to doc

In https://gitlab.com/gitlab-org/gitlab-ce/issues/66482, we see that a
project's `project_feature` association may be lazily loaded and hence
return `nil` if the entry is deleted if the `Project` is already loaded
in memory. To ensure we don't fail hard when this happens, assume all
features are disabled.

We can fix this issue by eager loading the `project_feature` in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32169, but we
shouldn't have to depend on that.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66482

- Adds UI to configure in group and project settings
- Removes notification configuration for users when
disabled at group or project level

The current approach requires catching exceptions to handle these errors
and callers are already handling model validations so it seems more
appropriate.  Also it seemed to convoluted to add this logic directly to
the model since the model needs to check too many possible associations
to determine whether or not there are more than one cluster since the
model doesn't know what it's being created on. Additionally we only
wanted to validate during create to avoid the risk of existing models
becoming invalid by many different edge cases.

Refactor code to allow multiple issue boards management for projects
in CE

Manoj M J authored 5 years ago and James Lopez committed 5 years ago

This commit adds
 - feature specs
  - to test the ability of a user with "developer" permission
    to delete tags in repositories.
 - documentation

This brings the API permissions in line with the UI permissions

Jan Provaznik authored 5 years ago and Thong Kuah committed 5 years ago

Adds `set_issue_updated_at` similar to `set_issue_created_at`
permission and cleans up the related permission check in issues
API.

updated several specs and factories to accomodate new permissions

This is step one of resolving
https://gitlab.com/gitlab-org/gitlab-ce/issues/56838.

Here is what changed:
- Revert the security fix from bdee9e84.
- Do not leak repository information (tag name, commit) to guests in API
responses.
- Do not include links to source code in API responses for users that do
not have download_code access.
- Show Releases in sidebar for guests.
- Do not display links to source code under Assets for users that do not
have download_code access.

GET ':id/releases/:tag_name' still do not allow guests to access
releases. This is to prevent guessing tag existence.

Imre (Admin) authored 5 years ago and Andreas Brandl committed 5 years ago

Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE

This reverts merge request !26823

Imre (Admin) authored 5 years ago and Andreas Brandl committed 5 years ago

Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE

The api will proxy requests to the environment's prometheus server.
The Prometheus::ProxyService class can be reused when we add support for
group prometheus servers.

As they do not have a permission to read git tag

Fixes #56864

The API get projects/:id/traffic/fetches allows user with write
access to the repository to get the number of clones for the
last 30 days.

Move remove_pages permission to maintainer
Fix before_action in pages controller to check `remove_pages`
permission
Add specs

Board list policies are also included

When the external wiki is enabled, the internal wiki link is replaced
by the external wiki url. But the internal wiki is still accessible.
In this change the external wiki will have its own tab in the sidebar
and only if the services are disabled the tab (and access rights)
will not be displayed.

When the external wiki is enabled, the internal wiki link is replaced
by the external wiki url. But the internal wiki is still accessible.
In this change the external wiki will have its own tab in the sidebar
and only if the services are disabled the tab (and access rights)
will not be displayed.

Load whole file in memory to simplify code

Also refactored cleanup view to use the same localized string

Process CSV uploads async using a worker then email results