Merge branch 'master' into issue-discussions-refactor
|
@ -1,10 +1,10 @@
|
|||
<script>
|
||||
import identicon from '../../vue_shared/components/identicon.vue';
|
||||
import eventHub from '../event_hub';
|
||||
import groupIdenticon from './group_identicon.vue';
|
||||
|
||||
export default {
|
||||
components: {
|
||||
groupIdenticon,
|
||||
identicon,
|
||||
},
|
||||
props: {
|
||||
group: {
|
||||
|
@ -205,7 +205,7 @@ export default {
|
|||
class="avatar s40"
|
||||
:src="group.avatarUrl"
|
||||
/>
|
||||
<group-identicon
|
||||
<identicon
|
||||
v-else
|
||||
:entity-id=group.id
|
||||
:entity-name="group.name"
|
||||
|
|
|
@ -15,6 +15,7 @@ export default class NewNavSidebar {
|
|||
this.$openSidebar = $('.toggle-mobile-nav');
|
||||
this.$closeSidebar = $('.close-nav-button');
|
||||
this.$sidebarToggle = $('.js-toggle-sidebar');
|
||||
this.$topLevelLinks = $('.sidebar-top-level-items > li > a');
|
||||
}
|
||||
|
||||
bindEvents() {
|
||||
|
@ -50,6 +51,10 @@ export default class NewNavSidebar {
|
|||
this.$page.toggleClass('page-with-icon-sidebar', breakpoint === 'sm' ? true : collapsed);
|
||||
}
|
||||
NewNavSidebar.setCollapsedCookie(collapsed);
|
||||
|
||||
this.$topLevelLinks.attr('title', function updateTopLevelTitle() {
|
||||
return collapsed ? this.getAttribute('aria-label') : '';
|
||||
});
|
||||
}
|
||||
|
||||
render() {
|
||||
|
|
|
@ -139,7 +139,9 @@
|
|||
};
|
||||
</script>
|
||||
<template>
|
||||
<div :class="cssClass">
|
||||
<div
|
||||
class="pipelines-container"
|
||||
:class="cssClass">
|
||||
<div
|
||||
class="top-area scrolling-tabs-container inner-page-scroll-tabs"
|
||||
v-if="!isLoading && !shouldRenderEmptyState">
|
||||
|
|
|
@ -775,6 +775,11 @@
|
|||
&::before {
|
||||
top: 16px;
|
||||
}
|
||||
|
||||
&.dropdown-menu-user-link::before {
|
||||
top: 50%;
|
||||
transform: translateY(-50%);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -490,3 +490,7 @@
|
|||
padding: 8px 16px;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.issues-details-filters {
|
||||
@include new-style-dropdown;
|
||||
}
|
||||
|
|
|
@ -268,6 +268,7 @@
|
|||
// TODO: change global style
|
||||
.ajax-project-dropdown,
|
||||
body[data-page="projects:blob:new"] #select2-drop,
|
||||
body[data-page="profiles:show"] #select2-drop,
|
||||
body[data-page="projects:blob:edit"] #select2-drop {
|
||||
&.select2-drop {
|
||||
color: $gl-text-color;
|
||||
|
|
|
@ -10,8 +10,7 @@
|
|||
color: $md-link-color;
|
||||
}
|
||||
|
||||
img {
|
||||
/*max-width: 100%;*/
|
||||
img:not(.emoji) {
|
||||
margin: 0 0 8px;
|
||||
}
|
||||
|
||||
|
@ -26,6 +25,7 @@
|
|||
min-width: inherit;
|
||||
min-height: inherit;
|
||||
background-color: inherit;
|
||||
max-width: 100%;
|
||||
}
|
||||
|
||||
p a:not(.no-attachment-icon) img {
|
||||
|
|
|
@ -204,6 +204,8 @@
|
|||
.gitlab-ci-yml-selector,
|
||||
.dockerfile-selector,
|
||||
.template-type-selector {
|
||||
@include new-style-dropdown;
|
||||
|
||||
display: inline-block;
|
||||
vertical-align: top;
|
||||
font-family: $regular_font;
|
||||
|
|
|
@ -14,3 +14,7 @@
|
|||
font-size: 18px;
|
||||
}
|
||||
}
|
||||
|
||||
.notification-form {
|
||||
@include new-style-dropdown;
|
||||
}
|
||||
|
|
|
@ -927,3 +927,7 @@ button.mini-pipeline-graph-dropdown-toggle {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
.pipelines-container .top-area .nav-controls > .btn:last-child {
|
||||
float: none;
|
||||
}
|
||||
|
|
|
@ -55,7 +55,7 @@ class AutocompleteController < ApplicationController
|
|||
.limit(AWARD_EMOJI_MAX)
|
||||
.where(user: current_user)
|
||||
.group(:name)
|
||||
.order(count: :desc, name: :asc)
|
||||
.order('count_all DESC, name ASC')
|
||||
.count
|
||||
|
||||
# Transform from hash to array to guarantee json order
|
||||
|
|
|
@ -119,4 +119,8 @@ module TabHelper
|
|||
|
||||
'active' if current_controller?('oauth/applications')
|
||||
end
|
||||
|
||||
def sidebar_link(href, title: nil, css: nil, &block)
|
||||
link_to capture(&block), href, title: (title if collapsed_sidebar?), class: css, aria: { label: title }
|
||||
end
|
||||
end
|
||||
|
|
|
@ -114,7 +114,7 @@ class Environment < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def ref_path
|
||||
"refs/environments/#{Shellwords.shellescape(name)}"
|
||||
"refs/#{Repository::REF_ENVIRONMENTS}/#{Shellwords.shellescape(name)}"
|
||||
end
|
||||
|
||||
def formatted_external_url
|
||||
|
|
|
@ -803,7 +803,7 @@ class MergeRequest < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def ref_path
|
||||
"refs/merge-requests/#{iid}/head"
|
||||
"refs/#{Repository::REF_MERGE_REQUEST}/#{iid}/head"
|
||||
end
|
||||
|
||||
def ref_fetched?
|
||||
|
|
|
@ -372,11 +372,7 @@ class Project < ActiveRecord::Base
|
|||
|
||||
if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
|
||||
project.run_after_commit do
|
||||
begin
|
||||
Projects::HousekeepingService.new(project).execute
|
||||
rescue Projects::HousekeepingService::LeaseTaken => e
|
||||
Rails.logger.info("Could not perform housekeeping for project #{project.full_path} (#{project.id}): #{e}")
|
||||
end
|
||||
Projects::AfterImportService.new(project).execute
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,6 +1,18 @@
|
|||
require 'securerandom'
|
||||
|
||||
class Repository
|
||||
REF_MERGE_REQUEST = 'merge-requests'.freeze
|
||||
REF_KEEP_AROUND = 'keep-around'.freeze
|
||||
REF_ENVIRONMENTS = 'environments'.freeze
|
||||
|
||||
RESERVED_REFS_NAMES = %W[
|
||||
heads
|
||||
tags
|
||||
#{REF_ENVIRONMENTS}
|
||||
#{REF_KEEP_AROUND}
|
||||
#{REF_ENVIRONMENTS}
|
||||
].freeze
|
||||
|
||||
include Gitlab::ShellAdapter
|
||||
include RepositoryMirroring
|
||||
|
||||
|
@ -60,6 +72,10 @@ class Repository
|
|||
@project = project
|
||||
end
|
||||
|
||||
def ==(other)
|
||||
@disk_path == other.disk_path
|
||||
end
|
||||
|
||||
def raw_repository
|
||||
return nil unless full_path
|
||||
|
||||
|
@ -75,6 +91,10 @@ class Repository
|
|||
)
|
||||
end
|
||||
|
||||
def inspect
|
||||
"#<#{self.class.name}:#{@disk_path}>"
|
||||
end
|
||||
|
||||
#
|
||||
# Git repository can contains some hidden refs like:
|
||||
# /refs/notes/*
|
||||
|
@ -234,10 +254,10 @@ class Repository
|
|||
begin
|
||||
write_ref(keep_around_ref_name(sha), sha)
|
||||
rescue Rugged::ReferenceError => ex
|
||||
Rails.logger.error "Unable to create keep-around reference for repository #{path}: #{ex}"
|
||||
Rails.logger.error "Unable to create #{REF_KEEP_AROUND} reference for repository #{path}: #{ex}"
|
||||
rescue Rugged::OSError => ex
|
||||
raise unless ex.message =~ /Failed to create locked file/ && ex.message =~ /File exists/
|
||||
Rails.logger.error "Unable to create keep-around reference for repository #{path}: #{ex}"
|
||||
Rails.logger.error "Unable to create #{REF_KEEP_AROUND} reference for repository #{path}: #{ex}"
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -992,25 +1012,22 @@ class Repository
|
|||
end
|
||||
|
||||
def with_repo_branch_commit(start_repository, start_branch_name)
|
||||
return yield(nil) if start_repository.empty_repo?
|
||||
return yield nil if start_repository.empty_repo?
|
||||
|
||||
branch_name_or_sha =
|
||||
if start_repository == self
|
||||
start_branch_name
|
||||
yield commit(start_branch_name)
|
||||
else
|
||||
tmp_ref = fetch_ref(
|
||||
start_repository.path_to_repo,
|
||||
"#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
|
||||
"refs/tmp/#{SecureRandom.hex}/head"
|
||||
)
|
||||
sha = start_repository.commit(start_branch_name).sha
|
||||
|
||||
start_repository.commit(start_branch_name).sha
|
||||
if branch_commit = commit(sha)
|
||||
yield branch_commit
|
||||
else
|
||||
with_repo_tmp_commit(
|
||||
start_repository, start_branch_name, sha) do |tmp_commit|
|
||||
yield tmp_commit
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
yield(commit(branch_name_or_sha))
|
||||
|
||||
ensure
|
||||
rugged.references.delete(tmp_ref) if tmp_ref
|
||||
end
|
||||
|
||||
def add_remote(name, url)
|
||||
|
@ -1159,7 +1176,7 @@ class Repository
|
|||
end
|
||||
|
||||
def keep_around_ref_name(sha)
|
||||
"refs/keep-around/#{sha}"
|
||||
"refs/#{REF_KEEP_AROUND}/#{sha}"
|
||||
end
|
||||
|
||||
def repository_event(event, tags = {})
|
||||
|
@ -1219,4 +1236,16 @@ class Repository
|
|||
.commits_by_message(query, revision: ref, path: path, limit: limit, offset: offset)
|
||||
.map { |c| commit(c) }
|
||||
end
|
||||
|
||||
def with_repo_tmp_commit(start_repository, start_branch_name, sha)
|
||||
tmp_ref = fetch_ref(
|
||||
start_repository.path_to_repo,
|
||||
"#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
|
||||
"refs/tmp/#{SecureRandom.hex}/head"
|
||||
)
|
||||
|
||||
yield commit(sha)
|
||||
ensure
|
||||
delete_refs(tmp_ref) if tmp_ref
|
||||
end
|
||||
end
|
||||
|
|
|
@ -5,6 +5,7 @@ class User < ActiveRecord::Base
|
|||
|
||||
include Gitlab::ConfigHelper
|
||||
include Gitlab::CurrentSettings
|
||||
include Gitlab::SQL::Pattern
|
||||
include Avatarable
|
||||
include Referable
|
||||
include Sortable
|
||||
|
@ -303,7 +304,7 @@ class User < ActiveRecord::Base
|
|||
# Returns an ActiveRecord::Relation.
|
||||
def search(query)
|
||||
table = arel_table
|
||||
pattern = "%#{query}%"
|
||||
pattern = User.to_pattern(query)
|
||||
|
||||
order = <<~SQL
|
||||
CASE
|
||||
|
|
29
app/services/projects/after_import_service.rb
Normal file
|
@ -0,0 +1,29 @@
|
|||
module Projects
|
||||
class AfterImportService
|
||||
RESERVED_REFS_REGEXP =
|
||||
%r{\Arefs/(?:#{Regexp.union(*Repository::RESERVED_REFS_NAMES)})/}
|
||||
|
||||
def initialize(project)
|
||||
@project = project
|
||||
end
|
||||
|
||||
def execute
|
||||
Projects::HousekeepingService.new(@project).execute do
|
||||
repository.delete_refs(*garbage_refs)
|
||||
end
|
||||
rescue Projects::HousekeepingService::LeaseTaken => e
|
||||
Rails.logger.info(
|
||||
"Could not perform housekeeping for project #{@project.full_path} (#{@project.id}): #{e}")
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def garbage_refs
|
||||
@garbage_refs ||= repository.all_ref_names_except(RESERVED_REFS_REGEXP)
|
||||
end
|
||||
|
||||
def repository
|
||||
@repository ||= @project.repository
|
||||
end
|
||||
end
|
||||
end
|
|
@ -44,6 +44,8 @@ module Projects
|
|||
@project.namespace_id = current_user.namespace_id
|
||||
end
|
||||
|
||||
yield(@project) if block_given?
|
||||
|
||||
@project.creator = current_user
|
||||
|
||||
if forked_from_project_id
|
||||
|
|
|
@ -26,6 +26,8 @@ module Projects
|
|||
lease_uuid = try_obtain_lease
|
||||
raise LeaseTaken unless lease_uuid.present?
|
||||
|
||||
yield if block_given?
|
||||
|
||||
execute_gitlab_shell_gc(lease_uuid)
|
||||
end
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
.sidebar-context-title Admin Area
|
||||
%ul.sidebar-top-level-items
|
||||
= nav_link(controller: %w(dashboard admin projects users groups jobs runners cohorts), html_options: {class: 'home'}) do
|
||||
= link_to admin_root_path, title: 'Overview', class: 'shortcuts-tree' do
|
||||
= sidebar_link admin_root_path, title: _('Overview'), css: 'shortcuts-tree' do
|
||||
.nav-icon-container
|
||||
= custom_icon('overview')
|
||||
%span.nav-item-name
|
||||
|
@ -48,7 +48,7 @@
|
|||
ConvDev Index
|
||||
|
||||
= nav_link(controller: %w(conversational_development_index system_info background_jobs logs health_check requests_profiles)) do
|
||||
= link_to admin_conversational_development_index_path, title: 'Monitoring' do
|
||||
= sidebar_link admin_conversational_development_index_path, title: _('Monitoring') do
|
||||
.nav-icon-container
|
||||
= custom_icon('monitoring')
|
||||
%span.nav-item-name
|
||||
|
@ -77,28 +77,28 @@
|
|||
Requests Profiles
|
||||
|
||||
= nav_link(controller: :broadcast_messages) do
|
||||
= link_to admin_broadcast_messages_path, title: 'Messages' do
|
||||
= sidebar_link admin_broadcast_messages_path, title: _('Messages') do
|
||||
.nav-icon-container
|
||||
= custom_icon('messages')
|
||||
%span.nav-item-name
|
||||
Messages
|
||||
|
||||
= nav_link(controller: [:hooks, :hook_logs]) do
|
||||
= link_to admin_hooks_path, title: 'Hooks' do
|
||||
= sidebar_link admin_hooks_path, title: _('Hooks') do
|
||||
.nav-icon-container
|
||||
= custom_icon('system_hooks')
|
||||
%span.nav-item-name
|
||||
System Hooks
|
||||
|
||||
= nav_link(controller: :applications) do
|
||||
= link_to admin_applications_path, title: 'Applications' do
|
||||
= sidebar_link admin_applications_path, title: _('Applications') do
|
||||
.nav-icon-container
|
||||
= custom_icon('applications')
|
||||
%span.nav-item-name
|
||||
Applications
|
||||
|
||||
= nav_link(controller: :abuse_reports) do
|
||||
= link_to admin_abuse_reports_path, title: "Abuse Reports" do
|
||||
= sidebar_link admin_abuse_reports_path, title: _("Abuse Reports") do
|
||||
.nav-icon-container
|
||||
= custom_icon('abuse_reports')
|
||||
%span.nav-item-name
|
||||
|
@ -107,42 +107,42 @@
|
|||
|
||||
- if akismet_enabled?
|
||||
= nav_link(controller: :spam_logs) do
|
||||
= link_to admin_spam_logs_path, title: "Spam Logs" do
|
||||
= sidebar_link admin_spam_logs_path, title: _("Spam Logs") do
|
||||
.nav-icon-container
|
||||
= custom_icon('spam_logs')
|
||||
%span.nav-item-name
|
||||
Spam Logs
|
||||
|
||||
= nav_link(controller: :deploy_keys) do
|
||||
= link_to admin_deploy_keys_path, title: 'Deploy Keys' do
|
||||
= sidebar_link admin_deploy_keys_path, title: _('Deploy Keys') do
|
||||
.nav-icon-container
|
||||
= custom_icon('key')
|
||||
%span.nav-item-name
|
||||
Deploy Keys
|
||||
|
||||
= nav_link(controller: :services) do
|
||||
= link_to admin_application_settings_services_path, title: 'Service Templates' do
|
||||
= sidebar_link admin_application_settings_services_path, title: _('Service Templates') do
|
||||
.nav-icon-container
|
||||
= custom_icon('service_templates')
|
||||
%span.nav-item-name
|
||||
Service Templates
|
||||
|
||||
= nav_link(controller: :labels) do
|
||||
= link_to admin_labels_path, title: 'Labels' do
|
||||
= sidebar_link admin_labels_path, title: _('Labels') do
|
||||
.nav-icon-container
|
||||
= custom_icon('labels')
|
||||
%span.nav-item-name
|
||||
Labels
|
||||
|
||||
= nav_link(controller: :appearances) do
|
||||
= link_to admin_appearances_path, title: 'Appearances' do
|
||||
= sidebar_link admin_appearances_path, title: _('Appearances') do
|
||||
.nav-icon-container
|
||||
= custom_icon('appearance')
|
||||
%span.nav-item-name
|
||||
Appearance
|
||||
|
||||
= nav_link(controller: :application_settings) do
|
||||
= link_to admin_application_settings_path, title: 'Settings' do
|
||||
= sidebar_link admin_application_settings_path, title: _('Settings') do
|
||||
.nav-icon-container
|
||||
= custom_icon('settings')
|
||||
%span.nav-item-name
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
= @group.name
|
||||
%ul.sidebar-top-level-items
|
||||
= nav_link(path: ['groups#show', 'groups#activity', 'groups#subgroups'], html_options: { class: 'home' }) do
|
||||
= link_to group_path(@group), title: 'Group overview' do
|
||||
= sidebar_link group_path(@group), title: _('Group overview') do
|
||||
.nav-icon-container
|
||||
= custom_icon('project')
|
||||
%span.nav-item-name
|
||||
|
@ -26,7 +26,7 @@
|
|||
Activity
|
||||
|
||||
= nav_link(path: ['groups#issues', 'labels#index', 'milestones#index']) do
|
||||
= link_to issues_group_path(@group), title: 'Issues' do
|
||||
= sidebar_link issues_group_path(@group), title: _('Issues') do
|
||||
.nav-icon-container
|
||||
= custom_icon('issues')
|
||||
%span.nav-item-name
|
||||
|
@ -51,7 +51,7 @@
|
|||
Milestones
|
||||
|
||||
= nav_link(path: 'groups#merge_requests') do
|
||||
= link_to merge_requests_group_path(@group), title: 'Merge Requests' do
|
||||
= sidebar_link merge_requests_group_path(@group), title: _('Merge Requests') do
|
||||
.nav-icon-container
|
||||
= custom_icon('mr_bold')
|
||||
%span.nav-item-name
|
||||
|
@ -59,14 +59,14 @@
|
|||
Merge Requests
|
||||
%span.badge.count= number_with_delimiter(merge_requests.count)
|
||||
= nav_link(path: 'group_members#index') do
|
||||
= link_to group_group_members_path(@group), title: 'Members' do
|
||||
= sidebar_link group_group_members_path(@group), title: _('Members') do
|
||||
.nav-icon-container
|
||||
= custom_icon('members')
|
||||
%span.nav-item-name
|
||||
Members
|
||||
- if current_user && can?(current_user, :admin_group, @group)
|
||||
= nav_link(path: %w[groups#projects groups#edit ci_cd#show]) do
|
||||
= link_to edit_group_path(@group), title: 'Settings' do
|
||||
= sidebar_link edit_group_path(@group), title: _('Settings') do
|
||||
.nav-icon-container
|
||||
= custom_icon('settings')
|
||||
%span.nav-item-name
|
||||
|
|
|
@ -7,76 +7,76 @@
|
|||
.sidebar-context-title User Settings
|
||||
%ul.sidebar-top-level-items
|
||||
= nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
|
||||
= link_to profile_path, title: 'Profile Settings' do
|
||||
= sidebar_link profile_path, title: _('Profile Settings') do
|
||||
.nav-icon-container
|
||||
= custom_icon('profile')
|
||||
%span.nav-item-name
|
||||
Profile
|
||||
= nav_link(controller: [:accounts, :two_factor_auths]) do
|
||||
= link_to profile_account_path, title: 'Account' do
|
||||
= sidebar_link profile_account_path, title: _('Account') do
|
||||
.nav-icon-container
|
||||
= custom_icon('account')
|
||||
%span.nav-item-name
|
||||
Account
|
||||
- if current_application_settings.user_oauth_applications?
|
||||
= nav_link(controller: 'oauth/applications') do
|
||||
= link_to applications_profile_path, title: 'Applications' do
|
||||
= sidebar_link applications_profile_path, title: _('Applications') do
|
||||
.nav-icon-container
|
||||
= custom_icon('applications')
|
||||
%span.nav-item-name
|
||||
Applications
|
||||
= nav_link(controller: :chat_names) do
|
||||
= link_to profile_chat_names_path, title: 'Chat' do
|
||||
= sidebar_link profile_chat_names_path, title: _('Chat') do
|
||||
.nav-icon-container
|
||||
= custom_icon('chat')
|
||||
%span.nav-item-name
|
||||
Chat
|
||||
= nav_link(controller: :personal_access_tokens) do
|
||||
= link_to profile_personal_access_tokens_path, title: 'Access Tokens' do
|
||||
= sidebar_link profile_personal_access_tokens_path, title: _('Access Tokens') do
|
||||
.nav-icon-container
|
||||
= custom_icon('access_tokens')
|
||||
%span.nav-item-name
|
||||
Access Tokens
|
||||
= nav_link(controller: :emails) do
|
||||
= link_to profile_emails_path, title: 'Emails' do
|
||||
= sidebar_link profile_emails_path, title: _('Emails') do
|
||||
.nav-icon-container
|
||||
= custom_icon('emails')
|
||||
%span.nav-item-name
|
||||
Emails
|
||||
- unless current_user.ldap_user?
|
||||
= nav_link(controller: :passwords) do
|
||||
= link_to edit_profile_password_path, title: 'Password' do
|
||||
= sidebar_link edit_profile_password_path, title: _('Password') do
|
||||
.nav-icon-container
|
||||
= custom_icon('lock')
|
||||
%span.nav-item-name
|
||||
Password
|
||||
= nav_link(controller: :notifications) do
|
||||
= link_to profile_notifications_path, title: 'Notifications' do
|
||||
= sidebar_link profile_notifications_path, title: _('Notifications') do
|
||||
.nav-icon-container
|
||||
= custom_icon('notifications')
|
||||
%span.nav-item-name
|
||||
Notifications
|
||||
|
||||
= nav_link(controller: :keys) do
|
||||
= link_to profile_keys_path, title: 'SSH Keys' do
|
||||
= sidebar_link profile_keys_path, title: _('SSH Keys') do
|
||||
.nav-icon-container
|
||||
= custom_icon('key')
|
||||
%span.nav-item-name
|
||||
SSH Keys
|
||||
= nav_link(controller: :gpg_keys) do
|
||||
= link_to profile_gpg_keys_path, title: 'GPG Keys' do
|
||||
= sidebar_link profile_gpg_keys_path, title: _('GPG Keys') do
|
||||
.nav-icon-container
|
||||
= custom_icon('key_2')
|
||||
%span.nav-item-name
|
||||
GPG Keys
|
||||
= nav_link(controller: :preferences) do
|
||||
= link_to profile_preferences_path, title: 'Preferences' do
|
||||
= sidebar_link profile_preferences_path, title: _('Preferences') do
|
||||
.nav-icon-container
|
||||
= custom_icon('preferences')
|
||||
%span.nav-item-name
|
||||
Preferences
|
||||
= nav_link(path: 'profiles#audit_log') do
|
||||
= link_to audit_log_profile_path, title: 'Authentication log' do
|
||||
= sidebar_link audit_log_profile_path, title: _('Authentication log') do
|
||||
.nav-icon-container
|
||||
= custom_icon('authentication_log')
|
||||
%span.nav-item-name
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
= @project.name
|
||||
%ul.sidebar-top-level-items
|
||||
= nav_link(path: ['projects#show', 'projects#activity', 'cycle_analytics#show'], html_options: { class: 'home' }) do
|
||||
= link_to project_path(@project), title: 'Project overview', class: 'shortcuts-project' do
|
||||
= sidebar_link project_path(@project), title: _('Project overview'), css: 'shortcuts-project' do
|
||||
.nav-icon-container
|
||||
= custom_icon('project')
|
||||
%span.nav-item-name
|
||||
|
@ -31,7 +31,7 @@
|
|||
|
||||
- if project_nav_tab? :files
|
||||
= nav_link(controller: %w(tree blob blame edit_tree new_tree find_file commit commits compare projects/repositories tags branches releases graphs network)) do
|
||||
= link_to project_tree_path(@project), title: 'Repository', class: 'shortcuts-tree' do
|
||||
= sidebar_link project_tree_path(@project), title: _('Repository'), css: 'shortcuts-tree' do
|
||||
.nav-icon-container
|
||||
= custom_icon('doc_text')
|
||||
%span.nav-item-name
|
||||
|
@ -72,7 +72,7 @@
|
|||
|
||||
- if project_nav_tab? :container_registry
|
||||
= nav_link(controller: %w[projects/registry/repositories]) do
|
||||
= link_to project_container_registry_index_path(@project), title: 'Container Registry', class: 'shortcuts-container-registry' do
|
||||
= sidebar_link project_container_registry_index_path(@project), title: _('Container Registry'), css: 'shortcuts-container-registry' do
|
||||
.nav-icon-container
|
||||
= custom_icon('container_registry')
|
||||
%span.nav-item-name
|
||||
|
@ -80,7 +80,7 @@
|
|||
|
||||
- if project_nav_tab? :issues
|
||||
= nav_link(controller: @project.issues_enabled? ? [:issues, :labels, :milestones, :boards] : :issues) do
|
||||
= link_to project_issues_path(@project), title: 'Issues', class: 'shortcuts-issues' do
|
||||
= sidebar_link project_issues_path(@project), title: _('Issues'), css: 'shortcuts-issues' do
|
||||
.nav-icon-container
|
||||
= custom_icon('issues')
|
||||
%span.nav-item-name
|
||||
|
@ -112,7 +112,7 @@
|
|||
|
||||
- if project_nav_tab? :merge_requests
|
||||
= nav_link(controller: @project.issues_enabled? ? :merge_requests : [:merge_requests, :labels, :milestones]) do
|
||||
= link_to project_merge_requests_path(@project), title: 'Merge Requests', class: 'shortcuts-merge_requests' do
|
||||
= sidebar_link project_merge_requests_path(@project), title: _('Merge Requests'), css: 'shortcuts-merge_requests' do
|
||||
.nav-icon-container
|
||||
= custom_icon('mr_bold')
|
||||
%span.nav-item-name
|
||||
|
@ -122,7 +122,7 @@
|
|||
|
||||
- if project_nav_tab? :pipelines
|
||||
= nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts]) do
|
||||
= link_to project_pipelines_path(@project), title: 'CI / CD', class: 'shortcuts-pipelines' do
|
||||
= sidebar_link project_pipelines_path(@project), title: _('CI / CD'), css: 'shortcuts-pipelines' do
|
||||
.nav-icon-container
|
||||
= custom_icon('pipeline')
|
||||
%span.nav-item-name
|
||||
|
@ -161,7 +161,7 @@
|
|||
|
||||
- if project_nav_tab? :wiki
|
||||
= nav_link(controller: :wikis) do
|
||||
= link_to get_project_wiki_path(@project), title: 'Wiki', class: 'shortcuts-wiki' do
|
||||
= sidebar_link get_project_wiki_path(@project), title: _('Wiki'), css: 'shortcuts-wiki' do
|
||||
.nav-icon-container
|
||||
= custom_icon('wiki')
|
||||
%span.nav-item-name
|
||||
|
@ -169,7 +169,7 @@
|
|||
|
||||
- if project_nav_tab? :snippets
|
||||
= nav_link(controller: :snippets) do
|
||||
= link_to project_snippets_path(@project), title: 'Snippets', class: 'shortcuts-snippets' do
|
||||
= sidebar_link project_snippets_path(@project), title: _('Snippets'), css: 'shortcuts-snippets' do
|
||||
.nav-icon-container
|
||||
= custom_icon('snippets')
|
||||
%span.nav-item-name
|
||||
|
@ -177,7 +177,7 @@
|
|||
|
||||
- if project_nav_tab? :settings
|
||||
= nav_link(path: %w[projects#edit project_members#index integrations#show services#edit repository#show ci_cd#show pages#show]) do
|
||||
= link_to edit_project_path(@project), title: 'Settings', class: 'shortcuts-tree' do
|
||||
= sidebar_link edit_project_path(@project), title: _('Settings'), css: 'shortcuts-tree' do
|
||||
.nav-icon-container
|
||||
= custom_icon('settings')
|
||||
%span.nav-item-name
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
Add a GPG key
|
||||
%p.profile-settings-content
|
||||
Before you can add a GPG key you need to
|
||||
= link_to 'generate it.', help_page_path('user/project/gpg_signed_commits/index.md')
|
||||
= link_to 'generate it.', help_page_path('user/project/repository/gpg_signed_commits/index.md')
|
||||
= render 'form'
|
||||
%hr
|
||||
%h5
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
%span.monospace= signature.gpg_key_primary_keyid
|
||||
|
||||
|
||||
= link_to('Learn more about signing commits', help_page_path('user/project/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
|
||||
= link_to('Learn more about signing commits', help_page_path('user/project/repository/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
|
||||
|
||||
%button{ class: css_classes, data: { toggle: 'popover', html: 'true', placement: 'auto top', title: title, content: content } }
|
||||
= label
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
title: Add time stats to Issue and Merge Request API
|
||||
merge_request: 13335
|
||||
author: @travismiller
|
5
changelogs/unreleased/34990-top-buttons-misaligned.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Fixes margins on the top buttons of the pipeline table
|
||||
merge_request:
|
||||
author:
|
||||
type: fixed
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Remove unwanted refs after importing a project
|
||||
merge_request: 13766
|
||||
author:
|
||||
type: other
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Better align fallback image emojis
|
||||
merge_request:
|
||||
author:
|
||||
type: fixed
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: 'API: Respect default group visibility when creating a group'
|
||||
merge_request: 13903
|
||||
author: Robert Schilling
|
||||
type: fixed
|
5
changelogs/unreleased/api-delete-respect-headers.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: 'API: Respect the "If-Unmodified-Since" header when delting a resource'
|
||||
merge_request: 9621
|
||||
author: Robert Schilling
|
||||
type: added
|
5
changelogs/unreleased/check-trigger-permissions.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Improve migrations using triggers
|
||||
merge_request:
|
||||
author:
|
||||
type: fixed
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Improve performance for AutocompleteController#users.json
|
||||
merge_request: 13754
|
||||
author: Hiroyuki Sato
|
||||
type: changed
|
6
changelogs/unreleased/perf-slow-issuable.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
title: Fix repository equality check and avoid fetching ref if the commit is already
|
||||
available. This affects merge request creation performance
|
||||
merge_request: 13685
|
||||
author:
|
||||
type: other
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Replace 'project/user_lookup.feature' spinach test with an rspec analog
|
||||
merge_request: 13863
|
||||
author: Vitaliy @blackst0ne Klachkov
|
||||
type: other
|
|
@ -77,6 +77,8 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
|
|||
- [Create a branch](user/project/repository/web_editor.md#create-a-new-branch)
|
||||
- [Protected branches](user/project/protected_branches.md#protected-branches)
|
||||
- [Delete merged branches](user/project/repository/branches/index.md#delete-merged-branches)
|
||||
- Commits
|
||||
- [Signing commits](user/project/repository/gpg_signed_commits/index.md): use GPG to sign your commits.
|
||||
|
||||
### Issues and Merge Requests (MRs)
|
||||
|
||||
|
@ -98,7 +100,6 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
|
|||
- [Git](topics/git/index.md): Getting started with Git, branching strategies, Git LFS, advanced use.
|
||||
- [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf): Download a PDF describing the most used Git operations.
|
||||
- [GitLab Flow](workflow/gitlab_flow.md): explore the best of Git with the GitLab Flow strategy.
|
||||
- [Signing commits](user/project/gpg_signed_commits/index.md): use GPG to sign your commits.
|
||||
|
||||
### Migrate and import your projects from other platforms
|
||||
|
||||
|
|
|
@ -263,6 +263,7 @@ The following table shows the possible return codes for API requests.
|
|||
| `404 Not Found` | A resource could not be accessed, e.g., an ID for a resource could not be found. |
|
||||
| `405 Method Not Allowed` | The request is not supported. |
|
||||
| `409 Conflict` | A conflicting resource already exists, e.g., creating a project with a name that already exists. |
|
||||
| `412` | Indicates the request was denied. May happen if the `If-Unmodified-Since` header is provided when trying to delete a resource, which was modified in between. |
|
||||
| `422 Unprocessable` | The entity could not be processed. |
|
||||
| `500 Server Error` | While handling the request something went wrong server-side. |
|
||||
|
||||
|
|
|
@ -101,6 +101,12 @@ Example response:
|
|||
"user_notes_count": 1,
|
||||
"due_date": "2016-07-22",
|
||||
"web_url": "http://example.com/example/example/issues/6",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false
|
||||
}
|
||||
]
|
||||
|
@ -198,6 +204,12 @@ Example response:
|
|||
"user_notes_count": 1,
|
||||
"due_date": null,
|
||||
"web_url": "http://example.com/example/example/issues/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false
|
||||
}
|
||||
]
|
||||
|
@ -296,6 +308,12 @@ Example response:
|
|||
"user_notes_count": 1,
|
||||
"due_date": "2016-07-22",
|
||||
"web_url": "http://example.com/example/example/issues/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false
|
||||
}
|
||||
]
|
||||
|
@ -372,6 +390,12 @@ Example response:
|
|||
"user_notes_count": 1,
|
||||
"due_date": null,
|
||||
"web_url": "http://example.com/example/example/issues/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false,
|
||||
"_links": {
|
||||
"self": "http://example.com/api/v4/projects/1/issues/2",
|
||||
|
@ -440,6 +464,12 @@ Example response:
|
|||
"user_notes_count": 0,
|
||||
"due_date": null,
|
||||
"web_url": "http://example.com/example/example/issues/14",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false,
|
||||
"_links": {
|
||||
"self": "http://example.com/api/v4/projects/1/issues/2",
|
||||
|
@ -509,6 +539,12 @@ Example response:
|
|||
"user_notes_count": 0,
|
||||
"due_date": "2016-07-22",
|
||||
"web_url": "http://example.com/example/example/issues/15",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false,
|
||||
"_links": {
|
||||
"self": "http://example.com/api/v4/projects/1/issues/2",
|
||||
|
@ -601,6 +637,12 @@ Example response:
|
|||
},
|
||||
"due_date": null,
|
||||
"web_url": "http://example.com/example/example/issues/11",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false,
|
||||
"_links": {
|
||||
"self": "http://example.com/api/v4/projects/1/issues/2",
|
||||
|
@ -672,6 +714,12 @@ Example response:
|
|||
},
|
||||
"due_date": null,
|
||||
"web_url": "http://example.com/example/example/issues/11",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
},
|
||||
"confidential": false,
|
||||
"_links": {
|
||||
"self": "http://example.com/api/v4/projects/1/issues/2",
|
||||
|
@ -1001,7 +1049,13 @@ Example response:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": null,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/merge_requests/6432"
|
||||
"web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/merge_requests/6432",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
]
|
||||
```
|
||||
|
|
|
@ -92,7 +92,13 @@ Parameters:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
]
|
||||
```
|
||||
|
@ -181,7 +187,13 @@ Parameters:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
]
|
||||
```
|
||||
|
@ -250,7 +262,13 @@ Parameters:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -356,6 +374,12 @@ Parameters:
|
|||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
"changes": [
|
||||
{
|
||||
"old_path": "VERSION",
|
||||
|
@ -442,7 +466,13 @@ POST /projects/:id/merge_requests
|
|||
"user_notes_count": 0,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -519,7 +549,13 @@ Must include at least one non-required attribute from above.
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -617,7 +653,13 @@ Parameters:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -687,7 +729,13 @@ Parameters:
|
|||
"user_notes_count": 1,
|
||||
"should_remove_source_branch": true,
|
||||
"force_remove_source_branch": false,
|
||||
"web_url": "http://example.com/example/example/merge_requests/1"
|
||||
"web_url": "http://example.com/example/example/merge_requests/1",
|
||||
"time_stats": {
|
||||
"time_estimate": 0,
|
||||
"total_time_spent": 0,
|
||||
"human_time_estimate": null,
|
||||
"human_total_time_spent": null
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
@ -144,9 +144,8 @@ gitlab_rails['backup_upload_connection'] = {
|
|||
'region' => 'eu-west-1',
|
||||
'aws_access_key_id' => 'AKIAKIAKI',
|
||||
'aws_secret_access_key' => 'secret123'
|
||||
# If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty
|
||||
# ie. 'aws_access_key_id' => '',
|
||||
# 'use_iam_profile' => 'true'
|
||||
# If using an IAM Profile, don't configure aws_access_key_id & aws_secret_access_key
|
||||
# 'use_iam_profile' => true
|
||||
}
|
||||
gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
|
||||
```
|
||||
|
|
|
@ -1,245 +1 @@
|
|||
# Signing commits with GPG
|
||||
|
||||
> [Introduced][ce-9546] in GitLab 9.5.
|
||||
|
||||
GitLab can show whether a commit is verified or not when signed with a GPG key.
|
||||
All you need to do is upload the public GPG key in your profile settings.
|
||||
|
||||
GPG verified tags are not supported yet.
|
||||
|
||||
## Getting started with GPG
|
||||
|
||||
Here are a few guides to get you started with GPG:
|
||||
|
||||
- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
|
||||
- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
|
||||
- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
|
||||
- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
|
||||
|
||||
## How GitLab handles GPG
|
||||
|
||||
GitLab uses its own keyring to verify the GPG signature. It does not access any
|
||||
public key server.
|
||||
|
||||
In order to have a commit verified on GitLab the corresponding public key needs
|
||||
to be uploaded to GitLab. For a signature to be verified two prerequisites need
|
||||
to be met:
|
||||
|
||||
1. The public key needs to be added your GitLab account
|
||||
1. One of the emails in the GPG key matches your **primary** email
|
||||
|
||||
## Generating a GPG key
|
||||
|
||||
If you don't already have a GPG key, the following steps will help you get
|
||||
started:
|
||||
|
||||
1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
|
||||
1. Generate the private/public key pair with the following command:
|
||||
|
||||
```sh
|
||||
gpg --full-gen-key
|
||||
```
|
||||
|
||||
This will spawn a series of questions.
|
||||
|
||||
1. The first question is which algorithm can be used. Select the kind you want
|
||||
or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
|
||||
|
||||
```
|
||||
Please select what kind of key you want:
|
||||
(1) RSA and RSA (default)
|
||||
(2) DSA and Elgamal
|
||||
(3) DSA (sign only)
|
||||
(4) RSA (sign only)
|
||||
Your selection? 1
|
||||
```
|
||||
|
||||
1. The next question is key length. We recommend to choose the highest value
|
||||
which is `4096`:
|
||||
|
||||
```
|
||||
RSA keys may be between 1024 and 4096 bits long.
|
||||
What keysize do you want? (2048) 4096
|
||||
Requested keysize is 4096 bits
|
||||
```
|
||||
1. Next, you need to specify the validity period of your key. This is something
|
||||
subjective, and you can use the default value which is to never expire:
|
||||
|
||||
```
|
||||
Please specify how long the key should be valid.
|
||||
0 = key does not expire
|
||||
<n> = key expires in n days
|
||||
<n>w = key expires in n weeks
|
||||
<n>m = key expires in n months
|
||||
<n>y = key expires in n years
|
||||
Key is valid for? (0) 0
|
||||
Key does not expire at all
|
||||
```
|
||||
|
||||
1. Confirm that the answers you gave were correct by typing `y`:
|
||||
|
||||
```
|
||||
Is this correct? (y/N) y
|
||||
```
|
||||
|
||||
1. Enter you real name, the email address to be associated with this key (should
|
||||
match the primary email address you use in GitLab) and an optional comment
|
||||
(press <kbd>Enter</kbd> to skip):
|
||||
|
||||
```
|
||||
GnuPG needs to construct a user ID to identify your key.
|
||||
|
||||
Real name: Mr. Robot
|
||||
Email address: mr@robot.sh
|
||||
Comment:
|
||||
You selected this USER-ID:
|
||||
"Mr. Robot <mr@robot.sh>"
|
||||
|
||||
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
|
||||
```
|
||||
|
||||
1. Pick a strong password when asked and type it twice to confirm.
|
||||
1. Use the following command to list the private GPG key you just created:
|
||||
|
||||
```
|
||||
gpg --list-secret-keys mr@robot.sh
|
||||
```
|
||||
|
||||
Replace `mr@robot.sh` with the email address you entered above.
|
||||
|
||||
1. Copy the GPG key ID that starts with `sec`. In the following example, that's
|
||||
`0x30F2B65B9246B6CA`:
|
||||
|
||||
```
|
||||
sec rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
|
||||
D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
|
||||
uid [ultimate] Mr. Robot <mr@robot.sh>
|
||||
ssb rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
|
||||
```
|
||||
|
||||
1. Export the public key of that ID (replace your key ID from the previous step):
|
||||
|
||||
```
|
||||
gpg --armor --export 0x30F2B65B9246B6CA
|
||||
```
|
||||
|
||||
1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
|
||||
|
||||
## Adding a GPG key to your account
|
||||
|
||||
>**Note:**
|
||||
Once you add a key, you cannot edit it, only remove it. In case the paste
|
||||
didn't work, you'll have to remove the offending key and re-add it.
|
||||
|
||||
You can add a GPG key in your profile's settings:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
|
||||
![Settings dropdown](../../profile/img/profile_settings_dropdown.png)
|
||||
|
||||
1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
|
||||
box.
|
||||
|
||||
![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
|
||||
|
||||
1. Finally, click on **Add key** to add it to GitLab. You will be able to see
|
||||
its fingerprint, the corresponding email address and creation date.
|
||||
|
||||
![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
|
||||
|
||||
## Associating your GPG key with Git
|
||||
|
||||
After you have [created your GPG key](#generating-a-gpg-key) and [added it to
|
||||
your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
|
||||
key to use.
|
||||
|
||||
1. Use the following command to list the private GPG key you just created:
|
||||
|
||||
```
|
||||
gpg --list-secret-keys mr@robot.sh
|
||||
```
|
||||
|
||||
Replace `mr@robot.sh` with the email address you entered above.
|
||||
|
||||
1. Copy the GPG key ID that starts with `sec`. In the following example, that's
|
||||
`0x30F2B65B9246B6CA`:
|
||||
|
||||
```
|
||||
sec rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
|
||||
D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
|
||||
uid [ultimate] Mr. Robot <mr@robot.sh>
|
||||
ssb rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
|
||||
```
|
||||
|
||||
1. Tell Git to use that key to sign the commits:
|
||||
|
||||
```
|
||||
git config --global user.signingkey 0x30F2B65B9246B6CA
|
||||
```
|
||||
|
||||
Replace `0x30F2B65B9246B6CA` with your GPG key ID.
|
||||
|
||||
## Signing commits
|
||||
|
||||
After you have [created your GPG key](#generating-a-gpg-key) and [added it to
|
||||
your account](#adding-a-gpg-key-to-your-account), you can start signing your
|
||||
commits:
|
||||
|
||||
1. Commit like you used to, the only difference is the addition of the `-S` flag:
|
||||
|
||||
```
|
||||
git commit -S -m "My commit msg"
|
||||
```
|
||||
|
||||
1. Enter the passphrase of your GPG key when asked.
|
||||
1. Push to GitLab and check that your commits [are verified](#verifying-commits).
|
||||
|
||||
If you don't want to type the `-S` flag every time you commit, you can tell Git
|
||||
to sign your commits automatically:
|
||||
|
||||
```
|
||||
git config --global commit.gpgsign true
|
||||
```
|
||||
|
||||
## Verifying commits
|
||||
|
||||
1. Within a project or [merge request](../merge_requests/index.md), navigate to
|
||||
the **Commits** tab. Signed commits will show a badge containing either
|
||||
"Verified" or "Unverified", depending on the verification status of the GPG
|
||||
signature.
|
||||
|
||||
![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
|
||||
|
||||
1. By clicking on the GPG badge, details of the signature are displayed.
|
||||
|
||||
![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
|
||||
|
||||
![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
|
||||
|
||||
## Revoking a GPG key
|
||||
|
||||
Revoking a key **unverifies** already signed commits. Commits that were
|
||||
verified by using this key will change to an unverified state. Future commits
|
||||
will also stay unverified once you revoke this key. This action should be used
|
||||
in case your key has been compromised.
|
||||
|
||||
To revoke a GPG key:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
1. Navigate to the **GPG keys** tab.
|
||||
1. Click on **Revoke** besides the GPG key you want to delete.
|
||||
|
||||
## Removing a GPG key
|
||||
|
||||
Removing a key **does not unverify** already signed commits. Commits that were
|
||||
verified by using this key will stay verified. Only unpushed commits will stay
|
||||
unverified once you remove this key. To unverify already signed commits, you need
|
||||
to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
|
||||
|
||||
To remove a GPG key from your account:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
1. Navigate to the **GPG keys** tab.
|
||||
1. Click on the trash icon besides the GPG key you want to delete.
|
||||
|
||||
[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
|
||||
This document was moved to [another location](../repository/gpg_signed_commits/index.md).
|
||||
|
|
Before Width: | Height: | Size: 30 KiB After Width: | Height: | Size: 21 KiB |
Before Width: | Height: | Size: 30 KiB After Width: | Height: | Size: 36 KiB |
BIN
doc/user/project/members/img/share_project_with_groups_tab.png
Normal file
After Width: | Height: | Size: 36 KiB |
|
@ -5,7 +5,7 @@ possible to add a group of users to a project with a single action.
|
|||
|
||||
## Groups as collections of users
|
||||
|
||||
Groups are used primarily to [create collections of projects](../user/group/index.md), but you can also
|
||||
Groups are used primarily to [create collections of projects](../../group/index.md), but you can also
|
||||
take advantage of the fact that groups define collections of _users_, namely the group
|
||||
members.
|
||||
|
||||
|
@ -16,20 +16,23 @@ say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'P
|
|||
Acme'. But what if 'Project Acme' already belongs to another group, say 'Open Source'?
|
||||
This is where the group sharing feature can be of use.
|
||||
|
||||
To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the 'Groups' section.
|
||||
To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the **Settings > Members** section.
|
||||
|
||||
![The 'Groups' section in the project settings screen](img/share_project_with_groups.png)
|
||||
![share project with groups](img/share_project_with_groups.png)
|
||||
|
||||
Now you can add the 'Engineering' group with the maximum access level of your choice.
|
||||
After sharing 'Project Acme' with 'Engineering', the project is listed on the group dashboard.
|
||||
Then select the 'Share with group' tab by clicking it.
|
||||
|
||||
Now you can add the 'Engineering' group with the maximum access level of your choice. Click 'Share' to share it.
|
||||
|
||||
![share project with groups tab](img/share_project_with_groups_tab.png)
|
||||
|
||||
After sharing 'Project Acme' with 'Engineering', the project will be listed on the group dashboard.
|
||||
|
||||
!['Project Acme' is listed as a shared project for 'Engineering'](img/other_group_sees_shared_project.png)
|
||||
|
||||
## Maximum access level
|
||||
|
||||
!['Project Acme' is shared with 'Engineering' with a maximum access level of 'Developer'](img/max_access_level.png)
|
||||
|
||||
In the screenshot above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
|
||||
In the example above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
|
||||
|
||||
## Share project with group lock (EES/EEP)
|
||||
|
||||
|
|
Before Width: | Height: | Size: 24 KiB After Width: | Height: | Size: 24 KiB |
Before Width: | Height: | Size: 4.3 KiB After Width: | Height: | Size: 4.3 KiB |
Before Width: | Height: | Size: 40 KiB After Width: | Height: | Size: 40 KiB |
Before Width: | Height: | Size: 9.3 KiB After Width: | Height: | Size: 9.3 KiB |
Before Width: | Height: | Size: 14 KiB After Width: | Height: | Size: 14 KiB |
245
doc/user/project/repository/gpg_signed_commits/index.md
Normal file
|
@ -0,0 +1,245 @@
|
|||
# Signing commits with GPG
|
||||
|
||||
> [Introduced][ce-9546] in GitLab 9.5.
|
||||
|
||||
GitLab can show whether a commit is verified or not when signed with a GPG key.
|
||||
All you need to do is upload the public GPG key in your profile settings.
|
||||
|
||||
GPG verified tags are not supported yet.
|
||||
|
||||
## Getting started with GPG
|
||||
|
||||
Here are a few guides to get you started with GPG:
|
||||
|
||||
- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
|
||||
- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
|
||||
- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
|
||||
- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
|
||||
|
||||
## How GitLab handles GPG
|
||||
|
||||
GitLab uses its own keyring to verify the GPG signature. It does not access any
|
||||
public key server.
|
||||
|
||||
In order to have a commit verified on GitLab the corresponding public key needs
|
||||
to be uploaded to GitLab. For a signature to be verified two prerequisites need
|
||||
to be met:
|
||||
|
||||
1. The public key needs to be added your GitLab account
|
||||
1. One of the emails in the GPG key matches your **primary** email
|
||||
|
||||
## Generating a GPG key
|
||||
|
||||
If you don't already have a GPG key, the following steps will help you get
|
||||
started:
|
||||
|
||||
1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
|
||||
1. Generate the private/public key pair with the following command:
|
||||
|
||||
```sh
|
||||
gpg --full-gen-key
|
||||
```
|
||||
|
||||
This will spawn a series of questions.
|
||||
|
||||
1. The first question is which algorithm can be used. Select the kind you want
|
||||
or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
|
||||
|
||||
```
|
||||
Please select what kind of key you want:
|
||||
(1) RSA and RSA (default)
|
||||
(2) DSA and Elgamal
|
||||
(3) DSA (sign only)
|
||||
(4) RSA (sign only)
|
||||
Your selection? 1
|
||||
```
|
||||
|
||||
1. The next question is key length. We recommend to choose the highest value
|
||||
which is `4096`:
|
||||
|
||||
```
|
||||
RSA keys may be between 1024 and 4096 bits long.
|
||||
What keysize do you want? (2048) 4096
|
||||
Requested keysize is 4096 bits
|
||||
```
|
||||
1. Next, you need to specify the validity period of your key. This is something
|
||||
subjective, and you can use the default value which is to never expire:
|
||||
|
||||
```
|
||||
Please specify how long the key should be valid.
|
||||
0 = key does not expire
|
||||
<n> = key expires in n days
|
||||
<n>w = key expires in n weeks
|
||||
<n>m = key expires in n months
|
||||
<n>y = key expires in n years
|
||||
Key is valid for? (0) 0
|
||||
Key does not expire at all
|
||||
```
|
||||
|
||||
1. Confirm that the answers you gave were correct by typing `y`:
|
||||
|
||||
```
|
||||
Is this correct? (y/N) y
|
||||
```
|
||||
|
||||
1. Enter you real name, the email address to be associated with this key (should
|
||||
match the primary email address you use in GitLab) and an optional comment
|
||||
(press <kbd>Enter</kbd> to skip):
|
||||
|
||||
```
|
||||
GnuPG needs to construct a user ID to identify your key.
|
||||
|
||||
Real name: Mr. Robot
|
||||
Email address: mr@robot.sh
|
||||
Comment:
|
||||
You selected this USER-ID:
|
||||
"Mr. Robot <mr@robot.sh>"
|
||||
|
||||
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
|
||||
```
|
||||
|
||||
1. Pick a strong password when asked and type it twice to confirm.
|
||||
1. Use the following command to list the private GPG key you just created:
|
||||
|
||||
```
|
||||
gpg --list-secret-keys mr@robot.sh
|
||||
```
|
||||
|
||||
Replace `mr@robot.sh` with the email address you entered above.
|
||||
|
||||
1. Copy the GPG key ID that starts with `sec`. In the following example, that's
|
||||
`0x30F2B65B9246B6CA`:
|
||||
|
||||
```
|
||||
sec rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
|
||||
D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
|
||||
uid [ultimate] Mr. Robot <mr@robot.sh>
|
||||
ssb rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
|
||||
```
|
||||
|
||||
1. Export the public key of that ID (replace your key ID from the previous step):
|
||||
|
||||
```
|
||||
gpg --armor --export 0x30F2B65B9246B6CA
|
||||
```
|
||||
|
||||
1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
|
||||
|
||||
## Adding a GPG key to your account
|
||||
|
||||
>**Note:**
|
||||
Once you add a key, you cannot edit it, only remove it. In case the paste
|
||||
didn't work, you'll have to remove the offending key and re-add it.
|
||||
|
||||
You can add a GPG key in your profile's settings:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
|
||||
![Settings dropdown](../../../profile/img/profile_settings_dropdown.png)
|
||||
|
||||
1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
|
||||
box.
|
||||
|
||||
![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
|
||||
|
||||
1. Finally, click on **Add key** to add it to GitLab. You will be able to see
|
||||
its fingerprint, the corresponding email address and creation date.
|
||||
|
||||
![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
|
||||
|
||||
## Associating your GPG key with Git
|
||||
|
||||
After you have [created your GPG key](#generating-a-gpg-key) and [added it to
|
||||
your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
|
||||
key to use.
|
||||
|
||||
1. Use the following command to list the private GPG key you just created:
|
||||
|
||||
```
|
||||
gpg --list-secret-keys mr@robot.sh
|
||||
```
|
||||
|
||||
Replace `mr@robot.sh` with the email address you entered above.
|
||||
|
||||
1. Copy the GPG key ID that starts with `sec`. In the following example, that's
|
||||
`0x30F2B65B9246B6CA`:
|
||||
|
||||
```
|
||||
sec rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
|
||||
D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
|
||||
uid [ultimate] Mr. Robot <mr@robot.sh>
|
||||
ssb rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
|
||||
```
|
||||
|
||||
1. Tell Git to use that key to sign the commits:
|
||||
|
||||
```
|
||||
git config --global user.signingkey 0x30F2B65B9246B6CA
|
||||
```
|
||||
|
||||
Replace `0x30F2B65B9246B6CA` with your GPG key ID.
|
||||
|
||||
## Signing commits
|
||||
|
||||
After you have [created your GPG key](#generating-a-gpg-key) and [added it to
|
||||
your account](#adding-a-gpg-key-to-your-account), you can start signing your
|
||||
commits:
|
||||
|
||||
1. Commit like you used to, the only difference is the addition of the `-S` flag:
|
||||
|
||||
```
|
||||
git commit -S -m "My commit msg"
|
||||
```
|
||||
|
||||
1. Enter the passphrase of your GPG key when asked.
|
||||
1. Push to GitLab and check that your commits [are verified](#verifying-commits).
|
||||
|
||||
If you don't want to type the `-S` flag every time you commit, you can tell Git
|
||||
to sign your commits automatically:
|
||||
|
||||
```
|
||||
git config --global commit.gpgsign true
|
||||
```
|
||||
|
||||
## Verifying commits
|
||||
|
||||
1. Within a project or [merge request](../../merge_requests/index.md), navigate to
|
||||
the **Commits** tab. Signed commits will show a badge containing either
|
||||
"Verified" or "Unverified", depending on the verification status of the GPG
|
||||
signature.
|
||||
|
||||
![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
|
||||
|
||||
1. By clicking on the GPG badge, details of the signature are displayed.
|
||||
|
||||
![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
|
||||
|
||||
![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
|
||||
|
||||
## Revoking a GPG key
|
||||
|
||||
Revoking a key **unverifies** already signed commits. Commits that were
|
||||
verified by using this key will change to an unverified state. Future commits
|
||||
will also stay unverified once you revoke this key. This action should be used
|
||||
in case your key has been compromised.
|
||||
|
||||
To revoke a GPG key:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
1. Navigate to the **GPG keys** tab.
|
||||
1. Click on **Revoke** besides the GPG key you want to delete.
|
||||
|
||||
## Removing a GPG key
|
||||
|
||||
Removing a key **does not unverify** already signed commits. Commits that were
|
||||
verified by using this key will stay verified. Only unpushed commits will stay
|
||||
unverified once you remove this key. To unverify already signed commits, you need
|
||||
to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
|
||||
|
||||
To remove a GPG key from your account:
|
||||
|
||||
1. On the upper right corner, click on your avatar and go to your **Settings**.
|
||||
1. Navigate to the **GPG keys** tab.
|
||||
1. Click on the trash icon besides the GPG key you want to delete.
|
||||
|
||||
[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
|
|
@ -22,7 +22,7 @@ you to [connect with GitLab via SSH](../../../ssh/README.md).
|
|||
|
||||
## Files
|
||||
|
||||
## Create and edit files
|
||||
### Create and edit files
|
||||
|
||||
Host your codebase in GitLab repositories by pushing your files to GitLab.
|
||||
You can either use the user interface (UI), or connect your local computer
|
||||
|
@ -111,6 +111,8 @@ right from the UI.
|
|||
- **Revert a commit:**
|
||||
Easily [revert a commit](../merge_requests/revert_changes.md#reverting-a-commit)
|
||||
from the UI to a selected branch.
|
||||
- **Sign a commit:**
|
||||
Use GPG to [sign your commits](gpg_signed_commits/index.md).
|
||||
|
||||
## Repository size
|
||||
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
@project_commits
|
||||
Feature: Project Commits User Lookup
|
||||
Background:
|
||||
Given I sign in as a user
|
||||
And I own a project
|
||||
And I visit my project's commits page
|
||||
|
||||
Scenario: I browse commit from list
|
||||
Given I have user with primary email
|
||||
When I click on commit link
|
||||
Then I see author based on primary email
|
||||
|
||||
Scenario: I browse another commit from list
|
||||
Given I have user with secondary email
|
||||
When I click on another commit link
|
||||
Then I see author based on secondary email
|
|
@ -1,49 +0,0 @@
|
|||
class Spinach::Features::ProjectCommitsUserLookup < Spinach::FeatureSteps
|
||||
include SharedAuthentication
|
||||
include SharedProject
|
||||
include SharedPaths
|
||||
|
||||
step 'I click on commit link' do
|
||||
visit project_commit_path(@project, sample_commit.id)
|
||||
end
|
||||
|
||||
step 'I click on another commit link' do
|
||||
visit project_commit_path(@project, sample_commit.parent_id)
|
||||
end
|
||||
|
||||
step 'I have user with primary email' do
|
||||
user_primary
|
||||
end
|
||||
|
||||
step 'I have user with secondary email' do
|
||||
user_secondary
|
||||
end
|
||||
|
||||
step 'I see author based on primary email' do
|
||||
check_author_link(sample_commit.author_email, user_primary)
|
||||
end
|
||||
|
||||
step 'I see author based on secondary email' do
|
||||
check_author_link(sample_commit.author_email, user_secondary)
|
||||
end
|
||||
|
||||
def check_author_link(email, user)
|
||||
author_link = find('.commit-author-link')
|
||||
|
||||
expect(author_link['href']).to eq user_path(user)
|
||||
expect(author_link['title']).to eq email
|
||||
expect(find('.commit-author-name').text).to eq user.name
|
||||
end
|
||||
|
||||
def user_primary
|
||||
@user_primary ||= create(:user, email: 'dmitriy.zaporozhets@gmail.com')
|
||||
end
|
||||
|
||||
def user_secondary
|
||||
@user_secondary ||= begin
|
||||
user = create(:user, email: 'dzaporozhets@example.com')
|
||||
create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
|
||||
user
|
||||
end
|
||||
end
|
||||
end
|
|
@ -67,12 +67,14 @@ module API
|
|||
end
|
||||
delete ":id/access_requests/:user_id" do
|
||||
source = find_source(source_type, params[:id])
|
||||
member = source.requesters.find_by!(user_id: params[:user_id])
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(member) do
|
||||
::Members::DestroyService.new(source, current_user, params)
|
||||
.execute(:requesters)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -88,8 +88,7 @@ module API
|
|||
|
||||
unauthorized! unless award.user == current_user || current_user.admin?
|
||||
|
||||
status 204
|
||||
award.destroy
|
||||
destroy_conditionally!(award)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -122,11 +122,10 @@ module API
|
|||
end
|
||||
delete "/lists/:list_id" do
|
||||
authorize!(:admin_list, user_project)
|
||||
|
||||
list = board_lists.find(params[:list_id])
|
||||
|
||||
destroy_conditionally!(list) do |list|
|
||||
service = ::Boards::Lists::DestroyService.new(user_project, current_user)
|
||||
|
||||
unless service.execute(list)
|
||||
render_api_error!({ error: 'List could not be deleted!' }, 400)
|
||||
end
|
||||
|
@ -134,4 +133,5 @@ module API
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -125,6 +125,12 @@ module API
|
|||
delete ':id/repository/branches/:branch', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
|
||||
authorize_push_project
|
||||
|
||||
branch = user_project.repository.find_branch(params[:branch])
|
||||
not_found!('Branch') unless branch
|
||||
|
||||
commit = user_project.repository.commit(branch.dereferenced_target)
|
||||
|
||||
destroy_conditionally!(commit, last_updated: commit.authored_date) do
|
||||
result = DeleteBranchService.new(user_project, current_user)
|
||||
.execute(params[:branch])
|
||||
|
||||
|
@ -132,6 +138,7 @@ module API
|
|||
render_api_error!(result[:message], result[:return_code])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
desc 'Delete all merged branches'
|
||||
delete ':id/repository/merged_branches' do
|
||||
|
|
|
@ -91,8 +91,7 @@ module API
|
|||
delete ':id' do
|
||||
message = find_message
|
||||
|
||||
status 204
|
||||
message.destroy
|
||||
destroy_conditionally!(message)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -125,8 +125,7 @@ module API
|
|||
key = user_project.deploy_keys_projects.find_by(deploy_key_id: params[:key_id])
|
||||
not_found!('Deploy Key') unless key
|
||||
|
||||
status 204
|
||||
key.destroy
|
||||
destroy_conditionally!(key)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -320,7 +320,10 @@ module API
|
|||
end
|
||||
|
||||
class IssueBasic < ProjectEntity
|
||||
expose :label_names, as: :labels
|
||||
expose :labels do |issue, options|
|
||||
# Avoids an N+1 query since labels are preloaded
|
||||
issue.labels.map(&:title).sort
|
||||
end
|
||||
expose :milestone, using: Entities::Milestone
|
||||
expose :assignees, :author, using: Entities::UserBasic
|
||||
|
||||
|
@ -329,13 +332,32 @@ module API
|
|||
end
|
||||
|
||||
expose :user_notes_count
|
||||
expose :upvotes, :downvotes
|
||||
expose :upvotes do |issue, options|
|
||||
if options[:issuable_metadata]
|
||||
# Avoids an N+1 query when metadata is included
|
||||
options[:issuable_metadata][issue.id].upvotes
|
||||
else
|
||||
issue.upvotes
|
||||
end
|
||||
end
|
||||
expose :downvotes do |issue, options|
|
||||
if options[:issuable_metadata]
|
||||
# Avoids an N+1 query when metadata is included
|
||||
options[:issuable_metadata][issue.id].downvotes
|
||||
else
|
||||
issue.downvotes
|
||||
end
|
||||
end
|
||||
expose :due_date
|
||||
expose :confidential
|
||||
|
||||
expose :web_url do |issue, options|
|
||||
Gitlab::UrlBuilder.build(issue)
|
||||
end
|
||||
|
||||
expose :time_stats, using: 'API::Entities::IssuableTimeStats' do |issue|
|
||||
issue
|
||||
end
|
||||
end
|
||||
|
||||
class Issue < IssueBasic
|
||||
|
@ -365,10 +387,22 @@ module API
|
|||
end
|
||||
|
||||
class IssuableTimeStats < Grape::Entity
|
||||
format_with(:time_tracking_formatter) do |time_spent|
|
||||
Gitlab::TimeTrackingFormatter.output(time_spent)
|
||||
end
|
||||
|
||||
expose :time_estimate
|
||||
expose :total_time_spent
|
||||
expose :human_time_estimate
|
||||
expose :human_total_time_spent
|
||||
|
||||
with_options(format_with: :time_tracking_formatter) do
|
||||
expose :total_time_spent, as: :human_total_time_spent
|
||||
end
|
||||
|
||||
def total_time_spent
|
||||
# Avoids an N+1 query since timelogs are preloaded
|
||||
object.timelogs.map(&:time_spent).sum
|
||||
end
|
||||
end
|
||||
|
||||
class ExternalIssue < Grape::Entity
|
||||
|
@ -418,6 +452,10 @@ module API
|
|||
expose :web_url do |merge_request, options|
|
||||
Gitlab::UrlBuilder.build(merge_request)
|
||||
end
|
||||
|
||||
expose :time_stats, using: 'API::Entities::IssuableTimeStats' do |merge_request|
|
||||
merge_request
|
||||
end
|
||||
end
|
||||
|
||||
class MergeRequest < MergeRequestBasic
|
||||
|
|
|
@ -79,8 +79,7 @@ module API
|
|||
|
||||
environment = user_project.environments.find(params[:environment_id])
|
||||
|
||||
status 204
|
||||
environment.destroy
|
||||
destroy_conditionally!(environment)
|
||||
end
|
||||
|
||||
desc 'Stops an existing environment' do
|
||||
|
|
|
@ -88,8 +88,7 @@ module API
|
|||
variable = user_group.variables.find_by(key: params[:key])
|
||||
not_found!('GroupVariable') unless variable
|
||||
|
||||
status 204
|
||||
variable.destroy
|
||||
destroy_conditionally!(variable)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,11 @@ module API
|
|||
helpers do
|
||||
params :optional_params_ce do
|
||||
optional :description, type: String, desc: 'The description of the group'
|
||||
optional :visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The visibility of the group'
|
||||
optional :visibility, type: String,
|
||||
values: Gitlab::VisibilityLevel.string_values,
|
||||
default: Gitlab::VisibilityLevel.string_level(
|
||||
Gitlab::CurrentSettings.current_application_settings.default_group_visibility),
|
||||
desc: 'The visibility of the group'
|
||||
optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group'
|
||||
optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access'
|
||||
optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group'
|
||||
|
@ -118,9 +122,10 @@ module API
|
|||
group = find_group!(params[:id])
|
||||
authorize! :admin_group, group
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(group) do |group|
|
||||
::Groups::DestroyService.new(group, current_user).execute
|
||||
end
|
||||
end
|
||||
|
||||
desc 'Get a list of projects in this group.' do
|
||||
success Entities::Project
|
||||
|
|
|
@ -11,6 +11,27 @@ module API
|
|||
declared(params, options).to_h.symbolize_keys
|
||||
end
|
||||
|
||||
def check_unmodified_since!(last_modified)
|
||||
if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) rescue nil
|
||||
|
||||
if if_unmodified_since && last_modified && last_modified > if_unmodified_since
|
||||
render_api_error!('412 Precondition Failed', 412)
|
||||
end
|
||||
end
|
||||
|
||||
def destroy_conditionally!(resource, last_updated: nil)
|
||||
last_updated ||= resource.updated_at
|
||||
|
||||
check_unmodified_since!(last_updated)
|
||||
|
||||
status 204
|
||||
if block_given?
|
||||
yield resource
|
||||
else
|
||||
resource.destroy
|
||||
end
|
||||
end
|
||||
|
||||
def current_user
|
||||
return @current_user if defined?(@current_user)
|
||||
|
||||
|
|
|
@ -4,6 +4,8 @@ module API
|
|||
|
||||
before { authenticate! }
|
||||
|
||||
helpers ::Gitlab::IssuableMetadata
|
||||
|
||||
helpers do
|
||||
def find_issues(args = {})
|
||||
args = params.merge(args)
|
||||
|
@ -13,6 +15,7 @@ module API
|
|||
args[:label_name] = args.delete(:labels)
|
||||
|
||||
issues = IssuesFinder.new(current_user, args).execute
|
||||
.preload(:assignees, :labels, :notes, :timelogs)
|
||||
|
||||
issues.reorder(args[:order_by] => args[:sort])
|
||||
end
|
||||
|
@ -65,7 +68,13 @@ module API
|
|||
get do
|
||||
issues = find_issues
|
||||
|
||||
present paginate(issues), with: Entities::IssueBasic, current_user: current_user
|
||||
options = {
|
||||
with: Entities::IssueBasic,
|
||||
current_user: current_user,
|
||||
issuable_metadata: issuable_meta_data(issues, 'Issue')
|
||||
}
|
||||
|
||||
present paginate(issues), options
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -86,7 +95,13 @@ module API
|
|||
|
||||
issues = find_issues(group_id: group.id)
|
||||
|
||||
present paginate(issues), with: Entities::IssueBasic, current_user: current_user
|
||||
options = {
|
||||
with: Entities::IssueBasic,
|
||||
current_user: current_user,
|
||||
issuable_metadata: issuable_meta_data(issues, 'Issue')
|
||||
}
|
||||
|
||||
present paginate(issues), options
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -109,7 +124,14 @@ module API
|
|||
|
||||
issues = find_issues(project_id: project.id)
|
||||
|
||||
present paginate(issues), with: Entities::IssueBasic, current_user: current_user, project: user_project
|
||||
options = {
|
||||
with: Entities::IssueBasic,
|
||||
current_user: current_user,
|
||||
project: user_project,
|
||||
issuable_metadata: issuable_meta_data(issues, 'Issue')
|
||||
}
|
||||
|
||||
present paginate(issues), options
|
||||
end
|
||||
|
||||
desc 'Get a single project issue' do
|
||||
|
@ -230,8 +252,8 @@ module API
|
|||
not_found!('Issue') unless issue
|
||||
|
||||
authorize!(:destroy_issue, issue)
|
||||
status 204
|
||||
issue.destroy
|
||||
|
||||
destroy_conditionally!(issue)
|
||||
end
|
||||
|
||||
desc 'List merge requests closing issue' do
|
||||
|
|
|
@ -56,8 +56,7 @@ module API
|
|||
label = user_project.labels.find_by(title: params[:name])
|
||||
not_found!('Label') unless label
|
||||
|
||||
status 204
|
||||
label.destroy
|
||||
destroy_conditionally!(label)
|
||||
end
|
||||
|
||||
desc 'Update an existing label. At least one optional parameter is required.' do
|
||||
|
|
|
@ -93,13 +93,13 @@ module API
|
|||
end
|
||||
delete ":id/members/:user_id" do
|
||||
source = find_source(source_type, params[:id])
|
||||
# Ensure that memeber exists
|
||||
source.members.find_by!(user_id: params[:user_id])
|
||||
member = source.members.find_by!(user_id: params[:user_id])
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(member) do
|
||||
::Members::DestroyService.new(source, current_user, declared_params).execute
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -21,7 +21,7 @@ module API
|
|||
return merge_requests if args[:view] == 'simple'
|
||||
|
||||
merge_requests
|
||||
.preload(:notes, :author, :assignee, :milestone, :merge_request_diff, :labels)
|
||||
.preload(:notes, :author, :assignee, :milestone, :merge_request_diff, :labels, :timelogs)
|
||||
end
|
||||
|
||||
params :merge_requests_params do
|
||||
|
@ -164,8 +164,8 @@ module API
|
|||
merge_request = find_project_merge_request(params[:merge_request_iid])
|
||||
|
||||
authorize!(:destroy_merge_request, merge_request)
|
||||
status 204
|
||||
merge_request.destroy
|
||||
|
||||
destroy_conditionally!(merge_request)
|
||||
end
|
||||
|
||||
params do
|
||||
|
|
|
@ -129,13 +129,15 @@ module API
|
|||
end
|
||||
delete ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
|
||||
note = user_project.notes.find(params[:note_id])
|
||||
|
||||
authorize! :admin_note, note
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(note) do |note|
|
||||
::Notes::DestroyService.new(user_project, current_user).execute(note)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
helpers do
|
||||
def find_project_noteable(noteables_str, noteable_id)
|
||||
|
|
|
@ -117,8 +117,7 @@ module API
|
|||
not_found!('PipelineSchedule') unless pipeline_schedule
|
||||
authorize! :admin_pipeline_schedule, pipeline_schedule
|
||||
|
||||
status :accepted
|
||||
present pipeline_schedule.destroy, with: Entities::PipelineScheduleDetails
|
||||
destroy_conditionally!(pipeline_schedule)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -96,8 +96,7 @@ module API
|
|||
delete ":id/hooks/:hook_id" do
|
||||
hook = user_project.hooks.find(params.delete(:hook_id))
|
||||
|
||||
status 204
|
||||
hook.destroy
|
||||
destroy_conditionally!(hook)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -116,8 +116,8 @@ module API
|
|||
not_found!('Snippet') unless snippet
|
||||
|
||||
authorize! :admin_project_snippet, snippet
|
||||
status 204
|
||||
snippet.destroy
|
||||
|
||||
destroy_conditionally!(snippet)
|
||||
end
|
||||
|
||||
desc 'Get a raw project snippet'
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
require_dependency 'declarative_policy'
|
||||
|
||||
module API
|
||||
# Projects API
|
||||
class Projects < Grape::API
|
||||
include PaginationParams
|
||||
|
||||
|
@ -334,7 +333,10 @@ module API
|
|||
desc 'Remove a project'
|
||||
delete ":id" do
|
||||
authorize! :remove_project, user_project
|
||||
|
||||
destroy_conditionally!(user_project) do
|
||||
::Projects::DestroyService.new(user_project, current_user, {}).async_execute
|
||||
end
|
||||
|
||||
accepted!
|
||||
end
|
||||
|
@ -363,8 +365,7 @@ module API
|
|||
authorize! :remove_fork_project, user_project
|
||||
|
||||
if user_project.forked?
|
||||
status 204
|
||||
user_project.forked_project_link.destroy
|
||||
destroy_conditionally!(user_project.forked_project_link)
|
||||
else
|
||||
not_modified!
|
||||
end
|
||||
|
@ -408,8 +409,7 @@ module API
|
|||
link = user_project.project_group_links.find_by(group_id: params[:group_id])
|
||||
not_found!('Group Link') unless link
|
||||
|
||||
status 204
|
||||
link.destroy
|
||||
destroy_conditionally!(link)
|
||||
end
|
||||
|
||||
desc 'Upload a file'
|
||||
|
|
|
@ -76,9 +76,7 @@ module API
|
|||
delete ':id/protected_branches/:name', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
|
||||
protected_branch = user_project.protected_branches.find_by!(name: params[:name])
|
||||
|
||||
protected_branch.destroy
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(protected_branch)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -45,8 +45,10 @@ module API
|
|||
end
|
||||
delete '/' do
|
||||
authenticate_runner!
|
||||
status 204
|
||||
Ci::Runner.find_by_token(params[:token]).destroy
|
||||
|
||||
runner = Ci::Runner.find_by_token(params[:token])
|
||||
|
||||
destroy_conditionally!(runner)
|
||||
end
|
||||
|
||||
desc 'Validates authentication credentials' do
|
||||
|
|
|
@ -77,10 +77,10 @@ module API
|
|||
end
|
||||
delete ':id' do
|
||||
runner = get_runner(params[:id])
|
||||
|
||||
authenticate_delete_runner!(runner)
|
||||
|
||||
status 204
|
||||
runner.destroy!
|
||||
destroy_conditionally!(runner)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -135,8 +135,7 @@ module API
|
|||
runner = runner_project.runner
|
||||
forbidden!("Only one project associated with the runner. Please remove the runner instead") if runner.projects.count == 1
|
||||
|
||||
status 204
|
||||
runner_project.destroy
|
||||
destroy_conditionally!(runner_project)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -656,6 +656,7 @@ module API
|
|||
delete ":id/services/:service_slug" do
|
||||
service = user_project.find_or_initialize_service(params[:service_slug].underscore)
|
||||
|
||||
destroy_conditionally!(service) do
|
||||
attrs = service_attributes(service).inject({}) do |hash, key|
|
||||
hash.merge!(key => nil)
|
||||
end
|
||||
|
@ -664,6 +665,7 @@ module API
|
|||
render_api_error!('400 Bad Request', 400)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
desc 'Get the service settings for project' do
|
||||
success Entities::ProjectService
|
||||
|
|
|
@ -123,8 +123,7 @@ module API
|
|||
|
||||
authorize! :destroy_personal_snippet, snippet
|
||||
|
||||
status 204
|
||||
snippet.destroy
|
||||
destroy_conditionally!(snippet)
|
||||
end
|
||||
|
||||
desc 'Get a raw snippet' do
|
||||
|
|
|
@ -66,8 +66,7 @@ module API
|
|||
hook = SystemHook.find_by(id: params[:id])
|
||||
not_found!('System hook') unless hook
|
||||
|
||||
status 204
|
||||
hook.destroy
|
||||
destroy_conditionally!(hook)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -65,6 +65,12 @@ module API
|
|||
delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do
|
||||
authorize_push_project
|
||||
|
||||
tag = user_project.repository.find_tag(params[:tag_name])
|
||||
not_found!('Tag') unless tag
|
||||
|
||||
commit = user_project.repository.commit(tag.dereferenced_target)
|
||||
|
||||
destroy_conditionally!(commit, last_updated: commit.authored_date) do
|
||||
result = ::Tags::DestroyService.new(user_project, current_user)
|
||||
.execute(params[:tag_name])
|
||||
|
||||
|
@ -72,6 +78,7 @@ module API
|
|||
render_api_error!(result[:message], result[:return_code])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
desc 'Add a release note to a tag' do
|
||||
success Entities::Release
|
||||
|
|
|
@ -140,8 +140,7 @@ module API
|
|||
trigger = user_project.triggers.find(params.delete(:trigger_id))
|
||||
return not_found!('Trigger') unless trigger
|
||||
|
||||
status 204
|
||||
trigger.destroy
|
||||
destroy_conditionally!(trigger)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -230,8 +230,7 @@ module API
|
|||
key = user.keys.find_by(id: params[:key_id])
|
||||
not_found!('Key') unless key
|
||||
|
||||
status 204
|
||||
key.destroy
|
||||
destroy_conditionally!(key)
|
||||
end
|
||||
|
||||
desc 'Add an email address to a specified user. Available only for admins.' do
|
||||
|
@ -287,7 +286,11 @@ module API
|
|||
email = user.emails.find_by(id: params[:email_id])
|
||||
not_found!('Email') unless email
|
||||
|
||||
Emails::DestroyService.new(user, email: email.email).execute
|
||||
destroy_conditionally!(email) do |email|
|
||||
Emails::DestroyService.new(current_user, email: email.email).execute
|
||||
end
|
||||
|
||||
user.update_secondary_emails!
|
||||
end
|
||||
|
||||
desc 'Delete a user. Available only for admins.' do
|
||||
|
@ -299,12 +302,14 @@ module API
|
|||
end
|
||||
delete ":id" do
|
||||
authenticated_as_admin!
|
||||
|
||||
user = User.find_by(id: params[:id])
|
||||
not_found!('User') unless user
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(user) do
|
||||
user.delete_async(deleted_by: current_user, params: params)
|
||||
end
|
||||
end
|
||||
|
||||
desc 'Block a user. Available only for admins.'
|
||||
params do
|
||||
|
@ -403,8 +408,11 @@ module API
|
|||
requires :impersonation_token_id, type: Integer, desc: 'The ID of the impersonation token'
|
||||
end
|
||||
delete ':impersonation_token_id' do
|
||||
status 204
|
||||
find_impersonation_token.revoke!
|
||||
token = find_impersonation_token
|
||||
|
||||
destroy_conditionally!(token) do
|
||||
token.revoke!
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -481,8 +489,7 @@ module API
|
|||
key = current_user.keys.find_by(id: params[:key_id])
|
||||
not_found!('Key') unless key
|
||||
|
||||
status 204
|
||||
key.destroy
|
||||
destroy_conditionally!(key)
|
||||
end
|
||||
|
||||
desc "Get the currently authenticated user's email addresses" do
|
||||
|
@ -533,10 +540,13 @@ module API
|
|||
email = current_user.emails.find_by(id: params[:email_id])
|
||||
not_found!('Email') unless email
|
||||
|
||||
status 204
|
||||
destroy_conditionally!(email) do |email|
|
||||
Emails::DestroyService.new(current_user, email: email.email).execute
|
||||
end
|
||||
|
||||
current_user.update_secondary_emails!
|
||||
end
|
||||
|
||||
desc 'Get a list of user activities'
|
||||
params do
|
||||
optional :from, type: DateTime, default: 6.months.ago, desc: 'Date string in the format YEAR-MONTH-DAY'
|
||||
|
|
|
@ -88,6 +88,7 @@ module API
|
|||
variable = user_project.variables.find_by(key: params[:key])
|
||||
not_found!('Variable') unless variable
|
||||
|
||||
# Variables don't have any timestamp. Therfore, destroy unconditionally.
|
||||
status 204
|
||||
variable.destroy
|
||||
end
|
||||
|
|
|
@ -9,6 +9,14 @@ module Gitlab
|
|||
ActiveRecord::Base.configurations[Rails.env]
|
||||
end
|
||||
|
||||
def self.username
|
||||
config['username'] || ENV['USER']
|
||||
end
|
||||
|
||||
def self.database_name
|
||||
config['database']
|
||||
end
|
||||
|
||||
def self.adapter_name
|
||||
config['adapter']
|
||||
end
|
||||
|
|
34
lib/gitlab/database/grant.rb
Normal file
|
@ -0,0 +1,34 @@
|
|||
module Gitlab
|
||||
module Database
|
||||
# Model that can be used for querying permissions of a SQL user.
|
||||
class Grant < ActiveRecord::Base
|
||||
self.table_name =
|
||||
if Database.postgresql?
|
||||
'information_schema.role_table_grants'
|
||||
else
|
||||
'mysql.user'
|
||||
end
|
||||
|
||||
def self.scope_to_current_user
|
||||
if Database.postgresql?
|
||||
where('grantee = user')
|
||||
else
|
||||
where("CONCAT(User, '@', Host) = current_user()")
|
||||
end
|
||||
end
|
||||
|
||||
# Returns true if the current user can create and execute triggers on the
|
||||
# given table.
|
||||
def self.create_and_execute_trigger?(table)
|
||||
priv =
|
||||
if Database.postgresql?
|
||||
where(privilege_type: 'TRIGGER', table_name: table)
|
||||
else
|
||||
where(Trigger_priv: 'Y')
|
||||
end
|
||||
|
||||
priv.scope_to_current_user.any?
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -358,6 +358,8 @@ module Gitlab
|
|||
raise 'rename_column_concurrently can not be run inside a transaction'
|
||||
end
|
||||
|
||||
check_trigger_permissions!(table)
|
||||
|
||||
old_col = column_for(table, old)
|
||||
new_type = type || old_col.type
|
||||
|
||||
|
@ -430,6 +432,8 @@ module Gitlab
|
|||
def cleanup_concurrent_column_rename(table, old, new)
|
||||
trigger_name = rename_trigger_name(table, old, new)
|
||||
|
||||
check_trigger_permissions!(table)
|
||||
|
||||
if Database.postgresql?
|
||||
remove_rename_triggers_for_postgresql(table, trigger_name)
|
||||
else
|
||||
|
@ -485,14 +489,14 @@ module Gitlab
|
|||
|
||||
# Removes the triggers used for renaming a PostgreSQL column concurrently.
|
||||
def remove_rename_triggers_for_postgresql(table, trigger)
|
||||
execute("DROP TRIGGER #{trigger} ON #{table}")
|
||||
execute("DROP FUNCTION #{trigger}()")
|
||||
execute("DROP TRIGGER IF EXISTS #{trigger} ON #{table}")
|
||||
execute("DROP FUNCTION IF EXISTS #{trigger}()")
|
||||
end
|
||||
|
||||
# Removes the triggers used for renaming a MySQL column concurrently.
|
||||
def remove_rename_triggers_for_mysql(trigger)
|
||||
execute("DROP TRIGGER #{trigger}_insert")
|
||||
execute("DROP TRIGGER #{trigger}_update")
|
||||
execute("DROP TRIGGER IF EXISTS #{trigger}_insert")
|
||||
execute("DROP TRIGGER IF EXISTS #{trigger}_update")
|
||||
end
|
||||
|
||||
# Returns the (base) name to use for triggers when renaming columns.
|
||||
|
@ -625,6 +629,30 @@ module Gitlab
|
|||
conn.llen("queue:#{queue_name}")
|
||||
end
|
||||
end
|
||||
|
||||
def check_trigger_permissions!(table)
|
||||
unless Grant.create_and_execute_trigger?(table)
|
||||
dbname = Database.database_name
|
||||
user = Database.username
|
||||
|
||||
raise <<-EOF
|
||||
Your database user is not allowed to create, drop, or execute triggers on the
|
||||
table #{table}.
|
||||
|
||||
If you are using PostgreSQL you can solve this by logging in to the GitLab
|
||||
database (#{dbname}) using a super user and running:
|
||||
|
||||
ALTER #{user} WITH SUPERUSER
|
||||
|
||||
For MySQL you instead need to run:
|
||||
|
||||
GRANT ALL PRIVILEGES ON *.* TO #{user}@'%'
|
||||
|
||||
Both queries will grant the user super user permissions, ensuring you don't run
|
||||
into similar problems in the future (e.g. when new tables are created).
|
||||
EOF
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -17,6 +17,7 @@ module Gitlab
|
|||
NoRepository = Class.new(StandardError)
|
||||
InvalidBlobName = Class.new(StandardError)
|
||||
InvalidRef = Class.new(StandardError)
|
||||
GitError = Class.new(StandardError)
|
||||
|
||||
class << self
|
||||
# Unlike `new`, `create` takes the storage path, not the storage name
|
||||
|
@ -246,6 +247,13 @@ module Gitlab
|
|||
branch_names + tag_names
|
||||
end
|
||||
|
||||
# Returns an Array of all ref names, except when it's matching pattern
|
||||
#
|
||||
# regexp - The pattern for ref names we don't want
|
||||
def all_ref_names_except(regexp)
|
||||
rugged.references.reject { |ref| ref.name =~ regexp }.map(&:name)
|
||||
end
|
||||
|
||||
# Discovers the default branch based on the repository's available branches
|
||||
#
|
||||
# - If no branches are present, returns nil
|
||||
|
@ -591,6 +599,23 @@ module Gitlab
|
|||
rugged.branches.delete(branch_name)
|
||||
end
|
||||
|
||||
def delete_refs(*ref_names)
|
||||
instructions = ref_names.map do |ref|
|
||||
"delete #{ref}\x00\x00"
|
||||
end
|
||||
|
||||
command = %W[#{Gitlab.config.git.bin_path} update-ref --stdin -z]
|
||||
message, status = Gitlab::Popen.popen(
|
||||
command,
|
||||
path) do |stdin|
|
||||
stdin.write(instructions.join)
|
||||
end
|
||||
|
||||
unless status.zero?
|
||||
raise GitError.new("Could not delete refs #{ref_names}: #{message}")
|
||||
end
|
||||
end
|
||||
|
||||
# Create a new branch named **ref+ based on **stat_point+, HEAD by default
|
||||
#
|
||||
# Examples:
|
||||
|
|
23
lib/gitlab/sql/pattern.rb
Normal file
|
@ -0,0 +1,23 @@
|
|||
module Gitlab
|
||||
module SQL
|
||||
module Pattern
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
MIN_CHARS_FOR_PARTIAL_MATCHING = 3
|
||||
|
||||
class_methods do
|
||||
def to_pattern(query)
|
||||
if partial_matching?(query)
|
||||
"%#{sanitize_sql_like(query)}%"
|
||||
else
|
||||
sanitize_sql_like(query)
|
||||
end
|
||||
end
|
||||
|
||||
def partial_matching?(query)
|
||||
query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -111,7 +111,7 @@ namespace :gitlab do
|
|||
next unless id > max_iid
|
||||
|
||||
project.deployments.find(id).create_ref
|
||||
rugged.references.delete(ref)
|
||||
project.repository.delete_refs(ref)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,7 +6,7 @@ describe 'Dropdown author', js: true do
|
|||
let!(:project) { create(:project) }
|
||||
let!(:user) { create(:user, name: 'administrator', username: 'root') }
|
||||
let!(:user_john) { create(:user, name: 'John', username: 'th0mas') }
|
||||
let!(:user_jacob) { create(:user, name: 'Jacob', username: 'otter32') }
|
||||
let!(:user_jacob) { create(:user, name: 'Jacob', username: 'ooter32') }
|
||||
let(:filtered_search) { find('.filtered-search') }
|
||||
let(:js_dropdown_author) { '#js-dropdown-author' }
|
||||
|
||||
|
@ -82,31 +82,31 @@ describe 'Dropdown author', js: true do
|
|||
end
|
||||
|
||||
it 'filters by name' do
|
||||
send_keys_to_filtered_search('ja')
|
||||
send_keys_to_filtered_search('jac')
|
||||
|
||||
expect(dropdown_author_size).to eq(1)
|
||||
end
|
||||
|
||||
it 'filters by case insensitive name' do
|
||||
send_keys_to_filtered_search('Ja')
|
||||
send_keys_to_filtered_search('Jac')
|
||||
|
||||
expect(dropdown_author_size).to eq(1)
|
||||
end
|
||||
|
||||
it 'filters by username with symbol' do
|
||||
send_keys_to_filtered_search('@ot')
|
||||
send_keys_to_filtered_search('@oot')
|
||||
|
||||
expect(dropdown_author_size).to eq(2)
|
||||
end
|
||||
|
||||
it 'filters by username without symbol' do
|
||||
send_keys_to_filtered_search('ot')
|
||||
send_keys_to_filtered_search('oot')
|
||||
|
||||
expect(dropdown_author_size).to eq(2)
|
||||
end
|
||||
|
||||
it 'filters by case insensitive username without symbol' do
|
||||
send_keys_to_filtered_search('OT')
|
||||
send_keys_to_filtered_search('OOT')
|
||||
|
||||
expect(dropdown_author_size).to eq(2)
|
||||
end
|
||||
|
|
44
spec/features/projects/commits/user_browses_commits_spec.rb
Normal file
|
@ -0,0 +1,44 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'User broweses commits' do
|
||||
let(:user) { create(:user) }
|
||||
let(:project) { create(:project, :repository, namespace: user.namespace) }
|
||||
|
||||
before do
|
||||
project.add_master(user)
|
||||
sign_in(user)
|
||||
end
|
||||
|
||||
context 'primary email' do
|
||||
it 'finds a commit by a primary email' do
|
||||
user = create(:user, email: 'dmitriy.zaporozhets@gmail.com')
|
||||
|
||||
visit(project_commit_path(project, RepoHelpers.sample_commit.id))
|
||||
|
||||
check_author_link(RepoHelpers.sample_commit.author_email, user)
|
||||
end
|
||||
end
|
||||
|
||||
context 'secondary email' do
|
||||
it 'finds a commit by a secondary email' do
|
||||
user =
|
||||
create(:user) do |user|
|
||||
create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
|
||||
end
|
||||
|
||||
visit(project_commit_path(project, RepoHelpers.sample_commit.parent_id))
|
||||
|
||||
check_author_link(RepoHelpers.sample_commit.author_email, user)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def check_author_link(email, author)
|
||||
author_link = find('.commit-author-link')
|
||||
|
||||
expect(author_link['href']).to eq(user_path(author))
|
||||
expect(author_link['title']).to eq(email)
|
||||
expect(find('.commit-author-name').text).to eq(author.name)
|
||||
end
|
|
@ -78,7 +78,13 @@
|
|||
"downvotes": { "type": "integer" },
|
||||
"due_date": { "type": ["date", "null"] },
|
||||
"confidential": { "type": "boolean" },
|
||||
"web_url": { "type": "uri" }
|
||||
"web_url": { "type": "uri" },
|
||||
"time_stats": {
|
||||
"time_estimate": { "type": "integer" },
|
||||
"total_time_spent": { "type": "integer" },
|
||||
"human_time_estimate": { "type": ["string", "null"] },
|
||||
"human_total_time_spent": { "type": ["string", "null"] }
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"id", "iid", "project_id", "title", "description",
|
||||
|
|
|
@ -72,7 +72,13 @@
|
|||
"user_notes_count": { "type": "integer" },
|
||||
"should_remove_source_branch": { "type": ["boolean", "null"] },
|
||||
"force_remove_source_branch": { "type": ["boolean", "null"] },
|
||||
"web_url": { "type": "uri" }
|
||||
"web_url": { "type": "uri" },
|
||||
"time_stats": {
|
||||
"time_estimate": { "type": "integer" },
|
||||
"total_time_spent": { "type": "integer" },
|
||||
"human_time_estimate": { "type": ["string", "null"] },
|
||||
"human_total_time_spent": { "type": ["string", "null"] }
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"id", "iid", "project_id", "title", "description",
|
||||
|
|
|
@ -1,22 +1,18 @@
|
|||
import Vue from 'vue';
|
||||
import groupIdenticonComponent from '~/groups/components/group_identicon.vue';
|
||||
import GroupsStore from '~/groups/stores/groups_store';
|
||||
import { group1 } from './mock_data';
|
||||
import identiconComponent from '~/vue_shared/components/identicon.vue';
|
||||
|
||||
const createComponent = () => {
|
||||
const Component = Vue.extend(groupIdenticonComponent);
|
||||
const store = new GroupsStore();
|
||||
const group = store.decorateGroup(group1);
|
||||
const Component = Vue.extend(identiconComponent);
|
||||
|
||||
return new Component({
|
||||
propsData: {
|
||||
entityId: group.id,
|
||||
entityName: group.name,
|
||||
entityId: 1,
|
||||
entityName: 'entity-name',
|
||||
},
|
||||
}).$mount();
|
||||
};
|
||||
|
||||
describe('GroupIdenticonComponent', () => {
|
||||
describe('IdenticonComponent', () => {
|
||||
let vm;
|
||||
|
||||
beforeEach(() => {
|
30
spec/lib/gitlab/database/grant_spec.rb
Normal file
|
@ -0,0 +1,30 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe Gitlab::Database::Grant do
|
||||
describe '.scope_to_current_user' do
|
||||
it 'scopes the relation to the current user' do
|
||||
user = Gitlab::Database.username
|
||||
column = Gitlab::Database.postgresql? ? :grantee : :User
|
||||
names = described_class.scope_to_current_user.pluck(column).uniq
|
||||
|
||||
expect(names).to eq([user])
|
||||
end
|
||||
end
|
||||
|
||||
describe '.create_and_execute_trigger' do
|
||||
it 'returns true when the user can create and execute a trigger' do
|
||||
# We assume the DB/user is set up correctly so that triggers can be
|
||||
# created, which is necessary anyway for other tests to work.
|
||||
expect(described_class.create_and_execute_trigger?('users')).to eq(true)
|
||||
end
|
||||
|
||||
it 'returns false when the user can not create and/or execute a trigger' do
|
||||
allow(described_class).to receive(:scope_to_current_user)
|
||||
.and_return(described_class.none)
|
||||
|
||||
result = described_class.create_and_execute_trigger?('kittens')
|
||||
|
||||
expect(result).to eq(false)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -450,6 +450,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
it 'renames a column concurrently' do
|
||||
allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
|
||||
|
||||
expect(model).to receive(:check_trigger_permissions!).with(:users)
|
||||
|
||||
expect(model).to receive(:install_rename_triggers_for_mysql)
|
||||
.with(trigger_name, 'users', 'old', 'new')
|
||||
|
||||
|
@ -477,6 +479,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
it 'renames a column concurrently' do
|
||||
allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
|
||||
|
||||
expect(model).to receive(:check_trigger_permissions!).with(:users)
|
||||
|
||||
expect(model).to receive(:install_rename_triggers_for_postgresql)
|
||||
.with(trigger_name, 'users', 'old', 'new')
|
||||
|
||||
|
@ -506,6 +510,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
it 'cleans up the renaming procedure for PostgreSQL' do
|
||||
allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
|
||||
|
||||
expect(model).to receive(:check_trigger_permissions!).with(:users)
|
||||
|
||||
expect(model).to receive(:remove_rename_triggers_for_postgresql)
|
||||
.with(:users, /trigger_.{12}/)
|
||||
|
||||
|
@ -517,6 +523,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
it 'cleans up the renaming procedure for MySQL' do
|
||||
allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
|
||||
|
||||
expect(model).to receive(:check_trigger_permissions!).with(:users)
|
||||
|
||||
expect(model).to receive(:remove_rename_triggers_for_mysql)
|
||||
.with(/trigger_.{12}/)
|
||||
|
||||
|
@ -573,8 +581,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
|
||||
describe '#remove_rename_triggers_for_postgresql' do
|
||||
it 'removes the function and trigger' do
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER foo ON bar')
|
||||
expect(model).to receive(:execute).with('DROP FUNCTION foo()')
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo ON bar')
|
||||
expect(model).to receive(:execute).with('DROP FUNCTION IF EXISTS foo()')
|
||||
|
||||
model.remove_rename_triggers_for_postgresql('bar', 'foo')
|
||||
end
|
||||
|
@ -582,8 +590,8 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
|
||||
describe '#remove_rename_triggers_for_mysql' do
|
||||
it 'removes the triggers' do
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER foo_insert')
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER foo_update')
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_insert')
|
||||
expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_update')
|
||||
|
||||
model.remove_rename_triggers_for_mysql('foo')
|
||||
end
|
||||
|
@ -890,4 +898,20 @@ describe Gitlab::Database::MigrationHelpers do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#check_trigger_permissions!' do
|
||||
it 'does nothing when the user has the correct permissions' do
|
||||
expect { model.check_trigger_permissions!('users') }
|
||||
.not_to raise_error(RuntimeError)
|
||||
end
|
||||
|
||||
it 'raises RuntimeError when the user does not have the correct permissions' do
|
||||
allow(Gitlab::Database::Grant).to receive(:create_and_execute_trigger?)
|
||||
.with('kittens')
|
||||
.and_return(false)
|
||||
|
||||
expect { model.check_trigger_permissions!('kittens') }
|
||||
.to raise_error(RuntimeError, /Your database user is not allowed/)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|