In order to let users' sorting preferences transfer between devices, we
save the preference for issues and MRs (one preference for issues, one
for MRs) in the backend inside the UserPreference object
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request"
See merge request gitlab/gitlabhq!2583
When listing issues and merge requests on dasboard page,
make sure that at least one filter is enabled.
User's id is used in search autocomplete widget instead
of username, which allows presetting user in filter dropdowns.
Related to #43246
This changes various controllers to use the new EventCollection class
for retrieving events. This class uses a JOIN LATERAL query on
PostgreSQL to retrieve queries in a more efficient way, while falling
back to a simpler / less efficient query for MySQL.
The EventCollection class also includes a limit on the number of events
to display to prevent malicious users from cycling through all events,
as doing so could put a lot of pressure on the database.
JOIN LATERAL is only supported on PostgreSQL starting with version 9.3.0
and as such this optimisation is only used when using PostgreSQL 9.3 or
newer.
`User#starred_projects` doesn't perform any visibility checks. This has
a couple of problems:
1. It assumes a user can always view all of their starred projects in
perpetuity (project not changed to private, access revoked, etc.).
2. It assumes that we'll only ever allow a user to star a project they
can view. This is currently the case, but bugs happen.
Add `User#viewable_starred_projects` to filter the starred projects by
those the user either has explicit access to, or are public or
internal. Then use that in all places where we list the user's starred
projects.
- Split up SnippetsController into separate dashboard and explore sections.
- Use consistent page titles, header titles and sidebars between dashboard and explore sections when signed in or not.
* Add search filtering for group projects
* Show all user projects on dashboard
* Refactor projects list into one view
* Hide big list of projects with 'Show all' button
Filtering service used klass instead of passed items.
Because of this you see list of all issues intead of authorized ones.
This commit fixes it so people see only issues they are authorized to
see.
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Be default it sorts by name now
Respect filters like scope, label, visibility when do sort or another
filter
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Mario de la Ossa
Cindy Pallares
Heinrich Lee Yu
Rémy Coutable
gfyoung
Jasper Maes
Jan Provaznik
Francisco Javier López
Yorick Peterse
Toon Claes
Douwe Maan
Oswaldo Ferreira
Sean McGivern
Phil Hughes
Dmitriy Zaporozhets
Douwe Maan
Eaden
Jeroen van Baarsen
Ciro Santillli
Jason Hollingsworth
skv