Previously submitting a DELETE request to an issuable URL would be
enough to destroy it, but this should require human confirmation.  We
now require that the `destroy_confirm` parameter is set to a truthy
value before this can complete.

In addition, we log a Sentry error if a deletion arrived without
confirmation.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62387

Fixes deprecation warning:

```
DEPRECATION WARNING: The success? predicate is deprecated and
will be removed in Rails 6.0.
Please use successful? as provided by Rack::Response::Helpers.
```

- Use set_pipeline_variables to filter for visible pipelines
- Mimic response of nonexistent pipeline if not found
- Provide set_pipeline_variables as a before_filter for other actions

Remove project from NotesFinder constructor

Add project parameter to specs

Also look for methods in private scope

Fix specs to match new NotesFinder constructor

This reverts merge request !29733

Add spec for concern IssuableActions

Add shared samples for discussions endpoint

Add schema validations for discussions

Fix rubocop style issue

Make target assignable

Use new possibility to provide target

Deployment_platform is relatively expensive and calling this after the
fact means that this may not be the cluster that was deployed to.

Correspondingly reduce the leeway given in the related N+1 spec

Peter Leitzen authored 5 years ago and Grzegorz Bizon committed 5 years ago

Prefer `json_response` where applicable.

As a workaround for https://gitlab.com/gitlab-org/gitlab-ce/issues/64116

In 12.2 we will remove this fallback.

Split into followup issue

We have an N+1 problem where N is environments.

MergeRequest#all_pipelines fetches Ci::Pipeline records from the source
project, so we should specifically check that project for permissions.
This was already happening for intra-project merge requests, but in the
event that the target and source projects both have private builds, we
should ensure that the project permissions are respected.

This eliminates many potential duplicate FindCommit RPCs for the same
ref, which often occurs in the RelativeLinkFilter#current_commit call.
On the GitLab 12.0 release post, for example, this would save close to
400 RPC calls.

Currently, merge options is updated on #execute method,
however, we should have #update interface to make it explicit.

We have one auto merge strategy today - Merge When Pipeline
Succeeds.

In order to add more strategies for Merge Train feature,
we abstract the architecture to be more extensible.

Removed arguments

Fix spec