diff --git a/CHANGELOG b/CHANGELOG
index 62cfc81cc0bb29109d4fb0906a181330d20bfe72..11dd510d802daf8c89fbdb5967e916099c01ae56 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -23,6 +23,8 @@ v 8.10.0 (unreleased)
- Add notification settings dropdown for groups
- Allow importing from Github using Personal Access Tokens. (Eric K Idema)
- API: Todos !3188 (Robert Schilling)
+ - Add "Enabled Git access protocols" to Application Settings
+ - Implement Subresource Integrity for CSS and JavaScript assets. This prevents malicious assets from loading in the case of a CDN compromise.
- Fix user creation with stronger minimum password requirements !4054 (nathan-pmt)
- PipelinesFinder uses git cache data
- Check for conflicts with existing Project's wiki path when creating a new project.
@@ -176,7 +178,6 @@ v 8.9.0
- Fix horizontal scrollbar for long commit message.
- GitLab Performance Monitoring now tracks the total method execution time and call count per method
- Add Environments and Deployments
- - Add "Enabled Git access protocols" to Application Settings
- Redesign account and email confirmation emails
- Don't fail builds for projects that are deleted
- Support Docker Registry manifest v1
diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 19403388dc6f2a5c54b0e3733738df702e8e49cd..6b0dde5dfe65daf8b140b6eac2da17b0f4c7738e 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -32,11 +32,11 @@ module ApplicationSettingsHelper
end
def allowed_protocols_present?
- current_application_settings.enabled_git_access_protocols.present?
+ current_application_settings.enabled_git_access_protocol.present?
end
def enabled_protocol
- case current_application_settings.enabled_git_access_protocols
+ case current_application_settings.enabled_git_access_protocol
when 'http'
gitlab_config.protocol
when 'ssh'
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 314e69fa8b6a1813e633d02eac3d0f426f86b151..7bf618d60b9a1b329d38d8f6da015b5646b0a92b 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -59,7 +59,7 @@ class ApplicationSetting < ActiveRecord::Base
presence: true,
inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } }
- validates :enabled_git_access_protocols,
+ validates :enabled_git_access_protocol,
inclusion: { in: %w(ssh http), allow_blank: true, allow_nil: true }
validates_each :restricted_visibility_levels do |record, attr, value|
diff --git a/app/views/admin/application_settings/_form.html.haml b/app/views/admin/application_settings/_form.html.haml
index 99bf2701f644cec025d0ab2d87d204bf6ce82d8a..eb325576e4f99d340e900282ed7eb2d93edb0482 100644
--- a/app/views/admin/application_settings/_form.html.haml
+++ b/app/views/admin/application_settings/_form.html.haml
@@ -46,7 +46,7 @@
.form-group
%label.control-label.col-sm-2 Enabled Git access protocols
.col-sm-10
- = select(:application_setting, :enabled_git_access_protocols, [['Both SSH and HTTP(S)', nil], ['Only SSH', 'ssh'], ['Only HTTP(S)', 'http']], {}, class: 'form-control')
+ = select(:application_setting, :enabled_git_access_protocol, [['Both SSH and HTTP(S)', nil], ['Only SSH', 'ssh'], ['Only HTTP(S)', 'http']], {}, class: 'form-control')
%span.help-block#clone-protocol-help
Allow only the selected protocols to be used for Git access.
.form-group
diff --git a/db/migrate/20160615173316_add_enabled_git_access_protocols_to_application_settings.rb b/db/migrate/20160615173316_add_enabled_git_access_protocols_to_application_settings.rb
index c75e20880db4d91de2cc27234eddf0c67e161c66..013904b3f4f3832ff19eadac179298b3f51adca9 100644
--- a/db/migrate/20160615173316_add_enabled_git_access_protocols_to_application_settings.rb
+++ b/db/migrate/20160615173316_add_enabled_git_access_protocols_to_application_settings.rb
@@ -6,6 +6,6 @@ class AddEnabledGitAccessProtocolsToApplicationSettings < ActiveRecord::Migratio
include Gitlab::Database::MigrationHelpers
def change
- add_column :application_settings, :enabled_git_access_protocols, :string
+ add_column :application_settings, :enabled_git_access_protocol, :string
end
end
diff --git a/lib/gitlab/protocol_access.rb b/lib/gitlab/protocol_access.rb
index 836ff8a34bac78ddd42e6fb643e800d30fd15e16..4c90654c59ccc404714d1800642d5f6d2bed240e 100644
--- a/lib/gitlab/protocol_access.rb
+++ b/lib/gitlab/protocol_access.rb
@@ -3,10 +3,10 @@ module Gitlab
def self.allowed?(protocol)
if protocol.to_s == 'web'
true
- elsif current_application_settings.enabled_git_access_protocols.blank?
+ elsif current_application_settings.enabled_git_access_protocol.blank?
true
else
- protocol.to_s == current_application_settings.enabled_git_access_protocols
+ protocol.to_s == current_application_settings.enabled_git_access_protocol
end
end
end
diff --git a/spec/features/admin/admin_disables_git_access_protocol_spec.rb b/spec/features/admin/admin_disables_git_access_protocol_spec.rb
index 550dcb6245313012262907a80eb91754b073fca9..5b1c0460274087b2b7f3fab5ba8849d356c4e39e 100644
--- a/spec/features/admin/admin_disables_git_access_protocol_spec.rb
+++ b/spec/features/admin/admin_disables_git_access_protocol_spec.rb
@@ -54,13 +54,13 @@ feature 'Admin disables Git access protocol', feature: true do
def disable_http_protocol
visit admin_application_settings_path
- find('#application_setting_enabled_git_access_protocols').find(:xpath, 'option[2]').select_option
+ find('#application_setting_enabled_git_access_protocol').find(:xpath, 'option[2]').select_option
click_on 'Save'
end
def disable_ssh_protocol
visit admin_application_settings_path
- find('#application_setting_enabled_git_access_protocols').find(:xpath, 'option[3]').select_option
+ find('#application_setting_enabled_git_access_protocol').find(:xpath, 'option[3]').select_option
click_on 'Save'
end
end
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index ddccd2d9eb3552c6a1a0cdc507e69e156ce93aa6..c79ba11f782dbe0e946e483a41db568908f47be3 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -70,7 +70,7 @@ describe Gitlab::GitAccess, lib: true do
describe '#check with single protocols allowed' do
def disable_protocol(protocol)
settings = ::ApplicationSetting.create_from_defaults
- settings.update_attribute(:enabled_git_access_protocols, protocol)
+ settings.update_attribute(:enabled_git_access_protocol, protocol)
end
context 'ssh disabled' do
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index 1f49cdad044df85d9aee65bb87a13b7543b48f71..e567d36afa8bf4472bc2efdcc55732d180235cb8 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -211,7 +211,7 @@ describe API::API, api: true do
context 'ssh access has been disabled' do
before do
settings = ::ApplicationSetting.create_from_defaults
- settings.update_attribute(:enabled_git_access_protocols, 'http')
+ settings.update_attribute(:enabled_git_access_protocol, 'http')
end
it 'rejects the SSH push' do
@@ -234,7 +234,7 @@ describe API::API, api: true do
context 'http access has been disabled' do
before do
settings = ::ApplicationSetting.create_from_defaults
- settings.update_attribute(:enabled_git_access_protocols, 'ssh')
+ settings.update_attribute(:enabled_git_access_protocol, 'ssh')
end
it 'rejects the HTTP push' do
@@ -257,7 +257,7 @@ describe API::API, api: true do
context 'web actions are always allowed' do
it 'allows WEB push' do
settings = ::ApplicationSetting.create_from_defaults
- settings.update_attribute(:enabled_git_access_protocols, 'ssh')
+ settings.update_attribute(:enabled_git_access_protocol, 'ssh')
project.team << [user, :developer]
push(key, project, 'web')