Fixes#14187: mention handling extracted from email notification code
Fixes#14013: add notification for mentions in pull request code comments
Fixes#13450: Not receiving any emails with setting "Only Email on Mention"
* Ensure that schema search path is set with every connection on postgres
Unfortunately every connection to postgres requires that the search path is
set appropriately.
This PR shadows the postgres driver to ensure that as soon as a connection
is open, the search_path is set appropriately.
Fix#14088
Signed-off-by: Andrew Thornton <art27@cantab.net>
* no golangci-lint that is not a helpful suggestion
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use Execer if available
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented. No discovery, no configuration
endpoint, and no user scope management.
OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow. I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.
In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.
This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.
Fixes: #1310
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Change topic name size from 25 to 50
* recreateTable requires full bean definition
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
* Disable SSH key addition and deletion when externally managed
When a user has a login source which has SSH key management
key addition and deletion using the UI should be disabled.
Fix#13983
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make only externally managed keys disabled
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* remove github.com/unknwon/com from models
* dont use "com.ToStr()"
* replace "com.ToStr" with "fmt.Sprint" where its easy to do
* more refactor
* fix test
* just "proxy" Copy func for now
* as per @lunny
* now uses the same permission model as for the activity feed:
only include activities in repos, that the doer has access to.
this might be somewhat slower.
* also improves handling of user.KeepActivityPrivate (still shows
the heatmap to self & admins)
* extend tests
* adjust integration test to new behaviour
* add access to actions for admins
* extend heatmap unit tests
* Show dropdown with all statuses for commit
* Use popups
* Remove unnecessary change
* Style popup
* Use divided list
* As per @silverwind
* Refactor GetLastCommitStatus
* Missing dropdown on repo home and commit page
* Fix tests
* Make status icon be a part of a link on PR list
* Fix missing translation call
* Indent fix
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Trim the branch prefix from action.GetBranch
#13882 has revealed that the refname of an action is actually only a
refname pattern and necessarily a branch. For examplem pushing to
refs/heads/master will result in action with refname refs/heads/master
but pushing to master will result in a refname master.
The simplest solution to providing a fix here is to trim the prefix
therefore this PR proposes this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/action.go
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: a1012112796 <1012112796@qq.com>
The frontpage uses a rather strange method to obtain the commit's avatar
which I've overlooked earlier. I don't exactly understand how it works
but this change fixes the wrong default avatars by using the function
that was in previous use.
Also introduced a few constants for size an size increase factor.
Fixes: https://github.com/go-gitea/gitea/issues/13844
* Direct avatar rendering
This adds new template helpers for avatar rendering which output image
elements with direct links to avatars which makes them cacheable by the
browsers.
This should be a major performance improvment for pages with many avatars.
* fix avatars of other user's profile pages
* fix top border on user avatar name
* uncircle avatars
* remove old incomplete avatar selector
* use title attribute for name and add it back on blame
* minor refactor
* tweak comments
* fix url path join and adjust test to new result
* dedupe functions
* add black list and white list support for migrating repositories
* fix fmt
* fix lint
* fix vendor
* fix modules.txt
* clean diff
* specify log message
* use blocklist/allowlist
* allways use lowercase to match url
* Apply allow/block
* Settings: use existing "migrations" section
* convert domains lower case
* dont store unused value
* Block private addresses for migration by default
* fix lint
* use proposed-upstream func to detect private IP addr
* a nit
* add own error for blocked migration, add tests, imprufe api
* fix test
* fix-if-localhost-is-ipv4
* rename error & error message
* rename setting options
* Apply suggestions from code review
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* ui: show 'owner' tag for real owner
Signed-off-by: a1012112796 <1012112796@qq.com>
* Update custom/conf/app.example.ini
* simplify logic
fix logic
fix a small bug about original author
* remove system manager tag
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Add time filter for issue search
* Add limit option for paggination
* Add Filter for: Created by User, Assigned to User, Mentioning User
* update swagger
* Add Tests for limit, before & since
* Improve error feedback for duplicate deploy keys
Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.
* API returns 422 error when key with name exists
* Add email validity checking
Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails
* Add further tests
* Add signup email tests
* Add email validity check for linking existing account
* Address PR comments
* Remove unneeded DB session
* Move email check to updateUser
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
When migrating repositories with reactions with deleted users, the original
author id may be -1. This means that it is possible to end up attempting
to create multiple reactions with the same [ Type, IssueID, CommentID, UserID,
OriginalAuthorID ] thus breaking the constraints.
On SQLite this appears to cause a deadlock but on other dbs this will
cause the migration to fail.
This PR extends the constraint to include the original author username
in the constraint.
Fix#13271
Signed-off-by: Andrew Thornton <art27@cantab.net>
* When replying to an outdated comment it should not appear on the files page
This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.
There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix test
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix broken migration
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix mssql
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create temporary table because ... well MSSQL ...
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create temporary table because ... well MSSQL ...
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create temporary table because ... well MSSQL ...
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix mssql
Signed-off-by: Andrew Thornton <art27@cantab.net>
* move session within the batch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* regen the sqlcmd each time round the loop
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Make archival asynchronous
The prime benefit being sought here is for large archives to not
clog up the rendering process and cause unsightly proxy timeouts.
As a secondary benefit, archive-in-progress is moved out of the
way into a /tmp file so that new archival requests for the same
commit will not get fulfilled based on an archive that isn't yet
finished.
This asynchronous system is fairly primitive; request comes in, we'll
spawn off a new goroutine to handle it, then we'll mark it as done.
Status requests will see if the file exists in the final location,
and report the archival as done when it exists.
Fixes#11265
* Archive links: drop initial delay to three-quarters of a second
Some, or perhaps even most, archives will not take all that long to archive.
The archive process starts as soon as the download button is initially
clicked, so in theory they could be done quite quickly. Drop the initial
delay down to three-quarters of a second to make it more responsive in the
common case of the archive being quickly created.
* archiver: restructure a little bit to facilitate testing
This introduces two sync.Cond pointers to the archiver package. If they're
non-nil when we go to process a request, we'll wait until signalled (at all)
to proceed. The tests will then create the sync.Cond so that it can signal
at-will and sanity-check the state of the queue at different phases.
The author believes that nil-checking these two sync.Cond pointers on every
archive processing will introduce minimal overhead with no impact on
maintainability.
* gofmt nit: no space around binary + operator
* services: archiver: appease golangci-lint, lock queueMutex
Locking/unlocking the queueMutex is allowed, but not required, for
Cond.Signal() and Cond.Broadcast(). The magic at play here is just a little
too much for golangci-lint, as we take the address of queueMutex and this is
mostly used in archiver.go; the variable still gets flagged as unused.
* archiver: tests: fix several timing nits
Once we've signaled a cond var, it may take some small amount of time for
the goroutines released to hit the spot we're wanting them to be at. Give
them an appropriate amount of time.
* archiver: tests: no underscore in var name, ungh
* archiver: tests: Test* is run in a separate context than TestMain
We must setup the mutex/cond variables at the beginning of any test that's
going to use it, or else these will be nil when the test is actually ran.
* archiver: tests: hopefully final tweak
Things got shuffled around such that we carefully build up and release
requests from the queue, so we can validate the state of the queue at each
step. Fix some assertions that no longer hold true as fallout.
* repo: Download: restore some semblance of previous behavior
When archival was made async, the GET endpoint was only useful if a previous
POST had initiated the download. This commit restores the previous behavior,
to an extent; we'll now submit the archive request there and return a
"202 Accepted" to indicate that it's processing if we didn't manage to
complete the request within ~2 seconds of submission.
This lets a client directly GET the archive, and gives them some indication
that they may attempt to GET it again at a later time.
* archiver: tests: simplify a bit further
We don't need to risk failure and use time.ParseDuration to get 2 *
time.Second.
else if isn't really necessary if the conditions are simple enough and lead
to the same result.
* archiver: tests: resolve potential source of flakiness
Increase all timeouts to 10 seconds; these aren't hard-coded sleeps, so
there's no guarantee we'll actually take that long. If we need longer to
not have a false-positive, then so be it.
While here, various assert.{Not,}Equal arguments are flipped around so that
the wording in error output reflects reality, where the expected argument is
second and actual third.
* archiver: setup infrastructure for notifying consumers of completion
This API will *not* allow consumers to subscribe to specific requests being
completed, just *any* request being completed. The caller is responsible for
determining if their request is satisfied and waiting again if needed.
* repo: archive: make GET endpoint synchronous again
If the request isn't complete, this endpoint will now submit the request and
wait for completion using the new API. This may still be susceptible to
timeouts for larger repos, but other endpoints now exist that the web
interface will use to negotiate its way through larger archive processes.
* archiver: tests: amend test to include WaitForCompletion()
This is a trivial one, so go ahead and include it.
* archiver: tests: fix test by calling NewContext()
The mutex is otherwise uninitialized, so we need to ensure that we're
actually initializing it if we plan to test it.
* archiver: tests: integrate new WaitForCompletion a little better
We can use this to wait for archives to come in, rather than spinning and
hoping with a timeout.
* archiver: tests: combine numQueued declaration with next-instruction assignment
* routers: repo: reap unused archiving flag from DownloadStatus()
This had some planned usage before, indicating whether this request
initiated the archival process or not. After several rounds of refactoring,
this use was deemed not necessary for much of anything and got boiled down
to !complete in all cases.
* services: archiver: restructure to use a channel
We now offer two forms of waiting for a request:
- WaitForCompletion: wait for completion with no timeout
- TimedWaitForCompletion: wait for completion with timeout
In both cases, we wait for the given request's cchan to close; in the latter
case, we do so with the caller-provided timeout. This completely removes the
need for busy-wait loops in Download/InitiateDownload, as it's fairly clean
to wait on a channel with timeout.
* services: archiver: use defer to unlock now that we can
This previously carried the lock into the goroutine, but an intermediate
step just added the request to archiveInProgress outside of the new
goroutine and removed the need for the goroutine to start out with it.
* Revert "archiver: tests: combine numQueued declaration with next-instruction assignment"
This reverts commit bcc5214023.
Revert "archiver: tests: integrate new WaitForCompletion a little better"
This reverts commit 9fc8bedb56.
Revert "archiver: tests: fix test by calling NewContext()"
This reverts commit 709c35685e.
Revert "archiver: tests: amend test to include WaitForCompletion()"
This reverts commit 75261f56bc.
* archiver: tests: first attempt at WaitForCompletion() tests
* archiver: tests: slight improvement, less busy-loop
Just wait for the requests to complete in order, instead of busy-waiting
with a timeout. This is slightly less fragile.
While here, reverse the arguments of a nearby assert.Equal() so that
expected/actual are correct in any test output.
* archiver: address lint nits
* services: archiver: only close the channel once
* services: archiver: use a struct{} for the wait channel
This makes it obvious that the channel is only being used as a signal,
rather than anything useful being piped through it.
* archiver: tests: fix expectations
Move the close of the channel into doArchive() itself; notably, before these
goroutines move on to waiting on the Release cond.
The tests are adjusted to reflect that we can't WaitForCompletion() after
they've already completed, as WaitForCompletion() doesn't indicate that
they've been released from the queue yet.
* archiver: tests: set cchan to nil for comparison
* archiver: move ctx.Error's back into the route handlers
We shouldn't be setting this in a service, we should just be validating the
request that we were handed.
* services: archiver: use regex to match a hash
This makes sure we don't try and use refName as a hash when it's clearly not
one, e.g. heads/pull/foo.
* routers: repo: remove the weird /archive/status endpoint
We don't need to do this anymore, we can just continue POSTing to the
archive/* endpoint until we're told the download's complete. This avoids a
potential naming conflict, where a ref could start with "status/"
* archiver: tests: bump reasonable timeout to 15s
* archiver: tests: actually release timedReq
* archiver: tests: run through inFlight instead of manually checking
While we're here, add a test for manually re-processing an archive that's
already been complete. Re-open the channel and mark it incomplete, so that
doArchive can just mark it complete again.
* initArchiveLinks: prevent default behavior from clicking
* archiver: alias gitea's context, golang context import pending
* archiver: simplify logic, just reconstruct slices
While the previous logic was perhaps slightly more efficient, the
new variant's readability is much improved.
* archiver: don't block shutdown on waiting for archive
The technique established launches a goroutine to do the wait,
which will close a wait channel upon termination. For the timeout
case, we also send back a value indicating whether the timeout was
hit or not.
The timeouts are expected to be relatively small, but still a multi-
second delay to shutdown due to this could be unfortunate.
* archiver: simplify shutdown logic
We can just grab the shutdown channel from the graceful manager instead of
constructing a channel to halt the caller and/or pass a result back.
* Style issues
* Fix mis-merge
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* When replying to an outdated comment it should not appear on the files page
This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.
There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix test
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Refactor Logger to make a logger interface and make it possible to
wrap loggers for specific purposes.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Create function to group label comments
* Combine multiple label additions into one
* Group removed and added labels in the same comment
* Fix indentation on comments.tmpl
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
* added mastodon provider to oauth code
* changed go.mod and vendor/modules.txt to add updated goth
* vendored mastodon and new goth
* committing result of go mod tidy && go mod vendor
* added pic and mastodon to oauth models
* handled instance url
* applied lafriks suggestion
* Update web_src/js/index.js
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
* Ensure topics added using the API are added to the repository
Fix#12426
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Store task errors following migrations and display them
When migrate tasks fail store the error in the task table
and ensure that they show on the status page.
Fix#13242
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update web_src/js/index.js
* Hide the failed first
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Keep database transactions not too big
* Fix#13255
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Only cache the last repo
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
* show author for releases created outside Gitea UI.
Also show the number of commits behind the default branch for tags created outside the UI
don't show the tag date again for tags pushed to the repo. Since it is already on the sidebar and looks like duplication
* add migration for already existing tags
* update as per review
* fix build
* add space
* fix import statments
* Update models/migrations/v113.go
Co-Authored-By: zeripath <art27@cantab.net>
* Update models/migrations/v114.go
Co-authored-by: 6543 <6543@obermui.de>
* Update services/release/release.go
Co-authored-by: 6543 <6543@obermui.de>
* impruve
* remove dependency on models package
* Close the gitrepos in a defer to ensure that they are closed.
* gofmt
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix images in wiki edit preview (#11546)
Make sure wiki editor sets wiki to true so gitea renders it as a wiki page.
Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless.
Fixes#11540
* Avatar support minio
* Support repo avatar minio storage
* Add missing migration
* Fix bug
* Fix test
* Add test for minio store type on avatars and repo avatars; Add documents
* Fix bug
* Fix bug
* Add back missed avatar link method
* refactor codes
* Simplify the codes
* Code improvements
* Fix lint
* Fix test mysql
* Fix test mysql
* Fix test mysql
* Fix settings
* Fix test
* fix test
* Fix bug
* [Enhancement] Allow admin to merge pr with protected file changes
As tilte, show protected message in diff page and merge box.
Signed-off-by: a1012112796 <1012112796@qq.com>
* remove unused ver
* Update options/locale/locale_en-US.ini
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
* Add TrN
* Apply suggestions from code review
* fix lint
* Update options/locale/locale_en-US.ini
Co-authored-by: zeripath <art27@cantab.net>
* Apply suggestions from code review
* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed
* Apply review suggestion @CirnoT
* move to service @lunny
* slightly restructure routers/private/hook.go
Adds a lot of comments and simplifies the logic
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* skip duplicate protected files check
* fix check logic
* slight refactor of TestPatch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* When checking for protected files changes in TestPatch use the temporary repository
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix introduced issue with hook
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove the check on PR index being greater than 0 as it unnecessary
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Provide self-registering storage system
Signed-off-by: Andrew Thornton <art27@cantab.net>
* More simplification
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove old strings from setting
Signed-off-by: Andrew Thornton <art27@cantab.net>
* oops attachments not attachment
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add timestamps to Star, Label, LanguageStat, Follow, Watch and Collaboration
* Star do not need updated
* LanguageStat do not need update (they wont change)
* fix unit-test
Add team support for review request
Block #11355
Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Prohibit automatic downgrades by checking the version of the db and warning if the version number should be lower.
Close#13107
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template to inform the user that a key with the intended title already exists.
Fixes#13110
This PR updates golangci-lint to the latest version 1.31.0.
The upgrade introduced a new check for which I've fixed or disabled most cases.
Signed-off-by: kolaente <k@knt.li>
* Add ssh certificate support
* Add ssh certificate support to builtin ssh
* Write trusted-user-ca-keys.pem based on configuration
* Update app.example.ini
* Update templates/user/settings/keys_principal.tmpl
Co-authored-by: silverwind <me@silverwind.io>
* Remove unused locale string
* Update options/locale/locale_en-US.ini
Co-authored-by: silverwind <me@silverwind.io>
* Update options/locale/locale_en-US.ini
Co-authored-by: silverwind <me@silverwind.io>
* Update models/ssh_key.go
Co-authored-by: silverwind <me@silverwind.io>
* Add missing creation of SSH.Rootpath
* Update cheatsheet, example and locale strings
* Update models/ssh_key.go
Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go
Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go
Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go
Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go
* Optimizations based on feedback
* Validate CA keys for external sshd
* Add filename option and change default filename
Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem
Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.
Add some more documentation.
* Remove unneeded principalkey functions
* Add blank line
* Apply suggestions from code review
Co-authored-by: zeripath <art27@cantab.net>
* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option
This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.
To allow anything the admin need to set the option anything.
This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).
This commit also has some small other fixes from the last code review.
* Rewrite principal keys file on user deletion
* Use correct rewrite method
* Set correct AuthorizedPrincipalsBackup default setting
* Rewrite principalsfile when adding principals
* Add update authorized_principals option to admin dashboard
* Handle non-primary emails
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add the command actually to the dashboard template
* Update models/ssh_key.go
Co-authored-by: silverwind <me@silverwind.io>
* By default do not show principal options unless there are CA keys set or they are explicitly set
Signed-off-by: Andrew Thornton <art27@cantab.net>
* allow settings when enabled
* Fix typos in TrustedUserCAKeys path
* Allow every CASignatureAlgorithms algorithm
As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA
* Update models/ssh_key.go
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix linting issue
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
`models.getUserRepoPermission(...)` calls `HasOrgVisible` which
uses `models.x` potentially outside of the transaction `e` provided
as an argument to `getUserRepoPermission`.
This PR switches to use `hasOrgVisible(e, ...)`.
Fix#12983
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Disable DSA ssh keys by default
OpenSSH has disabled DSA keys since version 7.0
As the docker runs openssh > v7.0 we should just disable
DSA keys by default.
Refers to #11417
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just disable DSA keys by default
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove DSA type
* Fix Tests
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
(Re)Load issue labels when labels are added or removed
This means that the label state that the webhooks produce accurately matches
the changes that they are reporting.
Fix#10660
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Completely quote AppPath and CustomConf paths
Properly handle spaces in AppPath and CustomConf within hooks and
authorized_keys. Unfortunately here we don't seem to be able to get away
with using go-shellquote as it appears that Windows doesn't play too
well with singlequote quoting - therefore we will avoid singlequote
quoting unless we absolutely cannot get away without it, e.g. \n or !.
Fix#10813
Signed-off-by: Andrew Thornton <art27@cantab.net>
* missing change
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix Test_CmdKeys
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Don't automatically delete repository files if they are present
Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.
This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.
PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix tests and migrate overwrite
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @lunny
Only offer to adopt or overwrite if the user can do that.
Allow the site administrator to adopt or overwrite in all
circumstances
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use setting.Repository.DefaultBranch for the default branch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Always set setting.Repository.DefaultBranch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update templates
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure repo closed
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Rewrite of adoption as per @6543 and @lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
* update swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* missing not
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add modals and flash reporting
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make the unadopted page searchable
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add API
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Handle empty and non-master branched repositories
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove commented out code
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Improved total count of issue when filtered.
* Fixed size of slice when selected 1 repository.
* Improved function of error check.
* improved comment
* Added parameter of return header.
Co-authored-by: 6543 <6543@obermui.de>
* Updated corresponded to the current vendored of "xorm.io/xorm".
* Dedublicated it by store the Options Struct into a variable.
* format code
* Update routers/api/v1/repo/issue.go
Co-authored-by: 6543 <6543@obermui.de>
* Update routers/api/v1/repo/issue.go
Co-authored-by: 6543 <6543@obermui.de>
* Updated number of range.
Co-authored-by: 6543 <6543@obermui.de>
* Updated number of range.
Co-authored-by: 6543 <6543@obermui.de>
* Removed total value.
* make fmt
* Improved value of sql.
Co-authored-by: zeripath <art27@cantab.net>
* Improved value of sql.
* improved message
* improved message
* improved message
* fixed message
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add configurable Trust Models
Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.
The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.
The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Adjust locale strings
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @6543
Co-authored-by: 6543 <6543@obermui.de>
* Update models/gpg_key.go
* Add migration for repository
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* move GitCommit to APIFormat convertion into convert package
* rename Commit convert functions
* move stopwatch to api convertion into convert package & rm unused code & extend test
* fix compare time
* Gitea not Gogs ;)
if check one user's unit in different repos, it's not necessary to
get user data every time.
Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add migration for password algorithm change
#12688 changed the default for the user table leading to sync2 warnings
Unfortunately changing defaults requires a complete table rewrite in general.
However, just dropping columns could be bad - so this PR leverages the
techniques used in recreate table to recreate from the inferred schema
and recreates the user table.
This is not necessarily the correct thing to do - but code sometimes speaks
louder than words.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* oops
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ok lets use the shorter bits for other dbs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/migrations/v150.go
* Update models/migrations/v150.go
* fix migration
Signed-off-by: Andrew Thornton <art27@cantab.net>
* mv v150 to v151.go
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Rather than rely on the user running the gitea server and db setting the
schema search_path correctly - if gitea is run with a schema we should
simply set the search_path to have that schema first in the path.
Fix#12505
Signed-off-by: Andrew Thornton <art27@cantab.net>
* use different structs for MigrateRepoOptions on UI and API
* Fix TokenAuth and rename UID to an understandable Name
* fix swagger doc
* simplify & mk redable
* R E F A C T O R:
migration has now internal 3 structs to store its options:
* the Options for WebUI: modules/auth/repo_form.go
* the Options for API: modules/structs/repo.go
* the option struct with after validation for internal prossessing: modules/migrations/base/options.go
* Copyright Header
* Deprecate UID - add RepoOwner
* adopt repo.go -> migrate.go
* add comment about each struct purpose
* lint
* Add field with isIssueWriter to front end
* Make branch field editable
* Switch frontend to form and POST from javascript
* Add /issue/id/ref endpoint to routes
* Use UpdateIssueTitle model to change ref in backend
* Removed crossreference check and adding comments on branch change
* Use ref returned from POST to update the field
* Prevent calling loadRepo from models/
* Branch/tag refreshed without page reload
* Remove filter for empty branch name
* Add clear option to tag list as well
* Delete button translation and coloring
* Fix for not showing selected branch name in new issue
* Check that branch is not being changed on a PR
* Change logic
* Notification when changing issue ref
* Fix for renamed permission parameter
* Fix for failing build
* Apply suggestions from code review
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* LFS support to be stored on minio
* Fix test
* Fix lint
* Fix lint
* Fix check
* Fix test
* Update documents and add migration for LFS
* Fix some bugs
Provides new command: `gitea doctor recreate-table` which will recreate
db tables and copy the old data in to the new table.
This function can be used to remove the old warning of struct defaults being
out of date.
Fix#8868Fix#3265Fix#8894
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Created and Updated to Milestone table and expose via API
* Expose to UI - To Overloaded ?!?
* fix unit test
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* additional data for type StopWatch in swagger api
* fix lint-backend issue with gofmt
* fix format in v1_json with 'make generate-swagger'
* using issue.LoadRepo() instead of getRepositoryByID()
Co-authored-by: jochen@homeland <no-go@localhost>
Co-authored-by: zeripath <art27@cantab.net>
* Restrict TLS connections to 1.2 minimum
* Set Argon2 as the default KDF
* Fix user.yml
* Remove TLS minversion changes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add migration as per @techknowlogick
Signed-off-by: Andrew Thornton <art27@cantab.net>
* set the password algo in the fixtures
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove the v148 migration - it needs recreate table to change the defaults
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
When adding Avatar email-hash pairs we simply want the DB table to
represent a Set. We don't care if the hash-pair is already present,
so we just simply Insert and ignore the error.
Unfortunately this seems to cause some DBs to log the duplicate
insert to their logs - looking like a bug a in Gitea.
Now, there is no standard way in SQL to say Insert but if there's
an error ignore it. MySQL has INSERT IGNORE, PostgreSQL >= 9.5 has
INSERT ... ON CONFLICT DO NOTHING, but I do not believe that SQLite
or MSSQL have variants.
This PR places the insert in a transaction which we are happy to fail
if there is an error - hopefully this will stop the unnecessary
logging.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add cron running API
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
* placate-swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* return not found
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Prevent NPE on commenting on lines with invalidated comments
Only check for a review if we are replying to a previous review.
Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.
Fix#12239
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add hack around to show the broken comments
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add migration and remove template hacks
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add a storage layer for attachments
* Fix some bug
* fix test
* Fix copyright head and lint
* Fix bug
* Add setting for minio and flags for migrate-storage
* Add documents
* fix lint
* Add test for minio store type on attachments
* fix test
* fix test
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add warning when storage migrated successfully
* Fix drone
* fix test
* rebase
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* remove log on xorm
* Fi download bug
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* refactor the codes
* add trace
* Fix test
* Add URL function to serve attachments directly from S3/Minio
* Add ability to enable/disable redirection in attachment configuration
* Fix typo
* Add a storage layer for attachments
* Add setting for minio and flags for migrate-storage
* fix lint
* Add test for minio store type on attachments
* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix drone
* fix test
* Fix test
* display the error on console
* Move minio test to amd64 since minio docker don't support arm64
* don't change unrelated files
* Fix lint
* Fix build
* update go.mod and go.sum
* Use github.com/minio/minio-go/v6
* Remove unused function
* Upgrade minio to v7 and some other improvements
* fix lint
* Fix go mod
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
* Fix bug preventing transfer to private organization
The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round
This PR fixes this issue and renames the function performing the test to be
clearer.
Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* change IsUserPartOfOrg everywhere
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.
Fix#12339
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
* Handle MSSQL constraints
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/migrations/v145.go
* Prevent hang with Sync2
* Agh it's uniques not indexes
* Let us try a different way of finding constraints on the language column
Signed-off-by: Andrew Thornton <art27@cantab.net>
* minor simplification
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Try drop index instead?
Signed-off-by: Andrew Thornton <art27@cantab.net>
The code for dropTableColumns has a slightly confusing portion whereby the session is committed for MSSQL but not for other variants.
The v102 migration doesn't actually start a transaction so this weirdness does not affect it. However it probably should attempt to run this in a transaction.
Signed-off-by: Andrew Thornton art27@cantab.net
In #12379 it was discovered that enry v2 has a maximum language length
of 34 characters which is larger than the 30 previously provided.
This PR updates the language column to 50.
Fix#12379
* Don't use legacy send for messages
* Add migrations to ensure Matrix webhooks use PUT
* Set HTTP method to PUT as default
* Fix sql condition..
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Rename getTxnID -> getMatrixTxnID
* Use local variable instead of constant value
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Support use nvarchar for all varchar columns when using mssql
* fix lint
* Change DEFAULT_VARCHAR to nvarchar
* Remove the config for default varchar since it's unnecessary
* Update Octicons to v10
Besides a few renames, these icons are no longer present in v10 that we've
used, so had to change:
file-symlink-directory -> file-submodule
internal-repo -> repo
repo-force-push -> repo-push
repo-template-private -> repo-template
Fixes: https://github.com/go-gitea/gitea/issues/11889
Ref: https://github.com/primer/octicons/releases/tag/v10.0.0
* add custom sliders svg for removed octicon-settings
* apply suggestion
* fix triangles and use play on admin dashboard
* add custom mirror svg
* add missing build files
* unify custom svgs
* move to octicon-repo-clone to gitea-mirror
* use octicon-x on conflicts
* tweak timeline icons
* tweak comment buttons
* update settings icon to octicons v1
* switch to octicon-mirror and octicon-tools
* replace two wiki buttons with octicons
* remove whitespace in svg sources
* Fix filepath basename on Windows for SVG bindata (#12241)
* move octicons to devDependencies
* move back to dependencies
* move svgo to devDependencies again
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
NewTestEngine() takes a *xorm.Engine as its argument, and then immediately overwrites it.
This fixes the model package to not take an unneeded variable, and changes the routers package to not create a nil *xorm.Engine that is immediately discarded by model.
* Extend notifications API and return pinned notifications in notifications list
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix swagger again
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix test
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove spurious debugs
* as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/notification.go
* as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
When attempting to verify subkeys the email address verification step
requires checking the emails however, these emails are not stored on
subkeys but instead on the primary key.
This PR will obtain the primaryKey and check against these emails too.
Fix#12128
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Provide option to unlink a fork
Fix#4566
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
Co-authored-by: techknowlogick <matti@mdranta.net>
* Add check that user can create repo
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @cirnoT
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
Fixes a wrong 302 redirect to the login page, see https://github.com/go-gitea/gitea/issues/11989.
Also made it so the reserved username list is extended with those known
entries so we avoid code duplication.
Should be backported to 1.12.
* Add comment on non-unicode line to force fail
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just quote/unquote patch
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use ID or Where to instead directly use Get when load object from database
* Apply suggestions from code review
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
* Invalidate comments when file is shortened
Fix#10686
Signed-off-by: Andrew Thornton <art27@cantab.net>
* handle 1 line
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add count to `GetUserRepositories` so that pagination can be supported for `/user/{username}/repos`
* Rework ListMyRepos to use models.SearchRepository
ListMyRepos was an odd one. It first fetched all user repositories and then tried to supplement them with accessible map. The end result was that:
* Limit for pagination did not work because accessible repos would always be appended
* The amount of pages was incorrect if one were to calculate it
* When paginating, all accessible repos would be shown on every page
Hopefully it should now work properly. Fixes#11800 and does not require any change on Drone-side as it can properly interpret and act on Link header which we now set.
Co-authored-by: Lauris BH <lauris@nix.lv>
* Add migration to set IsArchived false if it is null
Fix#11824
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add doctor
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add hide activity option
This closes https://github.com/go-gitea/gitea/issues/7927
* Adjust for linter
* Adjust for linter
* Add tests
* Remove info that admins can view the activity
* Adjust new tests for linter
* Rename v139.go to v140.go
* Rename v140.go to v141.go
* properly indent
* gofmt
Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Show multiple octicons on repo list
* fix mixed spaces/tabs
* Internal repo octicon
* show internal icon in dashboard repolist
* swagger
* fix icon for normal repo on repo page
* don't expose owner visibility directly; provide internal in repo api
* fix icons for forks and mirrors
Co-authored-by: Lauris BH <lauris@nix.lv>
* Change language statistics to save size instead of percentage in database
Co-Authored-By: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
* Do not exclude if only language
* Fix edge cases with special langauges
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
* [FEATURE] [API] Add Endpoint for Branch Creation
Issue: https://github.com/go-gitea/gitea/issues/11376
This commit introduces an API endpoint for branch creation.
The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.
Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>
* Put all the logic into CreateBranch and removed CreateRepoBranch
* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.
* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests
* Moved the resetFixtures call inside the loop for APICreateBranch function
* Put the prepareTestEnv back in repo_branch_test
* fix import order/sort api branch test
Co-authored-by: zeripath <art27@cantab.net>
needed to fix issue as described in #10280
* rename check-db to check-db-version
* add check-db-consistency:
* find issues without existing repository
* find pulls without existing issues
* find tracked times without existing issues/pulls
* find labels without repository or org reference
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
GH has different HardBreaks behaviour for markdown comments and documents.
Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting.
Here we split the setting in to two - one for documents and one for comments and other things.
Signed-off-by: Andrew Thornton art27@cantab.net
Changes to index.js as per @silverwind
Co-authored-by: silverwind <me@silverwind.io>
Changes to docs as per @guillep2k
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix repo-list private and total count bugs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure limited and private org public repos are displayed on "private"
Signed-off-by: Andrew Thornton <art27@cantab.net>
* switch from onlyPrivate to is_private
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Generate swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Ensure that we can see public repositories in private organization
Fix#10144 (Again)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix Admin users and organizations page
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/repo_list.go
Co-authored-by: Lauris BH <lauris@nix.lv>
* Allow all members of private orgs to see public repos
Fix#10144
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/repo_list.go
Co-authored-by: Lauris BH <lauris@nix.lv>
* Refactor Cron and merge dashboard tasks
* Merge Cron and Dashboard tasks
* Make every cron task report a system notice on completion
* Refactor the creation of these tasks
* Ensure that execution counts of tasks is correct
* Allow cron tasks to be started from the cron page
* golangci-lint fixes
* Enforce that only one task with the same name can be registered
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix name check
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @guillep2k
* as per @lafriks
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add git.CommandContext variants
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make API EditIssue and EditPullRequest issue notifications
Restructure models.UpdateIssueByAPI and EditIssue/EditPullRequest
to issue notifications
Fix#10014
Signed-off-by: Andrew Thornton <art27@cantab.net>
* As per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update status!
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Add archived options to SearchRepository
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add only-private search
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add filter options and paging to dashboard repository page
Signed-off-by: Andrew Thornton <art27@cantab.net>
* swagger generate
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix-swagger-again
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @mrsdizzie also remember state
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Properly generate ref URLs
Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of
src/tags/1.0.0).
Also cleans up some code around it with the created helper functions.
* Fix formatting and create migration
* Add copyright head to utils_test
* Use a raw query for the ref migration
* Remove semicolon
* Quote column and table names in migration SQL
* Change || to CONCAT, since MSSQL does not support ||
* Make migration engine aware
* Add missing import
* Move ref EndName and URL to the issue service
* Fix tests
* Add test for commit refs
* Update issue.go
* Use the right command for building JavaScript bundles
* Prepare for merge
* Check for refs/* before prepending in migration
* Update services/issue/issue_test.go
* Update modules/git/utils_test.go
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
* Correctly set the organization num repos
Correctly set the organization num repos to the number of
accessible repos for the user
Fix#11194
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
* attempt to fix mssql
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/user.go
* Explicit columns
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add test and fix 0 counted orgs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove orgname from api
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set background of openIDConnect logo to white in arc-green theme
* Fixed linting off arc-green theme
Signed-off-by: Leo Maroni <git@em0lar.de>
* Revert changes of first commit (white background) and replaced the image
* Updated openid_connect (part 2)
* Update public/img/auth/openid_connect.svg
Now in one line
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
prevent double entries in results of GetOrgsCanCreateRepoByUserID
I first try to only add GroupBy directly but xorm return broken user objects ...
... solution was to just query related UserIDs(OrgIDs) first and return OrgUsers based on this IDs
close#11258
Co-authored-by: zeripath <art27@cantab.net>
* Fix creation of Org repos
Fix go-gitea#9269
* Change variable name to appease linter
* Update PR with suggestions
Add a note for user.CanCreateRepo() about failure assumptions
Change repo.create help message
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Instead of further handling requests to public which causes issues like #11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion.
I also added fomantic to the reserved usernames and sorted the list.
Fixes: #11088
* Add a way to mark Conversation (code comment) resolved
mark Conversation is a way to mark a Conversation is stale
or be solved. when it's marked as stale, will be hided like
stale. all Pull Request writer , Offical Reviewers and poster
can add or remove Conversation resolved mark.
Signed-off-by: a1012112796 <1012112796@qq.com>
* fix lint
* Apply suggestions from code review
* Add ResolveDoer
* fix ui
Co-Authored-By: Lauris BH <lauris@nix.lv>
Co-Authored-By: 6543 <6543@obermui.de>
* change IsResolved to an function
Add permission check in UpdateResolveConversation
* Apply suggestions from code review
* change return error for permisson check
* add default message for deleted user
* get issue message from comment
* add migration for ``ResolveDoerID`` column
another change:
* block mark pending review as resolved because it's not necessary
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* change button color
* resolve button size
* fix code style
* remove unusefull code
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix InsertReleases Nil Insert on Attachments
* FIX "No element on slice when insert" & smal refactor
* again
* impruve
* rm useles newline
* Apply suggestions from code review
Co-Authored-By: zeripath <art27@cantab.net>
* process insert as a whole
Co-authored-by: zeripath <art27@cantab.net>
* Cache PullRequest Divergence
* only re-calc divergence if AddTestPullRequestTask() is exec
* migrate already open pulls
* finalize
* take care of closed¬-merged+deleted-branch pull requests
* fix nil pointer exeption
Signed-off-by: 6543 <6543@obermui.de>
* try this
* no error its a warn
* init gitea-repositories-meta
* dont use gitDivergence type
* CI.restart()
* CI.restart()
* CI.restart()
* CI.restart()
* check IsUserAllowedToUpdate independend from CommitsBehind
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
* fix some bug about Request review
* fix ``CreateComment`` wrong using ,it will not work when use Sqlite
* fix wrong js click event code , it will send wrong data when it has
many choices
Signed-off-by: a1012112796 <1012112796@qq.com>
* Apply suggestions from code review
Co-Authored-By: Lauris BH <lauris@nix.lv>
* add getReviewerByIssueIDAndUserID
fix wrong conditions check in initIssueComments after #10972
* call CI again
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Update header.tmpl
* Update _repository.less
* Update pull.go
* Update indexer.go
* Update pull.go
* Update pull.go
* Update indexer.go
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
* fix forked repo doesn't have language stat
Thanks the advice from lunny and 6543.
* fix forked repo doesn't have language stat
Modified as suggested by 6543.
* fix forked repo doesn't have language stat
simplify the function.
* fix forked repo doesn't have language stat
update the indexer after the loop
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* remove a user from being assigned to any issue/PR if (s)he is removed as a collaborator
* fix gender specific comment
* do not remove users that still have access to the repo if they are a member of a team that can access the repo
* add context to errors
* updates
* incorporate review fixes
* Update models/repo_collaboration.go
Co-Authored-By: 6543 <6543@obermui.de>
* Update models/repo_collaboration.go
Co-Authored-By: 6543 <6543@obermui.de>
* Fix Rebase Relict
* Fix & Impruve
* use xorm builder
* all in one session
* generalize reconsiderIssueAssignees
* Only Unwatch if have no access anymore
* prepare for reuse
* Same things if remove User from Team
* fix lint
* let mysql take time to react
* add description
* CI.restart()
* CI.restart()
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* add request review feature in pull request
add a way to notify specific reviewers to review like github , by add or delet a special type
review . The acton is is similar to Assign , so many code reuse the function and items of
Assignee, but the meaning and result is different.
The Permission style is is similar to github, that only writer can add a review request from Reviewers,
but the poster can recall and remove a review request after a reviwer has revied even if he don't have
Write Premission. only manager , the poster and reviewer of a request review can remove it.
The reviewers can be requested to review contain all readers for private repo , for public, contain
all writers and watchers.
The offical Review Request will block merge if Reject can block it.
an other change: add ui otify for Assignees.
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Signed-off-by: a1012112796 <1012112796@qq.com>
* new change
* add placeholder string
* do some changes follow #10238 to add review requests num on lists also
change icon for review requests to eye
Co-authored-by: Lauris BH <lauris@nix.lv>
* Add `gitea doctor --list` flag to list the checks that will be run, including those by default
* Add `gitea doctor --run` to run specific checks
* Add `gitea doctor --all` to run all checks
* Add db version checker
* Add non-default recalculate merge bases check/fixer to doctor
* Add hook checker (Fix#9878) and ensure hooks are executable (Fix#6319)
* Fix authorized_keys checker - slight change of functionality here because parsing the command is fragile and we should just check if the authorized_keys file is essentially the same as what gitea would produce. (This is still not perfect as order matters - we should probably just md5sum the two files.)
* Add SCRIPT_TYPE check (Fix#10977)
* Add `gitea doctor --fix` to attempt to fix what is possible to easily fix
* Add `gitea doctor --log-file` to set the log-file, be it a file, stdout or to switch off completely. (Fixes previously undetected bug with certain xorm logging configurations - see @6543 comment.)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* change the icon of ApproveReview pr from "eye" to "check" like github
* change the icon of RejectReview pr from "x" to "request-change" like github
* add "-" after "{{" which need to be one line (TODO: may be not change all)
Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add organization wide labels
Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).
This makes it possible for small organizations with many repos to use
labels effectively.
Fixes#7406
* Add migration
* remove comments
* fix tests
* Update options/locale/locale_en-US.ini
Removed unused translation string
* show org labels in issue search label filter
* Use more clear var name
* rename migration after merge from master
* comment typo
* update migration again after rebase with master
* check for orgID <=0 per guillep2k review
* fmt
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* remove unused code
* Make sure RepoID is 0 when searching orgID per code review
* more changes/code review requests
* More descriptive translation var per code review
* func description/delete comment when issue label deleted instead of hiding it
* remove comment
* only use issues in that repo when calculating number of open issues for org label on repo label page
* Add integration test for IssuesSearch API with labels
* remove unused function
* Update models/issue_label.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Use subquery in GetLabelIDsInReposByNames
* Fix tests to use correct orgID
* fix more tests
* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well
* update comment for clarity
* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition
* Don't sort repos by date in IssuesSearch API
After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45
Returns different results for MySQL than other engines. However, the similar query:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30
Returns the same results.
This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.
* linter is back!
* code review
* remove now unused option
* Fix newline at end of files
* more unused code
* update to master
* check for matching ids before query
* Update models/issue_label.go
Co-Authored-By: 6543 <6543@obermui.de>
* Update models/issue_label.go
* update comments
* Update routers/org/setting.go
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
* Fix broken merge base migration v128 for merged PR
* Allow PRs with deleted base branches to still show diff
* as per @lunny
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix milestones too many SQL variables bug
* Fix test
* Don't display repositories with no milestone and fix tests
* Remove unused code and add some comments
* upgrade golangci-lint to 1.24.0 to allow go 1.14 compatibility
* fix golangci-lint errors
* make make golangci-lint work when out of go-path
Signed-off-by: Andrew Thornton <art27@cantab.net>
Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.
This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.
References #10815 - and prevents the panic but does not completely fix
this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen
Fix#3985
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Pass up the unable to verify
* Add Matrix webhook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add template and related translations for Matrix hook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add actual webhook routes and form
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add missing file
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Update modules/webhook/matrix_test.go
* Use stricter regex to replace URLs
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Escape url and text
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Remove unnecessary whitespace
* Fix copy and paste mistake
Co-Authored-By: Tulir Asokan <tulir@maunium.net>
* Fix indention inconsistency
* Use Authorization header instead of url parameter
* Add raw commit information to webhook
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs
Fix#10460
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
speed up page generation by making avatar lookup occur at the browser
not at page generation
* Protect against evil email address ".."
* hash the complete email address
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Option to set default branch at repository creation
* Handle template repos with non-default master branch
* Add DefaultBranch handling on creation to API
Fix#9542
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create system webhook column (and migration)
* Create system webhook DB methods
Based on the default webhook ones
* Modify router to handle system webhooks and default ones
* Remove old unused admin nav template
* Adjust orgRepoCtx to differentiate system and default webhook URLs
* Assign IsSystemWebhook when creating webhooks
* Correctly use booleans for IsSystemWebhook
* Use system webhooks when preparing webhooks for payload
* Add UI and locale changes
* Use router params to differentiate admin hook pages
* Fix deleting admin webhooks and rename method
* Add clarity to webhook docs
* Revert "Remove old unused admin nav template"
This reverts commit 191a20a738.
* Rename WebHooksNewPost to GiteaHooksNewPost for clarity
* Reintroduce blank line lost during merge conflict
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>