提交 · ed81ee9ba2b5a0b68996ccb238bfa4c69a6df062 · 李少辉-开发者 / gitlab-foss

27 7月, 2018 3 次提交
- S
  Revert "Merge branch '41416-making-instance-wide-data-tools-more-accessible' into 'master'" · ed81ee9b
  由 Sean McGivern 提交于 7月 27, 2018
```
This reverts merge request !20679
```
  ed81ee9b
- B
  
  Spec instance statistics · 61b0e8ca
  由 Bob Van Landuyt 提交于 7月 25, 2018
  
  61b0e8ca
- L
  
  Add read_instance_statistics global policy · 01fd71ad
  由 Luke Bennett 提交于 7月 23, 2018
  
  01fd71ad
25 7月, 2018 1 次提交
- G
  Enable frozen string in presenters and policies · d5bf57a6
  由 gfyoung 提交于 7月 24, 2018
```
Enable frozen string in:

* app/presenters
* app/policies

Partially addresses #47424.
```
  d5bf57a6
10 5月, 2018 2 次提交

Allows `access_(git|api)` to anonymous users · d801dd17

由 Bob Van Landuyt 提交于 5月 09, 2018

The `access_git` and `access_api` were currently never checked for
anonymous users. And they would also be allowed access:

  An anonymous user can clone and pull from a public repo

  An anonymous user can request public information from the API

So the policy didn't actually reflect what we were enforcing.

d801dd17

Block access to API & git when terms are enforced · f7f13f9d

由 Bob Van Landuyt 提交于 5月 08, 2018

When terms are enforced, but the user has not accepted the terms
access to the API & git is rejected with a message directing the user
to the web app to accept the terms.

f7f13f9d

29 9月, 2017 2 次提交
- P
  
  moved fork checks into policies · 93aa6d04
  由 Phil Hughes 提交于 9月 29, 2017
  
  93aa6d04
- M
  
  Support custom attributes on users · e9eae3eb
  由 Markus Koller 提交于 9月 28, 2017
  
  e9eae3eb
01 8月, 2017 1 次提交
- L
  
  Allow logged in users to read user list under public restriction · 0d35b081
  由 Lin Jen-Shin (godfat) 提交于 8月 01, 2017
  
  0d35b081
25 7月, 2017 1 次提交
- L
  
  Allow admin to read_users_list even if it's restricted · 25e44edc
  由 Lin Jen-Shin 提交于 7月 25, 2017
  
  25e44edc
03 7月, 2017 1 次提交
- T
  Implement review comments for !12445 from @jneen. · 96e98632
  由 Timothy Andrew 提交于 7月 03, 2017
```
- Fix duplicate `prevent` declaration
- Add spec for `GlobalPolicy`
```
  96e98632
30 6月, 2017 1 次提交

Implement review comments for !12445 from @godfat and @rymai. · 3c88a786

由 Timothy Andrew 提交于 6月 29, 2017

- Use `GlobalPolicy` to authorize the users that a non-authenticated user can
  fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC`
  visibility level is not restricted.

- Further, as before, `/api/v4/users` is only accessible to unauthenticated users if
  the `username` parameter is passed.

- Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual
  route + method, rather than the description.

- Change the type of `current_user` check in `UsersFinder` to be more
  compatible with EE.

3c88a786

28 6月, 2017 1 次提交
- H
  
  convert all the policies to DeclarativePolicy · 37c40143
  由 http://jneen.net/ 提交于 4月 06, 2017
  
  37c40143
15 6月, 2017 1 次提交

Rename "Slash commands" to "Quick actions" · ea090291

由 Eric Eastwood 提交于 5月 31, 2017

Fix https://gitlab.com/gitlab-org/gitlab-ce/issues/27070

Deprecate "chat commands" in favor of "slash commands"

We looked for things like:

 - `slash commmand`
 - `slash_command`
 - `slash-command`
 - `SlashCommand`

ea090291

07 4月, 2017 1 次提交
- F
  
  Backport permissions and multi-line array to CE · 60c121eb
  由 Felipe Artur 提交于 4月 06, 2017
  
  60c121eb
10 3月, 2017 3 次提交
- H
  
  use policies to protect sending email · f7a111e9
  由 http://jneen.net/ 提交于 2月 28, 2017
  
  f7a111e9
- H
  
  use the policy stack to protect logins · 0ea04cc5
  由 http://jneen.net/ 提交于 2月 28, 2017
  
  0ea04cc5
- H
  
  add User#internal? and some global permissions · d9cfed07
  由 http://jneen.net/ 提交于 2月 28, 2017
  
  d9cfed07
31 8月, 2016 2 次提交
- H
  
  line break after guard clause · b7d30000
  由 http://jneen.net/ 提交于 8月 30, 2016
  
  b7d30000
- H
  
  factor in global permissions · 9a0ea135
  由 http://jneen.net/ 提交于 8月 16, 2016
  
  9a0ea135