Commit graph

8 commits

Author SHA1 Message Date
DJ Mountney
1d1363e2bb Bring in security changes from the 9.2.5 release
Ran:
 - git format-patch v9.2.2..v9.2.5 --stdout > patchfile.patch
 - git checkout -b 9-2-5-security-patch origin/v9.2.2
 - git apply patchfile.patch
 - git commit
 - [Got the sha ref for the commit]
 - git checkout -b upstream-9-2-security master
 - git cherry-pick <SHA of the patchfile commit>
 - [Resolved conflicts]
 - git cherry-pick --continue
2017-06-07 21:16:20 -07:00
Rémy Coutable
3db37e0562 Enable the Style/TrailingCommaInArguments cop
Use the EnforcedStyleForMultiline: no_comma option.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-05-10 18:25:45 +02:00
Rémy Coutable
d40e1f547e Enable the Style/TrailingCommaInLiteral cop
Use the EnforcedStyleForMultiline: no_comma option.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-05-10 18:25:45 +02:00
Toon Claes
b550de51b9 Revert "Fix OpenID spec failure that assumed current_sign_in_at would be set"
This reverts commit 73f448e589.
2017-05-09 22:57:01 +02:00
Toon Claes
ab7c90331f Add :redis keyword to some specs clear state of trackable attributes
The specs that rely on a correct value of the trackable attributes, should
include the `:redis` keyword in the spec to ensure the state is reset between
various specs.

The trackable attributes being:

- sign_in_count      : Increased every time a sign in is made (by form, openid, oauth)
- current_sign_in_at : A timestamp updated when the user signs in
- last_sign_in_at    : Holds the timestamp of the previous sign in
- current_sign_in_ip : The remote ip updated when the user sign in
- last_sign_in_ip    : Holds the remote ip of the previous sign in

The limiting of writing trackable attributes was introduced in
gitlab-org/gitlab-ce!11053.
2017-05-09 20:58:15 +02:00
Stan Hu
73f448e589 Fix OpenID spec failure that assumed current_sign_in_at would be set
Due to 6a915d6f, the `current_sign_in_at` may not actually be set due
to an ExclusiveLease in other jobs. To fix this spec, manually set
the value in the setup.

Closes #32041
2017-05-09 10:44:43 -07:00
Jacopo
ff76adb547 Unnecessary "include WaitForAjax" and "include ApiHelpers"
Removed all the unnecessary include of `WaitForAjax` and `ApiHelpers` in the specs.
Removed unnecessary usage of `api:true`
2017-04-21 22:32:02 +02:00
Markus Koller
c498289048 Implement OpenID Connect identity provider 2017-03-07 14:54:35 +01:00