提交 · f8530580100f56fe3bef5f3a73d3e543b038f98f · 李少辉-开发者 / gitlab-foss

01 11月, 2016 1 次提交

Allow to search for user by secondary email address in the admin interface · f8530580

由 Yar 提交于 10月 25, 2016

It is not possible to search for a user by his secondary email address in
the Users search bar in the admin interface(/admin/users). A use-case could
be that an admin wants to remove a specific secondary email address of an
user, because it interferes with another user. Issue #23761

This commit adds ability to search not only by main email, but also
by any secondary email in the admin interface.

f8530580

25 10月, 2016 1 次提交
- D
  Remove redundant class_name and foreign_key overrides · 03b6108f
  由 David Wagner 提交于 10月 18, 2016
```
They were Rails' default and are unnecessarily overridden.
Signed-off-by: NDavid Wagner <david@marvid.fr>
```
  03b6108f
05 10月, 2016 1 次提交

Refactor Gitlab::Identifier · 16ed9b61

由 Yorick Peterse 提交于 10月 04, 2016

This refactors Gitlab::Identifier so it uses fewer queries and is
actually tested. Queries are reduced by caching the output as well as
using 1 query (instead of 2) to find a user using an SSH key.

16ed9b61

01 9月, 2016 1 次提交
- F
  
  Project tools visibility level · 892dea67
  由 Felipe Artur 提交于 8月 01, 2016
  
  892dea67
25 8月, 2016 1 次提交
- P
  
  Show "Create Merge Request" widget for push events to fork projects on the source project · cfe512d6
  由 Paco Guzman 提交于 8月 24, 2016
  
  cfe512d6
17 8月, 2016 1 次提交

Move to project dropdown with infinite scroll for better performance · 03386633

由 Paco Guzman 提交于 8月 05, 2016

Use just SQL to check is a user can admin_issue on a project

Tradeoff

- we duplicate how we check admin_issue in a SQL relation in the Ability class

03386633

12 8月, 2016 1 次提交
- L
  Simplify the name for data builder, feedback: · d5264e88
  由 Lin Jen-Shin 提交于 8月 12, 2016
```
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5620#note_13671791
```
  d5264e88
09 8月, 2016 1 次提交
- T
  
  adds second batch of tests changed to active tense · 1d268a89
  由 tiagonbotelho 提交于 8月 01, 2016
  
  1d268a89
04 8月, 2016 1 次提交
- L
  Move those builders to their own namespace, feedback: · 984367f9
  由 Lin Jen-Shin 提交于 8月 04, 2016
```
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5620#note_13540099
```
  984367f9
02 8月, 2016 1 次提交
- K
  
  Tidy the key spec and fix failing user spec · b371d751
  由 Keith Pope 提交于 8月 02, 2016
  
  b371d751
20 7月, 2016 1 次提交

Ensure Owners are included in the scope for authorized_projects · 17bac491

由 Robert Speicher 提交于 7月 19, 2016

Prior, when providing a `min_access_level` parameter to this method, we
called `Gitlab::Access.values` instead of `all_values`, mistakenly
omitting the `OWNER` level.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19878

17bac491

19 7月, 2016 4 次提交
- P
  
  Default to manual input for `domain_whitelist`, syntax fixes and added new tests. · 6b8eceda
  由 Patricio Cano 提交于 7月 18, 2016
  
  6b8eceda
- P
  Refactor and rename `restricted_signup_domains` to `domain_whitelist` to... · c71e658c
  由 Patricio Cano 提交于 7月 15, 2016
```
Refactor and rename `restricted_signup_domains` to `domain_whitelist` to better conform to its behavior and newly introduced behavior.
```
  c71e658c
- P
  
  Refactored the domain separator regex, plus syntax and grammar fixes. · 79437672
  由 Patricio Cano 提交于 7月 15, 2016
  
  79437672
- P
  
  Added the ability to block sign ups using a domain blacklist. · defb8660
  由 Patricio Cano 提交于 7月 14, 2016
  
  defb8660
15 7月, 2016 1 次提交
- K
  
  Track a user who created a pipeline · 1556d484
  由 Kamil Trzcinski 提交于 7月 15, 2016
  
  1556d484
12 7月, 2016 1 次提交
- R
  
  Avoid `describe`-ing symbols in specs · adc6ec4a
  由 Robert Speicher 提交于 7月 11, 2016
  
  adc6ec4a
08 7月, 2016 1 次提交

Added setting to set new users by default as external · a0a9494e

由 Dravere 提交于 7月 06, 2016

As requested by the issue #14508 this adds an option in the application
settings to set newly registered users by default as external. The
default setting is set to false to stay backward compatible.

a0a9494e

24 6月, 2016 1 次提交

Fix an information disclosure when requesting access to a group containing private projects · aec3475d

由 Rémy Coutable 提交于 6月 24, 2016

The issue was with the `User#groups` and `User#projects` associations
which goes through the `User#group_members` and `User#project_members`.

Initially I chose to use a secure approach by storing the requester's
user ID in `Member#created_by_id` instead of `Member#user_id` because I
was aware that there was a security risk since I didn't know the
codebase well enough.

Then during the review, we decided to change that and directly store the
requester's user ID into `Member#user_id` (for the sake of simplifying
the code I believe), meaning that every `group_members` / `project_members`
association would include the requesters by default...

My bad for not checking that all the `group_members` / `project_members`
associations and the ones that go through them (e.g. `Group#users` and
`Project#users`) were made safe with the `where(requested_at: nil)` /
`where(members: { requested_at: nil })` scopes.

Now they are all secure.
Signed-off-by: NRémy Coutable <remy@rymai.me>

aec3475d

07 6月, 2016 8 次提交
- L
  Add a blank line between before and it: · 4f34cf32
  由 Lin Jen-Shin 提交于 6月 07, 2016
```
Feedback from:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12301563
```
  4f34cf32
- L
  Avoid using subject and is_expected.to: · 4fcdcc36
  由 Lin Jen-Shin 提交于 6月 06, 2016
```
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12274602
```
  4fcdcc36
- L
  Prefer do and end for before/after: · 5f3e6473
  由 Lin Jen-Shin 提交于 6月 02, 2016
```
Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12217415
```
  5f3e6473
- L
  
  Fix method definition style · db95704f
  由 Lin Jen-Shin 提交于 6月 02, 2016
  
  db95704f
- L
  Use rspec's matchers and update style: · 2dd60b9b
  由 Lin Jen-Shin 提交于 6月 02, 2016
```
Feedback from:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194552
```
  2dd60b9b
- L
  Use subject for more consistent testing style: · 0c2962eb
  由 Lin Jen-Shin 提交于 6月 02, 2016
```
Feedback from:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194489
```
  0c2962eb
- L
  This is easier to write: · 5360ef2c
  由 Lin Jen-Shin 提交于 6月 02, 2016
```
Feedback from:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4404#note_12194471
```
  5360ef2c
- L
  
  Add a test for User#ci_authorized_runners · e8cf89fa
  由 Lin Jen-Shin 提交于 6月 01, 2016
  
  e8cf89fa
06 6月, 2016 1 次提交

Add a `U2fRegistrations` table/model. · 791cc913

由 Timothy Andrew 提交于 6月 06, 2016

- To hold registrations from U2F devices, and to authenticate them.
- Previously, `User#two_factor_enabled` was aliased to the
  `otp_required_for_login` column on `users`.
- This commit changes things a bit:
    - `User#two_factor_enabled` is not a method anymore
    - `User#two_factor_enabled?` checks both the
      `otp_required_for_login` column, as well as `U2fRegistration`s
    - Change all instances of `User#two_factor_enabled` to
      `User#two_factor_enabled?`
- Add the `u2f` gem, and implement registration/authentication at the
  model level.

791cc913

03 6月, 2016 2 次提交
- J
  Revert "Fix merge conflicts - squashed commit" · 721014c9
  由 James Lopez 提交于 6月 03, 2016
```
This reverts commit 3e991230.
```
  721014c9
- J
  Fix merge conflicts - squashed commit · 3e991230
  由 James Lopez 提交于 6月 03, 2016
```
# Conflicts:
#	app/models/project.rb
```
  3e991230
28 5月, 2016 1 次提交
- D
  
  Update tests for the current_application_settings request store changes · 7d57b110
  由 DJ Mountney 提交于 5月 27, 2016
  
  7d57b110
17 5月, 2016 1 次提交
- F
  
  Change skip_user_confirmation_email to send_user_confirmation_email · c5526a2d
  由 Felipe Artur 提交于 4月 28, 2016
  
  c5526a2d
11 5月, 2016 2 次提交

S

Tidy up user project specs · acd8930c
由 Sean McGivern 提交于 5月 11, 2016

acd8930c

Restrict starred projects to viewable ones · 97424ea5

由 Sean McGivern 提交于 5月 10, 2016

`User#starred_projects` doesn't perform any visibility checks. This has
a couple of problems:

1. It assumes a user can always view all of their starred projects in
   perpetuity (project not changed to private, access revoked, etc.).
2. It assumes that we'll only ever allow a user to star a project they
   can view. This is currently the case, but bugs happen.

Add `User#viewable_starred_projects` to filter the starred projects by
those the user either has explicit access to, or are public or
internal. Then use that in all places where we list the user's starred
projects.

97424ea5

10 5月, 2016 2 次提交

Z

Add tests on Awardables and Award Emoji · dccf8a9f
由 Zeger-Jan van de Weg 提交于 4月 25, 2016

dccf8a9f

Remove the annotate gem and delete old annotations · f1479b56

由 Jeroen van Baarsen 提交于 5月 09, 2016

In 8278b763 the default behaviour of annotation
has changes, which was causing a lot of noise in diffs. We decided in #17382
that it is better to get rid of the whole annotate gem, and instead let people
look at schema.rb for the columns in a table.

Fixes: #17382

f1479b56

01 4月, 2016 1 次提交
- Z
  
  Allow temp-oauth-email as notification email · 2c620713
  由 Zeger-Jan van de Weg 提交于 3月 31, 2016
  
  2c620713
15 3月, 2016 1 次提交
- R
  Revert "Merge branch 'avatar-cropping' into 'master' · 17148831
  由 Rémy Coutable 提交于 3月 15, 2016
```
This reverts commit 01160fc0, reversing
changes made to 4bff9daf.
```
  17148831
14 3月, 2016 2 次提交

Z
Create an external users tab on Admin user list · 76eeb316
由 Zeger-Jan van de Weg 提交于 3月 13, 2016
```
Also incorporates the review into this, mainly spec changes.
```
76eeb316

External Users · 42fcd388

由 Zeger-Jan van de Weg 提交于 3月 10, 2016

The user has the rights of a public user execpt it can never create a project,
 group, or team. Also it cant view internal projects.

42fcd388