kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-10-13 06:10:27 +00:00
parent 528bc84312
commit ae6730843a
18 changed files with 134 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/models/wiki.rb
View File

@ -109,8 +109,8 @@ class Wiki
end
def sluggified_title(title)
title = Gitlab::EncodingHelper.encode_utf8_no_detect(title)
title = File.expand_path(title, '/')
title = Gitlab::EncodingHelper.encode_utf8_no_detect(title.to_s.strip)
title = File.absolute_path(title, '/')
title = Pathname.new(title).relative_path_from('/').to_s
title.tr(' ', '-')
end

10
app/services/issuable/process_assignees.rb
View File

@ -6,11 +6,11 @@
module Issuable
class ProcessAssignees
def initialize(assignee_ids:, add_assignee_ids:, remove_assignee_ids:, existing_assignee_ids: nil, extra_assignee_ids: nil)
@assignee_ids = assignee_ids
@add_assignee_ids = add_assignee_ids
@remove_assignee_ids = remove_assignee_ids
@existing_assignee_ids = existing_assignee_ids || []
@extra_assignee_ids = extra_assignee_ids || []
@assignee_ids = assignee_ids&.map(&:to_i)
@add_assignee_ids = add_assignee_ids&.map(&:to_i)
@remove_assignee_ids = remove_assignee_ids&.map(&:to_i)
@existing_assignee_ids = existing_assignee_ids&.map(&:to_i) || []
@extra_assignee_ids = extra_assignee_ids&.map(&:to_i) || []
end
def execute

18
app/services/issuable_base_service.rb
View File

@ -67,22 +67,14 @@ class IssuableBaseService < ::BaseProjectService
end
def filter_assignees(issuable)
filter_assignees_with_key(issuable, :assignee_ids, :assignees)
filter_assignees_with_key(issuable, :add_assignee_ids, :add_assignees)
filter_assignees_with_key(issuable, :remove_assignee_ids, :remove_assignees)
end
def filter_assignees_with_key(issuable, id_key, key)
if params[key] && params[id_key].blank?
params[id_key] = params[key].map(&:id)
end
return if params[id_key].blank?
filter_assignees_using_checks(issuable, id_key)
filter_assignees_using_checks(issuable, :assignee_ids)
filter_assignees_using_checks(issuable, :add_assignee_ids)
filter_assignees_using_checks(issuable, :remove_assignee_ids)
end
def filter_assignees_using_checks(issuable, id_key)
return if params[id_key].blank?
unless issuable.allows_multiple_assignees?
params[id_key] = params[id_key].first(1)
end

14
app/services/merge_requests/push_options_handler_service.rb
View File

@ -104,7 +104,7 @@ module MergeRequests
merge_request = ::MergeRequests::CreateService.new(
project: project,
current_user: current_user,
params: merge_request.attributes.merge(assignees: merge_request.assignees,
params: merge_request.attributes.merge(assignee_ids: merge_request.assignee_ids,
label_ids: merge_request.label_ids)
).execute
end
@ -140,8 +140,8 @@ module MergeRequests
params[:add_labels] = params.delete(:label).keys if params.has_key?(:label)
params[:remove_labels] = params.delete(:unlabel).keys if params.has_key?(:unlabel)
params[:add_assignee_ids] = params.delete(:assign).keys if params.has_key?(:assign)
params[:remove_assignee_ids] = params.delete(:unassign).keys if params.has_key?(:unassign)
params[:add_assignee_ids] = convert_to_user_ids(params.delete(:assign).keys) if params.has_key?(:assign)
params[:remove_assignee_ids] = convert_to_user_ids(params.delete(:unassign).keys) if params.has_key?(:unassign)
if push_options[:milestone]
milestone = Milestone.for_projects_and_groups(@project, @project.ancestors_upto)&.find_by_name(push_options[:milestone])
@ -169,7 +169,7 @@ module MergeRequests
params = base_params
params.merge!(
assignees: [current_user],
assignee_ids: [current_user.id],
source_branch: branch,
source_project: project,
target_project: target_project
@ -186,6 +186,12 @@ module MergeRequests
base_params.merge(merge_params(merge_request.source_branch))
end
def convert_to_user_ids(ids_or_usernames)
ids, usernames = ids_or_usernames.partition { |id_or_username| id_or_username.is_a?(Numeric) || id_or_username.match?(/\A\d+\z/) }
ids += User.by_username(usernames).pluck(:id) unless usernames.empty? # rubocop:disable CodeReuse/ActiveRecord
ids
end
def collect_errors_from_merge_request(merge_request)
merge_request.errors.full_messages.each do |error|
errors << error

8
config/feature_flags/development/override_group_level_protected_environment_settings_permission.yml
View File

@ -1,8 +0,0 @@
---
name: override_group_level_protected_environment_settings_permission
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/92801
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/369875
milestone: '15.3'
type: development
group: group::release
default_enabled: false

2
doc/ci/environments/protected_environments.md
View File

@ -194,7 +194,7 @@ and are protected at the same time.
### Configure group-level memberships
> - Operators are required to have Owner+ role from the original Maintainer+ role and this role change is introduced from GitLab 15.3 [with a flag](https://gitlab.com/gitlab-org/gitlab/-/issues/369873) named `group_level_protected_environment_settings_permission`. Enabled by default.
> - Original behavior where Operators are required to have Maintainer+ role can be achieved by enabling [flag](https://gitlab.com/gitlab-org/gitlab/-/issues/369875) named `override_group_level_protected_environment_settings_permission`. Disabled by default.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/369873) in GitLab 15.4.
To maximize the effectiveness of group-level protected environments,
[group-level memberships](../../user/group/index.md) must be correctly

17
doc/user/application_security/index.md
View File

@ -171,6 +171,23 @@ does not use the `SECURE_ANALYZERS_PREFIX` variable. To override its Docker imag
the instructions for
[Running container scanning in an offline environment](container_scanning/index.md#running-container-scanning-in-an-offline-environment).
### Use security scanning tools with merge request pipelines
By default, the application security jobs are configured to run for branch pipelines only.
To use them with [merge request pipelines](../../ci/pipelines/merge_request_pipelines.md),
you must reference the [`latest` templates](../../development/cicd/templates.md):
```yaml
include:
- template: Security/Container-Scanning.latest.gitlab-ci.yml
- template: Security/DAST.latest.gitlab-ci.yml
- template: Jobs/Dependency-Scanning.latest.gitlab-ci.yml
- template: Jobs/SAST.latest.gitlab-ci.yml
```
NOTE:
Latest templates can receive breaking changes in any release.
## Default behavior of GitLab security scanning tools
### Secure jobs in your pipeline

5
doc/user/group/manage.md
View File

@ -127,6 +127,11 @@ To find members in a group, you can sort, filter, or search.
Filter a group to find members. By default, all members in the group and subgroups are displayed.
In lists of group members, entries can display the following badges:
- **SAML**, to indicate the member has a [SAML account](saml_sso/index.md) connected to them.
- **Enterprise**, to indicate that [SCIM created the account](saml_sso/scim_setup.md).
1. On the top bar, select **Main menu > Groups** and find your group.
1. Above the list of members, in the **Filter members** box, enter filter criteria.
- To view members in the group only, select **Membership = Direct**.

14
doc/user/project/push_options.md
View File

@ -67,8 +67,8 @@ time as pushing changes:
| `merge_request.milestone="<milestone>"` | Set the milestone of the merge request. Ex: `git push -o merge_request.milestone="3.0"`. | [14.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63960) |
| `merge_request.label="<label>"` | Add labels to the merge request. If the label does not exist, it is created. For example, for two labels: `git push -o merge_request.label="label1" -o merge_request.label="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) |
| `merge_request.unlabel="<label>"` | Remove labels from the merge request. For example, for two labels: `git push -o merge_request.unlabel="label1" -o merge_request.unlabel="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) |
| `merge_request.assign="<user>"` | Assign users to the merge request. Accepts username or user ID. For example, for two users: `git push -o merge_request.assign="user1" -o merge_request.assign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904) |
| `merge_request.unassign="<user>"` | Remove assigned users from the merge request. Accepts username or user ID.For example, for two users: `git push -o merge_request.unassign="user1" -o merge_request.unassign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904) |
| `merge_request.assign="<user>"` | Assign users to the merge request. Accepts username or user ID. For example, for two users: `git push -o merge_request.assign="user1" -o merge_request.assign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904), support for usernames added in [15.5](https://gitlab.com/gitlab-org/gitlab/-/issues/344276) |
| `merge_request.unassign="<user>"` | Remove assigned users from the merge request. Accepts username or user ID.For example, for two users: `git push -o merge_request.unassign="user1" -o merge_request.unassign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904), support for usernames added in [15.5](https://gitlab.com/gitlab-org/gitlab/-/issues/344276) |
If you use a push option that requires text with spaces in it, you need to enclose it
in quotes (`"`). You can omit the quotes if there are no spaces. Some examples:
@ -115,13 +115,3 @@ pipeline succeeds:
```shell
git mwps origin <local-branch-name>
```
## Troubleshooting
## Push options for merge request assignment ignored
When you push a branch to GitLab, you can use push options to assign to (`merge_request.assign="<USERNAME>"`)
or unassign from (`merge_request.unassign="<USERNAME>"`) a user. If GitLab creates
the merge request successfully, but fails to assign or unassign the merge request
correctly, you can use the user ID instead. For more information, read the issue
[Push option `merge_request.(un)assign` seems to be ignored](https://gitlab.com/gitlab-org/gitlab/-/issues/325169).

2
locale/gitlab.pot
View File

@ -35106,7 +35106,7 @@ msgstr ""
msgid "SAML for %{group_name}"
msgstr ""
msgid "SAML|Selecting \"Authorize\" will transfer ownership of your GitLab account \"%{username}\" (%{email}) to your organization."
msgid "SAML|Select \"Authorize\" to allow %{group_name} to manage your GitLab account \"%{username}\" (%{email}) after you sign in successfully with your single sign-on account."
msgstr ""
msgid "SAML|Sign in to GitLab to connect your organization's account"

11
spec/features/unsubscribe_links_spec.rb
View File

@ -2,13 +2,14 @@
require 'spec_helper'
RSpec.describe 'Unsubscribe links', :sidekiq_might_not_need_inline do
RSpec.describe 'Unsubscribe links', :sidekiq_inline do
include Warden::Test::Helpers
let(:recipient) { create(:user) }
let(:author) { create(:user) }
let(:project) { create(:project, :public) }
let(:params) { { title: 'A bug!', description: 'Fix it!', assignees: [recipient] } }
let_it_be(:project) { create(:project, :public) }
let_it_be(:author) { create(:user).tap { |u| project.add_reporter(u) } }
let_it_be(:recipient) { create(:user) }
let(:params) { { title: 'A bug!', description: 'Fix it!', assignee_ids: [recipient.id] } }
let(:issue) { Issues::CreateService.new(project: project, current_user: author, params: params, spam_params: nil).execute[:issue] }
let(:mail) { ActionMailer::Base.deliveries.last }

23
spec/services/issuable/process_assignees_spec.rb
View File

@ -12,7 +12,7 @@ RSpec.describe Issuable::ProcessAssignees do
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result.sort).to eq(%w(5 7 9).sort)
expect(result).to contain_exactly(5, 7, 9)
end
it 'combines other ids when assignee_ids is nil' do
@ -23,7 +23,7 @@ RSpec.describe Issuable::ProcessAssignees do
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result.sort).to eq(%w(1 2 3 5 11 12).sort)
expect(result).to contain_exactly(1, 2, 3, 5, 11, 12)
end
it 'combines other ids when both add_assignee_ids and remove_assignee_ids are not empty' do
@ -34,7 +34,7 @@ RSpec.describe Issuable::ProcessAssignees do
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result.sort).to eq(%w(1 2 3 5 6 12).sort)
expect(result).to contain_exactly(1, 2, 3, 5, 6, 12)
end
it 'combines other ids when remove_assignee_ids is not empty' do
@ -45,7 +45,7 @@ RSpec.describe Issuable::ProcessAssignees do
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result.sort).to eq(%w(1 2 3 5 12).sort)
expect(result).to contain_exactly(1, 2, 3, 5, 12)
end
it 'combines other ids when add_assignee_ids is not empty' do
@ -56,7 +56,7 @@ RSpec.describe Issuable::ProcessAssignees do
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result.sort).to eq(%w(1 2 4 3 5 6 11 12).sort)
expect(result).to contain_exactly(1, 2, 4, 3, 5, 6, 11, 12)
end
it 'combines ids when existing_assignee_ids and extra_assignee_ids are omitted' do
@ -65,7 +65,18 @@ RSpec.describe Issuable::ProcessAssignees do
remove_assignee_ids: %w(4 7 11))
result = process.execute
expect(result.sort).to eq(%w(2 6).sort)
expect(result.sort).to eq([2, 6].sort)
end
it 'handles mixed string and integer arrays' do
process = Issuable::ProcessAssignees.new(assignee_ids: %w(5 7 9),
add_assignee_ids: [2, 4, 6],
remove_assignee_ids: %w(4 7 11),
existing_assignee_ids: [1, 3, 11],
extra_assignee_ids: %w(2 5 12))
result = process.execute
expect(result).to contain_exactly(1, 2, 3, 5, 6, 12)
end
end
end

2
spec/services/issues/create_service_spec.rb
View File

@ -344,7 +344,7 @@ RSpec.describe Issues::CreateService do
let(:opts) do
{ title: 'Title',
description: 'Description',
assignees: [assignee] }
assignee_ids: [assignee.id] }
end
it 'invalidates open issues counter for assignees when issue is assigned' do

2
spec/services/merge_requests/create_service_spec.rb
View File

@ -102,7 +102,7 @@ RSpec.describe MergeRequests::CreateService, :clean_gitlab_redis_shared_state do
description: 'please fix',
source_branch: 'feature',
target_branch: 'master',
assignees: [user2]
assignee_ids: [user2.id]
}
end

16
spec/services/merge_requests/push_options_handler_service_spec.rb
View File

@ -730,6 +730,15 @@ RSpec.describe MergeRequests::PushOptionsHandlerService do
it_behaves_like 'with a deleted branch'
it_behaves_like 'with the project default branch'
context 'when passing in usernames' do
# makes sure that usernames starting with numbers aren't treated as IDs
let(:user2) { create(:user, username: '123user', developer_projects: [project]) }
let(:user3) { create(:user, username: '999user', developer_projects: [project]) }
let(:assigned) { { user2.username => 1, user3.username => 1 } }
it_behaves_like 'with an existing branch that has a merge request open in foss'
end
end
describe '`unassign` push option' do
@ -743,6 +752,13 @@ RSpec.describe MergeRequests::PushOptionsHandlerService do
it_behaves_like 'with a deleted branch'
it_behaves_like 'with the project default branch'
context 'when passing in usernames' do
let(:assigned) { { user2.username => 1, user3.username => 1 } }
let(:unassigned) { { user1.username => 1, user3.username => 1 } }
it_behaves_like 'with an existing branch that has a merge request open in foss'
end
end
describe 'multiple pushed branches' do

3
spec/spec_helper.rb
View File

@ -312,9 +312,6 @@ RSpec.configure do |config|
# See https://docs.gitlab.com/ee/development/feature_flags/#selectively-disable-by-actor
stub_feature_flags(legacy_merge_request_state_check_for_merged_result_pipelines: false)
# Will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/369875
stub_feature_flags(override_group_level_protected_environment_settings_permission: false)
allow(Gitlab::GitalyClient).to receive(:can_use_disk?).and_return(enable_rugged)
else
unstub_all_feature_flags

51
spec/support/shared_examples/models/wiki_shared_examples.rb
View File

@ -374,6 +374,39 @@ RSpec.shared_examples 'wiki model' do
end
end
context 'pages with relative paths' do
where(:path, :title) do
[
['~hello.md', '~Hello'],
['hello~world.md', 'Hello~World'],
['~~~hello.md', '~~~Hello'],
['~/hello.md', '~/Hello'],
['hello.md', '/Hello'],
['hello.md', '../Hello'],
['hello.md', './Hello'],
['dir/hello.md', '/dir/Hello']
]
end
with_them do
before do
wiki.repository.create_file(
user, path, "content of wiki file",
branch_name: wiki.default_branch,
message: "created page #{path}",
author_email: user.email,
author_name: user.name
)
end
it "can find page with `#{params[:title]}` title" do
page = subject.find_page(title)
expect(page.content).to eq("content of wiki file")
end
end
end
context 'pages with different file extensions' do
where(:extension, :path, :title) do
[
@ -629,6 +662,8 @@ RSpec.shared_examples 'wiki model' do
'foo' | :org | ['foo.md'] | false
'foo' | :markdown | ['dir/foo.md'] | true
'/foo' | :markdown | ['foo.md'] | false
'~foo' | :markdown | [] | true
'~~~foo' | :markdown | [] | true
'./foo' | :markdown | ['foo.md'] | false
'../foo' | :markdown | ['foo.md'] | false
'../../foo' | :markdown | ['foo.md'] | false
@ -739,6 +774,8 @@ RSpec.shared_examples 'wiki model' do
using RSpec::Parameterized::TableSyntax
where(:original_title, :original_format, :updated_title, :updated_format, :expected_title, :expected_path) do
'test page' | :markdown | '~new test page' | :asciidoc | '~new test page' | '~new-test-page.asciidoc'
'test page' | :markdown | '~~~new test page' | :asciidoc | '~~~new test page' | '~~~new-test-page.asciidoc'
'test page' | :markdown | 'new test page' | :asciidoc | 'new test page' | 'new-test-page.asciidoc'
'test page' | :markdown | 'new dir/new test page' | :asciidoc | 'new dir/new test page' | 'new-dir/new-test-page.asciidoc'
'test dir/test page' | :markdown | 'new dir/new test page' | :asciidoc | 'new dir/new test page' | 'new-dir/new-test-page.asciidoc'
@ -748,13 +785,13 @@ RSpec.shared_examples 'wiki model' do
'test dir/test page' | :markdown | nil | :markdown | 'test dir/test page' | 'test-dir/test-page.md'
'test page' | :markdown | '' | :markdown | 'test page' | 'test-page.md'
'test.page' | :markdown | '' | :markdown | 'test.page' | 'test.page.md'
'testpage' | :markdown | '../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | 'dir/../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | './dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | '../dir/../dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/../another/testpage' | :markdown | 'another/testpage' | 'another/testpage.md'
'testpage' | :markdown | '../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | 'dir/../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | './dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/../testpage' | :markdown | 'testpage' | 'testpage.md'
'dir/testpage' | :markdown | '../dir/../dir/testpage' | :markdown | 'dir/testpage' | 'dir/testpage.md'
'dir/testpage' | :markdown | '../dir/../another/testpage' | :markdown | 'another/testpage' | 'another/testpage.md'
end
end

2
workhorse/.tool-versions
View File

@ -1 +1 @@
golang 1.18.6
golang 1.18.7