Add latest changes from gitlab-org/gitlab@master

a8de96bf · GitLab Bot · afe2b984 · a8de96bf · a8de96bf · a8de96bf
Commit a8de96bf authored 5 years ago by GitLab Bot
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -254,4 +254,4 @@ danger-review:
    - git version
    - node --version
    - yarn install --frozen-lockfile --cache-folder .yarn-cache --prefer-offline
-    - danger --fail-on-errors=true --new-comment --remove-previous-comments --verbose
+    - danger --fail-on-errors=true --verbose
--- a/.gitlab/merge_request_templates/Security Release.md
+++ b/.gitlab/merge_request_templates/Security Release.md
@@ -12,7 +12,7 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
  
 ## Developer checklist
  
- [ ] **Make sure this merge request mentions the [GitLab Security] issue it belongs to (i.e. `Related to <issue_id>`).**
+- [ ] **On "Related issues" section, write down the [GitLab Security] issue it belongs to (i.e. `Related to <issue_id>`).**
 - [ ] Merge request targets `master`, or `X-Y-stable` for backports.
 - [ ] Milestone is set for the version this merge request applies to. A closed milestone can be assigned via [quick actions].
 - [ ] Title of this merge request is the same as for all backports.

--- a/app/assets/javascripts/blob/components/blob_edit_header.vue
+++ b/app/assets/javascripts/blob/components/blob_edit_header.vue
+<script>
+import { GlFormInput } from '@gitlab/ui';
+
+export default {
+  components: {
+    GlFormInput,
+  },
+  props: {
+    value: {
+      type: String,
+      required: true,
+    },
+  },
+  data() {
+    return {
+      name: this.value,
+    };
+  },
+};
+</script>
+<template>
+  <div class="js-file-title file-title-flex-parent">
+    <gl-form-input
+      id="snippet_file_name"
+      v-model="name"
+      :placeholder="
+        s__('Snippets|Give your file a name to add code highlighting, e.g. example.rb for Ruby')
+      "
+      name="snippet_file_name"
+      class="form-control js-snippet-file-name qa-snippet-file-name"
+      type="text"
+      @change="$emit('input', name)"
+    />
+  </div>
+</template>
--- a/app/assets/javascripts/sidebar/components/lock/lock_issue_sidebar.vue
+++ b/app/assets/javascripts/sidebar/components/lock/lock_issue_sidebar.vue
@@ -63,7 +63,9 @@ export default {
  
  methods: {
    toggleForm() {
-      this.mediator.store.isLockDialogOpen = !this.mediator.store.isLockDialogOpen;
+      if (this.isEditable) {
+        this.mediator.store.isLockDialogOpen = !this.mediator.store.isLockDialogOpen;
+      }
    },
    updateLockedAttribute(locked) {
      this.mediator.service

--- a/app/assets/javascripts/sidebar/queries/sidebarDetails.query.graphql
+++ b/app/assets/javascripts/sidebar/queries/sidebarDetails.query.graphql
+query ($fullPath: ID!, $iid: String!) {
+  project (fullPath: $fullPath) {
+    issue (iid: $iid) {
+      iid
+    }
+  }
+}
--- a/app/assets/javascripts/sidebar/queries/sidebarDetailsForHealthStatusFeatureFlag.query.graphql
+++ b/app/assets/javascripts/sidebar/queries/sidebarDetailsForHealthStatusFeatureFlag.query.graphql
+query ($fullPath: ID!, $iid: String!) {
+  project (fullPath: $fullPath) {
+    issue (iid: $iid) {
+      iid
+    }
+  }
+}
--- a/app/assets/javascripts/sidebar/services/sidebar_service.js
+++ b/app/assets/javascripts/sidebar/services/sidebar_service.js
 import axios from '~/lib/utils/axios_utils';
+import createGqClient, { fetchPolicies } from '~/lib/graphql';
+import sidebarDetailsQuery from 'ee_else_ce/sidebar/queries/sidebarDetails.query.graphql';
+import sidebarDetailsForHealthStatusFeatureFlagQuery from 'ee_else_ce/sidebar/queries/sidebarDetailsForHealthStatusFeatureFlag.query.graphql';
+
+export const gqClient = createGqClient(
+  {},
+  {
+    fetchPolicy: fetchPolicies.NO_CACHE,
+  },
+);
  
 export default class SidebarService {
  constructor(endpointMap) {
@@ -7,6 +17,8 @@ export default class SidebarService {
      this.toggleSubscriptionEndpoint = endpointMap.toggleSubscriptionEndpoint;
      this.moveIssueEndpoint = endpointMap.moveIssueEndpoint;
      this.projectsAutocompleteEndpoint = endpointMap.projectsAutocompleteEndpoint;
+      this.fullPath = endpointMap.fullPath;
+      this.id = endpointMap.id;
  
      SidebarService.singleton = this;
    }
@@ -15,7 +27,20 @@ export default class SidebarService {
  }
  
  get() {
-    return axios.get(this.endpoint);
+    const hasHealthStatusFeatureFlag = gon.features && gon.features.saveIssuableHealthStatus;
+
+    return Promise.all([
+      axios.get(this.endpoint),
+      gqClient.query({
+        query: hasHealthStatusFeatureFlag
+          ? sidebarDetailsForHealthStatusFeatureFlagQuery
+          : sidebarDetailsQuery,
+        variables: {
+          fullPath: this.fullPath,
+          iid: this.id.toString(),
+        },
+      }),
+    ]);
  }
  
  update(key, data) {

--- a/app/assets/javascripts/sidebar/sidebar_mediator.js
+++ b/app/assets/javascripts/sidebar/sidebar_mediator.js
@@ -19,6 +19,8 @@ export default class SidebarMediator {
      toggleSubscriptionEndpoint: options.toggleSubscriptionEndpoint,
      moveIssueEndpoint: options.moveIssueEndpoint,
      projectsAutocompleteEndpoint: options.projectsAutocompleteEndpoint,
+      fullPath: options.fullPath,
+      id: options.id,
    });
    SidebarMediator.singleton = this;
  }
@@ -45,8 +47,8 @@ export default class SidebarMediator {
  fetch() {
    return this.service
      .get()
-      .then(({ data }) => {
-        this.processFetchedData(data);
+      .then(([restResponse, graphQlResponse]) => {
+        this.processFetchedData(restResponse.data, graphQlResponse.data);
      })
      .catch(() => new Flash(__('Error occurred when fetching sidebar data')));
  }

--- a/app/assets/javascripts/snippet/snippet_bundle.js
+++ b/app/assets/javascripts/snippet/snippet_bundle.js
@@ -17,7 +17,7 @@ const initAce = () => {
 const initMonaco = () => {
  const editorEl = document.getElementById('editor');
  const contentEl = document.querySelector('.snippet-file-content');
-  const fileNameEl = document.querySelector('.snippet-file-name');
+  const fileNameEl = document.querySelector('.js-snippet-file-name');
  const form = document.querySelector('.snippet-form-holder form');
  
  editor = new Editor();

--- a/app/assets/stylesheets/utilities.scss
+++ b/app/assets/stylesheets/utilities.scss
@@ -77,3 +77,5 @@
 .gl-text-red-700 { @include gl-text-red-700; }
 .gl-text-orange-700 { @include gl-text-orange-700; }
 .gl-text-green-700 { @include gl-text-green-700; }
+
+.gl-align-items-center { @include gl-align-items-center; }
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -44,6 +44,7 @@ class Projects::IssuesController < Projects::ApplicationController
  
  before_action do
    push_frontend_feature_flag(:vue_issuable_sidebar, project.group)
+    push_frontend_feature_flag(:save_issuable_health_status, project.group)
  end
  
  around_action :allow_gitaly_ref_name_caching, only: [:discussions]

--- a/app/helpers/analytics_navbar_helper.rb
+++ b/app/helpers/analytics_navbar_helper.rb
@@ -35,7 +35,7 @@ module AnalyticsNavbarHelper
    return unless project_nav_tab?(:cycle_analytics)
  
    navbar_sub_item(
-      title: _('Value Stream Analytics'),
+      title: _('Value Stream'),
      path: 'cycle_analytics#show',
      link: project_cycle_analytics_path(project),
      link_to_options: { class: 'shortcuts-project-cycle-analytics' }
@@ -47,7 +47,7 @@ module AnalyticsNavbarHelper
    return if project.empty_repo?
  
    navbar_sub_item(
-      title: _('Repository Analytics'),
+      title: _('Repository'),
      path: 'graphs#charts',
      link: charts_project_graph_path(project, current_ref),
      link_to_options: { class: 'shortcuts-repository-charts' }
@@ -60,7 +60,7 @@ module AnalyticsNavbarHelper
    return unless project.feature_available?(:builds, current_user) || !project.empty_repo?
  
    navbar_sub_item(
-      title: _('CI / CD Analytics'),
+      title: _('CI / CD'),
      path: 'pipelines#charts',
      link: charts_project_pipelines_path(project)
    )

--- a/app/helpers/issuables_helper.rb
+++ b/app/helpers/issuables_helper.rb
@@ -463,6 +463,7 @@ module IssuablesHelper
      currentUser: issuable[:current_user],
      rootPath: root_path,
      fullPath: issuable[:project_full_path],
+      id: issuable[:id],
      timeTrackingLimitToHours: Gitlab::CurrentSettings.time_tracking_limit_to_hours
    }
  end

--- a/app/models/broadcast_message.rb
+++ b/app/models/broadcast_message.rb
@@ -52,7 +52,9 @@ class BroadcastMessage < ApplicationRecord
    end
  
    def cache
-      Gitlab::JsonCache.new(cache_key_with_version: false)
+      ::Gitlab::SafeRequestStore.fetch(:broadcast_message_json_cache) do
+        Gitlab::JsonCache.new(cache_key_with_version: false)
+      end
    end
  
    def cache_expires_in
@@ -68,9 +70,9 @@ class BroadcastMessage < ApplicationRecord
  
      now_or_future = messages.select(&:now_or_future?)
  
-      # If there are cached entries but none are to be displayed we'll purge the
-      # cache so we don't keep running this code all the time.
-      cache.expire(cache_key) if now_or_future.empty?
+      # If there are cached entries but they don't match the ones we are
+      # displaying we'll refresh the cache so we don't need to keep filtering.
+      cache.expire(cache_key) if now_or_future != messages
  
      now_or_future.select(&:now?).select { |message| message.matches_current_path(current_path) }
    end

--- a/app/models/internal_id.rb
+++ b/app/models/internal_id.rb
@@ -21,7 +21,7 @@ class InternalId < ApplicationRecord
  belongs_to :project
  belongs_to :namespace
  
-  enum usage: { issues: 0, merge_requests: 1, deployments: 2, milestones: 3, epics: 4, ci_pipelines: 5, operations_feature_flags: 6 }
+  enum usage: ::InternalIdEnums.usage_resources
  
  validates :usage, presence: true
  

--- a/app/models/internal_id_enums.rb
+++ b/app/models/internal_id_enums.rb
+# frozen_string_literal: true
+
+module InternalIdEnums
+  def self.usage_resources
+    # when adding new resource, make sure it doesn't conflict with EE usage_resources
+    { issues: 0, merge_requests: 1, deployments: 2, milestones: 3, epics: 4, ci_pipelines: 5, operations_feature_flags: 6 }
+  end
+end
+
+InternalIdEnums.prepend_if_ee('EE::InternalIdEnums')
--- a/app/services/groups/import_export/export_service.rb
+++ b/app/services/groups/import_export/export_service.rb
@@ -11,11 +11,7 @@ module Groups
      end
  
      def execute
-        unless @current_user.can?(:admin_group, @group)
-          raise ::Gitlab::ImportExport::Error.new(
-            "User with ID: %s does not have permission to Group %s with ID: %s." %
-              [@current_user.id, @group.name, @group.id])
-        end
+        validate_user_permissions
  
        save!
      ensure
@@ -26,6 +22,14 @@ module Groups
  
      attr_accessor :shared
  
+      def validate_user_permissions
+        unless @current_user.can?(:admin_group, @group)
+          @shared.error(::Gitlab::ImportExport::Error.permission_error(@current_user, @group))
+
+          notify_error!
+        end
+      end
+
      def save!
        if savers.all?(&:save)
          notify_success

--- a/app/services/groups/import_export/import_service.rb
+++ b/app/services/groups/import_export/import_service.rb
@@ -12,15 +12,14 @@ module Groups
      end
  
      def execute
-        validate_user_permissions
+        if valid_user_permissions? && import_file && restorer.restore
+          notify_success
  
-        if import_file && restorer.restore
          @group
        else
-          raise StandardError.new(@shared.errors.to_sentence)
+          notify_error!
        end
-      rescue => e
-        raise StandardError.new(e.message)
+
      ensure
        remove_import_file
      end
@@ -49,13 +48,37 @@ module Groups
        upload.save!
      end
  
-      def validate_user_permissions
-        unless current_user.can?(:admin_group, group)
-          raise ::Gitlab::ImportExport::Error.new(
-            "User with ID: %s does not have permission to Group %s with ID: %s." %
-              [current_user.id, group.name, group.id])
+      def valid_user_permissions?
+        if current_user.can?(:admin_group, group)
+          true
+        else
+          @shared.error(::Gitlab::ImportExport::Error.permission_error(current_user, group))
+
+          false
        end
      end
+
+      def notify_success
+        @shared.logger.info(
+          group_id:   @group.id,
+          group_name: @group.name,
+          message:    'Group Import/Export: Import succeeded'
+        )
+      end
+
+      def notify_error
+        @shared.logger.error(
+          group_id:   @group.id,
+          group_name: @group.name,
+          message:    "Group Import/Export: Errors occurred, see '#{Gitlab::ErrorTracking::Logger.file_name}' for details"
+        )
+      end
+
+      def notify_error!
+        notify_error
+
+        raise Gitlab::ImportExport::Error.new(@shared.errors.to_sentence)
+      end
    end
  end
 end
--- a/app/services/merge_requests/merge_to_ref_service.rb
+++ b/app/services/merge_requests/merge_to_ref_service.rb
@@ -60,7 +60,7 @@ module MergeRequests
  
    def commit
      repository.merge_to_ref(current_user, source, merge_request, target_ref, commit_message, first_parent_ref)
-    rescue Gitlab::Git::PreReceiveError => error
+    rescue Gitlab::Git::PreReceiveError, Gitlab::Git::CommandError => error
      raise MergeError, error.message
    end
  end

--- a/app/services/metrics/dashboard/clone_dashboard_service.rb
+++ b/app/services/metrics/dashboard/clone_dashboard_service.rb
@@ -24,7 +24,7 @@ module Metrics
  
      def execute
        catch(:error) do
-          throw(:error, error(_(%q(You can't commit to this project)), :forbidden)) unless push_authorized?
+          throw(:error, error(_(%q(You are not allowed to push into this branch. Create another branch or open a merge request.)), :forbidden)) unless push_authorized?
  
          result = ::Files::CreateService.new(project, current_user, dashboard_attrs).execute
          throw(:error, wrap_error(result)) unless result[:status] == :success