Merge branch 'master' into merge-notifs

CHANGELOG

 Please view this file on the master branch, on stable branches it's out of date.
 
 v 7.14.0 (unreleased)
+  - Fix "Network" and "Graphs" pages for branches with encoded slashes (Stan Hu)
+  - Fix errors deleting and creating branches with encoded slashes (Stan Hu)
+  - Fix multi-line syntax highlighting (Stan Hu)
   - Fix network graph when branch name has single quotes (Stan Hu)
+  - Add "Confirm user" button in user admin page (Stan Hu)
   - Upgrade gitlab_git to version 7.2.6 to fix Error 500 when creating network graphs (Stan Hu)
+  - Add support for Unicode filenames in relative links (Hiroyuki Sato)
   - Fix URL used for refreshing notes if relative_url is present (Bartłomiej Święcki)
   - Fix commit data retrieval when branch name has single quotes (Stan Hu)
   - Check that project was actually created rather than just validated in import:repos task (Stan Hu)
@@ -16,10 +21,23 @@ v 7.14.0 (unreleased)
   - Set OmniAuth full_host parameter to ensure redirect URIs are correct (Stan Hu)
   - Expire Rails cache entries after two weeks to prevent endless Redis growth
   - Add support for destroying project milestones (Stan Hu)
+  - Add fetch command to the MR page.
+  - Allow custom backup archive permissions
   - Add fetch command to the MR page
+  - Add project star and fork count, group avatar URL and user/group web URL attributes to API
   - Fix bug causing Bitbucket importer to crash when OAuth application had been removed.
   - Add fetch command to the MR page.
   - Send notification to all participants when MR is merged.
+  - Add ability to manage user email addresses via the API.
+  - Show buttons to add license, changelog and contribution guide if they're missing.
+  - Tweak project page buttons.
+  - Disabled autocapitalize and autocorrect on login field (Daryl Chan)
+  - Mention group and project name in creation, update and deletion notices (Achilleas Pipinellis)
+  - Remove redis-store TTL monkey patch
+  - Add support for CI skipped status
+  - Fetch code from forks to refs/merge-requests/:id/head when merge request created
+  - Remove satellites 
+  - Remove comments and email addresses when publicly exposing ssh keys (Zeger-Jan van de Weg)
 
 v 7.13.2
   - Fix randomly failed spec
@@ -30,7 +48,6 @@ v 7.13.2
   - Show the first tab automatically on MergeRequests#new
   - Add rake task 'gitlab:update_commit_count' (Daniel Gerhardt)
   - Fix Gmail Actions
-  - Disabled autocapitalize and autocorrect on login field (Daryl Chan)
 
 v 7.13.1
   - Fix: Label modifications are not reflected in existing notes and in the issue list
@@ -46,6 +63,8 @@ v 7.13.1
 v 7.13.0
   - Remove repository graph log to fix slow cache updates after push event (Stan Hu)
   - Return comments in created order in merge request API (Stan Hu)
+
+v 7.13.0 (unreleased)
   - Only enable HSTS header for HTTPS and port 443 (Stan Hu)
   - Fix user autocomplete for unauthenticated users accessing public projects (Stan Hu)
   - Fix redirection to home page URL for unauthorized users (Daniel Gerhardt)

Gemfile.lock

@@ -508,7 +508,7 @@ GEM
     rdoc (3.12.2)
       json (~> 1.4)
     redcarpet (3.3.2)
-    redis (3.1.0)
+    redis (3.2.1)
     redis-actionpack (4.0.0)
       actionpack (~> 4)
       redis-rack (~> 1.5.0)
@@ -525,7 +525,7 @@ GEM
       redis-actionpack (~> 4)
       redis-activesupport (~> 4)
       redis-store (~> 1.1.0)
-    redis-store (1.1.4)
+    redis-store (1.1.6)
       redis (>= 2.2)
     request_store (1.0.5)
     rerun (0.10.0)
@@ -875,4 +875,4 @@ DEPENDENCIES
   wikicloth (= 0.8.1)
 
 BUNDLED WITH
-   1.10.5
+   1.10.4

README.md

 # GitLab
 
 [![build status](https://ci.gitlab.com/projects/1/status.png?ref=master)](https://ci.gitlab.com/projects/1?ref=master)
-[![Build Status](https://semaphoreapp.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/243338/badge.png)](https://semaphoreapp.com/gitlabhq/gitlabhq)
+[![Build Status](https://semaphoreci.com/api/v1/projects/2f1a5809-418b-4cc2-a1f4-819607579fe7/400484/shields_badge.svg)](https://semaphoreci.com/gitlabhq/gitlabhq)
 [![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.svg)](https://codeclimate.com/github/gitlabhq/gitlabhq)
 [![Coverage Status](https://coveralls.io/repos/gitlabhq/gitlabhq/badge.png?branch=master)](https://coveralls.io/r/gitlabhq/gitlabhq?branch=master)
 
@@ -69,7 +69,7 @@ Instructions on how to start GitLab and how to run the tests can be found in the
 GitLab is a Ruby on Rails application that runs on the following software:
 
 - Ubuntu/Debian/CentOS/RHEL
-- Ruby (MRI) 2.0 or 2.1
+- Ruby (MRI) 2.1
 - Git 1.7.10+
 - Redis 2.0+
 - MySQL or PostgreSQL

app/assets/javascripts/merge_request_widget.js.coffee

@@ -19,7 +19,7 @@ class @MergeRequestWidget
           when 'merged'
             location.reload()
           else
-            setTimeout(merge_request_widget.mergeInProgress, 3000)
+            setTimeout(merge_request_widget.mergeInProgress, 2000)
       dataType: 'json'
 
   getMergeStatus: ->
@@ -36,7 +36,7 @@ class @MergeRequestWidget
 
   showCiState: (state) ->
     $('.ci_widget').hide()
-    allowed_states = ["failed", "canceled", "running", "pending", "success", "not_found"]
+    allowed_states = ["failed", "canceled", "running", "pending", "success", "skipped", "not_found"]
     if state in allowed_states
       $('.ci_widget.ci-' + state).show()
       switch state

app/assets/javascripts/project.js.coffee

 class @Project
   constructor: ->
     # Git clone panel switcher
-    scope = $ '.git-clone-holder'
-    if scope.length > 0
-      $('a, button', scope).click ->
-        $('a, button', scope).removeClass 'active'
+    cloneHolder = $('.git-clone-holder')
+    if cloneHolder.length
+      $('a, button', cloneHolder).click ->
+        $('a, button', cloneHolder).removeClass 'active'
         $(@).addClass 'active'
-        $('#project_clone', scope).val $(@).data 'clone'
+        $('#project_clone', cloneHolder).val $(@).data 'clone'
         $(".clone").text("").append $(@).data 'clone'
 
     # Ref switcher
@@ -24,3 +24,8 @@ class @Project
       $.cookie('hide_no_password_message', 'false', { path: path })
       $(@).parents('.no-password-message').remove()
       e.preventDefault()
+
+    $('.js-toggle-clone-holder').on 'click', (e) ->
+      cloneHolder.toggle()
+
+    cloneHolder.hide() unless $('.empty-project').length

app/assets/stylesheets/base/mixins.scss

@@ -70,7 +70,7 @@
     font-family: $monospace_font;
     white-space: pre;
     word-wrap: normal;
-    padding: 0;
+    padding: 1px 2px;
   }
 
   kbd {

app/assets/stylesheets/generic/typography.scss

@@ -38,6 +38,10 @@ code {
   }
 }
 
+a > code {
+  color: $link-color;
+}
+
 /**
  * Wiki typography
  *

app/assets/stylesheets/pages/merge_requests.scss

@@ -139,6 +139,11 @@
       color: $gl-success;
     }
 
+    &.ci-skipped {
+      background-color: #eee;
+      color: #888;
+    }
+
     &.ci-pending,
     &.ci-running {
       color: $gl-warning;

app/assets/stylesheets/pages/projects.scss

@@ -16,7 +16,6 @@
 
 .project-home-panel {
   text-align: center;
-  margin-bottom: 20px;
 
   .project-identicon-holder {
     margin-bottom: 15px;
@@ -39,7 +38,7 @@
 
   .git-clone-holder {
     max-width: 600px;
-    margin: 0 auto;
+    margin: 20px auto;
   }
 
   .visibility-level-label {
@@ -297,6 +296,15 @@ table.table.protected-branches-list tr.no-border {
   ul.nav-pills { display:inline-block; }
   li { display:inline; }
   a { float:left; }
+
+  li.missing a {
+    color: #bbb;
+    border: 1px dashed #ccc;
+
+    &:hover {
+      background-color: #FAFAFA;
+    }
+  }
 }
 
 pre.light-well {

app/assets/stylesheets/pages/tree.scss

@@ -60,11 +60,7 @@
   }
 
   .tree_author {
-    padding-right: 8px;
-
-    .commit-author-name {
-      color: gray;
-    }
+    padding-left: 8px;
   }
 
   .tree_commit {

app/controllers/admin/users_controller.rb

@@ -55,6 +55,14 @@ class Admin::UsersController < Admin::ApplicationController
     end
   end
 
+  def confirm
+    if user.confirm!
+      redirect_to :back, notice: "Successfully confirmed"
+    else
+      redirect_to :back, alert: "Error occurred. User was not confirmed"
+    end
+  end
+
   def disable_two_factor
     user.disable_two_factor!
     redirect_to admin_user_path(user),

app/controllers/groups/application_controller.rb

@@ -18,4 +18,10 @@ class Groups::ApplicationController < ApplicationController
       return render_404
     end
   end
+  
+  def authorize_admin_group_member!
+    unless can?(current_user, :admin_group_member, group)
+      return render_403
+    end
+  end
 end

app/controllers/groups/group_members_controller.rb

@@ -5,6 +5,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
   # Authorize
   before_action :authorize_read_group!
   before_action :authorize_admin_group!, except: [:index, :leave]
+  before_action :authorize_admin_group_member!, only: [:create, :resend_invite]
 
   def index
     @project = @group.projects.find(params[:project_id]) if params[:project_id]
@@ -28,6 +29,9 @@ class Groups::GroupMembersController < Groups::ApplicationController
 
   def update
     @member = @group.group_members.find(params[:id])
+
+    return render_403 unless can?(current_user, :update_group_member, @member)
+
     @member.update_attributes(member_params)
   end
 

app/controllers/groups_controller.rb

@@ -24,7 +24,7 @@ class GroupsController < Groups::ApplicationController
 
     if @group.save
       @group.add_owner(current_user)
-      redirect_to @group, notice: 'Group was successfully created.'
+      redirect_to @group, notice: "Group '#{@group.name}' was successfully created."
     else
       render action: "new"
     end
@@ -75,7 +75,7 @@ class GroupsController < Groups::ApplicationController
 
   def update
     if @group.update_attributes(group_params)
-      redirect_to edit_group_path(@group), notice: 'Group was successfully updated.'
+      redirect_to edit_group_path(@group), notice: "Group '#{@group.name}' was successfully updated."
     else
       render action: "edit"
     end
@@ -84,7 +84,7 @@ class GroupsController < Groups::ApplicationController
   def destroy
     DestroyGroupService.new(@group, current_user).execute
 
-    redirect_to root_path, notice: 'Group was removed.'
+    redirect_to root_path, alert: "Group '#{@group.name} was deleted."
   end
 
   protected

app/controllers/projects/branches_controller.rb

@@ -17,7 +17,9 @@ class Projects::BranchesController < Projects::ApplicationController
 
   def create
     branch_name = sanitize(strip_tags(params[:branch_name]))
+    branch_name = Addressable::URI.unescape(branch_name)
     ref = sanitize(strip_tags(params[:ref]))
+    ref = Addressable::URI.unescape(ref)
     result = CreateBranchService.new(project, current_user).
         execute(branch_name, ref)
 
@@ -32,9 +34,8 @@ class Projects::BranchesController < Projects::ApplicationController
   end
 
   def destroy
-    status = DeleteBranchService.new(project, current_user).execute(params[:id])
-    @branch_name = params[:id]
-
+    @branch_name = Addressable::URI.unescape(params[:id])
+    status = DeleteBranchService.new(project, current_user).execute(@branch_name)
     respond_to do |format|
       format.html do
         redirect_to namespace_project_branches_path(@project.namespace,

app/controllers/projects/compare_controller.rb

@@ -13,13 +13,8 @@ class Projects::CompareController < Projects::ApplicationController
     base_ref = Addressable::URI.unescape(params[:from])
     @ref = head_ref = Addressable::URI.unescape(params[:to])
 
-    compare_result = CompareService.new.execute(
-      current_user,
-      @project,
-      head_ref,
-      @project,
-      base_ref
-    )
+    compare_result = CompareService.new.
+      execute(@project, head_ref, @project, base_ref)
 
     @commits = compare_result.commits
     @diffs = compare_result.diffs

app/controllers/projects/merge_requests_controller.rb

-require 'gitlab/satellite/satellite'
-
 class Projects::MergeRequestsController < Projects::ApplicationController
   before_action :module_enabled
   before_action :merge_request, only: [
-    :edit, :update, :show, :diffs, :commits, :automerge, :automerge_check,
+    :edit, :update, :show, :diffs, :commits, :merge, :merge_check,
     :ci_status, :toggle_subscription
   ]
   before_action :closes_issues, only: [:edit, :update, :show, :diffs, :commits]
@@ -137,7 +135,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     end
   end
 
-  def automerge_check
+  def merge_check
     if @merge_request.unchecked?
       @merge_request.check_if_can_be_merged
     end
@@ -147,11 +145,11 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     render partial: "projects/merge_requests/widget/show.html.haml", layout: false
   end
 
-  def automerge
+  def merge
     return access_denied! unless @merge_request.can_be_merged_by?(current_user)
 
-    if @merge_request.automergeable?
-      AutoMergeWorker.perform_async(@merge_request.id, current_user.id, params)
+    if @merge_request.mergeable?
+      MergeWorker.perform_async(@merge_request.id, current_user.id, params)
       @status = true
     else
       @status = false

app/controllers/projects_controller.rb

@@ -24,7 +24,7 @@ class ProjectsController < ApplicationController
     if @project.saved?
       redirect_to(
         project_path(@project),
-        notice: 'Project was successfully created.'
+        notice: "Project '#{@project.name}' was successfully created."
       )
     else
       render 'new'
@@ -36,11 +36,11 @@ class ProjectsController < ApplicationController
 
     respond_to do |format|
       if status
-        flash[:notice] = 'Project was successfully updated.'
+        flash[:notice] = "Project '#{@project.name}' was successfully updated."
         format.html do
           redirect_to(
             edit_project_path(@project),
-            notice: 'Project was successfully updated.'
+            notice: "Project '#{@project.name}' was successfully updated."
           )
         end
         format.js
@@ -100,7 +100,7 @@ class ProjectsController < ApplicationController
     return access_denied! unless can?(current_user, :remove_project, @project)
 
     ::Projects::DestroyService.new(@project, current_user, {}).execute
-    flash[:alert] = 'Project deleted.'
+    flash[:alert] = "Project '#{@project.name}' was deleted."
 
     if request.referer.include?('/admin')
       redirect_to admin_namespaces_projects_path

app/helpers/projects_helper.rb

@@ -184,7 +184,43 @@ module ProjectsHelper
     end
   end
 
-  def contribution_guide_url(project)
+  def add_contribution_guide_path(project)
+    if project && !project.repository.contribution_guide
+      namespace_project_new_blob_path(
+        project.namespace,
+        project,
+        project.default_branch,
+        file_name:      "CONTRIBUTING.md",
+        commit_message: "Add contribution guide"
+      )
+    end
+  end
+
+  def add_changelog_path(project)
+    if project && !project.repository.changelog
+      namespace_project_new_blob_path(
+        project.namespace,
+        project,
+        project.default_branch,
+        file_name:      "CHANGELOG",
+        commit_message: "Add changelog"
+      )
+    end
+  end
+
+  def add_license_path(project)
+    if project && !project.repository.license
+      namespace_project_new_blob_path(
+        project.namespace,
+        project,
+        project.default_branch,
+        file_name:      "LICENSE",
+        commit_message: "Add license"
+      )
+    end
+  end
+
+  def contribution_guide_path(project)
     if project && contribution_guide = project.repository.contribution_guide
       namespace_project_blob_path(
         project.namespace,
@@ -195,7 +231,7 @@ module ProjectsHelper
     end
   end
 
-  def changelog_url(project)
+  def changelog_path(project)
     if project && changelog = project.repository.changelog
       namespace_project_blob_path(
         project.namespace,
@@ -206,7 +242,7 @@ module ProjectsHelper
     end
   end
 
-  def license_url(project)
+  def license_path(project)
     if project && license = project.repository.license
       namespace_project_blob_path(
         project.namespace,
@@ -217,7 +253,7 @@ module ProjectsHelper
     end
   end
 
-  def version_url(project)
+  def version_path(project)
     if project && version = project.repository.version
       namespace_project_blob_path(
         project.namespace,

app/models/ability.rb

@@ -233,7 +233,8 @@ class Ability
       if group.has_owner?(user) || user.admin?
         rules.push(*[
           :admin_group,
-          :admin_namespace
+          :admin_namespace,
+          :admin_group_member
         ])
       end
 
@@ -295,7 +296,7 @@ class Ability
       rules = []
       target_user = subject.user
       group = subject.group
-      can_manage = group_abilities(user, group).include?(:admin_group)
+      can_manage = group_abilities(user, group).include?(:admin_group_member)
 
       if can_manage && (user != target_user)
         rules << :update_group_member

app/models/application_setting.rb

@@ -14,13 +14,14 @@
 #  default_branch_protection    :integer          default(2)
 #  twitter_sharing_enabled      :boolean          default(TRUE)
 #  restricted_visibility_levels :text
+#  version_check_enabled        :boolean          default(TRUE)
 #  max_attachment_size          :integer          default(10), not null
-#  session_expire_delay       :integer          default(10080), not null
 #  default_project_visibility   :integer
 #  default_snippet_visibility   :integer
 #  restricted_signup_domains    :text
-#  user_oauth_applications      :bool             default(TRUE)
+#  user_oauth_applications      :boolean          default(TRUE)
 #  after_sign_out_path          :string(255)
+#  session_expire_delay         :integer          default(10080), not null
 #
 
 class ApplicationSetting < ActiveRecord::Base

app/models/audit_event.rb

+# == Schema Information
+#
+# Table name: audit_events
+#
+#  id          :integer          not null, primary key
+#  author_id   :integer          not null
+#  type        :string(255)      not null
+#  entity_id   :integer          not null
+#  entity_type :string(255)      not null
+#  details     :text
+#  created_at  :datetime
+#  updated_at  :datetime
+#
+
 class AuditEvent < ActiveRecord::Base
   serialize :details, Hash
 

app/models/group.rb

@@ -56,6 +56,12 @@ class Group < Namespace
     name
   end
 
+  def avatar_url(size = nil)
+    if avatar.present?
+      [gitlab_config.url, avatar.url].join
+    end
+  end
+
   def owners
     @owners ||= group_members.owners.map(&:user)
   end

app/models/key.rb

@@ -39,6 +39,11 @@ class Key < ActiveRecord::Base
     self.key = key.strip unless key.blank?
   end
 
+  def publishable_key
+    #Removes anything beyond the keytype and key itself
+    self.key.split[0..1].join(' ')
+  end
+
   # projects that has this key
   def projects
     user.authorized_projects

app/models/merge_request.rb

@@ -41,8 +41,6 @@ class MergeRequest < ActiveRecord::Base
 
   delegate :commits, :diffs, :last_commit, :last_commit_short_sha, to: :merge_request_diff, prefix: nil
 
-  attr_accessor :should_remove_source_branch
-
   # When this attribute is true some MR validation is ignored
   # It allows us to close or modify broken merge requests
   attr_accessor :allow_broken
@@ -57,7 +55,7 @@ class MergeRequest < ActiveRecord::Base
       transition [:reopened, :opened] => :closed
     end
 
-    event :merge do
+    event :mark_as_merged do
       transition [:reopened, :opened, :locked] => :merged
     end
 
@@ -206,11 +204,7 @@ class MergeRequest < ActiveRecord::Base
 
   def check_if_can_be_merged
     can_be_merged =
-      if for_fork?
-        Gitlab::Satellite::MergeAction.new(self.author, self).can_be_merged?
-      else
-        project.repository.can_be_merged?(source_branch, target_branch)
-      end
+      project.repository.can_be_merged?(source_sha, target_branch)
 
     if can_be_merged
       mark_as_mergeable
@@ -227,18 +221,6 @@ class MergeRequest < ActiveRecord::Base
     self.target_project.events.where(target_id: self.id, target_type: "MergeRequest", action: Event::CLOSED).last
   end
 
-  def automerge!(current_user, commit_message = nil)
-    return unless automergeable?
-
-    MergeRequests::AutoMergeService.
-      new(target_project, current_user).
-      execute(self, commit_message)
-  end
-
-  def remove_source_branch?
-    self.should_remove_source_branch && !self.source_project.root_ref?(self.source_branch) && !self.for_fork?
-  end
-
   def open?
     opened? || reopened?
   end
@@ -247,11 +229,11 @@ class MergeRequest < ActiveRecord::Base
     title =~ /\A\[?WIP\]?:? /i
   end
 
-  def automergeable?
+  def mergeable?
     open? && !work_in_progress? && can_be_merged?
   end
 
-  def automerge_status
+  def gitlab_merge_status
     if work_in_progress?
       "work_in_progress"
     else
@@ -278,14 +260,14 @@ class MergeRequest < ActiveRecord::Base
   #
   # see "git diff"
   def to_diff(current_user)
-    Gitlab::Satellite::MergeAction.new(current_user, self).diff_in_satellite
+    target_project.repository.diff_text(target_branch, source_sha)
   end
 
   # Returns the commit as a series of email patches.
   #
   # see "git format-patch"
   def to_patch(current_user)
-    Gitlab::Satellite::MergeAction.new(current_user, self).format_patch
+    target_project.repository.format_patch(target_branch, source_sha)
   end
 
   def hook_attrs
@@ -436,4 +418,30 @@ class MergeRequest < ActiveRecord::Base
       "Open"
     end
   end
+
+  def target_sha
+    @target_sha ||= target_project.
+      repository.commit(target_branch).sha
+  end
+
+  def source_sha
+    commits.first.sha
+  end
+
+  def fetch_ref
+    target_project.repository.fetch_ref(
+      source_project.repository.path_to_repo,
+      "refs/heads/#{source_branch}",
+      "refs/merge-requests/#{id}/head"
+    )
+  end
+
+  def in_locked_state
+    begin
+      lock_mr
+      yield
+    ensure
+      unlock_mr if locked?
+    end
+  end
 end

app/models/merge_request_diff.rb

@@ -16,9 +16,8 @@ require Rails.root.join("app/models/commit")
 class MergeRequestDiff < ActiveRecord::Base
   include Sortable
 
-  # Prevent store of diff
-  # if commits amount more then 200
-  COMMITS_SAFE_SIZE = 200
+  # Prevent store of diff if commits amount more then 500
+  COMMITS_SAFE_SIZE = 500
 
   attr_reader :commits, :diffs
 
@@ -124,12 +123,12 @@ class MergeRequestDiff < ActiveRecord::Base
     if new_diffs.any?
       if new_diffs.size > Commit::DIFF_HARD_LIMIT_FILES
         self.state = :overflow_diff_files_limit
-        new_diffs = []
+        new_diffs = new_diffs.first[Commit::DIFF_HARD_LIMIT_LINES]
       end
 
       if new_diffs.sum { |diff| diff.diff.lines.count } > Commit::DIFF_HARD_LIMIT_LINES
         self.state = :overflow_diff_lines_limit
-        new_diffs = []
+        new_diffs = new_diffs.first[Commit::DIFF_HARD_LIMIT_LINES]
       end
     end
 
@@ -160,12 +159,21 @@ class MergeRequestDiff < ActiveRecord::Base
   private
 
   def compare_result
-    @compare_result ||= CompareService.new.execute(
-      merge_request.author,
-      merge_request.source_project,
-      merge_request.source_branch,
-      merge_request.target_project,
+    @compare_result ||=
+      begin
+        # Update ref if merge request is from fork
+        merge_request.fetch_ref if merge_request.for_fork?
+
+        # Get latest sha of branch from source project
+        source_sha = merge_request.source_project.commit(source_branch).sha
+
+        Gitlab::CompareResult.new(
+          Gitlab::Git::Compare.new(
+            merge_request.target_project.repository.raw_repository,
             merge_request.target_branch,
+            source_sha,
+          )
         )
       end
+  end
 end

app/models/namespace.rb

@@ -115,12 +115,11 @@ class Namespace < ActiveRecord::Base
 
   def move_dir
     if gitlab_shell.mv_namespace(path_was, path)
-      # If repositories moved successfully we need to remove old satellites
-      # and send update instructions to users.
+      # If repositories moved successfully we need to
+      # send update instructions to users.
       # However we cannot allow rollback since we moved namespace dir
       # So we basically we mute exceptions in next actions
       begin
-        gitlab_shell.rm_satellites(path_was)
         send_update_instructions
       rescue
         # Returning false does not rollback after_* transaction but gives

app/models/note.rb

@@ -31,7 +31,7 @@ class Note < ActiveRecord::Base
   participant :author, :mentioned_users
 
   belongs_to :project
-  belongs_to :noteable, polymorphic: true, touch: true
+  belongs_to :noteable, polymorphic: true
   belongs_to :author, class_name: "User"
 
   delegate :name, to: :project, prefix: true

app/models/project.rb

@@ -21,12 +21,13 @@
 #  import_url             :string(255)
 #  visibility_level       :integer          default(0), not null
 #  archived               :boolean          default(FALSE), not null
+#  avatar                 :string(255)
 #  import_status          :string(255)
 #  repository_size        :float            default(0.0)
 #  star_count             :integer          default(0), not null
 #  import_type            :string(255)
 #  import_source          :string(255)
-#  avatar                 :string(255)
+#  commit_count           :integer          default(0)
 #
 
 require 'carrierwave/orm/activerecord'
@@ -36,7 +37,6 @@ class Project < ActiveRecord::Base
   include Gitlab::ConfigHelper
   include Gitlab::ShellAdapter
   include Gitlab::VisibilityLevel
-  include Rails.application.routes.url_helpers
   include Referable
   include Sortable
 
@@ -316,7 +316,7 @@ class Project < ActiveRecord::Base
   end
 
   def web_url
-    [gitlab_config.url, path_with_namespace].join('/')
+    Rails.application.routes.url_helpers.namespace_project_url(self.namespace, self)
   end
 
   def web_url_without_protocol
@@ -433,7 +433,7 @@ class Project < ActiveRecord::Base
     if avatar.present?
       [gitlab_config.url, avatar.url].join
     elsif avatar_in_git
-      [gitlab_config.url, namespace_project_avatar_path(namespace, self)].join
+      Rails.application.routes.url_helpers.namespace_project_avatar_url(namespace, self)
     end
   end
 
@@ -520,14 +520,6 @@ class Project < ActiveRecord::Base
     !repository.exists? || repository.empty?
   end
 
-  def ensure_satellite_exists
-    self.satellite.create unless self.satellite.exists?
-  end
-
-  def satellite
-    @satellite ||= Gitlab::Satellite::Satellite.new(self)
-  end
-
   def repo
     repository.raw
   end
@@ -571,7 +563,7 @@ class Project < ActiveRecord::Base
   end
 
   def http_url_to_repo
-    [gitlab_config.url, '/', path_with_namespace, '.git'].join('')
+    "#{web_url}.git"
   end
 
   # Check if current branch name is marked as protected in the system
@@ -597,14 +589,11 @@ class Project < ActiveRecord::Base
     new_path_with_namespace = File.join(namespace_dir, path)
 
     if gitlab_shell.mv_repository(old_path_with_namespace, new_path_with_namespace)
-      # If repository moved successfully we need to remove old satellite
-      # and send update instructions to users.
+      # If repository moved successfully we need to send update instructions to users.
       # However we cannot allow rollback since we moved repository
       # So we basically we mute exceptions in next actions
       begin
         gitlab_shell.mv_repository("#{old_path_with_namespace}.wiki", "#{new_path_with_namespace}.wiki")
-        gitlab_shell.rm_satellites(old_path_with_namespace)
-        ensure_satellite_exists
         send_move_instructions
         reset_events_cache
       rescue
@@ -702,7 +691,6 @@ class Project < ActiveRecord::Base
   def create_repository
     if forked?
       if gitlab_shell.fork_repository(forked_from_project.path_with_namespace, self.namespace.path)
-        ensure_satellite_exists
         true
       else
         errors.add(:base, 'Failed to fork repository via gitlab-shell')

app/models/project_services/ci_service.rb

@@ -41,7 +41,7 @@ class CiService < Service
 
   # Return string with build status or :error symbol
   #
-  # Allowed states: 'success', 'failed', 'running', 'pending'
+  # Allowed states: 'success', 'failed', 'running', 'pending', 'skipped'
   #
   #
   # Ex.

app/models/project_services/gitlab_ci_service.rb

@@ -74,6 +74,8 @@ class GitlabCiService < CiService
     else
       :error
     end
+  rescue Errno::ECONNREFUSED
+    :error
   end
 
   def fork_registration(new_project, private_token)
@@ -103,6 +105,8 @@ class GitlabCiService < CiService
     if response.code == 200 and response["coverage"]
       response["coverage"]
     end
+  rescue Errno::ECONNREFUSED
+    nil
   end
 
   def build_page(sha, ref)

app/models/repository.rb

@@ -411,15 +411,36 @@ class Repository
     }
   end
 
-  def can_be_merged?(source_branch, target_branch)
+  def can_be_merged?(source_sha, target_branch)
     our_commit = rugged.branches[target_branch].target
-    their_commit = rugged.branches[source_branch].target
+    their_commit = rugged.lookup(source_sha)
 
     if our_commit && their_commit
       !rugged.merge_commits(our_commit, their_commit).conflicts?
+    else
+      false
     end
   end
 
+  def merge(source_sha, target_branch, options = {})
+    our_commit = rugged.branches[target_branch].target
+    their_commit = rugged.lookup(source_sha)
+
+    raise "Invalid merge target" if our_commit.nil?
+    raise "Invalid merge source" if their_commit.nil?
+
+    merge_index = rugged.merge_commits(our_commit, their_commit)
+    return false if merge_index.conflicts?
+
+    actual_options = options.merge(
+      parents: [our_commit, their_commit],
+      tree: merge_index.write_tree(rugged),
+      update_ref: "refs/heads/#{target_branch}"
+    )
+
+    Rugged::Commit.create(rugged, actual_options)
+  end
+
   def search_files(query, ref)
     offset = 2
     args = %W(git grep -i -n --before-context #{offset} --after-context #{offset} #{query} #{ref || root_ref})
@@ -453,6 +474,11 @@ class Repository
     )
   end
 
+  def fetch_ref(source_path, source_ref, target_ref)
+    args = %W(git fetch #{source_path} #{source_ref}:#{target_ref})
+    Gitlab::Popen.popen(args, path_to_repo)
+  end
+
   private
 
   def cache

app/models/security_event.rb

+# == Schema Information
+#
+# Table name: audit_events
+#
+#  id          :integer          not null, primary key
+#  author_id   :integer          not null
+#  type        :string(255)      not null
+#  entity_id   :integer          not null
+#  entity_type :string(255)      not null
+#  details     :text
+#  created_at  :datetime
+#  updated_at  :datetime
+#
+
 class SecurityEvent < AuditEvent
 end

app/models/user.rb

@@ -57,6 +57,7 @@
 #  otp_backup_codes              :text
 #  public_email                  :string(255)      default(""), not null
 #  dashboard                     :integer          default(0)
+#  project_view                  :integer          default(0)
 #
 
 require 'carrierwave/orm/activerecord'
@@ -618,7 +619,7 @@ class User < ActiveRecord::Base
   end
 
   def all_ssh_keys
-    keys.map(&:key)
+    keys.map(&:publishable_key)
   end
 
   def temp_oauth_email?

app/services/base_service.rb

@@ -31,6 +31,10 @@ class BaseService
     SystemHooksService.new
   end
 
+  def repository
+    project.repository
+  end
+
   # Add an error to the specified model for restricted visibility levels
   def deny_visibility_level(model, denied_visibility_level = nil)
     denied_visibility_level ||= model.visibility_level

app/services/compare_service.rb

+require 'securerandom'
+
 # Compare 2 branches for one repo or between repositories
 # and return Gitlab::CompareResult object that responds to commits and diffs
 class CompareService
-  def execute(current_user, source_project, source_branch, target_project, target_branch)
-    # Try to compare branches to get commits list and diffs
-    #
-    # Note: Use satellite only when need to compare between two repos
-    # because satellites are slower than operations on bare repo
-    if target_project == source_project
+  def execute(source_project, source_branch, target_project, target_branch)
+    source_sha = source_project.commit(source_branch).sha
+
+    # If compare with other project we need to fetch ref first
+    unless target_project == source_project
+      random_string = SecureRandom.hex
+
+      target_project.repository.fetch_ref(
+        source_project.repository.path_to_repo,
+        "refs/heads/#{source_branch}",
+        "refs/tmp/#{random_string}/head"
+      )
+    end
+
     Gitlab::CompareResult.new(
       Gitlab::Git::Compare.new(
         target_project.repository.raw_repository,
         target_branch,
-          source_branch,
+        source_sha,
       )
     )
-    else
-      Gitlab::Satellite::CompareAction.new(
-        current_user,
-        target_project,
-        target_branch,
-        source_project,
-        source_branch
-      ).result
-    end
   end
 end

app/services/files/base_service.rb

@@ -33,15 +33,8 @@ module Files
 
     private
 
-    def repository
-      project.repository
-    end
-
     def after_commit(sha, branch)
-      commit = repository.commit(sha)
-      full_ref = "#{Gitlab::Git::BRANCH_REF_PREFIX}#{branch}"
-      old_sha = commit.parent_id || Gitlab::Git::BLANK_SHA
-      GitPushService.new.execute(project, current_user, old_sha, sha, full_ref)
+      PostCommitService.new(project, current_user).execute(sha, branch)
     end
 
     def current_branch

app/services/git_push_service.rb

@@ -10,16 +10,14 @@ class GitPushService
   #
   # Next, this method:
   #  1. Creates the push event
-  #  2. Ensures that the project satellite exists
-  #  3. Updates merge requests
-  #  4. Recognizes cross-references from commit messages
-  #  5. Executes the project's web hooks
-  #  6. Executes the project's services
+  #  2. Updates merge requests
+  #  3. Recognizes cross-references from commit messages
+  #  4. Executes the project's web hooks
+  #  5. Executes the project's services
   #
   def execute(project, user, oldrev, newrev, ref)
     @project, @user = project, user
 
-    project.ensure_satellite_exists
     project.repository.expire_cache
 
     if push_remove_branch?(ref, newrev)

app/services/merge_requests/auto_merge_service.rb

-module MergeRequests
-  # AutoMergeService class
-  #
-  # Do git merge in satellite and in case of success
-  # mark merge request as merged and execute all hooks and notifications
-  # Called when you do merge via GitLab UI
-  class AutoMergeService < BaseMergeService
-    attr_reader :merge_request, :commit_message
-
-    def execute(merge_request, commit_message)
-      @commit_message = commit_message
-      @merge_request = merge_request
-
-      merge_request.lock_mr
-
-      if merge!
-        merge_request.merge
-        create_merge_event(merge_request, current_user)
-        create_note(merge_request)
-        notification_service.merge_mr(merge_request, current_user)
-        execute_hooks(merge_request, 'merge')
-        true
-      else
-        merge_request.unlock_mr
-        false
-      end
-    rescue
-      merge_request.unlock_mr if merge_request.locked?
-      merge_request.mark_as_unmergeable
-      false
-    end
-
-    def merge!
-      if merge_request.for_fork?
-        Gitlab::Satellite::MergeAction.new(current_user, merge_request).merge!(commit_message)
-      else
-        # Merge local branches using rugged instead of satellites
-        if sha = commit
-          after_commit(sha, merge_request.target_branch)
-
-          if merge_request.remove_source_branch?
-            DeleteBranchService.new(merge_request.source_project, current_user).execute(merge_request.source_branch)
-          end
-
-          true
-        else
-          false
-        end
-      end
-    end
-
-    def commit
-      committer = repository.user_to_comitter(current_user)
-
-      options = {
-        message: commit_message,
-        author: committer,
-        committer: committer
-      }
-
-      repository.merge(merge_request.source_branch, merge_request.target_branch, options)
-    end
-
-    def after_commit(sha, branch)
-      commit = repository.commit(sha)
-      full_ref = "#{Gitlab::Git::BRANCH_REF_PREFIX}#{branch}"
-      old_sha = commit.parent_id || Gitlab::Git::BLANK_SHA
-      GitPushService.new.execute(project, current_user, old_sha, sha, full_ref)
-    end
-
-    def repository
-      project.repository
-    end
-  end
-end

app/services/merge_requests/base_merge_service.rb

-module MergeRequests
-  class BaseMergeService < MergeRequests::BaseService
-
-    private
-
-    def create_merge_event(merge_request, current_user)
-      EventCreateService.new.merge_mr(merge_request, current_user)
-    end
-  end
-end

app/services/merge_requests/build_service.rb

@@ -12,12 +12,16 @@ module MergeRequests
       merge_request.target_project ||= (project.forked_from_project || project)
       merge_request.target_branch ||= merge_request.target_project.default_branch
 
-      unless merge_request.target_branch && merge_request.source_branch
-        return build_failed(merge_request, nil)
+      if merge_request.target_branch.blank? || merge_request.source_branch.blank?
+        message =
+          if params[:source_branch] || params[:target_branch]
+            "You must select source and target branch"
+          end
+
+        return build_failed(merge_request, message)
       end
 
       compare_result = CompareService.new.execute(
-        current_user,
         merge_request.source_project,
         merge_request.source_branch,
         merge_request.target_project,
@@ -40,7 +44,6 @@ module MergeRequests
           merge_request.compare_diffs = diffs
 
         elsif diffs == false
-          # satellite timeout return false
           merge_request.can_be_created = false
           merge_request.compare_failed = true
         end
@@ -59,9 +62,6 @@ module MergeRequests
       end
 
       merge_request
-
-    rescue Gitlab::Satellite::BranchesWithoutParent
-      return build_failed(merge_request, "Selected branches have no common commit so they cannot be merged.")
     end
 
     def build_failed(merge_request, message)

app/services/merge_requests/merge_service.rb

 module MergeRequests
   # MergeService class
   #
-  # Mark existing merge request as merged
-  # and execute all hooks and notifications
-  # Called when you do merge via command line and push code
-  # to target branch
-  class MergeService < BaseMergeService
+  # Do git merge and in case of success
+  # mark merge request as merged and execute all hooks and notifications
+  # Executed when you do merge via GitLab UI
+  #
+  class MergeService < MergeRequests::BaseService
+    attr_reader :merge_request, :commit_message
+
     def execute(merge_request, commit_message)
-      merge_request.merge
+      @commit_message = commit_message
+      @merge_request = merge_request
+
+      unless @merge_request.mergeable?
+        return error('Merge request is not mergeable')
+      end
+
+      merge_request.in_locked_state do
+        if merge_changes
+          after_merge
+          success
+        else
+          error('Can not merge changes')
+        end
+      end
+    end
+
+    private
 
-      create_merge_event(merge_request, current_user)
-      create_note(merge_request)
-      notification_service.merge_mr(merge_request, current_user)
-      execute_hooks(merge_request, 'merge')
+    def merge_changes
+      if sha = commit
+        after_commit(sha, merge_request.target_branch)
+      end
+    end
+
+    def commit
+      committer = repository.user_to_comitter(current_user)
+
+      options = {
+        message: commit_message,
+        author: committer,
+        committer: committer
+      }
+
+      repository.merge(merge_request.source_sha, merge_request.target_branch, options)
+    end
+
+    def after_commit(sha, branch)
+      PostCommitService.new(project, current_user).execute(sha, branch)
+    end
 
-      true
-    rescue
-      false
+    def after_merge
+      MergeRequests::PostMergeService.new(project, current_user).execute(merge_request)
     end
   end
 end

app/services/merge_requests/post_merge_service.rb

+module MergeRequests
+  # PostMergeService class
+  #
+  # Mark existing merge request as merged
+  # and execute all hooks and notifications
+  #
+  class PostMergeService < MergeRequests::BaseService
+    def execute(merge_request)
+      merge_request.mark_as_merged
+      create_merge_event(merge_request, current_user)
+      create_note(merge_request)
+      notification_service.merge_mr(merge_request, current_user)
+      execute_hooks(merge_request, 'merge')
+    end
+
+    private
+
+    def create_merge_event(merge_request, current_user)
+      EventCreateService.new.merge_mr(merge_request, current_user)
+    end
+  end
+end

app/services/merge_requests/refresh_service.rb

@@ -33,9 +33,9 @@ module MergeRequests
 
 
       merge_requests.uniq.select(&:source_project).each do |merge_request|
-        MergeRequests::MergeService.
+        MergeRequests::PostMergeService.
           new(merge_request.target_project, @current_user).
-          execute(merge_request, nil)
+          execute(merge_request)
       end
     end
 

app/services/post_commit_service.rb

+class PostCommitService < BaseService
+  def execute(sha, branch)
+    commit = repository.commit(sha)
+    full_ref = 'refs/heads/' + branch
+    old_sha = commit.parent_id || Gitlab::Git::BLANK_SHA
+    GitPushService.new.execute(project, current_user, old_sha, sha, full_ref)
+  end
+end

app/services/projects/destroy_service.rb

@@ -27,7 +27,6 @@ module Projects
         end
       end
 
-      project.satellite.destroy
       log_info("Project \"#{project.name}\" was removed")
       system_hook_service.execute_hooks_for(project, :destroy)
       true

app/services/projects/transfer_service.rb

@@ -33,9 +33,6 @@ module Projects
           raise TransferError.new("Project with same path in target namespace already exists")
         end
 
-        # Remove old satellite
-        project.satellite.destroy
-
         # Apply new namespace id
         project.namespace = new_namespace
         project.save!
@@ -51,9 +48,6 @@ module Projects
         # Move wiki repo also if present
         gitlab_shell.mv_repository("#{old_path}.wiki", "#{new_path}.wiki")
 
-        # Create a new satellite (reload project from DB)
-        Project.find(project.id).ensure_satellite_exists
-
         # clear project cached events
         project.reset_events_cache
 

app/views/admin/groups/show.html.haml

@@ -51,6 +51,7 @@
         = paginate @projects, param_name: 'projects_page', theme: 'gitlab'
 
   .col-md-6
+    - if can?(current_user, :admin_group_member, @group)
       .panel.panel-default
         .panel-heading
           Add user(s) to the group:
@@ -86,6 +87,7 @@
                 (invited)
             %span.pull-right.light
               = member.human_access
+              - if can?(current_user, :destroy_group_member, member)
                 = link_to group_group_member_path(@group, member), data: { confirm: remove_user_from_group_message(@group, member) }, method: :delete, remote: true, class: "btn-xs btn btn-remove", title: 'Remove user from group' do
                   %i.fa.fa-minus.fa-inverse
       .panel-footer

app/views/admin/users/show.html.haml

@@ -105,6 +105,16 @@
 
   .col-md-6
     - unless @user == current_user
+      - unless @user.confirmed?
+        .panel.panel-info
+          .panel-heading
+            Confirm user
+          .panel-body
+            - if @user.unconfirmed_email.present?
+              - email = " (#{@user.unconfirmed_email})"
+            %p This user has an unconfirmed email address#{email}. You may force a confirmation.
+            %br
+            = link_to 'Confirm user', confirm_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
       - if @user.blocked?
         .panel.panel-info
           .panel-heading

app/views/groups/group_members/_group_member.html.haml

@@ -24,7 +24,7 @@
           = link_to member.created_by.name, user_path(member.created_by)
         = time_ago_with_tooltip(member.created_at)
 
-      - if show_controls && can?(current_user, :admin_group, @group)
+      - if show_controls && can?(current_user, :admin_group_member, member)
         = link_to resend_invite_group_group_member_path(@group, member), method: :post, class: "btn-xs btn", title: 'Resend invite' do
           Resend invite
 

app/views/groups/group_members/index.html.haml

@@ -17,7 +17,7 @@
       = search_field_tag :search, params[:search], { placeholder: 'Find existing member by name', class: 'form-control search-text-input' }
     = button_tag 'Search', class: 'btn'
 
-  - if current_user && current_user.can?(:admin_group, @group)
+  - if current_user && current_user.can?(:admin_group_member, @group)
     .pull-right
       = button_tag class: 'btn btn-new js-toggle-button', type: 'button' do
         Add members

app/views/projects/_home_panel.html.haml

@@ -19,9 +19,15 @@
           Forked from
           = forked_from_project.namespace.try(:name)
 
+      - if can? current_user, :download_code, @project
+        = link_to "#", class: 'btn js-toggle-clone-holder' do
+          = icon('cloud-download fw')
+          Clone
+
       - if can? current_user, :download_code, @project
         = link_to archive_namespace_project_repository_path(@project.namespace, @project, ref: @ref, format: 'zip'), class: 'btn', rel: 'nofollow' do
-          %i.fa.fa-download
+          = icon('download fw')
+          Download
 
     = render 'projects/buttons/dropdown'
 

app/views/projects/buttons/_dropdown.html.haml

 - if current_user
   %span.dropdown
     %a.dropdown-toggle.btn.btn-new{href: '#', "data-toggle" => "dropdown"}
-      %i.fa.fa-plus
+      = icon('plus')
     %ul.dropdown-menu
-      - if @project.issues_enabled && can?(current_user, :create_issue, @project)
+      - if can?(current_user, :create_issue, @project)
         %li
-          = link_to url_for_new_issue, title: "New Issue" do
+          = link_to url_for_new_issue do
+            = icon('exclamation-circle fw')
             New issue
-      - if @project.merge_requests_enabled && can?(current_user, :create_merge_request, @project)
+      - if can?(current_user, :create_merge_request, @project)
         %li
-          = link_to new_namespace_project_merge_request_path(@project.namespace, @project), title: "New Merge Request" do
+          = link_to new_namespace_project_merge_request_path(@project.namespace, @project) do
+            = icon('tasks fw')
             New merge request
-      - if @project.snippets_enabled && can?(current_user, :create_snippet, @project)
+      - if can?(current_user, :create_snippet, @project)
         %li
-          = link_to new_namespace_project_snippet_path(@project.namespace, @project), title: "New Snippet" do
+          = link_to new_namespace_project_snippet_path(@project.namespace, @project) do
+            = icon('file-text-o fw')
             New snippet
-      - if can?(current_user, :admin_project_member, @project)
-        %li
-          = link_to namespace_project_project_members_path(@project.namespace, @project), title: "New project member" do
-            New project member
-      - if can? current_user, :push_code, @project
+      - if can?(current_user, :push_code, @project)
         %li.divider
         %li
           = link_to new_namespace_project_branch_path(@project.namespace, @project) do
-            New git branch
+            = icon('code-fork fw')
+            New branch
         %li
           = link_to new_namespace_project_tag_path(@project.namespace, @project) do
-            New git tag
+            = icon('tags fw')
+            New tag
 
 

app/views/projects/buttons/_fork.html.haml

 - if current_user && can?(current_user, :fork_project, @project)
   - if current_user.already_forked?(@project) && current_user.manageable_namespaces.size < 2
     = link_to namespace_project_path(current_user, current_user.fork_of(@project)), title: 'Go to your fork', class: 'btn' do
-      = icon('code-fork')
+      = icon('code-fork fw')
       Fork
       %span.count
         = @project.forks_count
   - else
     = link_to new_namespace_project_fork_path(@project.namespace, @project), title: "Fork project", class: 'btn' do
-      = icon('code-fork')
+      = icon('code-fork fw')
       Fork
       %span.count
         = @project.forks_count

app/views/projects/buttons/_star.html.haml

 - if current_user
   = link_to toggle_star_namespace_project_path(@project.namespace, @project), class: 'btn star-btn toggle-star', method: :post, remote: true do
-    = icon('star')
+    = icon('star fw')
     - if current_user.starred?(@project)
       Unstar
     - else
@@ -16,7 +16,7 @@
 
 - else
   = link_to new_user_session_path, class: 'btn has_tooltip star-btn', title: 'You must sign in to star a project' do
-    = icon('star')
+    = icon('star fw')
     Star
     %span.count
       = @project.star_count

app/views/projects/merge_requests/_new_compare.html.haml

@@ -35,7 +35,7 @@
     - if @merge_request.compare_failed
       .alert.alert-danger
         %h4 Compare failed
-        %p We can't compare selected branches. It may be because of huge diff or satellite timeout. Please try again or select different branches.
+        %p We can't compare selected branches. It may be because of huge diff. Please try again or select different branches.
     - else
       .light-well
         .center

app/views/projects/merge_requests/_new_submit.html.haml

@@ -24,7 +24,7 @@
         = icon('history')
         Commits
         %span.badge= @commits.size
-    %li.diffs-tab
+    %li.diffs-tab.active
       = link_to url_for(params), data: {target: '#diffs', action: 'diffs', toggle: 'tab'} do
         = icon('list-alt')
         Changes
@@ -33,7 +33,7 @@
   .tab-content
     #commits.commits.tab-pane
       = render "projects/commits/commits", project: @project
-    #diffs.diffs.tab-pane
+    #diffs.diffs.tab-pane.active
       - if @diffs.present?
         = render "projects/diffs/diffs", diffs: @diffs, project: @project
       - elsif @commits.size > MergeRequestDiff::COMMITS_SAFE_SIZE

app/views/projects/merge_requests/widget/_heading.html.haml

@@ -6,6 +6,12 @@
       for #{@merge_request.last_commit_short_sha}.
       = link_to "View build page", ci_build_details_path(@merge_request), :"data-no-turbolink" => "data-no-turbolink"
 
+    .ci_widget.ci-skipped{style: "display:none"}
+      = icon("check")
+      %span CI build skipped
+      for #{@merge_request.last_commit_short_sha}.
+      = link_to "View build page", ci_build_details_path(@merge_request), :"data-no-turbolink" => "data-no-turbolink"
+
     .ci_widget.ci-failed{style: "display:none"}
       = icon("times")
       %span CI build failed

app/views/projects/merge_requests/widget/_open.html.haml

@@ -3,8 +3,6 @@
   .mr-widget-body
     - if @project.archived?
       = render 'projects/merge_requests/widget/open/archived'
-    - elsif !@project.satellite.exists?
-      = render 'projects/merge_requests/widget/open/no_satellite'
     - elsif @merge_request.commits.blank?
       = render 'projects/merge_requests/widget/open/nothing'
     - elsif @merge_request.branch_missing?

app/views/projects/merge_requests/widget/_show.html.haml

@@ -11,10 +11,10 @@
   var merge_request_widget;
 
   merge_request_widget = new MergeRequestWidget({
-    url_to_automerge_check: "#{automerge_check_namespace_project_merge_request_path(@project.namespace, @project, @merge_request)}",
+    url_to_automerge_check: "#{merge_check_namespace_project_merge_request_path(@project.namespace, @project, @merge_request)}",
     check_enable: #{@merge_request.unchecked? ? "true" : "false"},
     url_to_ci_check: "#{ci_status_namespace_project_merge_request_path(@project.namespace, @project, @merge_request)}",
     ci_enable: #{@project.ci_service ? "true" : "false"},
-    current_status: "#{@merge_request.automerge_status}",
+    current_status: "#{@merge_request.gitlab_merge_status}",
   });
 

app/views/projects/merge_requests/widget/open/_accept.html.haml

-= form_for [:automerge, @project.namespace.becomes(Namespace), @project, @merge_request], remote: true, method: :post, html: { class: 'accept-mr-form js-requires-input' } do |f|
+= form_for [:merge, @project.namespace.becomes(Namespace), @project, @merge_request], remote: true, method: :post, html: { class: 'accept-mr-form js-requires-input' } do |f|
   = hidden_field_tag :authenticity_token, form_authenticity_token
   .accept-merge-holder.clearfix.js-toggle-container
     .accept-action

app/views/projects/merge_requests/widget/open/_missing_branch.html.haml

@@ -6,9 +6,11 @@
     %span.label.label-inverse= @merge_request.source_branch
     does not exist in
     %span.label.label-info= @merge_request.source_project_path
+    %br
+    %strong Please close this merge request and open a new merge request to change source branches.
   - else
     %span.label.label-inverse= @merge_request.target_branch
     does not exist in
     %span.label.label-info= @merge_request.target_project_path
     %br
-  %strong Please close this merge request or change branches with existing one
+    %strong Please close this merge request or change to another target branch.

app/views/projects/merge_requests/widget/open/_no_satellite.html.haml

-%p
-  %span
-    %strong This repository does not have a satellite. Please ask an administrator to fix this issue!

app/views/projects/show.html.haml

@@ -22,19 +22,34 @@
     %li
       = link_to namespace_project_tags_path(@project.namespace, @project) do
         = pluralize(number_with_delimiter(@repository.tag_names.count), 'tag')
+
     - if @repository.changelog
       %li
-        = link_to changelog_url(@project) do
+        = link_to changelog_path(@project) do
           Changelog
     - if @repository.license
       %li
-        = link_to license_url(@project) do
+        = link_to license_path(@project) do
           License
     - if @repository.contribution_guide
       %li
-        = link_to contribution_guide_url(@project) do
+        = link_to contribution_guide_path(@project) do
           Contribution guide
 
+    - if current_user && can_push_branch?(@project, @project.default_branch)
+      - unless @repository.changelog
+        %li.missing
+          = link_to add_changelog_path(@project) do
+            Add Changelog
+      - unless @repository.license
+        %li.missing
+          = link_to add_license_path(@project) do
+            Add License
+      - unless @repository.contribution_guide
+        %li.missing
+          = link_to add_contribution_guide_path(@project) do
+            Add Contribution guide
+
 - if @project.archived?
   .text-warning.center.prepend-top-20
     %p

app/views/projects/tree/_tree_commit_column.html.haml

 %span.str-truncated
-  %span.tree_author= commit_author_link(commit, avatar: true, size: 16)
   = link_to_gfm commit.title, namespace_project_commit_path(@project.namespace, @project, commit.id), class: "tree-commit-link"
+  %span.tree_author
+    [
+    commit_author_link(commit, avatar: false)
+    ]

app/views/shared/issuable/_form.html.haml

@@ -100,7 +100,7 @@
         = link_to 'Change branches', mr_change_branches_path(@merge_request)
 
 .form-actions
-  - if !issuable.project.empty_repo? && (guide_url = contribution_guide_url(issuable.project)) && !issuable.persisted?
+  - if !issuable.project.empty_repo? && (guide_url = contribution_guide_path(issuable.project)) && !issuable.persisted?
     %p
       Please review the
       %strong #{link_to 'guidelines for contribution', guide_url}

app/workers/auto_merge_worker.rb → app/workers/merge_worker.rb

-class AutoMergeWorker
+class MergeWorker
   include Sidekiq::Worker
 
   sidekiq_options queue: :default
@@ -7,7 +7,13 @@ class AutoMergeWorker
     params = params.with_indifferent_access
     current_user = User.find(current_user_id)
     merge_request = MergeRequest.find(merge_request_id)
-    merge_request.should_remove_source_branch = params[:should_remove_source_branch]
-    merge_request.automerge!(current_user, params[:commit_message])
+
+    result = MergeRequests::MergeService.new(merge_request.target_project, current_user).
+      execute(merge_request, params[:commit_message])
+
+    if result[:status] == :success && params[:should_remove_source_branch].present?
+      DeleteBranchService.new(merge_request.source_project, current_user).
+        execute(merge_request.source_branch)
+    end
   end
 end

app/workers/repository_import_worker.rb

@@ -27,7 +27,6 @@ class RepositoryImportWorker
 
     project.import_finish
     project.save
-    project.satellite.create unless project.satellite.exists?
     ProjectCacheWorker.perform_async(project.id)
     Gitlab::BitbucketImport::KeyDeleter.new(project).execute if project.import_type == 'bitbucket'
   end

config/gitlab.yml.example

@@ -256,6 +256,7 @@ production: &base
   ## Backup settings
   backup:
     path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
+    # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600)
     # keep_time: 604800   # default: 0 (forever) (in seconds)
     # upload:
     #   # Fog storage connection settings, see http://fog.io/storage/ .
@@ -347,6 +348,8 @@ test:
     # user: YOUR_USERNAME
   satellites:
     path: tmp/tests/gitlab-satellites/
+  backup:
+    path: tmp/tests/backups
   gitlab_shell:
     path: tmp/tests/gitlab-shell/
     repos_path: tmp/tests/repositories/

config/initializers/1_settings.rb

@@ -170,6 +170,7 @@ Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.send(:build_gitlab_shell_s
 Settings['backup'] ||= Settingslogic.new({})
 Settings.backup['keep_time']  ||= 0
 Settings.backup['path']         = File.expand_path(Settings.backup['path'] || "tmp/backups/", Rails.root)
+Settings.backup['archive_permissions']          ||= 0600
 Settings.backup['upload'] ||= Settingslogic.new({ 'remote_directory' => nil, 'connection' => nil })
 # Convert upload connection settings to use symbol keys, to make Fog happy
 if Settings.backup['upload']['connection']

config/initializers/redis-store-fix-expiry.rb

-# Monkey-patch Redis::Store to make 'setex' and 'expire' work with namespacing
-
-module Gitlab
-  class Redis
-    class Store
-      module Namespace
-        # Redis::Store#setex in redis-store 1.1.4 does not respect namespaces;
-        # this new method does.
-        def setex(key, expires_in, value, options=nil)
-          namespace(key) { |key| super(key, expires_in, value) }
-        end
-
-        # Redis::Store#expire in redis-store 1.1.4 does not respect namespaces;
-        # this new method does.
-        def expire(key, expires_in)
-          namespace(key) { |key| super(key, expires_in) }
-        end
-
-        private
-
-        # Our new definitions of #setex and #expire above assume that the
-        # #namespace method exists. Because we cannot be sure of that, we
-        # re-implement the #namespace method from Redis::Store::Namespace so
-        # that it is available for all Redis::Store instances, whether they use
-        # namespacing or not.
-        #
-        # Based on lib/redis/store/namespace.rb L49-51 (redis-store 1.1.4)
-        def namespace(key)
-          if @namespace
-            yield interpolate(key)
-          else
-            # This Redis::Store instance does not use a namespace so we should
-            # just pass through the key.
-            yield key
-          end
-        end
-      end
-    end
-  end
-end
-
-Redis::Store.class_eval do
-  include Gitlab::Redis::Store::Namespace
-end

config/routes.rb

@@ -159,6 +159,7 @@ Gitlab::Application.routes.draw do
         put :block
         put :unblock
         put :unlock
+        put :confirm
         patch :disable_two_factor
         delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
       end
@@ -458,8 +459,8 @@ Gitlab::Application.routes.draw do
           member do
             get :diffs
             get :commits
-            post :automerge
-            get :automerge_check
+            post :merge
+            get :merge_check
             get :ci_status
             post :toggle_subscription
           end

doc/api/users.md

@@ -397,6 +397,138 @@ Parameters:
 
 Will return `200 OK` on success, or `404 Not found` if either user or key cannot be found.
 
+## List emails
+
+Get a list of currently authenticated user's emails.
+
+```
+GET /user/emails
+```
+
+```json
+[
+  {
+    "id": 1,
+    "email": "email@example.com"
+  },
+  {
+    "id": 3,
+    "email": "email2@example.com"
+  }
+]
+```
+
+Parameters:
+
+- **none**
+
+## List emails for user
+
+Get a list of a specified user's emails. Available only for admin
+
+```
+GET /users/:uid/emails
+```
+
+Parameters:
+
+- `uid` (required) - id of specified user
+
+## Single email
+
+Get a single email.
+
+```
+GET /user/emails/:id
+```
+
+Parameters:
+
+- `id` (required) - email ID
+
+```json
+{
+  "id": 1,
+  "email": "email@example.com"
+}
+```
+
+## Add email
+
+Creates a new email owned by the currently authenticated user.
+
+```
+POST /user/emails
+```
+
+Parameters:
+
+- `email` (required) - email address
+
+```json
+{
+  "id": 4,
+  "email": "email@example.com"
+}
+```
+
+Will return created email with status `201 Created` on success. If an
+error occurs a `400 Bad Request` is returned with a message explaining the error:
+
+```json
+{
+  "message": {
+    "email": [
+      "has already been taken"
+    ]
+  }
+}
+```
+
+## Add email for user
+
+Create new email owned by specified user. Available only for admin
+
+```
+POST /users/:id/emails
+```
+
+Parameters:
+
+- `id` (required)    - id of specified user
+- `email` (required) - email address
+
+Will return created email with status `201 Created` on success, or `404 Not found` on fail.
+
+## Delete email for current user
+
+Deletes email owned by currently authenticated user.
+This is an idempotent function and calling it on a email that is already deleted
+or not available results in `200 OK`.
+
+```
+DELETE /user/emails/:id
+```
+
+Parameters:
+
+- `id` (required) - email ID
+
+## Delete email for given user
+
+Deletes email owned by a specified user. Available only for admin.
+
+```
+DELETE /users/:uid/emails/:id
+```
+
+Parameters:
+
+- `uid` (required) - id of specified user
+- `id` (required)  - email ID
+
+Will return `200 OK` on success, or `404 Not found` if either user or email cannot be found.
+
 ## Block user
 
 Blocks the specified user.  Available only for admin.

doc/development/architecture.md

@@ -56,9 +56,9 @@ To serve repositories over SSH there's an add-on application called gitlab-shell
 
 A typical install of GitLab will be on GNU/Linux. It uses Nginx or Apache as a web front end to proxypass the Unicorn web server. By default, communication between Unicorn and the front end is via a Unix domain socket but forwarding requests via TCP is also supported. The web front end accesses `/home/git/gitlab/public` bypassing the Unicorn server to serve static pages, uploads (e.g. avatar images or attachments), and precompiled assets. GitLab serves web pages and a [GitLab API](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/api) using the Unicorn web server. It uses Sidekiq as a job queue which, in turn, uses redis as a non-persistent database backend for job information, meta data, and incoming jobs.
 
-The GitLab web app uses MySQL or PostgreSQL for persistent database information (e.g. users, permissions, issues, other meta data). GitLab stores the bare git repositories it serves in `/home/git/repositories` by default. It also keeps default branch and hook information with the bare repository. `/home/git/gitlab-satellites` keeps checked out repositories when performing actions such as a merge request, editing files in the web interface, etc.
+The GitLab web app uses MySQL or PostgreSQL for persistent database information (e.g. users, permissions, issues, other meta data). GitLab stores the bare git repositories it serves in `/home/git/repositories` by default. It also keeps default branch and hook information with the bare repository.
 
-The satellite repository is used by the web interface for editing repositories and the wiki which is also a git repository. When serving repositories over HTTP/HTTPS GitLab utilizes the GitLab API to resolve authorization and access as well as serving git objects.
+When serving repositories over HTTP/HTTPS GitLab utilizes the GitLab API to resolve authorization and access as well as serving git objects.
 
 The add-on component gitlab-shell serves repositories over SSH. It manages the SSH keys within `/home/git/.ssh/authorized_keys` which should not be manually edited. gitlab-shell accesses the bare repositories directly to serve git objects and communicates with redis to submit jobs to Sidekiq for GitLab to process. gitlab-shell queries the GitLab API to determine authorization and access.
 
@@ -129,7 +129,7 @@ Note: `/home/git/` is shorthand for `/home/git`.
 
 gitlabhq (includes Unicorn and Sidekiq logs)
 
-- `/home/git/gitlab/log/` contains `application.log`, `production.log`, `sidekiq.log`, `unicorn.stdout.log`, `githost.log`, `satellites.log`, and `unicorn.stderr.log` normally.
+- `/home/git/gitlab/log/` contains `application.log`, `production.log`, `sidekiq.log`, `unicorn.stdout.log`, `githost.log` and `unicorn.stderr.log` normally.
 
 gitlab-shell
 

doc/gitlab-basics/README.md

@@ -19,3 +19,5 @@ Step-by-step guides on the basics of working with Git and GitLab.
 * [Fork a project](fork-project.md)
 
 * [Add a file](add-file.md)
+
+* [Create a Merge Request](add-merge-request.md)

doc/gitlab-basics/add-file.md

@@ -2,7 +2,7 @@
 
 You can create a file in your [shell](command-line-commands.md) or in GitLab.
 
-To create a file in GitLab, sign in to [GitLab.com](https://gitlab.com).
+To create a file in GitLab, sign in to GitLab.
 
 Select a project on the right side of your screen:
 

doc/gitlab-basics/add-merge-request.md

+# How to create a merge request
+
+Merge Requests are useful to integrate separate changes that you've made to a project, on different branches.
+
+To create a new Merge Request, sign in to GitLab.
+
+Go to the project where you'd like to merge your changes:
+
+![Select a project](basicsimages/select_project.png)
+
+Click on "Merge Requests" on the left side of your screen:
+
+![Merge requests](basicsimages/merge_requests.png)
+
+Click on "+ new Merge Request" on the right side of the screen:
+
+![New Merge Request](basicsimages/new_merge_request.png)
+
+Select a source branch or branch:
+
+![Select a branch](basicsimages/select_branch.png)
+
+Click on the "compare branches" button:
+
+![Compare branches](basicsimages/compare_branches.png)
+
+Add a title and a description to your Merge Request:
+
+![Add a title and description](basicsimages/title_description_mr.png)
+
+Select a user to review your Merge Request and to accept or close it. You may also select milestones and labels (they are optional). Then click on the "submit new Merge Request" button:
+
+![Add a new merge request](basicsimages/add_new_merge_request.png)
+
+Your Merge Request will be ready to be approved and published.
+
+### Note
+
+After you created a new branch, you'll immediately find a "create a Merge Request" button at the top of your screen.
+You may automatically create a Merge Request from your recently created branch when clicking on this button:
+
+![Automatic MR button](basicsimages/button-create-mr.png)

doc/gitlab-basics/command-line-commands.md

@@ -2,7 +2,7 @@
 
 ## Start working on your project
 
-In Git, when you copy a project you say you "clone" it. To work on a git project locally (from your own computer), you will need to clone it. To do this, sign in to [GitLab.com](https://gitlab.com).
+In Git, when you copy a project you say you "clone" it. To work on a git project locally (from your own computer), you will need to clone it. To do this, sign in to GitLab.
 
 When you are on your Dashboard, click on the project that you'd like to clone, which you'll find at the right side of your screen.
 

doc/gitlab-basics/create-group.md

@@ -2,7 +2,7 @@
 
 ## Create a group
 
-Your projects in [GitLab.com](https://gitlab.com) can be organized in 2 different ways:
+Your projects in GitLab can be organized in 2 different ways:
 under your own namespace for single projects, such as ´your-name/project-1'; or under groups.
 If you organize your projects under a group, it works like a folder. You can manage your group members' permissions and access to the projects.
 

doc/gitlab-basics/create-project.md

 # How to create a project in GitLab
 
-To create a new project, sign in to [GitLab.com](https://gitlab.com).
+To create a new project, sign in to GitLab.
 
 Go to your Dashboard and click on "new project" on the right side of your screen.
 

doc/gitlab-basics/create-your-ssh-keys.md

@@ -6,7 +6,7 @@ You need to connect your computer to your GitLab account through SSH Keys. They
 
 Create an account on GitLab. Sign up and check your email for your confirmation link.
 
-After you confirm, go to [GitLab.com](https://about.gitlab.com/) and sign in to your account.
+After you confirm, go to GitLab and sign in to your account.
 
 ## Add your SSH Key
 

doc/gitlab-basics/fork-project.md

@@ -6,7 +6,7 @@ publishing or not, without affecting your original project.
 
 It takes just a few steps to fork a project in GitLab.
 
-Sign in to [gitlab.com](https://gitlab.com).
+Sign in to GitLab.
 
 Select a project on the right side of your screen:
 

doc/gitlab-basics/start-using-git.md

 # Start using Git on the command line
 
-If you want to start using a Git and GitLab, make sure that you have created an account on [GitLab.com](https://about.gitlab.com/).
+If you want to start using a Git and GitLab, make sure that you have created an account on GitLab.
 
 ## Open a shell
 

doc/install/installation.md

@@ -195,9 +195,9 @@ We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](da
 ### Clone the Source
 
     # Clone GitLab repository
-    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-12-stable gitlab
+    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-13-stable gitlab
 
-**Note:** You can change `7-12-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
+**Note:** You can change `7-13-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
 
 ### Configure It
 
@@ -216,10 +216,6 @@ We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](da
     sudo chmod -R u+rwX,go-w log/
     sudo chmod -R u+rwX tmp/
 
-    # Create directory for satellites
-    sudo -u git -H mkdir /home/git/gitlab-satellites
-    sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites
-
     # Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
     sudo chmod -R u+rwX tmp/pids/
     sudo chmod -R u+rwX tmp/sockets/

doc/install/requirements.md

@@ -32,7 +32,7 @@ Please consider using a virtual machine to run GitLab.
 
 ## Ruby versions
 
-GitLab requires Ruby (MRI) 2.0 or 2.1
+GitLab requires Ruby (MRI) 2.1
 You will have to use the standard MRI implementation of Ruby.
 We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/) but GitLab needs several Gems that have native extensions.
 
@@ -40,7 +40,7 @@ We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/) but GitLab
 
 ### Storage
 
-The necessary hard drive space largely depends on the size of the repos you want to store in GitLab but as a *rule of thumb* you should have at least twice as much free space as all your repos combined take up. You need twice the storage because [GitLab satellites](structure.md) contain an extra copy of each repo.
+The necessary hard drive space largely depends on the size of the repos you want to store in GitLab but as a *rule of thumb* you should have at least as much free space as all your repos combined take up. 
 
 If you want to be flexible about growing your hard drive space in the future consider mounting it using LVM so you can add more hard drives when you need them.
 

doc/install/structure.md

@@ -6,16 +6,14 @@ This is the directory structure you will end up with following the instructions
     |   |-- git
     |       |-- .ssh
     |       |-- gitlab
-    |       |-- gitlab-satellites
     |       |-- gitlab-shell
     |       |-- repositories
 
 * `/home/git/.ssh` - contains openssh settings.  Specifically the `authorized_keys` file managed by gitlab-shell.
 * `/home/git/gitlab` - GitLab core software.
-* `/home/git/gitlab-satellites` - checked out repositories for merge requests and file editing from web UI.  This can be treated as a temporary files directory.
 * `/home/git/gitlab-shell` - Core add-on component of GitLab.  Maintains SSH cloning and other functionality.
 * `/home/git/repositories` - bare repositories for all projects organized by namespace.  This is where the git repositories which are pushed/pulled are maintained for all projects.  **This area is critical data for projects.  [Keep a backup](../raketasks/backup_restore.md)**
 
-*Note: the default locations for gitlab-satellites and repositories can be configured in `config/gitlab.yml` of GitLab and `config.yml` of gitlab-shell.*
+*Note: the default locations for repositories can be configured in `config/gitlab.yml` of GitLab and `config.yml` of gitlab-shell.*
 
 To see a more in-depth overview see the [GitLab architecture doc](../development/architecture.md).

doc/logs/logs.md

@@ -51,16 +51,6 @@ December 03, 2014 13:20 -> ERROR -> Command failed [1]: /usr/bin/git --git-dir=/
 error: failed to push some refs to '/Users/vsizov/gitlab-development-kit/repositories/gitlabhq/gitlab_git.git'
 ```
 
-#### satellites.log
-This file lives in `/var/log/gitlab/gitlab-rails/satellites.log` for omnibus package or in `/home/git/gitlab/log/satellites.log` for installations from the source.
-
-In some cases GitLab should perform write actions to git repository, for example when it is needed to merge the merge request or edit a file with online editor. If something went wrong you can look into this file to find out what exactly happened.
-```
-October 07, 2014 11:36: Failed to create satellite for Chesley Weimann III / project1817
-October 07, 2014 11:36: PID: 1872: git clone /Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/repositories/conrad6841/gitlabhq.git /Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/gitlab-satellites/conrad6841/gitlabhq
-October 07, 2014 11:36: PID: 1872: -> fatal: repository '/Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/repositories/conrad6841/gitlabhq.git' does not exist
-```
-
 #### sidekiq.log
 This file lives in `/var/log/gitlab/gitlab-rails/sidekiq.log` for omnibus package or in `/home/git/gitlab/log/sidekiq.log` for installations from the source.
 

doc/permissions/permissions.md

@@ -6,6 +6,9 @@ If a user is both in a project group and in the project itself, the highest perm
 
 If a user is a GitLab administrator they receive all permissions.
 
+To add or import a user, you can follow the [project users and members
+documentation](doc/workflow/add-user/add-user.md).
+
 ## Project
 
 | Action                                | Guest   | Reporter   | Developer   | Master   | Owner  |

doc/raketasks/README.md

@@ -7,3 +7,4 @@
 - [User management](user_management.md)
 - [Web hooks](web_hooks.md)
 - [Import](import.md) of git repositories in bulk
+- [Rebuild authorized_keys file](http://doc.gitlab.com/ce/raketasks/maintenance.html#rebuild-authorized_keys-file) task for administrators
\ No newline at end of file

doc/raketasks/backup_restore.md

@@ -7,7 +7,7 @@
 A backup creates an archive file that contains the database, all repositories and all attachments.
 This archive will be saved in backup_path (see `config/gitlab.yml`).
 The filename will be `[TIMESTAMP]_gitlab_backup.tar`. This timestamp can be used to restore an specific backup.
-You can only restore a backup to exactly the same version of GitLab that you created it on, for example 7.2.1.
+You can only restore a backup to exactly the same version of GitLab that you created it on, for example 7.2.1. The best way to migrate your repositories from one server to another is through backup restore.
 
 You need to keep a separate copy of `/etc/gitlab/gitlab-secrets.json`
 (for omnibus packages) or `/home/git/gitlab/.secret` (for installations
@@ -148,6 +148,23 @@ with the name of your bucket:
 }
 ```
 
+## Backup archive permissions
+
+The backup archives created by GitLab (123456_gitlab_backup.tar) will have owner/group git:git and 0600 permissions by default.
+This is meant to avoid other system users reading GitLab's data.
+If you need the backup archives to have different permissions you can use the 'archive_permissions' setting.
+
+```
+# In /etc/gitlab/gitlab.rb, for omnibus packages
+gitlab_rails['backup_archive_permissions'] = 0644 # Makes the backup archives world-readable
+```
+
+```
+# In gitlab.yml, for installations from source:
+  backup:
+    archive_permissions: 0644 # Makes the backup archives world-readable
+```
+
 ## Storing configuration files
 
 Please be informed that a backup does not store your configuration
@@ -232,7 +249,7 @@ Deleting tmp directories...[DONE]
 We will assume that you have installed GitLab from an omnibus package and run
 `sudo gitlab-ctl reconfigure` at least once.
 
-First make sure your backup tar file is in `/var/opt/gitlab/backups`.
+First make sure your backup tar file is in `/var/opt/gitlab/backups` (or wherever `gitlab_rails['backup_path']` points to).
 
 ```shell
 sudo cp 1393513186_gitlab_backup.tar /var/opt/gitlab/backups/

doc/raketasks/maintenance.md

@@ -105,24 +105,11 @@ Log directory writable? ... yes
 Tmp directory writable? ... yes
 Init script exists? ... yes
 Init script up-to-date? ... yes
-Projects have satellites? ... yes
 Redis version >= 2.0.0? ... yes
 
 Checking GitLab ... Finished
 ```
 
-## (Re-)Create satellite repositories
-
-This will create satellite repositories for all your projects.
-
-If necessary, remove the `repo_satellites` directory and rerun the commands below.
-
-```
-sudo -u git -H mkdir -p /home/git/gitlab-satellites
-sudo -u git -H bundle exec rake gitlab:satellites:create RAILS_ENV=production
-sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites
-```
-
 ## Rebuild authorized_keys file
 
 In some case it is necessary to rebuild the `authorized_keys` file.

doc/release/monthly.md

@@ -81,6 +81,7 @@ workday to quickly fix any issues.
 
 - [ ] Merge CE stable into EE stable (#LINK)
 - [ ] Create the 'x.y.0' tag with the [release tools](https://dev.gitlab.org/gitlab/release-tools) (#LINK)
+- [ ] Create the 'x.y.0' version on version.gitlab.com
 - [ ] Try to do before 11AM CET: Create and push omnibus tags for x.y.0 (will auto-release the packages) (#LINK)
 - [ ] Try to do before 12AM CET: Publish the release blog post (#LINK)
 - [ ] Tweet about the release (blog post) (#LINK)

doc/release/patch.md

@@ -52,5 +52,6 @@ bundle exec rake release["x.x.x"]
 1. Create and publish a blog post, see [patch release blog template](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/doc/patch_release_blog_template.md)
 1. Send tweets about the release from `@gitlab`, tweet should include the most important feature that the release is addressing and link to the blog post
 1. Note in the 'GitLab X.X regressions' issue that the patch was published (CE only)
+1. Create the 'x.y.0' version on version.gitlab.com
 1. [Create new AMIs](https://dev.gitlab.org/gitlab/AMI/blob/master/README.md)
 1. Create a new patch release issue for the next potential release
\ No newline at end of file

doc/update/mysql_to_postgresql.md

 # Migrating GitLab from MySQL to Postgres
-*Make sure you view this [guide from the `master` branch](../../../master/doc/update/mysql_to_postgresql.md) for the most up to date instructions.*
+*Make sure you view this [guide from the `master` branch](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/update/mysql_to_postgresql.md#migrating-gitlab-from-mysql-to-postgres) for the most up to date instructions.*
 
 If you are replacing MySQL with Postgres while keeping GitLab on the same server all you need to do is to export from MySQL, convert the resulting SQL file, and import it into Postgres. If you are also moving GitLab to another server, or if you are switching to omnibus-gitlab, you may want to use a GitLab backup file. The second part of this documents explains the procedure to do this.
 
@@ -70,5 +70,5 @@ sudo -u git -H gzip db/database.sql
 sudo -u git -H tar rf TIMESTAMP_gitlab_backup.tar db/database.sql.gz
 
 # Done! TIMESTAMP_gitlab_backup.tar can now be restored into a Postgres GitLab
-# installation. Remember to recreate the indexes after the import.
+# installation.
 ```

doc/workflow/README.md

@@ -10,6 +10,7 @@
 - [Notification emails](notifications.md)
 - [Project Features](project_features.md)
 - [Project forking workflow](forking_workflow.md)
+- [Project users](add-user/add-user.md)
 - [Protected branches](protected_branches.md)
 - [Web Editor](web_editor.md)
 - ["Work In Progress" Merge Requests](wip_merge_requests.md)

doc/workflow/add-user/add-user.md

+# Project users
+
+You can manage the groups and users and their access levels in all of your projects. You can also personalize the access level you give each user, per project.
+
+Here's how to add or import users to your projects.
+
+You should have 'master' or 'owner' permissions to add or import a new user
+to your project.
+
+To add or import a user, go to your project and click on "Members" on the left side of your screen:
+
+![Members](images/members.png)
+
+Select "Add members" or "Import members" on the right side of your screen:
+
+![Add or Import](images/add-members.png)
+
+If you are adding a user, select the user and the [permission level](doc/permissions/permissions.md) that you'd like to
+give the user:
+
+![Add or Import](images/new-member.png)
+
+If you are importing a user, follow the steps to select the project where you'd like to import the user from:
+
+![Add or Import](images/select-project.png)