root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
110,751 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

134 Commits

Author SHA1 Message Date
Markus Koller 257fd57134 Allow password authentication to be disabled entirely 2017-11-23 13:16:14 +00:00
Tiago Botelho 053a198846 Impersonation no longer gets stuck on password change. 2017-11-20 18:02:41 +01:00
Douwe Maan 294fa6fcdc Remove authentication using user.private_token 2017-11-02 11:39:02 +01:00
Rémy Coutable d5e2f873db Merge branch '35644-refactor-have-http-status-into-have-gitlab-http-status' into 'master' 
Refactor `have_http_status` into `have_gitlab_http_status` in the specs

Closes #35644

See merge request gitlab-org/gitlab-ce!14958
 2017-10-23 14:55:57 +00:00
Toon Claes d8d7faf68c URI decode Page-Title header to preserve UTF-8 characters 2017-10-20 16:44:29 +00:00
Jacopo 2f40dac352 Refactor `have_http_status` into `have_gitlab_http_status` in the specs 2017-10-20 10:13:18 +02:00
Tiago Botelho 37383d9a9d Rollsback changes made to signing_enabled. 2017-09-01 10:51:40 +01:00
Bob Van Landuyt 3598e60bf2 Add a Circuitbreaker for storage paths 2017-08-04 15:38:48 +02:00
Robin Bobbitt 672a68d372 Fixes needed when GitLab sign-in is not enabled 
When sign-in is disabled:
 - skip password expiration checks
 - prevent password reset requests
 - don’t show Password tab in User Settings
 - don’t allow login with username/password for Git over HTTP requests
 - render 404 on requests to Profiles::PasswordsController
 2017-07-13 10:08:27 -04:00
Pawel Chojnacki 15b7b9ec41 Add rescue_from(ActionController::UnknownFormat) in Application Controller 2017-06-20 15:53:23 +02:00
Alexis Reigel dfc2542f55 use full caps RSS instead of rss 2017-05-24 22:29:59 +02:00
Alexis Reigel 6efe9c2f14 atom links with rss token instead of private token 2017-05-24 22:29:59 +02:00
Michael Kozono 7d02bcd2e0 Redirect from redirect routes to canonical routes 2017-05-05 12:11:57 -07:00
Robert Speicher d49768296c Auto-correct `RSpec/DescribedClass` violations 2017-05-01 11:13:33 -04:00
Alexis Reigel 1735ed6139 rename cache db column with `_cached` suffix 2017-04-06 10:01:14 +02:00
Markus Koller a49c5d1836 Rename skip_tfa session variable to skip_two_factor 2017-04-06 10:01:13 +02:00
Markus Koller 8e66514056 Rename check_2fa_requirement to check_two_factor_requirement 2017-04-06 10:01:13 +02:00
Markus Koller a3430f011f Support 2FA requirement per-group 2017-04-06 10:01:13 +02:00
Dmitriy Zaporozhets 6683fdcfb0
Add nested groups support to the routing 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2016-11-23 14:08:36 +02:00
tiagonbotelho 519275c110 fixes part1 of files to start using active tense 2016-08-09 15:06:23 +01:00
Grzegorz Bizon 9e211091a8 Enable Style/EmptyLines cop, remove redundant ones 2016-07-01 21:56:17 +02:00
Z.J. van de Weg abca19da8b Use HTTP matchers if possible 2016-06-27 20:10:42 +02:00
Timothy Andrew 0dff6fd714 Fix rubocop spec. 2016-06-03 10:11:36 +05:30
Timothy Andrew b4b0248577 Parts of spec names with "when" should be contexts. 2016-06-03 09:00:39 +05:30
Timothy Andrew 05b319b0b4 Perform private token and personal access token authentication in the same `before_action`. 
- So that the check for valid personal access tokens happens only if
  private token auth fails.
 2016-06-01 14:04:38 +05:30
Timothy Andrew d915e7d5ca Reuse the private token param and header for personal access tokens. 
- https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749#note_11626427
- Personal access tokens are still a separate entity as far as the
  codebase is concerned - they just happen to use the same entry point
  as private tokens.
- Update tests and documentation to reflect this change
 2016-05-11 10:16:23 +05:30
Timothy Andrew bafbf22c6a Address @DouweM's feedback on !3749. 
- Use `TokenAuthenticatable` to generate the personal access token
- Remove a check for `authenticity_token` in application controller;
  this should've been `authentication_token`, maybe, and doesn't make
  any sense now.
- Have the datepicker appear inline
 2016-04-28 22:28:36 +05:30
Timothy Andrew ade40fdcd2 Authenticate non-API requests with personal access tokens. 
- Rename the `authenticate_user_from_token!` filter to
  `authenticate_user_from_private_token!`
- Add a new `authenticate_user_from_personal_access_token!` filter
- Add tests for both.
 2016-04-28 22:28:36 +05:30
Douwe Maan 7c51d5efec Fix some specs 2016-03-20 22:55:08 +01:00
Stan Hu 07efb17e10 Fix 403 Access Denied error messages when accessing Labels section in a project that has MRs disabled but issues enabled 
Closes #1813
 2015-06-18 03:15:05 -07:00
Jeroen van Baarsen 0c4a70a306 Updated rspec to rspec 3.x syntax 
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
 2015-02-12 19:17:35 +01:00
Ciro Santilli a7e0ca9e83 Add trailing newline to all text files. 
Present in the large majority of files of each respective type.
 2014-06-21 11:20:22 +02:00
skv d89527839e fix most of warnings 2013-12-15 00:05:10 +04:00
Izaak Alpert ca1b67ce38 Don't show users password change page if ldap users 2013-09-17 22:38:08 -04:00