- Sep 13, 2019
-
-
GitLab Bot authored
-
- Sep 23, 2018
-
-
gfyoung authored
Enables frozen string for the following: * app/controllers/dashboard/**/*.rb * app/controllers/explore/**/*.rb * app/controllers/google_api/**/*.rb * app/controllers/groups/**/*.rb * app/controllers/import/**/*.rb * app/controllers/instance_statistics/**/*.rb * app/controllers/ldap/**/*.rb * app/controllers/oauth/**/*.rb * app/controllers/profiles/**/*.rb Partially addresses #47424.
-
- Apr 28, 2018
-
-
blackst0ne authoredThis commits replaces `params` with `safe_params` in `url_for` helpers to resolve security issues [1] and failing specs with the ``` ArgumentError: Attempting to generate a URL from non-sanitized request parameters! An attacker can inject malicious data into the generated URL, such as changing the host. Whitelist and sanitize passed parameters to be secure. ``` error. [1]: https://gitlab.com/gitlab-org/gitlab-ce/issues/45168
-
- Feb 27, 2018
-
-
Sean McGivern authored
Previously, these wouldn't count issues or MRs in subgroups - meaning that if _this_ group had no issues or MRs, we'd show the empty state, which was wrong.
-
- Feb 22, 2018
-
-
Bob Van Landuyt authored
-
- Aug 15, 2017
-
-
Robert Speicher authored
-
- May 19, 2017
-
-
Michael Kozono authored
In order to avoid string manipulation or modify route params (to make them unambiguous for `url_for`), we are accepting a behavior change: When being redirected to the canonical path for a group, if you requested a group show path starting with `/groups/…` then you’ll now be redirected to the group at root `/…`.
-
- May 05, 2017
-
-
Michael Kozono authored
-
Michael Kozono authored
Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all.
-
Michael Kozono authored
-
- Apr 06, 2017
-
-
Jacopo authored
Extended ProjectFinder in order to handle the following options: - current_user - which user use - project_ids_relation: int[] - project ids to use - params: - trending: boolean - non_public: boolean - starred: boolean - sort: string - visibility_level: int - tags: string[] - personal: boolean - search: string - non_archived: boolean GroupProjectsFinder now inherits from ProjectsFinder. Changed the code in order to use the new available options.
-
- Apr 05, 2017
-
-
- Dec 08, 2016
-
-
Dmitriy Zaporozhets authored
* add parent_id field to namespaces table to store relation with nested groups * create routes table to keep information about full path of every group and project * project/group lookup by full path from routes table Signed-off-by:Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- Mar 20, 2016
-
-
Douwe Maan authored
-
- Mar 18, 2016
-
-
Zeger-Jan van de Weg authored
-
- Nov 16, 2015
-
-
Dmitriy Zaporozhets authored
Signed-off-by:
-
- Jul 31, 2015
-
-
Douwe Maan authored
-
- May 01, 2015
-
-
Douwe Maan authored
-
- Apr 30, 2015
-
-
Douwe Maan authored
-
- Apr 14, 2015
-
-
Douwe Maan authored
-
- Mar 15, 2015
-
-
Douwe Maan authored
-
- Mar 12, 2015
-
-
Valery Sizov authored
-
