- 19 Dec, 2018 1 commit
-
-
Jarka Košanová authored
- we now use the hierarchy class also for epics - also rename supports_nested_groups? into supports_nested_objects? - move it to a concern
-
- 19 Sep, 2018 1 commit
-
-
gfyoung authored
Enables frozen string for the following: * app/controllers/*.rb * app/controllers/admin/**/*.rb * app/controllers/boards/**/*.rb * app/controllers/ci/**/*.rb * app/controllers/concerns/**/*.rb Partially addresses #47424.
-
- 11 Sep, 2018 1 commit
-
-
Yorick Peterse authored
This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
-
- 06 Jul, 2018 1 commit
-
-
Bob Van Landuyt authored
We need to preload the ancestors of search results after applying pagination limits. This way the search results itself are paginated, but not the ancestors. If we don't do this, we might not preload a parent group of a search result as it has been cut off by pagination.
-
- 04 Apr, 2018 1 commit
-
-
blackst0ne authored
-
- 22 Jan, 2018 1 commit
-
-
Bob Van Landuyt authored
When searching we would limit the scope of ancestors to load because the filter would be applied to the ancestors. Instead, we need to load _all_ ancestors for matching projects.
-
- 11 Jan, 2018 1 commit
-
-
🙈 jacopo beschi 🙉 authored
-
- 22 Nov, 2017 1 commit
-
-
Lin Jen-Shin authored
And use .rubocop.yml to exclude paths we don't care, rather than using the cop itself to exclude.
-
- 17 Nov, 2017 1 commit
-
-
Lin Jen-Shin authored
-
- 12 Oct, 2017 1 commit
-
-
Bob Van Landuyt authored
-
- 11 Oct, 2017 1 commit
-
-
Bob Van Landuyt authored
And several other failures
-
- 09 Oct, 2017 1 commit
-
-
Bob Van Landuyt authored
Not all_groups, since that would expose groups the user does not have access to
-
- 05 Oct, 2017 2 commits
-
-
Bob Van Landuyt authored
-
Bob Van Landuyt authored
-
- 04 Oct, 2017 6 commits
-
-
Bob Van Landuyt authored
-
Bob Van Landuyt authored
-
Bob Van Landuyt authored
-
Bob Van Landuyt authored
-
Bob Van Landuyt authored
The children are lazy-loaded when expanding
-
Bob Van Landuyt authored
-
- 07 Sep, 2017 1 commit
-
-
Tiago Botelho authored
-
- 08 Jun, 2017 1 commit
-
-
Douwe Maan authored
-
- 04 May, 2017 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by:
Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 01 Mar, 2017 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by:
Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 08 Feb, 2017 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by:
Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 24 Jun, 2016 1 commit
-
-
Rémy Coutable authored
The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. Signed-off-by:
Rémy Coutable <remy@rymai.me>
-
- 19 Mar, 2016 1 commit
-
-
Robert Speicher authored
-
- 30 Apr, 2015 1 commit
-
-
Douwe Maan authored
-
- 15 Mar, 2015 1 commit
-
-
Douwe Maan authored
-
- 12 Mar, 2015 1 commit
-
-
Dmitriy Zaporozhets authored
-
- 09 Mar, 2015 1 commit
-
-
Dmitriy Zaporozhets authored
-
- 14 Sep, 2014 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by:
Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 12 Feb, 2014 1 commit
-
-
Ciro Santillli authored
-
- 19 Jan, 2014 1 commit
-
-
skv authored
-
- 26 Sep, 2013 1 commit
-
-
Dmitriy Zaporozhets authored
Before we have only owner_id to determine group owner With multiple owners per group we should get rid of owner_id in group. So from now @group.owner will always be nil but @group.owners return an actual array of users who can admin this group
-
- 06 Aug, 2013 1 commit
-
-
Dmitriy Zaporozhets authored
-
- 12 Jul, 2013 2 commits
-
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-