Douwe Maan
f23b1cb453
Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security'
...
Replace MR access checks with use of MergeRequestsFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
✅ - Permissions check tested
- [x] 💣 app/finders/notes_finder.rb:17
- [x] ⚠️ app/views/layouts/nav/_project.html.haml:80 [`.count`]
- [x] 💣 app/controllers/concerns/creates_commit.rb:84
- [x] 🚥 app/controllers/projects/commits_controller.rb:24
- [x] 🚥 app/controllers/projects/compare_controller.rb:56
- [x] 🚦 app/controllers/projects/discussions_controller.rb:29
- [x] ✅ app/controllers/projects/todos_controller.rb:27
- [x] 🚦 app/models/commit.rb:268
- [x] ✅ lib/gitlab/search_results.rb:71
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)`
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`.
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use of unchecked `merged_merge_request?`
See merge request !2033
2016-12-08 21:42:07 -03:00
Oswaldo Ferreira
f272ee6eba
Add shorthand support to gitlab markdown references
2016-12-02 19:18:17 -02:00
winniehell
0d8352973b
Use JavaScript tooltips for mentions ( !5301 )
2016-09-01 01:21:34 +02:00
Stan Hu
30aa64202b
Fix note validation spec failures
2016-06-01 10:31:46 -07:00
Yorick Peterse
580d250166
Refactor Participable
...
There are several changes to this module:
1. The use of an explicit stack in Participable#participants
2. Proc behaviour has been changed
3. Batch permissions checking
== Explicit Stack
Participable#participants no longer uses recursion to process "self" and
all child objects, instead it uses an Array and processes objects in
breadth-first order. This allows us to for example create a single
Gitlab::ReferenceExtractor instance and pass this to any Procs. Re-using
a ReferenceExtractor removes the need for running potentially many SQL
queries every time a Proc is called on a new object.
== Proc Behaviour Changed
Previously a Proc in Participable was expected to return an Array of
User instances. This has been changed and instead it's now expected that
a Proc modifies the Gitlab::ReferenceExtractor passed to it. The return
value of the Proc is ignored.
== Permissions Checking
The method Participable#participants uses
Ability.users_that_can_read_project to check if the returned users have
access to the project of "self" _without_ running multiple SQL queries
for every user.
2016-06-01 16:22:35 +02:00
Yorick Peterse
309ca405fa
Don't modify arguments in CommitRange#initialize
...
This method used to call strip! on input strings which will mess with
the strings if they're re-used or frozen.
2016-05-26 13:58:01 +02:00
Douwe Maan
1e8d703a85
Tag model specs
2015-12-09 10:50:51 +01:00
Douwe Maan
62c14ba2ed
Render commit reference using short sha, but include full sha in comment.
2015-12-01 12:58:45 +01:00
Douwe Maan
a7be01cd07
Render commit range reference with short shas, link to full shas.
2015-11-30 21:10:52 +01:00
Dmitriy Zaporozhets
f40b99d02e
Merge branch 'master' into rubocop-for-tests
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Conflicts:
spec/features/issues_spec.rb
spec/models/forked_project_link_spec.rb
spec/models/hooks/service_hook_spec.rb
spec/models/hooks/web_hook_spec.rb
spec/models/project_services/hipchat_service_spec.rb
spec/requests/api/project_members_spec.rb
spec/requests/api/projects_spec.rb
spec/requests/api/system_hooks_spec.rb
spec/services/archive_repository_service_spec.rb
spec/support/matchers.rb
spec/tasks/gitlab/backup_rake_spec.rb
2015-06-23 10:44:03 +02:00
Robert Speicher
94eff65569
Fix Style/SpaceInsideHashLiteralBraces cop violations
...
These fixes were performed automatically by Rubocop's `-a` flag.
2015-06-22 14:41:00 -04:00
Robert Speicher
0f627f1c60
Fix raise_error
without an argument deprecation warnings
2015-06-22 12:13:47 +02:00
Robert Speicher
136ab73803
Update CommitRange#to_reference to use full SHAs
...
We only want them shortened by the filter, which calls to_s
2015-05-26 15:48:31 -04:00
Robert Speicher
c0faf91ff2
Add to_reference
for models that support references
...
Now there is a single source of information for which attribute a model
uses to be referenced, and its special character.
2015-05-26 15:48:30 -04:00
Robert Speicher
165cacce16
Rename CommitRange#inclusive?
to #exclude_start?
2015-04-25 14:58:49 -04:00
Robert Speicher
92c681a53c
Remove CommitRange#to_a
2015-04-25 14:45:56 -04:00
Robert Speicher
2403a28b3f
Include caret in CommitRange#reference_title
2015-04-25 14:41:06 -04:00
Robert Speicher
c11d3c5789
Remove param from CommitRange#to_s
2015-04-25 14:41:06 -04:00
Robert Speicher
81a21e5796
CommitRange improvements
2015-04-25 14:41:06 -04:00
Robert Speicher
a8e6656481
Add CommitRange class
2015-04-25 14:40:40 -04:00