Add latest changes from gitlab-org/gitlab@master

Author: GitLab Bot

GITLAB_KAS_VERSION

@@ -1 +1 @@
-02ff05833da52a69f4c16fa94e539c6f3ab306ea
+e8c0552b8152cf9363ccd1d9e9002225904d5202

app/assets/javascripts/admin/users/constants.js

@@ -76,6 +76,14 @@ export const TOKENS = [
     unique: true,
     options: [{ value: 'placeholder', title: s__('UserMapping|Placeholder') }],
   },
+  {
+    title: s__('AdminUsers|LDAP sync'),
+    type: 'ldap_sync',
+    token: GlFilteredSearchToken,
+    operators: OPERATORS_IS,
+    unique: true,
+    options: [{ value: 'ldap_sync', title: __('True') }],
+  },
 ];
 
 export const SOLO_OWNED_ORGANIZATIONS_REQUESTED_COUNT = 10;

app/assets/javascripts/gl_field_errors.js

@@ -21,6 +21,7 @@ export default class GlFieldErrors {
       'input[type=email]',
       'input[type=url]',
       'input[type=number]',
+      'input[type=tel]',
       'textarea',
       'select',
     ].join(',');

app/assets/javascripts/vue_shared/components/users_table/user_avatar.vue

@@ -71,15 +71,13 @@ export default {
         <div v-if="user.note" class="gl-p-1 gl-text-subtle">
           <gl-icon v-gl-tooltip="userNoteShort" name="document" />
         </div>
-        <div
-          v-for="(badge, idx) in user.badges"
-          :key="idx"
-          class="gl-p-1"
-          :class="{ 'gl-pb-0': glFeatures.simplifiedBadges }"
-        >
-          <gl-badge class="!gl-flex" :variant="badge.variant">{{ badge.text }}</gl-badge>
-        </div>
       </template>
+
+      <div class="gl-flex gl-flex-wrap gl-pt-2">
+        <div v-for="badge in user.badges" :key="badge.text" class="gl-pr-2">
+          <gl-badge :variant="badge.variant">{{ badge.text }}</gl-badge>
+        </div>
+      </div>
     </gl-avatar-labeled>
   </div>
 </template>

app/controllers/admin/users_controller.rb

@@ -327,7 +327,7 @@ def paginate_without_count?
   end
 
   def users_with_included_associations(users)
-    users.includes(:authorized_projects, :trusted_with_spam_attribute) # rubocop: disable CodeReuse/ActiveRecord
+    users.includes(:authorized_projects, :trusted_with_spam_attribute, :identities) # rubocop: disable CodeReuse/ActiveRecord
   end
 
   def admin_making_changes_for_another_user?

app/controllers/concerns/uploads_actions.rb

@@ -10,6 +10,13 @@ module UploadsActions
 
   UPLOAD_MOUNTS = %w[avatar attachment file logo pwa_icon header_logo favicon screenshot].freeze
 
+  # We need to avoid setting certain formats. For example, using the :js format
+  # would trigger Rails' cross-origin JavaScript protection. To avoid this, we use
+  # the :text format for JS files instead.
+  CUSTOM_REQUEST_FORMAT_MAPPING = {
+    js: :text
+  }.freeze
+
   included do
     prepend_before_action :set_request_format_from_path_extension
     rescue_from FileUploader::InvalidSecret, with: :render_404
@@ -85,7 +92,9 @@ def set_request_format_from_path_extension
 
     format = Mime[match.captures.first]
 
-    request.format = format.symbol if format
+    return if format.blank?
+
+    request.format = CUSTOM_REQUEST_FORMAT_MAPPING[format.symbol] || format.symbol
   end
 
   def content_disposition

app/graphql/resolvers/organizations/organization_users_resolver.rb

@@ -28,7 +28,7 @@ def organization_users
 
       def preloads
         {
-          user: [:user]
+          user: [{ user: [:identities] }]
         }
       end
     end

app/helpers/users_helper.rb

@@ -141,6 +141,7 @@ def user_badges_in_admin_section(user)
       badges << { text: s_("AdminUsers|It's you!"), variant: 'muted' } if current_user == user
       badges << { text: s_("AdminUsers|Locked"), variant: 'warning' } if user.access_locked?
       badges << { text: s_("UserMapping|Placeholder"), variant: 'muted' } if user.placeholder?
+      badges << { text: s_('AdminUsers|LDAP'), variant: 'info' } if user.ldap_user?
     end
   end
 

app/models/user.rb

@@ -682,6 +682,7 @@ def blocked?
   scope :dormant, -> { with_state(:active).human_or_service_user.where('last_activity_on <= ?', Gitlab::CurrentSettings.deactivate_dormant_users_period.day.ago.to_date) }
   scope :with_no_activity, -> { with_state(:active).human_or_service_user.where(last_activity_on: nil).where('created_at <= ?', MINIMUM_DAYS_CREATED.day.ago.to_date) }
   scope :by_provider_and_extern_uid, ->(provider, extern_uid) { joins(:identities).merge(Identity.with_extern_uid(provider, extern_uid)) }
+  scope :ldap, -> { joins(:identities).where('identities.provider LIKE ?', 'ldap%') }
   scope :by_ids, ->(ids) { where(id: ids) }
   scope :by_ids_or_usernames, ->(ids, usernames) { where(username: usernames).or(where(id: ids)) }
   scope :without_forbidden_states, -> { where.not(state: FORBIDDEN_SEARCH_STATES) }
@@ -886,12 +887,14 @@ def filter_items(filter_name)
         without_projects
       when 'external'
         external
-      when "trusted"
+      when 'trusted'
         trusted
-      when "placeholder"
+      when 'placeholder'
         placeholder
-      when "without_placeholders"
+      when 'without_placeholders'
         without_placeholders
+      when 'ldap_sync'
+        ldap
       else
         all_without_ghosts
       end

config/feature_flags/beta/duo_code_review_full_file.yml

@@ -0,0 +1,10 @@
+---
+name: duo_code_review_full_file
+description:
+feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/510266
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/189314
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/537556
+milestone: '18.0'
+group: group::code review
+type: beta
+default_enabled: false