root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
91,154 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

85 Commits

Author SHA1 Message Date
Martin Wortschack 388d417090 Resolve "Redesign project lists UI" 2018-12-13 12:37:54 +00:00
Cindy Pallares fe5f75930e
Merge branch 'security-fix-pat-web-access' into 'master' 
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request"

See merge request gitlab/gitlabhq!2583
 2018-11-28 19:13:59 -05:00
Martin Wortschack 892f1257f4 Resolve "Personal projects pagination in Profile Overview tab is broken" 2018-10-15 13:10:42 +00:00
Martin Wortschack 337b2c80f3 Resolve "Add new "Overview" tab on user profile page" 2018-10-04 07:55:37 +00:00
gfyoung 73322a0e55 Enable frozen string in app/controllers/**/*.rb 
Enables frozen string for the following:

* app/controllers/*.rb
* app/controllers/admin/**/*.rb
* app/controllers/boards/**/*.rb
* app/controllers/ci/**/*.rb
* app/controllers/concerns/**/*.rb

Partially addresses #47424.
 2018-09-18 21:22:45 -07:00
JX Terry 99011a61cf Add an option to have a private profile on GitLab 2018-07-24 12:46:19 +00:00
blackst0ne eddf3febd7 [Rails5] Add `safe_params` helper 
Rails 5.0 requires to explicitly permit attributes when building a URL
using current `params` object.

The `safe_params` helper allows developers to just call `safe_params.merge(...)`
instead of manually adding `permit` to every call.

https://github.com/rails/rails/pull/20868
 2018-04-08 15:35:30 +11:00
Bob Van Landuyt 148816cd67 Port `read_cross_project` ability from EE 2018-02-22 17:11:36 +01:00
Mike Greiling 2c569be63b Resolve "Display member role per project" 2017-12-07 09:11:41 +00:00
Francisco Javier López bf0331dc72 Resolve "DashboardController#activity.json is slow due to SQL" 2017-11-06 16:52:56 +00:00
Mike Greiling 339baf8f5d refactor async calendar data 2017-07-18 17:05:41 -05:00
Grzegorz Bizon 0430b76441 Enable Style/DotPosition Rubocop 👮 2017-06-21 13:48:12 +00:00
Tieu-Philippe KHIM 3c1700cde6 Refactor atom builder by using xml.atom layout 2017-06-12 19:21:13 +02:00
Michael Kozono 49697bc8df Refactor to more robust implementation 
In order to avoid string manipulation or modify route params (to make them unambiguous for `url_for`), we are accepting a behavior change:

When being redirected to the canonical path for a group, if you requested a group show path starting with `/groups/…` then you’ll now be redirected to the group at root `/…`.
 2017-05-19 09:13:27 -07:00
Douwe Maan ad309f5d11 Merge branch 'snippets-finder-visibility' into 'security' 
Refactor snippets finder & dont return internal snippets for external users

See merge request !2094
 2017-05-10 16:48:18 +02:00
Michael Kozono 9e48f02ea8 Dry up routable lookups. Fixes #30317 
Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all.
 2017-05-05 12:12:50 -07:00
Michael Kozono 0c866f4a57 Resolve discussions 2017-05-05 12:12:49 -07:00
Michael Kozono ca5c762cf5 Refactor 2017-05-05 12:11:58 -07:00
Michael Kozono 7d02bcd2e0 Redirect from redirect routes to canonical routes 2017-05-05 12:11:57 -07:00
Jacopo b996a82ff4 ProjectsFinder should handle more options 
Extended ProjectFinder in order to handle the following options:
 - current_user - which user use
 - project_ids_relation: int[] - project ids to use
 - params:
   -  trending: boolean
   -  non_public: boolean
   -  starred: boolean
   -  sort: string
   -  visibility_level: int
   -  tags: string[]
   -  personal: boolean
   -  search: string
   -  non_archived: boolean

GroupProjectsFinder now inherits from ProjectsFinder.
Changed the code in order to use the new available options.
 2017-04-06 07:11:37 +02:00
Phil Hughes 652d80458a Fixed pagination in projects & snippets on user page 
Changed it from being json links to normal links & then doing a AJAX request to get the content.

Closes #29624
 2017-03-18 10:58:46 +00:00
Bryce Johnson ed1cd98858 Check all namespaces on validation of new username. 2016-11-17 19:59:03 +01:00
Robert Speicher b0088b527e
Merge branch '23403-fix-events-for-private-project-features' into 'security' 
Respect project visibility settings in the contributions calendar

This MR fixes a number of bugs relating to access controls and date selection of events for the contributions calendar

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23403

See merge request !2019

Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-11-09 12:27:41 +01:00
Bryce Johnson 568a405ce4 Add exists to users routes and fix endpoint. 2016-10-15 08:28:55 +02:00
Bryce Johnson 5439bd9f95 Attempt to fix username validation ruby. 2016-10-15 08:28:55 +02:00
Bryce Johnson 349caec308 Stringify username before passing to ActiveRecord. 2016-10-15 08:28:53 +02:00
Bryce Johnson 1dd826d4aa Make UX upgrades to SignIn/Register views. 
- Tab between register and sign in forms
- Add individual input validation error messages
- Validate username
- Update many styles for all login-box forms
 2016-10-15 08:27:21 +02:00
Rémy Coutable f99d8786b7
Fix snippets pagination 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-09-26 12:42:12 +02:00
Clement Ho a147b43dcc Replace contributions calendar timezone payload with dates 2016-09-16 14:38:59 -05:00
Phil Hughes 18b361cf80 Group the contributing calendar by day 
This aligns the boxes correctly with the day on the left side of the calendar
 2016-05-16 12:22:17 +01:00
Long Nguyen c0f02aad4a Add snippet tab under user profile 2016-05-02 16:37:12 +07:00
Felipe Artur 07b38c3b38 Code fixes 2016-04-18 11:12:27 -03:00
Felipe Artur e8a77c0aee Fix code 2016-04-18 11:12:27 -03:00
Felipe Artur 668d6ffa43 Add specs and fix code 2016-04-18 11:12:27 -03:00
Felipe Artur 57519565f1 Move verification to abilities 2016-04-18 11:12:27 -03:00
Felipe Artur b05f0a4858 Restrict user profiles based on restricted visibility levels 2016-04-18 11:11:36 -03:00
Douwe Maan ae7b2ef62c Merge branch 'master' into issue_12658 
# Conflicts:
#	app/models/issue.rb
#	app/views/projects/_home_panel.html.haml
#	app/views/shared/projects/_project.html.haml
#	db/schema.rb
#	spec/models/project_spec.rb
 2016-03-21 23:22:21 +01:00
Robert Speicher 085538c2bd Use the configured Kaminari "per page" default 2016-03-19 17:37:54 -04:00
Felipe Artur ec20fdf366 Code improvements and add Create group service 2016-03-16 19:44:33 -03:00
Felipe Artur c3e70280df Prevent projects to have higher visibility than groups 
Prevent Groups to have smaller visibility than projects
Add default_group_visibility_level to configuration
Code improvements
 2016-03-10 10:38:36 -03:00
Felipe Artur 5551ccd720 Code improvements 2016-03-10 10:38:36 -03:00
Rémy Coutable dec4e89e5b In UsersController#calendar_activities, when Date isn't parsable, fallback to Date.today 
For some reason, GoogleBot accesses /u/:username/calendar_activities without
a :date param, but then the view was trying to call #to_s(:short) which
doesn't exist on nil, leading to the following Sentry report:
https://sentry.gitlap.com/gitlab/gitlabcom/issues/1182/
 2016-03-03 12:16:32 +01:00
Alfredo Sumaran 9f1c3bb765 Merge branch 'master' into improve-user-tabs 2016-03-01 13:37:03 -05:00
Alfredo Sumaran f0b8779047 Make url and actions to be the same name 2016-03-01 11:43:22 -05:00
Alfredo Sumaran 10eb6d3cd7 Respond with 'show' view. Tab content will be loaded dinamically 2016-03-01 11:22:27 -05:00
Alfredo Sumaran b522ef4b69 Respond to .json requests 2016-02-29 16:40:57 -05:00
Josh Frye cc9f93f9d2 Add routes and actions for dynamic tab loading 2016-02-29 08:24:07 -05:00
James Lopez 303e9eb5bf include contributions from forked projects on profile calendar 2016-02-22 15:46:29 +01:00
Josh Frye 2ad094132d Various filter fixes 2016-02-04 13:03:41 -05:00
Valery Sizov 8b18449125 remove public field from namespace and refactoring 2016-01-04 16:00:29 +02:00