1. 19 Jun, 2017 1 commit
  2. 08 Jun, 2017 3 commits
    • DJ Mountney's avatar
      Merge branch '25934-project-snippet-vis' into 'security-9-2' · ae6adf16
      DJ Mountney authored
      Fix visibility when referencing snippets
      
      See merge request !2101
      ae6adf16
    • DJ Mountney's avatar
      Bring in security changes from the 9.2.5 release · 565ead61
      DJ Mountney authored
      Ran:
       - git format-patch v9.2.2..v9.2.5 --stdout > patchfile.patch
       - git checkout -b 9-2-5-security-patch origin/v9.2.2
       - git apply patchfile.patch
       - git commit
       - [Got the sha ref for the commit]
       - git checkout -b upstream-9-2-security master
       - git cherry-pick <SHA of the patchfile commit>
       - [Resolved conflicts]
       - git cherry-pick --continue
      565ead61
    • DJ Mountney's avatar
      Bring in security changes from the 9.2.5 release · 1d1363e2
      DJ Mountney authored
      Ran:
       - git format-patch v9.2.2..v9.2.5 --stdout > patchfile.patch
       - git checkout -b 9-2-5-security-patch origin/v9.2.2
       - git apply patchfile.patch
       - git commit
       - [Got the sha ref for the commit]
       - git checkout -b upstream-9-2-security master
       - git cherry-pick <SHA of the patchfile commit>
       - [Resolved conflicts]
       - git cherry-pick --continue
      1d1363e2
  3. 05 Jun, 2017 1 commit
    • Sean McGivern's avatar
      Allow group reporters to manage group labels · 5db229fb
      Sean McGivern authored
      Previously, only group masters could do this. However, project reporters can
      manage project labels, so there doesn't seem to be any need to restrict group
      labels further.
      
      Also, save a query or two by getting a single GroupMember object to find out if
      the user is a master or not.
      5db229fb
  4. 02 Jun, 2017 2 commits
  5. 31 May, 2017 1 commit
  6. 10 May, 2017 2 commits
  7. 08 May, 2017 1 commit
  8. 07 May, 2017 1 commit
  9. 05 May, 2017 1 commit
  10. 03 May, 2017 1 commit
  11. 02 May, 2017 1 commit
  12. 01 May, 2017 2 commits
  13. 26 Apr, 2017 1 commit
  14. 12 Apr, 2017 3 commits
  15. 11 Apr, 2017 1 commit
  16. 09 Apr, 2017 1 commit
  17. 07 Apr, 2017 1 commit
  18. 06 Apr, 2017 1 commit
    • jacopo's avatar
      ProjectsFinder should handle more options · b996a82f
      jacopo authored
      Extended ProjectFinder in order to handle the following options:
       - current_user - which user use
       - project_ids_relation: int[] - project ids to use
       - params:
         -  trending: boolean
         -  non_public: boolean
         -  starred: boolean
         -  sort: string
         -  visibility_level: int
         -  tags: string[]
         -  personal: boolean
         -  search: string
         -  non_archived: boolean
      
      GroupProjectsFinder now inherits from ProjectsFinder.
      Changed the code in order to use the new available options.
      b996a82f
  19. 09 Mar, 2017 4 commits
  20. 07 Mar, 2017 1 commit
  21. 28 Feb, 2017 1 commit
  22. 24 Feb, 2017 1 commit
    • Timothy Andrew's avatar
      Don't allow deleting a ghost user. · 6fdb17cb
      Timothy Andrew authored
      - Add a `destroy_user` ability. This didn't exist before, and was implicit in
        other abilities (only admins could access the admin area, so only they could
        destroy all users; a user can only access their own account page, and so can
        destroy only themselves).
      
      - Grant this ability to admins, and when the current user is trying to destroy
        themselves. Disallow destroying ghost users in all cases.
      
      - Modify the `Users::DestroyService` to check this ability. Also check it in
        views to decide whether or not to show the "Delete User" button.
      
      - Add a short summary of the Ghost User to the bio.
      6fdb17cb
  23. 23 Feb, 2017 1 commit
  24. 05 Feb, 2017 1 commit
  25. 31 Jan, 2017 3 commits
    • Kamil Trzciński's avatar
      Fix pages abilities · 3e6cbcdd
      Kamil Trzciński authored
      3e6cbcdd
    • Kamil Trzciński's avatar
      Initial work on GitLab Pages update · 5f7257c2
      Kamil Trzciński authored
      5f7257c2
    • Kamil Trzciński's avatar
      Add GitLab Pages · 120f9aba
      Kamil Trzciński authored
      - The pages are created when build artifacts for `pages` job are uploaded
      - Pages serve the content under: http://group.pages.domain.com/project
      - Pages can be used to serve the group page, special project named as host: group.pages.domain.com
      - User can provide own 403 and 404 error pages by creating 403.html and 404.html in group page project
      - Pages can be explicitly removed from the project by clicking Remove Pages in Project Settings
      - The size of pages is limited by Application Setting: max pages size, which limits the maximum size of unpacked archive (default: 100MB)
      - The public/ is extracted from artifacts and content is served as static pages
      - Pages asynchronous worker use `dd` to limit the unpacked tar size
      - Pages needs to be explicitly enabled and domain needs to be specified in gitlab.yml
      - Pages are part of backups
      - Pages notify the deployment status using Commit Status API
      - Pages use a new sidekiq queue: pages
      - Pages use a separate nginx config which needs to be explicitly added
      120f9aba
  26. 23 Jan, 2017 1 commit
  27. 18 Jan, 2017 2 commits