- Allow the message to be returned from git_http controller
- Strip html chars from message returned via API

https://gitlab.com/gitlab-org/gitlab-ce/issues/24007

- This module is used for git-over-http, as well as JWT.

- The only valid scope here is `api`, currently.

- This module is used for git-over-http, as well as JWT.

- The only valid scope here is `api`, currently.

Refactored specs and added a post deployment migration to remove the activity users table.

Ensure external users are not able to clone disabled repositories.

EE MR for gitlab/gitlabhq!2017

See merge request !506
Signed-off-by: Rémy Coutable <remy@rymai.me>

Ensure external users are not able to clone disabled repositories.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788

See merge request !2017
Signed-off-by: Rémy Coutable <remy@rymai.me>

It uses a user activity table instead of a column in users.
Tested with mySQL and postgreSQL

This reverts commit 68ab7047.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Signed-off-by: Rémy Coutable <remy@rymai.me>

Enforce repository size limit across all projects and groups, includes LFS objects in that limit.

Limit can be set globally, and overridden per group, and/or project.

Backend functionality is there and comprehensive tests are included, but there is still some frontend work to be done and documentation to be added. I'm submitting early for review as we are close to the release.

@DouweM @dbalexandre I'd appreciate it if you both could start with the review while I finish the documentation and the missing frontend parts.

/cc @JobV @regisF 

Fixes #559

Replaces gitlab-org/gitlab-ce!6020

## Screenshots (see gitlab-org/gitlab-ce!6020 for more)

![Screen_Shot_2016-09-18_at_9.55.38_PM](/uploads/66eeaced1f27c7e2115feaa4775a6e99/Screen_Shot_2016-09-18_at_9.55.38_PM.png)

![Screen_Shot_2016-09-18_at_9.57.12_PM](/uploads/d811d6c184044df527bd2f81cff651ce/Screen_Shot_2016-09-18_at_9.57.12_PM.png)

![Screen_Shot_2016-09-18_at_9.58.03_PM](/uploads/a2c5b2695454dda639537304a1bcd99b/Screen_Shot_2016-09-18_at_9.58.03_PM.png)

![Screen_Shot_2016-09-19_at_1.44.19_PM](/uploads/4cc6cca7536787bde49c0b086086cbcb/Screen_Shot_2016-09-19_at_1.44.19_PM.png)

See merge request !740

Post-merge improve of CI permissions

Improves code from !6409

See merge request !6432

Limit can be set globally, and overridden per group, and/or project.

2FA checks for Git over HTTP

## What does this MR do?

This MR allows the use of `PersonalAccessTokens` to access Git over HTTP and makes that the only allowed method if the user has 2FA enabled. If a user with 2FA enabled tries to access Git over HTTP using his username and password the request will be denied and the user will be presented with the following message:

```
remote: HTTP Basic: Access denied
remote: You have 2FA enabled, please use a personal access token for Git over HTTP.
remote: You can generate one at http://localhost:3000/profile/personal_access_tokens
fatal: Authentication failed for 'http://localhost:3000/documentcloud/underscore.git/'
```

## What are the relevant issue numbers?

Fixes #13568 

See merge request !5764

Before this change we always let users push Git data over HTTP before
deciding whether to accept to push. This was different from pushing
over SSH where we terminate a 'git push' early if we already know the
user is not allowed to push.

This change let Git over HTTP follow the same behavior as Git over
SSH. We also distinguish between HTTP 404 and 403 responses when
denying Git requests, depending on whether the user is allowed to know
the project exists.