- 07 Nov, 2016 1 commit
-
-
Yorick Peterse authored
This method can be used to retrieve a list of projects for a user that said user has reporter access to. This list is then be reduced down to a specific set of projects. This allows you to reduce a list of projects to a list of projects you have reporter access to in an efficient manner.
-
- 04 Nov, 2016 1 commit
-
-
Valery Sizov authored
-
- 01 Nov, 2016 1 commit
-
-
Yar authored
It is not possible to search for a user by his secondary email address in the Users search bar in the admin interface(/admin/users). A use-case could be that an admin wants to remove a specific secondary email address of an user, because it interferes with another user. Issue #23761 This commit adds ability to search not only by main email, but also by any secondary email in the admin interface.
-
- 24 Oct, 2016 1 commit
-
-
David Wagner authored
They were Rails' default and are unnecessarily overridden. Signed-off-by: David Wagner <david@marvid.fr>
-
- 05 Oct, 2016 1 commit
-
-
Yorick Peterse authored
This refactors Gitlab::Identifier so it uses fewer queries and is actually tested. Queries are reduced by caching the output as well as using 1 query (instead of 2) to find a user using an SSH key.
-
- 01 Sep, 2016 1 commit
-
-
Felipe Artur authored
-
- 24 Aug, 2016 1 commit
-
-
Paco Guzman authored
-
- 17 Aug, 2016 1 commit
-
-
Paco Guzman authored
Use just SQL to check is a user can admin_issue on a project Tradeoff - we duplicate how we check admin_issue in a SQL relation in the Ability class
-
- 12 Aug, 2016 1 commit
-
- 09 Aug, 2016 1 commit
-
-
tiagonbotelho authored
-
- 04 Aug, 2016 1 commit
-
- 02 Aug, 2016 1 commit
-
-
Keith Pope authored
-
- 19 Jul, 2016 1 commit
-
-
Robert Speicher authored
Prior, when providing a `min_access_level` parameter to this method, we called `Gitlab::Access.values` instead of `all_values`, mistakenly omitting the `OWNER` level. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19878
-
- 18 Jul, 2016 4 commits
-
-
Patricio Cano authored
-
Patricio Cano authored
Refactor and rename `restricted_signup_domains` to `domain_whitelist` to better conform to its behavior and newly introduced behavior.
-
Patricio Cano authored
-
Patricio Cano authored
-
- 15 Jul, 2016 1 commit
-
-
Kamil Trzcinski authored
-
- 12 Jul, 2016 1 commit
-
-
Robert Speicher authored
-
- 07 Jul, 2016 1 commit
-
-
Dravere authored
As requested by the issue #14508 this adds an option in the application settings to set newly registered users by default as external. The default setting is set to false to stay backward compatible.
-
- 24 Jun, 2016 1 commit
-
-
Rémy Coutable authored
The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 07 Jun, 2016 8 commits
-
-
Lin Jen-Shin authored
Feedback from: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12301563
-
Lin Jen-Shin authored
-
Lin Jen-Shin authored
Feedback from: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194552
-
Lin Jen-Shin authored
Feedback from: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194489
-
Lin Jen-Shin authored
Feedback from: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194471
-
Lin Jen-Shin authored
-
- 06 Jun, 2016 1 commit
-
-
Timothy Andrew authored
- To hold registrations from U2F devices, and to authenticate them. - Previously, `User#two_factor_enabled` was aliased to the `otp_required_for_login` column on `users`. - This commit changes things a bit: - `User#two_factor_enabled` is not a method anymore - `User#two_factor_enabled?` checks both the `otp_required_for_login` column, as well as `U2fRegistration`s - Change all instances of `User#two_factor_enabled` to `User#two_factor_enabled?` - Add the `u2f` gem, and implement registration/authentication at the model level.
-
- 03 Jun, 2016 2 commits
-
-
James Lopez authored
This reverts commit 3e991230.
-
James Lopez authored
# Conflicts: # app/models/project.rb
-
- 28 May, 2016 1 commit
-
-
DJ Mountney authored
-
- 16 May, 2016 1 commit
-
-
Felipe Artur authored
-
- 11 May, 2016 1 commit
-
-
Sean McGivern authored
-
- 10 May, 2016 2 commits
-
-
Sean McGivern authored
`User#starred_projects` doesn't perform any visibility checks. This has a couple of problems: 1. It assumes a user can always view all of their starred projects in perpetuity (project not changed to private, access revoked, etc.). 2. It assumes that we'll only ever allow a user to star a project they can view. This is currently the case, but bugs happen. Add `User#viewable_starred_projects` to filter the starred projects by those the user either has explicit access to, or are public or internal. Then use that in all places where we list the user's starred projects.
-
Zeger-Jan van de Weg authored
-
- 09 May, 2016 1 commit
-
-
Jeroen van Baarsen authored
In 8278b763 the default behaviour of annotation has changes, which was causing a lot of noise in diffs. We decided in #17382 that it is better to get rid of the whole annotate gem, and instead let people look at schema.rb for the columns in a table. Fixes: #17382
-
- 31 Mar, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
-
- 15 Mar, 2016 1 commit
-
-
Rémy Coutable authored
This reverts commit 01160fc0, reversing changes made to 4bff9daf.
-