1. 01 Mar, 2019 1 commit
  2. 26 Feb, 2019 1 commit
  3. 25 Feb, 2019 1 commit
  4. 22 Feb, 2019 1 commit
  5. 21 Feb, 2019 1 commit
  6. 13 Feb, 2019 1 commit
  7. 05 Feb, 2019 1 commit
  8. 28 Jan, 2019 1 commit
    • Mario de la Ossa's avatar
      Save sorting preference for Issues/MRs in BE · 49c74068
      Mario de la Ossa authored
      In order to let users' sorting preferences transfer between devices, we
      save the preference for issues and MRs (one preference for issues, one
      for MRs) in the backend inside the UserPreference object
      49c74068
  9. 24 Jan, 2019 1 commit
  10. 18 Dec, 2018 1 commit
    • blackst0ne's avatar
      Update specs to rails5 format · b44a2c80
      blackst0ne authored
      Updates specs to use new rails5 format.
      
      The old format:
      `get :show, { some: params }, { some: headers }`
      
      The new format:
      `get :show, params: { some: params }, headers: { some: headers }`
      b44a2c80
  11. 16 Dec, 2018 1 commit
  12. 03 Dec, 2018 1 commit
  13. 23 Nov, 2018 1 commit
  14. 14 Nov, 2018 1 commit
  15. 10 Nov, 2018 1 commit
  16. 07 Nov, 2018 1 commit
  17. 06 Sep, 2018 1 commit
  18. 04 Sep, 2018 1 commit
  19. 06 Jul, 2018 1 commit
    • Bob Van Landuyt's avatar
      Preload ancestors after pagination when filtering · de35c044
      Bob Van Landuyt authored
      We need to preload the ancestors of search results after applying
      pagination limits. This way the search results itself are paginated,
      but not the ancestors.
      
      If we don't do this, we might not preload a parent group of a search
      result as it has been cut off by pagination.
      de35c044
  20. 13 Jun, 2018 1 commit
  21. 05 Jun, 2018 1 commit
    • Bob Van Landuyt's avatar
      Render a 403 when showing an access denied message · 491e1fc9
      Bob Van Landuyt authored
      When we want to show an access denied message to a user, we don't have
      to hide the resource's existence.
      
      So in that case we render a 403, this 403 is not handled by nginx on
      omnibus installs, making sure the message is visible to the user.
      491e1fc9
  22. 14 May, 2018 1 commit
  23. 04 May, 2018 2 commits
    • Bob Van Landuyt's avatar
      Reuses `InternalRedirect` when possible · 39916fdf
      Bob Van Landuyt authored
      `InternalRedirect` prevents Open redirect issues by only allowing
      redirection to paths on the same host.
      
      It cleans up any unwanted strings from the path that could point to
      another host (fe. //about.gitlab.com/hello). While preserving the
      querystring and fragment of the uri.
      
      It is already used by:
      
      - `TermsController`
      - `ContinueParams`
        - `ImportsController`
        - `ForksController`
      - `SessionsController`: Only for verifying the host in CE. EE allows
         redirecting to a different instance using Geo.
      39916fdf
    • Bob Van Landuyt's avatar
      Enforces terms in the web application · 7684217d
      Bob Van Landuyt authored
      This enforces the terms in the web application. These cases are
      specced:
      
      - Logging in: When terms are enforced, and a user logs in that has not
        accepted the terms, they are presented with the screen. They get
        directed to their customized root path afterwards.
      - Signing up: After signing up, the first screen the user is presented
        with the screen to accept the terms. After they accept they are
        directed to the dashboard.
      - While a session is active:
        - For a GET: The user will be directed to the terms page first,
          after they accept the terms, they will be directed to the page
          they were going to
        - For any other request: They are directed to the terms, after they
          accept the terms, they are directed back to the page they came
          from to retry the request. Any information entered would be
          persisted in localstorage and available on the page.
      7684217d
  24. 11 Apr, 2018 1 commit
  25. 22 Mar, 2018 1 commit
  26. 09 Mar, 2018 1 commit
  27. 22 Feb, 2018 1 commit
  28. 21 Feb, 2018 1 commit
    • Sean McGivern's avatar
      Refactor IssuableFinder to extract model-specific logic · c2fc4066
      Sean McGivern authored
      By extracting a new `filter_items` method, we can override that in the
      IssuesFinder and MergeRequestsFinder separately, so we don't need checks that
      the model is the correct one, because we can just use the class we're in to know
      that.
      
      We can do the same for the VALID_PARAMS constant, by making it a class method.
      c2fc4066
  29. 13 Nov, 2017 1 commit
  30. 07 Nov, 2017 1 commit
  31. 03 Nov, 2017 1 commit
  32. 09 Oct, 2017 1 commit
  33. 05 Oct, 2017 1 commit
  34. 04 Oct, 2017 2 commits
  35. 05 Sep, 2017 1 commit
    • Yorick Peterse's avatar
      Re-use issue/MR counts for the pagination system · 42062a45
      Yorick Peterse authored
      This changes the issue and MR index pages so the pagination system
      re-uses the output of the COUNT(*) query used to calculate the number of
      rows per state (opened, closed, etc). This removes the need for an
      additional COUNT(*) on both pages.
      42062a45
  36. 27 Apr, 2017 2 commits