Add latest changes from gitlab-org/gitlab@master

abfafe3c · GitLab Bot · ef326e80 · abfafe3c · abfafe3c · abfafe3c
Commit abfafe3c authored 5 years ago by GitLab Bot
--- a/app/controllers/projects/pages_domains_controller.rb
+++ b/app/controllers/projects/pages_domains_controller.rb
@@ -62,6 +62,14 @@ class Projects::PagesDomainsController < Projects::ApplicationController
    end
  end
  
+  def clean_certificate
+    unless @domain.update(user_provided_certificate: nil, user_provided_key: nil)
+      flash[:alert] = @domain.errors.full_messages.join(', ')
+    end
+
+    redirect_to edit_project_pages_domain_path(@project, @domain)
+  end
+
  private
  
  def create_params

--- a/app/models/clusters/instance.rb
+++ b/app/models/clusters/instance.rb
@@ -9,5 +9,9 @@ module Clusters
    def feature_available?(feature)
      ::Feature.enabled?(feature, default_enabled: true)
    end
+
+    def flipper_id
+      self.class.to_s
+    end
  end
 end
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -355,7 +355,7 @@ class IssuableBaseService < BaseService
    associations =
      {
        labels: issuable.labels.to_a,
-        mentioned_users: issuable.mentioned_users.to_a,
+        mentioned_users: issuable.mentioned_users(current_user).to_a,
        assignees: issuable.assignees.to_a
      }
    associations[:total_time_spent] = issuable.total_time_spent if issuable.respond_to?(:total_time_spent)

--- a/app/views/clusters/clusters/gcp/_form.html.haml
+++ b/app/views/clusters/clusters/gcp/_form.html.haml
@@ -64,12 +64,13 @@
      %p.form-text.text-muted
        = s_('ClusterIntegration|Learn more about %{help_link_start_machine_type}machine types%{help_link_end} and %{help_link_start_pricing}pricing%{help_link_end}.').html_safe % { help_link_start_machine_type: help_link_start % { url: machine_type_link_url }, help_link_start_pricing: help_link_start % { url: pricing_link_url }, help_link_end: help_link_end }
  
-    .form-group
-      = provider_gcp_field.check_box :cloud_run, { label: s_('ClusterIntegration|Enable Cloud Run on GKE (beta)'),
-        label_class: 'label-bold' }
-      .form-text.text-muted
-        = s_('ClusterIntegration|Uses the Cloud Run, Istio, and HTTP Load Balancing addons for this cluster.')
-        = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'cloud-run-on-gke'), target: '_blank'
+    - if Feature.enabled?(:create_cloud_run_clusters, clusterable)
+      .form-group
+        = provider_gcp_field.check_box :cloud_run, { label: s_('ClusterIntegration|Enable Cloud Run on GKE (beta)'),
+          label_class: 'label-bold' }
+        .form-text.text-muted
+          = s_('ClusterIntegration|Uses the Cloud Run, Istio, and HTTP Load Balancing addons for this cluster.')
+          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'cloud-run-on-gke'), target: '_blank'
  
  .form-group
    = field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),

--- a/changelogs/unreleased/33902-fix-private-group-todo-mentions.yml
+++ b/changelogs/unreleased/33902-fix-private-group-todo-mentions.yml
+---
+title: Do not generate To-Dos additional when editing group mentions
+merge_request: 19037
+author:
+type: fixed
--- a/changelogs/unreleased/sh-change-throttle-protected-paths-default.yml
+++ b/changelogs/unreleased/sh-change-throttle-protected-paths-default.yml
+---
+title: Disable protected path throttling by default
+merge_request: 19185
+author:
+type: fixed
--- a/config/initializers/0_inflections.rb
+++ b/config/initializers/0_inflections.rb
@@ -12,18 +12,19 @@
 ActiveSupport::Inflector.inflections do |inflect|
  inflect.uncountable %w(
    award_emoji
-    project_statistics
-    system_note_metadata
+    container_repository_registry
+    design_registry
    event_log
-    project_auto_devops
-    project_registry
    file_registry
+    group_view
    job_artifact_registry
-    container_repository_registry
-    design_registry
-    vulnerability_feedback
+    lfs_object_registry
+    project_auto_devops
+    project_registry
+    project_statistics
+    system_note_metadata
    vulnerabilities_feedback
-    group_view
+    vulnerability_feedback
  )
  inflect.acronym 'EE'
 end
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -222,6 +222,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
        resources :domains, except: :index, controller: 'pages_domains', constraints: { id: %r{[^/]+} } do
          member do
            post :verify
+            delete :clean_certificate
          end
        end
      end

--- a/db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb
+++ b/db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb
+# frozen_string_literal: true
+
+class ChangeDefaultValueOfThrottleProtectedPaths < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    change_column_default :application_settings, :throttle_protected_paths_enabled, false
+
+    # Because we already set the value to true in the previous
+    # migration, this feature was switched on inadvertently in GitLab
+    # 12.4. This migration toggles it back off to ensure we don't
+    # inadvertently block legitimate users. The admin will have to
+    # re-enable it in the application settings.
+    unless omnibus_protected_paths_present?
+      execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{false_value}"
+    end
+  end
+
+  def down
+    change_column_default :application_settings, :throttle_protected_paths_enabled, true
+
+    execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{true_value}"
+  end
+
+  private
+
+  def omnibus_protected_paths_present?
+    Rack::Attack.throttles.key?('protected paths')
+  rescue e
+    say "Error while checking if Omnibus protected paths were already enabled: #{e.message}"
+    say 'Continuing. Protected paths will remain enabled.'
+
+    # Return true so we don't take a risk
+    true
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
  
-ActiveRecord::Schema.define(version: 2019_10_17_180026) do
+ActiveRecord::Schema.define(version: 2019_10_26_041447) do
  
  # These are extensions that must be enabled in order to support this database
  enable_extension "pg_trgm"
@@ -331,7 +331,7 @@ ActiveRecord::Schema.define(version: 2019_10_17_180026) do
    t.string "encrypted_asset_proxy_secret_key_iv"
    t.string "static_objects_external_storage_url", limit: 255
    t.string "static_objects_external_storage_auth_token", limit: 255
-    t.boolean "throttle_protected_paths_enabled", default: true, null: false
+    t.boolean "throttle_protected_paths_enabled", default: false, null: false
    t.integer "throttle_protected_paths_requests_per_period", default: 10, null: false
    t.integer "throttle_protected_paths_period_in_seconds", default: 60, null: false
    t.string "protected_paths", limit: 255, default: ["/users/password", "/users/sign_in", "/api/v3/session.json", "/api/v3/session", "/api/v4/session.json", "/api/v4/session", "/users", "/users/confirmation", "/unsubscribes/", "/import/github/personal_access_token"], array: true

--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -417,9 +417,10 @@ GFM will recognize the following:
  
 > If this is not rendered correctly, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#task-lists).
  
-You can add task lists anywhere markdown is supported, but you can only "click" to
-toggle the boxes if they are in issues, merge requests, or comments. In other places
-you must edit the markdown manually to change the status by adding or removing the `x`.
+You can add task lists anywhere Markdown is supported, but you can only "click"
+to toggle the boxes if they are in issues, merge requests, or comments. In other
+places you must edit the Markdown manually to change the status by adding or
+removing an `x` within the square brackets.
  
 To create a task list, add a specially-formatted Markdown list. You can use either
 unordered or ordered lists:

--- a/doc/user/search/advanced_search_syntax.md
+++ b/doc/user/search/advanced_search_syntax.md
@@ -17,6 +17,8 @@ The Advanced Syntax Search is a subset of the
 [Advanced Global Search](advanced_global_search.md), which you can use if you
 want to have more specific search results.
  
+Advanced Global Search only supports searching the [default branch](../project/repository/branches/index.md#default-branch).
+
 ## Use cases
  
 Let's say for example that the product you develop relies on the code of another

--- a/spec/controllers/projects/pages_domains_controller_spec.rb
+++ b/spec/controllers/projects/pages_domains_controller_spec.rb
@@ -190,6 +190,56 @@ describe Projects::PagesDomainsController do
    end
  end
  
+  describe 'DELETE #clean_certificate' do
+    subject do
+      delete(:clean_certificate, params: request_params.merge(id: pages_domain.domain))
+    end
+
+    it 'redirects to edit page' do
+      subject
+
+      expect(response).to redirect_to(edit_project_pages_domain_path(project, pages_domain))
+    end
+
+    it 'removes certificate' do
+      expect do
+        subject
+      end.to change { pages_domain.reload.certificate }.to(nil)
+        .and change { pages_domain.reload.key }.to(nil)
+    end
+
+    it 'sets certificate source to user_provided' do
+      pages_domain.update!(certificate_source: :gitlab_provided)
+
+      expect do
+        subject
+      end.to change { pages_domain.reload.certificate_source }.from("gitlab_provided").to("user_provided")
+    end
+
+    context 'when pages_https_only is set' do
+      before do
+        project.update!(pages_https_only: true)
+        stub_pages_setting(external_https: '127.0.0.1')
+      end
+
+      it 'does not remove certificate' do
+        subject
+
+        pages_domain.reload
+        expect(pages_domain.certificate).to be_present
+        expect(pages_domain.key).to be_present
+      end
+
+      it 'redirects to edit page with a flash message' do
+        subject
+
+        expect(flash[:alert]).to include('Certificate')
+        expect(flash[:alert]).to include('Key')
+        expect(response).to redirect_to(edit_project_pages_domain_path(project, pages_domain))
+      end
+    end
+  end
+
  context 'pages disabled' do
    before do
      allow(Gitlab.config.pages).to receive(:enabled).and_return(false)

--- a/spec/requests/api/access_requests_spec.rb
+++ b/spec/requests/api/access_requests_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::AccessRequests do

--- a/spec/requests/api/applications_spec.rb
+++ b/spec/requests/api/applications_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::Applications, :api do

--- a/spec/requests/api/avatar_spec.rb
+++ b/spec/requests/api/avatar_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::Avatar do

--- a/spec/requests/api/award_emoji_spec.rb
+++ b/spec/requests/api/award_emoji_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::AwardEmoji do

--- a/spec/requests/api/badges_spec.rb
+++ b/spec/requests/api/badges_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::Badges do

--- a/spec/requests/api/boards_spec.rb
+++ b/spec/requests/api/boards_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::Boards do

--- a/spec/requests/api/branches_spec.rb
+++ b/spec/requests/api/branches_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'
  
 describe API::Branches do