1. 10 May, 2017 1 commit
  2. 26 Apr, 2017 1 commit
    • Timothy Andrew's avatar
      Allow admins to sudo to blocked users. · 4dfdef2d
      Timothy Andrew authored
      - Currently, (for example) admins can't delete snippets for blocked users, which
        is an unexpected limitation.
      
      - We modify `authenticate!` to conduct the `access_api` policy check against the
        `initial_current_user`, instead of the user being impersonated.
      
      - Update CHANGELOG for !10842
      4dfdef2d
  3. 09 Apr, 2017 1 commit
  4. 27 Mar, 2017 1 commit
    • Toon Claes's avatar
      API: Make the /notes endpoint work with noteable iid instead of id · add5cd99
      Toon Claes authored
      In API V4 all endpoints were changed so Merge Requests and Issues
      should be referred by iid, instead of id. Except the /notes endpoint
      was forgotten. So change the endpoints from:
      
      - /projects/:id/issues/:issue_id/notes
      - /projects/:id/merge_requests/:merge_request_id/notes
      
      To:
      
      - /projects/:id/issues/:issue_iid/notes
      - /projects/:id/merge_requests/:merge_request_iid/notes
      
      For Project Snippets nothing changes.
      add5cd99
  5. 22 Mar, 2017 1 commit
  6. 09 Mar, 2017 2 commits
  7. 07 Mar, 2017 2 commits
  8. 06 Mar, 2017 2 commits
  9. 03 Mar, 2017 2 commits
  10. 02 Mar, 2017 3 commits
  11. 23 Feb, 2017 2 commits
  12. 22 Feb, 2017 1 commit
  13. 21 Feb, 2017 2 commits
  14. 20 Feb, 2017 1 commit
  15. 14 Feb, 2017 1 commit
    • Toon Claes's avatar
      API: Consolidate /projects endpoint · 4e9e29d2
      Toon Claes authored
      It consolidates these endpoints:
       - /projects
       - /projects/owned
       - /projects/visible
       - /projects/starred
       - /projects/all
      
      Into the /projects endpoint using query parameters.
      4e9e29d2
  16. 03 Feb, 2017 2 commits
  17. 23 Jan, 2017 1 commit
  18. 19 Jan, 2017 2 commits
  19. 18 Jan, 2017 1 commit
    • Ruben Davila's avatar
      Add some API endpoints for time tracking. · 0f3c9355
      Ruben Davila authored
      New endpoints are:
      
      POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_estimate"
      
      POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_time_estimate"
      
      POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/add_spent_time"
      
      POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_spent_time"
      
      GET  :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_stats"
      0f3c9355
  20. 16 Jan, 2017 1 commit
  21. 04 Jan, 2017 1 commit
    • Lin Jen-Shin's avatar
      WIP: Add tests and make sure that headers are set · 8c9a4ed3
      Lin Jen-Shin authored
      * We realized that headers were not set whenever we give 204
        because `render_api_error!` doesn't preserve the headers.
      
      * We also realized that `update_runner_info` would be called in
        POST /builds/register every time therefore runner is updated
        every time, ticking the queue, making this last_update didn't
        work very well, and the test would be failing due to that.
      8c9a4ed3
  22. 23 Dec, 2016 1 commit
  23. 21 Dec, 2016 2 commits
    • Markus Koller's avatar
      Add more storage statistics · 3ef4f74b
      Markus Koller authored
      This adds counters for build artifacts and LFS objects, and moves
      the preexisting repository_size and commit_count from the projects
      table into a new project_statistics table.
      
      The counters are displayed in the administration area for projects
      and groups, and also available through the API for admins (on */all)
      and normal users (on */owned)
      
      The statistics are updated through ProjectCacheWorker, which can now
      do more granular updates with the new :statistics argument.
      3ef4f74b
    • Grzegorz Bizon's avatar
      Remove redundant pagination helpers after a bad merge · 468b47d4
      Grzegorz Bizon authored
      [ci skip]
      468b47d4
  24. 16 Dec, 2016 1 commit
    • Timothy Andrew's avatar
      Calls to the API are checked for scope. · 7fa06ed5
      Timothy Andrew authored
      - Move the `Oauth2::AccessTokenValidationService` class to
        `AccessTokenValidationService`, since it is now being used for
        personal access token validation as well.
      
      - Each API endpoint declares the scopes it accepts (if any). Currently,
        the top level API module declares the `api` scope, and the `Users` API
        module declares the `read_user` scope (for GET requests).
      
      - Move the `find_user_by_private_token` from the API `Helpers` module to
        the `APIGuard` module, to avoid littering `Helpers` with more
        auth-related methods to support `find_user_by_private_token`
      7fa06ed5
  25. 13 Dec, 2016 1 commit
  26. 12 Dec, 2016 1 commit
  27. 09 Dec, 2016 1 commit
  28. 08 Dec, 2016 1 commit
  29. 07 Dec, 2016 1 commit