0ece6bd828
Use `\A` and `\z` in regexes instead of `^` and `$`.
2015-04-10 18:31:07 +02:00
dfd256f29e
Support configurable attachment size via Application Settings
...
Fix bug where error messages from Dropzone would not be displayed on the issues page
Closes #1258
2015-04-02 00:04:08 -07:00
8173ef976f
Set Application controller default URL options to ensure all url_for calls are consistent
...
Closes #1249
2015-03-25 12:27:10 -07:00
f0cbbd70bb
Use same constant for amount of items per page
2015-03-12 15:37:00 -07:00
6de4e4a622
Include route helper shortcut in controller
2015-02-26 09:34:20 -08:00
448817c4de
Load public key in initializer.
2015-02-24 15:07:24 +01:00
76aad9b76e
Upgrade to Rails 4.1.9
...
Make the following changes to deal with new behavior in Rails 4.1.2:
* Use nested resources to avoid slashes in arguments to path helpers.
2015-02-14 11:09:23 -07:00
bbca6a0abd
Refactor sorting in project
2015-02-05 19:15:05 -08:00
537cd66d7e
Add gitlab internal issue tracker service.
2015-01-28 09:28:17 -08:00
5c80160218
Fix various typos
...
signe-in -> signed-in
go_to_gihub_for_permissions -> go_to_github_for_permissions
descendand -> descendant
behavour -> behaviour
recepient_email -> recipient_email
generate_fingerpint -> generate_fingerprint
dependes -> depends
Cant't -> Can't
wisit -> visit
notifcation -> notification
sufficent_scope -> sufficient_scope?
levet -> level
2015-01-18 10:29:37 -05:00
f2eb234c06
Fix passign args to original authenticate_user!
2015-01-16 18:12:15 -08:00
41d7be3ce1
Allow to specify home page for non logged-in users
2015-01-16 16:01:15 -08:00
57a65ede77
Improve application settings and write tests
2015-01-08 09:53:35 -08:00
465f186954
Show assigned issues/mr be default on dashboard
...
This was default before but now it fixed with providing assignee_id
parameter making url shareble and dont reset when other filters users.
Also this commit removes old methods that are not used any more.
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-12-26 18:33:53 +02:00
97d7c06f78
Fix scroll problems and disable authorized_only filter
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-12-24 12:56:03 +02:00
7b792af872
Improvements to issues/mr filters:
...
* use filter_params variable when set filter values
* fix project issues spinach tests
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-12-24 11:39:03 +02:00
016981c009
Refactor issuable list pages
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-12-24 11:04:33 +02:00
47634e392f
Refactor issues and merge requests lists
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-12-23 18:49:39 +02:00
beabf5db8c
Merge pull request #8091 from cirosantilli/factor-ability-abilities
...
Factor abilities methods
2014-10-28 12:09:55 +02:00
1657750a6a
Merge pull request #8028 from cirosantilli/rm-dev-tools
...
Remove unused dev_tools helper.
2014-10-21 11:55:36 +03:00
8ad9a75f88
Merge pull request #8030 from cirosantilli/factor-authorize
...
Factor authorize_push! and authorize_code_access!
2014-10-21 11:43:12 +03:00
9e1b97ad99
Use @project on controllers, don't call method
...
Also memoize the method to ensure that other methods in
ApplicationController that rely on it can call it efficiently.
2014-10-19 23:36:23 +02:00
b66a152735
Factor abilities methods
...
in app controller, user model and services.
2014-10-19 11:12:39 +02:00
4d0d5e79ba
Factor authorize_push! and authorize_code_access!
...
with existing method_missing. Pattern already used extensively,
so let's be consistent and use it everywhere.
2014-10-13 21:31:49 +02:00
c278520f9b
Remove unused dev_tools helper.
2014-10-13 21:21:58 +02:00
f815115de6
Protect from forgery with exception
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-10-06 16:18:25 +03:00
2e9f5de868
Add parenthesis to function def with arguments.
2014-10-03 09:18:46 +02:00
669682686e
Move LDAP timeout code to Gitlab::LDAP::Access
2014-08-06 18:03:01 +02:00
07b9d80604
Use devise stored_location to redirect after signing for both public and private pages.
2014-07-11 19:53:10 +02:00
55efb2d9f2
Revert "Merge branch 'redirect_after_login' into 'master'"
...
This reverts commit 5aaa35656e5b8c176767
2014-07-11 19:53:10 +02:00
60cc1d8e92
Override strong params for sign up.
2014-07-10 19:31:05 +02:00
108be8a666
Update to accomodate devise deprecations and backward incompatible changes.
2014-07-10 13:56:35 +02:00
1e3fce1a82
Check for the correct param for token.
2014-07-10 13:10:37 +02:00
4024aa8e81
Try to keep token authenticable compatibility
2014-07-09 14:42:25 +02:00
26d1bd7c2a
Set return url as param.
2014-06-19 14:20:25 +02:00
a1eb1ad168
Redirect back to current page after sign in.
2014-06-19 11:24:59 +02:00
ae564c97d4
Dont expose user email via API
...
To prevent leaking of users info we reduce amount of user information
retrieved via API for normal users.
What user can get via API:
* if not admin: only id, state, name, username and avatar_url
* if admin: all user information
* about himself: all informaion
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-06-13 17:46:48 +03:00
a7be3dfa30
Remove set of thread variables
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-06-10 17:51:49 +03:00
d95d56f0b9
Add current_user_id to gon vars
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-06-04 18:07:15 +03:00
5f25cdfe19
Implement Merge Request Labels
2014-05-13 06:41:36 -05:00
84d17f7965
Skip require email for devise controllers
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-04-07 14:32:59 +03:00
a73df4f72d
Allow oauth signup without email
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-04-07 14:09:29 +03:00
48e9054056
Open/close LDAP in ApplicationController
...
By opening the LDAP connection at the controller level we can reuse it
for all LDAP queries during the request.
2014-03-14 09:03:49 +01:00
c6d39a14d6
Add User#requires_ldap_check? method
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-11 10:24:07 +02:00
e57e1e04e3
Remove non-exist method from ldap security check
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-11 09:15:04 +02:00
b1ff8e31b1
Add ldap check in application_controller and internal api
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-10 17:10:23 +02:00
a9280de11f
Better redirect for edit blod from MergeRequest
...
If you cancel edit you will be redirected back to merge request
If you submit changes you will be redirected back to merge request
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-02-26 14:06:31 +02:00
2171bbcd6e
Update rack profiler
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-02-25 17:41:56 +02:00
439a61783d
User can leave group from group page.
2014-02-12 15:52:53 +01:00
348e44ef06
Dont use avatars for user select if avatar is disabled
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-02-11 15:49:39 +02:00
0c637acb69
Add login and remember_me to devise permit list
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-01-14 20:28:41 +02:00
8a0bfa4998
Do not include subtomains in STS header.
2014-01-03 16:02:57 +01:00
94c96cd445
HTTP headers protect against MIME-sniffing, force https if enabled.
2013-12-30 09:41:05 +01:00
498ec08da3
Force IE use latest engine to render.
2013-12-27 19:38:29 +08:00
f088c867a4
Fix signup for rails4
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-10 13:35:10 +02:00
b3c1d0d8df
Added allow_blank to model validations
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-10 12:11:27 +02:00
c099074fcc
Fix 404 on project page for unauthenticated user
...
Eliminate a 404 error when user is not logged in and attempts to visit
a project page.
The 404 page will still show up when user is logged in and the project
doesn’t exist or the user doesn’t have access.
2013-12-04 13:10:20 -06:00
da10cad1da
Drop rjs from Issues#index
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-29 15:05:32 +02:00
33aea41708
Drop rjs from Infinite scrolling
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-28 11:38:20 +02:00
d9bb4230cc
Adding authenticated public mode (internal).
...
Added visibility_level icons to project view (rather than just text).
Added public projects to search results.
Added ability to restrict visibility levels standard users can set.
2013-11-26 22:22:07 -06:00
aefe2e952f
Fixing unsafe use of Thread.current variable :current_user
2013-10-16 01:20:53 -04:00
3cbfb1ee7c
Remove .git from project url end redirect
...
Ex. redirect from
localhost/group/project.git
to
localhost/group/project
It used to prevent 404 error when follow submodule http link
like http://localhost/group/project.git
2013-10-14 13:27:39 +03:00
ca1b67ce38
Don't show users password change page if ldap users
2013-09-17 22:38:08 -04:00
17af835387
Add event filter for group and project show pages
2013-08-26 16:30:03 +03:00
fb492386c5
Fix accidentally removed class name
2013-08-21 12:33:12 +03:00
fd1661468f
Remove can_create_team code from user
2013-08-21 12:31:47 +03:00
9ea5766c35
Improve permissions on tags/branches
2013-07-17 08:26:00 +03:00
b3ef63a0a5
Migrate global project taks. Removed more teams related functionality
2013-06-19 19:48:48 +03:00
fbf6989903
Force admin to change password after first sign-in
2013-06-13 20:06:33 +03:00
94be732026
Add password_expires_at to users table
2013-06-13 20:01:35 +03:00
5b40780290
Password expire: implement password resource inside profile. add before_fiter check
2013-06-13 19:53:04 +03:00
993af5d0d2
cattr_accessor is not threadsafe!
2013-06-11 18:15:18 +03:00
57497e9f25
enforce secure gravatar urls when Gitlab.config.gitlab.https is set
2013-05-31 10:30:21 +02:00
6b4602a733
Grammar fix in error message for blocked login (in "application_controller.rb")
2013-05-28 14:48:51 -03:00
233eb1c693
Rename repo feature
2013-05-25 00:07:19 +03:00
634cbd7138
Refactor API classes. So api classes like Gitlab::Issues become API::Issues
2013-05-14 15:33:31 +03:00
2fc236177f
Merge pull request #3801 from holdtotherod/feature/internally-public-projects
...
Internally public projects
2013-05-03 00:00:48 -07:00
4c44c5ef9a
Internally public projects
...
Public projects listed in the public section will be linked to the
actual project's page. Public projects now give any user Guest
permissions to the project, allowing them to download the code, read
and create issues, and view anything else in the project's pages.
Ample access tests have been added to the project_access_spec to
verify correct permissions and behavior on public projects.
- Visitors to the site who are not logged in still cannot view the
project's pages.
- Logged-in users visiting a public project where they are not a team
member can create issues, but not snippets. They can view the projects
code, issues, merge requests, etc, just as if they were a Guest member
of the project.
- Since this is a public project, the user is also granted :download_code
permissions, a permission normally reserved for Reporters, since they
can clone the repo anyways and browse commits and branches locally.
2013-05-02 00:06:59 -07:00
529376bb0b
[BUGFIX] User suggest at team_members/new not working with relative_url_root
...
* Closing #3540
* Closing #3704
2013-04-24 19:40:09 +02:00
ef05423f47
Finish select2-ajax for users. Added Select2Helper for tests
2013-03-14 10:16:27 +02:00
10f14136f5
fix setting gon.api_token
2013-03-13 23:45:47 +02:00
bf17d976a7
add api users filter and integrate users select2
2013-03-13 23:19:09 +02:00
0d9a6fe7b1
User's blocked field refactored to use state machine
2013-03-04 18:52:30 +04:00
bca72eac74
Default issue tracker name added to gon variables
2013-02-28 16:11:14 +04:00
27d9ac0fe8
Make gitlab works with gitlab-shell
2013-02-04 15:07:56 +02:00
85de55a120
Dont allow gitlab be loaded in iframe
2013-02-02 20:32:13 +02:00
3ddd9f753c
Fix mass-assignment. Dont allow users w/o access to create team
2013-01-25 15:42:41 +02:00
18bd1c9d30
update all teams code. refactoring and some corrections
2013-01-24 22:31:25 +02:00
39ba934c0a
REpostiry, Team models
2013-01-03 21:09:18 +02:00
cc0295b789
Only owner can remove project
2012-12-05 06:14:05 +03:00
c177593e2c
Merge pull request #2059 from dolanor/feature-rewording-blocked-users
...
Rewording for the account being blocked
2012-11-30 12:50:06 -08:00
eb1004f789
Refactor abilities. Added ProjectUpdate context. Fixed few bugs with namespaces
2012-11-29 12:39:03 +02:00
70ef433e09
Rewording for the account being blocked
...
When signing in with SSO, if the default behaviour of gitlab is to block SSO user, the only message the people will get is 'Your account was blocked'
They should get the idea this might be only temporary and not because of a technical problem
2012-11-24 18:21:57 +01:00
f37fa968b2
add ability to change namespace from project edit page
2012-11-24 22:00:30 +02:00
c50ec72b52
Deprecate code for Project. Use title and path
2012-11-23 21:11:09 +03:00
26622f4c8f
Improve routing. Project access via namespace
2012-11-22 23:34:06 +03:00
be4138af75
Log caught exceptions
2012-11-06 21:16:47 +01:00
16ceae895e
Separate observing of Note and MergeRequests
...
* Move is_assigned? and is_being_xx? methods to IssueCommonality
This is behavior merge requests have in common with issues. Moved
methods to IssueCommonality role. Put specs directly into
merge_request_spec because setup differs for issues and MRs
specifically in the "closed" factory to use.
* Add MergeRequestObserver. Parallels IssueObserver in almost every way.
Ripe for refactoring.
* Rename MailerObserver to NoteObserver
With merge request observing moved out of MailerObserver, all that
was left was Note logic. Renamed to NoteObserver, added tests and
updated application config for new observer names. Refactored
NoteObserver to use the note's author and not rely on current_user.
* Set current_user for MergeRequestObserver
IssueObserver and MergeRequestObserver are the only observers that
need a reference to the current_user that they cannot look up on
the objects they are observing.
2012-10-10 17:59:25 -04:00
e563e948bb
Merge branch 'master' into simplify_controllers2
...
Conflicts:
app/controllers/commits_controller.rb
app/controllers/refs_controller.rb
2012-09-27 12:25:52 +02:00
afc4a75499
Use Rails.root.join where appropriate
2012-09-26 16:32:26 -04:00
33126227af
Remove check_token_auth filter
...
Because of the way ExtractPaths works, `params[:format]` wouldn't
necessarily be available at the time this filter was running, and so it
would erroneously redirect to `new_user_session_path`
2012-09-26 16:32:23 -04:00
5a5d214de4
Remove unused render_full_content filter
2012-09-26 16:32:22 -04:00
bdf317addc
layout selected by controller name
2012-09-26 22:27:44 +02:00
078a8f0e66
factorize before_filters and layout for projects related controllers
2012-09-26 22:27:43 +02:00
925183ed7a
Add an AdminController base class for Admin controllers
...
Handles stuff that's shared across admin controllers.
2012-09-16 10:06:29 -04:00
367e17cc84
5xx error status code for gitolite & encoding error
2012-09-07 20:47:52 +03:00
79021e674b
Split gitolite backend. Use gitolite_config methods moved to separate class
2012-09-07 08:16:29 +03:00
5e1c63d3f0
Move load_refs out of ApplicationController and into CommitsController
...
That was the only place it was used.
2012-09-05 01:13:41 -04:00
a9f275bc20
Fix load_refs in ApplicationController after default_branch change
...
As a last resort it was calling a method that didn't exist. Woops!
2012-09-05 01:12:44 -04:00
a463353773
Add "empty_repo?" method to Repository role
...
Replaces two calls that this method simplifies
2012-09-04 12:05:21 -04:00
b03ee4666b
Handle invalid ssh exception
2012-08-29 00:44:26 +03:00
7754189187
Fully embrace Ruby 1.9 hash syntax
...
Didn't bother with files in db/, config/, or features/
2012-08-10 18:25:15 -04:00
7dd276817c
Rack mini profiler for dev env
2012-08-02 09:48:53 +03:00
2abd054b0c
update devise
2012-07-05 23:50:24 -07:00
6d92aa6d12
Fix IssueObserver current_user assign. Refactored observers
2012-06-24 10:01:42 +03:00
16427f4c40
Merge pull request #880 from NARKOZ/dashboard-feed
...
Dashboard feed
2012-06-01 07:25:54 -07:00
cc3c6ad0ef
allow login via private token only for atom feeds
2012-06-01 06:56:28 -07:00
17d4cac208
Rescue encoding error on controller level
2012-05-31 23:36:52 +03:00
3272620f72
lib/ refactoring. Module Gitlabhq renamed to Gitlab
2012-05-26 13:37:49 +03:00
fed1c98047
Refactoring: get rid of ruby antipattern unless/else and use if/else instead
2012-05-20 03:01:13 +03:00
c9def945d4
User blocking improved. Admin area styled
2012-04-16 23:33:03 +03:00
497ee5fbbc
Ability to block user
2012-04-13 08:12:34 +03:00
215a01f63c
move notes login to one controller
2012-02-24 09:16:06 +02:00
81092c0198
Status codes for errors, New error pages
2012-02-23 21:04:20 +02:00
7d279f9302
better error handling for not found resource, gitolite error
2012-02-22 07:14:54 +02:00
8c40aab120
Abilities extended. Resources security improved
2012-02-22 00:31:18 +02:00
29b5aa2c76
Bootstrap: Issues restyled
2012-01-28 01:49:14 +02:00
7713f7fefb
Notification refactoring
2011-12-17 15:58:35 +02:00
d68ec5e0fb
default_branch for project & fixed project destroy
2011-12-07 23:56:57 +02:00
bdc658095c
refcatoring. cleaning after gitosis
2011-12-05 09:43:53 +02:00
8134fe0efe
git host fixed
2011-12-05 09:23:53 +02:00
9e089efe5a
gitolite & gitosis support
2011-12-04 01:44:59 +02:00
4bf4efe712
decorators & tree model
2011-11-20 22:32:12 +02:00
368deb5992
clean up whitespace from project
2011-11-15 12:34:30 +04:00
49b2fb24bc
remove fluiod layout
2011-11-11 11:35:51 -05:00
97cf5659aa
fixed layout as default
2011-11-11 10:57:16 -05:00
dab072c1ab
refactor code: repository.rb
2011-11-11 00:51:33 +02:00
0499759204
issues & fixed layout
2011-11-05 15:31:54 +02:00
586c53ea05
fixed notes loading/paging
2011-11-05 13:59:43 +02:00
a9639776d7
fixed/fluid layout switch
2011-11-04 00:37:02 +02:00
3ba392b3cb
new ref switch
2011-11-03 12:28:33 -04:00
5d879a0643
signin page
2011-10-28 18:25:00 +03:00
d62200cad4
clean-up code
...
* Remove trailing whitespace
* Converts hard-tabs into two-space soft-tabs
* Remove consecutive blank lines
2011-10-26 18:46:25 +05:00
783ca89796
security improved
2011-10-17 13:39:03 +03:00
a9d224d36d
issue #124
2011-10-15 18:51:58 +03:00
153f6cd86b
refactoring + remove unnecessary feature
2011-10-14 19:30:31 +03:00
2d577cae9d
branch/tag remember - to session instead of cookie
2011-10-14 18:33:05 +03:00
fc34fc86c6
branch/tag memorization
2011-10-14 18:08:25 +03:00
ec9e54ea94
gitosis error handle
2011-10-10 00:15:28 +03:00
9ba1224867
init commit
2011-10-09 00:36:38 +03:00
Douwe Maan
Stan Hu
Dmitriy Zaporozhets
Vinnie Okada
Marin Jankovski
Steven Burgart
Ciro Santilli
Jacob Vosmaer
Marin Jankovski
Drew Blessing
xyb
Jason Hollingsworth
Angus MacArthur
Izaak Alpert
Jean-Luc Geering
Peter LeFanu Lumsdaine
Stephen Lottermoser
Christian Simon
Andrew8xx8
Andrey Kumanyaev
Tanguy Herrmann
Riyad Preukschas
Robb Kidd
Cyril
Robert Speicher
Nihad Abbasov
Andrey Vakarev
Dmitriy Zaporozhets
Valery Sizov
gitlabhq