Skip to content
Snippets Groups Projects
Commit 8abeb70f authored by 🤖 GitLab Bot 🤖's avatar 🤖 GitLab Bot 🤖
Browse files

Add latest changes from gitlab-org/gitlab@master

parent d2c2b487
No related branches found
No related tags found
No related merge requests found
Pipeline #1681351241 passed
Showing
with 262 additions and 209 deletions
...@@ -2,21 +2,6 @@ ...@@ -2,21 +2,6 @@
# Cop supports --autocorrect. # Cop supports --autocorrect.
Style/FormatString: Style/FormatString:
Exclude: Exclude:
- 'app/components/diffs/overflow_warning_component.rb'
- 'app/controllers/import/bitbucket_server_controller.rb'
- 'app/controllers/import/bulk_imports_controller.rb'
- 'app/controllers/import/fogbugz_controller.rb'
- 'app/controllers/import/gitea_controller.rb'
- 'app/controllers/import/github_controller.rb'
- 'app/controllers/import/gitlab_groups_controller.rb'
- 'app/controllers/import/gitlab_projects_controller.rb'
- 'app/controllers/invites_controller.rb'
- 'app/controllers/omniauth_callbacks_controller.rb'
- 'app/controllers/profiles/chat_names_controller.rb'
- 'app/controllers/profiles/emails_controller.rb'
- 'app/controllers/profiles/preferences_controller.rb'
- 'app/controllers/profiles/two_factor_auths_controller.rb'
- 'app/controllers/profiles_controller.rb'
- 'app/controllers/projects/google_cloud/deployments_controller.rb' - 'app/controllers/projects/google_cloud/deployments_controller.rb'
- 'app/controllers/projects/google_cloud/service_accounts_controller.rb' - 'app/controllers/projects/google_cloud/service_accounts_controller.rb'
- 'app/controllers/projects/issues_controller.rb' - 'app/controllers/projects/issues_controller.rb'
......
683c15cfb532bf9cb2e23acc7d8c6d6219c2aa68 6af2d5f99e37feee2b7221af5f276040b8109195
...@@ -25,17 +25,8 @@ export const getSinglePolicySchema = async ({ namespacePath, namespaceType, poli ...@@ -25,17 +25,8 @@ export const getSinglePolicySchema = async ({ namespacePath, namespaceType, poli
getSecurityPolicySchemaUrl({ namespacePath, namespaceType }), getSecurityPolicySchemaUrl({ namespacePath, namespaceType }),
); );
const { securityPoliciesNewYamlFormat } = window.gon?.features || {};
const { properties: schemaProperties, $defs: defsProperties } = schemaForMultiplePolicies; const { properties: schemaProperties, $defs: defsProperties } = schemaForMultiplePolicies;
const validationProperties = securityPoliciesNewYamlFormat const properties = schemaProperties || defsProperties[policyType] || {};
? schemaProperties
: schemaProperties[policyType]?.items?.properties;
const defsValidationProperties = securityPoliciesNewYamlFormat
? defsProperties[policyType]
: defsProperties[policyType]?.items?.properties;
const properties = validationProperties || defsValidationProperties || {};
return { return {
title: schemaForMultiplePolicies.title, title: schemaForMultiplePolicies.title,
......
import axios from 'axios';
import { initToggle } from '~/toggles';
import toast from '~/vue_shared/plugins/global_toast';
import {
I18N_PENDING_MESSAGE,
I18N_SUCCESS_MESSAGE,
I18N_UNDO_ACTION_TEXT,
I18N_RETRY_ACTION_TEXT,
I18N_ERROR_MESSAGE,
} from './constants';
export const initJwtCiCdJobTokenEnabledToggle = () => {
const toggle = () => {
const toggleButton = document.querySelector('.js-jwt-ci-cd-job-token-enabled-toggle button');
toggleButton.click();
};
let toastMessage = {};
const displayToast = (message, options = {}) => {
toastMessage.hide?.();
toastMessage = toast(message, options);
};
const el = document.querySelector('.js-jwt-ci-cd-job-token-enabled-toggle');
const input = document.querySelector('.js-jwt-ci-cd-job-token-enabled-input');
if (el && input) {
const form = el.closest('form');
const toggleElement = initToggle(el);
toggleElement.$on('change', async (isEnabled) => {
if (toggleElement.isLoading) return;
try {
toggleElement.isLoading = true;
input.value = isEnabled;
displayToast(I18N_PENDING_MESSAGE);
await axios.post(form.action, new FormData(form));
displayToast(I18N_SUCCESS_MESSAGE, {
action: {
text: I18N_UNDO_ACTION_TEXT,
onClick: toggle,
},
});
} catch (_) {
input.value = !isEnabled;
toggleElement.value = !isEnabled;
displayToast(I18N_ERROR_MESSAGE, {
action: {
text: I18N_RETRY_ACTION_TEXT,
onClick: toggle,
},
});
} finally {
toggleElement.isLoading = false;
}
});
return toggleElement;
}
return null;
};
import initStaleRunnerCleanupSetting from 'ee_else_ce/group_settings/stale_runner_cleanup'; import initStaleRunnerCleanupSetting from 'ee_else_ce/group_settings/stale_runner_cleanup';
import { initAllowRunnerRegistrationTokenToggle } from '~/group_settings/allow_runner_registration_token_toggle'; import { initAllowRunnerRegistrationTokenToggle } from '~/group_settings/allow_runner_registration_token_toggle';
import { initJwtCiCdJobTokenEnabledToggle } from '~/group_settings/jwt_ci_cd_job_token_enabled_toggle';
import initVariableList from '~/ci/ci_variable_list'; import initVariableList from '~/ci/ci_variable_list';
import initSharedRunnersForm from '~/group_settings/mount_shared_runners'; import initSharedRunnersForm from '~/group_settings/mount_shared_runners';
...@@ -10,6 +11,7 @@ import initDeployTokens from '~/deploy_tokens'; ...@@ -10,6 +11,7 @@ import initDeployTokens from '~/deploy_tokens';
initSettingsPanels(); initSettingsPanels();
initDeployTokens(); initDeployTokens();
initAllowRunnerRegistrationTokenToggle(); initAllowRunnerRegistrationTokenToggle();
initJwtCiCdJobTokenEnabledToggle();
initSharedRunnersForm(); initSharedRunnersForm();
initStaleRunnerCleanupSetting(); initStaleRunnerCleanupSetting();
initVariableList(); initVariableList();
<script> <script>
import { GlModal, GlForm, GlFormFields, GlFormDate, GlAlert } from '@gitlab/ui'; import { GlModal, GlForm, GlFormFields, GlFormDate } from '@gitlab/ui';
import { formValidators } from '@gitlab/ui/dist/utils'; import { formValidators } from '@gitlab/ui/dist/utils';
import { s__, __ } from '~/locale'; import { s__, __ } from '~/locale';
import { isInPast, fallsBefore } from '~/lib/utils/datetime_utility'; import { isInPast, fallsBefore } from '~/lib/utils/datetime_utility';
import { reportToSentry } from '~/ci/utils';
import Tracking from '~/tracking'; import Tracking from '~/tracking';
import { INSTRUMENT_TODO_ITEM_CLICK } from '~/todos/constants'; import { INSTRUMENT_TODO_ITEM_CLICK } from '~/todos/constants';
import { snoozeTodo } from '../utils';
const FORM_ID = 'custom-snooze-form'; const FORM_ID = 'custom-snooze-form';
const FORM_GROUPS_CLASSES = 'sm:gl-w-1/3'; const FORM_GROUPS_CLASSES = 'sm:gl-w-1/3';
...@@ -19,15 +17,8 @@ export default { ...@@ -19,15 +17,8 @@ export default {
GlForm, GlForm,
GlFormFields, GlFormFields,
GlFormDate, GlFormDate,
GlAlert,
}, },
mixins: [Tracking.mixin()], mixins: [Tracking.mixin()],
props: {
todo: {
type: Object,
required: true,
},
},
data() { data() {
return { return {
fields: { fields: {
...@@ -59,8 +50,6 @@ export default { ...@@ -59,8 +50,6 @@ export default {
time: DEFAULT_TIME, time: DEFAULT_TIME,
date: '', date: '',
}, },
isLoading: false,
hasError: false,
}; };
}, },
computed: { computed: {
...@@ -71,7 +60,6 @@ export default { ...@@ -71,7 +60,6 @@ export default {
type: 'submit', type: 'submit',
variant: 'confirm', variant: 'confirm',
form: FORM_ID, form: FORM_ID,
loading: this.isLoading,
class: MODAL_ACTION_CLASSES, class: MODAL_ACTION_CLASSES,
}, },
}; };
...@@ -98,11 +86,10 @@ export default { ...@@ -98,11 +86,10 @@ export default {
validator(); validator();
}, },
async handleSubmit() { async handleSubmit() {
this.hasError = false;
if (this.datetimeIsInPast) { if (this.datetimeIsInPast) {
return; return;
} }
this.$emit('submit'); this.$emit('submit', this.datetime);
this.track(INSTRUMENT_TODO_ITEM_CLICK, { this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_until_a_specific_date_and_time', label: 'snooze_until_a_specific_date_and_time',
...@@ -110,22 +97,6 @@ export default { ...@@ -110,22 +97,6 @@ export default {
snooze_until: this.datetime.toISOString(), snooze_until: this.datetime.toISOString(),
}, },
}); });
this.isLoading = true;
try {
const { data } = await snoozeTodo(this.$apollo, this.todo, this.datetime);
if (data.errors?.length) {
throw new Error(data.errors.join(', '));
} else {
this.$emit('snoozed');
}
} catch (error) {
reportToSentry(this.$options.name, error);
this.hasError = true;
} finally {
this.isLoading = false;
}
}, },
}, },
FORM_ID, FORM_ID,
...@@ -158,9 +129,6 @@ export default { ...@@ -158,9 +129,6 @@ export default {
:action-secondary="$options.actionSecondary" :action-secondary="$options.actionSecondary"
@primary.prevent="$emit('primary')" @primary.prevent="$emit('primary')"
> >
<gl-alert v-if="hasError" data-testid="snooze-error" variant="danger" :dismissible="false">{{
$options.i18n.snoozeError
}}</gl-alert>
<gl-form :id="$options.FORM_ID" @submit.prevent> <gl-form :id="$options.FORM_ID" @submit.prevent>
<gl-form-fields <gl-form-fields
v-model="formValues" v-model="formValues"
......
<script>
import { GlDisclosureDropdown, GlDisclosureDropdownGroup, GlTooltip } from '@gitlab/ui';
import { uniqueId } from 'lodash';
import { s__, sprintf } from '~/locale';
import dateFormat from '~/lib/dateformat';
import { nHoursAfter } from '~/lib/utils/datetime_utility';
import { localeDateFormat } from '~/lib/utils/datetime/locale_dateformat';
import Tracking from '~/tracking';
import { INSTRUMENT_TODO_ITEM_CLICK } from '~/todos/constants';
import SnoozeTodoModal from './snooze_todo_modal.vue';
export default {
components: {
GlDisclosureDropdown,
GlDisclosureDropdownGroup,
GlTooltip,
SnoozeTodoModal,
},
mixins: [Tracking.mixin()],
inject: ['currentTime'],
data() {
return {
toggleId: uniqueId('snooze-todo-dropdown-toggle-btn-'),
isOpen: false,
};
},
computed: {
dropdownOptions() {
const forAnHour = nHoursAfter(this.currentTime, 1);
const untilLaterToday = nHoursAfter(this.currentTime, 4);
const untilTomorrow = new Date(
this.currentTime.getFullYear(),
this.currentTime.getMonth(),
this.currentTime.getDate() + 1,
8,
);
const toTimeString = (date) => localeDateFormat.asTime.format(date);
return [
{
name: s__('Todos|Snooze'),
items: [
{
text: s__('Todos|For one hour'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(forAnHour, 'DDDD'),
time: toTimeString(forAnHour),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_for_one_hour',
});
this.$emit('snooze-until', forAnHour);
},
},
{
text: s__('Todos|Until later today'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(untilLaterToday, 'DDDD'),
time: toTimeString(untilLaterToday),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_until_later_today',
});
this.$emit('snooze-until', untilLaterToday);
},
},
{
text: s__('Todos|Until tomorrow'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(untilTomorrow, 'DDDD'),
time: toTimeString(untilTomorrow),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_until_tomorrow',
});
this.$emit('snooze-until', untilTomorrow);
},
},
],
},
{
items: [
{
text: s__('Todos|Until a specific time and date'),
action: () => {
this.$refs['custom-snooze-time-modal'].show();
},
},
],
},
];
},
},
i18n: {
snooze: s__('Todos|Snooze...'),
},
};
</script>
<template>
<div>
<gl-disclosure-dropdown
:toggle-id="toggleId"
:items="dropdownOptions"
:toggle-text="$options.i18n.snooze"
data-testid="snooze-dropdown"
icon="clock"
placement="bottom-end"
text-sr-only
no-caret
fluid-width
@shown="isOpen = true"
@hidden="isOpen = false"
>
<gl-disclosure-dropdown-group :group="dropdownOptions[0]">
<template #list-item="{ item }">
<div class="gl-flex gl-justify-between gl-gap-5 gl-whitespace-nowrap">
<div>
{{ item.text }}
</div>
<div class="gl-text-right gl-text-secondary">{{ item.formattedDate }}</div>
</div>
</template>
</gl-disclosure-dropdown-group>
<gl-disclosure-dropdown-group bordered border-position="top" :group="dropdownOptions[1]" />
</gl-disclosure-dropdown>
<gl-tooltip v-if="!isOpen" :target="toggleId">
{{ $options.i18n.snooze }}
</gl-tooltip>
<snooze-todo-modal
ref="custom-snooze-time-modal"
@submit="(until) => $emit('snooze-until', until)"
/>
</div>
</template>
<script> <script>
import { GlButton, GlDisclosureDropdown, GlDisclosureDropdownGroup, GlTooltip } from '@gitlab/ui'; import { GlButton } from '@gitlab/ui';
import { uniqueId } from 'lodash'; import { s__ } from '~/locale';
import dateFormat from '~/lib/dateformat';
import { s__, sprintf } from '~/locale';
import { nHoursAfter } from '~/lib/utils/datetime_utility';
import { reportToSentry } from '~/ci/utils'; import { reportToSentry } from '~/ci/utils';
import { localeDateFormat } from '~/lib/utils/datetime/locale_dateformat';
import Tracking from '~/tracking'; import Tracking from '~/tracking';
import { INSTRUMENT_TODO_ITEM_CLICK } from '~/todos/constants'; import { INSTRUMENT_TODO_ITEM_CLICK } from '~/todos/constants';
import { snoozeTodo } from '../utils'; import { snoozeTodo } from '../utils';
import unSnoozeTodoMutation from './mutations/un_snooze_todo.mutation.graphql'; import unSnoozeTodoMutation from './mutations/un_snooze_todo.mutation.graphql';
import SnoozeTodoModal from './snooze_todo_modal.vue'; import SnoozeTimePicker from './todo_snooze_until_picker.vue';
export default { export default {
components: { components: {
GlButton, GlButton,
GlDisclosureDropdown, SnoozeTimePicker,
GlDisclosureDropdownGroup,
GlTooltip,
SnoozeTodoModal,
}, },
mixins: [Tracking.mixin()], mixins: [Tracking.mixin()],
inject: ['currentTime'],
props: { props: {
todo: { todo: {
type: Object, type: Object,
...@@ -36,86 +28,10 @@ export default { ...@@ -36,86 +28,10 @@ export default {
required: true, required: true,
}, },
}, },
data() {
return {
toggleId: uniqueId('snooze-todo-dropdown-toggle-btn-'),
isOpen: false,
};
},
computed: { computed: {
showSnoozingDropdown() { showSnoozingDropdown() {
return !this.isSnoozed && this.isPending; return !this.isSnoozed && this.isPending;
}, },
dropdownOptions() {
const forAnHour = nHoursAfter(this.currentTime, 1);
const untilLaterToday = nHoursAfter(this.currentTime, 4);
const untilTomorrow = new Date(
this.currentTime.getFullYear(),
this.currentTime.getMonth(),
this.currentTime.getDate() + 1,
8,
);
const toTimeString = (date) => localeDateFormat.asTime.format(date);
return [
{
name: s__('Todos|Snooze'),
items: [
{
text: s__('Todos|For one hour'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(forAnHour, 'DDDD'),
time: toTimeString(forAnHour),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_for_one_hour',
});
this.snooze(forAnHour);
},
},
{
text: s__('Todos|Until later today'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(untilLaterToday, 'DDDD'),
time: toTimeString(untilLaterToday),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_until_later_today',
});
this.snooze(untilLaterToday);
},
},
{
text: s__('Todos|Until tomorrow'),
formattedDate: sprintf(s__('Todos|%{day}, %{time}'), {
day: dateFormat(untilTomorrow, 'DDDD'),
time: toTimeString(untilTomorrow),
}),
action: () => {
this.track(INSTRUMENT_TODO_ITEM_CLICK, {
label: 'snooze_until_tomorrow',
});
this.snooze(untilTomorrow);
},
},
],
},
{
items: [
{
text: s__('Todos|Until a specific time and date'),
action: () => {
this.$refs['custom-snooze-time-modal'].show();
},
},
],
},
];
},
}, },
methods: { methods: {
async snooze(until) { async snooze(until) {
...@@ -171,7 +87,6 @@ export default { ...@@ -171,7 +87,6 @@ export default {
}, },
}, },
i18n: { i18n: {
snooze: s__('Todos|Snooze...'),
snoozeError: s__('Todos|Failed to snooze todo. Try again later.'), snoozeError: s__('Todos|Failed to snooze todo. Try again later.'),
unSnooze: s__('Todos|Remove snooze'), unSnooze: s__('Todos|Remove snooze'),
unSnoozeError: s__('Todos|Failed to un-snooze todo. Try again later.'), unSnoozeError: s__('Todos|Failed to un-snooze todo. Try again later.'),
...@@ -190,35 +105,6 @@ export default { ...@@ -190,35 +105,6 @@ export default {
data-testid="un-snooze-button" data-testid="un-snooze-button"
@click="unSnooze" @click="unSnooze"
/> />
<gl-disclosure-dropdown <snooze-time-picker v-else-if="showSnoozingDropdown" @snooze-until="(until) => snooze(until)" />
v-else-if="showSnoozingDropdown"
:toggle-id="toggleId"
:items="dropdownOptions"
:toggle-text="$options.i18n.snooze"
data-testid="snooze-dropdown"
icon="clock"
placement="bottom-end"
text-sr-only
no-caret
fluid-width
@shown="isOpen = true"
@hidden="isOpen = false"
>
<gl-disclosure-dropdown-group :group="dropdownOptions[0]">
<template #list-item="{ item }">
<div class="gl-flex gl-justify-between gl-gap-5 gl-whitespace-nowrap">
<div>
{{ item.text }}
</div>
<div class="gl-text-right gl-text-secondary">{{ item.formattedDate }}</div>
</div>
</template>
</gl-disclosure-dropdown-group>
<gl-disclosure-dropdown-group bordered border-position="top" :group="dropdownOptions[1]" />
</gl-disclosure-dropdown>
<gl-tooltip v-if="!isOpen" :target="toggleId">
{{ $options.i18n.snooze }}
</gl-tooltip>
<snooze-todo-modal ref="custom-snooze-time-modal" :todo="todo" />
</span> </span>
</template> </template>
...@@ -15,12 +15,12 @@ def before_render ...@@ -15,12 +15,12 @@ def before_render
end end
def message def message
html_escape(message_text) % { safe_format(
message_text,
display_size: @diff_files.size, display_size: @diff_files.size,
real_size: @diffs.real_size, real_size: @diffs.real_size,
strong_open: '<strong>'.html_safe, **tag_pair(tag.strong, :strong_open, :strong_close)
strong_close: '</strong>'.html_safe )
}
end end
def diff_link def diff_link
......
...@@ -95,7 +95,11 @@ def update_group_service ...@@ -95,7 +95,11 @@ def update_group_service
end end
def update_group_params def update_group_params
params.require(:group).permit(:max_artifacts_size, :allow_runner_registration_token) params.require(:group).permit(
:max_artifacts_size,
:allow_runner_registration_token,
:jwt_ci_cd_job_token_enabled
)
end end
# Overridden in EE # Overridden in EE
......
...@@ -173,14 +173,14 @@ def limit_per_page ...@@ -173,14 +173,14 @@ def limit_per_page
end end
def bitbucket_connection_error(error) def bitbucket_connection_error(error)
flash[:alert] = _("Unable to connect to server: %{error}") % { error: error } flash[:alert] = safe_format(_("Unable to connect to server: %{error}"), error: error)
clear_session_data clear_session_data
respond_to do |format| respond_to do |format|
format.json do format.json do
render json: { render json: {
error: { error: {
message: _("Unable to connect to server: %{error}") % { error: error }, message: safe_format(_("Unable to connect to server: %{error}"), error: error),
redirect: new_import_bitbucket_server_path redirect: new_import_bitbucket_server_path
} }
}, status: :unprocessable_entity }, status: :unprocessable_entity
......
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
class Import::BulkImportsController < ApplicationController class Import::BulkImportsController < ApplicationController
include ActionView::Helpers::SanitizeHelper include ActionView::Helpers::SanitizeHelper
include SafeFormatHelper
before_action :ensure_bulk_import_enabled before_action :ensure_bulk_import_enabled
before_action :verify_blocked_uri, only: :status before_action :verify_blocked_uri, only: :status
...@@ -181,7 +182,7 @@ def verify_blocked_uri ...@@ -181,7 +182,7 @@ def verify_blocked_uri
clear_session_data clear_session_data
redirect_to new_group_path(anchor: 'import-group-pane'), redirect_to new_group_path(anchor: 'import-group-pane'),
alert: _('Specified URL cannot be used: "%{reason}"') % { reason: e.message } alert: safe_format(_('Specified URL cannot be used: "%{reason}"'), reason: e.message)
end end
def allow_local_requests? def allow_local_requests?
...@@ -191,7 +192,7 @@ def allow_local_requests? ...@@ -191,7 +192,7 @@ def allow_local_requests?
def bulk_import_connection_error(error) def bulk_import_connection_error(error)
clear_session_data clear_session_data
error_message = _("Unable to connect to server: %{error}") % { error: error } error_message = safe_format(_("Unable to connect to server: %{error}"), error: error)
flash[:alert] = error_message flash[:alert] = error_message
respond_to do |format| respond_to do |format|
......
...@@ -3,6 +3,8 @@ ...@@ -3,6 +3,8 @@
class Import::FogbugzController < Import::BaseController class Import::FogbugzController < Import::BaseController
extend ::Gitlab::Utils::Override extend ::Gitlab::Utils::Override
include SafeFormatHelper
before_action :verify_fogbugz_import_enabled before_action :verify_fogbugz_import_enabled
before_action -> { check_rate_limit!(:fogbugz_import, scope: current_user, redirect_back: true) }, only: :callback before_action -> { check_rate_limit!(:fogbugz_import, scope: current_user, redirect_back: true) }, only: :callback
...@@ -133,7 +135,9 @@ def verify_blocked_uri ...@@ -133,7 +135,9 @@ def verify_blocked_uri
outbound_local_requests_allowlist: Gitlab::CurrentSettings.outbound_local_requests_whitelist # rubocop:disable Naming/InclusiveLanguage -- existing setting outbound_local_requests_allowlist: Gitlab::CurrentSettings.outbound_local_requests_whitelist # rubocop:disable Naming/InclusiveLanguage -- existing setting
) )
rescue Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError => e rescue Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError => e
redirect_to new_import_fogbugz_url, alert: _('Specified URL cannot be used: "%{reason}"') % { reason: e.message } redirect_to new_import_fogbugz_url, alert: safe_format(
_('Specified URL cannot be used: "%{reason}"'), reason: e.message
)
end end
def allow_local_requests? def allow_local_requests?
......
...@@ -105,7 +105,7 @@ def verify_blocked_uri ...@@ -105,7 +105,7 @@ def verify_blocked_uri
rescue Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError => e rescue Gitlab::HTTP_V2::UrlBlocker::BlockedUrlError => e
session[access_token_key] = nil session[access_token_key] = nil
redirect_to new_import_url, alert: _('Specified URL cannot be used: "%{reason}"') % { reason: e.message } redirect_to new_import_url, alert: safe_format(_('Specified URL cannot be used: "%{reason}"'), reason: e.message)
end end
def allow_local_requests? def allow_local_requests?
......
...@@ -245,7 +245,7 @@ def provider_rate_limit(exception) ...@@ -245,7 +245,7 @@ def provider_rate_limit(exception)
reset_time = Time.zone.at(exception.response_headers['x-ratelimit-reset'].to_i) reset_time = Time.zone.at(exception.response_headers['x-ratelimit-reset'].to_i)
session[access_token_key] = nil session[access_token_key] = nil
redirect_to new_import_url, redirect_to new_import_url,
alert: _("GitHub API rate limit exceeded. Try again after %{reset_time}") % { reset_time: reset_time } alert: safe_format(_("GitHub API rate limit exceeded. Try again after %{reset_time}"), reset_time: reset_time)
end end
def provider_forbidden def provider_forbidden
......
# frozen_string_literal: true # frozen_string_literal: true
class Import::GitlabGroupsController < ApplicationController class Import::GitlabGroupsController < ApplicationController
include SafeFormatHelper
include WorkhorseAuthorization include WorkhorseAuthorization
before_action :check_import_rate_limit!, only: %i[create] before_action :check_import_rate_limit!, only: %i[create]
...@@ -30,16 +31,15 @@ def create ...@@ -30,16 +31,15 @@ def create
if Groups::ImportExport::ImportService.new(group: group, user: current_user).async_execute if Groups::ImportExport::ImportService.new(group: group, user: current_user).async_execute
redirect_to( redirect_to(
group_path(group), group_path(group),
notice: s_("GroupImport|Group '%{group_name}' is being imported.") % { group_name: group.name } notice: safe_format(s_("GroupImport|Group '%{group_name}' is being imported."), group_name: group.name)
) )
else else
redirect_to group_path(group), alert: _("Group import could not be scheduled") redirect_to group_path(group), alert: _("Group import could not be scheduled")
end end
else else
redirect_to new_group_path(anchor: 'import-group-pane'), redirect_to new_group_path(anchor: 'import-group-pane'),
alert: s_("GroupImport|Group could not be imported: %{errors}") % { alert: safe_format(s_("GroupImport|Group could not be imported: %{errors}"),
errors: group.errors.full_messages.to_sentence errors: group.errors.full_messages.to_sentence)
}
end end
end end
......
# frozen_string_literal: true # frozen_string_literal: true
class Import::GitlabProjectsController < Import::BaseController class Import::GitlabProjectsController < Import::BaseController
include SafeFormatHelper
include WorkhorseAuthorization include WorkhorseAuthorization
before_action :disable_query_limiting, only: [:create] before_action :disable_query_limiting, only: [:create]
...@@ -27,7 +28,7 @@ def create ...@@ -27,7 +28,7 @@ def create
if @project.saved? if @project.saved?
redirect_to( redirect_to(
project_path(@project), project_path(@project),
notice: _("Project '%{project_name}' is being imported.") % { project_name: @project.name } notice: safe_format(_("Project '%{project_name}' is being imported."), project_name: @project.name)
) )
else else
redirect_back_or_default( redirect_back_or_default(
......
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
class InvitesController < ApplicationController class InvitesController < ApplicationController
include Gitlab::Utils::StrongMemoize include Gitlab::Utils::StrongMemoize
include SafeFormatHelper
prepend_before_action :authenticate_user!, :track_invite_join_click, only: :show prepend_before_action :authenticate_user!, :track_invite_join_click, only: :show
before_action :member before_action :member
...@@ -38,8 +39,10 @@ def decline ...@@ -38,8 +39,10 @@ def decline
new_user_session_path new_user_session_path
end end
redirect_to path, notice: _("You have declined the invitation to join %{title} %{name}.") % redirect_to path,
{ title: invite_details[:title], name: invite_details[:name] } notice: safe_format(_("You have declined the invitation to join %{title} %{name}."),
title: invite_details[:title],
name: invite_details[:name])
else else
redirect_back_or_default(options: { alert: _("The invitation could not be declined.") }) redirect_back_or_default(options: { alert: _("The invitation could not be declined.") })
end end
......
...@@ -203,7 +203,7 @@ def redirect_identity_exists ...@@ -203,7 +203,7 @@ def redirect_identity_exists
def redirect_identity_link_failed(error_message) def redirect_identity_link_failed(error_message)
redirect_to profile_account_path, redirect_to profile_account_path,
notice: _("Authentication failed: %{error_message}") % { error_message: error_message } notice: safe_format(_("Authentication failed: %{error_message}"), error_message: error_message)
end end
def redirect_identity_linked def redirect_identity_linked
...@@ -288,10 +288,8 @@ def handle_signup_error ...@@ -288,10 +288,8 @@ def handle_signup_error
label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider']) label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider'])
simple_url = Settings.gitlab.url.sub(%r{^https?://(www\.)?}i, '') simple_url = Settings.gitlab.url.sub(%r{^https?://(www\.)?}i, '')
message = [ message = [
_('Signing in using your %{label} account without a pre-existing ' \ safe_format(_('Signing in using your %{label} account without a pre-existing ' \
'account in %{simple_url} is not allowed.') % { 'account in %{simple_url} is not allowed.'), label: label, simple_url: simple_url)
label: label, simple_url: simple_url
}
] ]
if Gitlab::CurrentSettings.allow_signup? if Gitlab::CurrentSettings.allow_signup?
...@@ -349,7 +347,7 @@ def redirect_unverified_saml_initiation ...@@ -349,7 +347,7 @@ def redirect_unverified_saml_initiation
def handle_identity_with_untrusted_extern_uid def handle_identity_with_untrusted_extern_uid
label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider']) label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider'])
flash[:alert] = format( flash[:alert] = safe_format(
_('Signing in using your %{label} account has been disabled for security reasons. ' \ _('Signing in using your %{label} account has been disabled for security reasons. ' \
'Please sign in to your GitLab account using another authentication method and ' \ 'Please sign in to your GitLab account using another authentication method and ' \
'reconnect to your %{label} account.' 'reconnect to your %{label} account.'
...@@ -362,7 +360,7 @@ def handle_identity_with_untrusted_extern_uid ...@@ -362,7 +360,7 @@ def handle_identity_with_untrusted_extern_uid
def handle_disabled_provider def handle_disabled_provider
label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider']) label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider'])
flash[:alert] = _("Signing in using %{label} has been disabled") % { label: label } flash[:alert] = safe_format(_("Signing in using %{label} has been disabled"), label: label)
redirect_to new_user_session_path redirect_to new_user_session_path
end end
......
# frozen_string_literal: true # frozen_string_literal: true
class Profiles::ChatNamesController < Profiles::ApplicationController class Profiles::ChatNamesController < Profiles::ApplicationController
include SafeFormatHelper
before_action :chat_name_token, only: [:new] before_action :chat_name_token, only: [:new]
before_action :chat_name_params, only: [:new, :create, :deny] before_action :chat_name_params, only: [:new, :create, :deny]
...@@ -18,7 +20,7 @@ def create ...@@ -18,7 +20,7 @@ def create
new_chat_name = current_user.chat_names.new(chat_name_params) new_chat_name = current_user.chat_names.new(chat_name_params)
if new_chat_name.save if new_chat_name.save
flash[:notice] = _("Authorized %{new_chat_name}") % { new_chat_name: new_chat_name.chat_name } flash[:notice] = safe_format(_("Authorized %{new_chat_name}"), new_chat_name: new_chat_name.chat_name)
else else
flash[:alert] = _("Could not authorize chat nickname. Try again!") flash[:alert] = _("Could not authorize chat nickname. Try again!")
end end
...@@ -31,7 +33,7 @@ def deny ...@@ -31,7 +33,7 @@ def deny
delete_chat_name_token delete_chat_name_token
flash[:notice] = flash[:notice] =
_("Denied authorization of chat nickname %{user_name}.") % { user_name: chat_name_params[:user_name] } safe_format(_("Denied authorization of chat nickname %{user_name}."), user_name: chat_name_params[:user_name])
redirect_to profile_chat_names_path redirect_to profile_chat_names_path
end end
...@@ -40,9 +42,9 @@ def destroy ...@@ -40,9 +42,9 @@ def destroy
@chat_name = chat_names.find(params[:id]) @chat_name = chat_names.find(params[:id])
if @chat_name.destroy if @chat_name.destroy
flash[:notice] = _("Deleted chat nickname: %{chat_name}!") % { chat_name: @chat_name.chat_name } flash[:notice] = safe_format(_("Deleted chat nickname: %{chat_name}!"), chat_name: @chat_name.chat_name)
else else
flash[:alert] = _("Could not delete chat nickname %{chat_name}.") % { chat_name: @chat_name.chat_name } flash[:alert] = safe_format(_("Could not delete chat nickname %{chat_name}."), chat_name: @chat_name.chat_name)
end end
redirect_to profile_chat_names_path, status: :found redirect_to profile_chat_names_path, status: :found
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment