- Move the `Oauth2::AccessTokenValidationService` class to
`AccessTokenValidationService`, since it is now being used for
personal access token validation as well.
- Each API endpoint declares the scopes it accepts (if any). Currently,
the top level API module declares the `api` scope, and the `Users` API
module declares the `read_user` scope (for GET requests).
- Move the `find_user_by_private_token` from the API `Helpers` module to
the `APIGuard` module, to avoid littering `Helpers` with more
auth-related methods to support `find_user_by_private_token`
Sherlock will be a new GitLab specific tool for measuring the
performance of Rails requests (and SideKiq jobs at some point). Some of
the things that are currently tracked:
* SQL queries along with their timings, backtraces and query plans
(using "EXPLAIN ANALYZE" for PostgreSQL and regular "EXPLAIN" for
MySQL)
* Timings of application files (including views) on a per line basis
* Some meta data such as the request method, path, total duration, etc
More tracking (e.g. Rugged or gitlab-shell timings) might be added in
the future.
Sherlock will replace any existing tools we have used so far (e.g.
active_record_query_trace and rack-mini-profiler), hence the
corresponding Gems have been removed from the Gemfile.
Sherlock can be enabled by starting Rails as following:
ENABLE_SHERLOCK=1 bundle exec rails s
Recorded transactions can be found at `/sherlock/transactions`.
I find it really annoying every time I login into GitLab it shows me
that I successfully signed in. But this makes no sense to me. I already
see dashboard and dont see login screen. Its obvious I signed in
successfully. Instead it just show annyoing message every time taking
part of space on my screen.
