Use ActionDispatch Remote IP for Akismet checking
Previously all remote IPs appeared at 127.0.0.1, which made Akismet
not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html)
should provide more reliable results.
Closes#16629
See merge request !3961
These changes were pulled from GitLab EE to support configuring
an alternative API URL than the default https://api.github.com.
In addition, the `verify_ssl` flag allows users to disable SSL cert
checking.
One modification: add a default `args` option if it does not exist
to avoid breaking existing configurations.
Fix setting of "action" for Grape transactions
After wondering why we're not getting all the data in Grafana that I
wanted I realized I wasn't setting the "action" field properly here.
See merge request !3842
Merely setting the "action" tag will only result in the transaction
itself containing a value for this tag. To ensure other metrics also
contain this tag we must set the action using Transaction#action=
instead.
This allows users to configure the number of points stored in a single
UDP packet. This in turn can be used to reduce the number of UDP packets
being sent at the cost of these packets being somewhat larger.
The default setting is 1 point per packet so nothing changes for
existing users.
By using Module#prepend we can define a Module containing all proxy
methods. This removes the need for setting up crazy method alias chains
and in turn prevents us from having to deal with all that madness (e.g.
methods calling each other recursively).
Fixesgitlab-org/gitlab-ce#15281
Fix revoking of authorized OAuth applications
Users were not able to revoke access to authorized OAuth applications. Clicking the "Revoke" button would result in a 404 page, and the application would still be authorized.
Added a spec and also found that the `gon` variables were not being set for this view.
Closes#14370
See merge request !3690
Allow Omniauth providers to be marked as external
Related to #4009
With this MR we will be able to allow the user to set which Omniauth Providers they would like to have as external. All users login in via these providers will be marked as external, even if they already had an account before. If the provider is removed form the list of external providers, the users will be marked as internal at their next login.
MR for Omnibus: gitlab-org/omnibus-gitlab!727
/cc @dblessing @DouweM
See merge request !3657
One use case for this is manually setting the "action" tag for Grape API
calls. Due to Grape running blocks there are no human readable method
names that can be used for the "action" tag, thus we have to set these
manually on a case by case basis.
Add proper nil and error handling to SAML login process
While writing the feature that would allow certain Omniauth providers to be marked as external I noticed that there is a scenario where the `gl_user` method can return `nil` and if this is not properly checked, it will lead to exceptions that will cause 500 errors. It is quite easy to land in this scenario, so I added `nil` checks.
I also noticed that the `saml` method in the `omniauth_callbacks_controller.rb` file lacked a `rescue` for `Gitlab::OAuth::SignupDisabledError`, which can happen if the default configuration from `1_settings.rb` is applied. So I also added this check.
See merge request !3609
Rémy Coutable
Stan Hu
Alfredo Sumaran
Jacob Vosmaer
Jacob Schatz
Robert Speicher
Yorick Peterse
Sebastian Klier
Arinde Eniola
Gabriel Mazetto
Douglas Barbosa Alexandre
Robert Schilling
James Lopez
Valery Sizov
Marin Jankovski