If you attempt to push thousands of branches at once, the 60-second timeout
will occur because GitAccess checking does a lot of work to check if the
user has permission to push to a branch. This changes does two things:
1. Instead of making 1 DB query per branch push, use a memoized list of protected branches to check
2. Memoize what permissions the user has to perform on this project
On a test of 10,000 branch pushes, this prevents gitlab-shell from hitting the 60-second
timeout.
Closes#17225
Use a custom Loofah scrubber since sanitize 2.x transformers are inadequate
to handle case-sensitive SVG attributes. sanitize parses documents as HTML
instead of XML, which causes all SVG attribute names (e.g. viewBox) to be downcased.
* SVG element list: https://www.w3.org/TR/SVG/eltindex.html
* SVG attribute list: https://www.w3.org/TR/SVG/attindex.htmlCloses#14555
Previously this method would directly receive the output of tag_name().
This method could either return a String or nil. In the previous setup
this would somehow magically work but because Rugged::TagCollection#[]
doesn't accept nil values it started to fail.
To work around this the elsif in change_access_check() assigns the
result of tag_name() to a local and then _only_ calls protected_tag?()
if the tag name is not nil. The extra parenthesis are put in place to
ensure that things are parsed correctly, without these the code would be
parsed as follows:
elsif tag_ref = (tag_name(ref) && protected_tag(tag_ref))
During runtime this would basically resolve to:
elsif tag_ref = (tag_name(ref) && protected_tag(nil))
This is because when you refer to the variable you're assigning _in_ the
assignment Ruby returns nil instead of raising an error.
Use Rugged's TagCollection#create instead of gitlab-shell's Repository#add_tag for better performance
This was originally opened at !1757 by @pcarranza but I changed it to use Rugged instead of gitlab_git, following @DouweM's request.
Once this is merged, https://gitlab.com/gitlab-org/gitlab-shell/merge_requests/26 will be mergeable too.
See merge request !3745
Use ActionDispatch Remote IP for Akismet checking
Previously all remote IPs appeared at 127.0.0.1, which made Akismet
not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html)
should provide more reliable results.
Closes#16629
See merge request !3961
These changes were pulled from GitLab EE to support configuring
an alternative API URL than the default https://api.github.com.
In addition, the `verify_ssl` flag allows users to disable SSL cert
checking.
One modification: add a default `args` option if it does not exist
to avoid breaking existing configurations.
Fix setting of "action" for Grape transactions
After wondering why we're not getting all the data in Grafana that I
wanted I realized I wasn't setting the "action" field properly here.
See merge request !3842
Merely setting the "action" tag will only result in the transaction
itself containing a value for this tag. To ensure other metrics also
contain this tag we must set the action using Transaction#action=
instead.
This allows users to configure the number of points stored in a single
UDP packet. This in turn can be used to reduce the number of UDP packets
being sent at the cost of these packets being somewhat larger.
The default setting is 1 point per packet so nothing changes for
existing users.
By using Module#prepend we can define a Module containing all proxy
methods. This removes the need for setting up crazy method alias chains
and in turn prevents us from having to deal with all that madness (e.g.
methods calling each other recursively).
Fixesgitlab-org/gitlab-ce#15281
Fix revoking of authorized OAuth applications
Users were not able to revoke access to authorized OAuth applications. Clicking the "Revoke" button would result in a 404 page, and the application would still be authorized.
Added a spec and also found that the `gon` variables were not being set for this view.
Closes#14370
See merge request !3690
Rémy Coutable
Artem Sidorenko
Stan Hu
Robert Speicher
Yorick Peterse
Douglas Barbosa Alexandre
Douwe Maan
Paco Guzman
Zeger-Jan van de Weg
James Lopez
Alfredo Sumaran
Jacob Vosmaer
Jacob Schatz
Sebastian Klier
Arinde Eniola
Gabriel Mazetto
Robert Schilling