- 11 Jan, 2017 1 commit
-
-
Mark Fletcher authored
-
- 04 Jan, 2017 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 03 Jan, 2017 1 commit
-
-
Robert Schilling authored
-
- 12 Dec, 2016 1 commit
-
-
Rémy Coutable authored
The issue was arising when `#current_user` was called a second time after a user was impersonated: the `User#is_admin?` check would be performed on it and it would fail. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 07 Dec, 2016 1 commit
-
-
tiagonbotelho authored
-
- 28 Nov, 2016 1 commit
-
-
Livier authored
Restore changes for api spec files Fix error in rspec Users Delete extra space Repositories-spec
-
- 21 Nov, 2016 1 commit
-
-
Robert Schilling authored
-
- 08 Nov, 2016 1 commit
-
-
Yatish Mehta authored
-
- 24 Oct, 2016 3 commits
-
-
Airat Shigapov authored
Make events order spec deterministic, create only 3 record instead of 5, explicitely check for events order
-
Airat Shigapov authored
-
Airat Shigapov authored
-
- 21 Oct, 2016 1 commit
-
-
Airat Shigapov authored
-
- 11 Oct, 2016 2 commits
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 10 Oct, 2016 5 commits
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 27 Sep, 2016 3 commits
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
* Add newline to user organization spec according to test guide * Remove unnecessary comments from user organization database migration Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 31 Aug, 2016 1 commit
-
-
Timothy Andrew authored
- This would allow anyone with a personal access token (even a read-only token, once scopes are implemented) to escalate their access by obtaining the private token.
-
- 11 Aug, 2016 1 commit
-
-
Stan Hu authored
There is a race condition in DestroyGroupService now that projects are deleted asynchronously: 1. User attempts to delete group 2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project 3. DestroyGroupService destroys the Group, leaving all its projects without a namespace 4. Projects::DestroyService runs later but the can?(current_user, :remove_project) is `false` because the user no longer has permission to destroy projects with no namespace. 5. This leaves the project in pending_delete state with no namespace/group. Projects without a namespace or group also adds another problem: it's not possible to destroy the container registry tags, since container_registry_path_with_namespace is the wrong value. The fix is to destroy the group asynchronously and to run execute directly on Projects::DestroyService. Closes #17893
-
- 09 Aug, 2016 2 commits
-
-
Connor Shea authored
-
tiagonbotelho authored
-
- 01 Jul, 2016 1 commit
-
-
Grzegorz Bizon authored
-
- 27 Jun, 2016 1 commit
-
-
Z.J. van de Weg authored
-
- 03 Jun, 2016 2 commits
-
-
James Lopez authored
This reverts commit 3e991230.
-
James Lopez authored
# Conflicts: # app/models/project.rb
-
- 31 May, 2016 1 commit
-
-
Felipe Artur authored
-
- 28 Apr, 2016 2 commits
-
-
Timothy Andrew authored
- Makes the MR easier to read; this can go in a separate MR - This is a (sort of) revert of 99bea01
-
Timothy Andrew authored
-
- 18 Apr, 2016 1 commit
-
-
Felipe Artur authored
-
- 17 Mar, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
-
- 13 Mar, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
The user has the rights of a public user execpt it can never create a project, group, or team. Also it cant view internal projects.
-
- 04 Mar, 2016 1 commit
-
-
evuez authored
Added fields are last_sign_in_at and confirmed_at. They are available for GET /users/ and GET /users/:id for admins. Closes #840
-
- 08 Jan, 2016 1 commit
-
-
Gabriel Mazetto authored
-
- 24 Dec, 2015 1 commit
-
-
Stan Hu authored
Needed to support Huboard
-
- 07 Dec, 2015 1 commit
-
-
Robert Speicher authored
-