- 28 Feb, 2017 1 commit
-
-
Robert Schilling authored
-
- 23 Feb, 2017 3 commits
-
-
Douwe Maan authored
This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
-
Douwe Maan authored
-
Douwe Maan authored
-
- 20 Feb, 2017 1 commit
-
-
Robert Schilling authored
-
- 16 Feb, 2017 1 commit
-
-
Robert Schilling authored
-
- 09 Feb, 2017 1 commit
-
-
Joost Rijneveld authored
-
- 08 Feb, 2017 1 commit
-
-
dixpac authored
* Changed name of delete_user_service and worker to destroy * Move and change delete_group_service to Groups::DestroyService * Rename Notes::DeleteService to Notes::DestroyService
-
- 02 Feb, 2017 1 commit
-
-
George Andrinopoulos authored
-
- 11 Jan, 2017 1 commit
-
-
Mark Fletcher authored
-
- 05 Jan, 2017 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 03 Jan, 2017 1 commit
-
-
Robert Schilling authored
-
- 18 Dec, 2016 1 commit
-
-
Arsenev Vladislav authored
-
- 16 Dec, 2016 1 commit
-
-
Timothy Andrew authored
- Move the `Oauth2::AccessTokenValidationService` class to `AccessTokenValidationService`, since it is now being used for personal access token validation as well. - Each API endpoint declares the scopes it accepts (if any). Currently, the top level API module declares the `api` scope, and the `Users` API module declares the `read_user` scope (for GET requests). - Move the `find_user_by_private_token` from the API `Helpers` module to the `APIGuard` module, to avoid littering `Helpers` with more auth-related methods to support `find_user_by_private_token`
-
- 12 Dec, 2016 1 commit
-
-
Rémy Coutable authored
The issue was arising when `#current_user` was called a second time after a user was impersonated: the `User#is_admin?` check would be performed on it and it would fail. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 07 Dec, 2016 2 commits
-
-
tiagonbotelho authored
-
tiagonbotelho authored
-
- 04 Dec, 2016 1 commit
-
-
Robert Schilling authored
-
- 21 Nov, 2016 2 commits
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Robert Schilling authored
-
- 14 Nov, 2016 1 commit
-
-
Robert Schilling authored
-
- 08 Nov, 2016 1 commit
-
-
Yatish Mehta authored
-
- 24 Oct, 2016 2 commits
-
-
Airat Shigapov authored
-
Airat Shigapov authored
-
- 10 Oct, 2016 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 27 Sep, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 31 Aug, 2016 1 commit
-
-
Timothy Andrew authored
- This would allow anyone with a personal access token (even a read-only token, once scopes are implemented) to escalate their access by obtaining the private token.
-
- 03 Jun, 2016 2 commits
-
-
James Lopez authored
This reverts commit 3e991230.
-
James Lopez authored
# Conflicts: # app/models/project.rb
-
- 30 May, 2016 1 commit
-
-
Grzegorz Bizon authored
See #17478
-
- 18 Apr, 2016 3 commits
-
-
Felipe Artur authored
-
Felipe Artur authored
-
Felipe Artur authored
-
- 06 Apr, 2016 1 commit
-
-
Robert Schilling authored
-
- 17 Mar, 2016 2 commits
-
-
Achilleas Pipinellis authored
[ci skip]
-
Zeger-Jan van de Weg authored
-
- 13 Mar, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
The user has the rights of a public user execpt it can never create a project, group, or team. Also it cant view internal projects.
-
- 12 Jan, 2016 1 commit
-
-
Gabriel Mazetto authored
-
- 08 Jan, 2016 1 commit
-
-
Gabriel Mazetto authored
-
- 28 Dec, 2015 1 commit
-
-
Michi302 authored
-