- 28 Sep, 2016 1 commit
-
-
Rémy Coutable authored
Changes include: - Ensure Member.add_user is not called directly when not necessary - New GroupMember.add_users_to_group to have the same abstraction level as for Project - Refactor Member.add_user to take a source instead of an array of members - Fix Rubocop offenses - Always use Project#add_user instead of project.team.add_user - Factorize users addition as members in Member.add_users_to_source - Make access_level a keyword argument in GroupMember.add_users_to_group and ProjectMember.add_users_to_projects - Destroy any requester before adding them as a member - Improve the way we handle access requesters in Member.add_user Instead of removing the requester and creating a new member, we now simply accepts their access request. This way, they will receive a "access request granted" email. - Fix error that was previously silently ignored - Stop raising when access level is invalid in Member, let Rails validation do their work Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 22 Sep, 2016 3 commits
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 15 Sep, 2016 1 commit
-
-
Patricio Cano authored
Groups can enable/disable LFS, but this setting can be overridden at the project level. Admin only
-
- 18 Aug, 2016 1 commit
-
-
Sean McGivern authored
-
- 02 Aug, 2016 1 commit
-
-
Adam Niedzielski authored
-
- 05 Jul, 2016 1 commit
-
-
Robert Speicher authored
`avatar.present?` goes through CarrierWave, and checks that the file exists on disk and checks its filesize. Because we're hitting the disk, this adds extra overhead to something where the worst-case scenario is rendering a broken image. Instead, we now just check that the _database attribute_ is present, which is good enough for our purposes. See https://gitlab.com/gitlab-org/gitlab-ce/issues/19273
-
- 01 Jul, 2016 1 commit
-
-
Rémy Coutable authored
And create new Project#requesters, Group#requesters scopes. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 24 Jun, 2016 1 commit
-
-
Rémy Coutable authored
The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 16 Jun, 2016 3 commits
-
-
James Lopez authored
This reverts commit 13e37a3e.
-
James Lopez authored
-
Yorick Peterse authored
This allows the owners to be eager loaded where needed.
-
- 14 Jun, 2016 3 commits
-
-
Rémy Coutable authored
+ Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 03 Jun, 2016 2 commits
-
-
James Lopez authored
This reverts commit 3e991230.
-
James Lopez authored
# Conflicts: # app/models/project.rb
-
- 09 May, 2016 1 commit
-
-
Jeroen van Baarsen authored
In 8278b763 the default behaviour of annotation has changes, which was causing a lot of noise in diffs. We decided in #17382 that it is better to get rid of the whole annotate gem, and instead let people look at schema.rb for the columns in a table. Fixes: #17382
-
- 06 May, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
-
- 19 Apr, 2016 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 30 Mar, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 21 Mar, 2016 1 commit
-
-
Douwe Maan authored
-
- 20 Mar, 2016 1 commit
-
-
Douwe Maan authored
-
- 18 Mar, 2016 1 commit
-
-
Zeger-Jan van de Weg authored
-
- 11 Mar, 2016 3 commits
-
-
Yorick Peterse authored
We can just use "arel_table" in these cases instead of "SomeClass.arel_table".
-
Yorick Peterse authored
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 10 Mar, 2016 3 commits
-
-
Felipe Artur authored
Prevent Groups to have smaller visibility than projects Add default_group_visibility_level to configuration Code improvements
-
Felipe Artur authored
-
Felipe Artur authored
-
- 22 Jan, 2016 1 commit
-
-
Rubén Dávila authored
-
- 20 Jan, 2016 1 commit
-
-
Rubén Dávila authored
-
- 06 Jan, 2016 1 commit
-
-
Stan Hu authored
-
- 04 Jan, 2016 1 commit
-
-
Valery Sizov authored
-
- 18 Nov, 2015 1 commit
-
-
Yorick Peterse authored
These methods will be used to get a list of groups, optionally restricted to only those visible to a given user.
-
- 17 Nov, 2015 1 commit
-
-
Douwe Maan authored
-
- 13 Nov, 2015 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 11 Nov, 2015 1 commit
-
-
James Lopez authored
refactored code as projects only have one owner. Kept some refactoring in place (has_owners concern)
-
- 05 Nov, 2015 1 commit
-
-
Valery Sizov authored
-