- 11 Apr, 2017 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 27 Mar, 2017 1 commit
-
-
Robert Speicher authored
-
- 09 Mar, 2017 1 commit
-
-
http://jneen.net/ authored
and more robustly spec the ancestor behavior
-
- 07 Mar, 2017 1 commit
-
-
Kamil Trzciński authored
-
- 24 Feb, 2017 1 commit
-
-
Timothy Andrew authored
- Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio.
-
- 23 Feb, 2017 2 commits
-
-
Douwe Maan authored
This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
-
Douwe Maan authored
-
- 06 Feb, 2017 1 commit
-
-
Douwe Maan authored
-
- 23 Jan, 2017 1 commit
-
-
Grzegorz Bizon authored
-
- 18 Jan, 2017 2 commits
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 26 Dec, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 15 Dec, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 04 Dec, 2016 2 commits
-
-
Z.J. van de Weg authored
-
Z.J. van de Weg authored
Fixes #18448
-
- 30 Nov, 2016 1 commit
-
-
Douglas Barbosa Alexandre authored
-
- 07 Nov, 2016 1 commit
-
-
Yorick Peterse authored
-
- 01 Nov, 2016 1 commit
-
-
Kamil Trzcinski authored
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
-
- 28 Oct, 2016 2 commits
-
-
Sean McGivern authored
-
Sean McGivern authored
`ProjectTeam#find_member` doesn't take group links into account. It was used in two places: 1. An admin view - it can stay here. 2. `ProjectTeam#member?`, which is often used to decide if a user has access to view something. This second part broke confidential issues viewing. `IssuesFinder` ends up delegating to `Project#authorized_for_user?`, which does consider group links, so users with access to the project via a group link could see confidential issues on the index page. However, `IssuesPolicy` used `ProjectTeam#member?`, so the same user couldn't view the issue when going to it directly.
-
- 11 Oct, 2016 1 commit
-
-
Valery Sizov authored
-
- 06 Oct, 2016 1 commit
-
-
Alejandro Rodríguez authored
-
- 20 Sep, 2016 1 commit
-
-
Felipe Artur authored
-
- 30 Aug, 2016 1 commit
-
-
http://jneen.net/ authored
-