Add latest changes from gitlab-org/gitlab@master

.gitlab/CODEOWNERS

+# When adding a group as a code owner, make sure to invite the group to the
+# project here: https://gitlab.com/gitlab-org/gitlab/-/project_members
+# As described in https://docs.gitlab.com/ee/user/project/code_owners.html
+
 # Backend Maintainers are the default for all ruby files
 *.rb @gitlab-org/maintainers/rails-backend
 *.rake @gitlab-org/maintainers/rails-backend
@@ -28,9 +32,13 @@ lib/gitlab/github_import/ @gitlab-org/maintainers/database
 /ee/app/models/project_alias.rb @patrickbajao
 /ee/lib/api/project_aliases.rb @patrickbajao
+# Quality owned files
+/qa/ @gl-quality
+
 # Engineering Productivity owned files
 /.gitlab-ci.yml @gl-quality/eng-prod
 /.gitlab/ci/ @gl-quality/eng-prod
+/.gitlab/CODEOWNERS @gl-quality/eng-prod
 Dangerfile @gl-quality/eng-prod
 /danger/ @gl-quality/eng-prod
 /lib/gitlab/danger/ @gl-quality/eng-prod

Gemfile.lock

@@ -1326,7 +1326,7 @@ DEPENDENCIES
   pry-rails (~> 0.3.9)
   rack (~> 2.0.7)
   rack-attack (~> 6.2.0)
-  rack-cors (~> 1.0.0)
+  rack-cors (~> 1.0.6)
   rack-oauth2 (~> 1.9.3)
   rack-proxy (~> 0.6.0)
   rack-timeout

app/controllers/application_controller.rb

@@ -37,6 +37,7 @@ class ApplicationController < ActionController::Base
   around_action :set_current_context
   around_action :set_locale
   around_action :set_session_storage
+  around_action :set_current_admin
   after_action :set_page_title_header, if: :json_request?
   after_action :limit_session_time, if: -> { !current_user }
@@ -473,6 +474,13 @@ class ApplicationController < ActionController::Base
     response.headers['Page-Title'] = URI.escape(page_title('GitLab'))
   end
+  def set_current_admin(&block)
+    return yield unless Feature.enabled?(:user_mode_in_session)
+    return yield unless current_user
+
+    Gitlab::Auth::CurrentUserMode.with_current_admin(current_user, &block)
+  end
+
   def html_request?
     request.format.html?
   end

app/controllers/concerns/cycle_analytics_params.rb

@@ -10,9 +10,9 @@ module CycleAnalyticsParams
   end
   def cycle_analytics_group_params
-    return {} unless params[:cycle_analytics].present?
-    params[:cycle_analytics].permit(:start_date, :created_after, :created_before, project_ids: [])
+    return {} unless params.present?
+    params.permit(:group_id, :start_date, :created_after, :created_before, project_ids: [])
   end
   def options(params)

app/services/merge_requests/migrate_external_diffs_service.rb

@@ -9,7 +9,10 @@ module MergeRequests
     def self.enqueue!
       ids = MergeRequestDiff.ids_for_external_storage_migration(limit: MAX_JOBS)
-      MigrateExternalDiffsWorker.bulk_perform_async(ids.map { |id| [id] }) # rubocop:disable Scalability/BulkPerformWithContext
+      # rubocop:disable Scalability/BulkPerformWithContext
+      # https://gitlab.com/gitlab-org/gitlab/issues/202100
+      MigrateExternalDiffsWorker.bulk_perform_async(ids.map { |id| [id] })
+      # rubocop:enable Scalability/BulkPerformWithContext
     end
     def initialize(merge_request_diff)

app/services/projects/operations/update_service.rb

@@ -30,6 +30,27 @@ module Projects
         settings = params[:error_tracking_setting_attributes]
         return {} if settings.blank?
+        if error_tracking_params_partial_updates?(settings)
+          error_tracking_params_for_partial_update(settings)
+        else
+          error_tracking_params_for_update(settings)
+        end
+      end
+
+      def error_tracking_params_partial_updates?(settings)
+        # Help from @splattael :bow:
+        # Make sure we're converting to symbols because
+        # * ActionController::Parameters#keys returns a list of strings
+        # * in specs we're using hashes with symbols as keys
+
+        settings.keys.map(&:to_sym) == %i[enabled]
+      end
+
+      def error_tracking_params_for_partial_update(settings)
+        { error_tracking_setting_attributes: settings }
+      end
+
+      def error_tracking_params_for_update(settings)
         api_url = ::ErrorTracking::ProjectErrorTrackingSetting.build_api_url_from(
           api_host: settings[:api_host],
           project_slug: settings.dig(:project, :slug),

app/workers/schedule_migrate_external_diffs_worker.rb

@@ -2,7 +2,12 @@
 class ScheduleMigrateExternalDiffsWorker
   include ApplicationWorker
-  include CronjobQueue # rubocop:disable Scalability/CronWorkerContext
+  # rubocop:disable Scalability/CronWorkerContext:
+  # This schedules the `MigrateExternalDiffsWorker`
+  # issue for adding context: https://gitlab.com/gitlab-org/gitlab/issues/202100
+  include CronjobQueue
+  # rubocop:enable Scalability/CronWorkerContext:
+
   include Gitlab::ExclusiveLeaseHelpers
   feature_category :source_code_management

changelogs/unreleased/28352-group-issues-api-searches-archived-projects.yml

+---
+title: Add non_archived param to issues API endpoint to filter issues from archived projects
+merge_request: 23785
+author:
+type: added

changelogs/unreleased/28352-group-merge-request-api-searches-archived-projects.yml

+---
+title: Add non_archived param to group merge requests API endpoint to filter MRs from non archived projects
+merge_request: 23809
+author:
+type: added

changelogs/unreleased/enable-disable-error-tracking-api.yml

+---
+title: Add API to enable and disable error tracking settings
+merge_request: 24220
+author: Rajendra Kadam
+type: added

changelogs/unreleased/refactor-admin-mode-in-sidekiq-jobs.yml

+---
+title: Admin mode support in sidekiq jobs
+merge_request: 24388
+author: Diego Louzán
+type: changed

doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md

@@ -941,7 +941,7 @@ projects.each do |p|
    container_repositories.each do |c|
        c.tags.each do |t|
-          project_total_size = project_total_size + t.total_size
+          project_total_size = project_total_size + t.total_size unless t.total_size.nil?
        end
    end

doc/api/error_tracking.md

@@ -30,3 +30,31 @@ Example response:
   "api_url": "https://sentry.io/api/0/projects/myawesomeproject/project"
 }
 ```
+
+### Enable or disable the Error Tracking project settings
+
+The API allows you to enable or disable the Error Tracking settings for a project. Only for project maintainers.
+
+```
+PATCH /projects/:id/error_tracking/settings
+```
+
+| Attribute | Type    | Required | Description           |
+| --------- | ------- | -------- | --------------------- |
+| `id`      | integer | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. |
+| `active`  | boolean | yes      | Pass `true` to enable the already configured error tracking settings or `false` to disable it. |
+
+```shell
+curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/error_tracking/settings?active=true
+```
+
+Example response:
+
+```json
+{
+  "active": true,
+  "project_name": "sample sentry project",
+  "sentry_external_url": "https://sentry.io/myawesomeproject/project",
+  "api_url": "https://sentry.io/api/0/projects/myawesomeproject/project"
+}
+```

doc/api/issues.md

@@ -222,6 +222,7 @@ GET /groups/:id/issues?confidential=true
 | `updated_before`    | datetime         | no         | Return issues updated on or before the given time                                                                             |
 | `confidential`     | Boolean          | no         | Filter confidential or public issues.                                                                                         |
 | `not`               | Hash             | no         | Return issues that do not match the parameters supplied. Accepts: `labels`, `milestone`, `author_id`, `author_username`, `assignee_id`, `assignee_username`, `my_reaction_emoji`, `search`, `in` |
+| `non_archived`      | Boolean          | no         | Return issues from non archived projects. Default is true. _(Introduced in [GitLab 12.8](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/23785))_ |
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/4/issues

doc/api/merge_requests.md

@@ -396,7 +396,8 @@ Parameters:
 | `my_reaction_emoji`             | string         | no       | Return merge requests reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced][ce-14016] in GitLab 10.0)_ |
 | `source_branch`                 | string         | no       | Return merge requests with the given source branch                                                                             |
 | `target_branch`                 | string         | no       | Return merge requests with the given target branch                                                                             |
-| `search`                        | string         | no       | Search merge requests against their `title` and `description`                                                                  |
+| `search`                        | string         | no       | Search merge requests against their `title` and `description` |
+| `non_archived`                  | Boolean        | no       | Return merge requests from non archived projects only. Default is true. _(Introduced in [GitLab 12.8](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/23809))_  |
 ```json
 [

doc/user/project/import/repo_by_url.md

@@ -9,7 +9,4 @@ You can import your existing repositories by providing the Git URL:
 1. Click **Create project** to begin the import process
 1. Once complete, you will be redirected to your newly created project
-NOTE: **Note:**
-If your password has special characters, you will need to enter them URL encoded, please see the [GitLab issue](https://gitlab.com/gitlab-org/gitlab/issues/29952) for more information.
-
 ![Import project by repo URL](img/import_projects_from_repo_url.png)

lib/api/error_tracking.rb

@@ -23,6 +23,34 @@ module API
         present setting, with: Entities::ErrorTracking::ProjectSetting
       end
+
+      desc 'Enable or disable error tracking settings for the project' do
+        detail 'This feature was introduced in GitLab 12.8.'
+        success Entities::ErrorTracking::ProjectSetting
+      end
+      params do
+        requires :active, type: Boolean, desc: 'Specifying whether to enable or disable error tracking settings', allow_blank: false
+      end
+
+      patch ':id/error_tracking/settings/' do
+        authorize! :admin_operations, user_project
+
+        setting = user_project.error_tracking_setting
+
+        not_found!('Error Tracking Setting') unless setting
+
+        update_params = {
+          error_tracking_setting_attributes: { enabled: params[:active] }
+        }
+
+        result = ::Projects::Operations::UpdateService.new(user_project, current_user, update_params).execute
+
+        if result[:status] == :success
+          present setting, with: Entities::ErrorTracking::ProjectSetting
+        else
+          result
+        end
+      end
     end
   end
 end

lib/api/issues.rb

@@ -120,6 +120,7 @@ module API
       end
       params do
         use :issues_params
+        optional :non_archived, type: Boolean, desc: 'Return issues from non archived projects', default: true
       end
       get ":id/issues" do
         issues = paginate(find_issues(group_id: user_group.id, include_subgroups: true))

lib/api/merge_requests.rb

@@ -141,6 +141,8 @@ module API
       end
       params do
         use :merge_requests_params
+        optional :non_archived, type: Boolean, desc: 'Return merge requests from non archived projects',
+        default: true
       end
       get ":id/merge_requests" do
         merge_requests = find_merge_requests(group_id: user_group.id, include_subgroups: true)

lib/gitlab/auth/current_user_mode.rb

@@ -10,12 +10,54 @@ module Gitlab
     class CurrentUserMode
       NotRequestedError = Class.new(StandardError)
+      # RequestStore entries
+      CURRENT_REQUEST_BYPASS_SESSION_ADMIN_ID_RS_KEY = { res: :current_user_mode, data: :bypass_session_admin_id }.freeze
+      CURRENT_REQUEST_ADMIN_MODE_USER_RS_KEY =         { res: :current_user_mode, data: :current_admin }.freeze
+
+      # SessionStore entries
       SESSION_STORE_KEY = :current_user_mode
-      ADMIN_MODE_START_TIME_KEY = 'admin_mode'
-      ADMIN_MODE_REQUESTED_TIME_KEY = 'admin_mode_requested'
+      ADMIN_MODE_START_TIME_KEY = :admin_mode
+      ADMIN_MODE_REQUESTED_TIME_KEY = :admin_mode_requested
       MAX_ADMIN_MODE_TIME = 6.hours
       ADMIN_MODE_REQUESTED_GRACE_PERIOD = 5.minutes
+      class << self
+        # Admin mode activation requires storing a flag in the user session. Using this
+        # method when scheduling jobs in Sidekiq will bypass the session check for a
+        # user that was already in admin mode
+        def bypass_session!(admin_id)
+          Gitlab::SafeRequestStore[CURRENT_REQUEST_BYPASS_SESSION_ADMIN_ID_RS_KEY] = admin_id
+
+          Gitlab::AppLogger.debug("Bypassing session in admin mode for: #{admin_id}")
+
+          yield
+        ensure
+          Gitlab::SafeRequestStore.delete(CURRENT_REQUEST_BYPASS_SESSION_ADMIN_ID_RS_KEY)
+        end
+
+        def bypass_session_admin_id
+          Gitlab::SafeRequestStore[CURRENT_REQUEST_BYPASS_SESSION_ADMIN_ID_RS_KEY]
+        end
+
+        # Store in the current request the provided user model (only if in admin mode)
+        # and yield
+        def with_current_admin(admin)
+          return yield unless self.new(admin).admin_mode?
+
+          Gitlab::SafeRequestStore[CURRENT_REQUEST_ADMIN_MODE_USER_RS_KEY] = admin
+
+          Gitlab::AppLogger.debug("Admin mode active for: #{admin.username}")
+
+          yield
+        ensure
+          Gitlab::SafeRequestStore.delete(CURRENT_REQUEST_ADMIN_MODE_USER_RS_KEY)
+        end
+
+        def current_admin
+          Gitlab::SafeRequestStore[CURRENT_REQUEST_ADMIN_MODE_USER_RS_KEY]
+        end
+      end
+
       def initialize(user)
         @user = user
       end
@@ -42,7 +84,7 @@ module Gitlab
         raise NotRequestedError unless admin_mode_requested?
-        reset_request_store
+        reset_request_store_cache_entries
         current_session_data[ADMIN_MODE_REQUESTED_TIME_KEY] = nil
         current_session_data[ADMIN_MODE_START_TIME_KEY] = Time.now
@@ -55,7 +97,7 @@ module Gitlab
       def disable_admin_mode!
         return unless user&.admin?
-        reset_request_store
+        reset_request_store_cache_entries
         current_session_data[ADMIN_MODE_REQUESTED_TIME_KEY] = nil
         current_session_data[ADMIN_MODE_START_TIME_KEY] = nil
@@ -64,7 +106,7 @@ module Gitlab
       def request_admin_mode!
         return unless user&.admin?
-        reset_request_store
+        reset_request_store_cache_entries
         current_session_data[ADMIN_MODE_REQUESTED_TIME_KEY] = Time.now
       end
@@ -73,10 +115,12 @@ module Gitlab
       attr_reader :user
+      # RequestStore entry to cache #admin_mode? result
       def admin_mode_rs_key
         @admin_mode_rs_key ||= { res: :current_user_mode, user: user.id, method: :admin_mode? }
       end
+      # RequestStore entry to cache #admin_mode_requested? result
       def admin_mode_requested_rs_key
         @admin_mode_requested_rs_key ||= { res: :current_user_mode, user: user.id, method: :admin_mode_requested? }
       end
@@ -86,6 +130,7 @@ module Gitlab
       end
       def any_session_with_admin_mode?
+        return true if bypass_session?
         return true if current_session_data.initiated? && current_session_data[ADMIN_MODE_START_TIME_KEY].to_i > MAX_ADMIN_MODE_TIME.ago.to_i
         all_sessions.any? do |session|
@@ -103,7 +148,11 @@ module Gitlab
         current_session_data[ADMIN_MODE_REQUESTED_TIME_KEY].to_i > ADMIN_MODE_REQUESTED_GRACE_PERIOD.ago.to_i
       end
-      def reset_request_store
+      def bypass_session?
+        user&.id && user.id == self.class.bypass_session_admin_id
+      end
+
+      def reset_request_store_cache_entries
         Gitlab::SafeRequestStore.delete(admin_mode_rs_key)
         Gitlab::SafeRequestStore.delete(admin_mode_requested_rs_key)
       end