Add latest changes from gitlab-org/gitlab@master

2022-01-06 12:14:04 +00:00 · 2022-01-06 12:14:04 +00:00 · 658b54e04c
parent 8f177b09d2
commit 658b54e04c
18 changed files with 138 additions and 15 deletions
--- a/2
+++ b/2
@ -194,7 +194,7 @@ end
 gem 'state_machines-activerecord', '~> 0.8.0'

 # Issue tags
-gem 'acts-as-taggable-on', '~> 8.1'
+gem 'acts-as-taggable-on', '~> 9.0'

 # Background jobs
 gem 'sidekiq', '~> 6.3'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -73,8 +73,8 @@ GEM
      minitest (>= 5.1)
      tzinfo (~> 2.0)
      zeitwerk (~> 2.3)
-    acts-as-taggable-on (8.1.0)
-      activerecord (>= 5.0, < 6.2)
+    acts-as-taggable-on (9.0.0)
+      activerecord (>= 6.0, < 7.1)
    addressable (2.8.0)
      public_suffix (>= 2.0.2, < 5.0)
    aes_key_wrap (1.1.0)
@ -1390,7 +1390,7 @@ DEPENDENCIES
  RedCloth (~> 4.3.2)
  acme-client (~> 2.0, >= 2.0.9)
  activerecord-explain-analyze (~> 0.1)
-  acts-as-taggable-on (~> 8.1)
+  acts-as-taggable-on (~> 9.0)
  addressable (~> 2.8)
  akismet (~> 3.0)
  apollo_upload_server (~> 2.1.0)
--- a/app/assets/javascripts/emoji/components/picker.vue
+++ b/app/assets/javascripts/emoji/components/picker.vue
@ -125,7 +125,7 @@ export default {
          :aria-label="category.name"
          @click="scrollToCategory(category.name)"
        >
-          <gl-icon :name="category.icon" :size="12" />
+          <gl-icon :name="category.icon" />
        </button>
      </div>
      <emoji-list :search-value="searchValue">
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@ -365,10 +365,17 @@
    padding: 0;
    margin: 0 0 16px;

+    // Lists embedded in other lists can be "loose" or "tight"
+    // Remove bottom margin for all lists (default for tight lists)
    ul,
    ol {
      margin-bottom: 0;
    }
+
+    // Loose lists need bottom margin added back
+    p ~ ol,
+    p ~ ul {
+      margin-bottom: 16px;
    }
  }

  ul:dir(rtl),
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -23,6 +23,9 @@ class UsersController < ApplicationController
  before_action :user, except: [:exists]
  before_action :authorize_read_user_profile!,
                only: [:calendar, :calendar_activities, :groups, :projects, :contributed, :starred, :snippets, :followers, :following]
+  before_action only: [:exists] do
+    check_rate_limit!(:username_exists, scope: request.ip) if Feature.enabled?(:rate_limit_username_exists_endpoint, default_enabled: :yaml)
+  end

  feature_category :users

--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@ -487,6 +487,10 @@ module ApplicationSettingsHelper
  def pending_user_count
    User.blocked_pending_approval.count
  end
+
+  def registration_features_can_be_prompted?
+    !Gitlab::CurrentSettings.usage_ping_enabled?
+  end
 end

 ApplicationSettingsHelper.prepend_mod_with('ApplicationSettingsHelper')
--- a/app/views/admin/users/_users.html.haml
+++ b/app/views/admin/users/_users.html.haml
@ -1,3 +1,11 @@
+- if registration_features_can_be_prompted?
+  = render 'shared/global_alert',
+    variant: :tip,
+    alert_class: 'gl-my-5',
+    dismissible: false do
+    .gl-alert-body
+      = render 'shared/registration_features_discovery_message', feature_title: s_('RegistrationFeatures|send emails to users')
+
 .top-area.scrolling-tabs-container.inner-page-scroll-tabs
  .fade-left
    = sprite_icon('chevron-lg-left', size: 12)
--- a/app/views/shared/_registration_features_discovery_message.html.haml
+++ b/app/views/shared/_registration_features_discovery_message.html.haml
@ -1,9 +1,9 @@
- license = local_assigns.fetch(:license)
+- feature_title = local_assigns.fetch(:feature_title, s_('RegistrationFeatures|use this feature'))
 - registration_features_docs_path = help_page_path('development/service_ping/index.md', anchor: 'registration-features-program')
 - service_ping_settings_path = metrics_and_profiling_admin_application_settings_path(anchor: 'js-usage-settings')

 %div
-  %span= s_('RegistrationFeatures|Want to use this feature for free?')
-  - if license.present?
+  %span= sprintf(s_('RegistrationFeatures|Want to %{feature_title} for free?'), { feature_title: feature_title })
+  - if Gitlab.ee?
    = link_to s_('RegistrationFeatures|Enable Service Ping and register for this feature.'), service_ping_settings_path
-  = sprintf(s_('RegistrationFeatures|Read more about the %{linkStart}Registration Features Program%{linkEnd}.') , { linkStart: "<a href=\"#{registration_features_docs_path}\" target=\"_blank\">", linkEnd: "</a>", }).html_safe
+  = sprintf(s_('RegistrationFeatures|Read more about the %{linkStart}%{label}%{linkEnd}.') , { linkStart: "<a href=\"#{registration_features_docs_path}\" target=\"_blank\">", label: s_('RegistrationFeatures|Registration Features Program'), linkEnd: "</a>" }).html_safe
--- a/config/feature_flags/development/rate_limit_username_exists_endpoint.yml
+++ b/config/feature_flags/development/rate_limit_username_exists_endpoint.yml
@ -0,0 +1,8 @@
+---
+name: rate_limit_username_exists_endpoint
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77119
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/348974
+milestone: '14.7'
+type: development
+group: group::optimize
+default_enabled: false
--- a/db/post_migrate/20220105020514_remove_ci_minutes_additional_packs_namespace_id_foreign_key_constraint.rb
+++ b/db/post_migrate/20220105020514_remove_ci_minutes_additional_packs_namespace_id_foreign_key_constraint.rb
@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class RemoveCiMinutesAdditionalPacksNamespaceIdForeignKeyConstraint < Gitlab::Database::Migration[1.0]
+  disable_ddl_transaction!
+
+  CONSTRAINT_NAME = 'fk_rails_e0e0c4e4b1'
+
+  def up
+    with_lock_retries do
+      remove_foreign_key_if_exists(:ci_minutes_additional_packs, :namespaces, name: CONSTRAINT_NAME)
+    end
+  end
+
+  def down
+    add_concurrent_foreign_key :ci_minutes_additional_packs, :namespaces, column: :namespace_id, on_delete: :cascade, name: CONSTRAINT_NAME
+  end
+end
--- a/db/schema_migrations/20220105020514
+++ b/db/schema_migrations/20220105020514
@ -0,0 +1 @@
+301c2f09f48aa3e34c2f679628a9542b4babc589e3d20e9ccf84a9209f5841ee
--- a/db/structure.sql
+++ b/db/structure.sql
@ -31270,9 +31270,6 @@ ALTER TABLE ONLY analytics_cycle_analytics_group_stages
 ALTER TABLE ONLY bulk_import_export_uploads
    ADD CONSTRAINT fk_rails_dfbfb45eca FOREIGN KEY (export_id) REFERENCES bulk_import_exports(id) ON DELETE CASCADE;

-ALTER TABLE ONLY ci_minutes_additional_packs
-    ADD CONSTRAINT fk_rails_e0e0c4e4b1 FOREIGN KEY (namespace_id) REFERENCES namespaces(id) ON DELETE CASCADE;
-
 ALTER TABLE ONLY label_priorities
    ADD CONSTRAINT fk_rails_e161058b0f FOREIGN KEY (label_id) REFERENCES labels(id) ON DELETE CASCADE;

--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@ -53,7 +53,7 @@ To view vulnerabilities in a pipeline:

 1. On the top bar, select **Menu > Projects** and find your project.
 1. On the left sidebar, select **CI/CD > Pipelines**.
-1. Select the **Status** of a branch.
+1. From the list, select the pipeline you want to check for vulnerabilities.
 1. Select the **Security** tab.

 A pipeline consists of multiple jobs, such as SAST and DAST scans. If a job fails to finish,
--- a/lib/gitlab/application_rate_limiter.rb
+++ b/lib/gitlab/application_rate_limiter.rb
@ -50,6 +50,7 @@ module Gitlab
          profile_add_new_email:        { threshold: 5, interval: 1.minute },
          web_hook_calls:               { interval: 1.minute },
          users_get_by_id:              { threshold: 10, interval: 1.minute },
+          username_exists:              { threshold: 20, interval: 1.minute },
          profile_resend_email_confirmation:  { threshold: 5, interval: 1.minute },
          profile_update_username:            { threshold: 10, interval: 1.minute },
          update_environment_canary_ingress:  { threshold: 1, interval: 1.minute },
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@ -29253,10 +29253,19 @@ msgstr ""
 msgid "RegistrationFeatures|Enable Service Ping and register for this feature."
 msgstr ""

-msgid "RegistrationFeatures|Read more about the %{linkStart}Registration Features Program%{linkEnd}."
+msgid "RegistrationFeatures|Read more about the %{linkStart}%{label}%{linkEnd}."
 msgstr ""

-msgid "RegistrationFeatures|Want to use this feature for free?"
+msgid "RegistrationFeatures|Registration Features Program"
+msgstr ""
+
+msgid "RegistrationFeatures|Want to %{feature_title} for free?"
+msgstr ""
+
+msgid "RegistrationFeatures|send emails to users"
+msgstr ""
+
+msgid "RegistrationFeatures|use this feature"
 msgstr ""

 msgid "RegistrationVerification|Are you sure you want to skip this step?"
--- a/spec/features/admin/admin_users_spec.rb
+++ b/spec/features/admin/admin_users_spec.rb
@ -57,4 +57,33 @@ RSpec.describe "Admin::Users" do
      expect(page).to have_content("#{Time.now.strftime('%b %Y')} 3 0")
    end
  end
+
+  describe 'prompt user about registration features' do
+    let(:message) { s_("RegistrationFeatures|Want to %{feature_title} for free?") % { feature_title: s_('RegistrationFeatures|send emails to users') } }
+
+    it 'does not render registration features CTA when service ping is enabled' do
+      stub_application_setting(usage_ping_enabled: true)
+
+      visit admin_users_path
+
+      expect(page).not_to have_content(message)
+    end
+
+    context 'with no license and service ping disabled' do
+      before do
+        stub_application_setting(usage_ping_enabled: false)
+
+        if Gitlab.ee?
+          allow(License).to receive(:current).and_return(nil)
+        end
+      end
+
+      it 'renders registration features CTA' do
+        visit admin_users_path
+
+        expect(page).to have_content(message)
+        expect(page).to have_link(s_('RegistrationFeatures|Registration Features Program'))
+      end
+    end
+  end
 end
--- a/spec/helpers/application_settings_helper_spec.rb
+++ b/spec/helpers/application_settings_helper_spec.rb
@ -253,6 +253,32 @@ RSpec.describe ApplicationSettingsHelper do
    end
  end

+  describe '.registration_features_can_be_prompted?' do
+    subject { helper.registration_features_can_be_prompted? }
+
+    before do
+      if Gitlab.ee?
+        allow(License).to receive(:current).and_return(nil)
+      end
+    end
+
+    context 'when service ping is enabled' do
+      before do
+        stub_application_setting(usage_ping_enabled: true)
+      end
+
+      it { is_expected.to be_falsey }
+    end
+
+    context 'when service ping is disabled' do
+      before do
+        stub_application_setting(usage_ping_enabled: false)
+      end
+
+      it { is_expected.to be_truthy }
+    end
+  end
+
  describe '#sidekiq_job_limiter_modes_for_select' do
    subject { helper.sidekiq_job_limiter_modes_for_select }

--- a/spec/requests/users_controller_spec.rb
+++ b/spec/requests/users_controller_spec.rb
@ -636,6 +636,8 @@ RSpec.describe UsersController do
  describe 'GET #exists' do
    before do
      sign_in(user)
+
+      allow(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).and_return(false)
    end

    context 'when user exists' do
@ -677,6 +679,17 @@ RSpec.describe UsersController do
        end
      end
    end
+
+    context 'when the rate limit has been reached' do
+      it 'returns status 429 Too Many Requests', :aggregate_failures do
+        ip = '1.2.3.4'
+        expect(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).with(:username_exists, scope: ip).and_return(true)
+
+        get user_exists_url(user.username), env: { 'REMOTE_ADDR': ip }
+
+        expect(response).to have_gitlab_http_status(:too_many_requests)
+      end
+    end
  end

  describe '#ensure_canonical_path' do
				`@ -0,0 +1 @@`
				`301c2f09f48aa3e34c2f679628a9542b4babc589e3d20e9ccf84a9209f5841ee`