BigW Consortium Gitlab

  1. 20 Jul, 2017 1 commit
  2. 13 Jul, 2017 1 commit
    • Fixes needed when GitLab sign-in is not enabled · 672a68d3
      Robin Bobbitt authored
      When sign-in is disabled:
       - skip password expiration checks
       - prevent password reset requests
       - don’t show Password tab in User Settings
       - don’t allow login with username/password for Git over HTTP requests
       - render 404 on requests to Profiles::PasswordsController
  3. 06 Jul, 2017 4 commits
    • Implement review comments for !11963 from @adamniedzielski. · 8fa08ea3
      Timothy Andrew authored
      - Change double quotes to single quotes.
      - Why is `OmniAuth.config.full_host` being reassigned in the integration test?
      - Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
      - Other minor changes
    • Add integration tests around OAuth login. · e936db96
      Timothy Andrew authored
      - There was previously a test for `saml` login in `login_spec`, but this didn't
        seem to be passing. A lot of things didn't seem right here, and I suspect that
        this test hasn't been running. I'll investigate this further.
      
      - It took almost a whole working day to figure out this line:
      
          OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
      
        As always, it's obvious in retrospect, but it took some digging to figure out
        tests were failing and returning 404s during the callback phase.
      
      - Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
    • Implement "remember me" for OAuth-based login. · 633793cf
      Timothy Andrew authored
      - Pass a `remember_me` query parameter along with the initial OAuth request, and
        pick this parameter up during the omniauth callback from
        request.env['omniauth.params']`.
      
      - For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
        `params`, which the 2FA process will pick up.
      
      - For non-2FA-based login, simply call the `remember_me` devise method to set
        the session cookie.
  4. 05 Jul, 2017 1 commit
  5. 03 Jul, 2017 5 commits
    • Implement review comments for !11963 from @adamniedzielski. · 4c34374d
      Timothy Andrew authored
      - Change double quotes to single quotes.
      - Why is `OmniAuth.config.full_host` being reassigned in the integration test?
      - Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
      - Other minor changes
    • Add integration tests around OAuth login. · dd926401
      Timothy Andrew authored
      - There was previously a test for `saml` login in `login_spec`, but this didn't
        seem to be passing. A lot of things didn't seem right here, and I suspect that
        this test hasn't been running. I'll investigate this further.
      
      - It took almost a whole working day to figure out this line:
      
          OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
      
        As always, it's obvious in retrospect, but it took some digging to figure out
        tests were failing and returning 404s during the callback phase.
      
      - Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
    • Implement "remember me" for OAuth-based login. · 5b649ac6
      Timothy Andrew authored
      - Pass a `remember_me` query parameter along with the initial OAuth request, and
        pick this parameter up during the omniauth callback from
        request.env['omniauth.params']`
      
      - For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
        `params`, which the 2FA process will pick up.
      
      - For non-2FA-based login, simply call the `remember_me` devise method to set
        the session cookie.
  6. 13 Jun, 2017 2 commits
  7. 24 May, 2017 3 commits
  8. 16 May, 2017 1 commit
  9. 22 Mar, 2017 1 commit
  10. 09 Mar, 2017 1 commit
  11. 07 Mar, 2017 1 commit
  12. 23 Feb, 2017 1 commit
  13. 15 Feb, 2017 1 commit
  14. 07 Feb, 2017 1 commit
  15. 02 Feb, 2017 1 commit
  16. 12 Jan, 2017 1 commit
  17. 04 Jan, 2017 1 commit
  18. 03 Jan, 2017 1 commit
    • Add email and password confirmation fields to registration form · 33b41bc8
      Drew Blessing authored
      It's too easy to mistype an email or password when signing up.
      The support team is receiving an increasing number of requests
      because users mistype their email. We can eliminate this problem
      by requiring users to confirm the email before registering. The
      same issue can occur for the password field so we should add
      this, too. We should note that password confirmation is part
      of the default Devise forms. I don't know why/when GitLab
      removed it.
  19. 31 Dec, 2016 3 commits
  20. 27 Dec, 2016 1 commit
  21. 06 Dec, 2016 1 commit
  22. 02 Dec, 2016 1 commit
  23. 18 Nov, 2016 2 commits
    • Un-un-revert signin tab order fix. · 0bd53709
      Bryce Johnson authored
    • Allow registering users where the username contains dots (.). · 78b6d662
      Timothy Andrew authored
      Javascript does not support the negative lookbehind assertion (?<!) used
      in the Ruby regex (to disallow usernames ending in `.git` or `.atom`.
      
      Getting the client side code to fully support this format is
      non-trivial, since we'd either have to heavily complicate the
      regex used, or modify the frontend code to support more complex
      validation schemes (it currently uses HTML5 validations).
      
      The pragmatic choice is to create a
      `Gitlab::Regex::NAMESPACE_REGEX_STR_SIMPLE` regex to serve as a
      Javascript-compatible version of `NAMESPACE_REGEX_STR`.
      
      The client-side code will not display an error for usernames ending in
      `.git` and `.atom`, but these will be caught by the server-side
      validation.
  24. 10 Nov, 2016 1 commit
  25. 02 Nov, 2016 1 commit
  26. 01 Nov, 2016 1 commit
  27. 24 Oct, 2016 1 commit