Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-24 18:56:11 +01:00
Commit graph

491 commits

Author SHA1 Message Date
Lunny Xiao b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
Hugo Hoitink 6473bd333a
In code search, get code unit accessible repos in one (main) query (#19764)
* When non-admin users use code search, get code unit accessible repos in one main query

* Modified some comments to match the changes

* Removed unnecessary check for Access Mode in Collaboration table

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-06-16 02:24:10 +03:00
Lauris BH 1f8f9c3826
Remove tab/TabName usage where it's not needed (#19973)
`tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
2022-06-15 23:05:32 +08:00
Lunny Xiao 1a9821f57a
Move issues related files into models/issues (#19931)
* Move access and repo permission to models/perm/access

* fix test

* fix git test

* Move functions sequence

* Some improvements per @KN4CK3R and @delvh

* Move issues related code to models/issues

* Move some issues related sub package

* Merge

* Fix test

* Fix test

* Fix test

* Fix test

* Rename some files
2022-06-13 17:37:59 +08:00
Lunny Xiao 110fc57cbc
Move some code into models/git (#19879)
* Move access and repo permission to models/perm/access

* fix test

* Move some git related files into sub package models/git

* Fix build

* fix git test

* move lfs to sub package

* move more git related functions to models/git

* Move functions sequence

* Some improvements per @KN4CK3R and @delvh
2022-06-12 23:51:54 +08:00
Gusted edf14202fe
Unify repo settings & show better error (#19828)
* Unify context data
* Actually show invalid url in error
2022-06-12 13:43:27 +08:00
xkcdstickfigure 47bb06236d
fixed comment typo (#19944) 2022-06-11 14:54:08 -04:00
6543 a9cc9c0f7a
Auto merge pull requests when all checks succeeded via WebUI (#19648)
Add WebUI part of Auto merge feature

close #19621

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-11 16:44:20 +02:00
Lunny Xiao ce3dd04c63
Fix some mirror bugs (#18649)
* Fix some mirror bugs

* Remove unnecessary code

* Fix lint

* rename stdard url

* Allow more charactors in git ssh protocol url

* improve the detection

* support ipv6 for git url parse

* Fix bug

* Fix template

* Fix bug

* fix template

* Fix tmpl

* Fix tmpl

* Fix parse ssh with interface

* Rename functions name

Co-authored-by: zeripath <art27@cantab.net>
2022-06-11 21:50:14 +08:00
Sandro Santilli 52c2e82813
Custom regexp external issues (#17624)
* Implement custom regular expression for external issue tracking.

Signed-off-by: Alexander Beyn <malex@fatelectrons.org>

* Fix syntax/style

* Update repo.go

* Set metas['regexp']

* gofmt

* fix some tests

* fix more tests

* refactor frontend

* use LRU cache for regexp

* Update modules/markup/html_internal_test.go

Co-authored-by: Alexander Beyn <malex@fatelectrons.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-10 13:39:53 +08:00
wxiaoguang a0051634b9
Refactor git module, make Gitea use internal git config (#19732)
* Refactor git module, make Gitea use internal git config, add safe.directory config

* introduce git.InitSimple and git.InitWithConfigSync, make serv cmd use gitconfig

* use HOME instead of GIT_CONFIG_GLOBAL, because git always needs a correct HOME

* fix cmd env in cmd/serv.go

* fine tune error message

* Fix a incorrect test case

* fix configAddNonExist

* fix configAddNonExist logic, add `--fixed-value` flag, add tests

* add configSetNonExist function in case it's needed.

* use configSetNonExist for `user.name` and `user.email`

* add some comments

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/git/git.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/setting/setting.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/git/repo_attribute.go

Co-authored-by: zeripath <art27@cantab.net>

* fix spaces in messages

* use `configSet("core.protectNTFS", ...)` instead of `globalCommandArgs`

* remove GIT_CONFIG_NOSYSTEM, continue to use system's git config

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* fix merge

* remove code for safe.directory

* separate git.CommonEnvs to CommonGitCmdEnvs and CommonCmdServEnvs

* avoid Golang's data race error

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-10 09:57:49 +08:00
Roger Luo 2ae45cebbf
Feature: Find files in repo (#15028)
* Create finding files page ui in repo page

* Get tree entries for find repo files.

* Move find files JS to individual file.

* gen swagger.

* Add enry.IsVendor to exclude entries

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-09 14:15:08 +03:00
Lauris BH f92b7a6331
Add support for rendering terminal output with colors (#19497) 2022-06-09 00:46:39 +03:00
zeripath ac88f21ecc
Automatically render wiki TOC (#19873)
Automatically add sidebar in the wiki view containing a TOC for the wiki page.
Make the TOC collapsable

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-08 16:59:16 +08:00
zeripath d8236f1b16
Ensure minimum mirror interval is reported on settings page (#19895)
* Ensure minimum mirror interval is reported on settings page

Expecting users to guess the minimum mirror interval appears a little unkind.
In this PR we simply change the locale string to include the minimum interval.
This will of course be affected by our current localization framework but...
we can fix that else where.

This PR also includes some fixes for error handling on the settings page as
previously the mirror block amongst others would simply disappear on error.

Fix #3737

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update options/locale/locale_en-US.ini

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update options/locale/locale_en-US.ini

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-06-07 13:40:12 -04:00
Lunny Xiao 26095115f4
Move some repository related code into sub package (#19711)
* Move some repository related code into sub package

* Move more repository functions out of models

* Fix lint

* Some performance optimization for webhooks and others

* some refactors

* Fix lint

* Fix

* Update modules/repository/delete.go

Co-authored-by: delvh <dev.lh@web.de>

* Fix test

* Merge

* Fix test

* Fix test

* Fix test

* Fix test

Co-authored-by: delvh <dev.lh@web.de>
2022-06-06 16:01:49 +08:00
Mai-Lapyst 090d89e0f9
Fixing wrong paging when filtering on the issue dashboard (#19801)
Fixes #19791 by adding an check if filtering after any repo; if yes, simply set the total count for the pageing to the sum of the issue count for each selected repo by utilize `issueCountByRepo`.

Fix #19791
2022-06-04 21:12:14 +01:00
Gusted 744e452185
Move /info outside authorization (#19888)
- To use the web's API to get information about a issue/pull on a
repository, doesn't require authorization(nor that the repository isn't
archived).
- Regressed by: #19318


Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-06-04 21:10:54 +01:00
zeripath 449ea6005f
Exclude Archived repos from Dashboard Milestones (#19882)
Milestones in archived repos should not be displayed on `/milestones`. Therefore
we should exclude these repositories from milestones page.

Fix #18257

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-04 19:30:01 +01:00
Paweł Bogusławski 14d96ff7ac
Disable unnecessary mirroring elements (#18527)
* Disable unnecessary mirroring elements

This mod fixes disabling unnecessary mirroring elements.

Related: https://github.com/go-gitea/gitea/pull/16957
Related: https://github.com/go-gitea/gitea/pull/13084
Author-Change-Id: IB#1105104

* Checkbox rendering disabled instead of hiding it

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#pullrequestreview-878061913
Author-Change-Id: IB#1105104

* Update custom/conf/app.example.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Mirror filter removed only when whole mirroring feature is disabled

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#discussion_r883268890
Author-Change-Id: IB#1105104

Co-authored-by: silverwind <me@silverwind.io>
2022-06-04 19:42:17 +08:00
Mai-Lapyst 4698a1ec47
Adding button to link accounts from user settings (#19792)
* Adding button to link accounts from user settings

* Only display button to link user accounts when at least one OAuth2 provider is active
2022-05-29 02:03:17 +02:00
zeripath 93ab90743d
Prevent loop if there is an error in GetNotificationCount (#19799)
If the context is cancelled `.NotificationUnreadCount` in a template can
cause an infinite loop with `ctx.ServerError()` being called, which
creates a template that then calls `.NotificationUnreadCount` calling
`GetNotificationCount()` with the cancelled context resulting in an
error that calls `ctx.ServerError`... and so on...

This PR simply stops calling `ctx.ServerError` in the error handler code
for `.NotificationUnreadCount` as we have already started rendering and
so it is too late to call `ctx.ServerError`. Additionally we skip
logging the error if it's a context cancelled error.

Fix #19793

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-25 08:51:53 +08:00
zeripath 468387e9ce
Prevent NPE when cache service is disabled (#19703)
The cache service can be disabled - at which point ctx.Cache will be nil
and the use of it will cause an NPE.

The main part of this PR is that the cache is used for restricting
resending of activation mails and without this we cache we cannot
restrict this. Whilst this code could be re-considered to use the db and
probably should be, I think we can simply disable this code in the case
that the cache is disabled.

There are also several bug fixes in the /nodeinfo API endpoint.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-05-21 22:29:49 +08:00
Lunny Xiao fd7d83ace6
Move almost all functions' parameter db.Engine to context.Context (#19748)
* Move almost all functions' parameter db.Engine to context.Context
* remove some unnecessary wrap functions
2022-05-20 22:08:52 +08:00
Lunny Xiao d81e31ad78
Move org functions (#19753)
* Move org functions

* Fix comment
2022-05-20 12:20:51 +02:00
Guo Y.K 3e5ea9a978
Update base.go (#19739)
use http.StatusTemporaryRedirect(307) when serve avatar directly

browser caches 301 redirections, pre-signed s3 url would expire at some later point

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-19 11:20:34 -04:00
Gusted 71ca131582
Fix issue overview for teams (#19652)
- Don't use hacky solution to limit to the correct RepoID's, instead use
current code to handle these limits. The existing code is more correct
than the hacky solution.
- Resolves #19636
- Add test-case
2022-05-16 17:49:17 +08:00
6543 00a981d341
Update go-chi/cache to utilize Ping() (#19719)
* update gitea.com/go-chi/cache -> v0.2.0

* ajust to new interface

* refactor
2022-05-15 20:43:27 +02:00
6543 b135313c47
[Refactor] convert team(s) to apiTeam(s) (#13745)
* Refactor: teams to api convert

* make org load optional

* more info in tests
2022-05-13 19:27:58 +02:00
Lunny Xiao ea38e90e6b
Fix oauth setting list bug (#19682) 2022-05-11 21:06:02 +08:00
Lunny Xiao cbd45471b1
Move access and repo permission to models/perm/access (#19350)
* Move access and repo permission to models/perm/access

* Remove unnecessary code
2022-05-11 12:09:36 +02:00
silverwind 318f360252
Update go tool dependencies (#19676)
* Update go tool dependencies

Updated all tool dependencies to latest tags, hoping CI will like it.

* fix new lint errors

* handle more strings.Title cases

* remove lint skip
2022-05-10 23:55:54 +02:00
Lunny Xiao 64a40962cc
Fix new release from tags list UI (#19670) 2022-05-10 15:41:37 +03:00
KN4CK3R 3da9dafc60
Add Webfinger endpoint (#19462)
This adds the [Webfinger](https://webfinger.net/) endpoint for federation.

Supported schemes are `acct` and `mailto`. The profile and avatar url are returned as metadata.
2022-05-09 20:20:21 +02:00
zeripath 9f5ddca57c
Set the LastModified header for raw files (#18356)
Although the use of LastModified dates for caching of git objects should be
discouraged (as it is not native to git - and there are a LOT of ways this
could be incorrect) - LastModified dates can be a helpful somewhat more human
way of caching for simple cases.

This PR adds this header and handles the If-Modified-Since header to the /raw/
routes.

Fix #18354

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-05-09 17:54:51 +02:00
KN4CK3R a9ca4b4100
Calculate filename hash only once (#19654)
* Calculate hash only once.

* remove unused Sha1 template helper function, use ctx.Data["FileNameHash"]

* fix unit tests
2022-05-09 00:29:50 +02:00
Lunny Xiao 9efa47131f
Admin should not delete himself (#19423)
Admin should not be able to delete themselves.

Also partially fix #15449
2022-05-08 21:22:55 +01:00
Lunny Xiao 4ca1d7547a
Move some helper files out of models (#19355)
* Move some helper files out of models

* Some improvements

Co-authored-by: delvh <dev.lh@web.de>
2022-05-08 18:46:32 +02:00
Lunny Xiao d4834071da
Repository level enable package or disable (#19323) 2022-05-08 17:51:50 +02:00
6543 6a969681cd
Delete related PullAutoMerge and ReviewState on User/Repo Deletion (#19649)
* delete pullautomerges on repo/user deletion
* delete reviewstates on repo/user deletion
* optimize automerhe code
* add index to reviewstate
2022-05-08 15:46:34 +02:00
Lunny Xiao 4344a64107
Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
* Allow custom default merge message with .gitea/MERGE_MESSAGE_<merge_style>_TEMPLATE.md

* Some improvements

* Follow some advices

* Fix bug

* Fix bug

* Fix lint

* Fix close comment

* Fix test

* Fix and docs

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* Fix test

* improve code

* ignore unknow unit type

* return error for GetDefaultMergeMessage

* Update services/pull/merge.go

* Some improvements

* Follow some advices

* Fix bug

* Fix lint

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* improve code

* Handle deleted HeadRepo in GetDefaultMergeMessage

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix test

* Fix test

Co-authored-by: zeripath <art27@cantab.net>
2022-05-08 20:32:45 +08:00
delvh 5ca224a789
Allow to mark files in a PR as viewed (#19007)
Users can now mark files in PRs as viewed, resulting in them not being shown again by default when they reopen the PR again.
2022-05-07 20:28:10 +02:00
kolaente 59b30f060a
Auto merge pull requests when all checks succeeded via API (#9307)
* Fix indention

Signed-off-by: kolaente <k@knt.li>

* Add option to merge a pr right now without waiting for the checks to succeed

Signed-off-by: kolaente <k@knt.li>

* Fix lint

Signed-off-by: kolaente <k@knt.li>

* Add scheduled pr merge to tables used for testing

Signed-off-by: kolaente <k@knt.li>

* Add status param to make GetPullRequestByHeadBranch reusable

Signed-off-by: kolaente <k@knt.li>

* Move "Merge now" to a seperate button to make the ui clearer

Signed-off-by: kolaente <k@knt.li>

* Update models/scheduled_pull_request_merge.go

Co-authored-by: 赵智超 <1012112796@qq.com>

* Update web_src/js/index.js

Co-authored-by: 赵智超 <1012112796@qq.com>

* Update web_src/js/index.js

Co-authored-by: 赵智超 <1012112796@qq.com>

* Re-add migration after merge

* Fix frontend lint

* Fix version compare

* Add vendored dependencies

* Add basic tets

* Make sure the api route is capable of scheduling PRs for merging

* Fix comparing version

* make vendor

* adopt refactor

* apply suggestion: User -> Doer

* init var once

* Fix Test

* Update templates/repo/issue/view_content/comments.tmpl

* adopt

* nits

* next

* code format

* lint

* use same name schema; rm CreateUnScheduledPRToAutoMergeComment

* API: can not create schedule twice

* Add TestGetBranchNamesForSha

* nits

* new go routine for each pull to merge

* Update models/pull.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update models/scheduled_pull_request_merge.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* fix & add renaming sugestions

* Update services/automerge/pull_auto_merge.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* fix conflict relicts

* apply latest refactors

* fix: migration after merge

* Update models/error.go

Co-authored-by: delvh <dev.lh@web.de>

* Update options/locale/locale_en-US.ini

Co-authored-by: delvh <dev.lh@web.de>

* Update options/locale/locale_en-US.ini

Co-authored-by: delvh <dev.lh@web.de>

* adapt latest refactors

* fix test

* use more context

* skip potential edgecases

* document func usage

* GetBranchNamesForSha() -> GetRefsBySha()

* start refactoring

* ajust to new changes

* nit

* docu nit

* the great check move

* move checks for branchprotection into own package

* resolve todo now ...

* move & rename

* unexport if posible

* fix

* check if merge is allowed before merge on scheduled pull

* debugg

* wording

* improve SetDefaults & nits

* NotAllowedToMerge -> DisallowedToMerge

* fix test

* merge files

* use package "errors"

* merge files

* add string names

* other implementation for gogit

* adapt refactor

* more context for models/pull.go

* GetUserRepoPermission use context

* more ctx

* use context for loading pull head/base-repo

* more ctx

* more ctx

* models.LoadIssueCtx()

* models.LoadIssueCtx()

* Handle pull_service.Merge in one DB transaction

* add TODOs

* next

* next

* next

* more ctx

* more ctx

* Start refactoring structure of old pull code ...

* move code into new packages

* shorter names ... and finish **restructure**

* Update models/branches.go

Co-authored-by: zeripath <art27@cantab.net>

* finish UpdateProtectBranch

* more and fix

* update datum

* template: use "svg" helper

* rename prQueue 2 prPatchCheckerQueue

* handle automerge in queue

* lock pull on git&db actions ...

* lock pull on git&db actions ...

* add TODO notes

* the regex

* transaction in tests

* GetRepositoryByIDCtx

* shorter table name and lint fix

* close transaction bevore notify

* Update models/pull.go

* next

* CheckPullMergable check all branch protections!

* Update routers/web/repo/pull.go

* CheckPullMergable check all branch protections!

* Revert "PullService lock via pullID (#19520)" (for now...)

This reverts commit 6cde7c9159a5ea75a10356feb7b8c7ad4c434a9a.

* Update services/pull/check.go

* Use for a repo action one database transaction

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update services/issue/status.go

Co-authored-by: delvh <dev.lh@web.de>

* Update services/issue/status.go

Co-authored-by: delvh <dev.lh@web.de>

* use db.WithTx()

* gofmt

* make pr.GetDefaultMergeMessage() context aware

* make MergePullRequestForm.SetDefaults context aware

* use db.WithTx()

* pull.SetMerged only with context

* fix deadlock in `test-sqlite\#TestAPIBranchProtection`

* dont forget templates

* db.WithTx allow to set the parentCtx

* handle db transaction in service packages but not router

* issue_service.ChangeStatus just had caused another deadlock :/
it has to do something with how notification package is handled

* if we merge a pull in one database transaktion, we get a lock, because merge infoce internal api that cant handle open db sessions to the same repo

* ajust to current master

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* dont open db transaction in router

* make generate-swagger

* one _success less

* wording nit

* rm

* adapt

* remove not needed test files

* rm less diff & use attr in JS

* ...

* Update services/repository/files/commit.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* ajust db schema for PullAutoMerge

* skip broken pull refs

* more context in error messages

* remove webUI part for another pull

* remove more WebUI only parts

* API: add CancleAutoMergePR

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* fix lint

* Apply suggestions from code review

* cancle -> cancel

Co-authored-by: delvh <dev.lh@web.de>

* change queue identifyer

* fix swagger

* prevent nil issue

* fix and dont drop error

* as per @zeripath

* Update integrations/git_test.go

Co-authored-by: delvh <dev.lh@web.de>

* Update integrations/git_test.go

Co-authored-by: delvh <dev.lh@web.de>

* more declarative integration tests (dedup code)

* use assert.False/True helper

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-08 01:05:52 +08:00
KN4CK3R 8adba93498
Hide private repositories in packages (#19584) 2022-05-07 18:21:15 +02:00
Gusted 0eac09e066
Improve reviewing PR UX (#19612) 2022-05-07 01:35:12 -04:00
wxiaoguang 7b089c465d
Remove RequireHighlightJS field, update plantuml example. (#19615) 2022-05-05 10:53:38 +03:00
ttys3 e933f31426
Add health check endpoint (#18465)
* chore: add health check endpoint

docs: update document about health check

fix: fix up Sqlite3 ping. current ping will success even if the db file is missing

fix: do not expose privacy information in output field

* refactor: remove HealthChecker struct

* Added `/api/healthz` to install routes.

This was needed for using /api/healthz endpoint in Docker healthchecks,
otherwise, Docker would never become healthy if using healthz endpoint
and users would not be able to complete the installation of Gitea.

* Update modules/cache/cache.go

* fine tune

* Remove unnecessary test code. Now there are 2 routes for installation (and maybe more in future)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Marcos de Oliveira <marcossantos@furb.br>
2022-05-04 14:56:20 +03:00
Gusted cc3016f70d
Use correct context in routers/web (#19597)
- Don't use the `APIContext` in the web routers.
2022-05-03 23:38:34 +02:00
6543 92f139d091
Use for a repo action one database transaction (#19576)
... more context

(part of #9307)
2022-05-03 21:46:28 +02:00
99rgosse 438646e0b5
Handle the error of a missing blob object fix #19530 (#19552)
* Handle the error of a missing blob object

* Show error in logs

* as per @zeripath

* Add missing error check

* Add missing error check

* Update compare.go

* Use formal code

* Update compare.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-02 18:46:50 +02:00
wxiaoguang c18d8d6968
Remove legacy +build: constraint (#19582)
Go 1.17 and later use modern `//go:build` constraints, the old `// +build:` constraints should be removed.
2022-05-02 23:22:45 +08:00
6543 e2a3f3d259
Federation: return useful statistic information for nodeinfo (#19561)
Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
2022-05-02 21:35:45 +08:00
Jimmy Praet 5aebc4f000
Respect DefaultUserIsRestricted system default when creating new user (#19310)
* Apply DefaultUserIsRestricted in CreateUser

* Enforce system defaults in CreateUser

Allow for overwrites with CreateUserOverwriteOptions

* Fix compilation errors

* Add "restricted" option to create user command

* Add "restricted" option to create user admin api

* Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed

* Revert "Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed"

This reverts commit ee95d3e8dc.
2022-04-29 15:38:11 -04:00
qwerty287 8eb1cd9264
Add "Allow edits from maintainer" feature (#18002)
Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7).
If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option.
Then users with write access to the base branch get more permissions on this branch:
* use the update pull request button
* push directly from the command line (`git push`)
* edit/delete/upload files via web UI
* use related API endpoints

You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions.

This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR.

Closes #17728

Co-authored-by: 6543 <6543@obermui.de>
2022-04-28 17:45:33 +02:00
6543 06e4687cec
more context for models (#19511)
make more usage of context, to have more db transaction in one session

(make diff of  #9307 smaller)
2022-04-28 13:48:48 +02:00
John Olheiser 3e8aa42a1b
Update image URL for Discord webhook (#19536)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2022-04-27 20:23:27 -05:00
Lunny Xiao 5651c650c0
When view _Siderbar or _Footer, just display once (#19501)
Co-authored-by: zeripath <art27@cantab.net>
2022-04-26 19:24:20 -04:00
parnic cdab46220d
Add commit status popup to issuelist (#19375)
This gets the necessary data to the issuelist for it to support a clickable commit status icon which pops up the full list of commit statuses related to the commit. It accomplishes this without any additional queries or fetching as the existing codepath was already doing the necessary work but only returning the "last" status. All methods were wrapped to call the least-filtered version of each function in order to maximize code reuse.

Note that I originally left `getLastCommitStatus()` in `pull.go` which called to the new function, but `make lint` complained that it was unused, so I removed it. I would have preferred to keep it, but alas.

The only thing I'd still like to do here is force these popups to happen to the right by default instead of the left. I see that the only other place this is popping up right is on view_list.tmpl, but I can't figure out how/why right now.

Fixes #18810
2022-04-26 23:40:01 +01:00
Gusted 076eaad743
Improve dashboard's repo list performance (#18963)
* Improve dashboard's repo list performance

- Avoid a lot of database lookups for all the repo's, by adding a
undocumented "minimal" mode for this specific task, which returns the
data that's only needed by this list which doesn't require any database
lookups.
- Makes fetching these list faster.
- Less CPU overhead when a user visits home page.

* Refactor javascript code + fix Fork icon

- Use async in the function so we can use `await`.
- Remove `archivedFilter` check for count, as it doesn't make sense to
  show the count of repos when you can't even see them(as they are
  filited away).

* Add `count_only`

* Remove uncessary code

* Improve comment

Co-authored-by: delvh <dev.lh@web.de>

* Update web_src/js/components/DashboardRepoList.js

Co-authored-by: delvh <dev.lh@web.de>

* Update web_src/js/components/DashboardRepoList.js

Co-authored-by: delvh <dev.lh@web.de>

* By default apply minimal mode

* Remove `minimal` paramater

* Refactor count header

* Simplify init

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-04-26 16:34:30 -04:00
Lunny Xiao d71df01077
Refactor readme file renderer (#19502)
* Refactor readme file renderer

* improve
2022-04-26 16:31:15 -04:00
Gusted 4e912a61c8
Improve Stopwatch behavior (#18930)
- Don't send empty stopwatch over and over again, only send once.
- Stop interval to update stopwatch's timer when there is no more stopwatch.
2022-04-25 22:45:22 +02:00
6543 1ebb30e41b
Pass gitRepo down to GetRawDiff, since its used for main repo and wiki (#19461)
as per https://github.com/go-gitea/gitea/pull/19449#issuecomment-1105283931

pass gitRepo down to GetRawDiff, since its used for main repo and wiki
2022-04-25 20:45:18 +02:00
6543 ddbbe6e15c
User specific repoID or xorm builder conditions for issue search (#19475)
* extend models.IssuesOptions to have more specific repo filter options

* use new options

* unrelated refactor

* rm RepoIDs
2022-04-25 16:06:24 +02:00
qwerty287 ae6a52440a
Fix panic in team repos API (#19431)
* Fix panic in team repos API

* Fix pagination

* fmt
2022-04-20 18:43:26 +08:00
zeripath 409ff55a29
When updating mirror repo intervals by API reschedule next update too (#19429)
When a mirror repo interval is updated by the UI it is rescheduled with that interval
however the API does not do this. The API also lacks the enable_prune option.

This PR adds this functionality in to the API Edit Repo endpoint.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-04-20 09:20:53 +01:00
Lunny Xiao b8911fb456
Use a struct as test options (#19393)
* Use a struct as test options

* Fix name

* Fix test
2022-04-14 21:58:21 +08:00
Gusted 0d3d9675c6
Fix middleware function's placements for some /user/... (#19377)
- Add reqSignIn to `/user/task/{task}` as it specific to a logged in user currently not-logged in user could cause a NPE.
- Move `/user/stopwatch` & `/user/search` middleware before the actual function is called, because functions are executed in order and currently hadn't any effect and could as well cause a NPE due to that.
- Remove `/user/active` reqSignIn middleware, because when you want to active a account you're not "signed in" so it doesn't make sense to add that middleware.
2022-04-12 10:02:58 +08:00
Gusted ee769f7459
Add logic to switch between source/rendered on Markdown (#19356)
Adds a button to switch between the source blob and the rendered markdown.
2022-04-10 23:01:35 +08:00
KN4CK3R c003491cfb
Allow package linking to private repository (#19348)
* Display private repos too.

* lint

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-04-09 23:57:37 +08:00
Lunny Xiao 1dfa26e00e
Move milestone to models/issues/ (#19278)
* Move milestone to models/issues/

* Fix lint

* Fix test

* Fix lint

* Fix lint
2022-04-08 17:11:15 +08:00
wxiaoguang 84ceaa98bd
Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337)
Do a refactoring to the CSRF related code, remove most unnecessary functions.
Parse the generated token's issue time, regenerate the token every a few minutes.
2022-04-08 13:21:05 +08:00
Lunny Xiao 3c3d49899f
Remove dependent on session auth for api/v1 routers (#19321)
* Remove dependent on session auth for api/v1 routers

* Remove unnecessary session on API context

* remove missed header

* fix test

* fix missed api/v1
2022-04-08 06:22:10 +02:00
Lunny Xiao 783a021889
Never use /api/v1 from Gitea UI Pages (#19318)
Reusing `/api/v1` from Gitea UI Pages have pros and cons.
Pros:
1) Less code copy

Cons:
1) API/v1 have to support shared session with page requests.
2) You need to consider for each other when you want to change something about api/v1 or page.

This PR moves all dependencies to API/v1 from UI Pages.

Partially replace #16052
2022-04-07 20:59:56 +02:00
KN4CK3R 5e242e021b
Package registry changes (#19305)
* removed debug logs
* fixed SELECT
* removed unneeded error type
* use common SearchVersions method
* remove empty container upload versions
* return err
2022-04-06 03:32:09 +02:00
wxiaoguang d242511e86
Remove legacy unmaintained packages, refactor to support change default locale (#19308)
Remove two unmaintained vendor packages `i18n` and `paginater`. Changes:
* Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests.
* Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged.

Trivial enhancement (no breaking for end users):
* Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
2022-04-03 17:46:48 +08:00
wxiaoguang 65f17bfc31
Refactor legacy unknwon/com package, improve golangci lint (#19284)
The main purpose is to refactor the legacy `unknwon/com` package.
1. Remove most imports of `unknwon/com`, only `util/legacy.go` imports the legacy `unknwon/com`
2. Use golangci's depguard to process denied packages
3. Fix some incorrect values in golangci.yml, eg, the version should be quoted string `"1.18"`
4. Use correctly escaped content for `go-import` and `go-source` meta tags
5. Refactor `com.Expand` to our stable (and the same fast) `vars.Expand`, our `vars.Expand` can still return partially rendered content even if the template is not good (eg: key mistach).
2022-04-01 16:47:50 +08:00
wxiaoguang 124b072f0b
Remove git.Command.Run and git.Command.RunInDir* (#19280)
Follows #19266, #8553, Close #18553, now there are only three `Run..(&RunOpts{})` functions.
 * before: `stdout, err := RunInDir(path)`
 * now: `stdout, _, err := RunStdString(&git.RunOpts{Dir:path})`
2022-04-01 10:55:30 +08:00
KN4CK3R 08d199245a
Fix container download counter (#19287)
* Increment counter on manifest download.

* Refactor GetPackageFileStream method.
2022-04-01 01:08:32 +02:00
Lunny Xiao 420851ca1f
Fix global packages enabled avaiable (#19276)
Fix #19275
2022-03-31 19:31:53 +02:00
zeripath c88547ce71
Add Goroutine stack inspector to admin/monitor (#19207)
Continues on from #19202.

Following the addition of pprof labels we can now more easily understand the relationship between a goroutine and the requests that spawn them. 

This PR takes advantage of the labels and adds a few others, then provides a mechanism for the monitoring page to query the pprof goroutine profile.

The binary profile that results from this profile is immediately piped in to the google library for parsing this and then stack traces are formed for the goroutines.

If the goroutine is within a context or has been created from a goroutine within a process context it will acquire the process description labels for that process. 

The goroutines are mapped with there associate pids and any that do not have an associated pid are placed in a group at the bottom as unbound.

In this way we should be able to more easily examine goroutines that have been stuck.

A manager command `gitea manager processes` is also provided that can export the processes (with or without stacktraces) to the command line.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-31 19:01:43 +02:00
6543 9c349a4277
Move checks for pulls before merge into own function (#19271)
This make checks in one single place so they dont differ and maintainer can not forget a check in one place while adding it to the other .... ( as it's atm )

Fix:
* The API does ignore issue dependencies where Web does not
* The API checks if "IsSignedIfRequired" where Web does not - UI probably do but nothing will some to craft custom requests
* Default merge message is crafted a bit different between API and Web if not set on specific cases ...
2022-03-31 16:53:08 +02:00
wxiaoguang b877504b03
Refactor git.Command.Run*, introduce RunWithContextString and RunWithContextBytes (#19266)
This follows 
* https://github.com/go-gitea/gitea/issues/18553

Introduce `RunWithContextString` and `RunWithContextBytes` to help the refactoring. Add related unit tests. They keep the same behavior to save stderr into err.Error() as `RunInXxx` before.

Remove `RunInDirTimeoutPipeline` `RunInDirTimeoutFullPipeline` `RunInDirTimeout` `RunInDirTimeoutEnv`  `RunInDirPipeline`  `RunInDirFullPipeline`  `RunTimeout`, `RunInDirTimeoutEnvPipeline`, `RunInDirTimeoutEnvFullPipeline`, `RunInDirTimeoutEnvFullPipelineFunc`.

Then remaining `RunInDir` `RunInDirBytes` `RunInDirWithEnv` can be easily refactored in next PR with a simple search & replace:
* before: `stdout, err := RunInDir(path)`
* next: `stdout, _, err := RunWithContextString(&git.RunContext{Dir:path})`

Other changes:
1. When `timeout <= 0`, use default. Because `timeout==0` is meaningless and could cause bugs. And now many functions becomes more simple, eg: `GitGcRepos` 9 lines to 1 line. `Fsck` 6 lines to 1 line.
2. Only set defaultCommandExecutionTimeout when the option `setting.Git.Timeout.Default > 0`
2022-03-31 13:56:22 +02:00
Lunny Xiao d4f84f1c93
Move reaction to models/issues/ (#19264)
* Move reaction to models/issues/

* Fix test

* move the function

* improve code

* Update models/issues/reaction.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-31 17:20:39 +08:00
wxiaoguang c83168104b
Use a more general (and faster) method to sanitize URLs with credentials (#19239)
Use a more general method to sanitize URLs with credentials: Simple and intuitive / Faster /  Remove all credentials in all URLs
2022-03-31 10:25:40 +08:00
KN4CK3R 1d332342db
Add Package Registry (#16510)
* Added package store settings.

* Added models.

* Added generic package registry.

* Added tests.

* Added NuGet package registry.

* Moved service index to api file.

* Added NPM package registry.

* Added Maven package registry.

* Added PyPI package registry.

* Summary is deprecated.

* Changed npm name.

* Sanitize project url.

* Allow only scoped packages.

* Added user interface.

* Changed method name.

* Added missing migration file.

* Set page info.

* Added documentation.

* Added documentation links.

* Fixed wrong error message.

* Lint template files.

* Fixed merge errors.

* Fixed unit test storage path.

* Switch to json module.

* Added suggestions.

* Added package webhook.

* Add package api.

* Fixed swagger file.

* Fixed enum and comments.

* Fixed NuGet pagination.

* Print test names.

* Added api tests.

* Fixed access level.

* Fix User unmarshal.

* Added RubyGems package registry.

* Fix lint.

* Implemented io.Writer.

* Added support for sha256/sha512 checksum files.

* Improved maven-metadata.xml support.

* Added support for symbol package uploads.

* Added tests.

* Added overview docs.

* Added npm dependencies and keywords.

* Added no-packages information.

* Display file size.

* Display asset count.

* Fixed filter alignment.

* Added package icons.

* Formatted instructions.

* Allow anonymous package downloads.

* Fixed comments.

* Fixed postgres test.

* Moved file.

* Moved models to models/packages.

* Use correct error response format per client.

* Use simpler search form.

* Fixed IsProd.

* Restructured data model.

* Prevent empty filename.

* Fix swagger.

* Implemented user/org registry.

* Implemented UI.

* Use GetUserByIDCtx.

* Use table for dependencies.

* make svg

* Added support for unscoped npm packages.

* Add support for npm dist tags.

* Added tests for npm tags.

* Unlink packages if repository gets deleted.

* Prevent user/org delete if a packages exist.

* Use package unlink in repository service.

* Added support for composer packages.

* Restructured package docs.

* Added missing tests.

* Fixed generic content page.

* Fixed docs.

* Fixed swagger.

* Added missing type.

* Fixed ambiguous column.

* Organize content store by sha256 hash.

* Added admin package management.

* Added support for sorting.

* Add support for multiple identical versions/files.

* Added missing repository unlink.

* Added file properties.

* make fmt

* lint

* Added Conan package registry.

* Updated docs.

* Unify package names.

* Added swagger enum.

* Use longer TEXT column type.

* Removed version composite key.

* Merged package and container registry.

* Removed index.

* Use dedicated package router.

* Moved files to new location.

* Updated docs.

* Fixed JOIN order.

* Fixed GROUP BY statement.

* Fixed GROUP BY #2.

* Added symbol server support.

* Added more tests.

* Set NOT NULL.

* Added setting to disable package registries.

* Moved auth into service.

* refactor

* Use ctx everywhere.

* Added package cleanup task.

* Changed packages path.

* Added container registry.

* Refactoring

* Updated comparison.

* Fix swagger.

* Fixed table order.

* Use token auth for npm routes.

* Enabled ReverseProxy auth.

* Added packages link for orgs.

* Fixed anonymous org access.

* Enable copy button for setup instructions.

* Merge error

* Added suggestions.

* Fixed merge.

* Handle "generic".

* Added link for TODO.

* Added suggestions.

* Changed temporary buffer filename.

* Added suggestions.

* Apply suggestions from code review

Co-authored-by: Thomas Boerger <thomas@webhippie.de>

* Update docs/content/doc/packages/nuget.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Thomas Boerger <thomas@webhippie.de>
2022-03-30 16:42:47 +08:00
6543 3e88af898a
Make git.OpenRepository accept Context (#19260)
* OpenRepositoryCtx -> OpenRepository
* OpenRepository -> openRepositoryWithDefaultContext, only for internal usage
2022-03-30 03:13:41 +08:00
Lunny Xiao 74731c3a5a
Move some issue methods as functions (#19255)
* Move some issue methods as functions

* Fix bug
2022-03-29 16:57:33 +02:00
Lunny Xiao bd97736b9c
Move project files into models/project sub package (#17704)
* Move project files into models/project sub package

* Fix test

* Fix test

* Fix test

* Fix build

* Fix test

* Fix template bug

* Fix bug

* Fix lint

* Fix test

* Fix import

* Improve codes

Co-authored-by: 6543 <6543@obermui.de>
2022-03-29 22:16:31 +08:00
Lunny Xiao 76aa33d884
Move init repository related functions to modules (#19159)
* Move init repository related functions to modules

* Fix lint

* Use ctx but db.DefaultContext

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-29 15:23:45 +08:00
Lunny Xiao b06b9a056c
Move organization related structs into sub package (#18518)
* Move organization related structs into sub package

* Fix test

* Fix lint

* Move more functions into sub packages

* Fix bug

* Fix test

* Update models/organization/team_repo.go

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* Apply suggestions from code review

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

* Fix fmt

* Follow suggestion from @Gusted

* Fix test

* Fix test

* Fix bug

* Use ctx but db.DefaultContext on routers

* Fix bug

* Fix bug

* fix bug

* Update models/organization/team_user.go

* Fix bug

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-29 14:29:02 +08:00
wxiaoguang d4c789dfc1
Refactor repo clone button and repo clone links, fix JS error on empty repo page (#19208)
The last PR about clone buttons introduced an JS error when visiting an empty repo page:
* https://github.com/go-gitea/gitea/pull/19028
* `Uncaught ReferenceError: isSSH is not defined`, because the variables are scoped and doesn't share between sub templates.

This:
1. Simplify `templates/repo/clone_buttons.tmpl` and make code clear
2. Move most JS code into `initRepoCloneLink`
3. Remove unused `CloneLink.Git`
4. Remove `ctx.Data["DisableSSH"] / ctx.Data["ExposeAnonSSH"] / ctx.Data["DisableHTTP"]`, and only set them when is is needed (eg: deploy keys / ssh keys)
5. Introduce `Data["CloneButton*"]` to provide data for clone buttons and links
6. Introduce `Data["RepoCloneLink"]` for the repo clone link (not the wiki)
7. Remove most `ctx.Data["PageIsWiki"]` because it has been set in the `/wiki` middleware
8. Remove incorrect `quickstart` class in `migrating.tmpl`
2022-03-29 05:21:30 +02:00
Lunny Xiao 6526733a58
Let web and API routes have different auth methods group (#19168)
* remove the global methods but create dynamiclly

* Fix lint

* Fix windows lint

* Fix windows lint

* some improvements

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-28 12:46:28 +08:00
zeripath d6fa138e7c
Only send webhook events to active system webhooks and only deliver to active hooks (#19234)
There is a bug in the system webhooks whereby the active state is not checked when
webhooks are prepared and there is a bug that deactivating webhooks do not prevent
queued deliveries.

* Only add SystemWebhooks to the prepareWebhooks list if they are active
* At the time of delivery if the underlying webhook is not active mark it
as "delivered" but with a failed delivery so it does not get delivered.

Fix #19220

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-03-28 11:17:21 +08:00
KN4CK3R 59b867dc2d
Add ContextUser to http request context (#18798)
This PR adds a middleware which sets a ContextUser (like GetUserByParams before) in a single place which can be used by other methods. For routes which represent a repo or org the respective middlewares set the field too.

Also fix a bug in modules/context/org.go during refactoring.
2022-03-26 17:04:22 +08:00
Gusted a5f2894071
Fix showing issues in your repositories (#18916)
- Make a restriction on which issues can be shown based on if you the user or team has write permission to the repository.
- Fixes a issue whereby you wouldn't see any associated issues with a specific team on a organization if you wasn't a member(fixed by zeroing the User{ID} in the options).
- Resolves #18913
2022-03-23 23:57:09 +01:00
a1012112796 0eff23dae0
Fix compare link in active feeds for new branch (#19149)
When a new branch is pushed the old SHA is always listed as the empty sha and thus the compare link that is created does not work correctly. 

Therefore when creating the compare link for new branches:

1. Attempt to get the parent of the first commit and use that as the basis 
for the compare link.
2. If this is not possible make a comparison to the default branch
3. Finally if that is not possible simply do not show a compare link.

However, there are multiple broken compare links remaining therefore, in order for these to not break we will simply make the compare link redirect to the default branch.

Fix #19144

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-03-23 13:40:12 +00:00
KN4CK3R 3f280f89e7
Update HTTP status codes to modern codes (#18063)
* 2xx/3xx/4xx/5xx -> http.Status...
* http.StatusFound -> http.StatusTemporaryRedirect
* http.StatusMovedPermanently -> http.StatusPermanentRedirect
2022-03-23 12:54:07 +08:00
zeripath 3f71ab9a12
Clean paths when looking in Storage (#19124)
* Clean paths when looking in Storage

Ensure paths are clean for minio aswell as local storage.

Use url.Path not RequestURI/EscapedPath in storageHandler.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-03-22 17:02:26 -04:00
zeripath d2c165811a
Use the new/choose link for New Issue on project page (#19172)
Extend issues/new/choose to pass the project id and change New Issue
link on project page to use new/choose

Fix #19170

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 19:54:24 +00:00
wxiaoguang 7a550b3af2
Use ctx instead of db.DefaultContext in some packages(routers/services/modules) (#19163)
* Remove `db.DefaultContext` usage in routers, use `ctx` directly

* Use `ctx` directly if there is one, remove some `db.DefaultContext` in `services`

* Use ctx instead of db.DefaultContext for `cmd` and some `modules` packages

* fix incorrect context usage
2022-03-22 16:22:54 +01:00
wxiaoguang 2b55422cd7
Fix the bug: deploy key with write access can not push (#19010)
Use DeployKeyID to replace the IsDeployKey, then CanWriteCode uses the DeployKeyID to check the write permission.
2022-03-22 17:29:07 +08:00
KN4CK3R 80fd25524e
Renamed ctx.User to ctx.Doer. (#19161)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 15:03:22 +08:00
Abheek Dhawan f96e8be41f
Use custom favicon when viewing static files if it exists (#19130)
Redirect `/favicon.ico` to `/assets/img/favicon.png`.

Fix #19109
2022-03-19 19:53:31 +00:00
zeripath 7fc5fd6415
Do not send activation email if manual confirm is set (#19119)
If the mailer is configured then even if Manual confirm is set an activation email
is still being sent because `handleUserCreated` is not checking for this case.

Fix #17263

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-03-18 17:57:07 +08:00
KN4CK3R c88f2e2acc
Handle email address not exist. (#19089) 2022-03-15 10:18:39 +01:00
Lunny Xiao 18033f49ba
Restrict email address validation (#17688)
This didn't follow the RFC but it's a subset of that. I think we should narrow the allowed chars at first and discuss more possibility in future PRs.
2022-03-14 18:39:54 +01:00
Lunny Xiao 49db87a035
Fix lfs bug (#19072)
* Fix lfs bug
2022-03-14 16:18:27 +01:00
6543 bc0d2c8ada
RSS/Atom support for Repos (#19055)
* support for repos
* refactor
* advertise the feeds via meta tags
* allow feed suffix and feed header
* optimize performance
2022-03-13 17:40:47 +01:00
Norwin 9cca834aac
Feeds: render markdown to html (#19058)
* feeds: render markdown to html
2022-03-12 23:05:12 +01:00
zeripath a223bc8765
Prevent 500 when there is an error during new auth source post (#19041)
Fix #19036

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-10 23:40:43 +01:00
6543 cc98737ca8
RSS/Atom support for Orgs (#17714)
part of #569
2022-03-10 15:54:51 +01:00
Otto Richter (fnetX) ea46142bce
Add button for issue deletion (#19032)
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-03-09 01:38:11 +01:00
wxiaoguang e73c5fd698
Fix wrong scopes caused by empty scope input (#19029) 2022-03-08 19:56:40 +01:00
Jimmy Praet 5184c83f6b
Add config option to disable "Update branch by rebase" (#18745) 2022-03-04 03:30:49 -05:00
KN4CK3R f8898c30dc
Add note to GPG key response if user has no keys (#18961)
* Prevent invalid key response.

* Display note instead of 404 response.

* Fixed test.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-03-02 11:32:18 -05:00
wxiaoguang dd712b77f7
Refactor admin user filter query parameters (#18965)
Only pass `status_filter` on admin page
Use a more general method to pass query parameters, remove hard-coded keys
2022-03-02 16:30:14 +01:00
Gusted a90041d71a
Send 404 on /{org}.gpg (#18959) 2022-03-01 20:37:32 -05:00
6543 1f45d1e130
Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) 2022-03-02 01:24:31 +01:00
Otto Richter (fnetX) aee0fa68a7
Fix admin user list pagination (#18957) 2022-03-01 20:21:37 +01:00
Gusted 6d55a132a5
Uncapitalize errors (#18915)
- See: https://github.com/golang/go/wiki/CodeReviewComments#error-strings

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-26 20:15:32 +08:00
Jimmy Praet e4ef61ee0f
BeforeSourcePath should point to base commit (#18799)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-25 14:46:15 +08:00
zeripath cb41f5cae1
Update assignees check to include any writing team and change org sidebar (#18680)
Following the merging of #17811 teams can now have differing write and readonly permissions, however the assignee list will not include teams which have mixed perms.

Further the org sidebar is no longer helpful as it can't describe these mixed permissions situations.

Fix #18572

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-23 22:07:05 +00:00
silverwind 2b9df564b8
Lock gofumpt to v0.3.0 and run it (#18866)
We can't depend on `latest` version of gofumpt because the output will
not be stable across versions. Lock it down to the latest version
released yesterday and run it again.
2022-02-23 20:16:07 +00:00
zeripath 704bdf89a2
Don't report signal: killed errors in serviceRPC (#18850)
Fix #18849

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-22 16:32:25 +08:00
Wim a387636b9a
Show fullname on issue edits and gpg/ssh signing info (#18827)
Show missing full names when configured to do so

Co-authored-by: zeripath <art27@cantab.net>
2022-02-20 19:50:11 +00:00
Lunny Xiao f48771ae78
Fix template bug of LFS lock (#18784) 2022-02-16 11:22:25 -05:00
René Schaar 609c91665e
Fix display time of milestones (#18753)
* Fix display time of milestones

* Move the SecToTime function

From the models/issue_stopwatch.go file to the modules/util package

* Rename the sec_to_time file

* Updated formatting

* Include copyright notice in sec_to_time.go

* Apply PR review suggestions

- Update copyright notice dates to 2022
- Change `1 day 3h 5min 7s` to `1d 3h 5m 7s`

* Rename hrs var and combine conditions

* Update unit tests to match new time pattern

Changed `1min` to `1m`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-16 00:50:10 +08:00
Lunny Xiao 08fe6f8c7e
Fix broken cancel button link on patch page (#18718)
* Fix broken cacnel button link on patch page

* remove treepath="patch" elsewhere too

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2022-02-14 09:18:55 +00:00
Sven Seeberg 832ce406ae
Add LDAP group sync to Teams, fixes #1395 (#16299)
* Add setting for a JSON that maps LDAP groups to Org Teams.
* Add log when removing or adding team members.
* Sync is being run on login and periodically.
* Existing group filter settings are reused.
* Adding and removing team members.
* Sync not existing LDAP group.
* Login with broken group map JSON.
2022-02-11 22:24:58 +08:00
zeripath 393ea86ae1
Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713)
Move setting PullRequestWorkInProgressPrefixes to the start of PrepareViewPullInfo.

Fix #18706

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-11 08:02:53 +00:00
Paweł Bogusławski c917f2df9b
Disable unnecessary OpenID/OAuth2 elements (#18491)
This mod fixes disabling unnecessary OpenID elements.

Related: https://github.com/go-gitea/gitea/pull/13129
Author-Change-Id: IB#1115256
2022-02-09 20:33:36 +00:00
zeripath eb748f5f3c
Add apply-patch, basic revert and cherry-pick functionality (#17902)
This code adds a simple endpoint to apply patches to repositories and
branches on gitea. This is then used along with the conflicting checking
code in #18004 to provide a basic implementation of cherry-pick revert.

Now because the buttons necessary for cherry-pick and revert have 
required us to create a dropdown next to the Browse Source button
I've also implemented Create Branch and Create Tag operations.

Fix #3880 
Fix #17986 

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-09 20:28:55 +00:00
Viktor Suprun 4d939845d2
Added auto-save whitespace behavior if it changed manually (#15566) 2022-02-08 14:15:04 +08:00
wxiaoguang a60e8be8d1
Refactor i18n, use Locale to provide i18n/translation related functions (#18648)
* remove unnecessary web context data fields, and unify the i18n/translation related functions to `Locale`
* in development, show an error if a translation key is missing
* remove the unnecessary loops `for _, lang := range translation.AllLangs()` for every request, which improves the performance slightly
* use `ctx.Locale.Language()` instead of `ctx.Data["Lang"].(string)`
* add more comments about how the Locale/LangType fields are used
2022-02-08 11:02:30 +08:00
6543 3043eb36bf
Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552) 2022-02-06 20:01:47 +01:00
zeripath 933e819165
Ensure that blob-excerpt links work for wiki (#18587)
It appears that the blob-excerpt links do not work on the wiki - likely since their
introduction.

This PR adds support for the wiki on these links.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-05 18:26:12 +00:00
zeripath 1c5afd17ee
Prevent panic on prohibited user login with oauth2 (#18562)
There was an unfortunate regression in #17962 where following detection of the
UserProhibitLogin error the err is cast to a pointer by mistake.

This causes a panic due to an interface error.

Fix #18561

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-03 10:44:18 +00:00
zeripath 76e3111596
Collaborator trust model should trust collaborators (#18539)
* Collaborator trust model should trust collaborators

There was an unintended regression in #17917 which leads to only
repository admin commits being trusted. This PR restores the old logic.

Fix #18501

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-02-02 11:10:06 +01:00
Gusted d3b31cc1ee
Add GetUserTeams (#18499)
* COrrect use `UserID` in `SearchTeams`

- Use `UserID` in the `SearchTeams` function, currently it was useless
to pass such information. Now it does a INNER statement to `team_user`
which obtains UserID -> TeamID data.
- Make OrgID optional.
- Resolves #18484

* Seperate searching specific user

* Add condition back

* Use correct struct type

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-02-01 14:09:24 -05:00
zeripath 7d452558f0
Fix OAuth Source Edit Page (#18495)
* Fix OAuth Source Edit Page to ensure restricted and group settings are set
* Also tolerate []interface in the groups

Fix #18432

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-31 20:41:11 +00:00
Lauris BH 604ce77628
Allow to filter repositories by language in explore, user and organization repositories lists (#18430) 2022-01-28 13:29:04 +02:00
Lauris BH 8038610a42
Automatically pause queue if index service is unavailable (#15066)
* Handle keyword search error when issue indexer service is not available

* Implement automatic disabling and resume of code indexer queue
2022-01-27 10:30:51 +02:00
zeripath 9a75c2741d
Only view milestones from current repo (#18414)
The endpoint /{username}/{reponame}/milestone/{id} is not currently restricted to
the repo. This PR restricts the milestones to those within the repo.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-26 20:01:35 +00:00
wxiaoguang 49dd906753
Use base32 for 2FA scratch token (#18384)
* Use base32 for 2FA scratch token
* rename Secure* to Crypto*, add comments
2022-01-26 12:10:10 +08:00
Gusted c2e13fb763
Fix partial cloning a repo (#18373)
- Pass the Global command args into serviceRPC.
- Fixes error with partial cloning.
- Add partial clone test
- Include diff

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-23 22:19:32 +01:00
Dr. Tobias Quathamer 3349fd8f79
Add packagist webhook (#18224)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-23 21:46:30 +08:00
Lunny Xiao 35fdefc1ff
Always use git command but not os.Command (#18363) 2022-01-23 00:57:52 -05:00
zeripath a82fd98d53
Pause queues (#15928)
* Start adding mechanism to return unhandled data

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create pushback interface

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Pausable interface to WorkerPool and Manager

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Implement Pausable and PushBack for the bytefifos

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Implement Pausable and Pushback for ChannelQueues and ChannelUniqueQueues

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Wire in UI for pausing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add testcases and fix a few issues

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix build

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prevent "race" in the test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix jsoniter mismerge

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix conflicts

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix format

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add warnings for no worker configurations and prevent data-loss with redis/levelqueue

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use StopTimer

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-22 21:22:14 +00:00
qwerty287 1f40933d38
Add config options to hide issue events (#17414)
* Add config option to hide issue events
Adds a config option `HIDE_ISSUE_EVENTS` to hide most issue events (changed labels, milestones, projects...) on the issue detail page.
If this is true, only the following events (comment types) are shown:
* plain comments
* closed/reopned/merged
* reviews

* Make configurable using a list

* Add docs

* Add missing newline

* Fix merge issues

* Allow changes per user settings

* Fix lint

* Rm old docs

* Apply suggestions from code review

* Use bitsets

* Rm comment

* fmt

* Fix lint

* Use variable/constant to provide key

* fmt

* fix lint

* refactor

* Add a prefix for user setting key

* Add license comment

* Add license comment

* Update services/forms/user_form_hidden_comments.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* check len == 0

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-21 18:59:26 +01:00
zeripath 44deae8f3d
Refactor jwt.StandardClaims to RegisteredClaims (#18344)
* Refactor jwt.StandardClaims to RegisteredClaims

go-jwt/jwt has deprecated the StandardClaims interface to use RegisteredClaims
instead. This PR migrates to use this new format.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-01-20 22:52:56 +01:00