- 07 4月, 2018 1 次提交
-
-
由 Mayra Cabrera 提交于
This will allow to download a repo using the token from the DeployToken
-
- 27 3月, 2018 1 次提交
-
-
由 Horatiu Eugen Vlad 提交于
-
- 28 2月, 2018 1 次提交
-
-
由 Horatiu Eugen Vlad 提交于
-
- 17 1月, 2018 1 次提交
-
-
由 Douwe Maan 提交于
[10.3] Migrate `can_push` column from `keys` to `deploy_keys_project` See merge request gitlab/gitlabhq!2276 (cherry picked from commit f6ca52d31bac350a23938e0aebf717c767b4710c) 1f2bd3c0 Backport to 10.3
-
- 23 11月, 2017 2 次提交
-
-
由 Douwe Maan 提交于
-
由 Markus Koller 提交于
-
- 09 11月, 2017 1 次提交
-
-
由 Stan Hu 提交于
-
- 02 11月, 2017 2 次提交
-
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
-
- 18 9月, 2017 1 次提交
-
-
由 Robin Bobbitt 提交于
Closes #37789
-
- 01 9月, 2017 1 次提交
-
-
由 Tiago Botelho 提交于
-
- 22 8月, 2017 1 次提交
-
-
由 Robin Bobbitt 提交于
-
- 03 8月, 2017 1 次提交
-
-
由 Robert Speicher 提交于
-
- 02 8月, 2017 1 次提交
-
-
由 Lin Jen-Shin 提交于
full_authentication_abilities. This is fine because we're going to check with can?(..) anyway
-
- 27 7月, 2017 1 次提交
-
-
由 Rémy Coutable 提交于
Remove superfluous lib: true, type: redis, service: true, models: true, services: true, no_db: true, api: true Signed-off-by: NRémy Coutable <remy@rymai.me>
-
- 13 7月, 2017 1 次提交
-
-
由 Robin Bobbitt 提交于
When sign-in is disabled: - skip password expiration checks - prevent password reset requests - don’t show Password tab in User Settings - don’t allow login with username/password for Git over HTTP requests - render 404 on requests to Profiles::PasswordsController
-
- 08 6月, 2017 1 次提交
-
-
由 Robin Bobbitt 提交于
If internal auth is disabled and LDAP is not configured on the instance, present the user with a message to create a personal access token if his Git over HTTP auth attempt fails.
-
- 06 6月, 2017 1 次提交
-
-
由 Z.J. van de Weg 提交于
-
- 05 6月, 2017 1 次提交
-
-
由 Z.J. van de Weg 提交于
This is the first commit doing mainly 3 things: 1. create a new scope and allow users to use it 2. Have the JWTController respond correctly on this 3. Updates documentation to suggest usage of PATs There is one gotcha, there will be no support for impersonation tokens, as this seems not needed. Fixes gitlab-org/gitlab-ce#19219
-
- 11 5月, 2017 1 次提交
-
-
由 Rémy Coutable 提交于
Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: NRémy Coutable <remy@rymai.me>
-
- 13 4月, 2017 1 次提交
-
-
由 Timothy Andrew 提交于
- We currently support fetching code with username = 'oauth2' and password = <access_token>. - Trying to _push_ code with the same credentials fails with an authentication error. - There's no reason this shouldn't be enabled, especially since we allow the OAuth client to create deploy keys with push access: https://docs.gitlab.com/ce/api/deploy_keys.html#add-deploy-key
-
- 07 3月, 2017 3 次提交
-
-
由 Markus Koller 提交于
-
由 Markus Koller 提交于
Gitlab::Auth.find_with_user_password is currently used in these places: - resource_owner_from_credentials in config/initializers/doorkeeper.rb, which is used for the OAuth Resource Owner Password Credentials flow - the /session API call in lib/api/session.rb, which is used to reveal the user's current authentication_token In both cases users should only be authenticated if they're in the active state.
-
由 Tiago Botelho 提交于
-
- 06 3月, 2017 3 次提交
-
-
由 Pawel Chojnacki 提交于
- cleanup formating in haml - clarify time window is in seconds - cleanup straneous chunks in db/schema - rename count_uniqe_ips to update_and_return_ips_count - other
-
由 Pawel Chojnacki 提交于
-
由 Pawel Chojnacki 提交于
-
- 01 3月, 2017 2 次提交
-
-
由 Tiago Botelho 提交于
-
由 Simon Vocella 提交于
-
- 23 2月, 2017 4 次提交
-
-
由 Douwe Maan 提交于
This reverts commit e00fb2bdc2090e9cabeb1eb35a2672a882cc96e9. # Conflicts: # .rubocop.yml # .rubocop_todo.yml # lib/gitlab/ci/config/entry/global.rb # lib/gitlab/ci/config/entry/jobs.rb # spec/lib/gitlab/ci/config/entry/factory_spec.rb # spec/lib/gitlab/ci/config/entry/global_spec.rb # spec/lib/gitlab/ci/config/entry/job_spec.rb # spec/lib/gitlab/ci/status/build/factory_spec.rb # spec/lib/gitlab/incoming_email_spec.rb
-
由 Douwe Maan 提交于
This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
-
- 31 1月, 2017 1 次提交
-
-
由 Drew Blessing 提交于
We accept half a dozen different authentication mechanisms for Git over HTTP. Fairly high in the list we were checking user password, which would also query LDAP. In the case of LFS, OAuth tokens or personal access tokens, we were unnecessarily hitting LDAP when the authentication will not succeed. This was causing some LDAP/AD systems to lock the account. Now, user password authentication is the last mechanism tried since it's the most expensive.
-
- 16 12月, 2016 2 次提交
-
-
由 Timothy Andrew 提交于
- The `scopes_form` partial can be used in the `admin/applications` view as well - Don't allow partials to access instance variables directly. Instead, pass in the instance variables as local variables, and use `local_assigns.fetch` to assert that the variables are passed in as expected. - Change a few instances of `render :partial` to `render` - Remove an instance of `required: false` in a view, since this is the default - Inline many instances of a local variable (`ip = 'ip'`) in `auth_spec`
-
由 Timothy Andrew 提交于
- This module is used for git-over-http, as well as JWT. - The only valid scope here is `api`, currently.
-
- 29 9月, 2016 1 次提交
-
-
由 Patricio Cano 提交于
Reset expiry time of token, if token is retrieved again before it expires.
-
- 20 9月, 2016 1 次提交
-
-
由 Kamil Trzcinski 提交于
-
- 19 9月, 2016 2 次提交
-
-
由 Kamil Trzcinski 提交于
Revert "Revert all changes introduced by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043" This reverts commit 6d43c95b.
-