This changes various controllers to use the new EventCollection class
for retrieving events. This class uses a JOIN LATERAL query on
PostgreSQL to retrieve queries in a more efficient way, while falling
back to a simpler / less efficient query for MySQL.
The EventCollection class also includes a limit on the number of events
to display to prevent malicious users from cycling through all events,
as doing so could put a lot of pressure on the database.
JOIN LATERAL is only supported on PostgreSQL starting with version 9.3.0
and as such this optimisation is only used when using PostgreSQL 9.3 or
newer.
`User#starred_projects` doesn't perform any visibility checks. This has
a couple of problems:
1. It assumes a user can always view all of their starred projects in
perpetuity (project not changed to private, access revoked, etc.).
2. It assumes that we'll only ever allow a user to star a project they
can view. This is currently the case, but bugs happen.
Add `User#viewable_starred_projects` to filter the starred projects by
those the user either has explicit access to, or are public or
internal. Then use that in all places where we list the user's starred
projects.
- Split up SnippetsController into separate dashboard and explore sections.
- Use consistent page titles, header titles and sidebars between dashboard and explore sections when signed in or not.
* Add search filtering for group projects
* Show all user projects on dashboard
* Refactor projects list into one view
* Hide big list of projects with 'Show all' button
Filtering service used klass instead of passed items.
Because of this you see list of all issues intead of authorized ones.
This commit fixes it so people see only issues they are authorized to
see.
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Be default it sorts by name now
Respect filters like scope, label, visibility when do sort or another
filter
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
features for archive projects
abilities for archived project
other abilities for archive projects
only limit commits and merges for archived projects
ability changed to prohibited actions on archived projects
added spec and feature tests for archive projects
changed search bar not to include archived projects
