kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
51450 commits 1 branch 0 tags 899 MiB
Commit graph

19 commits

Author SHA1 Message Date
Douwe Maan
f23b1cb453 Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security' 
Replace MR access checks with use of MergeRequestsFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
 - Permissions check tested

- [x] 💣  app/finders/notes_finder.rb:17
- [x] ⚠️  app/views/layouts/nav/_project.html.haml:80 [`.count`]
- [x] 💣  app/controllers/concerns/creates_commit.rb:84
- [x] 🚥  app/controllers/projects/commits_controller.rb:24
- [x] 🚥  app/controllers/projects/compare_controller.rb:56
- [x] 🚦  app/controllers/projects/discussions_controller.rb:29
- [x]   app/controllers/projects/todos_controller.rb:27
- [x] 🚦  app/models/commit.rb:268
- [x]  lib/gitlab/search_results.rb:71

- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)`
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`.
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use  of unchecked `merged_merge_request?`

See merge request !2033
 2016-12-08 21:42:07 -03:00
Lin Jen-Shin
5416d0e083 Pass @ref along so we know which pipeline to show 
Closes #23615
 2016-10-24 22:26:06 +08:00
Valery Sizov
fd2c3a3da0 Refactoring find_commits functionality 2016-10-20 12:45:34 +03:00
Paco Guzman
c4b9bd0413 API support for the 'since' and 'until' operators on commit requests 
- Parameter validation as ISO8601 format
 2016-04-29 09:26:52 +02:00
Douglas Barbosa Alexandre
1353cff5fe Replaces "Create merge request" link with one to the MR when one exists 2016-02-10 10:32:25 -02:00
Dmitriy Zaporozhets
4443a5f3c7 Add support for ref and path to commits filtering 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2016-01-07 15:16:11 +01:00
Dmitriy Zaporozhets
9a250ad6d8 Filter commits by search parameter 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2016-01-07 15:16:10 +01:00
Robert Speicher
1bda2e43a2 Prevent an XSS warning from the updated Brakeman 2015-12-27 21:19:14 -05:00
Valery Sizov
95df86638d Fix: Inability to reply to code comments in the MR view, if the MR comes from a fork 2015-10-22 18:38:00 +02:00
Jeroen van Baarsen
5a4ebfb47a Fixed the Rails/ActionFilter cop 
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
 2015-04-20 15:39:37 +02:00
Douwe Maan
00408f37e3 Move 'require_non_empty_project' filter to front so 'assign_ref_vars' doesn't 404. 2015-02-20 17:20:03 +01:00
Dmitriy Zaporozhets
8952fc015f Apply default scope to labels and remove one for notes 2015-02-05 20:29:41 -08:00
Dmitriy Zaporozhets
c916124178 Explicitly set before_filter for ref-related controllers 2015-01-26 15:01:51 -08:00
Valery Sizov
6f34d40436 remove auth duplication 2014-11-05 11:04:08 +02:00
Ciro Santilli
4d0d5e79ba Factor authorize_push! and authorize_code_access! 
with existing method_missing. Pattern already used extensively,
so let's be consistent and use it everywhere.
 2014-10-13 21:31:49 +02:00
Ciro Santilli
ceaebe233c Remove outdated comment from commits_controller 2014-10-07 18:52:16 +02:00
skv
20b2102771 notes count in 1 query for mr and commits 2014-06-10 16:10:53 +04:00
Dmitriy Zaporozhets
33aea41708
Drop rjs from Infinite scrolling 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-11-28 11:38:20 +02:00
Dmitriy Zaporozhets
2ed7cbfba4 Move projects controllers/views in Projects module 2013-06-23 19:47:22 +03:00
Renamed from app/controllers/commits_controller.rb (Browse further)