This method, #route_not_found, is executed as the final fallback for
unrecognized routes (as the name might imply.) We want to avoid
`#authenticate_user!` when calling `#route_not_found`;
`#authenticate_user!` can, depending on the request format, return a 401
instead of redirecting to a login page. This opens a subtle security
exploit where anonymous users will receive a 401 response when
attempting to access a private repo, while a recognized user will
receive a 404, exposing the existence of the private, hidden repo.
We had similar code in a few places to redirect to the last page if
the given page number is out of range. This unifies the handling in a
new controller concern and adds usage of it in all snippet listings.
Sorting preference functionality has been extracted
from `IssuableCollections` to a new `SortingPreference`
concern in order to reuse this functionality in projects
(and groups in the future).
Fixes deprecation warning:
```
DEPRECATION WARNING: The success? predicate is deprecated and
will be removed in Rails 6.0.
Please use successful? as provided by Rack::Response::Helpers.
```
This backports to ce a refactor of the shared example 'a controller that
can serve LFS files'.
The ee MR that contains the original refactor is
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13389
The reason for the refactor was mostly the removal of the outer context
as it didn't need to be there, and prevented let(:lfs_oid) from being
overwritten.
The shared example was also renamed to be more descriptive.
Add env_var and file as supported types for CI variables. Variables of
type file expose to users existing gitlab-runner behaviour - save
variable value into a temp file and set the path to this file in an ENV
var named after the variable key.
Resolves https://gitlab.com/gitlab-org/gitlab-ce/issues/46806.
Users downloading non-ASCII attachments would see garbled characters.
When used with object storage, AWS S3 would return an InvalidArgument
error: Header value cannot be represented using ISO-8859-1.
Per RFC 5987 and RFC 6266, Content-Disposition should be encoded
properly. This commit takes the Rails 6 implementation of
ActiveSuppport::Http::ContentDisposition
(https://github.com/rails/rails/pull/33829) and ports it here.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/47673
In order to let users' sorting preferences transfer between devices, we
save the preference for issues and MRs (one preference for issues, one
for MRs) in the backend inside the UserPreference object
Updates specs to use new rails5 format.
The old format:
`get :show, { some: params }, { some: headers }`
The new format:
`get :show, params: { some: params }, headers: { some: headers }`
GitLab Bot
GitLab Release Tools Bot
Kerri Miller
Markus Koller
Rémy Coutable
Jan Provaznik
George Koltsov
Vitali Tatarintev
Heinrich Lee Yu
Robert Speicher
Thong Kuah
Peter Leitzen
Adam Hegyi
Luke Duncalfe
Luke Duncalfe
Krasimir Angelov
Imre Farkas
Andreas Brandl
Stan Hu
Mario de la Ossa
Felipe Artur
Jasper Maes
blackst0ne
Felipe Artur
Oswaldo Ferreira
Francisco Javier López
Jarka Kadlecová
Sean McGivern
Matija Čupić