Add latest changes from gitlab-org/gitlab@master

5ad0cf26 · GitLab Bot · f47c768f · 5ad0cf26 · 5ad0cf26 · 5ad0cf26
Commit 5ad0cf26 authored 5 years ago by GitLab Bot
--- a/app/models/concerns/project_features_compatibility.rb
+++ b/app/models/concerns/project_features_compatibility.rb
@@ -62,6 +62,10 @@ module ProjectFeaturesCompatibility
    write_feature_attribute_string(:snippets_access_level, value)
  end
  
+  def pages_access_level=(value)
+    write_feature_attribute_string(:pages_access_level, value)
+  end
+
  private
  
  def write_feature_attribute_boolean(field, value)

--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -145,10 +145,8 @@ class Event < ApplicationRecord
      Ability.allowed?(user, :read_issue, note? ? note_target : target)
    elsif merge_request? || merge_request_note?
      Ability.allowed?(user, :read_merge_request, note? ? note_target : target)
-    elsif personal_snippet_note?
-      Ability.allowed?(user, :read_personal_snippet, note_target)
-    elsif project_snippet_note?
-      Ability.allowed?(user, :read_project_snippet, note_target)
+    elsif personal_snippet_note? || project_snippet_note?
+      Ability.allowed?(user, :read_snippet, note_target)
    elsif milestone?
      Ability.allowed?(user, :read_milestone, project)
    else

--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -367,7 +367,7 @@ class Note < ApplicationRecord
  end
  
  def noteable_ability_name
-    for_snippet? ? noteable.class.name.underscore : noteable_type.demodulize.underscore
+    for_snippet? ? 'snippet' : noteable_type.demodulize.underscore
  end
  
  def can_be_discussion_note?

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -322,7 +322,7 @@ class Project < ApplicationRecord
    :pages_enabled?, :public_pages?, :private_pages?,
    :merge_requests_access_level, :forking_access_level, :issues_access_level,
    :wiki_access_level, :snippets_access_level, :builds_access_level,
-    :repository_access_level,
+    :repository_access_level, :pages_access_level,
    to: :project_feature, allow_nil: true
  delegate :scheduled?, :started?, :in_progress?, :failed?, :finished?,
    prefix: :import, to: :import_state, allow_nil: true
@@ -2274,7 +2274,7 @@ class Project < ApplicationRecord
  end
  
  def snippets_visible?(user = nil)
-    Ability.allowed?(user, :read_project_snippet, self)
+    Ability.allowed?(user, :read_snippet, self)
  end
  
  def max_attachment_size

--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -215,9 +215,7 @@ class Snippet < ApplicationRecord
  end
  
  def embeddable?
-    ability = project_id? ? :read_project_snippet : :read_personal_snippet
-
-    Ability.allowed?(nil, ability, self)
+    Ability.allowed?(nil, :read_snippet, self)
  end
  
  def notes_with_associations
@@ -240,7 +238,7 @@ class Snippet < ApplicationRecord
  end
  
  def to_ability_name
-    model_name.singular
+    'snippet'
  end
  
  def valid_secret_token?(token)

--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@@ -75,7 +75,7 @@ class GlobalPolicy < BasePolicy
  
  rule { ~anonymous }.policy do
    enable :read_instance_metadata
-    enable :create_personal_snippet
+    enable :create_snippet
  end
  
  rule { admin }.policy do
@@ -83,7 +83,7 @@ class GlobalPolicy < BasePolicy
    enable :update_custom_attribute
  end
  
-  rule { external_user }.prevent :create_personal_snippet
+  rule { external_user }.prevent :create_snippet
 end
  
 GlobalPolicy.prepend_if_ee('EE::GlobalPolicy')
--- a/app/policies/personal_snippet_policy.rb
+++ b/app/policies/personal_snippet_policy.rb
@@ -6,19 +6,19 @@ class PersonalSnippetPolicy < BasePolicy
  condition(:internal_snippet, scope: :subject) { @subject.internal? }
  
  rule { public_snippet }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
    enable :create_note
  end
  
  rule { is_author | admin }.policy do
-    enable :read_personal_snippet
-    enable :update_personal_snippet
-    enable :admin_personal_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
    enable :create_note
  end
  
  rule { internal_snippet & ~external_user }.policy do
-    enable :read_personal_snippet
+    enable :read_snippet
    enable :create_note
  end
  
@@ -26,8 +26,5 @@ class PersonalSnippetPolicy < BasePolicy
  
  rule { can?(:create_note) }.enable :award_emoji
  
-  rule { can?(:read_all_resources) }.enable :read_personal_snippet
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_personal_snippet) }.enable :read_snippet
+  rule { can?(:read_all_resources) }.enable :read_snippet
 end
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -9,7 +9,7 @@ class ProjectPolicy < BasePolicy
    merge_request
    label
    milestone
-    project_snippet
+    snippet
    wiki
    note
    pipeline
@@ -185,7 +185,7 @@ class ProjectPolicy < BasePolicy
    enable :read_issue
    enable :read_label
    enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
    enable :read_project_member
    enable :read_note
    enable :create_project
@@ -208,7 +208,7 @@ class ProjectPolicy < BasePolicy
    enable :download_code
    enable :read_statistics
    enable :download_wiki_code
-    enable :create_project_snippet
+    enable :create_snippet
    enable :update_issue
    enable :reopen_issue
    enable :admin_issue
@@ -286,8 +286,8 @@ class ProjectPolicy < BasePolicy
  rule { can?(:maintainer_access) }.policy do
    enable :admin_board
    enable :push_to_delete_protected_branch
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :update_snippet
+    enable :admin_snippet
    enable :admin_project_member
    enable :admin_note
    enable :admin_wiki
@@ -352,7 +352,7 @@ class ProjectPolicy < BasePolicy
  end
  
  rule { snippets_disabled }.policy do
-    prevent(*create_read_update_admin_destroy(:project_snippet))
+    prevent(*create_read_update_admin_destroy(:snippet))
  end
  
  rule { wiki_disabled }.policy do
@@ -405,7 +405,7 @@ class ProjectPolicy < BasePolicy
    enable :read_wiki
    enable :read_label
    enable :read_milestone
-    enable :read_project_snippet
+    enable :read_snippet
    enable :read_project_member
    enable :read_merge_request
    enable :read_note

--- a/app/policies/project_snippet_policy.rb
+++ b/app/policies/project_snippet_policy.rb
@@ -14,44 +14,41 @@ class ProjectSnippetPolicy < BasePolicy
  # We have to check both project feature visibility and a snippet visibility and take the stricter one
  # This will be simplified - check https://gitlab.com/gitlab-org/gitlab-foss/issues/27573
  rule { ~can?(:read_project) }.policy do
-    prevent :read_project_snippet
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :read_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
  end
  
-  # we have to use this complicated prevent because the delegated project policy
-  # is overly greedy in allowing :read_project_snippet, since it doesn't have any
-  # information about the snippet. However, :read_project_snippet on the *project*
-  # is used to hide/show various snippet-related controls, so we can't just move
-  # all of the handling here.
+  # we have to use this complicated prevent because the delegated project
+  # policy is overly greedy in allowing :read_snippet, since it doesn't have
+  # any information about the snippet. However, :read_snippet on the *project*
+  # is used to hide/show various snippet-related controls, so we can't just
+  # move all of the handling here.
  rule do
    all?(private_snippet | (internal_snippet & external_user),
         ~project.guest,
         ~is_author,
         ~can?(:read_all_resources))
-  end.prevent :read_project_snippet
+  end.prevent :read_snippet
  
  rule { internal_snippet & ~is_author & ~admin }.policy do
-    prevent :update_project_snippet
-    prevent :admin_project_snippet
+    prevent :update_snippet
+    prevent :admin_snippet
  end
  
-  rule { public_snippet }.enable :read_project_snippet
+  rule { public_snippet }.enable :read_snippet
  
  rule { is_author & ~project.reporter & ~admin }.policy do
-    prevent :admin_project_snippet
+    prevent :admin_snippet
  end
  
  rule { is_author | admin }.policy do
-    enable :read_project_snippet
-    enable :update_project_snippet
-    enable :admin_project_snippet
+    enable :read_snippet
+    enable :update_snippet
+    enable :admin_snippet
  end
  
-  rule { ~can?(:read_project_snippet) }.prevent :create_note
-
-  # Aliasing the ability to ease GraphQL permissions check
-  rule { can?(:read_project_snippet) }.enable :read_snippet
+  rule { ~can?(:read_snippet) }.prevent :create_note
 end
  
 ProjectSnippetPolicy.prepend_if_ee('EE::ProjectSnippetPolicy')
--- a/app/services/snippets/destroy_service.rb
+++ b/app/services/snippets/destroy_service.rb
@@ -36,9 +36,7 @@ module Snippets
    attr_reader :snippet
  
    def user_can_delete_snippet?
-      return can?(current_user, :admin_project_snippet, snippet) if project
-
-      can?(current_user, :admin_personal_snippet, snippet)
+      can?(current_user, :admin_snippet, snippet)
    end
  
    def service_response_error(message, http_status)

--- a/app/views/admin/application_settings/_account_and_limit.html.haml
+++ b/app/views/admin/application_settings/_account_and_limit.html.haml
@@ -22,7 +22,7 @@
    .form-group
      = f.label :session_expire_delay, _('Session duration (minutes)'), class: 'label-light'
      = f.number_field :session_expire_delay, class: 'form-control'
-      %span.form-text.text-muted#session_expire_delay_help_block= _('GitLab restart is required to apply changes')
+      %span.form-text.text-muted#session_expire_delay_help_block= _('GitLab restart is required to apply changes.')
  
    = render_if_exists 'admin/application_settings/personal_access_token_expiration_policy', form: f
  

--- a/app/views/dashboard/_snippets_head.html.haml
+++ b/app/views/dashboard/_snippets_head.html.haml
@@ -3,7 +3,7 @@
  
  - if current_user && current_user.snippets.any? || @snippets.any?
    .page-title-controls
-      - if can?(current_user, :create_personal_snippet)
+      - if can?(current_user, :create_snippet)
        = link_to _("New snippet"), new_snippet_path, class: "btn btn-success", title: _("New snippet")
  
 .top-area

--- a/app/views/dashboard/snippets/index.html.haml
+++ b/app/views/dashboard/snippets/index.html.haml
 - @hide_top_links = true
 - page_title    "Snippets"
 - header_title  "Snippets", dashboard_snippets_path
- button_path = new_snippet_path if can?(current_user, :create_personal_snippet)
+- button_path = new_snippet_path if can?(current_user, :create_snippet)
  
 = render 'dashboard/snippets_head'
 - if current_user.snippets.exists?

--- a/app/views/explore/projects/page_out_of_bounds.html.haml
+++ b/app/views/explore/projects/page_out_of_bounds.html.haml
+- @hide_top_links = true
+- page_title    _("Projects")
+- header_title  _("Projects"), dashboard_projects_path
+
+= render_dashboard_gold_trial(current_user)
+
+- if current_user
+  = render 'dashboard/projects_head', project_tab_filter: :explore
+- else
+  = render 'explore/head'
+
+= render 'explore/projects/nav' unless Feature.enabled?(:project_list_filter_bar) && current_user
+
+.nothing-here-block
+  .svg-content
+    = image_tag 'illustrations/profile-page/personal-project.svg', size: '75'
+    .text-content
+      %h5= _("Maximum page reached")
+      %p= _("Sorry, you have exceeded the maximum browsable page number. Please use the API to explore further.")
+
+      = link_to _("Back to page %{number}") % { number: @max_page_number }, request.params.merge(page: @max_page_number), class: 'btn btn-inverted'
--- a/app/views/layouts/header/_new_dropdown.haml
+++ b/app/views/layouts/header/_new_dropdown.haml
@@ -21,7 +21,7 @@
      - if @project&.persisted?
        - create_project_issue = show_new_issue_link?(@project)
        - merge_project = merge_request_source_project_for_project(@project)
-        - create_project_snippet = can?(current_user, :create_project_snippet, @project)
+        - create_project_snippet = can?(current_user, :create_snippet, @project)
  
        - if create_project_issue || merge_project || create_project_snippet
          %li.dropdown-bold-header
@@ -38,5 +38,5 @@
        %li= link_to _('New project'), new_project_path, class: 'qa-global-new-project-link'
      - if current_user.can_create_group?
        %li= link_to _('New group'), new_group_path
-      - if current_user.can?(:create_personal_snippet)
+      - if current_user.can?(:create_snippet)
        %li= link_to _('New snippet'), new_snippet_path, class: 'qa-global-new-snippet-link'
--- a/app/views/notify/note_project_snippet_email.html.haml
+++ b/app/views/notify/note_project_snippet_email.html.haml
-= render 'note_email'
--- a/app/views/notify/note_project_snippet_email.text.erb
+++ b/app/views/notify/note_project_snippet_email.text.erb
-<%= render 'note_email' %>
--- a/app/views/notify/note_personal_snippet_email.html.haml
+++ b/app/views/notify/note_personal_snippet_email.html.haml
--- a/app/views/notify/note_personal_snippet_email.text.erb
+++ b/app/views/notify/note_personal_snippet_email.text.erb
--- a/app/views/projects/buttons/_dropdown.html.haml
+++ b/app/views/projects/buttons/_dropdown.html.haml
 - can_create_issue = show_new_issue_link?(@project)
- can_create_project_snippet = can?(current_user, :create_project_snippet, @project)
+- can_create_project_snippet = can?(current_user, :create_snippet, @project)
 - can_push_code = can?(current_user, :push_code, @project)
 - create_mr_from_new_fork = can?(current_user, :fork_project, @project) && can?(current_user, :create_merge_request_in, @project)
 - merge_project = merge_request_source_project_for_project(@project)