Previously submitting a DELETE request to an issuable URL would be
enough to destroy it, but this should require human confirmation. We
now require that the `destroy_confirm` parameter is set to a truthy
value before this can complete.
In addition, we log a Sentry error if a deletion arrived without
confirmation.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62387
Previously we asked a user to enter a new slug before taking them to
the Create Page page.
As a UX improvement, we now take them to a randomly generated URI so
they can begin creating their new page.
https://gitlab.com/gitlab-org/gitlab-ce/issues/46299
Current `auth.log` uses `fullpath` and `ip`, while `api_json.log` uses
`remote_ip` and `path` for the same fields. Let's standardize these
namings to make it easier for people working with the data.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66167
Fixes deprecation warning:
```
DEPRECATION WARNING: The success? predicate is deprecated and
will be removed in Rails 6.0.
Please use successful? as provided by Rack::Response::Helpers.
```
GitLab has a mechanism that allows CI to clone repositories via HTTP
even when the HTTP protocol is disabled. This works as expected
when a project is private or internal. However, when a project is
public CI gets an error message that HTTP is not allowed. This
happens because Git only sends auth in a subsequent request after a
401 is returned first. For public projects, GitLab grabs onto that
unauthenticated request and sends it through since it recognizes
that Guests are ordinarily allowed to access the repository.
Later on this leads to a 403 since HTTP protocol is disabled.
Fix this by only continuing with unauthenticated requests when
HTTP is allowed.
It was originally returning 302 when the rate limit kicks in, because
using the the correct status code makes it easier to track rate limiting
events
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/65974
- Use set_pipeline_variables to filter for visible pipelines
- Mimic response of nonexistent pipeline if not found
- Provide set_pipeline_variables as a before_filter for other actions
Splits auto-refreshing of MR widget into 2 requests:
- the one which uses etag-caching and invalidates the fields on change
- the one without caching
The idea is to gradually move all the fields to etag-cached endpoint
https://gitlab.com/gitlab-org/gitlab-ce/issues/62971
Adds support to EnvironmentsController#metrics_dashboard
for the following params: group, title, y_label
These params are used to uniquely identify a panel on
the metrics dashboard.
Metrics are stored in several places, so this adds
utilities to find a specific panel from the database
or filesystem depending on the metric specified.
Also moves some shared utilities into separate classes,
notably default values and errors.
Kubernetes deployments on new clusters will now have
a separate namespace per project environment, instead
of sharing a single namespace for the project.
Behaviour of existing clusters is unchanged.
All new functionality is controlled by the
:kubernetes_namespace_per_environment feature flag,
which is safe to enable/disable at any time.
* Prevent creating notes on inaccessible MRs
This applies the notes rules at the MR scope. Rather than adding extra
rules to the Project level policy, preventing :create_note here is
better since it only prevents creating notes on MRs.
* Prevent creating notes in inaccessible Issues
without this policy, non-team-members are allowed to comment on issues
even when the project has the private-issues policy set. This means that
without this change, users are allowed to comment on issues that they
cannot read.
* Add CHANGELOG entry
This spec needs to run as a request-style spec in order to invoke the
Rails router.
A controller-style spec matches the wrong route, and
`session['user_return_to']` becomes incorrect.
Currently we write out empty CSS classes (`class=""`) every time we
create a new tag. This adds 9 unnecessary bytes per span element. In a
recent trace, I have counted 11950 span elements. So we transported 105
unnecessary kilobytes!
Remove project from NotesFinder constructor
Add project parameter to specs
Also look for methods in private scope
Fix specs to match new NotesFinder constructor
In preparation for embedding specific metrics in issues
https://gitlab.com/gitlab-org/gitlab-ce/issues/62971,
this commit moves the BaseService for metrics dashboards
to a new services subdirectory. This is purely for the sake
of organization and maintainability.
Grzegorz Bizon
Filipa Lacerda
Ash McKenzie
Robert Speicher
GitLab Release Tools Bot
Stan Hu
Alex Ives
drew cimino
Luke Duncalfe
Douglas Barbosa Alexandre
Matija Čupić
Vitali Tatarintev
Thong Kuah
Drew Blessing
Adam Hegyi
Mayra Cabrera
Igor
Tristan Read
Hordur Freyr Yngvason
Felipe Artur
Camil Staps
Sarah Yasonik
Tiger Watson
Alex Kalderimis
Lukas '+ alert('Eipi') + ' Eipert
Patrick Derichs
Giorgenes Gelatti
Lin Jen-Shin