BigW Consortium Gitlab

  1. 11 Dec, 2017 1 commit
  2. 08 Dec, 2017 2 commits
    • Merge branch 'bvl-10-2-email-disclosure' into 'security-10-2' · 8c0aa7d4
      Douwe Maan authored
      (10.2) Avoid partial partial email adresses for matching
      
      See merge request gitlab/gitlabhq!2232
      
      (cherry picked from commit 081aa1e91a777c9acb31be4a1e76b3dd7032fa9a)
      
      There are unresolved conflicts in app/models/user.rb.
      
      fa85a3fd Don't allow searching for partial user emails
    • expire todo count calculations to be consistent with · b2a1919c
      Brett Walker authored
      assigned_open_merge_requests_count and assigned_open_issues_count, which are used in the top header stats.  Also important for a Geo secondary, so that the pending todo stat gets updated on the same frequency as the users open issues/merge requests.
  3. 07 Dec, 2017 1 commit
  4. 05 Dec, 2017 1 commit
  5. 04 Dec, 2017 1 commit
  6. 01 Dec, 2017 1 commit
  7. 27 Nov, 2017 1 commit
  8. 24 Nov, 2017 1 commit
  9. 23 Nov, 2017 2 commits
  10. 21 Nov, 2017 1 commit
  11. 17 Nov, 2017 1 commit
  12. 16 Nov, 2017 2 commits
    • Adds Rubocop rule for line break after guard clause · 181cd299
      Jacopo authored
      Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
    • Cache the number of user SSH keys · 3e561736
      Yorick Peterse authored
      By caching the number of personal SSH keys we reduce the number of
      queries necessary on pages such as ProjectsController#show (which can
      end up querying this data multiple times).
      
      The cache is refreshed/flushed whenever an SSH key is added, removed, or
      when a user is removed.
  13. 14 Nov, 2017 1 commit
  14. 07 Nov, 2017 2 commits
    • Rewrite the GitHub importer from scratch · 4dfe26cd
      Yorick Peterse authored
      Prior to this MR there were two GitHub related importers:
      
      * Github::Import: the main importer used for GitHub projects
      * Gitlab::GithubImport: importer that's somewhat confusingly used for
        importing Gitea projects (apparently they have a compatible API)
      
      This MR renames the Gitea importer to Gitlab::LegacyGithubImport and
      introduces a new GitHub importer in the Gitlab::GithubImport namespace.
      This new GitHub importer uses Sidekiq for importing multiple resources
      in parallel, though it also has the ability to import data sequentially
      should this be necessary.
      
      The new code is spread across the following directories:
      
      * lib/gitlab/github_import: this directory contains most of the importer
        code such as the classes used for importing resources.
      * app/workers/gitlab/github_import: this directory contains the Sidekiq
        workers, most of which simply use the code from the directory above.
      * app/workers/concerns/gitlab/github_import: this directory provides a
        few modules that are included in every GitHub importer worker.
      
      == Stages
      
      The import work is divided into separate stages, with each stage
      importing a specific set of data. Stages will schedule the work that
      needs to be performed, followed by scheduling a job for the
      "AdvanceStageWorker" worker. This worker will periodically check if all
      work is completed and schedule the next stage if this is the case. If
      work is not yet completed this worker will reschedule itself.
      
      Using this approach we don't have to block threads by calling `sleep()`,
      as doing so for large projects could block the thread from doing any
      work for many hours.
      
      == Retrying Work
      
      Workers will reschedule themselves whenever necessary. For example,
      hitting the GitHub API's rate limit will result in jobs rescheduling
      themselves. These jobs are not processed until the rate limit has been
      reset.
      
      == User Lookups
      
      Part of the importing process involves looking up user details in the
      GitHub API so we can map them to GitLab users. The old importer used
      an in-memory cache, but this obviously doesn't work when the work is
      spread across different threads.
      
      The new importer uses a Redis cache and makes sure we only perform
      API/database calls if absolutely necessary.  Frequently used keys are
      refreshed, and lookup misses are also cached; removing the need for
      performing API/database calls if we know we don't have the data we're
      looking for.
      
      == Performance & Models
      
      The new importer in various places uses raw INSERT statements (as
      generated by `Gitlab::Database.bulk_insert`) instead of using Rails
      models. This allows us to bypass any validations and callbacks,
      drastically reducing the number of SQL queries and Gitaly RPC calls
      necessary to import projects.
      
      To ensure the code produces valid data the corresponding tests check if
      the produced rows are valid according to the model validation rules.
    • Refactor User.find_by_any_email · 44be82dd
      Yorick Peterse authored
      By using SQL::Union we can return a proper ActiveRecord::Relation,
      making it possible to select the columns we're interested in (instead of
      all of them).
  15. 06 Nov, 2017 2 commits
  16. 03 Nov, 2017 1 commit
  17. 02 Nov, 2017 2 commits
  18. 17 Oct, 2017 1 commit
  19. 16 Oct, 2017 1 commit
  20. 10 Oct, 2017 1 commit
  21. 07 Oct, 2017 1 commit
  22. 06 Oct, 2017 2 commits
    • Create idea of read-only database · d1366971
      Toon Claes authored
      In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo
      secondary node). But in GitLab CE it also might be useful to have the
      "read-only" idea around. So port it back to GitLab CE.
      
      Also having the principle of read-only in GitLab CE would hopefully
      lead to less errors introduced, doing write operations when there
      aren't allowed for read-only calls.
      
      Closes gitlab-org/gitlab-ce#37534.
  23. 05 Oct, 2017 1 commit
  24. 02 Oct, 2017 1 commit
  25. 01 Oct, 2017 1 commit
  26. 29 Sep, 2017 1 commit
  27. 28 Sep, 2017 6 commits
    • Support custom attributes on users · e9eae3eb
      Markus Koller authored
    • refactor emails service · 1dcb7111
      James Lopez authored
    • refactor users update service · 67d06dee
      James Lopez authored
    • refactor services to match EE signature · 9621dd0c
      James Lopez authored
    • Merge conflict resolution · d13349af
      Brian Neel authored
    • # This is a combination of 1 commit. · 8fa87ea3
      Brian Neel authored
      # This is the 1st commit message:
      Add logging for all web authentication events
      
      # This is the commit message #2:
      
      Re-add underscore to after_inactive_sign_up_path_for
      
      # This is the commit message #3:
      
      Standardize on username=
      
      # This is the commit message #4:
      
      after_filter -> after_action, _resource -> resource
      
      # This is the commit message #5:
      
      Add two-factor login failures and account lockouts
      
      # This is the commit message #6:
      
      Move logging from two-factor concern to user model
      
      # This is the commit message #7:
      
      Add spaces around default parameter assignments
      
      # This is the commit message #8:
      
      Move logs out of user model
      
      # This is the commit message #9:
      
      Replace filtered_params with user_params
      
      # This is the commit message #10:
      
      Standardize case
      
      # This is the commit message #1:
      
      Fixes for username and AppLogger.info
  28. 24 Sep, 2017 1 commit