Skip to content
Snippets Groups Projects
Select Git revision
  • 322166-remove-usage_data_o_pipeline_authoring_unique_users_pushing_mr_ciconfigfile
  • 323891-delete-ci_needs_optional
  • cablett-revert-background-count-calc
  • 299403-remove-usage_data_unique_users_committing_ciconfigfile
  • master default protected
  • 27954-remove-hipchat
  • 299114-drop-flag
  • 330315-disable-cleanup-policies-linked-to-no-container-images-post-migration
  • astoicescu-add-custom-header-text-to-free-personal-namespaces
  • 323856-indexer-add-timeout
  • extend-drop-running-builds-when-ci-minutes-exceeded-to-paid-plans
  • sh-prevent-retry-of-retried-builds
  • remove-delayed-perform-for-build-hooks-worker
  • remove_load_balancing_for_build_hooks_worker_ff
  • astoicescu_remove_plan_cards_and_upgrade_button
  • 330300-rename-methods-called-service-to-integration
  • roll-over-issues
  • fix-runner-token-maven-nuget
  • automate-create-iterations-in-cadence
  • 328710-experiment-cleanup-optionally-start-a-trial-during-free-signup
  • v13.12.0-ee
  • v13.12.0-rc45-ee
  • v13.12.0-rc44-ee
  • v13.12.0-rc43-ee
  • v13.12.0-rc42-ee
  • v13.11.4-ee
  • v13.11.3-ee
  • v13.9.7-ee
  • v13.10.4-ee
  • v13.11.2-ee
  • v13.11.1-ee
  • v13.11.0-ee
  • v13.11.0-rc44-ee
  • v13.11.0-rc43-ee
  • v13.11.0-rc42-ee
  • v13.10.3-ee
  • v13.9.6-ee
  • v13.8.8-ee
  • v13.10.2-ee
  • v13.8.7-ee
40 results
Search by author
  • Any Author
  • Quang-Minh Nguyen Quang-Minh Nguyen qmnguyen0711
1 author
  1. Apr 27, 2021
  3. Apr 26, 2021
  5. Apr 23, 2021
  7. Apr 22, 2021
    • Alexandru Croitor's avatar
      Prevent non-owners to set system_note_timestamp · 44cb1cb3
      Alexandru Croitor authored 
      When an issue is created or updated though API for import
purposes we allow providing created_at and updated_at params
these would then be reflected also in system notes. Only admins
and project owners should be able to set these dates.
      44cb1cb3
  9. Apr 20, 2021
  11. Apr 14, 2021
  13. Apr 13, 2021
  15. Apr 12, 2021
    • Alexis Kalderimis's avatar
      Require 'api' scope to execute mutations · 915b1f7b
      Alexis Kalderimis authored 
      Verify that read_api tokens cannot run mutations.

Also: adds tests use of OAuth tokens for GraphQL

We make some changes to the sessionless_authentication module
in order to capture the request_authenticator, so that we can access
the token scopes, without making any extra queries.

We ensure we always authorize the mutation, which, like all resolvers,
needs to opt in to the check.

Unlike resolvers, mutations should always raise. So
`BaseMutation.authorized?` raises on failure.

Logic for handling scopes is pushed down to the `ObjectAuthorization`
class, and encapsulated in the `ScopeValidator`, which limits the
methods that can be called by resolvers.
      915b1f7b
  17. Apr 11, 2021
  19. Apr 09, 2021
  21. Apr 08, 2021
    • alex pooley's avatar
      Update ruby-saml and rexml gems · 33226dce
      alex pooley authored and Imre (Admin)'s avatar Imre (Admin) committed
      33226dce
    • Vladimir Shushlin's avatar
      Fix broken dora4 spec · 0e17f95b
      Vladimir Shushlin authored 
      By default dora4 metrics controller returns data for last 3 months

We use 2021-01-01 as fixture date in specs.

So controllers stoped returning this data on 2021-04-02

Also, max range was calculated as 91 days, while it's actually
possible to have 92 days in 3 months.
I caught this trying to fix the issue


(cherry picked from commit b76bd0d8)
      0e17f95b
  23. Apr 01, 2021
  25. Mar 31, 2021