BigW Consortium Gitlab

  1. 29 Jul, 2016 23 commits
    • Fix `git_push_service_spec` · c93a895a
      Timothy Andrew authored
      1. Caused by incorrect test setup. The user wasn't added to the project,
         so protected branch creation failed authorization.
      
      2. Change setup for a different test (`Event.last` to
         `Event.find_by_action`) because our `project.team << ...` addition
         was causing a conflict.
    • Authorize user before creating/updating a protected branch. · 6d841eaa
      Timothy Andrew authored
      1. This is a third line of defence (first in the view, second in the
         controller).
      
      2. Duplicate the `API::Helpers.to_boolean` method in `BaseService`. The
         other alternative is to `include API::Helpers`, but this brings with it
         a number of other methods that might cause conflicts.
      
      3. Return a 403 if authorization fails.
    • Have the `branches` API work with the new protected branches data model. · 01d190a8
      Timothy Andrew authored
      1. The new data model moves from `developers_can_{push,merge}` to
         `allowed_to_{push,merge}`.
      
      2. The API interface has not been changed. It still accepts
         `developers_can_push` and `developers_can_merge` as options. These
         attributes are inferred from the new data model.
      
      3. Modify the protected branch create/update services to translate from
         the API interface to our current data model.
    • Implement review comments from @axil. · 88fd401d
      Timothy Andrew authored
      1. Align "Allowed to Merge" and "Allowed to Push" dropdowns.
      
      2. Don't display a flash every time a protected branch is updated.
         Previously, we were using this so the test has something to hook onto
         before the assertion. Now we're using `wait_for_ajax` instead.
    • Remove duplicate specs from `git_access_spec` · a72d4491
      Timothy Andrew authored
      - Likely introduced during an improper conflict resolution.
    • Implement review comments from @dbalexandre. · 7b2ad2d5
      Timothy Andrew authored
      1. Remove `master_or_greater?` and `developer_or_greater?` in favor of
         `max_member_access`, which is a lot nicer.
      
      2. Remove a number of instances of `include Gitlab::Database::MigrationHelpers`
         in migrations that don't need this module. Also remove comments where
         not necessary.
      
      3. Remove duplicate entry in CHANGELOG.
      
      4. Move `ProtectedBranchAccessSelect` from Coffeescript to ES6.
      
      5. Split the `set_access_levels!` method in two - one each for `merge` and
         `push` access levels.
    • Add changelog entry. · 8e25ddc5
      Timothy Andrew authored
    • Admins count as masters too. · cc1cebdc
      Timothy Andrew authored
      1. In the context of protected branches.
      
      2. Test this behaviour.
    • Make specs compatible with PhantomJS versions < 2. · 4d6dadc8
      Timothy Andrew authored
      1. These versions of PhantomJS don't support `PATCH` requests, so we use
         a `POST` with `_method` set to `PATCH`.
    • Humanize protected branches' access levels at one location. · f2df2966
      Timothy Andrew authored
      1. The model now contains this humanization data, which is the once
         source of truth.
      
      2. Previously, this was being listed out in the dropdown component as well.
    • Fix all specs related to changes in !5081. · c647540c
      Timothy Andrew authored
      1. Remove `Project#developers_can_push_to_protected_branch?` since it
         isn't used anymore.
      
      2. Remove `Project#developers_can_merge_to_protected_branch?` since it
         isn't used anymore.
    • Fix default branch protection. · a9958ddc
      Timothy Andrew authored
      1. So it works with the new data model for protected branch access levels.
    • Update protected branches spec to work with the `select`s. · 9fa66147
      Timothy Andrew authored
      1. Get the existing spec passing.
      
      2. Add specs for all the access control options, both while creating and
         updating protected branches.
      
      3. Show a flash notice when updating protected branches, primarily so
         the spec knows when the update is done.
    • Allow setting "Allowed To Push/Merge" while creating a protected branch. · 12387b4d
      Timothy Andrew authored
      1. Reuse the same dropdown component that we used for updating these
         settings (`ProtectedBranchesAccessSelect`). Have it accept options
         for the parent container (so we can control the elements it sees) and
         whether or not to save changes via AJAX (we need this for update, but
         not create).
      
      2. Change the "Developers" option to "Developers + Masters", which is
         clearer.
      
      3. Remove `developers_can_push` and `developers_can_merge` from the
         model, since they're not needed anymore.
    • Enforce "No One Can Push" during git operations. · 828f6eb6
      Timothy Andrew authored
      1. The crux of this change is in `UserAccess`, which looks through all
         the access levels, asking each if the user has access to push/merge
         for the current project.
      
      2. Update the `protected_branches` factory to create access levels as
         necessary.
      
      3. Fix and augment `user_access` and `git_access` specs.
    • Add "No One Can Push" to the protected branches UI. · ab6096c1
      Timothy Andrew authored
      1. Move to dropdowns instead of checkboxes. One each for "Allowed to
         Push" and "Allowed to Merge"
      
      2. Refactor the `ProtectedBranches` coffeescript class into
         `ProtectedBranchesAccessSelect`.
      
      3. Modify the backend to accept the new parameters.
    • Add seeds for protected branches. · f8a04e15
      Timothy Andrew authored
    • Use the `{Push,Merge}AccessLevel` models in the UI. · 134fe5af
      Timothy Andrew authored
      1. Improve error handling while creating protected branches.
      
      2. Modify coffeescript code so that the "Developers can *" checkboxes
         send a '1' or '0' even when using AJAX. This lets us keep the backend
         code simpler.
      
      3. Use services for both creating and updating protected branches.
         Destruction is taken care of with `dependent: :destroy`
    • Add models for the protected branch access levels. · 21bece44
      Timothy Andrew authored
      - And hook up their associations.
    • Add a series of migrations changing the model-level design of protected branch access levels. · f1e46d1e
      Timothy Andrew authored
      1. Remove the `developers_can_push` and `developers_can_merge` boolean
         columns.
      
      2. Add two new tables, `protected_branches_push_access`, and
         `protected_branches_merge_access`. Each row of these 'access' tables is
         linked to a protected branch, and uses a `access_level` column to
         figure out settings for the protected branch.
      
      3. The `access_level` column is intended to be used with rails' `enum`,
         with `:masters` at index 0 and `:developers` at index 1.
      
      4. Doing it this way has a few advantages:
      
         - Cleaner path to planned EE features where a protected branch is
           accessible only by certain users or groups.
      
         - Rails' `enum` doesn't allow a declaration like this due to the
           duplicates. This approach doesn't have this problem.
      
             enum can_be_pushed_by: [:masters, :developers]
             enum can_be_merged_by: [:masters, :developers]
    • Merge branch 'cache-commit-author-lookup' into 'master' · 9b0e131b
      Yorick Peterse authored
      Cache the commit author in RequestStore to avoid extra lookups in PostReceive
      
      See merge request !5537
    • Merge branch… · 5161983b
      Yorick Peterse authored
      Merge branch '17073-tagscontroller-index-is-terrible-response-time-goes-up-to-5-seconds' into 'master'
      
      Update to gitlab_git 10.4.1 and take advantage of preserved Ref objects
      
      See merge request !5536
  2. 28 Jul, 2016 17 commits