kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2020-09-21 03:09:25 +00:00
parent 0909fd0275
commit 965a92325a
7 changed files with 106 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
changelogs/unreleased/250580-fix-graphql-api-token-authentication.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Fix GraphQL token authentication when installed under a relative URL
merge_request: 42706
author:
type: fixed

72
doc/api/search.md
View file

@ -27,7 +27,7 @@ GET /search
Search the expression within the specified scope. Currently these scopes are supported: projects, issues, merge_requests, milestones, snippet_titles, users. Search the expression within the specified scope. Currently these scopes are supported: projects, issues, merge_requests, milestones, snippet_titles, users.
If Elasticsearch is enabled additional scopes available are blobs, wiki_blobs and commits. Find more about [the feature](../integration/elasticsearch.md). **(STARTER)** If Elasticsearch is enabled additional scopes available are blobs, wiki_blobs, notes, and commits. Find more about [the feature](../integration/elasticsearch.md). **(STARTER)**
The response depends on the requested scope. The response depends on the requested scope.
@ -362,6 +362,40 @@ Example response:
NOTE: **Note:** NOTE: **Note:**
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521). `filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: notes **(STARTER)**
This scope is available only if [Elasticsearch](../integration/elasticsearch.md) is enabled.
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/6/search?scope=notes&search=maxime"
```
Example response:
```json
[
{
"id": 191,
"body": "Harum maxime consequuntur et et deleniti assumenda facilis.",
"attachment": null,
"author": {
"id": 23,
"name": "User 1",
"username": "user1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/111d68d06e2d317b5a59c2c6c5bad808?s=80&d=identicon",
"web_url": "http://localhost:3000/user1"
},
"created_at": "2017-09-05T08:01:32.068Z",
"updated_at": "2017-09-05T08:01:32.068Z",
"system": false,
"noteable_id": 22,
"noteable_type": "Issue",
"noteable_iid": 2
}
]
```
### Scope: users ### Scope: users
```shell ```shell
@ -402,7 +436,7 @@ GET /groups/:id/search
Search the expression within the specified scope. Currently these scopes are supported: projects, issues, merge_requests, milestones, users. Search the expression within the specified scope. Currently these scopes are supported: projects, issues, merge_requests, milestones, users.
If Elasticsearch is enabled additional scopes available are blobs, wiki_blobs and commits. Find more about [the feature](../integration/elasticsearch.md). **(STARTER)** If Elasticsearch is enabled additional scopes available are blobs, wiki_blobs, notes, and commits. Find more about [the feature](../integration/elasticsearch.md). **(STARTER)**
The response depends on the requested scope. The response depends on the requested scope.
@ -706,6 +740,40 @@ Example response:
NOTE **Note:** NOTE **Note:**
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521). `filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: notes **(STARTER)**
This scope is available only if [Elasticsearch](../integration/elasticsearch.md) is enabled.
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/6/search?scope=notes&search=maxime"
```
Example response:
```json
[
{
"id": 191,
"body": "Harum maxime consequuntur et et deleniti assumenda facilis.",
"attachment": null,
"author": {
"id": 23,
"name": "User 1",
"username": "user1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/111d68d06e2d317b5a59c2c6c5bad808?s=80&d=identicon",
"web_url": "http://localhost:3000/user1"
},
"created_at": "2017-09-05T08:01:32.068Z",
"updated_at": "2017-09-05T08:01:32.068Z",
"system": false,
"noteable_id": 22,
"noteable_type": "Issue",
"noteable_iid": 2
}
]
```
### Scope: users ### Scope: users
```shell ```shell

2
doc/user/packages/container_registry/index.md
View file

@ -342,7 +342,7 @@ the deleted images.
To delete images from within GitLab: To delete images from within GitLab:
1. Navigate to your project's or group's **{package}** **Packages & Registries > Container Registry**. 1. Navigate to your project's or group's **Packages & Registries > Container Registry**.
1. From the **Container Registry** page, you can select what you want to delete, 1. From the **Container Registry** page, you can select what you want to delete,
by either: by either:

2
doc/user/packages/go_proxy/index.md
View file

@ -50,7 +50,7 @@ Feature.disable(:go_proxy, Project.find(2))
### Enable the Package Registry ### Enable the Package Registry
The Package Registry is enabled for new projects by default. If you cannot find The Package Registry is enabled for new projects by default. If you cannot find
the **{package}** **Packages > List** entry under your project's sidebar, verify the **Packages > List** entry under your project's sidebar, verify
the following: the following:
1. Your GitLab administrator has 1. Your GitLab administrator has

10
doc/user/packages/package_registry/index.md
View file

@ -17,7 +17,7 @@ packages, which can be easily consumed as a dependency in downstream projects.
You can view packages for your project or group. You can view packages for your project or group.
1. Go to the project or group. 1. Go to the project or group.
1. Go to **{package}** **Packages & Registries > Package Registry**. 1. Go to **Packages & Registries > Package Registry**.
You can search, sort, and filter packages on this page. You can search, sort, and filter packages on this page.
@ -45,7 +45,7 @@ user who triggered it.
To download a package: To download a package:
1. Go to **{package}** **Packages & Registries > Package Registry**. 1. Go to **Packages & Registries > Package Registry**.
1. Click the name of the package you want to download. 1. Click the name of the package you want to download.
1. In the **Activity** section, click the name of the package you want to download. 1. In the **Activity** section, click the name of the package you want to download.
@ -60,7 +60,7 @@ You can delete packages by using [the API](../../../api/packages.md#delete-a-pro
To delete a package in the UI, from your group or project: To delete a package in the UI, from your group or project:
1. Go to **{package}** **Packages & Registries > Package Registry**. 1. Go to **Packages & Registries > Package Registry**.
1. Find the name of the package you want to delete. 1. Find the name of the package you want to delete.
1. Click **Delete**. 1. Click **Delete**.
@ -71,7 +71,7 @@ The package is permanently deleted.
The Package Registry is automatically enabled. The Package Registry is automatically enabled.
If you are using a self-managed instance of GitLab, your administrator can remove If you are using a self-managed instance of GitLab, your administrator can remove
the menu item, **{package}** **Packages & Registries**, from the GitLab sidebar. For more information, the menu item, **Packages & Registries**, from the GitLab sidebar. For more information,
see the [administration documentation](../../../administration/packages/index.md). see the [administration documentation](../../../administration/packages/index.md).
You can also remove the Package Registry for your project specifically: You can also remove the Package Registry for your project specifically:
@ -81,7 +81,7 @@ You can also remove the Package Registry for your project specifically:
**Packages** feature. **Packages** feature.
1. Click **Save changes**. 1. Click **Save changes**.
The **{package}** **Packages & Registries > Package Registry** entry is removed from the sidebar. The **Packages & Registries > Package Registry** entry is removed from the sidebar.
## Package workflows ## Package workflows

2
lib/gitlab/auth/auth_finders.rb
View file

@ -290,7 +290,7 @@ module Gitlab
end end
def api_request? def api_request?
current_request.path.starts_with?('/api/') current_request.path.starts_with?(Gitlab::Utils.append_path(Gitlab.config.gitlab.relative_url_root, '/api/'))
end end
def archive_request? def archive_request?

26
spec/lib/gitlab/auth/auth_finders_spec.rb
View file

@ -419,10 +419,30 @@ RSpec.describe Gitlab::Auth::AuthFinders do
expect(find_user_from_web_access_token(:ics)).to eq(user) expect(find_user_from_web_access_token(:ics)).to eq(user)
end end
it 'returns the user for API requests' do context 'for API requests' do
set_header('SCRIPT_NAME', '/api/endpoint') it 'returns the user' do
set_header('SCRIPT_NAME', '/api/endpoint')
expect(find_user_from_web_access_token(:api)).to eq(user) expect(find_user_from_web_access_token(:api)).to eq(user)
end
it 'returns nil if URL does not start with /api/' do
set_header('SCRIPT_NAME', '/relative_root/api/endpoint')
expect(find_user_from_web_access_token(:api)).to be_nil
end
context 'when relative_url_root is set' do
before do
stub_config_setting(relative_url_root: '/relative_root')
end
it 'returns the user' do
set_header('SCRIPT_NAME', '/relative_root/api/endpoint')
expect(find_user_from_web_access_token(:api)).to eq(user)
end
end
end end
end end