Commits · 5ee120f46740efac7b8a460d7a92e4da82f4fb0b · gpt / large_projects / gitlabhq1

Feb 18, 2020
- Add latest changes from gitlab-org/gitlab@master · 5ee120f4
  GitLab Bot authored 5 years ago
  
  5ee120f4
Feb 10, 2020
- Add latest changes from gitlab-org/gitlab@master · 696b3629
  GitLab Bot authored 5 years ago
  
  696b3629
Dec 11, 2019
- Add latest changes from gitlab-org/gitlab@master · b86f474b
  GitLab Bot authored 5 years ago
  
  b86f474b
Nov 17, 2019
- Add latest changes from gitlab-org/gitlab@master · 190e204d
  GitLab Bot authored 5 years ago
  
  190e204d
Oct 18, 2019
- Add latest changes from gitlab-org/gitlab@master · 4682f501
  GitLab Bot authored 5 years ago
  
  4682f501
Nov 29, 2018

Merge branch 'security-fix-uri-xss-applications' into 'master' · 5736d660

Cindy Pallares authored 6 years ago

[master] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols"

See merge request gitlab/gitlabhq!2572

Unverified

5736d660

Oct 29, 2018
- Resolve reflected XSS in Ouath authorize window · 5332995c
  James Lopez authored 6 years ago
  
  Unverified
  
  5332995c
Sep 23, 2018

Enable more frozen string in app/controllers/ · be42c050

gfyoung authored 6 years ago

Enables frozen string for the following:

* app/controllers/dashboard/**/*.rb
* app/controllers/explore/**/*.rb
* app/controllers/google_api/**/*.rb
* app/controllers/groups/**/*.rb
* app/controllers/import/**/*.rb
* app/controllers/instance_statistics/**/*.rb
* app/controllers/ldap/**/*.rb
* app/controllers/oauth/**/*.rb
* app/controllers/profiles/**/*.rb

Partially addresses #47424.

be42c050

Sep 20, 2018

Always allow user to revoke an authorized application · 98a319a4

Dmitriy Zaporozhets authored 6 years ago


Even if User OAuth applications setting is disabled in admin settings.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Unverified

98a319a4

Feb 22, 2018
- Port `read_cross_project` ability from EE · 148816cd
  Bob Van Landuyt authored 7 years ago
  
  148816cd
Feb 02, 2018
- use Gitlab::UserSettings directly as a singleton instead of including/extending it · eaada9d7
  Mario de la Ossa authored 7 years ago
  
  eaada9d7
Oct 31, 2017
- refactor code · 232bdd47
  James Lopez authored 7 years ago
  
  232bdd47
- fix spinach failure · 82c758c0
  James Lopez authored 7 years ago
  
  82c758c0
- add applications controller logic · 72b7b10d
  James Lopez authored 7 years ago
  
  72b7b10d
Sep 28, 2017
- refactor some controllers to make them EE friendly · 4a6ec7c9
  James Lopez authored 7 years ago
  
  4a6ec7c9
Dec 16, 2016

Implement minor changes from @dbalexandre 's review. · 4d6da770

Timothy Andrew authored 8 years ago

- Mainly whitespace changes.

- Require the migration adding the `scope` column to the
  `personal_access_tokens` table to have downtime, since API calls will
  fail if the new code is in place, but the migration hasn't run.

- Minor refactoring - load `@Scopes` in a `before_action`, since we're
  doing it in three different places.

4d6da770

Allow creating personal access tokens / OAuth applications with scopes. · 6c809dfa
Timothy Andrew authored 8 years ago

6c809dfa

Jun 08, 2016
- Fix endless redirections when accessing user OAuth applications when they are disabled · 3b50d96b
  Stan Hu authored 8 years ago
  
  Also hides the "Applications" nav button if OAuth applications are disabled by the admin. Closes #14770
  3b50d96b
Apr 14, 2016
- Include GonHelper separately and remove created_at in factory · e450892f
  Stan Hu authored 8 years ago
  
  e450892f
- Add spec for deletion of authorized OAuth2 application · c7e384aa
  Stan Hu authored 8 years ago
  
  Closes #14370 Move gon function into its own helper
  c7e384aa
Mar 13, 2016

Let `oauth/applications#index` handle the `profiles#applications` route · 8f21e2ae

Robert Speicher authored 8 years ago

Previously we were doing all of kinds of code gymnastics and flash abuse
in order to work with a Doorkeeper controller but have it _appear_ at
the `/profile/applications` path. Fortunately we can just tell Rails to
use a different controller to handle that route, and we get the best of
both worlds.

8f21e2ae

Mar 04, 2016
- Fixed Ruby style error · be390cff
  Phil Hughes authored 9 years ago
  
  be390cff
- Applications tab on profile settings · 33ba32e6
  Phil Hughes authored 9 years ago
  
  Closes #13855
  33ba32e6
Sep 09, 2015
- Move helpers back to original directory · 90c338a4
  Dmitriy Zaporozhets authored 9 years ago
  
  90c338a4
Aug 26, 2015
- Groundwork for merging CI into CE · 046b2831
  Douwe Maan authored 9 years ago
  
  046b2831
May 29, 2015
- Add option to disallow users from registering any application to use GitLab as an OAuth provider · 96d6fdc2
  Douwe Maan authored 9 years ago
  
  96d6fdc2
May 01, 2015
- Add helpers for header title and sidebar, and move setting those from controllers to layouts. · 92fd3cce
  Douwe Maan authored 9 years ago
  
  92fd3cce
Apr 30, 2015
- Add a page title to every page. · 26ad2509
  Douwe Maan authored 9 years ago
  
  26ad2509
Apr 20, 2015
- Fixed the Rails/ActionFilter cop · 5a4ebfb4
  Jeroen van Baarsen authored 9 years ago
  
  Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
  5a4ebfb4
Jan 17, 2015
- Application admin scaffold · 20028523
  Valery Sizov authored 10 years ago
  
  20028523
Dec 25, 2014

Fix tests and add message if no oauth apps · aadfb366
Dmitriy Zaporozhets authored 10 years ago
```
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
```
Unverified

aadfb366

Rework oauth2 feature · 592e3968

Dmitriy Zaporozhets authored 10 years ago


* improve UI
* add authorization
* add separate page for oauth applications

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Unverified

592e3968

Improve code style · 7fe8d41d
Dmitriy Zaporozhets authored 10 years ago
```
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
```
Unverified

7fe8d41d

Dec 24, 2014
- Doorkeeper integration · e41dadcb
  Valery Sizov authored 10 years ago
  
  e41dadcb

Admin message

Admin message