Commits · a9e41961d75bf8b6438032070b03fe7e3ec27b52 · gpt / large_projects / gitlabhq1

Mar 28, 2018
- Remove some easy cases of 'path_to_repo' use · c43e18fc
  Jacob Vosmaer (GitLab) authored 6 years ago
  
  c43e18fc
Mar 05, 2018
- Make oauth provider login generic · 6d3cb7e2
  Horatiu Eugen Vlad authored 7 years ago and Douwe Maan committed 7 years ago
  
  6d3cb7e2
Feb 28, 2018
- Moved o_auth/saml/ldap modules under gitlab/auth · 1ad5df49
  Horatiu Eugen Vlad authored 7 years ago
  
  1ad5df49
Feb 25, 2018
- Respond 404 when repo does not exist · 4be20ba9
  Michael Kozono authored 7 years ago
  
  4be20ba9
Feb 22, 2018
- Fix repo existence check in GitAccessWiki · ea18e1bf
  Jacob Vosmaer (GitLab) authored 7 years ago and Robert Speicher committed 7 years ago
  
  ea18e1bf
Feb 07, 2018
- Use hashed storage in the specs · 6b0c6e69
  Nick Thomas authored 7 years ago
  
  Verified
  
  6b0c6e69
Feb 06, 2018
- Check ability ability before proceeding with project specific checks · 8b4280cb
  Tiago Botelho authored 7 years ago
  
  8b4280cb
- Abstracts ProjectMoved and ProjectCreated into a BaseProject · dc229c07
  Tiago Botelho authored 7 years ago
  
  dc229c07
- Add specs · bc78ae69
  Tiago Botelho authored 7 years ago
  
  bc78ae69
Dec 22, 2017
- Replace '.team << [user, role]' with 'add_role(user)' in specs · 27c95364
  blackst0ne authored 7 years ago
  
  27c95364
Dec 08, 2017
- Allow git pull/push on project redirects · 562fb460
  Mayra Cabrera authored 7 years ago and Douwe Maan committed 7 years ago
  
  562fb460
Nov 23, 2017
- Allow password authentication to be disabled entirely · 257fd571
  Markus Koller authored 7 years ago and Douwe Maan committed 7 years ago
  
  257fd571
Oct 20, 2017
- Refactor `have_http_status` into `have_gitlab_http_status` in the specs · 2f40dac3
  Jacopo authored 7 years ago
  
  2f40dac3
Aug 02, 2017
- Change all `:empty_project` to `:project` · 72a7b30c
  Robert Speicher authored 7 years ago
  
  72a7b30c
Aug 01, 2017
- Rename more path_with_namespace -> full_path or disk_path · fb06a4d8
  Gabriel Mazetto authored 7 years ago
  
  fb06a4d8
Jul 27, 2017

Remove superfluous lib: true, type: redis, service: true, models: true,... · ddccd24c

Rémy Coutable authored 7 years ago

Remove superfluous lib: true, type: redis, service: true, models: true, services: true, no_db: true, api: true

Signed-off-by: Rémy Coutable <remy@rymai.me>

ddccd24c

Jul 13, 2017

Fixes needed when GitLab sign-in is not enabled · 672a68d3

Robin Bobbitt authored 7 years ago

When sign-in is disabled:
 - skip password expiration checks
 - prevent password reset requests
 - don’t show Password tab in User Settings
 - don’t allow login with username/password for Git over HTTP requests
 - render 404 on requests to Profiles::PasswordsController

672a68d3

Jul 11, 2017
- Support multiple Redis instances based on queue type · cb3b4a15
  Paul Charlton authored 7 years ago and Robert Speicher committed 7 years ago
  
  cb3b4a15
Jun 21, 2017
- Enable Style/DotPosition Rubocop · 0430b764
  Grzegorz Bizon authored 7 years ago
  
  0430b764
Jun 16, 2017
- Add specific test case · 32b3d09a
  Michael Kozono authored 7 years ago
  
  This test and its context exist only to ensure this behavior is fixed: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11259#note_29262426
  32b3d09a
- Add “Project moved” error to Git-over-HTTP · 8ef3bc5d
  Michael Kozono authored 7 years ago
  
  8ef3bc5d
Jun 14, 2017
- Correct RSpec/SingleLineHook cop offenses · a6ec5121
  Robert Speicher authored 7 years ago
  
  a6ec5121
Jun 08, 2017

Instruct user to use a personal access token for Git over HTTP · cb5a5eb8

Robin Bobbitt authored 7 years ago

If internal auth is disabled and LDAP is not configured on the instance,
present the user with a message to create a personal access token if his
Git over HTTP auth attempt fails.

cb5a5eb8

Jun 07, 2017
- Blob#load_all_data! doesn’t need an argument · dbffaaa9
  Douwe Maan authored 7 years ago
  
  dbffaaa9
Jun 05, 2017

Clarify error messages · e8972c11
Michael Kozono authored 7 years ago
```
And refactor to self-document a little better.
```
e8972c11
Move CI access logic into GitAccess · bad08fbe
Michael Kozono authored 7 years ago

bad08fbe

Fix Git over HTTP spec · ff8a053d

Michael Kozono authored 7 years ago

* The spec has 7 failures at this point
* Specify rendered error messages
* Render the GitAccess message rather than “Access denied”
* Render the Not Found message provided by GitAccess, instead of a custom one
* Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller
* Add more thorough testing for authentication
* Dried up a lot of tests
* Fixed some broken tests

ff8a053d

Apr 17, 2017
- Fix user activities HTTP clone spec · ae833a8b
  Sean McGivern authored 7 years ago
  
  ae833a8b
Apr 14, 2017
- Use a proper matcher · 9bb9cbfd
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  Verified
  
  9bb9cbfd
- Fix `last_activity_at` to `last_activity_on` · 41b71efd
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  41b71efd
- Fix git HTTP spec · 4b1e25fa
  Sean McGivern authored 7 years ago
  
  4b1e25fa
- Add user activity service and spec. Also added relevant - NOT offline - migration · 2951a854
  James Lopez authored 8 years ago
  
  It uses a user activity table instead of a column in users. Tested with mySQL and postgreSQL
  2951a854
Apr 13, 2017

Allow OAuth clients to push code · bee780e8

Timothy Andrew authored 7 years ago

- We currently support fetching code with username = 'oauth2' and
  password = <access_token>.
- Trying to _push_ code with the same credentials fails with an authentication
  error.
- There's no reason this shouldn't be enabled, especially since we allow the
  OAuth client to create deploy keys with push access:

  https://docs.gitlab.com/ce/api/deploy_keys.html#add-deploy-key

bee780e8

Mar 07, 2017

Don't allow blocked users to authenticate through other means · 93daeee1

Markus Koller authored 8 years ago

Gitlab::Auth.find_with_user_password is currently used in these places:

- resource_owner_from_credentials in config/initializers/doorkeeper.rb,
  which is used for the OAuth Resource Owner Password Credentials flow

- the /session API call in lib/api/session.rb, which is used to reveal
  the user's current authentication_token

In both cases users should only be authenticated if they're in the
active state.

93daeee1

Feb 23, 2017
- Revert "Prefer leading style for Style/DotPosition" · 1fe7501b
  Douwe Maan authored 8 years ago
  
  This reverts commit cb10b725c8929b8b4460f89c9d96c773af39ba6b.
  1fe7501b
- Prefer leading style for Style/DotPosition · 206953a4
  Douwe Maan authored 8 years ago
  
  206953a4
Feb 05, 2017
- Add traits for ProjectFeatures to Project factory · 3deb66ea
  Semyon Pupkov authored 8 years ago
  
  https://gitlab.com/gitlab-org/gitlab-ce/issues/24007
  3deb66ea
Jan 26, 2017
- Use `:empty_project` where possible in request specs · 9a31ecbe
  Robert Speicher authored 8 years ago
  
  9a31ecbe
Jan 25, 2017
- Fix access to the wiki code via HTTP when repository feature disabled · 232b4014
  Douglas Barbosa Alexandre authored 8 years ago
  
  232b4014
Dec 16, 2016

Validate access token scopes in `Gitlab::Auth` · 36b3210b

Timothy Andrew authored 8 years ago

- This module is used for git-over-http, as well as JWT.

- The only valid scope here is `api`, currently.

36b3210b

Admin message

Admin message