- 30 Jun, 2017 1 commit
-
-
Timothy Andrew authored
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC` visibility level is not restricted. - Further, as before, `/api/v4/users` is only accessible to unauthenticated users if the `username` parameter is passed. - Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual route + method, rather than the description. - Change the type of `current_user` check in `UsersFinder` to be more compatible with EE.
-
- 29 Jun, 2017 1 commit
-
-
http://jneen.net/ authored
-
- 27 Jun, 2017 1 commit
-
-
http://jneen.net/ authored
-
- 12 Apr, 2017 1 commit
-
-
Grzegorz Bizon authored
-
- 09 Mar, 2017 1 commit
-
-
http://jneen.net/ authored
to make sure we mean the global permissions
-
- 23 Feb, 2017 1 commit
-
-
Douwe Maan authored
-
- 18 Jan, 2017 2 commits
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 30 Aug, 2016 11 commits
-
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-
http://jneen.net/ authored
-