gitlab-ce

Commit Graph

Author	SHA1	Message	Date
Ben Bodenmiller	765eabeacc	add HSTS Policy warning Add warning about HSTS header as it means user will need to provide secure connection access to site for next 24 months from page view. See https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security for more details.	2014-09-01 15:47:15 -07:00
Dmitriy Zaporozhets	14f5199cdc	Merge branch 'feature-ldap-tests' into 'master' Feature ldap tests Move specs to proper places. Relates to #154 This is already mergeable, will continue in a new branch for additions & refactorings. See merge request !1053	2014-08-30 07:16:45 +00:00
Jan-Willem van der Meer	0d5ae2802e	Move and rename ldap / oauth specs	2014-08-29 17:30:42 +02:00
Jacob Vosmaer	614ca3ec65	Remove LDAP::Access#find_user This method existed to allow LDAP users to take over existing GitLab accounts if the part before the '@' of their LDAP email attribute matched the username of an existing GitLab user. I propose to disable this behavior in order to prevent unintended GitLab account takeovers. After this change it is still possible to take over an existing GitLab account with your LDAP credentials, as long as the GitLab account email address matches the LDAP user email address.	2014-08-29 15:38:05 +02:00
Job van der Voort	68fd66c6e3	block visibility level restriction override in controller	2014-08-28 20:33:41 +02:00
Dmitriy Zaporozhets	3069826d1a	Merge pull request #7378 from jojosch/nginx-ssl-redirect Use a ? after the $request_uri to perform a valid Redirect while cloning...	2014-08-28 16:54:36 +03:00
Dmitriy Zaporozhets	c5c906fe64	Fix tests Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-27 15:26:35 +03:00
Dmitriy Zaporozhets	8b00d01c67	Search by issue/mr title and description Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-27 12:47:30 +03:00
Dmitriy Zaporozhets	9e5bc43263	Pass scope and page to Gitlab::SearchResults#objects instead of initialize Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-27 00:04:14 +03:00
Dmitriy Zaporozhets	9a4ef7e7eb	Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-26 23:32:41 +03:00
Jacob Vosmaer	37d6293842	Write authorized_keys in tmp/tests during tests This should reduce the number of gitlab-shell error messages while the tests run.	2014-08-26 11:33:26 +02:00
Dmitriy Zaporozhets	b5cc813612	Merge branch 'drop_post_recieve_jobs' into 'master' Add rake task to drop a project's PostReceive jobs If a user pushes so many branches/tags to a project that Sidekiq gets clogged, you can use this script to drop _all_ PostReceive jobs for a given project. See merge request !1030	2014-08-25 18:55:13 +00:00
Dmitriy Zaporozhets	eddfdc9edd	Merge pull request #7558 from bbodenmiller/patch-4 change X-Frame-Options to SAMEORIGIN for nginx SSL config	2014-08-23 23:50:09 +03:00
Dmitriy Zaporozhets	3cbacad86c	Merge branch 'blacklist/unsubscribes' into 'master' Add 'unsubscribes' to the paths blacklist This is to prevent issues with the admin email feature in GitLab EE. See merge request !1034	2014-08-23 20:47:40 +00:00
Dmitriy Zaporozhets	fcbf9841c7	Merge branch 'always_set_satellite_origin' into 'master' Always set satellite origin See merge request !1036	2014-08-23 20:46:36 +00:00
Ben Bodenmiller	3663354cb9	unify nginx config files	2014-08-23 01:08:12 -07:00
Ben Bodenmiller	a3953a46f4	change X-Frame-Options to SAMEORIGIN needed to allow sidekiq to load on background jobs tab	2014-08-23 01:05:31 -07:00
johannes	b5481afd73	Use a ? after the $request_uri to perform a valid Redirect while cloning. fixes #6203 before: ❯ curl -I http://gitlab/namespace/repo.git/info/refs?service=git-upload-pack HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 26 Jul 2014 18:20:27 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack?service=git-upload-pack after: ❯ curl -I http://gitlab/namespace/repo.git/info/refs\?service=git-upload-pack HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 26 Jul 2014 18:23:54 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack [ci skip]	2014-08-23 08:36:25 +02:00
Sytse Sijbrandij	06fade7545	Simplify the description of single hash lines based on comments of Ben Bodenmiller.	2014-08-22 19:10:07 +02:00
Jacob Vosmaer	3dbd8d2293	Always set the origin remote in satellite actions This prevents issues with satellites containing outdated origin remotes after administrators move the git repositories directory.	2014-08-22 14:32:04 +02:00
Jacob Vosmaer	abb415276f	Add 'unsubscribes' to the paths blacklist GitLab EE has a /unsubscribes/ route.	2014-08-22 10:25:13 +02:00
Jacob Vosmaer	e4f75fd262	Use one word per line in Gitlab::Blacklist	2014-08-22 10:21:04 +02:00
Jacob Vosmaer	b752ee8aa9	Add rake task to drop a project's PostReceive jobs	2014-08-21 16:02:04 +02:00
Robert Schilling	66f6ca0770	Fix tests after #7526	2014-08-20 20:34:55 +02:00
jubianchi	7ad93ab250	Improve labels validation and expose error messages	2014-08-20 12:09:19 +02:00
Jacob Vosmaer	6dc24e3bcf	Merge pull request #7527 from Razer6/api_labels_return_code API: Fix labels return code	2014-08-18 17:16:32 +02:00
Robert Schilling	4ca3f64719	Fix labels return code	2014-08-18 00:25:49 +02:00
Dmitriy Zaporozhets	6063a1e6c1	Add labels api authorization. Update permission doc Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-15 11:59:19 +03:00
Dmitriy Zaporozhets	27cf081e1b	Merge pull request #7479 from Razer6/feature/labels_api Implement complete labels API (create/delete/update)	2014-08-15 10:25:48 +03:00
Dmitriy Zaporozhets	433dac7799	Merge pull request #7465 from Razer6/better_label_color_validation Better label color validation, fixes #7454	2014-08-15 10:17:16 +03:00
skv	4e40800166	diff unfold	2014-08-14 15:48:14 +04:00
Robert Schilling	cbc90565b5	Do label validation for issues/merge requests API	2014-08-14 10:17:52 +02:00
Dmitriy Zaporozhets	1d63464c82	Fix repository archive Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-13 21:28:22 +03:00
Dmitriy Zaporozhets	71f87ffb66	Merge pull request #6788 from CingleVue/master Patched `MergeRequest` to return more data.	2014-08-13 16:47:51 +03:00
Dmitriy Zaporozhets	dbb1cb30a3	Merge pull request #7441 from bbodenmiller/patch-7 add git config --global core.autocrlf check	2014-08-13 16:39:58 +03:00
Dmitriy Zaporozhets	ffc284301e	Merge branch 'ldap/cache_check' into 'master' Cache LDAP check everywhere See merge request !1008	2014-08-13 13:11:04 +00:00
Robert Schilling	cf3ba0209d	Update labels via API	2014-08-13 12:29:03 +02:00
Robert Schilling	9284038dbe	Add, delete labels via API	2014-08-13 12:28:19 +02:00
Dmitriy Zaporozhets	4535db04b2	Increase import timeout from 2 to 4 minutes Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-11 20:58:39 +03:00
Dmitriy Zaporozhets	f8eedb4cda	Cleaner variable name Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-11 15:25:25 +03:00
Dmitriy Zaporozhets	505203e7d5	Merge pull request #7466 from Razer6/improve_markup_handling Improve readme markup, fixes #7455	2014-08-11 13:02:24 +03:00
Dmitriy Zaporozhets	5b52d7b979	Merge branch 'add_complete_commit_message_to_api' of https://gitlab.com/christian.taedcke/gitlab-ce into christian.taedcke/gitlab-ce-add_complete_commit_message_to_api Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: CHANGELOG	2014-08-11 12:33:04 +03:00
Dmitriy Zaporozhets	d10ecacc47	Merge branch 'master' into 'master' Let users limit by archived/not archived projects in GitLab API GET /projects Adds a boolean parameter, archived, to the /projects endpoint. See merge request !158	2014-08-11 09:27:24 +00:00
Robert Schilling	99eb283101	Use readme we support to render if there are multiple readmes	2014-08-11 08:50:56 +02:00
Dmitriy Zaporozhets	e09ef2fc38	Merge branch 'improve-test-env' into 'master' Improve test env * Replace big gitlabhq repo with small one (https://gitlab.com/gitlab-org/gitlab-test) * dont stub gitlab-shell calls Advantages: * test gitlab-shell install during tests * test integration with gitlab-shell features (fork, change default branch etc) * don't store archive with test repo inside gitlab * less stubs - easier to write/read tests During this refactoring __next issues are be fixed__: * satellite error if gitlab_shell path is relative * project rename repo -> 500 error * fixed wrong diff for MR `download plain diff` * fixed bug when gfm ignores `@ref` variable during link parsing Fixes #1451 See merge request !1005	2014-08-09 17:51:31 +00:00
Jacob Vosmaer	82dc40936a	Cache LDAP check in Gitlab::UserAccess This changes the number of LDAP calls when users access GitLab via Git-over-SSH or the API. LDAP check results are cached for 1 hour.	2014-08-06 18:03:01 +02:00
Jacob Vosmaer	669682686e	Move LDAP timeout code to Gitlab::LDAP::Access	2014-08-06 18:03:01 +02:00
Dmitriy Zaporozhets	8f1e60b057	Fix satellite tests Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-08-06 09:52:56 +03:00
Ben Bodenmiller	ecd33c9d92	add git config --global core.autocrlf check core.autocrlf was added to install guide in `2d681c0d1e` but not added to check script	2014-08-04 20:41:20 -07:00
Sytse Sijbrandij	8aff39a6d0	Simplify the ssl setup file.	2014-08-04 15:57:59 +02:00

1 2 3 4 5 ...

1608 Commits