* Server-side syntax hilighting for all code
This PR does a few things:
* Remove all traces of highlight.js
* Use chroma library to provide fast syntax hilighting directly on the server
* Provide syntax hilighting for diffs
* Re-style both unified and split diffs views
* Add custom syntax hilighting styling for both regular and arc-green
Fixes#7729Fixes#10157Fixes#11825Fixes#7728Fixes#3872Fixes#3682
And perhaps gets closer to #9553
* fix line marker
* fix repo search
* Fix single line select
* properly load settings
* npm uninstall highlight.js
* review suggestion
* code review
* forgot to call function
* fix test
* Apply suggestions from code review
suggestions from @silverwind thanks
Co-authored-by: silverwind <me@silverwind.io>
* code review
* copy/paste error
* Use const for highlight size limit
* Update web_src/less/_repository.less
Co-authored-by: Lauris BH <lauris@nix.lv>
* update size limit to 1MB and other styling tweaks
* fix highlighting for certain diff sections
* fix test
* add worker back as suggested
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* move Setting function into its own package
* swagger add&use new section "settings"
* move api AllowedReactions into general UI-Settings endpoint
* prepare TEST
* lint
* Add count to `GetUserRepositories` so that pagination can be supported for `/user/{username}/repos`
* Rework ListMyRepos to use models.SearchRepository
ListMyRepos was an odd one. It first fetched all user repositories and then tried to supplement them with accessible map. The end result was that:
* Limit for pagination did not work because accessible repos would always be appended
* The amount of pages was incorrect if one were to calculate it
* When paginating, all accessible repos would be shown on every page
Hopefully it should now work properly. Fixes#11800 and does not require any change on Drone-side as it can properly interpret and act on Link header which we now set.
Co-authored-by: Lauris BH <lauris@nix.lv>
* Handle more pathological branch and tag names
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix failing test
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This removes the jQuery plugin as well as the associated config options.
Native input[type=date] does not require a language attribute as it is
localized by default, except for the placeholder attribute for which I
currently piggy-back the repo.issues.due_date_form localization option.
Implementation should pretty much match GH. Of note is that Safari does
not provide a UI for this input type, but I don't think providing one is
neccessary and GH did not bother either.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* API allow to create closed milestones
* set CloseDate too
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Honor DEFAULT_PAGING_NUM for API
* set pagination to 10 for tests
* lint
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
A pre-receive hook that rejects pushes to refs/pull/index/head
will cause a broken PR which causes an internal server error
whenever it is viewed. This PR handles prevents the internal server
error by handling non-existent pr heads and sends a flash error
informing the creator there was a problem.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add hide activity option
This closes https://github.com/go-gitea/gitea/issues/7927
* Adjust for linter
* Adjust for linter
* Add tests
* Remove info that admins can view the activity
* Adjust new tests for linter
* Rename v139.go to v140.go
* Rename v140.go to v141.go
* properly indent
* gofmt
Co-authored-by: Jonas Lochmann <git@inkompetenz.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Provide diff and patch API endpoints
The diff and patch endpoints on the main routes are not accessible by token
therefore we provide new API based endpoints for these
Fix#10923
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make the response an actual string
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
* API: return an error when Mirrors globaly disabled
* keep it consistent with UI
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Allow site admin to disable mirrors
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* No need to run through Safe
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Clarify only disabling NEW mirrors
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Apply suggestions from @guillep2k
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* [FEATURE] [API] Add Endpoint for Branch Creation
Issue: https://github.com/go-gitea/gitea/issues/11376
This commit introduces an API endpoint for branch creation.
The added route is POST /repos/{owner}/{repo}/branches.
A JSON with the name of the new branch and the name of the old branch is
required as parameters.
Signed-off-by: Terence Le Huu Phuong <terence@qwasar.io>
* Put all the logic into CreateBranch and removed CreateRepoBranch
* - Added the error ErrBranchDoesNotExist in error.go
- Made the CreateNewBranch function return an errBranchDoesNotExist error
when the OldBranch does not exist
- Made the CreateBranch API function checks that the repository is not
empty and that branch exists.
* - Added a resetFixtures helper function in integration_test.go to
fine-tune test env resetting
- Added api test for CreateBranch
- Used resetFixture instead of the more general prepareTestEnv in the
repo_branch_test CreateBranch tests
* Moved the resetFixtures call inside the loop for APICreateBranch function
* Put the prepareTestEnv back in repo_branch_test
* fix import order/sort api branch test
Co-authored-by: zeripath <art27@cantab.net>
When "Must Change Password" simplify the navbar header to only show the
signout button as all other links will redirect back. This prevents the
notifications icon from showing preventing initialization of the
event-source and hence preventing redirect_to being set, however in
addition do not set the redirect_to cookie if we are looking at the
/user/events page.
Fix#11554
Signed-off-by: Andrew Thornton <art27@cantab.net>
GH has different HardBreaks behaviour for markdown comments and documents.
Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting.
Here we split the setting in to two - one for documents and one for comments and other things.
Signed-off-by: Andrew Thornton art27@cantab.net
Changes to index.js as per @silverwind
Co-authored-by: silverwind <me@silverwind.io>
Changes to docs as per @guillep2k
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Move serviceworker to workbox and fix SSE interference
Instead of statically hardcoding every frontend asset, this uses a
type-based approach to cache all js,css and manifest.json requests.
This also fixes the issue that the service worker was interfering with
EventSource because it was unconditionally handling all requests which
this new implementation doesn't.
Fixes: https://github.com/go-gitea/gitea/issues/11092
Fixes: https://github.com/go-gitea/gitea/issues/7372
* rethrow error instead of logging
* await .register
* Revert "rethrow error instead of logging"
This reverts commit 043162ba1f18b98a4bf9635959fd28d16e839fc5.
* improve comment
* remove JSRenderer
* add version-based cache invalidation
* refactor
* more refactor
* remove comment
* rename item to fit cache name
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix repo-list private and total count bugs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure limited and private org public repos are displayed on "private"
Signed-off-by: Andrew Thornton <art27@cantab.net>
* switch from onlyPrivate to is_private
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Generate swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Ensure that we can see public repositories in private organization
Fix#10144 (Again)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix Admin users and organizations page
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/repo_list.go
Co-authored-by: Lauris BH <lauris@nix.lv>
* Refactor Cron and merge dashboard tasks
* Merge Cron and Dashboard tasks
* Make every cron task report a system notice on completion
* Refactor the creation of these tasks
* Ensure that execution counts of tasks is correct
* Allow cron tasks to be started from the cron page
* golangci-lint fixes
* Enforce that only one task with the same name can be registered
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix name check
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @guillep2k
* as per @lafriks
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add git.CommandContext variants
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make API EditIssue and EditPullRequest issue notifications
Restructure models.UpdateIssueByAPI and EditIssue/EditPullRequest
to issue notifications
Fix#10014
Signed-off-by: Andrew Thornton <art27@cantab.net>
* As per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update status!
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Add archived options to SearchRepository
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add only-private search
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add filter options and paging to dashboard repository page
Signed-off-by: Andrew Thornton <art27@cantab.net>
* swagger generate
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix-swagger-again
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @mrsdizzie also remember state
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Currently you can see a list of commit history for wiki pages but aren't able to view the commit diff itself. This adds the feature to view an individual commit to a wiki repo.
Closes#8999
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Properly generate ref URLs
Tags used to not generate correct URLs (src/branch/tags/1.0.0 instead of
src/tags/1.0.0).
Also cleans up some code around it with the created helper functions.
* Fix formatting and create migration
* Add copyright head to utils_test
* Use a raw query for the ref migration
* Remove semicolon
* Quote column and table names in migration SQL
* Change || to CONCAT, since MSSQL does not support ||
* Make migration engine aware
* Add missing import
* Move ref EndName and URL to the issue service
* Fix tests
* Add test for commit refs
* Update issue.go
* Use the right command for building JavaScript bundles
* Prepare for merge
* Check for refs/* before prepending in migration
* Update services/issue/issue_test.go
* Update modules/git/utils_test.go
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
* Switch code editor to Monaco
This switches out CodeMirror for Monaco which is based on the same code
base as VS code and should work pretty similar to it.
It does add a few async chunks, totalling around 10MB to our build. It
currently supports around 65 languages and in the default configuration,
each language would emit one ugly [number].js chunk, so I opted to
combine them all into a single file for now.
CodeMirror is still being used under the hood by SimpleMDE so it can not
be removed yet.
* inline editorconfig, fix diff, use for markdown, remove more dead code
* refactors, remove jquery usage
* use tab_width
* fix intellisense
* rename function for clarity
* misc tweaks, enable webpack progress display
* only use --progress on dev build
* remove useless borders in arc-green
* fix typo
* remove obsolete comment
* small refactor
* fix file creation and various refactors
* unset useTabStops too when no editorconfig
* small refactor
* disable webpack's [big] warnings
* remove useless await
* fix dark theme check
* rename chunk to 'monaco'
* add to .gitignore and delete webpack dest before build
* increase editor height
* support more editorconfig properties
* remove empty element filter
* rename
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Allow compare page to look up base, head, own-fork, forkbase-of-head
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @guillep2k
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update routers/repo/compare.go
* as per @guillep2k
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Rationalise the names a little
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Rationalise the names a little (2)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix 500 with fork of fork
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent 500 on compare different trees
Signed-off-by: Andrew Thornton <art27@cantab.net>
* dotdotdot is perfectly valid in both usernames and repo names
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure we can set the head and base repos too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure we can set the head and base repos too (2)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* only set headRepo == baseRepo if isSameRepo
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correctly set the organization num repos
Correctly set the organization num repos to the number of
accessible repos for the user
Fix#11194
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
* attempt to fix mssql
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/user.go
* Explicit columns
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add test and fix 0 counted orgs
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove orgname from api
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow Git ref for /repos/{owner}/{repo}/git/commits/{sha}
* Consolidate API for getting single commit
* Fix tests and do it differently
Co-authored-by: zeripath <art27@cantab.net>
If user create pull review through api but not set CommitID,
I think it's necessary to use last headCommitID as default seting,
or this review will be considered as stale review which is wrong
Signed-off-by: a1012112796 <1012112796@qq.com>
Although default branch is not offered for deletion in the templates, we need to prevent it both at the router level and in the pre-receive hook.
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
* routers: make /compare route available to unauthenticated users
Remove some bits of the compare interface if the user isn't signed in.
Notably, they don't need to see the "New Pull Request" button box nor the
hidden form that would fail to submit due to the POST request continuing to
require proper privileges.
Follow-up commits will improve the UI a bit around this, removing some
"Pull Request" verbiage in favor of "Compare."
* ui: home: show "compare" button for unauthenticated users
This change requires pulling in the BaseRepo unconditionally and
recording if the pull request is in-fact not allowed
(.PullRequestCtx.Allowed). If the user isn't allowed to create a pull
request, either because this isn't a fork or same-fork branch PRs aren't
allowed, then we'll name the button "Compare" instead of "Pull Request."
* ui: branch list: use the new Compare language when available
When viewing the branch listing as an unauthenticated user, you'll get
"Pull Request" buttons. use the new "Compare" verbiage instead, which
matches GitHub behavior when you can't issue a pull request from the
branches.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Previously, this required authentication, but there's not actually
any privileged information on this page. Move the endpoint out of
the group that requires sign-in. It still requires the ability to
read issues and pull requests, so private repositories (for instance)
will not be exposed.
Fixes#10312Fixes#11233
* Fix creation of Org repos
Fix go-gitea#9269
* Change variable name to appease linter
* Update PR with suggestions
Add a note for user.CanCreateRepo() about failure assumptions
Change repo.create help message
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Don't allow registration via the web form, when AllowOnlyExternalRegistration is True
* Show Disabled Registration message if DisableRegistration or AllowOnlyExternalRegistration options are true
* Support unicode emojis and remove emojify.js
This PR replaces all use of emojify.js and adds unicode emoji support to various areas of gitea.
This works in a few ways:
First it adds emoji parsing support into gitea itself. This allows us to
* Render emojis from valid alias (😄)
* Detect unicode emojis and let us put them in their own class with proper aria-labels and styling
* Easily allow for custom "emoji"
* Support all emoji rendering and features without javascript
* Uses plain unicode and lets the system render in appropriate emoji font
* Doesn't leave us relying on external sources for updates/fixes/features
That same list of emoji is also used to create a json file which replaces the part of emojify.js that populates the emoji search tribute. This file is about 35KB with GZIP turned on and I've set it to load after the page renders to not hinder page load time (and this removes loading emojify.js also)
For custom "emoji" it uses a pretty simple scheme of just looking for /emojis/img/name.png where name is something a user has put in the "allowed reactions" setting we already have. The gitea reaction that was previously hard coded into a forked copy of emojify.js is included and works as a custom reaction under this method.
The emoji data sourced here is from https://github.com/github/gemoji which is the gem library Github uses for their emoji rendering (and a data source for other sites). So we should be able to easily render any emoji and :alias: that Github can, removing any errors from migrated content. They also update it as well, so we can sync when there are new unicode emoji lists released.
I've included a slimmed down and slightly modified forked copy of https://github.com/knq/emoji to make up our own emoji module. The code is pretty straight forward and again allows us to have a lot of flexibility in what happens.
I had seen a few comments about performance in some of the other threads if we render this ourselves, but there doesn't seem to be any issue here. In a test it can parse, convert, and render 1,000 emojis inside of a large markdown table in about 100ms on my laptop (which is many more emojis than will ever be in any normal issue). This also prevents any flickering and other weirdness from using javascript to render some things while using go for others.
Not included here are image fall back URLS. I don't really think they are necessary for anything new being written in 2020. However, managing the emoji ourselves would allow us to add these as a feature later on if it seems necessary.
Fixes: https://github.com/go-gitea/gitea/issues/9182
Fixes: https://github.com/go-gitea/gitea/issues/8974
Fixes: https://github.com/go-gitea/gitea/issues/8953
Fixes: https://github.com/go-gitea/gitea/issues/6628
Fixes: https://github.com/go-gitea/gitea/issues/5130
* add new shared function emojiHTML
* don't increase emoji size in issue title
* Update templates/repo/issue/view_content/add_reaction.tmpl
Co-Authored-By: 6543 <6543@obermui.de>
* Support for emoji rendering in various templates
* Render code and review comments as they should be
* Better way to handle mail subjects
* insert unicode from tribute selection
* Add template helper for plain text when needed
* Use existing replace function I forgot about
* Don't include emoji greater than Unicode Version 12
Only include emoji and aliases in JSON
* Update build/generate-emoji.go
* Tweak regex slightly to really match everything including random invisible characters. Run tests for every emoji we have
* final updates
* code review
* code review
* hard code gitea custom emoji to match previous behavior
* Update .eslintrc
Co-Authored-By: silverwind <me@silverwind.io>
* disable preempt
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Use AJAX for notifications table
Signed-off-by: Andrew Thornton <art27@cantab.net>
* move to separate js
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate golangci-lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add autoupdating notification count
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix wipeall
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Try hidden
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Try hide and hidden
Signed-off-by: Andrew Thornton <art27@cantab.net>
* More auto-update improvements
Only run checker on pages that have a count
Change starting checker to 10s with a back-off to 60s if there is no change
Signed-off-by: Andrew Thornton <art27@cantab.net>
* string comparison!
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per @silverwind
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add configurability as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add documentation as per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use CSRF header not query
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Further JS improvements
Fix @etzelia update notification table request
Fix @silverwind comments
Co-Authored-By: silverwind <me@silverwind.io>
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Simplify the notification count fns
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Some OAuth2 providers return quite large structured tokens >32767 bytes.
Gitea currently has a fixed maximum of 32767 bytes for these and
unfortunately due to the convoluted nature of the dependent libraries the
error returned is rather opaque.
Here we manage the error a little better - detecting the rather opaque
github.com/gorilla/securecookie.errEncodedValueTooLong and converting
it to a more readable error.
Further we provide a configurable option to increase the maximum size of
the provided OAuth2 tokens.
Fix#9907
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* use same process as in routers/repo/branch.go/deleteBranch
* make sure default branch can not be deleted
* remove IsDefaultBranch from UI process - it is worth its own pull
* permissions
* Add a way to mark Conversation (code comment) resolved
mark Conversation is a way to mark a Conversation is stale
or be solved. when it's marked as stale, will be hided like
stale. all Pull Request writer , Offical Reviewers and poster
can add or remove Conversation resolved mark.
Signed-off-by: a1012112796 <1012112796@qq.com>
* fix lint
* Apply suggestions from code review
* Add ResolveDoer
* fix ui
Co-Authored-By: Lauris BH <lauris@nix.lv>
Co-Authored-By: 6543 <6543@obermui.de>
* change IsResolved to an function
Add permission check in UpdateResolveConversation
* Apply suggestions from code review
* change return error for permisson check
* add default message for deleted user
* get issue message from comment
* add migration for ``ResolveDoerID`` column
another change:
* block mark pending review as resolved because it's not necessary
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* change button color
* resolve button size
* fix code style
* remove unusefull code
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
It is possible for misconfigured protected branches to have required status checks that are not in any of the current statuses: Pending, Success, Error, Failure, or Warning - presumably because the CI has not contacted us as yet.
Fix#10636 by adding case: missing StatusChecks when these are missing
* Cache PullRequest Divergence
* only re-calc divergence if AddTestPullRequestTask() is exec
* migrate already open pulls
* finalize
* take care of closed¬-merged+deleted-branch pull requests
* fix nil pointer exeption
Signed-off-by: 6543 <6543@obermui.de>
* try this
* no error its a warn
* init gitea-repositories-meta
* dont use gitDivergence type
* CI.restart()
* CI.restart()
* CI.restart()
* CI.restart()
* check IsUserAllowedToUpdate independend from CommitsBehind
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Add api methods for getting and updating user oauth2 applications.
Signed-off-by: Dan Molik <dan@danmolik.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [suggest] change merge strategy: do not check write access if user in merge white list #10935
(cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee)
* fix NPE
* Fix cross compile (#10952)
* Fix cross compile
* Add test for cross compile
* Fix drone
* Fix drone
* Also prevent CC environment not to generate
Co-authored-by: zeripath <art27@cantab.net>
* fix merge box icon color bug (#10974)
that because need some space beturn ``text`` and color defines
Signed-off-by: a1012112796 <1012112796@qq.com>
* [skip ci] Updated translations via Crowdin
* Allow X in addition to x in tasks (#10979)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove api: merge reqRepoWriter
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* add request review feature in pull request
add a way to notify specific reviewers to review like github , by add or delet a special type
review . The acton is is similar to Assign , so many code reuse the function and items of
Assignee, but the meaning and result is different.
The Permission style is is similar to github, that only writer can add a review request from Reviewers,
but the poster can recall and remove a review request after a reviwer has revied even if he don't have
Write Premission. only manager , the poster and reviewer of a request review can remove it.
The reviewers can be requested to review contain all readers for private repo , for public, contain
all writers and watchers.
The offical Review Request will block merge if Reject can block it.
an other change: add ui otify for Assignees.
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Signed-off-by: a1012112796 <1012112796@qq.com>
* new change
* add placeholder string
* do some changes follow #10238 to add review requests num on lists also
change icon for review requests to eye
Co-authored-by: Lauris BH <lauris@nix.lv>
* ui: limit managers prohibit themself to login
Because I think it's crazy and not reasonale , that if a user can
prohibit themself to login. so suggest limit this choice on ui
Signed-off-by: a1012112796 <1012112796@qq.com>
* skip self Prohibit Login in post event handle
* fix comment
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* ui: add more message on sidebar menus
* add title on the menus
* show some message instead of hide choose bar when have nothing to choose
* add simply filter for each menus
* do same changes in mew_form.tmpl
* remove some unusefull comments in mew_form.tmpl
Signed-off-by: a1012112796 <1012112796@qq.com>
* do review suggestions
* add filter message on sidebar filter
* change IsIssueWriter to HasIssuesOrPullsWritePermission
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add organization wide labels
Implement organization wide labels similar to organization wide
webhooks. This lets you create individual labels for organizations that can be used
for all repos under that organization (so being able to reuse the same
label across multiple repos).
This makes it possible for small organizations with many repos to use
labels effectively.
Fixes#7406
* Add migration
* remove comments
* fix tests
* Update options/locale/locale_en-US.ini
Removed unused translation string
* show org labels in issue search label filter
* Use more clear var name
* rename migration after merge from master
* comment typo
* update migration again after rebase with master
* check for orgID <=0 per guillep2k review
* fmt
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* remove unused code
* Make sure RepoID is 0 when searching orgID per code review
* more changes/code review requests
* More descriptive translation var per code review
* func description/delete comment when issue label deleted instead of hiding it
* remove comment
* only use issues in that repo when calculating number of open issues for org label on repo label page
* Add integration test for IssuesSearch API with labels
* remove unused function
* Update models/issue_label.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Use subquery in GetLabelIDsInReposByNames
* Fix tests to use correct orgID
* fix more tests
* IssuesSearch api now uses new BuildLabelNamesIssueIDsCondition. Add a few more tests as well
* update comment for clarity
* Revert previous code change now that we can use the new BuildLabelNamesIssueIDsCondition
* Don't sort repos by date in IssuesSearch API
After much debugging I've found a strange issue where in some cases MySQL will return a different result than other enigines if a query is sorted by a null collumn. For example with our integration test data where we don't set updated_unix in repository fixtures:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 45
Returns different results for MySQL than other engines. However, the similar query:
SELECT `id`, `owner_id`, `owner_name`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` ORDER BY updated_unix DESC LIMIT 15 OFFSET 30
Returns the same results.
This causes integration tests to fail on MySQL in certain cases but would never show up in a real installation. Since this API call always returns issues based on the optionally provided repo_priority_id or the issueID itself, there is no change to results by changing the repo sorting method used to get ids earlier in the function.
* linter is back!
* code review
* remove now unused option
* Fix newline at end of files
* more unused code
* update to master
* check for matching ids before query
* Update models/issue_label.go
Co-Authored-By: 6543 <6543@obermui.de>
* Update models/issue_label.go
* update comments
* Update routers/org/setting.go
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
* Fix broken merge base migration v128 for merged PR
* Allow PRs with deleted base branches to still show diff
* as per @lunny
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix milestones too many SQL variables bug
* Fix test
* Don't display repositories with no milestone and fix tests
* Remove unused code and add some comments
* upgrade golangci-lint to 1.24.0 to allow go 1.14 compatibility
* fix golangci-lint errors
* make make golangci-lint work when out of go-path
Signed-off-by: Andrew Thornton <art27@cantab.net>
Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.
This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.
References #10815 - and prevents the panic but does not completely fix
this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen
Fix#3985
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Pass up the unable to verify
Because the assigness has been loaded in
compare.go 416:
RetrieveRepoMetas(ctx, ctx.Repo.Repository, true)
then
issue.go 381
RetrieveRepoMilestonesAndAssignees(ctx, repo)
then
issue.go 361 -- 365 , they are load assignees
So the code on compare.go 425 -- 427 is double work,
and which is the reason of #10853
Signed-off-by: a1012112796 <1012112796@qq.com>
* Add Matrix webhook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add template and related translations for Matrix hook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add actual webhook routes and form
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add missing file
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Update modules/webhook/matrix_test.go
* Use stricter regex to replace URLs
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Escape url and text
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Remove unnecessary whitespace
* Fix copy and paste mistake
Co-Authored-By: Tulir Asokan <tulir@maunium.net>
* Fix indention inconsistency
* Use Authorization header instead of url parameter
* Add raw commit information to webhook
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs
Fix#10460
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
speed up page generation by making avatar lookup occur at the browser
not at page generation
* Protect against evil email address ".."
* hash the complete email address
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Option to set default branch at repository creation
* Handle template repos with non-default master branch
* Add DefaultBranch handling on creation to API
Fix#9542
Signed-off-by: Andrew Thornton <art27@cantab.net>
- update to latest version and move to npm
- adapt for api changes and css class rename
- add specificity to arc-green rules as dependency css now loads later
- use imports-loader to make it load correctly
- fix some wrong paths in librejs
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix panic in API pulls when headbranch does not exist
* refix other reference to plumbing.ErrReferenceNotFound
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create system webhook column (and migration)
* Create system webhook DB methods
Based on the default webhook ones
* Modify router to handle system webhooks and default ones
* Remove old unused admin nav template
* Adjust orgRepoCtx to differentiate system and default webhook URLs
* Assign IsSystemWebhook when creating webhooks
* Correctly use booleans for IsSystemWebhook
* Use system webhooks when preparing webhooks for payload
* Add UI and locale changes
* Use router params to differentiate admin hook pages
* Fix deleting admin webhooks and rename method
* Add clarity to webhook docs
* Revert "Remove old unused admin nav template"
This reverts commit 191a20a7389fe5f6256b0ad6aafd04b9b0e295c5.
* Rename WebHooksNewPost to GiteaHooksNewPost for clarity
* Reintroduce blank line lost during merge conflict
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Display pull request head branch even the branch deleted or repository deleted
* Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available
* retrieve sha from pull head when pull request branch deleted and fix tests
* Fix test
* Ensure MustHeadRepoName returns empty string if no head repo
Co-authored-by: zeripath <art27@cantab.net>
* adding search capability to user's issues dashboard
* global issue search
* placement of search bar on issues dashboard
* fixed some bugs in the issue dashboard search
* added unit test because IssueIDs option was added to UserIssueStatsOptions
* some renaming of fields in the issue dashboard code to be more clear; also trying to fix issue of searching the right repos based on the filter
* added unit test fro GetRepoIDsForIssuesOptions; fixed search lost on pagination; using shown issue status for open/close count; removed some debugging
* fix issue with all count showing incorrectly
* removed todo comment left in by mistake
* typo pulling wrong count
* fxied all count being off when selecting repositories
* setting the opts.IsClosed after pulling repos to search, this is done so that the list of repo ids to serach for the keyword is not limited, we need to get all the issue ids for the shown issue stats
* added "accessibleRepositoryCondition" check on the query to pull the repo ids to search for issues, this is an added protection to ensure we don't search repos the user does not have access to
* added code so that in the issues search, we won't use an in clause of issues ids that goes over 1000
* fixed unit test
* using 950 as the limit for issue search, removed unneeded group by in GetRepoIDsForIssuesOptions, showing search on pulls dashboard page too (not just issues)
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* add API endpoint to create OAuth2 Application.
* move endpoint to /user. Add swagger documentations and proper response type.
* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.
* change response status to Created (201)
* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.
* add APIFormat convert method and file header
* fixed header
* hide secret on oauth2 application list
* add Created time to API response
* add API integration tests for create/list/delete OAuth2 applications.
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Show Signer in commit lists and add basic trust
Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.
Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure orange text and background is available
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update gpg_key.go
* Update models/gpg_key.go
* Apply suggestions from code review
* Require team collaborators to have access to UnitTypeCode
* as per @6543
* fix position of sha as per @silverwind
* as per @guillep2k
* refactor
* optimize
* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic
* remove unessesary
* Apply suggestions from code review
Thx
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* make Tests more robust
* fix rebase
* restart CI
* CI no dont hit sqlites deadlock
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>