From 49ad9b7e1034715fe48892a343b9dab44c611b44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Wed, 13 Mar 2019 13:24:03 +0000 Subject: [PATCH 01/12] Merge branch 'modify_group_policy' into 'master' Update group policy to reflect all the requirements See merge request gitlab-org/gitlab-ce!25854 (cherry picked from commit d8bbd3e78e2fe21048bf4c3ad58fd815c8339200) 0a706446 Modify group policy 8a37dd7a Add changelog to reflect changes 71e522a5 Remove not relevant changes 9559470b Remove not relevant changes --- app/policies/group_policy.rb | 3 ++- changelogs/unreleased/modify_group_policy.yml | 5 +++++ spec/features/security/group/private_access_spec.rb | 9 +++++---- 3 files changed, 12 insertions(+), 5 deletions(-) create mode 100644 changelogs/unreleased/modify_group_policy.yml diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb index e74e5f008d7..db49d3bed9c 100644 --- a/app/policies/group_policy.rb +++ b/app/policies/group_policy.rb @@ -26,7 +26,7 @@ class GroupPolicy < BasePolicy condition(:can_change_parent_share_with_group_lock) { can?(:change_share_with_group_lock, @subject.parent) } condition(:has_projects) do - GroupProjectsFinder.new(group: @subject, current_user: @user, options: { include_subgroups: true }).execute.any? + GroupProjectsFinder.new(group: @subject, current_user: @user, options: { include_subgroups: true, only_owned: true }).execute.any? end condition(:has_clusters, scope: :subject) { clusterable_has_clusters? } @@ -55,6 +55,7 @@ class GroupPolicy < BasePolicy rule { has_projects }.policy do enable :read_list enable :read_label + enable :read_group end rule { has_access }.enable :read_namespace diff --git a/changelogs/unreleased/modify_group_policy.yml b/changelogs/unreleased/modify_group_policy.yml new file mode 100644 index 00000000000..cd9fc340faa --- /dev/null +++ b/changelogs/unreleased/modify_group_policy.yml @@ -0,0 +1,5 @@ +--- +title: Allow project members to see private group if the project is in the group namespace +merge_request: +author: +type: fixed diff --git a/spec/features/security/group/private_access_spec.rb b/spec/features/security/group/private_access_spec.rb index 3238e07fe15..de38a2c0204 100644 --- a/spec/features/security/group/private_access_spec.rb +++ b/spec/features/security/group/private_access_spec.rb @@ -27,7 +27,7 @@ describe 'Private Group access' do it { is_expected.to be_allowed_for(:developer).of(group) } it { is_expected.to be_allowed_for(:reporter).of(group) } it { is_expected.to be_allowed_for(:guest).of(group) } - it { is_expected.to be_denied_for(project_guest) } + it { is_expected.to be_allowed_for(project_guest) } it { is_expected.to be_denied_for(:user) } it { is_expected.to be_denied_for(:external) } it { is_expected.to be_denied_for(:visitor) } @@ -42,7 +42,7 @@ describe 'Private Group access' do it { is_expected.to be_allowed_for(:developer).of(group) } it { is_expected.to be_allowed_for(:reporter).of(group) } it { is_expected.to be_allowed_for(:guest).of(group) } - it { is_expected.to be_denied_for(project_guest) } + it { is_expected.to be_allowed_for(project_guest) } it { is_expected.to be_denied_for(:user) } it { is_expected.to be_denied_for(:external) } it { is_expected.to be_denied_for(:visitor) } @@ -58,7 +58,7 @@ describe 'Private Group access' do it { is_expected.to be_allowed_for(:developer).of(group) } it { is_expected.to be_allowed_for(:reporter).of(group) } it { is_expected.to be_allowed_for(:guest).of(group) } - it { is_expected.to be_denied_for(project_guest) } + it { is_expected.to be_allowed_for(project_guest) } it { is_expected.to be_denied_for(:user) } it { is_expected.to be_denied_for(:external) } it { is_expected.to be_denied_for(:visitor) } @@ -73,7 +73,7 @@ describe 'Private Group access' do it { is_expected.to be_allowed_for(:developer).of(group) } it { is_expected.to be_allowed_for(:reporter).of(group) } it { is_expected.to be_allowed_for(:guest).of(group) } - it { is_expected.to be_denied_for(project_guest) } + it { is_expected.to be_allowed_for(project_guest) } it { is_expected.to be_denied_for(:user) } it { is_expected.to be_denied_for(:external) } it { is_expected.to be_denied_for(:visitor) } @@ -96,6 +96,7 @@ describe 'Private Group access' do describe 'GET /groups/:path for shared projects' do let(:project) { create(:project, :public) } + before do Projects::GroupLinks::CreateService.new( project, -- GitLab From 812b64ed86fd1c80658877488a6ea7c4372f2a07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= Date: Tue, 12 Mar 2019 11:08:27 +0000 Subject: [PATCH 02/12] Merge branch 'ce-9826-fix-broken-downstreams' into 'master' CE port for expanded pipelines See merge request gitlab-org/gitlab-ce!25859 (cherry picked from commit 71dbd613982c6f247b3897e2d012a261904178a4) 2dbf3da2 CE port for expanded pipelines --- .../pipelines/pipeline_details_mediator.js | 16 +++++++++++++++- .../pipelines/services/pipeline_service.js | 4 ++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/app/assets/javascripts/pipelines/pipeline_details_mediator.js b/app/assets/javascripts/pipelines/pipeline_details_mediator.js index bd1e1895660..d67d88c4dba 100644 --- a/app/assets/javascripts/pipelines/pipeline_details_mediator.js +++ b/app/assets/javascripts/pipelines/pipeline_details_mediator.js @@ -19,6 +19,7 @@ export default class pipelinesMediator { this.poll = new Poll({ resource: this.service, method: 'getPipeline', + data: this.store.state.expandedPipelines ? this.getExpandedParameters() : undefined, successCallback: this.successCallback.bind(this), errorCallback: this.errorCallback.bind(this), }); @@ -56,6 +57,19 @@ export default class pipelinesMediator { .getPipeline() .then(response => this.successCallback(response)) .catch(() => this.errorCallback()) - .finally(() => this.poll.restart()); + .finally(() => + this.poll.restart( + this.store.state.expandedPipelines ? this.getExpandedParameters() : undefined, + ), + ); + } + + /** + * Backend expects paramets in the following format: `expanded[]=id&expanded[]=id` + */ + getExpandedParameters() { + return { + expanded: this.store.state.expandedPipelines, + }; } } diff --git a/app/assets/javascripts/pipelines/services/pipeline_service.js b/app/assets/javascripts/pipelines/services/pipeline_service.js index a53a9cc8365..e44eb9cdfd1 100644 --- a/app/assets/javascripts/pipelines/services/pipeline_service.js +++ b/app/assets/javascripts/pipelines/services/pipeline_service.js @@ -5,8 +5,8 @@ export default class PipelineService { this.pipeline = endpoint; } - getPipeline() { - return axios.get(this.pipeline); + getPipeline(params) { + return axios.get(this.pipeline, { params }); } // eslint-disable-next-line class-methods-use-this -- GitLab From 9df7dda2d366174b80fd401b696931c638fb1b6c Mon Sep 17 00:00:00 2001 From: Douwe Maan Date: Mon, 11 Mar 2019 11:56:19 +0000 Subject: [PATCH 03/12] Merge branch 'sh-rugged-commit-tree-entry' into 'master' Bring back Rugged implementation of commit_tree_entry See merge request gitlab-org/gitlab-ce!25896 (cherry picked from commit 97357c5bb6594be793c1af332bed8f942f2d72d2) 4ee08fd1 Add back Rugged support for retrieving a commit tree entry --- .../sh-rugged-commit-tree-entry.yml | 5 ++++ lib/gitlab/git/commit.rb | 5 ++++ lib/gitlab/git/rugged_impl/commit.rb | 24 +++++++++++++++++++ lib/gitlab/git/rugged_impl/repository.rb | 2 +- spec/models/commit_spec.rb | 16 ++++++++++++- 5 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 changelogs/unreleased/sh-rugged-commit-tree-entry.yml diff --git a/changelogs/unreleased/sh-rugged-commit-tree-entry.yml b/changelogs/unreleased/sh-rugged-commit-tree-entry.yml new file mode 100644 index 00000000000..bcefa2c7112 --- /dev/null +++ b/changelogs/unreleased/sh-rugged-commit-tree-entry.yml @@ -0,0 +1,5 @@ +--- +title: Bring back Rugged implementation of commit_tree_entry +merge_request: 25896 +author: +type: other diff --git a/lib/gitlab/git/commit.rb b/lib/gitlab/git/commit.rb index 491e4b47196..e5bbd500e98 100644 --- a/lib/gitlab/git/commit.rb +++ b/lib/gitlab/git/commit.rb @@ -314,11 +314,16 @@ module Gitlab def tree_entry(path) return unless path.present? + commit_tree_entry(path) + end + + def commit_tree_entry(path) # We're only interested in metadata, so limit actual data to 1 byte # since Gitaly doesn't support "send no data" option. entry = @repository.gitaly_commit_client.tree_entry(id, path, 1) return unless entry + # To be compatible with the rugged format entry = entry.to_h entry.delete(:data) entry[:name] = File.basename(path) diff --git a/lib/gitlab/git/rugged_impl/commit.rb b/lib/gitlab/git/rugged_impl/commit.rb index 251802878c3..f6777dfa0c3 100644 --- a/lib/gitlab/git/rugged_impl/commit.rb +++ b/lib/gitlab/git/rugged_impl/commit.rb @@ -43,6 +43,30 @@ module Gitlab end end + override :commit_tree_entry + def commit_tree_entry(path) + if Feature.enabled?(:rugged_commit_tree_entry) + rugged_tree_entry(path) + else + super + end + end + + # Is this the same as Blob.find_entry_by_path ? + def rugged_tree_entry(path) + rugged_commit.tree.path(path) + rescue Rugged::TreeError + nil + end + + def rugged_commit + @rugged_commit ||= if raw_commit.is_a?(Rugged::Commit) + raw_commit + else + @repository.rev_parse_target(id) + end + end + def init_from_rugged(commit) author = commit.author committer = commit.committer diff --git a/lib/gitlab/git/rugged_impl/repository.rb b/lib/gitlab/git/rugged_impl/repository.rb index fe0120b1199..c0a91f59ab9 100644 --- a/lib/gitlab/git/rugged_impl/repository.rb +++ b/lib/gitlab/git/rugged_impl/repository.rb @@ -12,7 +12,7 @@ module Gitlab module Repository extend ::Gitlab::Utils::Override - FEATURE_FLAGS = %i(rugged_find_commit rugged_tree_entries rugged_tree_entry rugged_commit_is_ancestor).freeze + FEATURE_FLAGS = %i(rugged_find_commit rugged_tree_entries rugged_tree_entry rugged_commit_is_ancestor rugged_commit_tree_entry).freeze def alternate_object_directories relative_object_directories.map { |d| File.join(path, d) } diff --git a/spec/models/commit_spec.rb b/spec/models/commit_spec.rb index baad8352185..9d4e18534ae 100644 --- a/spec/models/commit_spec.rb +++ b/spec/models/commit_spec.rb @@ -542,7 +542,7 @@ eos end end - describe '#uri_type' do + shared_examples '#uri_type' do it 'returns the URI type at the given path' do expect(commit.uri_type('files/html')).to be(:tree) expect(commit.uri_type('files/images/logo-black.png')).to be(:raw) @@ -561,6 +561,20 @@ eos end end + describe '#uri_type with Gitaly enabled' do + it_behaves_like "#uri_type" + end + + describe '#uri_type with Rugged enabled', :enable_rugged do + it 'calls out to the Rugged implementation' do + allow_any_instance_of(Rugged::Tree).to receive(:path).with('files/html').and_call_original + + commit.uri_type('files/html') + end + + it_behaves_like '#uri_type' + end + describe '.from_hash' do let(:new_commit) { described_class.from_hash(commit.to_hash, project) } -- GitLab From 34e88a23c771aa467d0ae84d9357e8144cdbd9bf Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Wed, 13 Mar 2019 09:53:32 +0000 Subject: [PATCH 04/12] Merge branch 'docs/fix-group-transfer-docs' into 'master' Improve precision of group docs Closes #58635 See merge request gitlab-org/gitlab-ce!25950 (cherry picked from commit b3535a3c8bb8c928ddd4a49fd432984ee6d0d8ce) 3189179c Improve precision of group docs 7110fc1a Implement review comments --- doc/user/group/index.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/doc/user/group/index.md b/doc/user/group/index.md index c1f50bcc593..1fe8017adbc 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -168,20 +168,21 @@ Alternatively, you can [lock the sharing with group feature](#share-with-group-l In GitLab Enterprise Edition it is possible to manage GitLab group memberships using LDAP groups. See [the GitLab Enterprise Edition documentation](../../integration/ldap.md) for more information. -## Transfer groups to another group +## Transferring groups -From 10.5 there are two different ways to transfer a group: +From GitLab 10.5, groups can be transferred in the following ways: -- Either by transferring a group into another group (making it a subgroup of that group). -- Or by converting a subgroup into a root group (a group with no parent). +- Top-level groups can be transferred to a group, converting them into subgroups. +- Subgroups can be transferred to a new parent group. +- Subgroups can be transferred out from a parent group, converting them into top-level groups. -Please make sure to understand that: +When transferring groups, note: -- Changing a group's parent can have unintended side effects. See [Redirects when changing repository paths](https://docs.gitlab.com/ce/user/project/index.html#redirects-when-changing-repository-paths) -- You can only transfer the group to a group you manage. +- Changing a group's parent can have unintended side effects. See [Redirects when changing repository paths](../project/index.md#redirects-when-changing-repository-paths). +- You can only transfer groups to groups you manage. - You will need to update your local repositories to point to the new location. -- If the parent group's visibility is lower than the group current visibility, visibility levels for subgroups and projects will be changed to match the new parent group's visibility. -- Only explicit group membership is transferred, not the inherited membership. If this would leave the group without an owner, the transferring user is added as owner instead. +- If the parent group's visibility is lower than the group's current visibility, visibility levels for subgroups and projects will be changed to match the new parent group's visibility. +- Only explicit group membership is transferred, not inherited membership. If the group's owners have only inherited membership, this would leave the group without an owner. In this case, the user transferring the group becomes the group's owner. ## Group settings -- GitLab From 5689c471b6cf06ace405f3de74d2aa3c821f202f Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 11 Mar 2019 21:55:04 +0000 Subject: [PATCH 05/12] Merge branch 'jc-upgrade-gitaly-1.27.0' into 'master' Upgrading gitaly version to 1.27.0 See merge request gitlab-org/gitlab-ce!25986 (cherry picked from commit 183331cb2851e0d8a905dc5ea165926a171ab69a) 3fb64b4f Upgrading gitaly version to 1.27.0 --- GITALY_SERVER_VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 5ff8c4f5d2a..5db08bf2dc5 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -1.26.0 +1.27.0 -- GitLab From b610bb501bd785d80288a5fa771415e605eddfd9 Mon Sep 17 00:00:00 2001 From: Sanad Liaquat Date: Tue, 12 Mar 2019 12:39:26 +0000 Subject: [PATCH 06/12] Merge branch 'qa-quarantine-add-member-test' into 'master' Quarantine failing test See merge request gitlab-org/gitlab-ce!26028 (cherry picked from commit d20eee85698820982ee7526ae3ff019c7fe850c0) 3cbcb582 Quarantine failing test --- .../browser_ui/1_manage/project/add_project_member_spec.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb index 4070a225260..ff60e7064bf 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb @@ -1,7 +1,8 @@ # frozen_string_literal: true module QA - context 'Manage' do + # Failure issue: https://gitlab.com/gitlab-org/quality/staging/issues/45 + context 'Manage', :quarantine do describe 'Add project member' do it 'user adds project member' do Runtime::Browser.visit(:gitlab, Page::Main::Login) -- GitLab From 745fc6773681cd77a732c7b3273c84df2272bd18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= Date: Tue, 12 Mar 2019 17:26:07 +0000 Subject: [PATCH 07/12] Merge branch 'ce-9826-fix-broken-downstreams-backport-factory' into 'master' Backports EE change for expanded pipelines See merge request gitlab-org/gitlab-ce!26043 (cherry picked from commit 30e52b239ce9ac7ba83778e00f4b45d65e61a4a0) f8bac850 Backports EE change for expanded pipelines --- spec/factories/ci/pipelines.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/spec/factories/ci/pipelines.rb b/spec/factories/ci/pipelines.rb index 8a44ce52849..ee5d27355f1 100644 --- a/spec/factories/ci/pipelines.rb +++ b/spec/factories/ci/pipelines.rb @@ -82,6 +82,12 @@ FactoryBot.define do end end + trait :with_job do + after(:build) do |pipeline, evaluator| + pipeline.builds << build(:ci_build, pipeline: pipeline, project: pipeline.project) + end + end + trait :auto_devops_source do config_source { Ci::Pipeline.config_sources[:auto_devops_source] } end -- GitLab From 2a3472f07c9db87605c143270c4ea7f587a1005b Mon Sep 17 00:00:00 2001 From: Douglas Barbosa Alexandre Date: Tue, 12 Mar 2019 20:59:17 +0000 Subject: [PATCH 08/12] Merge branch 'sh-revert-rack-request-health-checks' into 'master' Fix health checks not working behind load balancers Closes #58573 See merge request gitlab-org/gitlab-ce!26055 (cherry picked from commit ef19ded4b0b5cc3aabb50b3432c8711f23a2742b) 01203e71 Fix health checks not working behind load balancers --- .../sh-revert-rack-request-health-checks.yml | 5 ++++ lib/gitlab/middleware/basic_health_check.rb | 8 ++++- lib/gitlab/request_context.rb | 8 ++++- .../middleware/basic_health_check_spec.rb | 29 +++++++++++++++++++ spec/lib/gitlab/request_context_spec.rb | 27 ++++++++++++++++- 5 files changed, 74 insertions(+), 3 deletions(-) create mode 100644 changelogs/unreleased/sh-revert-rack-request-health-checks.yml diff --git a/changelogs/unreleased/sh-revert-rack-request-health-checks.yml b/changelogs/unreleased/sh-revert-rack-request-health-checks.yml new file mode 100644 index 00000000000..5dd5e5b731c --- /dev/null +++ b/changelogs/unreleased/sh-revert-rack-request-health-checks.yml @@ -0,0 +1,5 @@ +--- +title: Fix health checks not working behind load balancers +merge_request: 26055 +author: +type: fixed diff --git a/lib/gitlab/middleware/basic_health_check.rb b/lib/gitlab/middleware/basic_health_check.rb index acf8c301b8f..84e49805428 100644 --- a/lib/gitlab/middleware/basic_health_check.rb +++ b/lib/gitlab/middleware/basic_health_check.rb @@ -24,7 +24,13 @@ module Gitlab def call(env) return @app.call(env) unless env['PATH_INFO'] == HEALTH_PATH - request = ActionDispatch::Request.new(env) + # We should be using ActionDispatch::Request instead of + # Rack::Request to be consistent with Rails, but due to a Rails + # bug described in + # https://gitlab.com/gitlab-org/gitlab-ce/issues/58573#note_149799010 + # hosts behind a load balancer will only see 127.0.0.1 for the + # load balancer's IP. + request = Rack::Request.new(env) return OK_RESPONSE if client_ip_whitelisted?(request) diff --git a/lib/gitlab/request_context.rb b/lib/gitlab/request_context.rb index d9811e036d3..f6d289476c5 100644 --- a/lib/gitlab/request_context.rb +++ b/lib/gitlab/request_context.rb @@ -13,7 +13,13 @@ module Gitlab end def call(env) - req = ActionDispatch::Request.new(env) + # We should be using ActionDispatch::Request instead of + # Rack::Request to be consistent with Rails, but due to a Rails + # bug described in + # https://gitlab.com/gitlab-org/gitlab-ce/issues/58573#note_149799010 + # hosts behind a load balancer will only see 127.0.0.1 for the + # load balancer's IP. + req = Rack::Request.new(env) Gitlab::SafeRequestStore[:client_ip] = req.ip diff --git a/spec/lib/gitlab/middleware/basic_health_check_spec.rb b/spec/lib/gitlab/middleware/basic_health_check_spec.rb index 187d903a5e1..86bdc479b66 100644 --- a/spec/lib/gitlab/middleware/basic_health_check_spec.rb +++ b/spec/lib/gitlab/middleware/basic_health_check_spec.rb @@ -28,6 +28,35 @@ describe Gitlab::Middleware::BasicHealthCheck do end end + context 'with X-Forwarded-For headers' do + let(:load_balancer_ip) { '1.2.3.4' } + + before do + env['HTTP_X_FORWARDED_FOR'] = "#{load_balancer_ip}, 127.0.0.1" + env['REMOTE_ADDR'] = '127.0.0.1' + env['PATH_INFO'] = described_class::HEALTH_PATH + end + + it 'returns 200 response when endpoint is allowed' do + allow(Settings.monitoring).to receive(:ip_whitelist).and_return([load_balancer_ip]) + expect(app).not_to receive(:call) + + response = middleware.call(env) + + expect(response[0]).to eq(200) + expect(response[1]).to eq({ 'Content-Type' => 'text/plain' }) + expect(response[2]).to eq(['GitLab OK']) + end + + it 'returns 404 when whitelist is not configured' do + allow(Settings.monitoring).to receive(:ip_whitelist).and_return([]) + + response = middleware.call(env) + + expect(response[0]).to eq(404) + end + end + context 'whitelisted IP' do before do env['REMOTE_ADDR'] = '127.0.0.1' diff --git a/spec/lib/gitlab/request_context_spec.rb b/spec/lib/gitlab/request_context_spec.rb index fd443cc1f71..3ed57c2c916 100644 --- a/spec/lib/gitlab/request_context_spec.rb +++ b/spec/lib/gitlab/request_context_spec.rb @@ -6,6 +6,31 @@ describe Gitlab::RequestContext do let(:app) { -> (env) {} } let(:env) { Hash.new } + context 'with X-Forwarded-For headers', :request_store do + let(:load_balancer_ip) { '1.2.3.4' } + let(:headers) do + { + 'HTTP_X_FORWARDED_FOR' => "#{load_balancer_ip}, 127.0.0.1", + 'REMOTE_ADDR' => '127.0.0.1' + } + end + + let(:env) { Rack::MockRequest.env_for("/").merge(headers) } + + it 'returns the load balancer IP' do + client_ip = nil + + endpoint = proc do + client_ip = Gitlab::SafeRequestStore[:client_ip] + [200, {}, ["Hello"]] + end + + Rails.application.middleware.build(endpoint).call(env) + + expect(client_ip).to eq(load_balancer_ip) + end + end + context 'when RequestStore::Middleware is used' do around do |example| RequestStore::Middleware.new(-> (env) { example.run }).call({}) @@ -15,7 +40,7 @@ describe Gitlab::RequestContext do let(:ip) { '192.168.1.11' } before do - allow_any_instance_of(ActionDispatch::Request).to receive(:ip).and_return(ip) + allow_any_instance_of(Rack::Request).to receive(:ip).and_return(ip) described_class.new(app).call(env) end -- GitLab From 2d4c1c46b5a8ad6f310362792b8aeb7a639390af Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Wed, 13 Mar 2019 10:48:49 +0000 Subject: [PATCH 09/12] Merge branch 'ce-9641-jira-connect-integration' into 'master' Filter Jira shared secret from logs See merge request gitlab-org/gitlab-ce!26077 (cherry picked from commit 6a3b59f8f93438c81afe8826d136f03be4eb0aa6) 36c91555 Filter Jira shared secret from logs --- config/application.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/application.rb b/config/application.rb index 1c11e347281..6bdf61edfb1 100644 --- a/config/application.rb +++ b/config/application.rb @@ -94,6 +94,7 @@ module Gitlab # - Webhook URLs (:hook) # - Sentry DSN (:sentry_dsn) # - File content from Web Editor (:content) + # - Jira shared secret (:sharedSecret) # # NOTE: It is **IMPORTANT** to also update gitlab-workhorse's filter when adding parameters here to not # introduce another security vulnerability: https://gitlab.com/gitlab-org/gitlab-workhorse/issues/182 @@ -108,6 +109,7 @@ module Gitlab trace variables content + sharedSecret ) # Enable escaping HTML in JSON. -- GitLab From d5fa495b8b3f0f9aed4af43987b17a80c8e3e5e6 Mon Sep 17 00:00:00 2001 From: Filipa Lacerda Date: Wed, 13 Mar 2019 13:36:14 +0000 Subject: [PATCH 10/12] Merge branch 'tz-load-emojis-from-server-not-cdn' into 'master' Removes the CDN loading for emojis.json See merge request gitlab-org/gitlab-ce!26102 --- app/assets/javascripts/emoji/index.js | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/app/assets/javascripts/emoji/index.js b/app/assets/javascripts/emoji/index.js index bb5085a1911..b9b3b344524 100644 --- a/app/assets/javascripts/emoji/index.js +++ b/app/assets/javascripts/emoji/index.js @@ -33,10 +33,7 @@ export function initEmojiMap() { } axiosInstance - .get( - `${gon.asset_host || ''}${gon.relative_url_root || - ''}/-/emojis/${EMOJI_VERSION}/emojis.json`, - ) + .get(`${gon.relative_url_root || ''}/-/emojis/${EMOJI_VERSION}/emojis.json`) .then(({ data }) => { emojiMap = data; validEmojiNames = [...Object.keys(emojiMap), ...Object.keys(emojiAliases)]; -- GitLab From b2d300f3b7fe5afba0a353e4364c6e379c2211be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Wed, 13 Mar 2019 13:38:28 +0000 Subject: [PATCH 11/12] Merge branch 'sh-fix-blank-codeowners-ce' into 'master' Fix 500 error caused by CODEOWNERS with no matches Closes gitlab-ee#10282 See merge request gitlab-org/gitlab-ce!26072 --- changelogs/unreleased/sh-fix-blank-codeowners-ce.yml | 5 +++++ lib/gitlab/user_extractor.rb | 1 + spec/lib/gitlab/user_extractor_spec.rb | 8 ++++++++ 3 files changed, 14 insertions(+) create mode 100644 changelogs/unreleased/sh-fix-blank-codeowners-ce.yml diff --git a/changelogs/unreleased/sh-fix-blank-codeowners-ce.yml b/changelogs/unreleased/sh-fix-blank-codeowners-ce.yml new file mode 100644 index 00000000000..05ea5869eb1 --- /dev/null +++ b/changelogs/unreleased/sh-fix-blank-codeowners-ce.yml @@ -0,0 +1,5 @@ +--- +title: Fix 500 error caused by CODEOWNERS with no matches +merge_request: 26072 +author: +type: fixed diff --git a/lib/gitlab/user_extractor.rb b/lib/gitlab/user_extractor.rb index 874599688bb..b41d085ee77 100644 --- a/lib/gitlab/user_extractor.rb +++ b/lib/gitlab/user_extractor.rb @@ -16,6 +16,7 @@ module Gitlab def users return User.none unless @text.present? + return User.none if references.empty? @users ||= User.from_union(union_relations) end diff --git a/spec/lib/gitlab/user_extractor_spec.rb b/spec/lib/gitlab/user_extractor_spec.rb index fcc05ab3a0c..6e2bb81fbda 100644 --- a/spec/lib/gitlab/user_extractor_spec.rb +++ b/spec/lib/gitlab/user_extractor_spec.rb @@ -48,6 +48,14 @@ describe Gitlab::UserExtractor do it 'includes all mentioned usernames' do expect(extractor.matches[:usernames]).to contain_exactly('user-1', 'user-2', 'user-4') end + + context 'input has no matching e-mail or usernames' do + it 'returns an empty list of users' do + extractor = described_class.new('My test') + + expect(extractor.users).to be_empty + end + end end describe '#references' do -- GitLab From 5841ecb7313090c8db931a525206c879256ba064 Mon Sep 17 00:00:00 2001 From: Mark Lapierre Date: Wed, 13 Mar 2019 10:56:00 +0000 Subject: [PATCH 12/12] Merge branch 'qa-staging-45-fix-add-project-member-spec' into 'master' Ignore user status emoji in assertion Closes gitlab-org/quality/staging#45 See merge request gitlab-org/gitlab-ce!26085 --- .../browser_ui/1_manage/project/add_project_member_spec.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb index ff60e7064bf..d8609aa037a 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb @@ -1,8 +1,7 @@ # frozen_string_literal: true module QA - # Failure issue: https://gitlab.com/gitlab-org/quality/staging/issues/45 - context 'Manage', :quarantine do + context 'Manage' do describe 'Add project member' do it 'user adds project member' do Runtime::Browser.visit(:gitlab, Page::Main::Login) @@ -20,7 +19,7 @@ module QA page.add_member(user.username) end - expect(page).to have_content("#{user.name} @#{user.username} Given access") + expect(page).to have_content(/#{user.name} (. )?@#{user.username} Given access/) end end end -- GitLab