Commit graph

3237 commits

Author SHA1 Message Date
zeripath
6e423d5573
Ensure validation occurs on clone addresses too (#14994)
* Ensure validation occurs on clone addresses too

Fix #14984

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix api tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-15 17:52:11 -04:00
Bo-Yi Wu
167b0f46ef
chore(models): rewrite code format. (#14754)
* chore: rewrite format.

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: Adjacent parameters with the same type should be grouped together

* chore: update format.
2021-03-14 19:52:12 +01:00
Norwin
658d1bfac8
API: fix set milestone on PR creation (#14981)
* API: fix set milestone on PR creation

pr creation via API failed with 404, because we searched
for milestoneID 0, due to uninitialized var usage D:

* add tests

* fix expected status codes

* fix tests

Co-authored-by: 6543 <6543@obermui.de>
2021-03-13 19:06:52 +01:00
zeripath
42b9b46ad2
Never add labels not from this repository or organisation and remove org labels on transfer (#14928)
* Never add labels not from this repository or organisation and remove org labels on transfer

Prevent the addition of labels from outside of the repository or
organisation and remove organisation labels on transfer.

Related #14908

* switch to use sql

* subquery alias

* once more around the merry go round

* fix api problem
2021-03-12 18:45:49 +01:00
fnetX (aka fralix)
f061277c86
Add "captcha" to list of reserved usernames (#14929)
Signed-off-by: Otto Richter <git@fralix.ovh>
2021-03-08 17:49:29 +01:00
zeripath
78b7529cd4
Fix overdue marking of closed issues and milestones (#14923)
Closed milestones and issues should only be marked overdue if they were
closed after their deadline.

Fix: #14536

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 02:55:57 +01:00
Lunny Xiao
5ccf8b6430
Fix issue search with db indexer because of mysql 5.7 sqlmode (#14907)
* Fix sqlmode bug

* distinct is necessary
2021-03-06 23:11:12 +08:00
Lunny Xiao
7525450232
When transfering repository and database transaction failed, rollback the renames (#14864)
Fix #14821

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-05 03:28:52 +01:00
a1012112796
a5279b74b6
Make manual merge autodetection optional and add manual merge as merge method (#12543)
* Make auto check manual merge as a chooseable mod and add manual merge way on ui

as title, Before this pr, we use same way with GH to check manually merge.
It good, but in some special cases, misjudgments can occur. and it's hard
to fix this bug. So I add option to allow repo manager block "auto check manual merge"
function, Then it will have same style like gitlab(allow empty pr). and to compensate for
not being able to detect THE PR merge automatically, I added a manual approach.

Signed-off-by: a1012112796 <1012112796@qq.com>

* make swager

* api support

* ping ci

* fix TestPullCreate_EmptyChangesWithCommits

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Apply review suggestions and add test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* fix build

* test error message

* make fmt

* Fix indentation issues identified by @silverwind

Co-authored-by: silverwind <me@silverwind.io>

* Fix tests and make manually merged disabled error on API the same

Signed-off-by: Andrew Thornton <art27@cantab.net>

* a small nit

* fix wrong commit id error

* fix bug

* simple test

* fix test

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-03 22:41:23 -05:00
zeripath
def964e57f
Make searching issues by keyword case insensitive on DB (#14848)
Most DBs apart from SQLite will use a default Collation that is not case insensitive.
This means that SearchIssuesByKeyword becomes case sensitive for db indexing - in
contrast to the bleve and elastic indexers.

This PR simply uses UPPER(...) to do the LIKE - and although it may be more efficient
to change collations this would be a non-trivial task.

Fix #13663

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-02 14:07:01 +01:00
zeripath
f0e15250b9
Migrate to use jsoniter instead of encoding/json (#14841)
* Migrate to use jsoniter

* fix tests

* update gitea.com/go-chi/binding

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-01 22:08:10 +01:00
6543
a4148c0f12
Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
* make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination

* if new pending transfer ocured, create UI & Mail notifications
2021-03-01 01:47:30 +01:00
Jimmy Praet
3e652860bb
All organization members should be assignable as reviewer (#14262)
For public repos, all organization members should be assignable as reviewer

Co-authored-by: zeripath <art27@cantab.net>
2021-02-28 18:24:00 +00:00
zeripath
50208e903a
Disable broken OAuth2 providers at startup (#14802)
Instead of causing a log.Fatal, we should handle broken OAuth2
providers by disabling them.

Fix #8930

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-25 22:20:58 -05:00
gordon--
343c756357
Heatmap days clickable (#13935)
* Heatmap days clickable

* Error handling

* Unselect filter

* better dayclick handler

* made linter happy

* clickable heatmap for profiles

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-20 17:08:58 -05:00
Lunny Xiao
f3e64f677f
Remove unused commit (#14741)
* Remove unused commit

* a small nit

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: a1012112796 <1012112796@qq.com>
2021-02-20 15:02:39 +01:00
zeripath
aa4f9180e4
Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
Also removes some unnecessary uses of fmt.Sprintf and adds documentation
strings

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-19 22:36:43 +01:00
Norwin
d38ae597e1
Add UI to delete tracked times (#14100)
Co-authored-by: 6543 <6543@obermui.de>
2021-02-19 12:52:11 +02:00
Jacob Hrbek
8f05a2876b
models/repo: Fix typo in comment (#14731)
* models/repo: Fix typo in comment

* another typo

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-18 10:39:04 -05:00
Jimmy Praet
4c82485424
#14699 Make branch names in PR description clickable (#14716) 2021-02-18 03:45:49 +01:00
zeripath
ad43b119a8
Add Password Algorithm option to install page (#14701)
Add Password Algorithm option to install page

Fix #14674 

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2021-02-16 23:37:20 +01:00
zeripath
0a9a484e1e
Create DB session provider(based on xorm) (#13031)
* Create Xorm session provider

This PR creates a Xorm session provider which creates
the appropriate Session table for macaron/session.

Fix #7137

Signed-off-by: Andrew Thornton <art27@cantab.net>

* extraneous l

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use key instead of ID to be compatible with go-macaron/session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And change the migration too.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update spacing of imports

Co-authored-by: 6543 <6543@obermui.de>

* Update modules/session/xorm.go

Co-authored-by: techknowlogick <matti@mdranta.net>

* add xorm provider to the virtual provider

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for master merge

* prep for merge master

* As per @lunny

* move migration out of the way

* Move to call this db session as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-15 00:33:31 -05:00
6543
9e852edc41
Add v171 (addSortingColToProjectBoard) migration for #14634 (#14652)
* add v171 Migration for #14634

* NOT NULL

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-02-12 13:01:26 +02:00
a1012112796
ac701637b4
Add dismiss review feature (#12674)
* Add dismiss review feature

refs:
    https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/
    https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request

* change modal ui and error message

* Add unDismissReview api

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-11 18:32:25 +01:00
Romain
c69c01d2b6
Sort / Move project boards (#14634)
Sort Project board (#14533)
2021-02-11 17:32:27 +01:00
Lunny Xiao
c0c59a4c99
Improve the comment on comment type (#14609) 2021-02-10 04:57:30 +01:00
zeripath
f82b1dd7c3
Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623)
* Prevent adding nil label to .AddedLabels or .RemovedLabels

There are possibly a few old databases out there with malmigrated data that can
cause panics with empty labels being migrated.

This PR adds a few tests to prevent nil labels being added.

Fix #14466

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add doctor command to remove the broken label comments

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-02-10 10:50:44 +08:00
zeripath
378acc9d96
Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
Fix #14545

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-08 11:09:14 +08:00
Lunny Xiao
3537d80088
Fix bug about ListOptions and stars/watchers pagnation (#14556)
* Fix bug about ListOptions and stars/watchers pagnation

* fix unit test

Co-authored-by: 6543 <6543@obermui.de>
2021-02-04 11:23:46 -06:00
Anton Khimich
80b1d02b2f
Fix gpg key deletion (#14561)
* Fix GPG key deletion when user is deleted

Per #14531, deleting a user account will delete the user's GPG keys
from the `gpg_key` table but not from `gpg_key_import`, which causes
an error when creating an account with the same email and attempting
to re-add the same key. This commit deletes all entries from
`gpg_key_import` that match any GPG key IDs belonging to the user.

* Format added code in models/user.go

* Create a new function for listing GPG keys and apply it

Create a new function `listGPGKeys` and replace a previous use
of `ListGPGKeys`. Thanks to @6543 for the patch.

Co-authored-by: Anton Khimich <anton.khimicha@mail.utoronto.ca>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-04 17:16:21 +08:00
zeripath
fcfbab99fc
Set the name Mapper in migrations (#14526)
Migrations currently uses the default Xorm mapper which is
not the same as the mapper Gitea actually uses.

This means that there is a difference between the struct
parsing and mapping to database tables in migrations as
compared to normal Sync2.

This was the cause for the catastrophic problem in v168 -
untagged fields are not mapped in the same way in migrations
as compared to outside of migrations.

This is also likely the cause of some weird subtle failures
in other migrations as any untagged field may not be being
mapped exactly the same way.

This PR suggests that we ensure that the mapper is set at
the start of the migrations code - but also enforces a strict
clean mapper between each migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-01-30 16:24:25 +01:00
6543
0e0424c8ec
Add Doctor FixWrongUserType (#14522)
* Add Doctor FixWrongUserType

* use NoAutoTime
2021-01-29 19:30:43 +01:00
John Olheiser
e92552abb4
noop (#14521)
Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-29 23:52:13 +08:00
6543
2ebe609d65
Fix migration v141 (#14387)
* Fix mig 141

* Add Migration to fix it

* update null values to false first

* Alter Table if posible

* use dropTableColumns instead of recreateTable

* MySQL use Alter

* Postgres use Alter

* Update models/migrations/v167.go

* Apply suggestions from code review

* use 2x add col & 2x update & 2x drop col

* let sqlite be the only issue

* use recreate since it just WORKS
2021-01-28 23:58:33 +01:00
Lunny Xiao
d3aa4971c7
Fix bug because of duplicated join (#14454)
* Fix bug because of duplicated join

* Move join into setupsession

* Fix bug

* Fix bug

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-26 23:47:42 +01:00
Brad Albright
a598877fdf
Cron job to cleanup hook_task table (#13080)
Close **Prune hook_task Table (#10741)**

Added a cron job to delete webhook deliveries in the hook_task table. It can be turned on/off and the schedule controlled globally via app.ini. The data can be deleted by either the age of the delivery which is the default or by deleting the all but the most recent deliveries _per webhook_.

Note: I had previously submitted pr #11416  but I closed it when I realized that I had deleted per repository instead of per webhook. Also, I decided allowing the settings to be overridden via the ui was overkill. Also this version allows the deletion by age which is probably what most people would want.
2021-01-26 22:02:42 +01:00
Andrew Bezold
bc05ddc0eb
Redirect on changed user and org name (#11649)
* Add redirect for user

* Add redirect for orgs

* Add user redirect test

* Appease linter

* Add comment to DeleteUserRedirect function

* Fix locale changes

* Fix GetUserByParams

* Fix orgAssignment

* Remove debug logging

* Add redirect prompt

* Dont Export DeleteUserRedirect & only use it within a session

* Unexport newUserRedirect

* cleanup

* Fix & Dedub API code

* Format Template

* Add Migration & rm dublicat

* Refactor: unexport newRepoRedirect() & rm dedub del exec

* if this fails we'll need to re-rename the user directory

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-24 16:23:05 +01:00
6543
a0e424da85
Enhance Ghost comment mitigation Settings (#14392)
* refactor models.DeleteComment and delete related reactions too

* use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser

* nits

* Use time.Duration as other time settings have

* docs

* Resolve Fixme & fix potential deadlock

* Disabled by Default

* Update Config Value Description

* switch args

* Update models/issue_comment.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-01-21 21:56:19 -05:00
Chester Liu
072d550dda
Allow ssh-keygen on Windows to detect ssh key type (#14413) 2021-01-21 21:10:36 +01:00
Norwin
b5570d3e68
Display current stopwatch in navbar (#14122)
* add notification about running stopwatch to header

* serialize seconds, duration in stopwatches api

* ajax update stopwatch

i should get my testenv working locally...

* new variant: hover dialog

* noscript compatibility

* js: live-update stopwatch time

* js live update robustness
2021-01-21 15:51:52 +01:00
Artemis Tosini
cb08248c33
Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)
* Add support for ed25519_sk and ecdsa_sk SSH keys

These start with sk-ssh-ed25519@openssh.com and sk-ecdsa-sha2-nistp256@openssh.com.
They are supported in recent versions of go x/crypto/ssh and OpenSSH 8.2
or higher.

* skip ssh-keygen

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-01-20 20:36:55 +00:00
Roberto Santalla
ef85bf84ee
Project: show referenced PRs in issue cards (#14183)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-20 21:53:48 +02:00
6543
2686e6bbbe
Check if label template exist first (#14384)
* add check

* refactor

* rollback repo on error after session closed
2021-01-18 21:00:50 +01:00
Jimmy Praet
f95dce2f10
exclude authored PRs from Review Requested filter (#14368)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-18 07:13:15 +02:00
6543
21da519c0c
Implement ghost comment mitigation (#14349)
* Implement ghost comment mitigation

Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue.

* cleanup

* use setting module correctly

* add to docs

Co-authored-by: Moritz Marquardt <git@momar.de>
2021-01-17 21:48:38 +01:00
Jimmy Praet
acb1ceb1f4
Add review requested filter on pull request overview (#13701)
* Add review requested filter on pull request overview #13682

fix formatting

* add review_requested filter to /repos/issues/search API endpoint

* only Approve and Reject status should supersede Request status

* add support for team reviews

* refactor: remove duplication of issue filtering conditions
2021-01-17 17:34:19 +01:00
Lauris BH
0a3c3357f3
Sort issue search results by revelance (#14353) 2021-01-16 12:55:17 +08:00
6543
3091600cc8
KanBan: be able to set default board (#14147)
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-15 22:29:32 +02:00
Lauris BH
6eee9f0f4e
Merge default and system webhooks under one menu (#14244) 2021-01-15 01:24:03 +02:00
Lunny Xiao
84b147c7f0
Use IsProd instead of testing if it's equal. (#14336)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-14 23:17:03 +02:00
Elena Neuschild
564030336d
Issues overview should not show issues from archived repos (#13220)
* Add lots of comments to user.Issues()

* Answered some questions from comments

* fix typo in comment

* Refac user.Issues(): add func repoIDs

* Refac user.Issues(): add func userRepoIDs

* Refac user.Issues(): add func issueIDsFromSearch

* Refac user.Issues(): improve error handling

* Refac user.Issues(): add inline documentation and move variable declarations closer to their usages

* Refac user.Issues(): add func repoIDMap

* Refac user.Issues(): cleanup

* Refac: Separate Issues from Pulls during routing

* fix typo in comment

* Adapt Unittests to Refactoring

* Issue13171: Issue and PR Overviews now ignore archived Repositories

* changed some verbatim SQL conditions to builder.Eq

* models/issue.go: use OptionalBool properly

Co-authored-by: 6543 <6543@obermui.de>

* Use IsArchived rather than ExcludeArchivedRepos

* fixed broken test after merge

* added nil check

* Added Unit Test securing Issue 13171 fix

* Improved IsArchived filtering in issue.GetUserIssueStats

* Removed unused func

* Added grouping to avoid returning duplicate repo IDs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-01-12 23:19:17 -05:00
6543
74a0481586
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does

* Migration: Where Password is Valid with Empty String delete it

* prohibit empty password hash

* let SetPassword("") unset pwd stuff
2021-01-10 20:05:18 +02:00
6543
6b3b6f1833
Add option to change username to the admin panel (#14229)
Co-authored-by: Bwko <bouwko@gmail.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-10 14:14:02 +02:00
Jimmy Praet
bcb7f35221
Do not reload page after adding comments in Pull Request reviews (#13877)
Fixed #8861 
* use ajax on PR review page

* handle review comments

* extract duplicate code

FetchCodeCommentsByLine was initially more or less copied from fetchCodeCommentsByReview. Now they both use a common findCodeComments function instead

* use the Engine that was passed into the method

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-01-08 23:49:55 +02:00
Lunny Xiao
3c96a37162
Some code improvements (#14266) 2021-01-06 19:23:57 +00:00
Lunny Xiao
9f73cae635
Fix wrong type on hooktask to convert typ from char(16) to varchar(16) (#14148)
* Fix wrong type on hooktask to convert typ from char(16) to varchar(16)

* Fix bugs

* Improve code

* Use different trim function for MSSQL

* Fix bug

* Removed wrong changed line

* Removed wrong changed line

* Fix nullable

* Fix lint

* Ignore sqlite on migration

* Fix mssql modify column failure

* Move modifyColumn to migrations.go so that other migrate function could use it
2021-01-06 16:11:23 +01:00
Paul Barton
7576e37a65
Add MirrorInterval to the API (#14163)
* Added MirrorInterval to the API

* Remove MirrorInterval from CreateRepository

* Removed Duplicate UpdateMirror Function

* Updated Error Logging

* Update Log Message for is not Mirror

Co-authored-by: 6543 <6543@obermui.de>

* Delete Debug Statement that snuck in

Co-authored-by: zeripath <art27@cantab.net>

* Add Check for If Interval is too small

* Output to API Call

* Add Error Object when time is Less than Min Interval

* Frequency Error Message

Co-authored-by: zeripath <art27@cantab.net>

* Allow Zero Mirror Interval

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 18:47:47 -05:00
Lunny Xiao
3abea9e9eb
Fix avatar bugs (#14217) 2021-01-02 18:01:09 +00:00
Jimmy Praet
e6acce649b
Send notifications for mentions in pulls, issues, (code-)comments (#14218)
Fixes #14187: mention handling extracted from email notification code
Fixes #14013: add notification for mentions in pull request code comments
Fixes #13450: Not receiving any emails with setting "Only Email on Mention"
2021-01-02 18:04:02 +01:00
zeripath
ac88b0ee83
Ensure that schema search path is set with every connection on postgres (#14131)
* Ensure that schema search path is set with every connection on postgres

Unfortunately every connection to postgres requires that the search path is
set appropriately.

This PR shadows the postgres driver to ensure that as soon as a connection
is open, the search_path is set appropriately.

Fix #14088

Signed-off-by: Andrew Thornton <art27@cantab.net>

* no golangci-lint that is not a helpful suggestion

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use Execer if available

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-01-02 10:07:43 +08:00
Lunny Xiao
21adeaad70
Fix dashboard issues labels filter bug (#14210)
Co-authored-by: zeripath <art27@cantab.net>
2021-01-01 12:49:42 -05:00
Johnny Oskarsson
a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
Timo Ley
2b2a4a53bf
Custom icons for OAuth sources (#14161)
* Add Icon URL to Backend

* Template for Icon URL

* Localization & Edit Icon URL

* Improve Custom Icon URL

* Removed not working else

Co-authored-by: 6543 <6543@obermui.de>
2020-12-28 03:35:55 +01:00
Jimmy Praet
40274b4a93
Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
Lunny Xiao
dd08853b10
Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244)
* Dump github/gitlab repository data to a local directory

* Fix lint

* Adjust directory structure

* Allow migration special units

* Allow migration ignore release assets

* Fix lint

* Add restore repository

* stage the changes

* Merge

* Fix lint

* Update the interface

* Add some restore methods

* Finish restore

* Add comments

* Fix restore

* Add a token flag

* Fix bug

* Fix test

* Fix test

* Fix bug

* Fix bug

* Fix lint

* Fix restore

* refactor downloader

* fmt

* Fix bug isEnd detection on getIssues

* Refactor maxPerPage

* Remove unused codes

* Remove unused codes

* Fix bug

* Fix restore

* Fix dump

* Uploader should not depend downloader

* use release attachment name but not id

* Fix restore bug

* Fix lint

* Fix restore bug

* Add a method of DownloadFunc for base.Release to make uploader not depend on downloader

* fix Release yml marshal

* Fix trace information

* Fix bug when dump & restore

* Save relative path on yml file

* Fix bug

* Use relative path

* Update docs

* Use git service string but not int

* Recognize clone addr to service type
2020-12-27 11:34:19 +08:00
Lunny Xiao
cf9d471631
Change topic name size from 25 to 50 (#14150)
* Change topic name size from 25 to 50

* recreateTable requires full bean definition

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-12-26 23:28:47 +00:00
zeripath
ad1164f73b
Disable SSH key deletion of externally managed Keys (#13985)
* Disable SSH key addition and deletion when externally managed

When a user has a login source which has SSH key management
key addition and deletion using the UI should be disabled.

Fix #13983

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make only externally managed keys disabled

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-12-25 23:24:47 -05:00
6543
a19447aed1
migrate from com.* to alternatives (#14103)
* remove github.com/unknwon/com from models

* dont use "com.ToStr()"

* replace "com.ToStr" with "fmt.Sprint" where its easy to do

* more refactor

* fix test

* just "proxy" Copy func for now

* as per @lunny
2020-12-25 11:59:32 +02:00
Daniil Pankratov
5a94db37ed
Fix creating OAuth2 auth source from CLI (#14116)
Fix creation OAuth2 auth source from CLI.

Fix #8356

Co-authored-by: Daniil Pankratov <daniil.pankratov@t-systems.com>
2020-12-24 19:47:17 +00:00
Norwin
f6bec85296
rework heatmap permissions (#14080)
* now uses the same permission model as for the activity feed:
  only include activities in repos, that the doer has access to.
  this might be somewhat slower.

* also improves handling of user.KeepActivityPrivate (still shows
  the heatmap to self & admins)

* extend tests

* adjust integration test to new behaviour

* add access to actions for admins

* extend heatmap unit tests
2020-12-22 03:53:37 +01:00
Lunny Xiao
acd5e5a868
Add StatDir and replace com.StatDir (#14099)
* Add StatDir and replace com.StatDir

* a nit

* Remove wrong file

Co-authored-by: 6543 <6543@obermui.de>
2020-12-22 07:40:57 +08:00
a1012112796
34df4e5df5
Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198)
* Add mentionable teams to tributeValues

Signed-off-by: a1012112796 <1012112796@qq.com>

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

* Change team mention rules to gh's style

* use org's avator as team avator in ui

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update modules/markup/html.go

* Update models/issue.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Update models/issue.go

* fix a small nit and update test code

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
2020-12-21 16:39:28 +01:00
Cirno the Strongest
f3c4baa84b
Show dropdown with all statuses for commit (#13977)
* Show dropdown with all statuses for commit

* Use popups

* Remove unnecessary change

* Style popup

* Use divided list

* As per @silverwind

* Refactor GetLastCommitStatus

* Missing dropdown on repo home and commit page

* Fix tests

* Make status icon be a part of a link on PR list

* Fix missing translation call

* Indent fix

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-12-20 11:13:12 +08:00
Lunny Xiao
36bd5d70cd
Fix feed push tag (#14064)
* Fix dashboard feed bug when push tag

* Fix variable name

* Fix delete tag

Co-authored-by: 6543 <6543@obermui.de>
2020-12-20 07:46:28 +08:00
zeripath
e2b069e577
Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989)
* Accept multiple SSH keys in single LDAP SSHPublicKey attribute

Fix #13984

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-12-18 17:44:18 +00:00
6543
e483220ea3
[Refactor] CombinedStatus and CommitStatus related functions & structs (#14026)
* RM unused struct

* rename (*CommitStatus) loadRepo() -> loadAttributes()

* move ToCommitStatus into its own file

* use CommitStatusState instead of StatusState

* move CombinedStatus convertion into convert package

* let models.GetLatestCommitStatus use repoID direct and accept ListOptions

* update swagger docs

* fix tests

* Fix swagger docs

* rm page

* fix swagger docs!!!

* return json null

* always return json

* rename api.Status to api.CommitStatus

* fix swagger docs

* sec swagger fix
2020-12-18 11:33:32 +08:00
6543
9e456b5a56
HotFix: Hide private partisipation in Orgs (#13994)
* HotFix: Hide private partisipation in Orgs

* refactor & add node to fuc GetOrganizations
2020-12-17 00:39:12 +01:00
zeripath
c3fc190372
Trim the branch prefix from action.GetBranch (#13981)
* Trim the branch prefix from action.GetBranch

 #13882 has revealed that the refname of an action is actually only a
refname pattern and necessarily a branch. For examplem pushing to
refs/heads/master will result in action with refname refs/heads/master
but pushing to master will result in a refname master.

The simplest solution to providing a fix here is to trim the prefix
therefore this PR proposes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/action.go

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: a1012112796 <1012112796@qq.com>
2020-12-14 19:08:37 +02:00
Lunny Xiao
ea914d0f7a
Fix bug for webhook and feishu caused by API changed (#13937)
* Fix bug for webhook

* Fix bug for feishu
2020-12-11 17:04:04 +01:00
Lunny Xiao
6edfa6bc88
Fix broken migration on webhook (#13911)
* Fix broken migration on webhook

* Fix lint

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-12-09 17:20:13 +00:00
silverwind
97ab820acc
Fix action avatar loading (#13909)
Fixes #13883

Co-authored-by: 6543 <6543@obermui.de>
2020-12-09 07:11:15 +02:00
silverwind
c05701dd7d
Fix frontpage avatars (#13853)
The frontpage uses a rather strange method to obtain the commit's avatar
which I've overlooked earlier. I don't exactly understand how it works
but this change fixes the wrong default avatars by using the function
that was in previous use.

Also introduced a few constants for size an size increase factor.

Fixes: https://github.com/go-gitea/gitea/issues/13844
2020-12-09 01:12:15 +01:00
6543
658e90a114
[Docu] Fix Location of Comments in migrations.go (#13900) 2020-12-09 00:24:23 +01:00
Lunny Xiao
42354dfe45
Move webhook type from int to string (#13664)
* Move webhook type from int to string

* rename webhook_services

* finish refactor

* Fix merge

* Ignore unnecessary ci

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-12-08 11:41:14 +01:00
silverwind
9269a038a4
Direct avatar rendering (#13649)
* Direct avatar rendering

This adds new template helpers for avatar rendering which output image
elements with direct links to avatars which makes them cacheable by the
browsers.

This should be a major performance improvment for pages with many avatars.

* fix avatars of other user's profile pages

* fix top border on user avatar name

* uncircle avatars

* remove old incomplete avatar selector

* use title attribute for name and add it back on blame

* minor refactor

* tweak comments

* fix url path join and adjust test to new result

* dedupe functions
2020-12-03 19:46:11 +01:00
6543
4353cf96c0
Move LFSLock APIFormat into convert package (#13808) 2020-12-03 16:05:48 +02:00
6543
7ac8a770e1
Move Repo APIFormat to convert package (#13787)
* Move Repo APIFormat to convert package

* tweek
2020-12-02 16:38:30 -05:00
6543
594cc4aa2a
Update Gitea Version & Fix Migration Comments (#13789)
* correct migration version comments

* update lates version in docs
2020-12-03 00:04:19 +08:00
6543
4f5ff1ef08
move notification APIFormat (#13783) 2020-12-02 09:24:35 +00:00
6543
b2435af9be
Add Allow-/Block-List for Migrate & Mirrors (#13610)
* add black list and white list support for migrating repositories

* fix fmt

* fix lint

* fix vendor

* fix modules.txt

* clean diff

* specify log message

* use blocklist/allowlist

* allways use lowercase to match url

* Apply allow/block

* Settings: use existing "migrations" section

* convert domains lower case

* dont store unused value

* Block private addresses for migration by default

* fix lint

* use proposed-upstream func to detect private IP addr

* a nit

* add own error for blocked migration, add tests, imprufe api

* fix test

* fix-if-localhost-is-ipv4

* rename error & error message

* rename setting options

* Apply suggestions from code review

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-28 19:37:58 -05:00
a1012112796
9c26dc1f3a
Add block on official review requests branch protection (#13705)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-28 21:30:46 +02:00
a1012112796
1e5247d424
ui: show 'owner' tag for real owner (#13689)
* ui: show 'owner' tag for real owner

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update custom/conf/app.example.ini

* simplify logic

fix logic
fix a small bug about original author

* remove system manager tag

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-28 17:52:29 +02:00
zeripath
742e21aeba
Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186)
* Ensure errors from IsDir propagate

* Handle errors when checking IsFile

* Handle and propagate errors from IsExist

* Update modules/templates/static.go

* Update modules/templates/static.go

* Return after ctx.ServerError

* Apply suggestions from code review

* Fix tests

The previous merge managed to break repo_form.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-27 21:42:08 -05:00
6543
f88a2eae97
[API] Add more filters to issues search (#13514)
* Add time filter for issue search

* Add limit option for paggination

* Add Filter for: Created by User, Assigned to User, Mentioning User

* update swagger

* Add Tests for limit, before & since
2020-11-23 20:49:36 +00:00
Jimmy Praet
2791cc139e
Don't show a dropdown menu when only 1 merge option is available (#13660) (#13670) 2020-11-22 15:58:12 +02:00
6543
f915161a2f
skip email validation on empty string (#13627)
- move validation into its own function
- use a session for UpdateUserSetting
2020-11-20 23:45:55 +02:00
Chris Shyi
d025d84d91
Add email validity check (#13475)
* Improve error feedback for duplicate deploy keys

Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.

* API returns 422 error when key with name exists

* Add email validity checking

Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails

* Add further tests

* Add signup email tests

* Add email validity check for linking existing account

* Address PR comments

* Remove unneeded DB session

* Move email check to updateUser

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-14 11:53:43 -05:00
zeripath
3fd060eb37
Include OriginalAuthor in Reaction constraint (#13505)
When migrating repositories with reactions with deleted users, the original
author id may be -1. This means that it is possible to end up attempting
to create multiple reactions with the same [ Type, IssueID, CommentID, UserID,
OriginalAuthorID ] thus breaking the constraints.

On SQLite this appears to cause a deadlock but on other dbs this will
cause the migration to fail.

This PR extends the constraint to include the original author username
in the constraint.

Fix #13271

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-11-10 22:37:11 +00:00
Lunny Xiao
542edc22c4
Some improvements for v156 (#13497) 2020-11-10 13:44:45 +02:00
zeripath
b091c994b5
Comments on review should have the same sha (#13448)
* When replying to an outdated comment it should not appear on the files page

This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.

There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix broken migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move session within the batch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* regen the sqlcmd each time round the loop

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-09 01:15:09 -05:00
Kyle Evans
e461f0854f
[RFC] Make archival asynchronous (#11296)
* Make archival asynchronous

The prime benefit being sought here is for large archives to not
clog up the rendering process and cause unsightly proxy timeouts.
As a secondary benefit, archive-in-progress is moved out of the
way into a /tmp file so that new archival requests for the same
commit will not get fulfilled based on an archive that isn't yet
finished.

This asynchronous system is fairly primitive; request comes in, we'll
spawn off a new goroutine to handle it, then we'll mark it as done.
Status requests will see if the file exists in the final location,
and report the archival as done when it exists.

Fixes #11265

* Archive links: drop initial delay to three-quarters of a second

Some, or perhaps even most, archives will not take all that long to archive.
The archive process starts as soon as the download button is initially
clicked, so in theory they could be done quite quickly.  Drop the initial
delay down to three-quarters of a second to make it more responsive in the
common case of the archive being quickly created.

* archiver: restructure a little bit to facilitate testing

This introduces two sync.Cond pointers to the archiver package. If they're
non-nil when we go to process a request, we'll wait until signalled (at all)
to proceed. The tests will then create the sync.Cond so that it can signal
at-will and sanity-check the state of the queue at different phases.

The author believes that nil-checking these two sync.Cond pointers on every
archive processing will introduce minimal overhead with no impact on
maintainability.

* gofmt nit: no space around binary + operator

* services: archiver: appease golangci-lint, lock queueMutex

Locking/unlocking the queueMutex is allowed, but not required, for
Cond.Signal() and Cond.Broadcast().  The magic at play here is just a little
too much for golangci-lint, as we take the address of queueMutex and this is
mostly used in archiver.go; the variable still gets flagged as unused.

* archiver: tests: fix several timing nits

Once we've signaled a cond var, it may take some small amount of time for
the goroutines released to hit the spot we're wanting them to be at. Give
them an appropriate amount of time.

* archiver: tests: no underscore in var name, ungh

* archiver: tests: Test* is run in a separate context than TestMain

We must setup the mutex/cond variables at the beginning of any test that's
going to use it, or else these will be nil when the test is actually ran.

* archiver: tests: hopefully final tweak

Things got shuffled around such that we carefully build up and release
requests from the queue, so we can validate the state of the queue at each
step. Fix some assertions that no longer hold true as fallout.

* repo: Download: restore some semblance of previous behavior

When archival was made async, the GET endpoint was only useful if a previous
POST had initiated the download. This commit restores the previous behavior,
to an extent; we'll now submit the archive request there and return a
"202 Accepted" to indicate that it's processing if we didn't manage to
complete the request within ~2 seconds of submission.

This lets a client directly GET the archive, and gives them some indication
that they may attempt to GET it again at a later time.

* archiver: tests: simplify a bit further

We don't need to risk failure and use time.ParseDuration to get 2 *
time.Second.

else if isn't really necessary if the conditions are simple enough and lead
to the same result.

* archiver: tests: resolve potential source of flakiness

Increase all timeouts to 10 seconds; these aren't hard-coded sleeps, so
there's no guarantee we'll actually take that long. If we need longer to
not have a false-positive, then so be it.

While here, various assert.{Not,}Equal arguments are flipped around so that
the wording in error output reflects reality, where the expected argument is
second and actual third.

* archiver: setup infrastructure for notifying consumers of completion

This API will *not* allow consumers to subscribe to specific requests being
completed, just *any* request being completed. The caller is responsible for
determining if their request is satisfied and waiting again if needed.

* repo: archive: make GET endpoint synchronous again

If the request isn't complete, this endpoint will now submit the request and
wait for completion using the new API. This may still be susceptible to
timeouts for larger repos, but other endpoints now exist that the web
interface will use to negotiate its way through larger archive processes.

* archiver: tests: amend test to include WaitForCompletion()

This is a trivial one, so go ahead and include it.

* archiver: tests: fix test by calling NewContext()

The mutex is otherwise uninitialized, so we need to ensure that we're
actually initializing it if we plan to test it.

* archiver: tests: integrate new WaitForCompletion a little better

We can use this to wait for archives to come in, rather than spinning and
hoping with a timeout.

* archiver: tests: combine numQueued declaration with next-instruction assignment

* routers: repo: reap unused archiving flag from DownloadStatus()

This had some planned usage before, indicating whether this request
initiated the archival process or not. After several rounds of refactoring,
this use was deemed not necessary for much of anything and got boiled down
to !complete in all cases.

* services: archiver: restructure to use a channel

We now offer two forms of waiting for a request:
- WaitForCompletion: wait for completion with no timeout
- TimedWaitForCompletion: wait for completion with timeout

In both cases, we wait for the given request's cchan to close; in the latter
case, we do so with the caller-provided timeout. This completely removes the
need for busy-wait loops in Download/InitiateDownload, as it's fairly clean
to wait on a channel with timeout.

* services: archiver: use defer to unlock now that we can

This previously carried the lock into the goroutine, but an intermediate
step just added the request to archiveInProgress outside of the new
goroutine and removed the need for the goroutine to start out with it.

* Revert "archiver: tests: combine numQueued declaration with next-instruction assignment"

This reverts commit bcc5214023.

Revert "archiver: tests: integrate new WaitForCompletion a little better"

This reverts commit 9fc8bedb56.

Revert "archiver: tests: fix test by calling NewContext()"

This reverts commit 709c35685e.

Revert "archiver: tests: amend test to include WaitForCompletion()"

This reverts commit 75261f56bc.

* archiver: tests: first attempt at WaitForCompletion() tests

* archiver: tests: slight improvement, less busy-loop

Just wait for the requests to complete in order, instead of busy-waiting
with a timeout.  This is slightly less fragile.

While here, reverse the arguments of a nearby assert.Equal() so that
expected/actual are correct in any test output.

* archiver: address lint nits

* services: archiver: only close the channel once

* services: archiver: use a struct{} for the wait channel

This makes it obvious that the channel is only being used as a signal,
rather than anything useful being piped through it.

* archiver: tests: fix expectations

Move the close of the channel into doArchive() itself; notably, before these
goroutines move on to waiting on the Release cond.

The tests are adjusted to reflect that we can't WaitForCompletion() after
they've already completed, as WaitForCompletion() doesn't indicate that
they've been released from the queue yet.

* archiver: tests: set cchan to nil for comparison

* archiver: move ctx.Error's back into the route handlers

We shouldn't be setting this in a service, we should just be validating the
request that we were handed.

* services: archiver: use regex to match a hash

This makes sure we don't try and use refName as a hash when it's clearly not
one, e.g. heads/pull/foo.

* routers: repo: remove the weird /archive/status endpoint

We don't need to do this anymore, we can just continue POSTing to the
archive/* endpoint until we're told the download's complete. This avoids a
potential naming conflict, where a ref could start with "status/"

* archiver: tests: bump reasonable timeout to 15s

* archiver: tests: actually release timedReq

* archiver: tests: run through inFlight instead of manually checking

While we're here, add a test for manually re-processing an archive that's
already been complete. Re-open the channel and mark it incomplete, so that
doArchive can just mark it complete again.

* initArchiveLinks: prevent default behavior from clicking

* archiver: alias gitea's context, golang context import pending

* archiver: simplify logic, just reconstruct slices

While the previous logic was perhaps slightly more efficient, the
new variant's readability is much improved.

* archiver: don't block shutdown on waiting for archive

The technique established launches a goroutine to do the wait,
which will close a wait channel upon termination. For the timeout
case, we also send back a value indicating whether the timeout was
hit or not.

The timeouts are expected to be relatively small, but still a multi-
second delay to shutdown due to this could be unfortunate.

* archiver: simplify shutdown logic

We can just grab the shutdown channel from the graceful manager instead of
constructing a channel to halt the caller and/or pass a result back.

* Style issues

* Fix mis-merge

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-07 22:27:28 +02:00
a1012112796
82cf67a93e
updateSize when create a repo with init commit (#13441)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-06 23:44:08 -05:00
Lunny Xiao
35cc82abbf
Revert "Replies to outdated code comments should also be outdated (#13217)" (#13439)
This reverts commit 3cab3bee57.
2020-11-06 09:04:21 +02:00
zeripath
3cab3bee57
Replies to outdated code comments should also be outdated (#13217)
* When replying to an outdated comment it should not appear on the files page

This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.

There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-04 17:55:15 -05:00
Lunny Xiao
afb3a5c1d5
Fix bug on release publisherid migrations (#13410)
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-11-03 23:47:54 +08:00
a1012112796
b687707014
Add the tag list page to the release page (#12096)
* Add the tag list page to the release page

* Add the tags list view
* Add the delete tag way on ui
* Not delete tag and clear message when delete a release

Signed-off-by: a1012112796 <1012112796@qq.com>

* Apply suggestions from code review

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* fix ui

* Add to header

* ui

* permission

* ui

* Update options/locale/locale_en-US.ini

Co-authored-by: Lauris BH <lauris@nix.lv>

* tweaks

* monospace commit hashes

* Add read permission check

* fix permission

* fix nit

* Update web_src/less/_base.less

Co-authored-by: silverwind <me@silverwind.io>

* ui fixes

* title tweaks

* fix lint

* fix test

* fix test and some ui nits

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
2020-11-02 18:10:22 -05:00
Cirno the Strongest
06268dcf53
Fix reactions on code comments (#13390)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-02 10:56:02 +02:00
Antoine GIRARD
f3bbd46c49
don't append key file if asked not to (#13368) 2020-10-31 20:57:41 -04:00
zeripath
47dd1cb7ae
Refactor Logger (#13294)
Refactor Logger to make a logger interface and make it possible to
wrap loggers for specific purposes.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-31 01:36:46 -04:00
John Olheiser
b5e974c8a5
Delete tag API (#13358)
* Delete tag API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Wording

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add conflict response and fix API tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix other test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-30 20:56:34 -05:00
Pedro Alves
c40df54e28
Group Label Changed Comments in timeline (#13304)
* Create function to group label comments

* Combine multiple label additions into one

* Group removed and added labels in the same comment

* Fix indentation on comments.tmpl

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-10-25 17:49:48 -04:00
Divyam Bhasin
7974b34183
#12897 - add mastodon provider (#13293)
* added mastodon provider to oauth code

* changed go.mod and vendor/modules.txt to add updated goth

* vendored mastodon and new goth

* committing result of go mod tidy && go mod vendor

* added pic and mastodon to oauth models

* handled instance url

* applied lafriks suggestion

* Update web_src/js/index.js

Co-authored-by: techknowlogick <matti@mdranta.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-10-25 14:21:49 -04:00
zeripath
4099e4f1b6
Ensure topics added using the API are added to the repository (#13285)
* Ensure topics added using the API are added to the repository

Fix #12426

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-24 15:11:30 +01:00
zeripath
f40a2a4404
Store task errors following migrations and display them (#13246)
* Store task errors following migrations and display them

When migrate tasks fail store the error in the task table
and ensure that they show on the status page.

Fix #13242

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update web_src/js/index.js

* Hide the failed first

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-23 19:46:35 -04:00
Paweł Bogusławski
d2ad4dec63
Avatar autogeneration fixed (#13233)
This mod fixes problem with initial avatar autogeneration and
avatar autogneration after deleting previous avatar.

Related: https://github.com/go-gitea/gitea/issues/13159
Fixes: 80a6b0f5bc
Author-Change-Id: IB#1105243
2020-10-23 20:55:10 +03:00
Lunny Xiao
be82b8f99a
Keep database transactions not too big (#13254)
* Keep database transactions not too big

* Fix #13255

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Only cache the last repo

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-10-22 11:45:54 -04:00
Lanre Adelowo
e918636283
Enhance release list (#6025)
* show author for releases created outside Gitea UI.

Also show the number of commits behind the default branch for tags created outside the UI

don't show the tag date again for tags pushed to the repo. Since it is already on the sidebar and looks like duplication

* add migration for already existing tags

* update as per review

* fix build

* add space

* fix import statments

* Update models/migrations/v113.go

Co-Authored-By: zeripath <art27@cantab.net>

* Update models/migrations/v114.go

Co-authored-by: 6543 <6543@obermui.de>

* Update services/release/release.go

Co-authored-by: 6543 <6543@obermui.de>

* impruve

* remove dependency on models package

* Close the gitrepos in a defer to ensure that they are closed.

* gofmt

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-21 20:55:25 -04:00
6543
48a80096bb
Update heatmap fixtures to restore tests (#13224)
* hotfix

* update ...
2020-10-20 17:39:25 -05:00
a1012112796
b9850375fc
Add review request api (#11355)
* Add review request api

* add : POST /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* Remove : DELET /repos/{owner}/{repo}/pulls/{index}/requested_reviewers
* fix some request review bug
* block delet request review by models/DeleteReview()

Signed-off-by: a1012112796 <1012112796@qq.com>

* make fmt

* fix bug

* fix test code

* fix typo

* Apply suggestion from code review @jonasfranz

* fix swagger ref

* fix typo

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix comment

* Change response message

* chang response so some simplfy

* Add ErrIllLegalReviewRequest
fix some nits

* make fmt

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>

* * Add team support
* fix test
* fix an known bug

* fix nit

* fix test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* update get api and add test

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
2020-10-20 14:18:25 -04:00
6543
d453533beb
[Refactor] Move APIFormat functions into convert package (#12856)
* USER APIFormat -> ToUser

* Migrate more and mark APIFormat deprecated

* models.Comment APIFormat() -> convert.ToComment

* models.Release APIFormat() -> convert.ToRelease

* models.Attachments APIFormat() -> convert.ToReleaseAttachments

* models.CommitStatus APIFormat() -> convert.ToCommitStatus

* finish migration to convert.ToUser

* Move Test

* Imprufe Test

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-17 00:23:08 -04:00
ydelafollye
cb171dbd56
Improve users management through the CLI (#6001) (#10492)
* Fix images in wiki edit preview (#11546)

Make sure wiki editor sets wiki to true so gitea renders it as a wiki page.

Also change the context data attr for edit form. This looks wrong but everywhere else in our code assumes the urlPrefix to be just the repo url when rendering and manually adds /wiki to the rendered url regardless.

Fixes #11540
2020-10-15 22:48:38 -04:00
Elena Neuschild
4fbe64572c
Change order of possible-owner organizations to alphabetical (#13160)
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-15 18:15:55 -04:00
Lunny Xiao
80a6b0f5bc
Avatars and Repo avatars support storing in minio (#12516)
* Avatar support minio

* Support repo avatar minio storage

* Add missing migration

* Fix bug

* Fix test

* Add test for minio store type on avatars and repo avatars; Add documents

* Fix bug

* Fix bug

* Add back missed avatar link method

* refactor codes

* Simplify the codes

* Code improvements

* Fix lint

* Fix test mysql

* Fix test mysql

* Fix test mysql

* Fix settings

* Fix test

* fix test

* Fix bug
2020-10-14 21:07:51 +08:00
赵智超
97980146c5
Show original author's reviews on pull summary box (#13127)
follow #12039, show original author's reviews by other way.
fix #11705.

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-10-14 13:11:11 +01:00
赵智超
dfa7291f8f
[Enhancement] Allow admin to merge pr with protected file changes (#12078)
* [Enhancement] Allow admin to merge pr with protected file changes

As tilte, show protected message in diff page and merge box.

Signed-off-by: a1012112796 <1012112796@qq.com>

* remove unused ver

* Update options/locale/locale_en-US.ini

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Add TrN

* Apply suggestions from code review

* fix lint

* Update options/locale/locale_en-US.ini

Co-authored-by: zeripath <art27@cantab.net>

* Apply suggestions from code review

* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed

* Apply review suggestion @CirnoT

* move to service @lunny

* slightly restructure routers/private/hook.go

Adds a lot of comments and simplifies the logic

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* skip duplicate protected files check

* fix check logic

* slight refactor of TestPatch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking for protected files changes in TestPatch use the temporary repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix introduced issue with hook

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the check on PR index being greater than 0 as it unnecessary

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-13 14:50:57 -04:00
zeripath
6b1266b6b3
Provide self-registering storage system (#12978)
* Provide self-registering storage system

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More simplification

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove old strings from setting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops attachments not attachment

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-12 23:58:34 -04:00
6543
ade9c8dc3c
[API] If User is Admin, show 500 error message on PROD mode too (#13115)
* API: show admin 500 error message on PROD mode too

* a nit

* dont miss InternalServerError

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-12 20:41:49 -04:00
6543
f4ffe8ed54
Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
* Add timestamps to Star, Label, LanguageStat, Follow, Watch and Collaboration

* Star do not need updated

* LanguageStat do not need update (they wont change)

* fix unit-test
2020-10-12 20:01:57 -04:00
赵智超
8be3e439c2
Add team support for review request (#12039)
Add team support for review request

Block #11355

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-10-12 20:55:13 +01:00
6543
9513638715
Prohibit automatic downgrades (#13108)
Prohibit automatic downgrades by checking the version of the db and warning if the version number should be lower.

Close #13107

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
2020-10-12 15:35:56 +01:00
Chris Shyi
c752ccee64
Improve error feedback for duplicate deploy keys (#13112)
Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template to inform the user that a key with the intended title already exists. 

Fixes #13110
2020-10-12 14:44:56 +01:00
kolaente
64133126cd
Update golangci-lint to version 1.31.0 (#13102)
This PR updates golangci-lint to the latest version 1.31.0.

The upgrade introduced a new check for which I've fixed or disabled most cases.

Signed-off-by: kolaente <k@knt.li>
2020-10-11 21:27:20 +01:00
Wim
9066d09c57
Add ssh certificate support (#12281)
* Add ssh certificate support

* Add ssh certificate support to builtin ssh

* Write trusted-user-ca-keys.pem based on configuration

* Update app.example.ini

* Update templates/user/settings/keys_principal.tmpl

Co-authored-by: silverwind <me@silverwind.io>

* Remove unused locale string

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* Add missing creation of SSH.Rootpath

* Update cheatsheet, example and locale strings

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>

* Update models/ssh_key.go

* Optimizations based on feedback

* Validate CA keys for external sshd

* Add filename option and change default filename

Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem

Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.

Add some more documentation.

* Remove unneeded principalkey functions

* Add blank line

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option

This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.

To allow anything the admin need to set the option anything.

This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).

This commit also has some small other fixes from the last code review.

* Rewrite principal keys file on user deletion

* Use correct rewrite method

* Set correct AuthorizedPrincipalsBackup default setting

* Rewrite principalsfile when adding principals

* Add update authorized_principals option to admin dashboard

* Handle non-primary emails

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the command actually to the dashboard template

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>

* By default do not show principal options unless there are CA keys set or they are explicitly set

Signed-off-by: Andrew Thornton <art27@cantab.net>

* allow settings when enabled

* Fix typos in TrustedUserCAKeys path

* Allow every CASignatureAlgorithms algorithm

As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA

* Update models/ssh_key.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Fix linting issue

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-10 20:38:09 -04:00
zeripath
6f2784911f
Fix deadlock when deleting team user (#13092)
`models.getUserRepoPermission(...)` calls `HasOrgVisible` which
uses `models.x` potentially outside of the transaction `e` provided
as an argument to `getUserRepoPermission`.

This PR switches to use `hasOrgVisible(e, ...)`.

Fix #12983

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-10 22:48:58 +03:00
zeripath
ea69ec6f0f
Disable DSA ssh keys by default (#13056)
* Disable DSA ssh keys by default

OpenSSH has disabled DSA keys since version 7.0

As the docker runs openssh > v7.0 we should just disable
DSA keys by default.

Refers to #11417

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just disable DSA keys by default

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove DSA type

* Fix Tests

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-09 09:52:57 +03:00
zeripath
5e1c51cdb6
(Re)Load issue labels when changing them (#13007)
(Re)Load issue labels when labels are added or removed

This means that the label state that the webhooks produce accurately matches
the changes that they are reporting.

Fix #10660

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-05 09:49:11 +03:00
silverwind
cda44750cb
Attachments: Add extension support, allow all types for releases (#12465)
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-05 01:49:33 -04:00
6543
818d921bbb
Refactor use TrimSuffix instead of TrimRight (#12993)
* Refactor use TrimSuffix instead of TrimRight

* TrimRight right

* has #12990
2020-10-01 06:54:34 +01:00
Lunny Xiao
3878e985b6
Add default storage configurations (#12813)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-29 12:05:13 +03:00
zeripath
4c6ac08182
Completely quote AppPath and CustomConf paths (#12955)
* Completely quote AppPath and CustomConf paths

Properly handle spaces in AppPath and CustomConf within hooks and
authorized_keys. Unfortunately here we don't seem to be able to get away
with using go-shellquote as it appears that Windows doesn't play too
well with singlequote quoting - therefore we will avoid singlequote
quoting unless we absolutely cannot get away without it, e.g. \n or !.

Fix #10813

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing change

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix Test_CmdKeys

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-28 21:16:52 -04:00
赵智超
3c360801b3
Add IsTemplate option in create repo ui and api (#12942)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-25 13:18:37 +08:00
zeripath
7a7f56044a
Adopt repositories (#12920)
* Don't automatically delete repository files if they are present

Prior to this PR Gitea would delete any repository files if they are
present during creation or migration. This can in certain circumstances
lead to data-loss and is slightly unpleasant.

This PR provides a mechanism for Gitea to adopt repositories on creation
and otherwise requires an explicit flag for deletion.

PushCreate is slightly different - the create will cause adoption if
that is allowed otherwise it will delete the data if that is allowed.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix tests and migrate overwrite

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Only offer to adopt or overwrite if the user can do that.

Allow the site administrator to adopt or overwrite in all
circumstances

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use setting.Repository.DefaultBranch for the default branch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Always set setting.Repository.DefaultBranch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update templates

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure repo closed

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Rewrite of adoption as per @6543 and @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* update swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* missing not

Signed-off-by: Andrew Thornton <art27@cantab.net>

* add modals and flash reporting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Make the unadopted page searchable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle empty and non-master branched repositories

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove commented out code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
ひのしば / hinoshiba
6fa19a8458
Fixed count of filtered issues when api request. (#12275)
* Improved total count of issue when filtered.

* Fixed size of slice when  selected 1 repository.

* Improved function of error check.

* improved comment

* Added parameter of return header.

Co-authored-by: 6543 <6543@obermui.de>

* Updated corresponded to the current vendored of "xorm.io/xorm".

* Dedublicated it by store the Options Struct into a variable.

* format code

* Update routers/api/v1/repo/issue.go

Co-authored-by: 6543 <6543@obermui.de>

* Update routers/api/v1/repo/issue.go

Co-authored-by: 6543 <6543@obermui.de>

* Updated number of range.

Co-authored-by: 6543 <6543@obermui.de>

* Updated number of range.

Co-authored-by: 6543 <6543@obermui.de>

* Removed total value.

* make fmt

* Improved value of sql.

Co-authored-by: zeripath <art27@cantab.net>

* Improved value of sql.

* improved message

* improved message

* improved message

* fixed message

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-24 19:30:40 -04:00
6543
2dbca92a0f
API: NotificationSubject show Issue/Pull State (#12901) 2020-09-20 19:10:53 -04:00
zeripath
4979f15c3f
Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
6543
1418288734
Refactor: move Commit To APIFormat Code & Lot of StopWatch related things (#12729)
* move GitCommit to APIFormat convertion into convert package

* rename Commit convert functions

* move stopwatch to api convertion into convert package & rm unused code & extend test

* fix compare time

* Gitea not Gogs ;)
2020-09-18 20:09:26 +08:00
赵智超
ec5677b7a2
Simplify CheckUnitUser logic (#12854)
if check one user's unit in different repos, it's not necessary to
get user data every time.

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-15 19:49:34 -04:00
zeripath
772b5e0f54
Add migration for password algorithm change (#12784)
* Add migration for password algorithm change

#12688 changed the default for the user table leading to sync2 warnings

Unfortunately changing defaults requires a complete table rewrite in general.

However, just dropping columns could be bad - so this PR leverages the
techniques used in recreate table to recreate from the inferred schema
and recreates the user table.

This is not necessarily the correct thing to do - but code sometimes speaks
louder than words.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ok lets use the shorter bits for other dbs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/migrations/v150.go

* Update models/migrations/v150.go

* fix migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* mv v150 to v151.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-15 18:02:41 -04:00
zeripath
e0ac545043
Add postgres schema to the search_path on database connection (#12634)
Rather than rely on the user running the gitea server and db setting the
schema search_path correctly - if gitea is run with a schema we should
simply set the search_path to have that schema first in the path.

Fix #12505

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-11 10:30:19 +01:00
zeripath
25c870faa9
Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804)
Fix #12801

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-11 09:25:06 +01:00
6543
fd60ebfe14
[API] Migration: Change ServiceType String (#12672)
* use different structs for MigrateRepoOptions on UI and API

* Fix TokenAuth and rename UID to an understandable Name

* fix swagger doc

* simplify & mk redable

* R E F A C T O R:
migration has now internal 3 structs to store its options:
 * the Options for WebUI: modules/auth/repo_form.go
 * the Options for API: modules/structs/repo.go
 * the option struct with after validation for internal prossessing: modules/migrations/base/options.go

* Copyright Header

* Deprecate UID - add RepoOwner

* adopt repo.go -> migrate.go

* add comment about each struct purpose

* lint
2020-09-10 23:29:19 +01:00
zeripath
47289344e2
Add Primary Key to Topic and RepoTopic (#12639)
Add a primary key to Topic and RepoTopic tables

Fix #8920

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-10 20:45:01 +01:00
赵智超
4f8dad37f8
ui: change commentTag style (#11668)
* ui: change commentTag style

* Add comment tag in first comment (issue content)
* Show CommentTagPoster in other way

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update routers/repo/issue.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* revert CommentTagPoster

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-10 14:09:14 -04:00
赵智超
ffa12bdb71
Fix "only mail on mention" bug (#12775)
* fix mail mention bug

fix #12774

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-09 15:08:55 -04:00
Vedran
e204398754
Change/remove a branch of an open issue (#9080)
* Add field with isIssueWriter to front end

* Make branch field editable

* Switch frontend to form and POST from javascript

* Add /issue/id/ref endpoint to routes

* Use UpdateIssueTitle model to change ref in backend

* Removed crossreference check and adding comments on branch change

* Use ref returned from POST to update the field

* Prevent calling loadRepo from models/

* Branch/tag refreshed without page reload

* Remove filter for empty branch name

* Add clear option to tag list as well

* Delete button translation and coloring

* Fix for not showing selected branch name in new issue

* Check that branch is not being changed on a PR

* Change logic

* Notification when changing issue ref

* Fix for renamed permission parameter

* Fix for failing build

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-08 12:29:51 -04:00
Lunny Xiao
7a5465fc56
LFS support to be stored on minio (#12518)
* LFS support to be stored on minio

* Fix test

* Fix lint

* Fix lint

* Fix check

* Fix test

* Update documents and add migration for LFS

* Fix some bugs
2020-09-08 23:45:10 +08:00
6543
cfd8e8a489
gitea dump: include version & Check InstallLock (#12760)
* gitea dump: include version

* Check InstallLock (close #12759)

* fix test

* fix lint
2020-09-07 23:27:17 +01:00
zeripath
a722dd72db
Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752)
* Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes

Fix #11738

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 23:53:42 -04:00
zeripath
1b9d5074a7
Add command to recreate tables (#12407)
Provides new command: `gitea doctor recreate-table` which will recreate
db tables and copy the old data in to the new table.

This function can be used to remove the old warning of struct defaults being
out of date.

Fix #8868
Fix #3265
Fix #8894

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 22:52:01 +01:00
Lunny Xiao
e8958bfc38
Fix bug of migraition v111 (#12738) 2020-09-06 11:34:51 +01:00
Lunny Xiao
6590cac89b
Fix bug on migration 111 (#12736)
* Fix bug on migration 111

* Check reviews when migrating v111

* Fix bug

* Fix commit
2020-09-06 16:54:29 +08:00
6543
1c35353c53
implemet Cache for Stopwatches.APIFormat() (#12730)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 21:20:27 -04:00
6543
1ea1cade85
Add Created & Updated to Milestone (#12662)
* Add Created and Updated to Milestone table and expose via API

* Expose to UI - To Overloaded ?!?

* fix unit test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 13:38:54 -04:00
Jochen Peters
385433d2f4
additional data for type StopWatch in swagger api (#12458)
* additional data for type StopWatch in swagger api

* fix lint-backend issue with gofmt

* fix format in v1_json with 'make generate-swagger'

* using issue.LoadRepo() instead of getRepositoryByID()

Co-authored-by: jochen@homeland <no-go@localhost>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-05 12:58:33 +01:00
6543
6c5266c9ca
[BugFix] Fix comment broken issue ref dependence (#12651)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* Add migration

* Ignore 'dependent_issue_id = 0' case

* exchange as per @lunny

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 09:36:56 +08:00
zeripath
5c0697ad1e
Use argon as default password hash algorithm (#12688)
* Restrict TLS connections to 1.2 minimum

* Set Argon2 as the default KDF

* Fix user.yml

* Remove TLS minversion changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add migration as per @techknowlogick

Signed-off-by: Andrew Thornton <art27@cantab.net>

* set the password algo in the fixtures

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the v148 migration - it needs recreate table to change the defaults

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
2020-09-03 14:58:31 -04:00
zeripath
d257485bc0
Rename models.ProtectedBranchRepoID to models.EnvRepoID and ensure EnvPusherEmail is set (#12646)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-30 08:24:39 +01:00
6543
d5b6931dbe
[API] Delete Token accept names too (#12366)
* Delete Token accept names too

* better description

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-28 11:09:33 +03:00
zeripath
f3fb3c6f56
Open transaction when adding Avatar email-hash pairs to the DB (#12577)
When adding Avatar email-hash pairs we simply want the DB table to
represent a Set. We don't care if the hash-pair is already present,
so we just simply Insert and ignore the error.

Unfortunately this seems to cause some DBs to log the duplicate
insert to their logs - looking like a bug a in Gitea.

Now, there is no standard way in SQL to say Insert but if there's
an error ignore it. MySQL has INSERT IGNORE, PostgreSQL >= 9.5 has
INSERT ... ON CONFLICT DO NOTHING, but I do not believe that SQLite
or MSSQL have variants.

This PR places the insert in a transaction which we are happy to fail
if there is an error - hopefully this will stop the unnecessary
logging.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-24 18:39:18 -04:00
6543
4b97f9018b
OpenGraph: use repo avatar if exist (#12586) 2020-08-24 22:46:56 +03:00
zeripath
2ae8c7ab1c
Add cron running API (#12421)
* Add cron running API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* placate-swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* return not found

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-24 11:48:15 -04:00
赵智超
e7d65cbc6e
Add email notify for new release (#12463)
* Add email notify for new release

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-08-23 16:03:18 +01:00
Lunny Xiao
2026d885d6
Fix bug on migration 147 (#12565) 2020-08-22 18:12:40 +01:00
zeripath
7c2cf236f8
Allow addition of gpg keyring with multiple keys (#12487)
Related #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-21 13:45:50 +03:00
zeripath
9c9c3348bb
Prevent NPE on commenting on lines with invalidated comments (with migration) (#12549)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add migration and remove template hacks

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:53:14 +03:00
zeripath
d15bb17b78
Default empty merger list to those with write permissions (#12535)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-20 10:48:40 +03:00
Lunny Xiao
62e6c9bc6c
Add a storage layer for attachments (#11387)
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
Lanre Adelowo
4027c5dd7c
Kanban board (#8346)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Kerry <flatline-studios@users.noreply.github.com>
Co-authored-by: Jaqra <jaqra@hotmail.com>
Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com>
Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com>
Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-16 23:07:38 -04:00
zeripath
d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
zeripath
f50364a5b0
Keys should not verify revoked email addresses (#12486)
Fix #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-16 09:44:34 +01:00
techknowlogick
c9d1e40dfc
UI: Update commit signature view (#12473) 2020-08-13 10:54:54 -04:00
zeripath
74bd9691c6
Re-attempt to delete temporary upload if the file is locked by another process (#12447)
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.

Fix #12339

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-11 21:05:34 +01:00
techknowlogick
22c952ac7a
Make dashboard newsfeed list length a configurable item (#12469)
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-08-11 10:48:13 -04:00
zeripath
d87dbd7519
Fix Migration 145 on MSSQL if varchar is changed to nvarchar (#12445)
* Handle MSSQL constraints

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/migrations/v145.go

* Prevent hang with Sync2

* Agh it's uniques not indexes

* Let us try a different way of finding constraints on the language column

Signed-off-by: Andrew Thornton <art27@cantab.net>

* minor simplification

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try drop index instead?

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-10 16:01:10 +03:00
zeripath
e17e3f71f4
Use transaction in V102 migration (#12395)
The code for dropTableColumns has a slightly confusing portion whereby the session is committed for MSSQL but not for other variants.

The v102 migration doesn't actually start a transaction so this weirdness does not affect it. However it probably should attempt to run this in a transaction.

Signed-off-by: Andrew Thornton art27@cantab.net
2020-08-06 19:16:49 +01:00
zeripath
5e5c893555
Need RepoID in the languagestat field (#12427)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-04 14:38:31 -04:00
zeripath
502e38c33c
Increase size of the language column in language_stat (#12396)
In #12379 it was discovered that enry v2 has a maximum language length
of 34 characters which is larger than the 30 previously provided.

This PR updates the language column to 50.

Fix #12379
2020-08-04 14:54:29 +01:00
Lars Lehtonen
e4d6f2e9e5
models: break out of loop (#12386) 2020-07-31 21:26:47 +08:00
S7evinK
bf60146444
Don't use legacy method to send Matrix Webhook (#12348)
* Don't use legacy send for messages

* Add migrations to ensure Matrix webhooks use PUT

* Set HTTP method to PUT as default

* Fix sql condition..

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Rename getTxnID -> getMatrixTxnID

* Use local variable instead of constant value

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-30 18:04:19 -04:00
赵智超
1f12dc8e88
Add action feed for new release (#12324)
* Add action feed for new release

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* Apply suggestions from code review

* Add ReleaseID to the action table
* Remove error message
* Fold the attachments download list

* remove attchment download list

* simplify code

* fix create release from existing tag

* simplify ui

* translation change

* fix test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-29 15:20:54 -04:00
6543
8bdc9795d8
Add name filter to API for GetMilestoneList (#12336)
Adds a name filter to the API for GetMilestoneList

Includes a small refactor: merge GetMilestones and GetMilestonesByRepoID

Close #12260

Needed for https://gitea.com/gitea/go-sdk/issues/383 and https://gitea.com/gitea/tea/pulls/149
2020-07-28 12:30:40 +01:00
6543
7ecb25b41b
Refactor: Remove Dependencies from Migration v111 (#11646)
* Refactor: Remove Dependencys from Migration v111

* Update models/migrations/v111.go

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-26 17:34:30 -04:00
Wim
4609eba2e7
Fix ipv6 parsing (#12321)
* Fix ipv6 parsing

* Update modules/setting/setting.go

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-26 16:31:28 -04:00
6543
2753d72773
Migrations (v82,v96,v99,v136) remove dependencies (#12286)
* remove dependencys

* add missing fields

* CI.restart()
2020-07-22 09:27:22 -05:00
Lunny Xiao
45631083a4
Support use nvarchar for all varchar columns when using mssql (#12269)
* Support use nvarchar for all varchar columns when using mssql

* fix lint

* Change DEFAULT_VARCHAR to nvarchar

* Remove the config for default varchar since it's unnecessary
2020-07-21 20:28:27 +08:00
silverwind
0e24af6951
Update Octicons to v10 (#12240)
* Update Octicons to v10

Besides a few renames, these icons are no longer present in v10 that we've
used, so had to change:

file-symlink-directory -> file-submodule
internal-repo -> repo
repo-force-push -> repo-push
repo-template-private -> repo-template

Fixes: https://github.com/go-gitea/gitea/issues/11889
Ref: https://github.com/primer/octicons/releases/tag/v10.0.0

* add custom sliders svg for removed octicon-settings

* apply suggestion

* fix triangles and use play on admin dashboard

* add custom mirror svg

* add missing build files

* unify custom svgs

* move to octicon-repo-clone to gitea-mirror

* use octicon-x on conflicts

* tweak timeline icons

* tweak comment buttons

* update settings icon to octicons v1

* switch to octicon-mirror and octicon-tools

* replace two wiki buttons with octicons

* remove whitespace in svg sources

* Fix filepath basename on Windows for SVG bindata (#12241)

* move octicons to devDependencies

* move back to dependencies

* move svgo to devDependencies again

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-17 18:15:12 +03:00
zeripath
4fa2e217c1
Set NoAutoTime when updating is_archived (#12266)
Fix #12246

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-16 17:58:46 -04:00
Lars Lehtonen
b49a195839
models: fix xorm variable clobber (#12231)
NewTestEngine() takes a *xorm.Engine as its argument, and then immediately overwrites it.

This fixes the model package to not take an unneeded variable, and changes the routers package to not create a nil *xorm.Engine that is immediately discarded by model.
2020-07-13 09:58:55 +01:00
bobemoe
bac57ab590
When starting new stopwatch stop previous if it is still running (#10533)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-12 13:01:20 +03:00
zeripath
63591016b3
Extend Notifications API and return pinned notifications by default (#12164)
* Extend notifications API and return pinned notifications in notifications list

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove spurious debugs

* as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/notification.go

* as per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-12 00:46:01 +03:00
Jürgen Hötzel
30399cf04a
Trim to 255 runes instead of bytes (#12150)
* Trim to 255 runes instead of bytes

Prevents invalid UTF-8 encoding for Description and Website. Refs #7905

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-08 00:35:52 +03:00
赵智超
12f9dd8fa9
Decrease the num_stars when deleting a repo (#11954)
* Decrease the  num_stars when deleting a repo

fix #11949

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migration

* use batch

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* fix lint

* fix ci

* fix ci2

* add doctor

* duplicate code

* fix migration

* fix some nits

* add start

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-07 15:16:34 -04:00
zeripath
8a0bb7cd04
Ensure Subkeys are verified (#12155)
When attempting to verify subkeys the email address verification step
requires checking the emails however, these emails are not stored on
subkeys but instead on the primary key.

This PR will obtain the primaryKey and check against these emails too.

Fix #12128

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-06 14:33:34 -04:00
Lars Lehtonen
56f222d44c
models: break out of loops (#12159)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-06 13:07:07 +01:00
zeripath
482ba937ed
Provide option to unlink a fork (#11858)
* Provide option to unlink a fork

Fix #4566

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>

* Add check that user can create repo

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @cirnoT

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
2020-07-02 15:09:09 +01:00
赵智超
ae20de7771
fix bug about can't skip commits base on base branch (#11555)
* fix bug about can't skip commits base on base branch

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update modules/git/commit.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* Update models/issue_comment.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-24 20:40:52 +01:00
successgo
4dee08a6b4
Fix typo (#12013)
* Fix typo of MSSQL

* Fix typo: validates

* Fix typo

* fix comment with space

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-22 11:21:11 -04:00
silverwind
e24ee48776
Add serviceworker.js to KnownPublicEntries (#11992)
Fixes a wrong 302 redirect to the login page, see https://github.com/go-gitea/gitea/issues/11989.
Also made it so the reserved username list is extended with those known
entries so we avoid code duplication.

Should be backported to 1.12.
2020-06-20 16:20:25 +03:00
zeripath
654a970644
Fix commenting on non-utf8 encoded files (#11916)
* Add comment on non-unicode line to force fail

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just quote/unquote patch

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-06-18 10:07:09 -04:00
Lunny Xiao
1dd3f19ee3
Use google/uuid to instead satori/go.uuid (#11943)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-18 17:18:44 +08:00
techknowlogick
9e6a79bea9
upgrade to use testfixtures v3 (#11904)
* upgrade to use testfixtures v3

* simplify logic

* make vendor

* update per @lunny

* Update templates/repo/empty.tmpl

* Update templates/repo/empty.tmpl

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-17 22:07:58 +03:00
Lunny Xiao
1645d4a5d8
Use ID or Where to instead directly use Get when load object from database (#11925)
* Use ID or Where to instead directly use Get when load object from database

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-06-17 20:50:11 +03:00
Lunny Xiao
cdef92b3ff
Upgrade xorm to v1.0.2 (#11900)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-15 16:46:01 -04:00
zeripath
48648d1d86
Invalidate comments when file is shortened (#11882)
* Invalidate comments when file is shortened

Fix #10686

Signed-off-by: Andrew Thornton <art27@cantab.net>

* handle 1 line

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-06-14 16:55:20 +03:00
Cirno the Strongest
0159851cc3
Rework api/user/repos for pagination (#11827)
* Add count to `GetUserRepositories` so that pagination can be supported for `/user/{username}/repos`
* Rework ListMyRepos to use models.SearchRepository

ListMyRepos was an odd one. It first fetched all user repositories and then tried to supplement them with accessible map. The end result was that:

* Limit for pagination did not work because accessible repos would always be appended
* The amount of pages was incorrect if one were to calculate it
* When paginating, all accessible repos would be shown on every page

Hopefully it should now work properly. Fixes #11800 and does not require any change on Drone-side as it can properly interpret and act on Link header which we now set.

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-13 12:35:59 +01:00
zeripath
b9e281265e
Add migration to set IsArchived false if it is null (#11853)
* Add migration to set IsArchived false if it is null

Fix #11824

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add doctor

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-11 16:18:11 -04:00
Cirno the Strongest
2b2b3e4c37
Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-10 12:23:22 -04:00
6543
363e51d19c
Refactor: Remove Dependencys from Migration v112-v119 (#11811)
* v119

* v116

* v112
2020-06-09 16:34:05 -04:00
Cirno the Strongest
94f60e199b
Fix visibility of forked public repos from private orgs (#11717)
* Fix visibility of forked public repos from private orgs

* update forks visibility when org visibility is changed

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-06 20:45:12 -04:00
Cirno the Strongest
a5aa5c58c1
Increase maximum SQLite variables count to 32766 (#11696)
per https://www.sqlite.org/limits.html

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-05 19:57:25 -04:00
l-jonas
aa3c0f8eba
Add hide activity option (#11353)
* Add hide activity option

This closes https://github.com/go-gitea/gitea/issues/7927

* Adjust for linter

* Adjust for linter

* Add tests

* Remove info that admins can view the activity

* Adjust new tests for linter

* Rename v139.go to v140.go

* Rename v140.go to v141.go

* properly indent

* gofmt

Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-05 16:01:53 -04:00
Cirno the Strongest
5acba4609a
Add internal-repo octicon for public repos of private org (#11529)
* Show multiple octicons on repo list

* fix mixed spaces/tabs

* Internal repo octicon

* show internal icon in dashboard repolist

* swagger

* fix icon for normal repo on repo page

* don't expose owner visibility directly; provide internal in repo api

* fix icons for forks and mirrors

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-06-05 14:41:06 +03:00
zeripath
a730dc1419
Fix verification of subkeys of default gpg key (#11713)
* Fix verification of subkeys of default gpg key

Fix #10309

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove debug log

* Update models/gpg_key.go

* As per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-03 11:36:41 -04:00
Cuong Manh Le
d98df0ede3
models: include LFS when calculating repo size (#11060)
Fixes #9369

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-31 00:51:19 -04:00
Cirno the Strongest
9d652002c6
Fix language stat calculation (#11692)
* Fix language stat calculation

* Group languages and ignore 0 size files

* remove unneeded code
2020-05-31 01:58:55 +03:00
Lauris BH
ea4c139cd2
Change language statistics to save size instead of percentage (#11681)
* Change language statistics to save size instead of percentage in database

Co-Authored-By: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Do not exclude if only language

* Fix edge cases with special langauges

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
2020-05-30 10:46:15 +03:00
zeripath
495354c4bd
Add logging to long migrations (#11647)
* Add logging to long migrations

Also fix v136 to not use models

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-29 23:18:24 +01:00
Terence Le Huu Phuong
141d52cc0f
Add API Endpoint for Branch Creation (#11607)
* [FEATURE] [API] Add Endpoint for Branch Creation

Issue: https://github.com/go-gitea/gitea/issues/11376

This commit introduces an API endpoint for branch creation.

The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.

Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>

* Put all the logic into CreateBranch and removed CreateRepoBranch

* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.

* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests

* Moved the resetFixtures call inside the loop for APICreateBranch function

* Put the prepareTestEnv back in repo_branch_test

* fix import order/sort api branch test

Co-authored-by: zeripath <art27@cantab.net>
2020-05-29 19:16:20 +01:00
6543
726e1e5279
Doctor check & fix db consistency (#11111)
needed to fix issue as described in #10280

* rename check-db to check-db-version
* add check-db-consistency:
* find issues without existing repository
* find pulls without existing issues
* find tracked times without existing issues/pulls
* find labels without repository or org reference

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-05-29 14:24:15 +01:00
6543
560744fb33
Handle expected errors in AddGPGkey API (#11644)
* handle GPG Parse & Email Errors

* correct TEST

* update Swagger

* more Docu
2020-05-28 17:25:54 -04:00
Gary Kim
5c55793e0e
Fix wrong milestone in webhook message (#11596)
Fixes #11295

Signed-off-by: Gary Kim gary@garykim.dev
2020-05-24 15:38:34 +01:00
zeripath
814ca9ffea
Allow different HardBreaks settings for documents and comments (#11515)
GH has different HardBreaks behaviour for markdown comments and documents.

Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting.

Here we split the setting in to two - one for documents and one for comments and other things.

Signed-off-by: Andrew Thornton art27@cantab.net

Changes to index.js as per @silverwind 
Co-authored-by: silverwind <me@silverwind.io>

Changes to docs as per @guillep2k 
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-24 09:14:26 +01:00
Cirno the Strongest
31df012968
Properly handle and return empty string for dangling commits in GetBranchName (#11587) 2020-05-23 20:49:48 +01:00
zeripath
3eb323901c
Fix repo-list private and total count bugs (#11500)
* Fix repo-list private and total count bugs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure limited and private org public repos are displayed on "private"

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch from onlyPrivate to is_private

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Generate swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-05-20 22:15:30 -03:00
赵智超
0903b1ac8c
Add push commits history comment on PR time-line (#11167)
* Add push commits history comment on PR time-line
* Add notify by email and ui of this comment type also

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migrations for IsForcePush
* fix wrong force-push judgement
* Apply suggestions from code review
* Remove commit number check
* add own notify fun
* fix some typo

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* fix lint

* fix style again, I forgot something before

* Change email notify way

* fix api

* add number check if It's force-push

* Add repo commit link fuction
remove unnecessary check
skip show push commits comment which not have commits alive

* Update issue_comment.go

* Apply suggestions from code review

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Apply suggestions from code review

* fix ui view

Co-authored-by: silverwind <me@silverwind.io>

* fix height

* remove unnecessary style define

* simplify GetBranchName

* Apply suggestions from code review

* save commit ids and isForce push by json
* simplify GetBranchName

* fix bug

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: silverwind <me@silverwind.io>
2020-05-20 09:47:24 -03:00
zeripath
a4cd1f12f8
Ensure public repositories in private organizations are visible and fix admin organizations list (#11465)
* Ensure that we can see public repositories in private organization

Fix #10144 (Again)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix Admin users and organizations page

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/repo_list.go

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-18 00:27:54 +01:00
zeripath
c642cd0676
Allow all members of private orgs to see public repos (#11442)
* Allow all members of private orgs to see public repos

Fix #10144

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/repo_list.go

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-17 16:22:17 +08:00
zeripath
9a2e47b23a
Refactor Cron and merge dashboard tasks (#10745)
* Refactor Cron and merge dashboard tasks

* Merge Cron and Dashboard tasks
* Make every cron task report a system notice on completion
* Refactor the creation of these tasks
* Ensure that execution counts of tasks is correct
* Allow cron tasks to be started from the cron page

* golangci-lint fixes

* Enforce that only one task with the same name can be registered

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix name check

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @guillep2k

* as per @lafriks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add git.CommandContext variants

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-05-16 19:31:38 -04:00
zeripath
414c9ee76a
Make API EditIssue and EditPullRequest issue notifications (#11123)
* Make API EditIssue and EditPullRequest issue notifications

Restructure models.UpdateIssueByAPI and EditIssue/EditPullRequest
to issue notifications

Fix #10014

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per @6543

Signed-off-by: Andrew Thornton <art27@cantab.net>

* update status!

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-17 00:05:19 +03:00
zeripath
c86bc8e061
Add paging and archive/private repository filtering to dashboard list (#11321)
* Add archived options to SearchRepository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add only-private search

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add filter options and paging to dashboard repository page

Signed-off-by: Andrew Thornton <art27@cantab.net>

* swagger generate

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix-swagger-again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @mrsdizzie also remember state

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-16 23:07:01 +03:00
guillep2k
c3d9a5f846
Use session for retrieving org teams (#11438)
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
2020-05-16 20:29:29 +01:00
kolaente
57217cabe3
Fix issue ref migration (#11419)
The migration introduced in #8742 breaks mysql installations. This pr fixes that by correctly using CONCAT.

Signed-off-by: kolaente <k@knt.li>
2020-05-15 15:05:18 +01:00
Sijmen Schoon
66a9ef9036
Fix ref links in issue overviews for tags (#8742)
* Properly generate ref URLs

Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of
src/tags/1.0.0).

Also cleans up some code around it with the created helper functions.

* Fix formatting and create migration

* Add copyright head to utils_test

* Use a raw query for the ref migration

* Remove semicolon

* Quote column and table names in migration SQL

* Change || to CONCAT, since MSSQL does not support ||

* Make migration engine aware

* Add missing import

* Move ref EndName and URL to the issue service

* Fix tests

* Add test for commit refs

* Update issue.go

* Use the right command for building JavaScript bundles

* Prepare for merge

* Check for refs/* before prepending in migration

* Update services/issue/issue_test.go

* Update modules/git/utils_test.go

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
2020-05-14 18:55:43 -04:00
6543
7257c39ddf
Refactor Milestone related (#11225) 2020-05-12 22:54:35 +01:00
zeripath
c42c31a111
Correctly set the organization num repos (#11339)
* Correctly set the organization num repos

Correctly set the organization num repos to the number of
accessible repos for the user

Fix #11194

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

* attempt to fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/user.go

* Explicit columns

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add test and fix 0 counted orgs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove orgname from api

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-05-12 01:04:08 +03:00
Leo
da5e3fa299
Changed image of openid-connect logo for better look on arc-green theme (#11312)
* Set background of openIDConnect logo to white in arc-green theme

* Fixed linting off arc-green theme

Signed-off-by: Leo Maroni <git@em0lar.de>

* Revert changes of first commit (white background) and replaced the image

* Updated openid_connect (part 2)

* Update public/img/auth/openid_connect.svg

Now in one line

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-05-10 17:55:22 +03:00
6543
cd4f7ba5bf
Fix tracked time issues (#11349)
* Fix nil exeption: #11313

* fix 500

* activate test 😆

* move logic
2020-05-09 11:18:44 -03:00
zeripath
791353c03b
Add EventSource support (#11235)
If the browser supports EventSource switch to use this instead of
polling notifications.

Signed-off-by: Andrew Thornton art27@cantab.net
2020-05-07 22:49:00 +01:00
6543
507d0ec57a
Prevent multiple listings of organization when creating a repository (#11303)
prevent double entries in results of GetOrgsCanCreateRepoByUserID

I first try to only add GroupBy directly but xorm return broken user objects ...

... solution was to just query related UserIDs(OrgIDs) first and return OrgUsers based on this IDs

close #11258

Co-authored-by: zeripath <art27@cantab.net>
2020-05-07 14:24:59 +01:00
6543
c97494a4f4
API: Add pull review endpoints (#11224)
* API: Added pull review read only endpoints

* Update Structs, move Conversion, Refactor

* refactor

* lint & co

* fix lint + refactor

* add new Review state, rm unessesary, refacotr loadAttributes, convert patch to diff

* add DeletePullReview

* add paggination

* draft1: Create & submit review

* fix lint

* fix lint

* impruve test

* DONT use GhostUser for loadReviewer

* expose comments_count of a PullReview

* infent GetCodeCommentsCount()

* fixes

* fix+impruve

* some nits

* Handle Ghosts 👻

* add TEST for GET apis

* complete TESTS

* add HTMLURL to PullReview responce

* code format as per @lafriks

* update swagger definition

* Update routers/api/v1/repo/pull_review.go

Co-authored-by: David Svantesson <davidsvantesson@gmail.com>

* add comments

Co-authored-by: Thomas Berger <loki@lokis-chaos.de>
Co-authored-by: David Svantesson <davidsvantesson@gmail.com>
2020-05-02 03:20:51 +03:00
zeripath
4974b7c120
Fix spelling mistake with Rewiew (#11262)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-30 21:24:08 +01:00
6543
ab69b9b1a6
Refactor UpdateOAuth2Application (#11034)
Following on from #11008 refactor UpdateOAuth2Application
2020-04-30 18:50:47 +01:00
Andrew Bezold
3dc6af3d70
Fix creation of Organization repos by Users with max created personal repos (#11183)
* Fix creation of Org repos

Fix go-gitea#9269

* Change variable name to appease linter

* Update PR with suggestions

Add a note for user.CanCreateRepo() about failure assumptions
Change repo.create help message

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-30 16:11:56 +01:00
6543
bfda0f3864
[API] ListIssues add filter for milestones (#10148)
* Refactor Issue Filter Func

* ListIssues add filter for milestones

* as per @lafriks

* documentation ...
2020-04-30 01:15:39 -03:00
6543
6b6f20b6d4
BugFix: updateLabel can updated not allowed fields #11242 (#11242) 2020-04-28 19:28:56 -04:00
6543
49f8b20570
make pagination optional for notifications (#10714) 2020-04-21 22:21:46 +01:00
6543
bb4261a5ed
Add issue subscription check to API (#10967)
close #10962

Adds `GET /api/v1​/repos​/{owner}​/{repo}​/issues​/{index}​/subscriptions​/check`
 -> return a `WachInfo`
2020-04-21 14:48:53 +01:00
6543
77171abcad
Prevent xorm nil insert in Review.Comments (#11150) 2020-04-20 04:04:08 +01:00
6543
4be7cf0405
On Repo Deletion: Delete related TrackedTimes too (#11110) 2020-04-18 22:39:23 +01:00
silverwind
5180deb819
Send 404 immediately for known public requests (#11117)
Instead of further handling requests to public which causes issues like #11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion.

I also added fomantic to the reserved usernames and sorted the list.

Fixes: #11088
2020-04-18 22:01:06 +01:00
John Olheiser
4f597b1866
Add single release page and latest redirect (#11102)
* Add single release and latest release routes

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update API and move latest search to models

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-18 11:47:15 -03:00
赵智超
1b86f174ce
Add a way to mark Conversation (code comment) resolved (#11037)
* Add a way to mark Conversation (code comment) resolved

mark Conversation is a way to mark a Conversation is stale
or be solved. when it's marked as stale, will be hided like
stale. all Pull Request writer , Offical Reviewers and poster
can add or remove Conversation resolved mark.

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* Apply suggestions from code review

* Add ResolveDoer
* fix ui

Co-Authored-By: Lauris BH <lauris@nix.lv>
Co-Authored-By: 6543 <6543@obermui.de>

* change IsResolved to an function
Add permission check in UpdateResolveConversation

* Apply suggestions from code review

* change return error for permisson check
* add default message for deleted user
* get issue message from comment
* add migration for ``ResolveDoerID`` column

another  change:
* block mark pending review as resolved because it's not necessary

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* change button color

* resolve button size

* fix code style

* remove unusefull code

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-18 10:50:25 -03:00
6543
12960b9d18
[BugFix] remove nil inserts in models (#11096)
* Fix InsertReleases Nil Insert on Attachments

* FIX "No element on slice when insert" & smal refactor

* again

* impruve

* rm useles newline

* Apply suggestions from code review

Co-Authored-By: zeripath <art27@cantab.net>

* process insert as a whole

Co-authored-by: zeripath <art27@cantab.net>
2020-04-17 20:42:57 +03:00
6543
c52d48aae4
Prevent merge of outdated PRs on protected branches (#11012)
* Block PR on Outdated Branch

* finalize

* cleanup

* fix typo and sentences

thanks @guillep2k

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-16 22:00:36 -03:00
6543
a4cab2bbfa
[BugFix] ReviewCount: GetApprovalCounts func sorted wrong (#11086)
* FIX by simplify

* code reformat and optimize
2020-04-16 13:44:34 +03:00
Lauris BH
4dc62dadce
Migrate to go-enry new version (#10906) 2020-04-15 20:40:39 +03:00
6543
d66b9a4690
Fix Migration 136 (be less aggressive to open pulls missing git files) (#11072)
* be less aggressife to open pulls when migrating

* remove unused
2020-04-14 17:16:07 -05:00
6543
10e2f29144
Cache PullRequest Divergence (#10914)
* Cache PullRequest Divergence

* only re-calc divergence if AddTestPullRequestTask() is exec

* migrate already open pulls

* finalize

* take care of closed&not-merged+deleted-branch pull requests

* fix nil pointer exeption

Signed-off-by: 6543 <6543@obermui.de>

* try this

* no error its a warn

* init gitea-repositories-meta

* dont use gitDivergence type

* CI.restart()

* CI.restart()

* CI.restart()

* CI.restart()

* check IsUserAllowedToUpdate independend from CommitsBehind
2020-04-14 09:53:34 -04:00
赵智超
281029529b
ui: Add MergePull comment type instead of close for merge PR (#11058)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-14 09:06:23 +08:00
6543
ad5c43ae5d
Reject duplicate AccessToken names (#10994)
* make sure duplicate token names cannot be used

* add check to api routes too

* add @lunny s suggestion

* fix & don't forget User.ID

* AccessTokenByNameExists() return error too

* unique token for each test

* fix lint

Signed-off-by: 6543 <6543@obermui.de>

Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
2020-04-13 22:02:48 +03:00
赵智超
cc07b9ca37
Fix CreateComment for SQLite and JS click event on Request Review (#11040)
* fix some bug about Request review

* fix ``CreateComment`` wrong using ,it will not work when use Sqlite
* fix wrong js click event code , it will send wrong data when it has
many choices

Signed-off-by: a1012112796 <1012112796@qq.com>

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>

* add getReviewerByIssueIDAndUserID
fix wrong conditions check in initIssueComments after #10972

* call CI again

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-11 01:44:50 -03:00
6543
bc362ea3c6
remove package code.gitea.io/gitea/modules/git import out of models (#11025) 2020-04-10 14:26:37 +03:00
L0veSunshine
08208cdfb8
Fix forked repo has no icon and language stat. (#10791)
* Update header.tmpl

* Update _repository.less

* Update pull.go

* Update indexer.go

* Update pull.go

* Update pull.go

* Update indexer.go

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

* fix forked repo doesn't have language stat

Thanks the advice from lunny and 6543.

* fix forked repo doesn't have language stat

Modified as suggested by 6543.

* fix forked repo doesn't have language stat

simplify the function.

* fix forked repo doesn't have language stat

update the indexer after the loop

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-08 15:13:04 +03:00
6543
71979d9663
Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997)
* remove a user from being assigned to any issue/PR if (s)he is removed as a collaborator

* fix gender specific comment

* do not remove users that still have access to the repo if they are a member of a team that can access the repo

* add context to errors

* updates

* incorporate review fixes

* Update models/repo_collaboration.go

Co-Authored-By: 6543 <6543@obermui.de>

* Update models/repo_collaboration.go

Co-Authored-By: 6543 <6543@obermui.de>

* Fix Rebase Relict

* Fix & Impruve

* use xorm builder

* all in one session

* generalize reconsiderIssueAssignees

* Only Unwatch if have no access anymore

* prepare for reuse

* Same things if remove User from Team

* fix lint

* let mysql take time to react

* add description

* CI.restart()

* CI.restart()

Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-07 22:52:01 +01:00
6543
ad31d6b5e8
Fix release counter on API repository info (#10968)
Use the same mechanism as the webpage for calculating the release count

Fix #10946
2020-04-06 19:42:30 +01:00
赵智超
ef89e75d0e
add request review from specific reviewers feature in pull request (#10756)
* add request review feature in pull request

add a way to notify specific reviewers to review like github , by add  or delet a  special type
review . The acton is  is similar to Assign ,  so many code reuse the function and items of
Assignee, but the meaning and result is different.

The Permission style is is similar to github, that only writer can add a review request from Reviewers,
but the poster can recall and remove a review request after a reviwer has revied even if he don't have
Write Premission. only manager , the poster and reviewer of a request review can remove it.

The reviewers can be requested to review contain all readers for private repo , for public, contain
all writers and watchers.

The offical Review Request will block merge if Reject can block it.

an other change: add ui otify for Assignees.

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>

Signed-off-by: a1012112796 <1012112796@qq.com>

* new change

* add placeholder string

* do some changes follow #10238 to add review requests num on lists also
change icon for review requests to eye

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-06 19:33:34 +03:00
zeripath
d26885e2bf
Mulitple Gitea Doctor improvements (#10943)
* Add `gitea doctor --list` flag to list the checks that will be run, including those by default
* Add `gitea doctor --run` to run specific checks
* Add `gitea doctor --all` to run all checks
* Add db version checker
* Add non-default recalculate merge bases check/fixer to doctor
* Add hook checker (Fix #9878) and ensure hooks are executable (Fix #6319)
* Fix authorized_keys checker - slight change of functionality here because parsing the command is fragile and we should just check if the authorized_keys file is essentially the same as what gitea would produce. (This is still not perfect as order matters - we should probably just md5sum the two files.)
* Add SCRIPT_TYPE check (Fix #10977)
* Add `gitea doctor --fix` to attempt to fix what is possible to easily fix
* Add `gitea doctor --log-file` to set the log-file, be it a file, stdout or to switch off completely. (Fixes previously undetected bug with certain xorm logging configurations - see @6543 comment.)

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-06 11:44:47 +01:00
zeripath
ca33a95778
Allow X in addition to x in tasks (#10979)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-05 17:39:05 -05:00
John Olheiser
baadb51445
Add gitea-vet (#10948)
* Add copyright

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add gitea-vet and fix non-compliance

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Combine tools.go into build.go and clean up

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove extra GO111MODULE=on

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-04-05 07:20:50 +01:00
赵智超
f685edf510
Change review status icons on PR view style to Github style (#10737)
* change the icon of ApproveReview pr from "eye" to "check" like github
* change the icon of RejectReview pr from "x" to "request-change" like github
* add "-" after "{{" which need to be one line (TODO: may be not change all)

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-03 02:12:42 -03:00
mrsdizzie
8d99ee2773
Add Organization Wide Labels (#10814)
* Add organization wide labels

Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).

This makes it possible for small organizations with many repos to use
labels effectively.

Fixes #7406

* Add migration

* remove comments

* fix tests

* Update options/locale/locale_en-US.ini

Removed unused translation string

* show org labels in issue search label filter

* Use more clear var name

* rename migration after merge from master

* comment typo

* update migration again after rebase with master

* check for orgID <=0 per guillep2k review

* fmt

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* remove unused code

* Make sure RepoID is 0 when searching orgID per code review

* more changes/code review requests

* More descriptive translation var per code review

* func description/delete comment when issue label deleted instead of hiding it

* remove comment

* only use issues in that repo when calculating number of open issues for org label on repo label page

* Add integration test for IssuesSearch API with labels

* remove unused function

* Update models/issue_label.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Use subquery in GetLabelIDsInReposByNames

* Fix tests to use correct orgID

* fix more tests

* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well

* update comment for clarity

* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition

* Don't sort repos by date in IssuesSearch API

After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45

Returns different results for MySQL than other engines. However, the similar query:

SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30

Returns the same results.

This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.

* linter is back!

* code review

* remove now unused option

* Fix newline at end of files

* more unused code

* update to master

* check for matching ids before query

* Update models/issue_label.go

Co-Authored-By: 6543 <6543@obermui.de>

* Update models/issue_label.go

* update comments

* Update routers/org/setting.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2020-04-01 01:14:46 -03:00
zeripath
2c25e75dca
Various Merge Base fixes (#10786)
* Fix broken merge base migration v128 for merged PR

* Allow PRs with deleted base branches to still show diff

* as per @lunny

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-31 16:42:44 +03:00
Lunny Xiao
73cf0e2614
Fix milestones too many SQL variables bug (#10880)
* Fix milestones too many SQL variables bug

* Fix test

* Don't display repositories with no milestone and fix tests

* Remove unused code and add some comments
2020-03-31 10:47:00 +03:00
zeripath
bf847b9397
Upgrade golangci-lint to 1.24.0 (#10894)
* upgrade golangci-lint to 1.24.0 to allow go 1.14 compatibility
* fix golangci-lint errors
* make make golangci-lint work when out of go-path

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-30 21:52:45 +03:00
Lunny Xiao
f490291bea
Use subquery to instead In (#10874)
* Use subquery to instead In

* Support excludedLabelNames on issues options

* Fix tests

Co-authored-by: zeripath <art27@cantab.net>
2020-03-30 02:30:39 -03:00
zeripath
d01763ee14
Protect against NPEs in notifications list (#10879)
Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.

This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.

References #10815 - and prevents the panic but does not completely fix
this.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-29 20:51:14 +01:00
zeripath
209045f55b
Slight simplification of accessibleRepositoryCondition (#10875)
* Slight simplification of accessibleRepositoryCondition

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-29 15:31:10 +01:00
Lunny Xiao
61f603cd8a
Create a new function to build search repository condition (#10858)
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-29 02:27:06 -03:00
zeripath
ea67e563dd
Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)
* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen

Fix #3985

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Pass up the unable to verify
2020-03-28 19:24:55 +02:00
S7evinK
828a27feeb
Add Matrix webhook (#10831)
* Add Matrix webhook

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Add template and related translations for Matrix hook

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Add actual webhook routes and form

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Add missing file

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Update modules/webhook/matrix_test.go

* Use stricter regex to replace URLs

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Escape url and text

Signed-off-by: Till Faelligen <tfaelligen@gmail.com>

* Remove unnecessary whitespace

* Fix copy and paste mistake

Co-Authored-By: Tulir Asokan <tulir@maunium.net>

* Fix indention inconsistency

* Use Authorization header instead of url parameter

* Add raw commit information to webhook

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
2020-03-28 15:09:55 +02:00
zeripath
7cd47046ea
Handle push rejection in branch and upload (#10854)
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs

Fix #10460

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-28 01:13:18 -03:00
Success Go
8cffae65a6
Fix typo of MSSQL (#10850) 2020-03-27 16:12:39 +02:00
zeripath
e6baa656f7
make avatar lookup occur at image request (#10540)
speed up page generation by making avatar lookup occur at the browser
not at page generation

* Protect against evil email address ".."

* hash the complete email address

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-Authored-By: Lauris BH <lauris@nix.lv>
2020-03-27 14:34:39 +02:00
Lauris BH
a3f90948d8
Set MySQL rowtype to dynamic for new tables (#10833)
* Set mysql rowtype to dynamic for new tables

* Update models.go
2020-03-27 10:44:05 +02:00
zeripath
453f6e6e5a
In authorized_keys use double-quote for windows compatibility (#10841)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-27 09:49:39 +02:00
Lauris BH
bbd910ed1b
Allow to set protected file patterns that can not be changed under no conditions (#10806)
Co-Authored-By: zeripath <art27@cantab.net>
2020-03-27 00:26:34 +02:00
zeripath
52cfd2743c
Option to set default branch at repository creation (#10803)
* Option to set default branch at repository creation
* Handle template repos with non-default master branch
* Add DefaultBranch handling on creation to API

Fix #9542

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-03-26 19:14:51 +00:00
Lunny Xiao
c61b902538
Upgrade xorm to v1.0.0 (#10646)
* Upgrade xorm to v1.0.0

* small nit

* Fix tests

* Update xorm

* Update xorm

* fix go.sum

* fix test

* Fix bug when dump

* Fix bug

* update xorm to latest

* Fix migration test

* update xorm to latest

* Fix import order

* Use xorm tag
2020-03-22 11:12:55 -04:00
zeripath
b3f4f812d8
account for empty lines in receive-hook message (#10773)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-03-20 20:21:28 +02:00
James Lakin
a9f4489bbc
System-wide webhooks (#10546)
* Create system webhook column (and migration)

* Create system webhook DB methods

Based on the default webhook ones

* Modify router to handle system webhooks and default ones

* Remove old unused admin nav template

* Adjust orgRepoCtx to differentiate system and default webhook URLs

* Assign IsSystemWebhook when creating webhooks

* Correctly use booleans for IsSystemWebhook

* Use system webhooks when preparing webhooks for payload

* Add UI and locale changes

* Use router params to differentiate admin hook pages

* Fix deleting admin webhooks and rename method

* Add clarity to webhook docs

* Revert "Remove old unused admin nav template"

This reverts commit 191a20a738.

* Rename WebHooksNewPost to GiteaHooksNewPost for clarity

* Reintroduce blank line lost during merge conflict

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-09 00:08:05 +02:00
John Olheiser
4a4fc73ee1
Fix migration (#10641)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-03-06 17:43:37 +02:00
John Olheiser
3f1c0841cb
Granular webhook events (#9626)
* Initial work

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add PR reviews and API coverage

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Split up events

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add migration and locale

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Format

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert IsPull

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix comments

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix PR reviews

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix issue_comment

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Make fmt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Migrations

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Backwards compatible API

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix feishu

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move session commit

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-06 07:10:48 +02:00
zeripath
80db44267c
Add Approval Counts to pulls list (#10238)
* Add Approval Counts to pulls list

Add simple approvals counts to pulls lists

* Remove non-official counts

* Add PR features to milestone_issues.tmpl
2020-03-06 03:44:06 +00:00
Antoine GIRARD
ae452d024e
Migration for deleting orphaned dependencies (#10617)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-03-05 16:54:50 +01:00
Lauris BH
6a57364dc8
Delete dependencies when deleting a repository (#10608)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-05 09:58:02 +02:00
Lauris BH
6420f17fb6
Add migration to fix the old broken merge-bases (#10604)
* Add migration

* Fix migration

* Update models/migrations/v128.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-05 09:18:07 +02:00
Lauris BH
37c3db7be6
Add restricted user filter to LDAP authentication (#10600)
* Add restricted user filter to LDAP authentification

* Fix unit test cases
2020-03-05 08:30:33 +02:00
Lauris BH
3d5d21133c
OAuth2: add Yandex provider (#8335) (#10564)
* OAuth2: add Yandex provider (#8335)

* remove changes from locale ru-RU

* fmt modules/auth/oauth2/oauth2.go

Co-Authored-By: 6543 <6543@obermui.de>

* fix fmt

* Update templates/admin/auth/new.tmpl

* fix fmt

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-05 00:08:52 +02:00
techknowlogick
bea497ff96
nextcloud oauth (#10562)
Fix #7078
2020-03-02 22:11:45 -05:00
Lunny Xiao
5abe1c52de
Display pull request head branch even the branch deleted or repository deleted (#10413)
* Display pull request head branch even the branch deleted or repository deleted

* Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available

* retrieve sha from pull head when pull request branch deleted and fix tests

* Fix test

* Ensure MustHeadRepoName returns empty string if no head repo

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 22:31:55 +00:00
guillep2k
5e1438ba92
Admin page for managing user e-mail activation (#10557)
* Implement mail activation admin panel

* Add export comments

* Fix another export comment

* again...

* And again!

* Apply suggestions by @lunny

* Add UI for user activated emails

* Make new activation UI work

* Fix lint

* Prevent admin from self-deactivate; add modal

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 15:25:36 -03:00
Lunny Xiao
753c0675c1
Fix migration bug on v96.go (#10572) 2020-03-02 12:53:39 -03:00
6543
4160bd6ef1
Remove Unused Functions (#10516)
* remove ReplaceLeft

* remove GetRepositoryByOwnerAndName chainload to models.GetRepositoryByOwnerAndName

* remove CheckUnitUser chainload to models.CheckUnitUser

* remove MakeAssigneeList

* remove DownloadDiff & DownloadPatch -> DownloadDiffOrPatch

* remove GetRandomBytesAsBase64

* remove PushUpdateDeleteTags

* remove GetUserByKeyID
(you still can resolve user by "k, err := GetPublicKeyByID; userID := k.OwnerID")

* remove BasicAuthEncode from struct package -> same function in modules/base/tools !

* remove UserID from api.utils

* remove unused func from structs package
2020-03-02 00:05:44 +02:00
Brad Albright
82be59e633
issue search on my related repositories (#9758)
* adding search capability to user's issues dashboard

* global issue search

* placement of search bar on issues dashboard

* fixed some bugs in the issue dashboard search

* added unit test because IssueIDs option was added to UserIssueStatsOptions

* some renaming of fields in the issue dashboard code to be more clear; also trying to fix issue of searching the right repos based on the filter

* added unit test fro GetRepoIDsForIssuesOptions; fixed search lost on pagination; using shown issue status for open/close count; removed some debugging

* fix issue with all count showing incorrectly

* removed todo comment left in by mistake

* typo pulling wrong count

* fxied all count being off when selecting repositories

* setting the opts.IsClosed after pulling repos to search, this is done so that the list of repo ids to serach for the keyword is not limited, we need to get all the issue ids for the shown issue stats

* added "accessibleRepositoryCondition" check on the query to pull the repo ids to search for issues, this is an added protection to ensure we don't search repos the user does not have access to

* added code so that in the issues search, we won't use an in clause of issues ids that goes over 1000

* fixed unit test

* using 950 as the limit for issue search, removed unneeded group by in GetRepoIDsForIssuesOptions, showing search on pulls dashboard page too (not just issues)

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-29 03:52:05 -03:00
Gustavo Marin
af61b2249a
adds API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
* add API endpoint to create OAuth2 Application.

* move endpoint to /user. Add swagger documentations and proper response type.

* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.

* change response status to Created (201)

* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.

* add APIFormat convert method and file header

* fixed header

* hide secret on oauth2 application list

* add Created time to API response

* add API integration tests for create/list/delete OAuth2 applications.

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-29 03:19:32 -03:00
6543
7e8cdba181
[Refactor] move APIFormat() of Issue and Label to convert package (#10423)
* Label: delete .APIFormat() and use convert.ToLabel()

* move issue APIFormat too

* add missing one

* move TEST too

* handle error -> return empty APIIssue

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-28 23:49:50 -03:00
6543
694f44660f
inform participants on UI too (#10473)
* inform participants on UI too

* ajust test

* refactor getParticipantIDsByIssue
2020-02-28 05:16:41 -03:00
6543
e57ac841de
Fix potential bugs (#10513)
* use e if it is an option
* potential nil so check err first
* check err first
* m == nil already checked
2020-02-27 20:10:27 -03:00
zeripath
90919bb37e
Show Signer in commit lists and add basic trust (#10425)
* Show Signer in commit lists and add basic trust

Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.

Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ensure orange text and background is available

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update gpg_key.go

* Update models/gpg_key.go

* Apply suggestions from code review

* Require team collaborators to have access to UnitTypeCode

* as per @6543

* fix position of sha as per @silverwind

* as per @guillep2k
2020-02-27 16:20:55 -03:00
6543
a924a90349
[BugFix] Avoid mailing explicit unwatched (#10475)
* Avoid mailing explicit unwatched

* CI.restart()

* back to normal

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-27 10:07:05 +00:00
guillep2k
4a2d23981d
Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368)
* Test locking immediate for SQLite3

* fix url field separator

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-02-27 07:51:37 +08:00
James Lakin
7ffc2427da
Show the username as a fallback on feeds if full name is blank (#10438)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-26 22:08:24 +00:00
6543
084a2b0026
Code Refactor of IssueWatch related things (#10401)
* refactor

* optimize

* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic

* remove unessesary

* Apply suggestions from code review

Thx

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* make Tests more robust

* fix rebase

* restart CI

* CI no dont hit sqlites deadlock

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-26 03:32:22 -03:00
6543
b65e954f73
FIX Pagination of ListAccessTokens and GetIssueWatchers (#10449)
* fix a pagination bug

* fix pagination of ListAccessTokens
2020-02-24 16:50:32 -06:00
guillep2k
09dbd85a3a
Various fixes in login sources (#10428) 2020-02-23 13:52:05 -06:00
zeripath
089ccb0c80
Handle push rejection message in Merge & Web Editor (#10373)
* Handle push rejection message in Merge

* placate golangci-lint

* Fix sanitize, adjust message handling

* oops

* Oops

* Handle push-rejection in webeditor CRUD too

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-22 15:08:48 +02:00
guillep2k
cfcd8e4146
Ensure only own addresses are updated (#10397) 2020-02-21 10:08:04 -03:00
Lunny Xiao
efbd7ca39b
Fix wrong num closed issues on repository when close issue via commit (#10364)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-20 09:46:46 +02:00
Lunny Xiao
8db20e807d
Fix test (#10363) 2020-02-19 10:46:14 -05:00
zeripath
41294b53b3
Reading pull attachments should depend on read UnitTypePullRequests (#10346)
* Make pull attachments depend on read UnitTypePullRequests

Fixes #10336

* Fix test
2020-02-18 21:36:19 -03:00
Lunny Xiao
ce0413ff88
Fix migration information update bug when linked github account (#10310)
* Fix bug on upgrade migrated reactions

* Fix migration information update bug when linked github account

Co-authored-by: zeripath <art27@cantab.net>
2020-02-17 19:42:13 -05:00
techknowlogick
c0bc9871be
Blacklist manifest.json & milestones user (#10292)
Fix #10290
2020-02-16 02:56:49 -05:00
guillep2k
15614a8368
Divide GetIssueStats query in smaller chunks (#10176)
* Divide GetIssueStats query in smaller chunks

* Skip chunking if count is low enough

* Fix lint

* Define maxQueryParameters

* Remove absMaxQueryParameters because of lint

* Restart CI

* Restart CI

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-15 11:51:25 +01:00
guillep2k
7e920703f9
Move fixture generation to contrib and add test (#10277)
* Add fixture gen tool and fix "access" test

* Close file before exiting

* Add missing repo_unit for repo id: 5

* Fix count on TestAPIOrgRepos

* Generate access fixture from contrib and add test

* Remove old access fixture generation

* Fix lint

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-02-15 10:59:43 +02:00
guillep2k
62a1322cf9
Fix "access" fixtures and tests (#10247)
* Add fixture gen tool and fix "access" test

* Close file before exiting

* Add missing repo_unit for repo id: 5

* Fix count on TestAPIOrgRepos

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-02-15 12:29:06 +08:00
Lauris BH
a1d796f521
Index code and stats only for non-empty repositories (#10251)
Fix test and switch to unique queue

Fix MySQL support when deleting old statistics
2020-02-14 13:42:30 +01:00
David Svantesson
9ff4e1d2d9
Add API branch protection endpoint (#9311)
* add API branch protection endpoint

* lint

* Change to use team names instead of ids.

* Status codes.

* fix

* Fix

* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)

* Do xorm query directly

* fix xorm GetUserNamesByIDs

* Add some tests

* Improved GetTeamNamesByID

* http status created for CreateBranchProtection

* Correct status code in integration test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-02-12 23:19:35 +00:00
Lunny Xiao
83a8944fcf
Add feishu webhook support (#10229)
Add feishu webhook support
2020-02-12 08:48:28 +00:00
Lauris BH
ad2642a8aa
Language statistics bar for repositories (#8037)
* Implementation for calculating language statistics

Impement saving code language statistics to database

Implement rendering langauge stats

Add primary laguage to show in repository list

Implement repository stats indexer queue

Add indexer test

Refactor to use queue module

* Do not timeout for queues
2020-02-11 11:34:17 +02:00
zeripath
875c5e1305 Only check for conflicts/merging if the PR has not been merged in the interim (#10132)
* Only check for merging if the PR has not been merged in the interim

* fixup! Only check for merging if the PR has not been merged in the interim

* Try to fix test failure

* Use PR2 not PR1 in tests as PR1 merges automatically

* return already merged error

* enforce locking

* enforce locking - fix-test

* enforce locking - fix-testx2

* enforce locking - fix-testx3

* move pullrequest checking to after merge

This might improve the chance that the race does not affect us but does not prevent it.

* Remove minor race with getting merge commit id

* fixup

* move check pr after merge

* Remove unnecessary prepareTestEnv - onGiteaRun does this for us

* Add information about when merging occuring

* fix fmt

* More logging

* Attempt to fix mysql

* Try MySQL fix again

* try again

* Try again?!

* Try again?!

* Sigh

* remove the count - perhaps that will help

* next remove the update id

* next remove the update id - make it updated_unix instead

* On failure to merge ensure that the pr is rechecked for conflict errors

* On failure to merge ensure that the pr is rechecked for conflict errors

* Update models/pull.go

* Update models/pull.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-10 01:09:31 +02:00
6543
e273817154
[API] Fix inconsistent label color format (#10129)
* update and use labelColorPattern

* add TestCases

* fix lint

* # optional for templates

* fix typo

* some more

* fix lint of **master**
2020-02-09 14:33:03 +00:00
mavenbline
74a4a1e17f
Fix invalid repo urls after change username (#10150)
* Fix invalid repo urls after change username

* Update user.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-02-08 16:59:40 +02:00
6543
d4096ab6a2
Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134)
* add check to DeleteUser

* add check to DeleteOrganization

* add Test

* remove redundancy (deleteOrg is only used in DeleteOrganization)

* Update models/org.go

Co-authored-by: zeripath <art27@cantab.net>
2020-02-04 16:27:18 +02:00
6543
b3c72a7c4a
[API] expose RepoOwner on Issue responce (#10126)
* add RepoOwner on issue api responce

* CI.restart()
2020-02-04 00:05:17 -05:00
Lunny Xiao
48ce135cc9
Move PushUpdateAddDeleteTags to repository module from models (#10106)
* Move PushUpdateAddDeleteTags to repository module from models

* Fix deadlock on sqlite
2020-02-03 09:47:04 +01:00
6543
8d43563a32
[BugFix] [API] Pull.API.Convert: Only try to get HeadBranch if HeadRepo exist (#10029)
* only try to get HeadBranch if HeadRepo exist

* impruve

* no nil error

* add TEST

* correct error msg
2020-01-31 16:13:51 -05:00
guillep2k
d816f7018b
Remove migration support from versions earlier than 1.6.0 (#10026)
* Remove migration support from versions earlier than 1.6.0

* Remove unused functions

* Update gogs upgrade instructions

* Improve "latest" link as per @jolheiser

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-01-31 21:42:45 +08:00
Lauris BH
b3d8e2d4f7
Update topics repo count when deleting repository (#10051)
* Update topics repo count when deleting repository

* Add migration to fix incorrect data

* Optimize to use single update to recalculate values
2020-01-31 08:57:19 +02:00
Lunny Xiao
c09e020558
Fix milestone API state parameter unhandled (#10049)
* Fix milestone API state parameter unhandled

* Fix test
2020-01-29 08:36:32 +02:00
zeripath
206a031b38
Ensure that feeds are appropriately restricted (#10018)
* Always limit results by what is accessible to the user

* Change signature of AccessibleRepoIDsQuery

* Ensure that user with ID <= 0 is handled

* Update models/repo_list.go
2020-01-28 11:39:37 +00:00