提交 · 07fc79e7c53a4fa7c4dd33835b905dfa8a609ff8 · 李少辉-开发者 / gitlab-foss

31 5月, 2017 1 次提交

Handle `membership` in ProjectFinder · 07fc79e7

由 Toon Claes 提交于 5月 23, 2017

The ProjectFinder supports the `non_public` parameter. This can be used to find
only projects the user is member of.

07fc79e7

11 5月, 2017 1 次提交
- R
  Enable the Style/TrailingCommaInArguments cop · 3db37e05
  由 Rémy Coutable 提交于 5月 03, 2017
```
Use the EnforcedStyleForMultiline: no_comma option.
Signed-off-by: NRémy Coutable <remy@rymai.me>
```
  3db37e05
10 5月, 2017 1 次提交
- B
  
  Use new SnippetsFinder signature in API · ebd8b7f6
  由 Bob Van Landuyt 提交于 5月 10, 2017
  
  ebd8b7f6
26 4月, 2017 1 次提交

Allow admins to sudo to blocked users. · 4dfdef2d

由 Timothy Andrew 提交于 4月 21, 2017

- Currently, (for example) admins can't delete snippets for blocked users, which
  is an unexpected limitation.

- We modify `authenticate!` to conduct the `access_api` policy check against the
  `initial_current_user`, instead of the user being impersonated.

- Update CHANGELOG for !10842

4dfdef2d

09 4月, 2017 1 次提交
- B
  
  Remove the User#is_admin? method · 11aff97d
  由 blackst0ne 提交于 4月 09, 2017
  
  11aff97d
27 3月, 2017 1 次提交

API: Make the /notes endpoint work with noteable iid instead of id · add5cd99

由 Toon Claes 提交于 3月 27, 2017

In API V4 all endpoints were changed so Merge Requests and Issues
should be referred by iid, instead of id. Except the /notes endpoint
was forgotten. So change the endpoints from:

- /projects/:id/issues/:issue_id/notes
- /projects/:id/merge_requests/:merge_request_id/notes

To:

- /projects/:id/issues/:issue_iid/notes
- /projects/:id/merge_requests/:merge_request_iid/notes

For Project Snippets nothing changes.

add5cd99

22 3月, 2017 1 次提交
- G
  
  Remove out-of-scope changes for multi-level images · 68a2fa54
  由 Grzegorz Bizon 提交于 3月 22, 2017
  
  68a2fa54
10 3月, 2017 2 次提交
- H
  
  use the policy stack to protect logins · 0ea04cc5
  由 http://jneen.net/ 提交于 2月 28, 2017
  
  0ea04cc5
- H
  use a magic default :global symbol instead of nil · 846e5817
  由 http://jneen.net/ 提交于 2月 28, 2017
```
to make sure we mean the global permissions
```
  846e5817
07 3月, 2017 2 次提交

API routes referencing a specific merge request should use the MR `iid` · 71932711

由 Timothy Andrew 提交于 2月 25, 2017

- As opposed to the `id` that was previously being used.
- This brings the API routes closer to the web interface's routes.
- This is specific to API v4.

71932711

API routes referencing a specific issue should use the issue `iid` · dd996223

由 Timothy Andrew 提交于 2月 25, 2017

- As opposed to the issue `id` that was previously being used.
- This brings the API routes closer to the web interface's routes.
- This is specific to API v4.

dd996223

06 3月, 2017 2 次提交
- P
  
  Test various login scenarios if the limit gets enforced · 8993801f
  由 Pawel Chojnacki 提交于 2月 17, 2017
  
  8993801f
- A
  
  Remove "subscribed" field from API responses returning list of issues or merge requests · c727d432
  由 Adam Niedzielski 提交于 3月 06, 2017
  
  c727d432
03 3月, 2017 2 次提交
- T
  Rename query parameter to `membership` · 63576356
  由 Toon Claes 提交于 3月 03, 2017
```
The query parameter `membership` should be more self-explaining.
```
  63576356
- O
  
  Add filter param for authorized projects for current_user for V4 · 06e96907
  由 Oswaldo Ferreira 提交于 3月 02, 2017
  
  06e96907
02 3月, 2017 3 次提交

Use string based `visibility` getter & setter · a3fdd6ac

由 Toon Claes 提交于 3月 01, 2017

Add `visibility` & `visibility=` methods to the
`Gitlab::VisibilityLevel` module so the `visibility_level` can be
get/set with a string value.

a3fdd6ac

Expose Project's & ProjectSnippet's VisibilityLevel as String · b2c2dfe5

由 Toon Claes 提交于 3月 01, 2017

Instead of exposing the VisibilityLevel as Integer, expose it as
String `visibility` for Project and ProjectSnippet.

Filter queries also accept the `visibility` as String instead of
`visibility_level` as Integer.

Also remove the `public` boolean.

b2c2dfe5

M
Enable filtering milestones by search criteria in the API · 61baf352
由 Mark Fletcher 提交于 2月 28, 2017
```
- Also remove a redundant test
```
61baf352

24 2月, 2017 1 次提交
- O
  
  Return 202 with JSON body on async removals on V4 API · 2b001d9e
  由 Oswaldo 提交于 2月 22, 2017
  
  2b001d9e
23 2月, 2017 1 次提交
- D
  
  Enable Style/MutableConstant · b7d8df50
  由 Douwe Maan 提交于 2月 21, 2017
  
  b7d8df50
22 2月, 2017 3 次提交
- A
  
  Adding registry endpoint authorization · 246df2bd
  由 Andre Guedes 提交于 12月 13, 2016
  
  246df2bd
- D
  
  No more and/or · f40716f4
  由 Douwe Maan 提交于 2月 21, 2017
  
  f40716f4
- O
  
  Spam check and reCAPTCHA improvements · 2ace39f2
  由 Oswaldo Ferreira 提交于 2月 14, 2017
  
  2ace39f2
20 2月, 2017 1 次提交
- R
  
  Use grape validation for dates · 612e61f4
  由 Robert Schilling 提交于 2月 20, 2017
  
  612e61f4
14 2月, 2017 1 次提交

API: Consolidate /projects endpoint · 4e9e29d2

由 Toon Claes 提交于 2月 01, 2017

It consolidates these endpoints:
 - /projects
 - /projects/owned
 - /projects/visible
 - /projects/starred
 - /projects/all

Into the /projects endpoint using query parameters.

4e9e29d2

03 2月, 2017 2 次提交
- R
  
  API: Fix file downloading · 6e1d675d
  由 Robert Schilling 提交于 2月 03, 2017
  
  6e1d675d
- A
  replace `find_with_namespace` with `find_by_full_path` · a0586dbc
  由 Adam Pahlevi 提交于 2月 03, 2017
```
add complete changelog for !8949
```
  a0586dbc
24 1月, 2017 1 次提交
- R
  Merge branch 'fix-api-mr-permissions' into 'security' · 3a5df1d8
  由 Robert Speicher 提交于 1月 03, 2017
```
Ensure that only privileged users can access merge requests in the API

See merge request !2053
```
  3a5df1d8
20 1月, 2017 2 次提交
- K
  
  Fix specs · d8e440c8
  由 Kamil Trzcinski 提交于 1月 19, 2017
  
  d8e440c8
- K
  
  Fix specs · 31af6be0
  由 Kamil Trzcinski 提交于 1月 19, 2017
  
  31af6be0
19 1月, 2017 1 次提交

Add some API endpoints for time tracking. · 0f3c9355

由 Ruben Davila 提交于 1月 18, 2017

New endpoints are:

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_estimate"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_time_estimate"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/add_spent_time"

POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_spent_time"

GET :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_stats"

0f3c9355

16 1月, 2017 1 次提交
- R
  
  Fix a API deprecation warning · 1cccb378
  由 Robert Schilling 提交于 1月 16, 2017
  
  1cccb378
04 1月, 2017 1 次提交

WIP: Add tests and make sure that headers are set · 8c9a4ed3

由 Lin Jen-Shin 提交于 1月 04, 2017

* We realized that headers were not set whenever we give 204
  because `render_api_error!` doesn't preserve the headers.

* We also realized that `update_runner_info` would be called in
  POST /builds/register every time therefore runner is updated
  every time, ticking the queue, making this last_update didn't
  work very well, and the test would be failing due to that.

8c9a4ed3

24 12月, 2016 1 次提交
- R
  Fix a Grape deprecation, use `#request_method` instead of `#route_method` · 1b109c99
  由 Rémy Coutable 提交于 12月 23, 2016
```
Signed-off-by: NRémy Coutable <remy@rymai.me>
```
  1b109c99
21 12月, 2016 2 次提交

Add more storage statistics · 3ef4f74b

由 Markus Koller 提交于 11月 22, 2016

This adds counters for build artifacts and LFS objects, and moves
the preexisting repository_size and commit_count from the projects
table into a new project_statistics table.

The counters are displayed in the administration area for projects
and groups, and also available through the API for admins (on */all)
and normal users (on */owned)

The statistics are updated through ProjectCacheWorker, which can now
do more granular updates with the new :statistics argument.

3ef4f74b

G
Remove redundant pagination helpers after a bad merge · 468b47d4
由 Grzegorz Bizon 提交于 12月 21, 2016
```
[ci skip]
```
468b47d4

16 12月, 2016 1 次提交

Calls to the API are checked for scope. · 7fa06ed5

由 Timothy Andrew 提交于 11月 22, 2016

- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`

7fa06ed5

13 12月, 2016 1 次提交
- R
  Be smarter when finding a sudoed user in API::Helpers · d95b709a
  由 Rémy Coutable 提交于 12月 13, 2016
```
Signed-off-by: NRémy Coutable <remy@rymai.me>
```
  d95b709a
12 12月, 2016 1 次提交

API: Memoize the current_user so that the sudo can work properly · 2f45d3bc

由 Rémy Coutable 提交于 12月 09, 2016

The issue was arising when `#current_user` was called a second time
after a user was impersonated: the `User#is_admin?` check would be
performed on it and it would fail.
Signed-off-by: NRémy Coutable <remy@rymai.me>

2f45d3bc

10 12月, 2016 1 次提交
- R
  
  Grapify the service API · 593c9121
  由 Robert Schilling 提交于 12月 05, 2016
  
  593c9121