- 25 7月, 2017 1 次提交
-
-
由 Oswaldo Ferreira 提交于
-
- 24 7月, 2017 1 次提交
-
-
由 Jarka Kadlecova 提交于
-
- 20 7月, 2017 1 次提交
-
-
由 Dmitriy Zaporozhets 提交于
New version of the gem returns 200 status code on delete with content instead of 204 so we explicitly set status code to keep existing behavior Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 18 7月, 2017 1 次提交
-
-
由 Andrew Newdigate 提交于
-
- 14 7月, 2017 1 次提交
-
-
由 Stan Hu 提交于
Somehow Rails.cache.fetch occasionally returns `nil` values, which causes this endpoint to crash. Closes #35094
-
- 13 7月, 2017 1 次提交
-
-
由 Robin Bobbitt 提交于
When sign-in is disabled: - skip password expiration checks - prevent password reset requests - don’t show Password tab in User Settings - don’t allow login with username/password for Git over HTTP requests - render 404 on requests to Profiles::PasswordsController
-
- 12 7月, 2017 1 次提交
-
-
由 Rémy Coutable 提交于
Signed-off-by: NRémy Coutable <remy@rymai.me>
-
- 11 7月, 2017 4 次提交
- 09 7月, 2017 1 次提交
-
-
由 Stan Hu 提交于
Closes #34159
-
- 08 7月, 2017 2 次提交
-
-
由 Stan Hu 提交于
Identified via `ENABLE_BULLET=1 bundle exec rspec spec/requests/api/merge_requests_spec.rb:34` Improves speed of #34159
-
由 Kim "BKC" Carlbäcker 提交于
- Make single gitaly payload - Add feature-flag specs to verify payload
-
- 07 7月, 2017 6 次提交
-
-
由 Felipe Artur 提交于
-
由 James Lopez 提交于
-
由 James Lopez 提交于
-
由 Kamil Trzcinski 提交于
-
由 James Lopez 提交于
-
由 Rémy Coutable 提交于
Signed-off-by: NRémy Coutable <remy@rymai.me>
-
- 06 7月, 2017 7 次提交
-
-
由 James Lopez 提交于
-
由 James Lopez 提交于
-
由 James Lopez 提交于
-
由 Rémy Coutable 提交于
Signed-off-by: NRémy Coutable <remy@rymai.me>
-
由 vanadium23 提交于
-
由 Douwe Maan 提交于
-
- 05 7月, 2017 2 次提交
-
-
由 Nick Thomas 提交于
-
由 Lin Jen-Shin 提交于
-
- 04 7月, 2017 3 次提交
-
-
由 Timothy Andrew 提交于
- Rather than using an explicit check to turn off authentication for the `/users` endpoint, simply call `authenticate_non_get!`. - All `GET` endpoints we wish to restrict already call `authenticated_as_admin!`, and so remain inacessible to anonymous users. - This _does_ open up the `/users/:id` endpoint to anonymous access. It contains the same access check that `/users` users, and so is safe for use here. - More context: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12445#note_34031323
-
由 Stan Hu 提交于
Repository#commits is expensive because it has to use Rugged to walk the Git tree as opposed to doing a direct ref lookup. Improves performance in #34533
-
由 Lin Jen-Shin 提交于
-
- 30 6月, 2017 3 次提交
-
-
由 Timothy Andrew 提交于
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC` visibility level is not restricted. - Further, as before, `/api/v4/users` is only accessible to unauthenticated users if the `username` parameter is passed. - Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual route + method, rather than the description. - Change the type of `current_user` check in `UsersFinder` to be more compatible with EE.
-
由 Timothy Andrew 提交于
- There's no need to use `API::Scope` for scopes that don't have `if` conditions, such as in `lib/gitlab/auth.rb`.
-
由 http://jneen.net/ 提交于
-
- 29 6月, 2017 4 次提交
-
-
由 Timothy Andrew 提交于
- To represent an authorization scope, such as `api` or `read_user` - This is a better abstraction than the hash we were previously using.
-
由 Oswaldo Ferreira 提交于
-
由 Oswaldo Ferreira 提交于
-
由 Rémy Coutable 提交于
Signed-off-by: NRémy Coutable <remy@rymai.me>
-
- 28 6月, 2017 1 次提交
-
-
由 Tiago Botelho 提交于
-