Add latest changes from gitlab-org/gitlab@master

2020-10-14 06:08:33 +00:00 · 2020-10-14 06:08:33 +00:00 · 4a159b9f98
parent 79c7e23671
commit 4a159b9f98
21 changed files with 115 additions and 69 deletions
--- a/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_trigger_author_token.vue
+++ b/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_trigger_author_token.vue
@ -3,7 +3,7 @@ import {
  GlFilteredSearchToken,
  GlAvatar,
  GlFilteredSearchSuggestion,
-  GlDeprecatedDropdownDivider,
+  GlDropdownDivider,
  GlLoadingIcon,
 } from '@gitlab/ui';
 import { debounce } from 'lodash';
@ -21,7 +21,7 @@ export default {
    GlFilteredSearchToken,
    GlAvatar,
    GlFilteredSearchSuggestion,
-    GlDeprecatedDropdownDivider,
+    GlDropdownDivider,
    GlLoadingIcon,
  },
  props: {
@ -94,7 +94,7 @@ export default {
      <gl-filtered-search-suggestion :value="$options.anyTriggerAuthor">{{
        $options.anyTriggerAuthor
      }}</gl-filtered-search-suggestion>
-      <gl-deprecated-dropdown-divider />
+      <gl-dropdown-divider />

      <gl-loading-icon v-if="loading" />
      <template v-else>
--- a/app/assets/stylesheets/framework/mixins.scss
+++ b/app/assets/stylesheets/framework/mixins.scss
@ -215,7 +215,7 @@
  }

  &.build-trace-rounded {
-    border-radius: $border-radius-base;
+    border-radius: $gl-border-radius-base;
  }
 }

--- a/app/assets/stylesheets/page_bundles/pipeline.scss
+++ b/app/assets/stylesheets/page_bundles/pipeline.scss
@ -476,3 +476,9 @@
    height: auto !important;
  }
 }
+
+.test-reports-table {
+  .build-trace {
+    @include build-trace();
+  }
+}
--- a/app/assets/stylesheets/pages/pipelines.scss
+++ b/app/assets/stylesheets/pages/pipelines.scss
@ -130,12 +130,6 @@
  float: none;
 }

-.test-reports-table {
-  .build-trace {
-    @include build-trace();
-  }
-}
-
 .progress-bar.bg-primary {
  background-color: $blue-500 !important;
 }
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@ -72,6 +72,7 @@ class Admin::UsersController < Admin::ApplicationController
  def deactivate
    return redirect_back_or_admin_user(notice: _("Error occurred. A blocked user cannot be deactivated")) if user.blocked?
    return redirect_back_or_admin_user(notice: _("Successfully deactivated")) if user.deactivated?
+    return redirect_back_or_admin_user(notice: _("Internal users cannot be deactivated")) if user.internal?
    return redirect_back_or_admin_user(notice: _("The user you are trying to deactivate has been active in the past %{minimum_inactive_days} days and cannot be deactivated") % { minimum_inactive_days: ::User::MINIMUM_INACTIVE_DAYS }) unless user.can_be_deactivated?

    user.deactivate
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1711,7 +1711,7 @@ class User < ApplicationRecord
  end

  def can_be_deactivated?
-    active? && no_recent_activity?
+    active? && no_recent_activity? && !internal?
  end

  def last_active_at
--- a/app/services/personal_access_tokens/revoke_service.rb
+++ b/app/services/personal_access_tokens/revoke_service.rb
@ -2,11 +2,12 @@

 module PersonalAccessTokens
  class RevokeService
-    attr_reader :token, :current_user
+    attr_reader :token, :current_user, :group

-    def initialize(current_user = nil, params = { token: nil })
+    def initialize(current_user = nil, params = { token: nil, group: nil })
      @current_user = current_user
      @token = params[:token]
+      @group = params[:group]
    end

    def execute
@ -34,3 +35,5 @@ module PersonalAccessTokens
    end
  end
 end
+
+PersonalAccessTokens::RevokeService.prepend_if_ee('EE::PersonalAccessTokens::RevokeService')
--- a/app/views/admin/users/show.html.haml
+++ b/app/views/admin/users/show.html.haml
@ -150,26 +150,27 @@

      = render 'admin/users/user_detail_note'

-      - if @user.deactivated?
-        .card.border-info
-          .card-header.bg-info.text-white
-            Reactivate this user
-          .card-body
-            = render partial: 'admin/users/user_activation_effects'
-            %br
-            = link_to 'Activate user', activate_admin_user_path(@user), method: :put, class: "btn gl-button btn-info", data: { confirm: 'Are you sure?' }
-      - elsif @user.can_be_deactivated?
-        .card.border-warning
-          .card-header.bg-warning.text-white
-            Deactivate this user
-          .card-body
-            = render partial: 'admin/users/user_deactivation_effects'
-            %br
-            %button.btn.gl-button.btn-warning{ data: { 'gl-modal-action': 'deactivate',
-              content: 'You can always re-activate their account, their data will remain intact.',
-              url: deactivate_admin_user_path(@user),
-              username: sanitize_name(@user.name) } }
-              = s_('AdminUsers|Deactivate user')
+      - unless @user.internal?
+        - if @user.deactivated?
+          .card.border-info
+            .card-header.bg-info.text-white
+              Reactivate this user
+            .card-body
+              = render partial: 'admin/users/user_activation_effects'
+              %br
+              = link_to 'Activate user', activate_admin_user_path(@user), method: :put, class: "btn gl-button btn-info", data: { confirm: 'Are you sure?' }
+        - elsif @user.can_be_deactivated?
+          .card.border-warning
+            .card-header.bg-warning.text-white
+              Deactivate this user
+            .card-body
+              = render partial: 'admin/users/user_deactivation_effects'
+              %br
+              %button.btn.gl-button.btn-warning{ data: { 'gl-modal-action': 'deactivate',
+                content: 'You can always re-activate their account, their data will remain intact.',
+                url: deactivate_admin_user_path(@user),
+                username: sanitize_name(@user.name) } }
+                = s_('AdminUsers|Deactivate user')

      - if @user.blocked?
        .card.border-info
--- a/changelogs/unreleased/Replace-GlDeprecatedDropdown-with-GlDropdown-in-app-assets-javascripts-pi.yml
+++ b/changelogs/unreleased/Replace-GlDeprecatedDropdown-with-GlDropdown-in-app-assets-javascripts-pi.yml
@ -0,0 +1,5 @@
+---
+title: Replace-GlDeprecatedDropdown-with-GlDropdown-in-app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_trigger_author_token.vue
+merge_request: 41424
+author: nuwe1
+type: other
--- a/changelogs/unreleased/sk-250679-fix-deactivate-user-api.yml
+++ b/changelogs/unreleased/sk-250679-fix-deactivate-user-api.yml
@ -0,0 +1,5 @@
+---
+title: Fix incorrect HTTP response in deactivate user API for internal user
+merge_request: 43356
+author: Sashi Kumar
+type: fixed
--- a/doc/api/users.md
+++ b/doc/api/users.md
@ -1250,6 +1250,7 @@ Returns:
 - `403 Forbidden` when trying to deactivate a user:
  - Blocked by admin or by LDAP synchronization.
  - That has any activity in past 180 days. These users cannot be deactivated.
+  - That is internal.

 ## Activate user

--- a/doc/development/product_analytics/snowplow.md
+++ b/doc/development/product_analytics/snowplow.md
@ -372,10 +372,10 @@ Snowplow Micro is a Docker-based solution for testing frontend and backend event
   docker run --mount type=bind,source=$(pwd)/example,destination=/config -p 9090:9090 snowplow/snowplow-micro:latest --collector-config /config/micro.conf --iglu /config/iglu.json
   ```

-1. Install snowplow micro by cloning the settings in [this project](https://gitlab.com/a_akgun/snowplow-micro):
+1. Install Snowplow Micro by cloning the settings in [this project](https://gitlab.com/gitlab-org/snowplow-micro-configuration):

   ```shell
-   git clone git@gitlab.com:a_akgun/snowplow-micro.git
+   git clone git@gitlab.com:gitlab-org/snowplow-micro-configuration.git
   ./snowplow-micro.sh
   ```

--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@ -547,10 +547,15 @@ module API

        unless user.can_be_deactivated?
          forbidden!('A blocked user cannot be deactivated by the API') if user.blocked?
+          forbidden!('An internal user cannot be deactivated by the API') if user.internal?
          forbidden!("The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated")
        end

-        user.deactivate
+        if user.deactivate
+          true
+        else
+          render_api_error!(user.errors.full_messages, 400)
+        end
      end
      # rubocop: enable CodeReuse/ActiveRecord

--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@ -12,6 +12,19 @@
 #   redis_usage_data { ::Gitlab::UsageCounters::PodLogs.usage_totals[:total] }
 module Gitlab
  class UsageData
+    CE_MEMOIZED_VALUES = %i(
+        issue_minimum_id
+        issue_maximum_id
+        project_minimum_id
+        project_maximum_id
+        user_minimum_id
+        user_maximum_id
+        unique_visit_service
+        deployment_minimum_id
+        deployment_maximum_id
+        auth_providers
+      ).freeze
+
    class << self
      include Gitlab::Utils::UsageData
      include Gitlab::Utils::StrongMemoize
@ -810,16 +823,7 @@ module Gitlab
      end

      def clear_memoized
-        clear_memoization(:issue_minimum_id)
-        clear_memoization(:issue_maximum_id)
-        clear_memoization(:user_minimum_id)
-        clear_memoization(:user_maximum_id)
-        clear_memoization(:unique_visit_service)
-        clear_memoization(:deployment_minimum_id)
-        clear_memoization(:deployment_maximum_id)
-        clear_memoization(:project_minimum_id)
-        clear_memoization(:project_maximum_id)
-        clear_memoization(:auth_providers)
+        CE_MEMOIZED_VALUES.each { |v| clear_memoization(v) } # rubocop:disable UsageData/LargeTable
      end

      # rubocop: disable CodeReuse/ActiveRecord
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@ -14096,6 +14096,9 @@ msgstr ""
 msgid "Internal users"
 msgstr ""

+msgid "Internal users cannot be deactivated"
+msgstr ""
+
 msgid "Interval Pattern"
 msgstr ""

--- a/scripts/lint-doc.sh
+++ b/scripts/lint-doc.sh
@ -77,7 +77,7 @@ function run_locally_or_in_docker() {
    $cmd $args
  elif hash docker 2>/dev/null
  then
-    docker run -t -v ${PWD}:/gitlab -w /gitlab --rm registry.gitlab.com/gitlab-org/gitlab-docs:lint ${cmd} ${args}
+    docker run -t -v ${PWD}:/gitlab -w /gitlab --rm registry.gitlab.com/gitlab-org/gitlab-docs/lint:latest ${cmd} ${args}
  else
    echo
    echo "  ✖ ERROR: '${cmd}' not found. Install '${cmd}' or Docker to proceed." >&2
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@ -190,6 +190,17 @@ RSpec.describe Admin::UsersController do
        expect(flash[:notice]).to eq('Error occurred. A blocked user cannot be deactivated')
      end
    end
+
+    context 'for an internal user' do
+      it 'does not deactivate the user' do
+        internal_user = User.alert_bot
+
+        put :deactivate, params: { id: internal_user.username }
+
+        expect(internal_user.reload.deactivated?).to be_falsey
+        expect(flash[:notice]).to eq('Internal users cannot be deactivated')
+      end
+    end
  end

  describe 'PUT block/:id' do
--- a/spec/lib/gitlab/usage_data_spec.rb
+++ b/spec/lib/gitlab/usage_data_spec.rb
@ -8,6 +8,7 @@ RSpec.describe Gitlab::UsageData, :aggregate_failures do
  before do
    stub_usage_data_connections
    stub_object_store_settings
+    clear_memoized_values(described_class::CE_MEMOIZED_VALUES)
  end

  describe '.uncached_data' do
@ -24,25 +25,13 @@ RSpec.describe Gitlab::UsageData, :aggregate_failures do
      end

      it 'clears memoized values' do
-        values = %i(issue_minimum_id issue_maximum_id
-                    project_minimum_id project_maximum_id
-                    user_minimum_id user_maximum_id unique_visit_service
-                    deployment_minimum_id deployment_maximum_id
-                    auth_providers)
-
-        if Gitlab.ee?
-          values << %i(approval_merge_request_rule_minimum_id
-                       approval_merge_request_rule_maximum_id
-                       merge_request_minimum_id
-                       merge_request_maximum_id)
-          values.flatten!
-        end
-
-        values.each do |key|
-          expect(described_class).to receive(:clear_memoization).with(key)
-        end
+        allow(described_class).to receive(:clear_memoization)

        subject
+
+        described_class::CE_MEMOIZED_VALUES.each do |key|
+          expect(described_class).to have_received(:clear_memoization).with(key)
+        end
      end

      it 'merge_requests_users is included only in montly counters' do
@ -175,8 +164,6 @@ RSpec.describe Gitlab::UsageData, :aggregate_failures do

  describe 'usage_activity_by_stage_manage' do
    it 'includes accurate usage_activity_by_stage data' do
-      described_class.clear_memoization(:auth_providers)
-
      stub_config(
        omniauth:
          { providers: omniauth_providers }
@ -1142,8 +1129,6 @@ RSpec.describe Gitlab::UsageData, :aggregate_failures do
    subject { described_class.compliance_unique_visits_data }

    before do
-      described_class.clear_memoization(:unique_visit_service)
-
      allow_next_instance_of(::Gitlab::Analytics::UniqueVisits) do |instance|
        ::Gitlab::Analytics::UniqueVisits.compliance_events.each do |target|
          allow(instance).to receive(:unique_visits_for).with(targets: target).and_return(123)
@ -1174,7 +1159,6 @@ RSpec.describe Gitlab::UsageData, :aggregate_failures do
    subject { described_class.search_unique_visits_data }

    before do
-      described_class.clear_memoization(:unique_visit_service)
      events = ::Gitlab::UsageDataCounters::HLLRedisCounter.events_for_category('search')
      events.each do |event|
        allow(::Gitlab::UsageDataCounters::HLLRedisCounter).to receive(:unique_events).with(event_names: event, start_date: 7.days.ago.to_date, end_date: Date.current).and_return(123)
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@ -2781,6 +2781,14 @@ RSpec.describe User do

      it_behaves_like 'eligible for deactivation'
    end
+
+    context 'a user who is internal' do
+      it 'returns false' do
+        internal_user = create(:user, :bot)
+
+        expect(internal_user.can_be_deactivated?).to be_falsey
+      end
+    end
  end

  describe "#contributed_projects" do
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@ -2482,6 +2482,17 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
          end
        end

+        context 'for an internal user' do
+          it 'returns 403' do
+            internal_user = User.alert_bot
+
+            post api("/users/#{internal_user.id}/deactivate", admin)
+
+            expect(response).to have_gitlab_http_status(:forbidden)
+            expect(json_response['message']).to eq('403 Forbidden  - An internal user cannot be deactivated by the API')
+          end
+        end
+
        context 'for a user that does not exist' do
          before do
            post api("/users/0/deactivate", admin)
--- a/spec/support/helpers/usage_data_helpers.rb
+++ b/spec/support/helpers/usage_data_helpers.rb
@ -173,6 +173,10 @@ module UsageDataHelpers
    allow(Gitlab::Prometheus::Internal).to receive(:prometheus_enabled?).and_return(false)
  end

+  def clear_memoized_values(values)
+    values.each { |v| described_class.clear_memoization(v) }
+  end
+
  def stub_object_store_settings
    allow(Settings).to receive(:[]).with('artifacts')
      .and_return(