Merge branch '7-12-stable' of dev.gitlab.org:gitlab/gitlabhq into 7-12-rc3

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: db/schema.rb doc/README.md doc/workflow/README.md

Merge branch '7-12-stable' of dev.gitlab.org:gitlab/gitlabhq into 7-12-rc3
5f1dac4b · Dmitriy Zaporozhets · 52080ba3 · d8d8fe76 · 5f1dac4b · 5f1dac4b
Unverified Commit 5f1dac4b authored 9 years ago by Dmitriy Zaporozhets
--- a/app/assets/javascripts/dispatcher.js.coffee
+++ b/app/assets/javascripts/dispatcher.js.coffee
@@ -55,7 +55,7 @@ class Dispatcher
      when 'projects:merge_requests:index'
        shortcut_handler = new ShortcutsNavigation()
        MergeRequests.init()
-      when 'dashboard:show'
+      when 'dashboard:show', 'root:show'
        new Dashboard()
        new Activities()
      when 'dashboard:projects:starred'

--- a/app/assets/javascripts/profile.js.coffee
+++ b/app/assets/javascripts/profile.js.coffee
 class @Profile
  constructor: ->
-    $('.edit_user .application-theme input, .edit_user .code-preview-theme input').click ->
-      # Submit the form
-      $('.edit_user').submit()
-
-      new Flash("Appearance settings saved", "notice")
+    # Automatically submit the Preferences form when any of its radio buttons change
+    $('.js-preferences-form').on 'change.preference', 'input[type=radio]', ->
+      $(this).parents('form').submit()
  
    $('.update-username form').on 'ajax:before', ->
      $('.loading-gif').show()
@@ -18,7 +16,6 @@ class @Profile
    $('.update-notifications').on 'ajax:complete', ->
      $(this).find('.btn-save').enable()
  
-
    $('.js-choose-user-avatar-button').bind "click", ->
      form = $(this).closest("form")
      form.find(".js-user-avatar-input").click()

--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -89,7 +89,7 @@ def after_sign_in_path_for(resource)
  end
  
  def after_sign_out_path_for(resource)
-    current_application_settings.after_sign_out_path || new_user_session_path 
+    current_application_settings.after_sign_out_path || new_user_session_path
  end
  
  def abilities
@@ -140,11 +140,6 @@ def authorize_project!(action)
    return access_denied! unless can?(current_user, action, project)
  end
  
-  def authorize_labels!
-    # Labels should be accessible for issues and/or merge requests
-    authorize_read_issue! || authorize_read_merge_request!
-  end
-
  def access_denied!
    render "errors/access_denied", layout: "errors", status: 404
  end

--- a/app/controllers/profiles/preferences_controller.rb
+++ b/app/controllers/profiles/preferences_controller.rb
+class Profiles::PreferencesController < Profiles::ApplicationController
+  before_action :user
+
+  def show
+  end
+
+  def update
+    begin
+      if @user.update_attributes(preferences_params)
+        flash[:notice] = 'Preferences saved.'
+      else
+        flash[:alert] = 'Failed to save preferences.'
+      end
+    rescue ArgumentError => e
+      # Raised when `dashboard` is given an invalid value.
+      flash[:alert] = "Failed to save preferences (#{e.message})."
+    end
+
+    respond_to do |format|
+      format.html { redirect_to profile_preferences_path }
+      format.js
+    end
+  end
+
+  private
+
+  def user
+    @user = current_user
+  end
+
+  def preferences_params
+    params.require(:user).permit(
+      :color_scheme_id,
+      :dashboard,
+      :theme_id
+    )
+  end
+end
--- a/app/controllers/profiles_controller.rb
+++ b/app/controllers/profiles_controller.rb
@@ -8,9 +8,6 @@ class ProfilesController < Profiles::ApplicationController
  def show
  end
  
-  def design
-  end
-
  def applications
    @applications = current_user.oauth_applications
    @authorized_tokens = current_user.oauth_authorized_tokens
@@ -29,7 +26,6 @@ def update
  
    respond_to do |format|
      format.html { redirect_to :back }
-      format.js
    end
  end
  
@@ -65,10 +61,21 @@ def authorize_change_username!
  
  def user_params
    params.require(:user).permit(
-      :email, :password, :password_confirmation, :bio, :name,
-      :username, :skype, :linkedin, :twitter, :website_url,
-      :color_scheme_id, :theme_id, :avatar, :hide_no_ssh_key,
-      :hide_no_password, :location, :public_email
+      :avatar,
+      :bio,
+      :email,
+      :hide_no_password,
+      :hide_no_ssh_key,
+      :linkedin,
+      :location,
+      :name,
+      :password,
+      :password_confirmation,
+      :public_email,
+      :skype,
+      :twitter,
+      :username,
+      :website_url
    )
  end
 end
--- a/app/controllers/projects/labels_controller.rb
+++ b/app/controllers/projects/labels_controller.rb
 class Projects::LabelsController < Projects::ApplicationController
  before_action :module_enabled
  before_action :label, only: [:edit, :update, :destroy]
-  before_action :authorize_labels!
+  before_action :authorize_read_label!
  before_action :authorize_admin_labels!, except: [:index]
  
  respond_to :js, :html

--- a/app/controllers/root_controller.rb
+++ b/app/controllers/root_controller.rb
+# RootController
+#
+# This controller exists solely to handle requests to `root_url`. When a user is
+# logged in and has customized their `dashboard` setting, they will be
+# redirected to their preferred location.
+#
+# For users who haven't customized the setting, we simply delegate to
+# `DashboardController#show`, which is the default.
+class RootController < DashboardController
+  before_action :redirect_to_custom_dashboard, only: [:show]
+
+  def show
+    super
+  end
+
+  private
+
+  def redirect_to_custom_dashboard
+    return unless current_user
+
+    case current_user.dashboard
+    when 'stars'
+      redirect_to starred_dashboard_projects_path
+    else
+      return
+    end
+  end
+end
--- a/app/helpers/preferences_helper.rb
+++ b/app/helpers/preferences_helper.rb
+# Helper methods for per-User preferences
+module PreferencesHelper
+  # Maps `dashboard` values to more user-friendly option text
+  DASHBOARD_CHOICES = {
+    projects: 'Your Projects (default)',
+    stars:    'Starred Projects'
+  }.with_indifferent_access.freeze
+
+  # Returns an Array usable by a select field for more user-friendly option text
+  def dashboard_choices
+    defined = User.dashboards
+
+    if defined.size != DASHBOARD_CHOICES.size
+      # Ensure that anyone adding new options updates this method too
+      raise RuntimeError, "`User` defines #{defined.size} dashboard choices," +
+        " but `DASHBOARD_CHOICES` defined #{DASHBOARD_CHOICES.size}."
+    else
+      defined.map do |key, _|
+        # Use `fetch` so `KeyError` gets raised when a key is missing
+        [DASHBOARD_CHOICES.fetch(key), key]
+      end
+    end
+  end
+end
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -154,6 +154,7 @@ def project_guest_rules
        :read_project,
        :read_wiki,
        :read_issue,
+        :read_label,
        :read_milestone,
        :read_project_snippet,
        :read_project_member,

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -50,12 +50,13 @@
 #  bitbucket_access_token        :string(255)
 #  bitbucket_access_token_secret :string(255)
 #  location                      :string(255)
+#  public_email                  :string(255)      default(""), not null
 #  encrypted_otp_secret          :string(255)
 #  encrypted_otp_secret_iv       :string(255)
 #  encrypted_otp_secret_salt     :string(255)
 #  otp_required_for_login        :boolean
 #  otp_backup_codes              :text
-#  public_email                  :string(255)      default(""), not null
+#  dashboard                     :integer          default(0)
 #
  
 require 'carrierwave/orm/activerecord'
@@ -734,4 +735,8 @@ def restricted_signup_domains
  def can_be_removed?
    !solo_owned_groups.present?
  end
+
+  # User's Dashboard preference
+  # Note: When adding an option, it MUST go on the end of the array.
+  enum dashboard: [:projects, :stars]
 end
--- a/app/views/layouts/nav/_dashboard.html.haml
+++ b/app/views/layouts/nav/_dashboard.html.haml
 %ul.nav.nav-sidebar
-  = nav_link(path: 'dashboard#show', html_options: {class: 'home'}) do
-    = link_to root_path, title: 'Home', class: 'shortcuts-activity', data: {placement: 'right'} do
+  = nav_link(path: ['dashboard#show', 'root#show'], html_options: {class: 'home'}) do
+    = link_to dashboard_path, title: 'Home', class: 'shortcuts-activity', data: {placement: 'right'} do
      = icon('dashboard fw')
      %span
        Your Projects

--- a/app/views/layouts/nav/_profile.html.haml
+++ b/app/views/layouts/nav/_profile.html.haml
@@ -38,11 +38,12 @@
      %span
        SSH Keys
        %span.count= current_user.keys.count
-  = nav_link(path: 'profiles#design') do
-    = link_to design_profile_path, title: 'Design', data: {placement: 'right'} do
+  = nav_link(controller: :preferences) do
+    = link_to profile_preferences_path, title: 'Preferences', data: {placement: 'right'} do
+      -# TODO (rspeicher): Better icon?
      = icon('image fw')
      %span
-        Design
+        Preferences
  = nav_link(path: 'profiles#history') do
    = link_to history_profile_path, title: 'History', data: {placement: 'right'} do
      = icon('history fw')

--- a/app/views/profiles/design.html.haml
+++ b/app/views/profiles/design.html.haml
- page_title "Design"
+- page_title 'Preferences'
 %h3.page-title
  = page_title
 %p.light
-  Appearance settings will be saved to your profile and made available across all devices.
+  These settings allow you to customize the appearance and behavior of the site.
+  They are saved with your account and will persist to any device you use to
+  access the site.
 %hr
  
-= form_for @user, url: profile_path, remote: true, method: :put do |f|
+= form_for @user, url: profile_preferences_path, remote: true, method: :put, html: {class: 'js-preferences-form form-horizontal'} do |f|
  .panel.panel-default.application-theme
    .panel-heading
      Application theme
@@ -50,7 +52,19 @@
      .code_highlight_opts
        - color_schemes.each do |color_scheme_id, color_scheme|
          = label_tag do
-            .prev
-              = image_tag "#{color_scheme}-scheme-preview.png"
+            .prev= image_tag "#{color_scheme}-scheme-preview.png"
            = f.radio_button :color_scheme_id, color_scheme_id
-            = color_scheme.gsub(/[-_]+/, ' ').humanize
+            = color_scheme.tr('-_', ' ').titleize
+
+  .panel.panel-default
+    .panel-heading
+      Behavior
+    .panel-body
+      .form-group
+        = f.label :dashboard, class: 'control-label' do
+          Default Dashboard
+          = link_to('(?)', help_page_path('profile', 'preferences') + '#default-dashboard', target: '_blank')
+        .col-sm-10
+          = f.select :dashboard, dashboard_choices, {}, class: 'form-control'
+    .panel-footer
+      = f.submit 'Save', class: 'btn btn-save'
--- a/app/views/profiles/update.js.erb
+++ b/app/views/profiles/update.js.erb
 // Remove body class for any previous theme, re-add current one
 $('body').removeClass('<%= Gitlab::Theme.body_classes %>')
 $('body').addClass('<%= app_theme %> <%= theme_type %>')
+
+// Re-enable the "Save" button
+$('input[type=submit]').enable()
+
+// Show the notice flash message
+new Flash('<%= flash.discard(:notice) %>', 'notice')
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -223,7 +223,6 @@
  resource :profile, only: [:show, :update] do
    member do
      get :history
-      get :design
      get :applications
  
      put :reset_private_token
@@ -242,6 +241,7 @@
          put :reset
        end
      end
+      resource :preferences, only: [:show, :update]
      resources :keys
      resources :emails, only: [:index, :create, :destroy]
      resource :avatar, only: [:destroy]
@@ -330,7 +330,7 @@
    get '/users/auth/:provider/omniauth_error' => 'omniauth_callbacks#omniauth_error', as: :omniauth_error
  end
  
-  root to: "dashboard#show"
+  root to: "root#show"
  
  #
  # Project Area

--- a/db/migrate/20150610065936_add_dashboard_to_users.rb
+++ b/db/migrate/20150610065936_add_dashboard_to_users.rb
+class AddDashboardToUsers < ActiveRecord::Migration
+  def up
+    add_column :users, :dashboard, :integer, default: 0
+  end
+
+  def down
+    remove_column :users, :dashboard
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
  
-ActiveRecord::Schema.define(version: 20150609125332) do
+ActiveRecord::Schema.define(version: 20150610065936) do
  
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@@ -40,13 +40,14 @@
    t.boolean  "twitter_sharing_enabled",      default: true
    t.text     "help_text"
    t.text     "restricted_visibility_levels"
-    t.integer  "max_attachment_size",          default: 10,   null: false
+    t.boolean  "version_check_enabled",        default: true
+    t.integer  "max_attachment_size",          default: 10,    null: false
    t.integer  "default_project_visibility"
    t.integer  "default_snippet_visibility"
    t.text     "restricted_signup_domains"
-    t.boolean  "version_check_enabled",        default: true
    t.boolean  "user_oauth_applications",      default: true
    t.string   "after_sign_out_path"
+    t.integer  "session_expire_delay",         default: 10080, null: false
  end
  
  create_table "approvals", force: true do |t|
@@ -579,12 +580,13 @@
    t.string   "bitbucket_access_token"
    t.string   "bitbucket_access_token_secret"
    t.string   "location"
-    t.string   "public_email",                  default: "",    null: false
    t.string   "encrypted_otp_secret"
    t.string   "encrypted_otp_secret_iv"
    t.string   "encrypted_otp_secret_salt"
    t.boolean  "otp_required_for_login"
    t.text     "otp_backup_codes"
+    t.string   "public_email",                  default: "",    null: false
+    t.integer  "dashboard",                     default: 0
  end
  
  add_index "users", ["admin"], name: "index_users_on_admin", using: :btree

--- a/doc/README.md
+++ b/doc/README.md
@@ -3,35 +3,36 @@
 ## User documentation
  
 - [API](api/README.md) Automate GitLab via a simple and powerful API.
+- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
 - [Importing to GitLab](workflow/importing/README.md).
 - [Markdown](markdown/markdown.md) GitLab's advanced formatting system.
 - [Permissions](permissions/permissions.md) Learn what each role in a project (guest/reporter/developer/master/owner) can do.
+- [Profile Settings](profile/README.md)
 - [Project Services](project_services/project_services.md) Integrate a project with external services, such as CI and chat.
 - [Public access](public_access/public_access.md) Learn how you can allow public and internal access to projects.
 - [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects.
 - [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project.
 - [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
- [GitLab as OAuth2 authentication service provider](integration/oauth_provider.md). It allows you to login to other applications from GitLab.
  
 ## Administrator documentation
  
+- [Audit Events](administration/audit_events.md) Check how user access changed in projects and groups.
+- [Changing the appearance of the login page](customization/branded_login_page.md) Make the login page branded for your GitLab instance.
+- [Custom git hooks](hooks/custom_hooks.md) Custom git hooks (on the filesystem) for when web hooks aren't enough.
+- [Email](tools/email.md) Email GitLab users from GitLab
+- [Git Hooks](git_hooks/git_hooks.md) Advanced push rules for your project.
+- [Help message](customization/help_message.md) Set information about administrators of your GitLab instance.
 - [Install](install/README.md) Requirements, directory structures and installation from source.
 - [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, LDAP and Twitter.
+- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
+- [Libravatar](customization/libravatar.md) Use Libravatar for user avatars.
+- [Log system](logs/logs.md) Log system
+- [Operations](operations/README.md) Keeping GitLab up and running
 - [Raketasks](raketasks/README.md) Backups, maintenance, automatic web hook setup and the importing of projects.
- [Custom git hooks](hooks/custom_hooks.md) Custom git hooks (on the filesystem) for when web hooks aren't enough.
 - [System hooks](system_hooks/system_hooks.md) Notifications when users, projects and keys are changed.
 - [Security](security/README.md) Learn what you can do to further secure your GitLab instance.
 - [Update](update/README.md) Update guides to upgrade your installation.
- [Audit Events](administration/audit_events.md) Check how user access changed in projects and groups.
- [Changing the appearance of the login page](customization/branded_login_page.md) Make the login page branded for your GitLab instance.
- [Help message](customization/help_message.md) Set information about administrators of your GitLab instance.
- [Git Hooks](git_hooks/git_hooks.md) Advanced push rules for your project.
- [Email](tools/email.md) Email GitLab users from GitLab
 - [Welcome message](customization/welcome_message.md) Add a custom welcome message to the sign-in page.
- [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
- [Libravatar](customization/libravatar.md) Use Libravatar for user avatars.
- [Operations](operations/README.md) Keeping GitLab up and running
- [Log system](logs/logs.md) Log system
  
 ## Contributor documentation
  

--- a/doc/workflow/2fa.png
+++ b/doc/workflow/2fa.png
--- a/doc/workflow/2fa_auth.png
+++ b/doc/workflow/2fa_auth.png