Merge branch 'master' into docs_refactor

app/models/sent_notification.rb

@@ -25,8 +25,6 @@ class SentNotification < ActiveRecord::Base
   class << self
     def reply_key
-      return nil unless Gitlab::IncomingEmail.enabled?
-
       SecureRandom.hex(16)
     end
@@ -59,11 +57,15 @@ class SentNotification < ActiveRecord::Base
     def record_note(note, recipient_id, reply_key, params = {})
       params[:line_code] = note.line_code
-      
+
       record(note.noteable, recipient_id, reply_key, params)
     end
   end
+  def unsubscribable?
+    !for_commit?
+  end
+
   def for_commit?
     noteable_type == "Commit"
   end
@@ -75,4 +77,8 @@ class SentNotification < ActiveRecord::Base
       super
     end
   end
+
+  def to_param
+    self.reply_key
+  end
 end

app/models/user.rb

@@ -196,10 +196,22 @@ class User < ActiveRecord::Base
   state_machine :state, initial: :active do
     event :block do
       transition active: :blocked
+      transition ldap_blocked: :blocked
+    end
+
+    event :ldap_block do
+      transition active: :ldap_blocked
     end
     event :activate do
       transition blocked: :active
+      transition ldap_blocked: :active
+    end
+
+    state :blocked, :ldap_blocked do
+      def blocked?
+        true
+      end
     end
   end
@@ -207,7 +219,7 @@ class User < ActiveRecord::Base
   # Scopes
   scope :admins, -> { where(admin: true) }
-  scope :blocked, -> { with_state(:blocked) }
+  scope :blocked, -> { with_states(:blocked, :ldap_blocked) }
   scope :active, -> { with_state(:active) }
   scope :not_in_project, ->(project) { project.users.present? ? where("id not in (:ids)", ids: project.users.map(&:id) ) : all }
   scope :without_projects, -> { where('id NOT IN (SELECT DISTINCT(user_id) FROM members)') }

app/models/wiki_page.rb

@@ -169,7 +169,7 @@ class WikiPage
   private
   def set_attributes
-    attributes[:slug] = @page.escaped_url_path
+    attributes[:slug] = @page.url_path
     attributes[:title] = @page.title
     attributes[:format] = @page.format
   end

app/services/merge_requests/merge_service.rb

@@ -44,7 +44,7 @@ module MergeRequests
     def after_merge
       MergeRequests::PostMergeService.new(project, current_user).execute(merge_request)
-      if params[:should_remove_source_branch]
+      if params[:should_remove_source_branch].present?
         DeleteBranchService.new(@merge_request.source_project, current_user).
           execute(merge_request.source_branch)
       end

app/services/repair_ldap_blocked_user_service.rb

+class RepairLdapBlockedUserService
+  attr_accessor :user
+
+  def initialize(user)
+    @user = user
+  end
+
+  def execute
+    user.block if ldap_hard_blocked?
+  end
+
+  private
+
+  def ldap_hard_blocked?
+    user.ldap_blocked? && !user.ldap_user?
+  end
+end

app/services/system_hooks_service.rb

@@ -47,7 +47,8 @@ class SystemHooksService
       data.merge!({
         name: model.name,
         email: model.email,
-        user_id: model.id
+        user_id: model.id,
+        username: model.username
       })
     when ProjectMember
       data.merge!(project_member_data(model))
@@ -99,8 +100,10 @@ class SystemHooksService
       project_path: model.project.path,
       project_path_with_namespace: model.project.path_with_namespace,
       project_id: model.project.id,
+      user_username: model.user.username,
       user_name: model.user.name,
       user_email: model.user.email,
+      user_id: model.user.id,
       access_level: model.human_access,
       project_visibility: Project.visibility_levels.key(model.project.visibility_level_field).downcase
     }
@@ -111,6 +114,7 @@ class SystemHooksService
       group_name: model.group.name,
       group_path: model.group.path,
       group_id: model.group.id,
+      user_username: model.user.username,
       user_name: model.user.name,
       user_email: model.user.email,
       user_id: model.user.id,

app/uploaders/artifact_uploader.rb

@@ -32,6 +32,10 @@ class ArtifactUploader < CarrierWave::Uploader::Base
     self.class.storage == CarrierWave::Storage::File
   end
+  def filename
+    file.try(:filename)
+  end
+
   def exists?
     file.try(:exists?)
   end

app/views/abuse_reports/new.html.haml

@@ -16,7 +16,7 @@
   .form-group
     = f.label :message, class: 'control-label'
     .col-sm-10
-      = f.text_area :message, class: "form-control js-quick-submit", rows: 2, required: true
+      = f.text_area :message, class: "form-control js-quick-submit", rows: 2, required: true, value: sanitize(@ref_url)
       .help-block
         Explain the problem with this user. If appropriate, provide a link to the relevant issue or comment.

app/views/admin/application_settings/_form.html.haml

@@ -202,6 +202,13 @@
         .help-block
           A method call is only tracked when it takes longer to complete than
           the given amount of milliseconds.
+    .form-group
+      = f.label :metrics_sample_interval, 'Sampler Interval (sec)', class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.number_field :metrics_sample_interval, class: 'form-control'
+        .help-block
+          The sampling interval in seconds. Sampled data includes memory usage,
+          retained Ruby objects, file descriptors and so on.
   %fieldset
     %legend Spam and Anti-bot Protection

app/views/admin/broadcast_messages/_form.html.haml

+.broadcast-message-preview{ style: broadcast_message_style(@broadcast_message) }
+  = icon('bullhorn')
+  %span= @broadcast_message.message || "Your message here"
+
+= form_for [:admin, @broadcast_message], html: { class: 'broadcast-message-form form-horizontal js-requires-input'} do |f|
+  -if @broadcast_message.errors.any?
+    .alert.alert-danger
+      - @broadcast_message.errors.full_messages.each do |msg|
+        %p= msg
+  .form-group
+    = f.label :message, class: 'control-label'
+    .col-sm-10
+      = f.text_area :message, class: "form-control js-quick-submit", rows: 2, required: true
+  .form-group.js-toggle-colors-container
+    .col-sm-10.col-sm-offset-2
+      = link_to 'Customize colors', '#', class: 'js-toggle-colors-link'
+  .form-group.js-toggle-colors-container.hide
+    = f.label :color, "Background Color", class: 'control-label'
+    .col-sm-10
+      = f.color_field :color, class: "form-control"
+  .form-group.js-toggle-colors-container.hide
+    = f.label :font, "Font Color", class: 'control-label'
+    .col-sm-10
+      = f.color_field :font, class: "form-control"
+  .form-group
+    = f.label :starts_at, class: 'control-label'
+    .col-sm-10.datetime-controls
+      = f.datetime_select :starts_at, {}, class: 'form-control form-control-inline'
+  .form-group
+    = f.label :ends_at, class: 'control-label'
+    .col-sm-10.datetime-controls
+      = f.datetime_select :ends_at, {}, class: 'form-control form-control-inline'
+  .form-actions
+    - if @broadcast_message.persisted?
+      = f.submit "Update broadcast message", class: "btn btn-create"
+    - else
+      = f.submit "Add broadcast message", class: "btn btn-create"

app/views/admin/broadcast_messages/edit.html.haml

+- page_title "Broadcast Messages"
+
+= render 'form'

app/views/admin/broadcast_messages/index.html.haml

 - page_title "Broadcast Messages"
+
 %h3.page-title
   Broadcast Messages
 %p.light
-  Broadcast messages are displayed for every user and can be used to notify users about scheduled maintenance, recent upgrades and more.
-.broadcast-message-preview
-  %i.fa.fa-bullhorn
-  %span Your message here
-
-= form_for [:admin, @broadcast_message], html: { class: 'broadcast-message-form form-horizontal'} do |f|
-  -if @broadcast_message.errors.any?
-    .alert.alert-danger
-      - @broadcast_message.errors.full_messages.each do |msg|
-        %p= msg
-  .form-group
-    = f.label :message, class: 'control-label'
-    .col-sm-10
-      = f.text_area :message, class: "form-control", rows: 2, required: true
-      %div
-        = link_to '#', class: 'js-toggle-colors-link' do
-          Customize colors
-  .form-group.js-toggle-colors-container.hide
-    = f.label :color, "Background Color", class: 'control-label'
-    .col-sm-10
-      = f.color_field :color, value: "#eb9532", class: "form-control"
-  .form-group.js-toggle-colors-container.hide
-    = f.label :font, "Font Color", class: 'control-label'
-    .col-sm-10
-      = f.color_field :font, value: "#FFFFFF", class: "form-control"
-  .form-group
-    = f.label :starts_at, class: 'control-label'
-    .col-sm-10.datetime-controls
-      = f.datetime_select :starts_at
-  .form-group
-    = f.label :ends_at, class: 'control-label'
-    .col-sm-10.datetime-controls
-      = f.datetime_select :ends_at
-  .form-actions
-    = f.submit "Add broadcast message", class: "btn btn-create"
--if @broadcast_messages.any?
-  %ul.bordered-list.broadcast-messages
-    - @broadcast_messages.each do |broadcast_message|
-      %li
-        .pull-right
-          - if broadcast_message.starts_at
-            %strong
-              #{broadcast_message.starts_at.to_s(:short)}
-            \...
-          - if broadcast_message.ends_at
-            %strong
-              #{broadcast_message.ends_at.to_s(:short)}
-           
-          = link_to [:admin, broadcast_message], method: :delete, remote: true, class: 'remove-row btn btn-xs' do
-            %i.fa.fa-times.cred
-        .message= broadcast_message.message
+  Broadcast messages are displayed for every user and can be used to notify
+  users about scheduled maintenance, recent upgrades and more.
+= render 'form'
+%br.clearfix
+-if @broadcast_messages.any?
+  %table.table
+    %thead
+      %tr
+        %th Status
+        %th Preview
+        %th Starts
+        %th Ends
+        %th  
+    %tbody
+      - @broadcast_messages.each do |message|
+        %tr
+          %td
+            = broadcast_message_status(message)
+          %td
+            = broadcast_message(message)
+          %td
+            = message.starts_at
+          %td
+            = message.ends_at
+          %td
+            = link_to icon('pencil-square-o'), edit_admin_broadcast_message_path(message), title: 'Edit', class: 'btn btn-xs'
+            = link_to icon('times'), admin_broadcast_message_path(message), method: :delete, remote: true, title: 'Remove', class: 'js-remove-tr btn btn-xs btn-danger'
   = paginate @broadcast_messages

app/views/admin/builds/_build.html.haml

@@ -60,8 +60,8 @@
   %td
     .pull-right
-      - if current_user && can?(current_user, :download_build_artifacts, project) && build.download_url
-        = link_to build.download_url, title: 'Download artifacts' do
+      - if current_user && can?(current_user, :read_build_artifacts, project) && build.artifacts?
+        = link_to build.artifacts_download_url, title: 'Download artifacts' do
           %i.fa.fa-download
       - if current_user && can?(current_user, :manage_builds, build.project)
         - if build.active?

app/views/admin/builds/index.html.haml

@@ -4,7 +4,7 @@
       - if @all_builds.running_or_pending.any?
         = link_to 'Cancel all', cancel_all_admin_builds_path, data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post
-  %ul.center-top-menu
+  %ul.nav-links
     %li{class: ('active' if @scope.nil?)}
       = link_to admin_builds_path do
         All

app/views/admin/logs/show.html.haml

 - page_title "Logs"
 - loggers = [Gitlab::GitLogger, Gitlab::AppLogger,
              Gitlab::ProductionLogger, Gitlab::SidekiqLogger]
-%ul.nav.nav-tabs.log-tabs
+%ul.nav-links.log-tabs
   - loggers.each do |klass|
     %li{ class: (klass == Gitlab::GitLogger ? 'active' : '') }
       = link_to klass::file_name, "##{klass::file_name_noext}",
           'data-toggle' => 'tab'
-%p.light To prevent performance issues admin logs output the last 2000 lines
+.gray-content-block
+  To prevent performance issues admin logs output the last 2000 lines
 .tab-content
   - loggers.each do |klass|
     .tab-pane{ class: (klass == Gitlab::GitLogger ? 'active' : ''),

app/views/admin/users/_head.html.haml

@@ -12,7 +12,7 @@
       %i.fa.fa-pencil-square-o
       Edit
 %hr
-%ul.nav.nav-tabs
+%ul.nav-links
   = nav_link(path: 'users#show') do
     = link_to "Account", admin_user_path(@user)
   = nav_link(path: 'users#groups') do
@@ -23,3 +23,4 @@
     = link_to "SSH keys", keys_admin_user_path(@user)
   = nav_link(controller: :identities) do
     = link_to "Identities", admin_user_identities_path(@user)
+.append-bottom-default

app/views/admin/users/index.html.haml

 - page_title "Users"
 = render 'shared/show_aside'
-.row
-  %aside.col-md-3
-    .admin-filter
-      %ul.nav.nav-pills.nav-stacked
-        %li{class: "#{'active' unless params[:filter]}"}
-          = link_to admin_users_path do
-            Active
-            %small.pull-right= number_with_delimiter(User.active.count)
-        %li{class: "#{'active' if params[:filter] == "admins"}"}
-          = link_to admin_users_path(filter: "admins") do
-            Admins
-            %small.pull-right= number_with_delimiter(User.admins.count)
-        %li.filter-two-factor-enabled{class: "#{'active' if params[:filter] == 'two_factor_enabled'}"}
-          = link_to admin_users_path(filter: 'two_factor_enabled') do
-            2FA Enabled
-            %small.pull-right= number_with_delimiter(User.with_two_factor.count)
-        %li.filter-two-factor-disabled{class: "#{'active' if params[:filter] == 'two_factor_disabled'}"}
-          = link_to admin_users_path(filter: 'two_factor_disabled') do
-            2FA Disabled
-            %small.pull-right= number_with_delimiter(User.without_two_factor.count)
-        %li{class: "#{'active' if params[:filter] == "blocked"}"}
-          = link_to admin_users_path(filter: "blocked") do
-            Blocked
-            %small.pull-right= number_with_delimiter(User.blocked.count)
-        %li{class: "#{'active' if params[:filter] == "wop"}"}
-          = link_to admin_users_path(filter: "wop") do
-            Without projects
-            %small.pull-right= number_with_delimiter(User.without_projects.count)
-      %hr
-      = form_tag admin_users_path, method: :get, class: 'form-inline' do
-        .form-group
-          = search_field_tag :name, params[:name], placeholder: 'Name, email or username', class: 'form-control', spellcheck: false
-          = hidden_field_tag "filter", params[:filter]
-        = button_tag class: 'btn btn-primary' do
-          %i.fa.fa-search
-      %hr
-      = link_to 'Reset', admin_users_path, class: "btn btn-cancel"
-  %section.col-md-9
-    .panel.panel-default
-      .panel-heading
-        Users (#{number_with_delimiter(@users.total_count)})
-        .panel-head-actions
-          .dropdown.inline
-            %a.dropdown-toggle.btn.btn-sm{href: '#', "data-toggle" => "dropdown"}
-              %span.light sort:
-              - if @sort.present?
-                = sort_options_hash[@sort]
-              - else
-                = sort_title_name
-              %b.caret
-            %ul.dropdown-menu
-              %li
-                = link_to admin_users_path(sort: sort_value_name, filter: params[:filter]) do
-                  = sort_title_name
-                = link_to admin_users_path(sort: sort_value_recently_signin, filter: params[:filter]) do
-                  = sort_title_recently_signin
-                = link_to admin_users_path(sort: sort_value_oldest_signin, filter: params[:filter]) do
-                  = sort_title_oldest_signin
-                = link_to admin_users_path(sort: sort_value_recently_created, filter: params[:filter]) do
-                  = sort_title_recently_created
-                = link_to admin_users_path(sort: sort_value_oldest_created, filter: params[:filter]) do
-                  = sort_title_oldest_created
-                = link_to admin_users_path(sort: sort_value_recently_updated, filter: params[:filter]) do
-                  = sort_title_recently_updated
-                = link_to admin_users_path(sort: sort_value_oldest_updated, filter: params[:filter]) do
-                  = sort_title_oldest_updated
-
-          = link_to 'New User', new_admin_user_path, class: "btn btn-new btn-sm"
-      %ul.well-list
-        - @users.each do |user|
+.admin-filter
+  %ul.nav-links
+    %li{class: "#{'active' unless params[:filter]}"}
+      = link_to admin_users_path do
+        Active
+        %small.badge= number_with_delimiter(User.active.count)
+    %li{class: "#{'active' if params[:filter] == "admins"}"}
+      = link_to admin_users_path(filter: "admins") do
+        Admins
+        %small.badge= number_with_delimiter(User.admins.count)
+    %li.filter-two-factor-enabled{class: "#{'active' if params[:filter] == 'two_factor_enabled'}"}
+      = link_to admin_users_path(filter: 'two_factor_enabled') do
+        2FA Enabled
+        %small.badge= number_with_delimiter(User.with_two_factor.count)
+    %li.filter-two-factor-disabled{class: "#{'active' if params[:filter] == 'two_factor_disabled'}"}
+      = link_to admin_users_path(filter: 'two_factor_disabled') do
+        2FA Disabled
+        %small.badge= number_with_delimiter(User.without_two_factor.count)
+    %li{class: "#{'active' if params[:filter] == "blocked"}"}
+      = link_to admin_users_path(filter: "blocked") do
+        Blocked
+        %small.badge= number_with_delimiter(User.blocked.count)
+    %li{class: "#{'active' if params[:filter] == "wop"}"}
+      = link_to admin_users_path(filter: "wop") do
+        Without projects
+        %small.badge= number_with_delimiter(User.without_projects.count)
+  .gray-content-block.second-block
+    .pull-right
+      .dropdown.inline
+        %a.dropdown-toggle.btn{href: '#', "data-toggle" => "dropdown"}
+          %span.light sort:
+          - if @sort.present?
+            = sort_options_hash[@sort]
+          - else
+            = sort_title_name
+          %b.caret
+        %ul.dropdown-menu
           %li
-            .list-item-name
-              - if user.blocked?
-                %i.fa.fa-lock.cred
+            = link_to admin_users_path(sort: sort_value_name, filter: params[:filter]) do
+              = sort_title_name
+            = link_to admin_users_path(sort: sort_value_recently_signin, filter: params[:filter]) do
+              = sort_title_recently_signin
+            = link_to admin_users_path(sort: sort_value_oldest_signin, filter: params[:filter]) do
+              = sort_title_oldest_signin
+            = link_to admin_users_path(sort: sort_value_recently_created, filter: params[:filter]) do
+              = sort_title_recently_created
+            = link_to admin_users_path(sort: sort_value_oldest_created, filter: params[:filter]) do
+              = sort_title_oldest_created
+            = link_to admin_users_path(sort: sort_value_recently_updated, filter: params[:filter]) do
+              = sort_title_recently_updated
+            = link_to admin_users_path(sort: sort_value_oldest_updated, filter: params[:filter]) do
+              = sort_title_oldest_updated
+
+      = link_to 'New User', new_admin_user_path, class: "btn btn-new"
+    = form_tag admin_users_path, method: :get, class: 'form-inline' do
+      .form-group
+        = search_field_tag :name, params[:name], placeholder: 'Name, email or username', class: 'form-control', spellcheck: false
+        = hidden_field_tag "filter", params[:filter]
+      = button_tag class: 'btn btn-primary' do
+        %i.fa.fa-search
+
+
+.panel.panel-default
+  %ul.well-list
+    - @users.each do |user|
+      %li
+        .list-item-name
+          - if user.blocked?
+            %i.fa.fa-lock.cred
+          - else
+            %i.fa.fa-user.cgreen
+          = link_to user.name, [:admin, user]
+          - if user.admin?
+            %strong.cred (Admin)
+          - if user == current_user
+            %span.cred It's you!
+        .pull-right
+          %span.light
+            %i.fa.fa-envelope
+            = mail_to user.email, user.email, class: 'light'
+           
+          .pull-right
+            = link_to 'Edit', edit_admin_user_path(user), id: "edit_#{dom_id(user)}", class: 'btn-grouped btn btn-xs'
+            - unless user == current_user
+              - if user.ldap_blocked?
+                = link_to '#', title: 'Cannot unblock LDAP blocked users', data: {toggle: 'tooltip'}, class: 'btn-grouped btn btn-xs btn-success disabled' do
+                  %i.fa.fa-lock
+                  Unblock
+              - elsif user.blocked?
+                = link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: 'btn-grouped btn btn-xs btn-success'
               - else
-                %i.fa.fa-user.cgreen
-              = link_to user.name, [:admin, user]
-              - if user.admin?
-                %strong.cred (Admin)
-              - if user == current_user
-                %span.cred It's you!
-            .pull-right
-              %span.light
-                %i.fa.fa-envelope
-                = mail_to user.email, user.email, class: 'light'
-               
-              = link_to 'Edit', edit_admin_user_path(user), id: "edit_#{dom_id(user)}", class: "btn btn-xs"
-              - unless user == current_user
-                - if user.blocked?
-                  = link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success"
-                - else
-                  = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning"
-                - if user.access_locked?
-                  = link_to 'Unlock', unlock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success", data: { confirm: 'Are you sure?' }
-                - if user.can_be_removed?
-                  = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All issues, merge requests and groups linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove"
-    = paginate @users, theme: "gitlab"
+                = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: 'btn-grouped btn btn-xs btn-warning'
+              - if user.access_locked?
+                = link_to 'Unlock', unlock_admin_user_path(user), method: :put, class: 'btn-grouped btn btn-xs btn-success', data: { confirm: 'Are you sure?' }
+              - if user.can_be_removed?
+                = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All issues, merge requests and groups linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: 'btn-grouped btn btn-xs btn-remove'
+= paginate @users, theme: "gitlab"

app/views/dashboard/_activities.html.haml

 .hidden-xs
   = render "events/event_last_push", event: @last_push
-.gray-content-block
+.nav-block
   - if current_user
-    .pull-right
+    .controls
       = link_to dashboard_projects_path(:atom, { private_token: current_user.private_token }), class: 'btn rss-btn' do
         %i.fa.fa-rss
   = render 'shared/event_filter'

app/views/dashboard/_activity_head.html.haml

-%ul.center-top-menu
+%ul.nav-links
   %li{ class: ("active" unless params[:filter]) }
     = link_to activity_dashboard_path, class: 'shortcuts-activity', data: {placement: 'right'} do
       Your Projects

app/views/dashboard/_groups_head.html.haml

-%ul.center-top-menu
+%ul.nav-links
   = nav_link(page: dashboard_groups_path) do
     = link_to dashboard_groups_path, title: 'Your groups', data: {placement: 'right'} do
       Your Groups