibility_level:  Gitlab::VisibilityLevel::PRIVATE
+
+        expect(helper.can_change_visibility_level?(fork_project, user)).to be_falsey
+      end
+
+      it "returns true if there are permissions and origin project is INTERNAL" do
+        allow(helper).to receive(:can?) { true }
+
+        project.update visibility_level:  Gitlab::VisibilityLevel::INTERNAL
+
+        expect(helper.can_change_visibility_level?(fork_project, user)).to be_truthy
+      end
+    end
+  end
 end

spec/helpers/visibility_level_helper_spec.rb

@@ -72,4 +72,43 @@ describe VisibilityLevelHelper do
       end
     end
   end
+
+  describe "skip_level?" do
+    describe "forks" do
+      let(:project) { create(:project, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
+      let(:fork_project) { create(:forked_project_with_submodules) }
+
+      before do
+        fork_project.build_forked_project_link(forked_to_project_id: fork_project.id, forked_from_project_id: project.id)
+        fork_project.save
+      end
+
+      it "skips levels" do
+        expect(skip_level?(fork_project, Gitlab::VisibilityLevel::PUBLIC)).to be_truthy
+        expect(skip_level?(fork_project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
+        expect(skip_level?(fork_project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
+      end
+    end
+
+    describe "non-forked project" do
+      let(:project) { create(:project, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
+
+      it "skips levels" do
+        expect(skip_level?(project, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
+        expect(skip_level?(project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
+        expect(skip_level?(project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
+      end
+    end
+
+    describe "Snippet" do
+      let(:snippet) { create(:snippet, visibility_level: Gitlab::VisibilityLevel::INTERNAL) }
+
+      it "skips levels" do
+        expect(skip_level?(snippet, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
+        expect(skip_level?(snippet, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
+        expect(skip_level?(snippet, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
+      end
+    end
+
+  end
 end

spec/models/concerns/mentionable_spec.rb

@@ -28,4 +28,53 @@ describe Issue, "Mentionable" do
       issue.create_cross_references!(project, author, [commit2])
     end
   end
+
+  describe '#create_new_cross_references!' do
+    let(:project) { create(:project) }
+    let(:issues)  { create_list(:issue, 2, project: project) }
+
+    context 'before changes are persisted' do
+      it 'ignores pre-existing references' do
+        issue = create_issue(description: issues[0].to_reference)
+
+        expect(SystemNoteService).not_to receive(:cross_reference)
+
+        issue.description = 'New description'
+        issue.create_new_cross_references!
+      end
+
+      it 'notifies new references' do
+        issue = create_issue(description: issues[0].to_reference)
+
+        expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
+
+        issue.description = issues[1].to_reference
+        issue.create_new_cross_references!
+      end
+    end
+
+    context 'after changes are persisted' do
+      it 'ignores pre-existing references' do
+        issue = create_issue(description: issues[0].to_reference)
+
+        expect(SystemNoteService).not_to receive(:cross_reference)
+
+        issue.update_attributes(description: 'New description')
+        issue.create_new_cross_references!
+      end
+
+      it 'notifies new references' do
+        issue = create_issue(description: issues[0].to_reference)
+
+        expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
+
+        issue.update_attributes(description: issues[1].to_reference)
+        issue.create_new_cross_references!
+      end
+    end
+
+    def create_issue(description:)
+      create(:issue, project: project, description: description)
+    end
+  end
 end

spec/models/key_spec.rb

@@ -63,7 +63,7 @@ describe Key do
       key = build(:key)
 
       # Not always the middle, but close enough
-      key.key = key.key[0..100] + ' ' + key.key[100..-1]
+      key.key = key.key[0..100] + ' ' + key.key[101..-1]
 
       expect(key).not_to be_valid
     end
@@ -71,6 +71,12 @@ describe Key do
     it 'rejects the unfingerprintable key (not a key)' do
       expect(build(:key, key: 'ssh-rsa an-invalid-key==')).not_to be_valid
     end
+
+    it 'rejects the multiple line key' do
+      key = build(:key)
+      key.key.gsub!(' ', "\n")
+      expect(key).not_to be_valid
+    end
   end
 
   context 'callbacks' do