Commit graph

12 commits

Author SHA1 Message Date
DJ Mountney
ae6adf165c Merge branch '25934-project-snippet-vis' into 'security-9-2'
Fix visibility when referencing snippets

See merge request !2101
2017-06-08 09:56:39 -07:00
Sean McGivern
172932eec8 Fix /unsubscribe slash command creating extra todos
The /unsubscribe slash command means that we check if the current user is
subscribed to the issuable without having an explicit subscription. That means
that we use the UserParser to find references to them in the notes.

The UserParser (and all parsers inheriting from BaseParser) use RequestStore to
cache ActiveRecord objects, so that we don't need to load the User object each
time, if we're parsing references a bunch of times in the same request.

However, it was always returning _all_ of the previously cached items, not just
the ones matching the IDs passed. This would mean that we did two runs through
with UserParser if you were mentioned in a comment, and then mentioned someone
else in your comment while using /unsubscribe:

1. Because /unsubscribe was used, we see if you were mentioned in any comments.
2. Because you mentioned someone, we find them - but we would also get back your
   user, even if you didn't mention yourself. This would have the effect of
   creating a mention or directly addressed todo for yourself incorrectly.

The fix is simple: only return values from the cache matching the IDs passed.
2017-05-30 11:24:55 +01:00
Stan Hu
e89d4741d3 Fix regression in rendering Markdown references that do not exist
Closes #30972
2017-04-15 07:26:32 -07:00
Adam Buckland
ace833b31d Add indication for closed or merged issuables in GFM
Example: for issues that are closed, the links will now show '[closed]'
following the issue number. This is done as post-process after the markdown has
been loaded from the cache as the status of the issue may change between
the cache being populated and the content being displayed.

In order to avoid N+1 queries problem when rendering notes ObjectRenderer
populates the cache of referenced issuables for all notes at once,
before the post processing phase.

As a part of this change, the Banzai BaseParser#grouped_objects_for_nodes
method has been refactored to return a Hash utilising the node itself as the
key, since this was a common pattern of usage for this method.
2017-04-07 14:31:43 -05:00
Douwe Maan
871bed7ac0 Use Enumerable#index_by where possible 2017-03-16 16:33:15 -06:00
http://jneen.net/
846e581732 use a magic default :global symbol instead of nil
to make sure we mean the global permissions
2017-03-09 11:49:52 -08:00
Ershad Kunnakkadan
3a23639bc0
Create directly_addressed Todos when mentioned in beginning of a line 2017-02-08 21:53:34 +05:30
Douwe Maan
bf061d0aff
Merge branch 'issue_23548_dev' into 'master'
disable markdown in comments when referencing disabled features

fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548

This MR prevents the following references when tool is disabled:

- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones

This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.

See merge request !2011

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-11-09 12:25:17 +01:00
Paco Guzman
f4a84f504f Avoid database queries on Banzai::ReferenceParser::BaseParser for nodes without references 2016-09-28 09:08:28 +02:00
http://jneen.net/
5853c96b49 remove Ability.abilities 2016-08-30 11:35:06 -07:00
Yorick Peterse
9ac4c556ea
Re-use queries in reference parsers
This caches various queries to ensure that multiple reference extraction
runs re-use any objects queried in previous runs.
2016-07-08 21:54:35 +02:00
Yorick Peterse
86166d2802
Split Markdown rendering & reference gathering
This splits the Markdown rendering and reference extraction phases into
two distinct code bases. The reference extraction phase no longer relies
on the html-pipeline Gem (and any related code) and allows for
extracting of references from multiple HTML nodes in a single pass. This
means that if you want to extract user references from 200 comments you
no longer need to run 200 times N number of queries, instead only a
handful of queries may be needed.
2016-05-26 17:14:00 +02:00