The user being created was no different than what `be_allowed_for` was
doing behind the scenes so we were essentially testing all user-level
accesses twice.

It was only used in one test, and the test was kind of redundant.

Fix full screen mode for snippet comments

ZenMode is now initialized for snippet pages.

Fixes #2036.

See merge request !1016

ZenMode is now initialized for snippet pages.

Fixes #2036.

You need to store your DB encryption key

You can break two-factor authentication for existing users when
restoring a backup if you lost your DB encryption key.

See merge request !1015

Update changelog



See merge request !1013

Don't stop if database.sql.gz already exists

The existing behavior of the backups is to overwrite whatever data
was still there in the scratch directories. This broke when we added
a 'gzip' step because 'gzip database.sql' will fail if 'database.sql.gz'
already exists. Doing 'rm -f database.sql.gz' before the 'gzip'
avoids this failure.

See merge request !1011

The existing behavior of the backups is to overwrite whatever data
was still there in the scratch directories. This broke when we added
a 'gzip' step because 'gzip database.sql' will fail if 'database.sql.gz'
already exists. Doing 'rm -f database.sql.gz' before the 'gzip'
avoids this failure.

Fix change log for 7.11 and move entry to 7.12

The change log for 7.11 was accidentally split in
3865a1d9. Additionally, the change added
with this commit did not make it into 7.11 according to
`git branch --contains` and it has not been cherry picked to 7-11-stable
so the entry is moved to 7.12.

Refs GH-5625, GH-9318.

See merge request !1009

The change log for 7.11 was accidentally split in
3865a1d9. Additionally, the change added
with this commit did not make it into 7.11 according to
`git branch --contains` and it has not been cherry picked to 7-11-stable
so the entry is moved to 7.12.

Refs GH-5625, GH-9318.

[ci skip]

GoogleCode importer: Do not care about casing of image file extensions

When a GoogleCode repository contains an attached image with an UPPERCASE file extension, it's not inlined.

/CC @DouweM

See merge request !1003

Fix (i.e. prevent) access to disabled features for unauthenticated users

Unauthenticated users had access to disabled features of public
projects. The code has been slightly refactored so that feature checks
are done in a separate method and can also be applied for public access.

See merge request !1006

merge_requests: add fetch command to the MR page

In our instance, users asked for an easy way to get the contents of the MR into their local clone. This adds a command line which can be used to fetch the contents of the MR.

Screenshot:

![fetch-command](https://gitlab.com/gitlab-org/gitlab-ce/uploads/d83acfbdb69f023d13b45dff5d583ac1/fetch-command.png)

See merge request !678

Remove repository graph log to fix slow cache updates after push event

Recalculating `graph_log` took minutes on a large repository since each
of the 6000 commits would need to calculate the diff. Since graph_log
does not appear to be used, remove it from the list of things to update.
For the Linux kernel repository, this reduced the `ProjectCacheWorker` time
from 8+ minutes to 16 seconds.

Closes #2016

See merge request !1005

Remove redundant last push event if activity feed is set to main page

### What does this MR do?

This MR eliminates a redundant last push event message if the user's preferences are set to the main activity feed.

### Why was this MR needed?

Lots of wasted space was introduced as a result.

### Screenshots

#### Before

![image](https://gitlab.com/stanhu/gitlab-ce/uploads/e7fdeb58b2017ec45443bf0d54a94685/image.png)

#### After

![image](https://gitlab.com/stanhu/gitlab-ce/uploads/d4a15113127be119e7c33ff501020f16/image.png)

### What are the relevant issue numbers?

Closes #2009

See merge request !995

Public project activity page asks for sign-in

https://gitlab.com/gitlab-org/gitlab-ce/issues/2021

See merge request !1007

Use whoami instead of $USER

Set OmniAuth full_host parameter to ensure redirect URIs are correct

### What does this MR do?

This MR sets the OmniAuth `full_host` parameter to the configured GitLab URL to ensure the `redirect_uri` parameter is called with the right GitLab host.

### Why was this MR needed?

[OmniAuth attempts to grab the request URI](http://awesomeprogrammer.com/blog/2012/12/09/dealing-with-omniauth-redirect-uri-mismatch-invalid-port-number-gotcha/) and use that. If you set up a reverse proxy that terminates SSL at the Web server layer (e.g. https://gitlab.domain.com), omniauth will use the internal URL (e.g. http://my-host:8080) in its redirect URI unless all the Web server headers are properly set (e.g. `X-Forwarded-Port`, etc.). This is easy to forget or mess up, and it's better to ensure that OmniAuth has the right value from the start.

### What are the relevant issue numbers?

Closes #1967

See merge request !991

Unauthenticated users had access to disabled features of public
projects. The code has been slightly refactored so that feature checks
are done in a separate method and can also be applied for public access.

Recalculating graph_log took minutes on a large repository since each
of the 6000 commits would need to calculate the diff. Since graph_log
does not appear to be used, remove it from the list of things to update.
For the Linux kernel repository, this reduced the ProjectCacheWorker time
from 8+ minutes to 16 seconds.

Closes #2016

Fix label read access for unauthenticated users

The label page was added to navigation for unauthorized users because
the previously used milestone read permission was still checked. This
has been fixed and read access to labels is now granted (again) for
public projects.

This regression has been introduced in
07efb17e (7.12).

See also 9bcd3639.

Refs !836, !842.

See merge request !1000

Signed-off-by: Sven Strickroth <email@cs-ware.de>

Dynamically check `:admin_*` ability in issuable context

Closes #2001

See merge request !1002

Closes #2001

The label page was added to navigation for unauthorized users because
the previously used milestone read permission was still checked. This
has been fixed and read access to labels is now granted (again) for
public projects.

This regression has been introduced in
07efb17e (7.12).

See also 9bcd3639.

Refs !836, !842.

Fix bug where notes were being rendered with wrong color preferences due to caching

### What does this MR do?

This MR adds the user's color preferences as part of the caching key for notes.

### Why was this MR needed?

This should fix a bug introduced via 4d80360b where notes were being loaded from the cache without regard to the current user's color scheme.

### What are the relevant issue numbers?

Closes #2008

See merge request !994

Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in

### What does this MR do?

This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post.

### Why was this MR needed?

If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce:

1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com).
2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab.
3. Go to the GitLab CI instance. Click the "Login with GitLab".
4. Enter in your credentials.
5. Watch your browser login to GitLab and not return to GitLab CI.

### What are the relevant issue numbers?

Closes #1612

See merge request !998

Closes #1612

Show the first tab automatically on MergeRequests#new

Closes #2013

See merge request !997

Closes #2013

Only load byebug on MRI

Closes #2009