root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-01-23 06:08:58 +00:00
parent 89ff92639b
commit 784a3db627
21 changed files with 200 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/graphql/types/group_type.rb
View File

@ -62,6 +62,10 @@ module Types
null: true,
description: 'Indicates if a group has email notifications disabled.'
field :max_access_level, Types::AccessLevelType,
null: false,
description: 'The maximum access level of the current user in the group.'
field :mentions_disabled,
type: GraphQL::Types::Boolean,
null: true,
@ -375,6 +379,16 @@ module Types
end
end
def max_access_level
return Gitlab::Access::NO_ACCESS if current_user.nil?
BatchLoader::GraphQL.for(object.id).batch do |group_ids, loader|
current_user.max_member_access_for_group_ids(group_ids).each do |group_id, max_access_level|
loader.call(group_id, max_access_level)
end
end
end
private
def group

14
app/graphql/types/project_type.rb
View File

@ -110,6 +110,10 @@ module Types
null: true,
description: 'Indicates if the project has Large File Storage (LFS) enabled.'
field :max_access_level, Types::AccessLevelType,
null: false,
description: 'The maximum access level of the current user in the project.'
field :merge_requests_ff_only_enabled, GraphQL::Types::Boolean,
null: true,
description: 'Indicates if no merge commits should be created and all merges should instead be ' \
@ -823,6 +827,16 @@ module Types
}
end
def max_access_level
return Gitlab::Access::NO_ACCESS if current_user.nil?
BatchLoader::GraphQL.for(object.id).batch do |project_ids, loader|
current_user.max_member_access_for_project_ids(project_ids).each do |project_id, max_access_level|
loader.call(project_id, max_access_level)
end
end
end
private
def project

10
db/docs/dast_profile_schedules.yml
View File

@ -7,4 +7,12 @@ feature_categories:
description: Scheduling for scans using DAST Profiles
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65327
milestone: '14.2'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

10
db/docs/dast_profiles.yml
View File

@ -7,4 +7,12 @@ feature_categories:
description: Profile used to run a DAST on-demand scan
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51296
milestone: '13.9'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

13
db/docs/dast_scanner_profiles.yml
View File

@ -4,7 +4,16 @@ classes:
- DastScannerProfile
feature_categories:
- dynamic_application_security_testing
description: A scanner profile defines the scanner settings used to run an on-demand scan
description: A scanner profile defines the scanner settings used to run an on-demand
scan
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37404
milestone: '13.3'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

13
db/docs/dast_site_profiles.yml
View File

@ -4,7 +4,16 @@ classes:
- DastSiteProfile
feature_categories:
- dynamic_application_security_testing
description: A site profile describes the attributes of a web site to scan on demand with DAST
description: A site profile describes the attributes of a web site to scan on demand
with DAST
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36659
milestone: '13.2'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

10
db/docs/dast_site_tokens.yml
View File

@ -7,4 +7,12 @@ feature_categories:
description: Token for the site to be validated
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41639
milestone: '13.4'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

10
db/docs/dast_sites.yml
View File

@ -7,4 +7,12 @@ feature_categories:
description: Site to run dast scan on
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36659
milestone: '13.2'
gitlab_schema: gitlab_main
gitlab_schema: gitlab_main_cell
allow_cross_joins:
- gitlab_main_clusterwide
allow_cross_transactions:
- gitlab_main_clusterwide
allow_cross_foreign_keys:
- gitlab_main_clusterwide
sharding_key:
project_id: projects

2
doc/api/graphql/reference/index.md
View File

@ -19408,6 +19408,7 @@ GPG signature for a signed commit.
| <a id="groupid"></a>`id` | [`ID!`](#id) | ID of the namespace. |
| <a id="groupistemporarystorageincreaseenabled"></a>`isTemporaryStorageIncreaseEnabled` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated** in 16.7. Feature removal, will be completely removed in 17.0. |
| <a id="grouplfsenabled"></a>`lfsEnabled` | [`Boolean`](#boolean) | Indicates if Large File Storage (LFS) is enabled for namespace. |
| <a id="groupmaxaccesslevel"></a>`maxAccessLevel` | [`AccessLevel!`](#accesslevel) | The maximum access level of the current user in the group. |
| <a id="groupmentionsdisabled"></a>`mentionsDisabled` | [`Boolean`](#boolean) | Indicates if a group is disabled from getting mentioned. |
| <a id="groupname"></a>`name` | [`String!`](#string) | Name of the namespace. |
| <a id="grouppackagesettings"></a>`packageSettings` | [`PackageSettings`](#packagesettings) | Package settings for the namespace. |
@ -24356,6 +24357,7 @@ Represents vulnerability finding of a security report on the pipeline.
| <a id="projectlanguages"></a>`languages` | [`[RepositoryLanguage!]`](#repositorylanguage) | Programming languages used in the project. |
| <a id="projectlastactivityat"></a>`lastActivityAt` | [`Time`](#time) | Timestamp of the project last activity. |
| <a id="projectlfsenabled"></a>`lfsEnabled` | [`Boolean`](#boolean) | Indicates if the project has Large File Storage (LFS) enabled. |
| <a id="projectmaxaccesslevel"></a>`maxAccessLevel` | [`AccessLevel!`](#accesslevel) | The maximum access level of the current user in the project. |
| <a id="projectmergecommittemplate"></a>`mergeCommitTemplate` | [`String`](#string) | Template used to create merge commit message in merge requests. |
| <a id="projectmergerequestsaccesslevel"></a>`mergeRequestsAccessLevel` | [`ProjectFeatureAccess`](#projectfeatureaccess) | Access level required for merge requests access. |
| <a id="projectmergerequestsdisablecommittersapproval"></a>`mergeRequestsDisableCommittersApproval` | [`Boolean!`](#boolean) | Indicates that committers of the given merge request cannot approve. |

60
doc/api/projects.md
View File

@ -57,7 +57,7 @@ GET /projects
| `id_after` | integer | No | Limit results to projects with IDs greater than the specified ID. |
| `id_before` | integer | No | Limit results to projects with IDs less than the specified ID. |
| `imported` | boolean | No | Limit results to projects which were imported from external systems by current user. |
| `include_hidden` **(PREMIUM ALL)** | boolean | No | Include hidden projects. _(administrators only)_ |
| `include_hidden` | boolean | No | Include hidden projects. _(administrators only)_ Premium and Ultimate only. |
| `include_pending_delete` | boolean | No | Include projects pending deletion. _(administrators only)_ |
| `last_activity_after` | datetime | No | Limit results to projects with last activity after specified time. Format: ISO 8601 (`YYYY-MM-DDTHH:MM:SSZ`) |
| `last_activity_before` | datetime | No | Limit results to projects with last activity before specified time. Format: ISO 8601 (`YYYY-MM-DDTHH:MM:SSZ`) |
@ -65,7 +65,7 @@ GET /projects
| `min_access_level` | integer | No | Limit by current user minimal [role (`access_level`)](members.md#roles). |
| `order_by` | string | No | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, `last_activity_at`, or `similarity` fields. `repository_size`, `storage_size`, `packages_size` or `wiki_size` fields are only allowed for administrators. `similarity` ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332890) in GitLab 14.1) is only available when searching and is limited to projects that the current user is a member of. Default is `created_at`. |
| `owned` | boolean | No | Limit by projects explicitly owned by the current user. |
| `repository_checksum_failed` **(PREMIUM ALL)** | boolean | No | Limit projects where the repository checksum calculation has failed. |
| `repository_checksum_failed` | boolean | No | Limit projects where the repository checksum calculation has failed. Premium and Ultimate only. |
| `repository_storage` | string | No | Limit results to projects stored on `repository_storage`. _(administrators only)_ |
| `search_namespaces` | boolean | No | Include ancestor namespaces when matching search criteria. Default is `false`. |
| `search` | string | No | Return list of projects matching the search criteria. |
@ -78,7 +78,7 @@ GET /projects
| `updated_after` | datetime | No | Limit results to projects last updated after the specified time. Format: ISO 8601 (`YYYY-MM-DDTHH:MM:SSZ`). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/393979) in GitLab 15.10. For this filter to work, you must also provide `updated_at` as the `order_by` attribute. |
| `updated_before` | datetime | No | Limit results to projects last updated before the specified time. Format: ISO 8601 (`YYYY-MM-DDTHH:MM:SSZ`). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/393979) in GitLab 15.10. For this filter to work, you must also provide `updated_at` as the `order_by` attribute. |
| `visibility` | string | No | Limit by visibility `public`, `internal`, or `private`. |
| `wiki_checksum_failed` **(PREMIUM ALL)** | boolean | No | Limit projects where the wiki checksum calculation has failed. |
| `wiki_checksum_failed` | boolean | No | Limit projects where the wiki checksum calculation has failed. Premium and Ultimate only. |
| `with_custom_attributes` | boolean | No | Include [custom attributes](custom_attributes.md) in response. _(administrator only)_ |
| `with_issues_enabled` | boolean | No | Limit by enabled issues feature. |
| `with_merge_requests_enabled` | boolean | No | Limit by enabled merge requests feature. |
@ -1507,7 +1507,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your-token>" \
| `path` | string | Yes (if `name` isn't provided) | Repository name for new project. Generated based on name if not provided (generated as lowercase with dashes). Starting with GitLab 14.9, path must not start or end with a special character and must not contain consecutive special characters. |
| `allow_merge_on_skipped_pipeline` | boolean | No | Set whether or not merge requests can be merged with skipped jobs. |
| `analytics_access_level` | string | No | One of `disabled`, `private` or `enabled` |
| `approvals_before_merge` **(PREMIUM ALL)** | integer | No | How many approvers should approve merge requests by default. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. |
| `approvals_before_merge` | integer | No | How many approvers should approve merge requests by default. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. Premium and Ultimate only. |
| `auto_cancel_pending_pipelines` | string | No | Auto-cancel pending pipelines. This action toggles between an enabled state and a disabled state; it is not a boolean. |
| `auto_devops_deploy_strategy` | string | No | Auto Deploy strategy (`continuous`, `manual` or `timed_incremental`). |
| `auto_devops_enabled` | boolean | No | Enable Auto DevOps for this project. |
@ -1525,11 +1525,11 @@ curl --request POST --header "PRIVATE-TOKEN: <your-token>" \
| `emails_disabled` | boolean | No | _(Deprecated)_ Disable email notifications. Use `emails_enabled` instead |
| `emails_enabled` | boolean | No | Enable email notifications. |
| `environments_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `external_authorization_classification_label` **(PREMIUM ALL)** | string | No | The classification label for the project. |
| `external_authorization_classification_label` | string | No | The classification label for the project. Premium and Ultimate only. |
| `feature_flags_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `forking_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `group_runners_enabled` | boolean | No | Enable group runners for this project. |
| `group_with_project_templates_id` **(PREMIUM ALL)** | integer | No | For group-level custom templates, specifies ID of group from which all the custom project templates are sourced. Leave empty for instance-level templates. Requires `use_custom_template` to be true. |
| `group_with_project_templates_id` | integer | No | For group-level custom templates, specifies ID of group from which all the custom project templates are sourced. Leave empty for instance-level templates. Requires `use_custom_template` to be true. Premium and Ultimate only. |
| `import_url` | string | No | URL to import repository from. When the URL value isn't empty, you must not set `initialize_with_readme` to `true`. Doing so might result in the [following error](https://gitlab.com/gitlab-org/gitlab/-/issues/360266): `not a git repository`. |
| `infrastructure_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `initialize_with_readme` | boolean | No | Whether to create a Git repository with just a `README.md` file. Default is `false`. When this boolean is true, you must not pass `import_url` or other attributes of this endpoint which specify alternative contents for the repository. Doing so might result in the [following error](https://gitlab.com/gitlab-org/gitlab/-/issues/360266): `not a git repository`. |
@ -1542,8 +1542,8 @@ curl --request POST --header "PRIVATE-TOKEN: <your-token>" \
| `merge_requests_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `merge_requests_enabled` | boolean | No | _(Deprecated)_ Enable merge requests for this project. Use `merge_requests_access_level` instead. |
| `merge_trains_enabled` | boolean | No | Enable or disable merge trains. |
| `mirror_trigger_builds` **(PREMIUM ALL)** | boolean | No | Pull mirroring triggers builds. |
| `mirror` **(PREMIUM ALL)** | boolean | No | Enables pull mirroring in a project. |
| `mirror_trigger_builds` | boolean | No | Pull mirroring triggers builds. Premium and Ultimate only. |
| `mirror` | boolean | No | Enables pull mirroring in a project. Premium and Ultimate only. |
| `model_experiments_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `model_registry_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `monitor_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
@ -1570,9 +1570,9 @@ curl --request POST --header "PRIVATE-TOKEN: <your-token>" \
| `squash_option` | string | No | One of `never`, `always`, `default_on`, or `default_off`. |
| `tag_list` | array | No | _([Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0)_ The list of tags for a project; put array of tags, that should be finally assigned to a project. Use `topics` instead. |
| `template_name` | string | No | When used without `use_custom_template`, name of a [built-in project template](../user/project/index.md#create-a-project-from-a-built-in-template). When used with `use_custom_template`, name of a custom project template. |
| `template_project_id` **(PREMIUM ALL)** | integer | No | When used with `use_custom_template`, project ID of a custom project template. Using a project ID is preferable to using `template_name` since `template_name` may be ambiguous. |
| `template_project_id` | integer | No | When used with `use_custom_template`, project ID of a custom project template. Using a project ID is preferable to using `template_name` since `template_name` may be ambiguous. Premium and Ultimate only. |
| `topics` | array | No | The list of topics for a project; put array of topics, that should be finally assigned to a project. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0.)_ |
| `use_custom_template` **(PREMIUM ALL)** | boolean | No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. |
| `use_custom_template` | boolean | No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. Premium and Ultimate only. |
| `visibility` | string | No | See [project visibility level](#project-visibility-level). |
| `wiki_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `wiki_enabled` | boolean | No | _(Deprecated)_ Enable wiki for this project. Use `wiki_access_level` instead. |
@ -1598,7 +1598,7 @@ POST /projects/user/:user_id
| `user_id` | integer | Yes | The user ID of the project owner. |
| `allow_merge_on_skipped_pipeline` | boolean | No | Set whether or not merge requests can be merged with skipped jobs. |
| `analytics_access_level` | string | No | One of `disabled`, `private` or `enabled` |
| `approvals_before_merge` **(PREMIUM ALL)** | integer | No | How many approvers should approve merge requests by default. [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). |
| `approvals_before_merge` | integer | No | How many approvers should approve merge requests by default. [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). Premium and Ultimate only. |
| `auto_cancel_pending_pipelines` | string | No | Auto-cancel pending pipelines. This action toggles between an enabled state and a disabled state; it is not a boolean. |
| `auto_devops_deploy_strategy` | string | No | Auto Deploy strategy (`continuous`, `manual` or `timed_incremental`). |
| `auto_devops_enabled` | boolean | No | Enable Auto DevOps for this project. |
@ -1616,11 +1616,11 @@ POST /projects/user/:user_id
| `emails_enabled` | boolean | No | Enable email notifications. |
| `enforce_auth_checks_on_uploads` | boolean | No | Enforce [auth checks](../security/user_file_uploads.md#enable-authorization-checks-for-all-media-files) on uploads. |
| `environments_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `external_authorization_classification_label` **(PREMIUM ALL)** | string | No | The classification label for the project. |
| `external_authorization_classification_label` | string | No | The classification label for the project. Premium and Ultimate only. |
| `feature_flags_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `forking_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `group_runners_enabled` | boolean | No | Enable group runners for this project. |
| `group_with_project_templates_id` **(PREMIUM ALL)** | integer | No | For group-level custom templates, specifies ID of group from which all the custom project templates are sourced. Leave empty for instance-level templates. Requires `use_custom_template` to be true. |
| `group_with_project_templates_id` | integer | No | For group-level custom templates, specifies ID of group from which all the custom project templates are sourced. Leave empty for instance-level templates. Requires `use_custom_template` to be true. Premium and Ultimate only. |
| `import_url` | string | No | URL to import repository from. |
| `infrastructure_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `initialize_with_readme` | boolean | No | `false` by default. |
@ -1633,8 +1633,8 @@ POST /projects/user/:user_id
| `merge_method` | string | No | Set the [merge method](#project-merge-method) used. |
| `merge_requests_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `merge_requests_enabled` | boolean | No | _(Deprecated)_ Enable merge requests for this project. Use `merge_requests_access_level` instead. |
| `mirror_trigger_builds` **(PREMIUM ALL)** | boolean | No | Pull mirroring triggers builds. |
| `mirror` **(PREMIUM ALL)** | boolean | No | Enables pull mirroring in a project. |
| `mirror_trigger_builds` | boolean | No | Pull mirroring triggers builds. Premium and Ultimate only. |
| `mirror` | boolean | No | Enables pull mirroring in a project. Premium and Ultimate only. |
| `model_experiments_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `model_registry_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `monitor_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
@ -1665,7 +1665,7 @@ POST /projects/user/:user_id
| `tag_list` | array | No | _([Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0)_ The list of tags for a project; put array of tags, that should be finally assigned to a project. Use `topics` instead. |
| `template_name` | string | No | When used without `use_custom_template`, name of a [built-in project template](../user/project/index.md#create-a-project-from-a-built-in-template). When used with `use_custom_template`, name of a custom project template. |
| `topics` | array | No | The list of topics for the project. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0.)_ |
| `use_custom_template` **(PREMIUM ALL)** | boolean | No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. |
| `use_custom_template` | boolean | No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. Premium and Ultimate only. |
| `visibility` | string | No | See [project visibility level](#project-visibility-level). |
| `wiki_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `wiki_enabled` | boolean | No | _(Deprecated)_ Enable wiki for this project. Use `wiki_access_level` instead. |
@ -1700,10 +1700,10 @@ Supported attributes:
|-------------------------------------------------------------------|-------------------|----------|-------------|
| `id` | integer or string | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `allow_merge_on_skipped_pipeline` | boolean | No | Set whether or not merge requests can be merged with skipped jobs. |
| `allow_pipeline_trigger_approve_deployment` **(PREMIUM ALL)** | boolean | No | Set whether or not a pipeline triggerer is allowed to approve deployments. |
| `allow_pipeline_trigger_approve_deployment` | boolean | No | Set whether or not a pipeline triggerer is allowed to approve deployments. Premium and Ultimate only. |
| `only_allow_merge_if_all_status_checks_passed` **(ULTIMATE ALL)** | boolean | No | Indicates that merges of merge requests should be blocked unless all status checks have passed. Defaults to false.<br/><br/>[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/369859) in GitLab 15.5 with feature flag `only_allow_merge_if_all_status_checks_passed` disabled by default. The feature flag was enabled by default in GitLab 15.9. |
| `analytics_access_level` | string | No | One of `disabled`, `private` or `enabled` |
| `approvals_before_merge` **(PREMIUM ALL)** | integer | No | How many approvers should approve merge requests by default. [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). |
| `approvals_before_merge` | integer | No | How many approvers should approve merge requests by default. [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/353097) in GitLab 16.0. To configure approval rules, see [Merge request approvals API](merge_request_approvals.md). Premium and Ultimate only. |
| `auto_cancel_pending_pipelines` | string | No | Auto-cancel pending pipelines. This action toggles between an enabled state and a disabled state; it is not a boolean. |
| `auto_devops_deploy_strategy` | string | No | Auto Deploy strategy (`continuous`, `manual`, or `timed_incremental`). |
| `auto_devops_enabled` | boolean | No | Enable Auto DevOps for this project. |
@ -1718,7 +1718,7 @@ Supported attributes:
| `ci_forward_deployment_rollback_allowed` | boolean | No | Enable or disable [allow job retries for rollback deployments](../ci/pipelines/settings.md#prevent-outdated-deployment-jobs). |
| `ci_allow_fork_pipelines_to_run_in_parent_project` | boolean | No | Enable or disable [running pipelines in the parent project for merge requests from forks](../ci/pipelines/merge_request_pipelines.md#run-pipelines-in-the-parent-project). _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/325189) in GitLab 15.3.)_ |
| `ci_separated_caches` | boolean | No | Set whether or not caches should be [separated](../ci/caching/index.md#cache-key-names) by branch protection status. |
| `ci_restrict_pipeline_cancellation_role` **(PREMIUM ALL)** | string | No | Set the [role required to cancel a pipeline or job](../ci/pipelines/settings.md#restrict-roles-that-can-cancel-pipelines-or-jobs). One of `developer`, `maintainer`, or `no_one`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/429921) in GitLab 16.8.)_ |
| `ci_restrict_pipeline_cancellation_role` | string | No | Set the [role required to cancel a pipeline or job](../ci/pipelines/settings.md#restrict-roles-that-can-cancel-pipelines-or-jobs). One of `developer`, `maintainer`, or `no_one`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/429921) in GitLab 16.8. Premium and Ultimate only. |
| `container_expiration_policy_attributes` | hash | No | Update the image cleanup policy for this project. Accepts: `cadence` (string), `keep_n` (integer), `older_than` (string), `name_regex` (string), `name_regex_delete` (string), `name_regex_keep` (string), `enabled` (boolean). |
| `container_registry_access_level` | string | No | Set visibility of container registry, for this project, to one of `disabled`, `private` or `enabled`. |
| `container_registry_enabled` | boolean | No | _(Deprecated)_ Enable container registry for this project. Use `container_registry_access_level` instead. |
@ -1727,13 +1727,13 @@ Supported attributes:
| `emails_disabled` | boolean | No | _(Deprecated)_ Disable email notifications. Use `emails_enabled` instead |
| `emails_enabled` | boolean | No | Enable email notifications. |
| `enforce_auth_checks_on_uploads` | boolean | No | Enforce [auth checks](../security/user_file_uploads.md#enable-authorization-checks-for-all-media-files) on uploads. |
| `external_authorization_classification_label` **(PREMIUM ALL)** | string | No | The classification label for the project. |
| `external_authorization_classification_label` | string | No | The classification label for the project. Premium and Ultimate only. |
| `forking_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `group_runners_enabled` | boolean | No | Enable group runners for this project. |
| `import_url` | string | No | URL the repository was imported from. |
| `issues_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `issues_enabled` | boolean | No | _(Deprecated)_ Enable issues for this project. Use `issues_access_level` instead. |
| `issues_template` **(PREMIUM ALL)** | string | No | Default description for Issues. Description is parsed with GitLab Flavored Markdown. See [Templates for issues and merge requests](#templates-for-issues-and-merge-requests). |
| `issues_template` | string | No | Default description for Issues. Description is parsed with GitLab Flavored Markdown. See [Templates for issues and merge requests](#templates-for-issues-and-merge-requests). Premium and Ultimate only. |
| `jobs_enabled` | boolean | No | _(Deprecated)_ Enable jobs for this project. Use `builds_access_level` instead. |
| `keep_latest_artifact` | boolean | No | Disable or enable the ability to keep the latest artifact for this project. |
| `lfs_enabled` | boolean | No | Enable LFS. |
@ -1742,21 +1742,21 @@ Supported attributes:
| `merge_pipelines_enabled` | boolean | No | Enable or disable merged results pipelines. |
| `merge_requests_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
| `merge_requests_enabled` | boolean | No | _(Deprecated)_ Enable merge requests for this project. Use `merge_requests_access_level` instead. |
| `merge_requests_template` **(PREMIUM ALL)** | string | No | Default description for merge requests. Description is parsed with GitLab Flavored Markdown. See [Templates for issues and merge requests](#templates-for-issues-and-merge-requests). |
| `merge_requests_template` | string | No | Default description for merge requests. Description is parsed with GitLab Flavored Markdown. See [Templates for issues and merge requests](#templates-for-issues-and-merge-requests). Premium and Ultimate only. |
| `merge_trains_enabled` | boolean | No | Enable or disable merge trains. |
| `mirror_overwrites_diverged_branches` **(PREMIUM ALL)** | boolean | No | Pull mirror overwrites diverged branches. |
| `mirror_trigger_builds` **(PREMIUM ALL)** | boolean | No | Pull mirroring triggers builds. |
| `mirror_user_id` **(PREMIUM ALL)** | integer | No | User responsible for all the activity surrounding a pull mirror event. _(administrators only)_ |
| `mirror` **(PREMIUM ALL)** | boolean | No | Enables pull mirroring in a project. |
| `mirror_overwrites_diverged_branches` | boolean | No | Pull mirror overwrites diverged branches. Premium and Ultimate only. |
| `mirror_trigger_builds` | boolean | No | Pull mirroring triggers builds. Premium and Ultimate only. |
| `mirror_user_id` | integer | No | User responsible for all the activity surrounding a pull mirror event. _(administrators only)_ Premium and Ultimate only. |
| `mirror` | boolean | No | Enables pull mirroring in a project. Premium and Ultimate only. |
| `mr_default_target_self` | boolean | No | For forked projects, target merge requests to this project. If `false`, the target is the upstream project. |
| `name` | string | No | The name of the project. |
| `only_allow_merge_if_all_discussions_are_resolved` | boolean | No | Set whether merge requests can only be merged when all the discussions are resolved. |
| `only_allow_merge_if_pipeline_succeeds` | boolean | No | Set whether merge requests can only be merged with successful jobs. |
| `only_mirror_protected_branches` **(PREMIUM ALL)** | boolean | No | Only mirror protected branches. |
| `only_mirror_protected_branches` | boolean | No | Only mirror protected branches. Premium and Ultimate only. |
| `packages_enabled` | boolean | No | Enable or disable packages repository feature. |
| `pages_access_level` | string | No | One of `disabled`, `private`, `enabled`, or `public`. |
| `path` | string | No | Custom repository name for the project. By default generated based on name. |
| `prevent_merge_without_jira_issue` **(PREMIUM ALL)** | boolean | No | Set whether merge requests require an associated issue from Jira. |
| `prevent_merge_without_jira_issue` | boolean | No | Set whether merge requests require an associated issue from Jira. Premium and Ultimate only. |
| `printing_merge_request_link_enabled` | boolean | No | Show link to create/view merge request when pushing from the command line. |
| `public_builds` | boolean | No | If `true`, jobs can be viewed by non-project members. |
| `releases_access_level` | string | No | One of `disabled`, `private`, or `enabled`. |
@ -2519,8 +2519,8 @@ DELETE /projects/:id
| Attribute | Type | Required | Description |
|----------------------------------------|-------------------|----------|-------------|
| `id` | integer or string | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `full_path` **(PREMIUM ALL)** | string | no | Full path of project to use with `permanently_remove`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/396500) in GitLab 15.11. To find the project path, use `path_with_namespace` from [get single project](projects.md#get-single-project) |
| `permanently_remove` **(PREMIUM ALL)** | boolean/string | no | Immediately deletes a project if it is marked for deletion. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/396500) in GitLab 15.11 |
| `full_path` | string | no | Full path of project to use with `permanently_remove`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/396500) in GitLab 15.11. To find the project path, use `path_with_namespace` from [get single project](projects.md#get-single-project). Premium and Ultimate only. |
| `permanently_remove` | boolean/string | no | Immediately deletes a project if it is marked for deletion. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/396500) in GitLab 15.11. Premium and Ultimate only. |
## Restore project marked for deletion **(PREMIUM ALL)**

18
doc/api/protected_branches.md
View File

@ -229,11 +229,11 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `name` | string | yes | The name of the branch or wildcard.
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. (default: `false`)
| `allowed_to_merge` **(PREMIUM ALL)** | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`.
| `allowed_to_push` **(PREMIUM ALL)** | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`.
| `allowed_to_unprotect` **(PREMIUM ALL)** | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. The access level `No access` is not available for this field. |
| `code_owner_approval_required` **(PREMIUM ALL)** | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). (defaults: false)
| `merge_access_level` | integer | no | Access levels allowed to merge. (defaults: `40`, Maintainer role)
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_unprotect` | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. The access level `No access` is not available for this field. Premium and Ultimate only. |
| `code_owner_approval_required` | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). (defaults: false) Premium and Ultimate only.
| `merge_access_level` | integer | no | Access levels allowed to merge. (defaults: `40`, Maintainer role).
| `push_access_level` | integer | no | Access levels allowed to push. (defaults: `40`, Maintainer role)
| `unprotect_access_level` | integer | no | Access levels allowed to unprotect. (defaults: `40`, Maintainer role)
@ -460,10 +460,10 @@ curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" "https://gitl
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `name` | string | yes | The name of the branch or wildcard.
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push.
| `allowed_to_merge` **(PREMIUM ALL)** | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`.
| `allowed_to_push` **(PREMIUM ALL)** | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`.
| `allowed_to_unprotect` **(PREMIUM ALL)** | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, `{access_level: integer}`, or `{id: integer, _destroy: true}` to destroy an existing access level. The access level `No access` is not available for this field. |
| `code_owner_approval_required` **(PREMIUM ALL)** | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). |
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_unprotect` | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, `{access_level: integer}`, or `{id: integer, _destroy: true}` to destroy an existing access level. The access level `No access` is not available for this field. Premium and Ultimate only. |
| `code_owner_approval_required` | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). Premium and Ultimate only. |
Elements in the `allowed_to_push`, `allowed_to_merge` and `allowed_to_unprotect` arrays should be one of `user_id`, `group_id` or
`access_level`, and take the form `{user_id: integer}`, `{group_id: integer}` or

4
doc/api/remote_mirrors.md
View File

@ -106,7 +106,7 @@ POST /projects/:id/remote_mirrors
| `enabled` | Boolean | no | Determines if the mirror is enabled. |
| `keep_divergent_refs` | Boolean | no | Determines if divergent refs are skipped. |
| `only_protected_branches` | Boolean | no | Determines if only protected branches are mirrored. |
| `mirror_branch_regex` **(PREMIUM ALL)** | String | no | Contains a regular expression. Only branches with names matching the regex are mirrored. Requires `only_protected_branches` to be disabled. |
| `mirror_branch_regex` | String | no | Contains a regular expression. Only branches with names matching the regex are mirrored. Requires `only_protected_branches` to be disabled. Premium and Ultimate only. |
Example request:
@ -147,7 +147,7 @@ PUT /projects/:id/remote_mirrors/:mirror_id
| `enabled` | Boolean | no | Determines if the mirror is enabled. |
| `keep_divergent_refs` | Boolean | no | Determines if divergent refs are skipped. |
| `only_protected_branches` | Boolean | no | Determines if only protected branches are mirrored. |
| `mirror_branch_regex`**(PREMIUM ALL)** | String | no | Determines if only the branch whose name matches the regex is mirrored. It does not work with `only_protected_branches` enabled. |
| `mirror_branch_regex` | String | no | Determines if only the branch whose name matches the regex is mirrored. It does not work with `only_protected_branches` enabled. Premium and Ultimate only. |
Example request:

8
locale/gitlab.pot
View File

@ -30096,13 +30096,10 @@ msgstr ""
msgid "MemberRole|Incident manager"
msgstr ""
msgid "MemberRole|Make sure the group is in the Ultimate tier."
msgstr ""
msgid "MemberRole|Name"
msgstr ""
msgid "MemberRole|No custom roles for this group"
msgid "MemberRole|No custom roles found"
msgstr ""
msgid "MemberRole|Permissions"
@ -30126,9 +30123,6 @@ msgstr ""
msgid "MemberRole|To add a new role select 'Add new role'."
msgstr ""
msgid "MemberRole|To add a new role select a group and then 'Add new role'."
msgstr ""
msgid "MemberRole|To delete the custom role make sure no group member has this custom role"
msgstr ""

2
package.json
View File

@ -61,7 +61,7 @@
"@gitlab/favicon-overlay": "2.0.0",
"@gitlab/fonts": "^1.3.0",
"@gitlab/svgs": "3.75.0",
"@gitlab/ui": "^72.8.1",
"@gitlab/ui": "^72.10.0",
"@gitlab/visual-review-tools": "1.7.3",
"@gitlab/web-ide": "^0.0.1-dev-20231211152737",
"@mattiasbuelens/web-streams-adapter": "^0.1.0",

1
spec/frontend/alerts_settings/components/__snapshots__/alerts_form_spec.js.snap
View File

@ -62,6 +62,7 @@ exports[`Alert integration settings form default state should match the default
selected="selecte_tmpl"
showselectallbuttonlabel=""
size="medium"
sronlyresultslabel="[Function]"
toggletext=""
variant="default"
/>

7
spec/graphql/resolvers/concerns/resolves_groups_spec.rb
View File

@ -26,15 +26,16 @@ RSpec.describe ResolvesGroups do
<<~FIELDS
containerRepositoriesCount
customEmoji { nodes { id } }
fullPath
groupMembersCount
path
dependencyProxyBlobCount
dependencyProxyBlobs { nodes { fileName } }
dependencyProxyImageCount
dependencyProxyImageTtlPolicy { enabled }
dependencyProxySetting { enabled }
descendantGroupsCount
fullPath
groupMembersCount
maxAccessLevel { integerValue }
path
projectsCount
FIELDS
end

2
spec/graphql/types/group_type_spec.rb
View File

@ -22,7 +22,7 @@ RSpec.describe GitlabSchema.types['Group'], feature_category: :groups_and_projec
mentions_disabled parent boards milestones group_members
merge_requests container_repositories container_repositories_count
packages dependency_proxy_setting dependency_proxy_manifests
dependency_proxy_blobs dependency_proxy_image_count
dependency_proxy_blobs dependency_proxy_image_count max_access_level
dependency_proxy_blob_count dependency_proxy_total_size dependency_proxy_total_size_in_bytes
dependency_proxy_image_prefix dependency_proxy_image_ttl_policy
shared_runners_setting timelogs organization_state_counts organizations

2
spec/graphql/types/project_type_spec.rb
View File

@ -34,7 +34,7 @@ RSpec.describe GitlabSchema.types['Project'], feature_category: :groups_and_proj
incident_management_timeline_event incident_management_timeline_events
container_expiration_policy service_desk_enabled service_desk_address
issue_status_counts terraform_states alert_management_integrations
container_repositories container_repositories_count
container_repositories container_repositories_count max_access_level
pipeline_analytics squash_read_only sast_ci_configuration
cluster_agent cluster_agents agent_configurations ci_access_authorized_agents user_access_authorized_agents
ci_template timelogs merge_commit_template squash_commit_template work_item_types

28
spec/requests/api/graphql/group_query_spec.rb
View File

@ -217,5 +217,33 @@ RSpec.describe 'getting group information', :with_license, feature_category: :gr
expect(graphql_data['group']).to be_nil
end
end
describe 'maxAccessLevel' do
let(:current_user) { user1 }
it 'returns access level of the current user in the group' do
private_group.add_owner(user1)
post_graphql(group_query(private_group), current_user: current_user)
expect(graphql_data_at(:group, :maxAccessLevel, :integerValue)).to eq(Gitlab::Access::OWNER)
end
shared_examples 'public group in which the user has no membership' do
it 'returns no access' do
post_graphql(group_query(public_group), current_user: current_user)
expect(graphql_data_at(:group, :maxAccessLevel, :integerValue)).to eq(Gitlab::Access::NO_ACCESS)
end
end
it_behaves_like 'public group in which the user has no membership'
context 'when the user is not authenticated' do
let(:current_user) { nil }
it_behaves_like 'public group in which the user has no membership'
end
end
end
end

30
spec/requests/api/graphql/project_query_spec.rb
View File

@ -401,4 +401,34 @@ RSpec.describe 'getting project information', feature_category: :groups_and_proj
end
end
end
describe 'maxAccessLevel' do
let(:project_fields) { 'maxAccessLevel { integerValue }' }
it 'returns access level of the current user in the project' do
project.add_developer(current_user)
post_graphql(query, current_user: current_user)
expect(graphql_data_at(:project, :maxAccessLevel, :integerValue)).to eq(Gitlab::Access::DEVELOPER)
end
shared_examples 'public project in which the user has no membership' do
it 'returns no access' do
project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
post_graphql(query, current_user: current_user)
expect(graphql_data_at(:project, :maxAccessLevel, :integerValue)).to eq(Gitlab::Access::NO_ACCESS)
end
end
it_behaves_like 'public project in which the user has no membership'
context 'when the user is not authenticated' do
let(:current_user) { nil }
it_behaves_like 'public project in which the user has no membership'
end
end
end

8
yarn.lock
View File

@ -1321,10 +1321,10 @@
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.75.0.tgz#31e4a3ab66cab3e405c4cff1f065ee3924fe7a98"
integrity sha512-TAmlxByyZcZvr/hxipfI53XLNlzpVZCf5izRdoIhR4QFHjZ56HIwQfoVCGYRNLDV8eTnO4ljNBFLZCfyipdPoQ==
"@gitlab/ui@^72.8.1":
version "72.8.1"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-72.8.1.tgz#7c330b6c29bf528a4f0c8c4eadbeb8b0f7a6a863"
integrity sha512-hx/tXyOsVxs49ZnBPKDcn16PXRCut1ilIus6nwpjvraw3oe23ZdXBrDiFPndjsyRfjGK4czytRgmu7hokJ+rnQ==
"@gitlab/ui@^72.10.0":
version "72.10.0"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-72.10.0.tgz#fe2bd18b0d1c51f512ee3d2ff7b0737ddd3d63c7"
integrity sha512-TBfqDaloFuYyO1VQl05M9gw8Af59gF2S0ux0WDDeIrXqU/2nrMVzyKXiMj6/o1kqrL3eudG81kPPfy5npu5xoQ==
dependencies:
"@floating-ui/dom" "1.4.3"
bootstrap-vue "2.23.1"