Commit graph

2187 commits

Author SHA1 Message Date
Tamal Saha
34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
techknowlogick
5ffc9656c6
Change drone token name to let users know to use oauth2 (#6912) 2019-05-12 13:29:07 -04:00
iliyan ivanov
13583a650f fix syntax highlight in blame view #6895 (#6909) 2019-05-11 23:27:39 +03:00
zeripath
ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao
34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
techknowlogick
2f21bc33a5 Use AppURL for Oauth user link (#6894)
* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go
2019-05-09 20:22:35 +03:00
Richard Mahn
6db3dc7c02 Fixes #6881 - API users search fix (#6882) 2019-05-08 22:17:32 +03:00
Lunny Xiao
9f18b23129 Fix 404 when send pull request some situation (#6871) 2019-05-07 13:20:23 -04:00
Lunny Xiao
08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
Lunny Xiao
01ebd52a1f fix config ui error about cache ttl (#6861) 2019-05-06 17:35:11 +03:00
Lunny Xiao
2382f1b057
fix 500 when reviewer is deleted with integration tests (#6856) 2019-05-06 20:09:31 +08:00
Simon
a2a006a5d5 Add GET requests to webhook (#6771)
* Add GET requests to webhook

* make fmt

* Handle invalid http method on webhook

* Uppercase http method in webhook

* Rename v85.go to v86.go

* make fmt
2019-05-05 14:09:02 -04:00
Mario Lubenka
55a8e12d85 Number of commits ahead/behind in branch overview (#6695)
* Call Git API to determine divergence of a branch and its base branch

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show commit divergance in branch list

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds missing comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds test for diverging commits

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Try comparing commits instead of branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes test as CI can't run it

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts signature of percentage function to allow providing multiple integers as numerator

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Moves CountDivergingCommits function into repofiles module

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-05-05 19:25:25 +03:00
techknowlogick
46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Lauris BH
1fa9662946
Git statistics in Activity tab (#4724)
* Initial implementation for git statistics in Activity tab

* Create top user by commit count endpoint

* Add UI and update src-d/go-git dependency

* Add coloring

* Fix typo

* Move git activity stats data extraction to git module

* Fix message

* Add git code stats test
2019-05-04 15:39:03 +03:00
zeripath
ade88a877d Allow Recaptcha service url to be configured (#6820) 2019-05-02 16:09:39 +03:00
ngourdon
4e311123d8 Fix team edit API panic (#6780) 2019-04-27 19:32:33 -04:00
Lunny Xiao
4c34bc111c
fix pulls broken when fork repository deleted (#6754)
* fix pulls broken when fork repository deleted

* fix lint
2019-04-26 11:03:39 +08:00
techknowlogick
ec2d489d15
OAuth2 token can be used in basic auth (#6747) 2019-04-25 18:42:50 -04:00
Lunny Xiao
199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
Lunny Xiao
e8f4c7733a
fix missing return (#6751) 2019-04-25 19:30:38 +08:00
James E. Blair
dabee9b1a4 Handle redirects in git clone commands (#6688)
Add support for repo_redirect objects in the git smart http
handler so that when a user clones a repo that has been moved
or renamed, they are redirected to the new location.

This requires that the query string be included in the redirect
as well, so that is added.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-04-25 08:51:40 +03:00
Lunny Xiao
ff03b2f606 Fix: Sort repos on org home page with non-admin login (#6741) 2019-04-24 19:20:22 +01:00
Lunny Xiao
59be704efb Fix team members API (#6714) 2019-04-24 01:32:35 -04:00
John Olheiser
45fa5cc1be [API] Load issue attributes when editing an issue (#6723) 2019-04-23 13:07:12 -04:00
zeripath
be666b03ee Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted

Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to repository and user

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to access and unit

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ColorFormat to permission and on trace log it

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add log.NewColoredIDValue to make ID value coloring consistent

Signed-off-by: Andrew Thornton <art27@cantab.net>

* formatting changes

* Add some better tracing to permission denied for read issues/pulls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Trace logging on permission denied

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove isTrace() check from deferred func

* Adjust repo and allow logging of team

* use FormatInt instead of Itoa

* Add blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update access.go
2019-04-22 23:40:51 +03:00
Mario Lubenka
bc86134759 Show "delete branch" button on closed pull requests (#6570) (#6601)
* Show button to delete a pull request branch after a pull request has been closed (#6570)

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Update routers/repo/pull.go

Co-Authored-By: saitho <mario.lubenka@googlemail.com>
2019-04-20 23:50:34 +03:00
zeripath
6cb127d497
Fix reversion caused by 6314 (#6685)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-04-20 08:59:34 +01:00
Mario Lubenka
fcbac38d6f Unifies pagination template usage (#6531) (#6533) 2019-04-20 00:15:19 -04:00
Andrzej Ressel
469d9b7d9a Add option to blame files (#5721) 2019-04-19 22:47:00 -04:00
Daniel Grier
b9d1fb6de3 Add support for MS Teams webhooks (#6632) 2019-04-19 10:18:06 -04:00
Filip Navara
2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
techknowlogick
19ec2606e9 API OTP Context (#6674)
* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
2019-04-19 11:59:26 +03:00
techknowlogick
56da256853
Telegram webhook (#4227) 2019-04-18 22:45:02 -04:00
AJ ONeal
6dbd261852 UX + Security current user password reset (#5042)
* allow current user to reset their own password

* handle reset password edge cases properly and consistently

* remove dangling assignment

* properly label account recovery instead of reset password

* remove 'Click here' from button

* update English-only account-recovery templates
2019-04-18 10:23:59 +03:00
Lunny Xiao
dd1acd7ce4 Comments list performance optimization (#5305) 2019-04-18 01:00:03 -04:00
Richard Mahn
2262811e40 Fixes 4762 - Content API for Creating, Updating, Deleting Files (#6314) 2019-04-17 12:06:35 -04:00
Jonas Franz
7a4c29c739 OAuth2 Grant UI (#6625)
* Add oauth2 grants ui

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add delete functionality
Add translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant
Use results.Close()

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant (again)

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if user ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if grant ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-17 16:18:16 +08:00
Segev Finer
34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath
6821a32d81 Properly escape on the redirect from the web editor (#6657) 2019-04-16 20:07:13 -04:00
zeripath
837116875e Return a UserList from /api/v1/admin/users (#6629) 2019-04-15 12:36:59 -04:00
Antoine GIRARD
d699de32f2 add .gpg url (match github behaviour) (#6610)
* add .gpg url (match github behaviour)

* wildcard

* test to export maximum data

* working POC

* add comment for old imported keys

* cleaning

* Update routers/user/profile.go

Co-Authored-By: sapk <sapk@users.noreply.github.com>

* add migration script

* add integration tests
2019-04-14 12:43:56 -04:00
zeripath
b3e757a06c
Correctly adjust mirror url (#6593) 2019-04-12 21:52:57 +01:00
John Olheiser
cb64b21a7f Change summary to full message (#6591)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-04-12 17:11:09 +01:00
Jonas Franz
783cd64927 Add option to disable refresh token invalidation (#6584)
* Add option to disable refresh token invalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add integration tests and remove wrong todos

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix typo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix tests and add documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-12 15:50:21 +08:00
mrsdizzie
3ff0a126e1 Improve issue autolinks (#6273)
* Improve issue autolinks

Update autolinks to match what github does here:

Issue in same repo: #1
Issue in different repo: org/repo#1

Fixes #6264

* Use setting.AppURL when parsing URL

Using setting.AppURL here is a more reliable way of parsing the current
URL and what other functions in this file seem to use.

* Make ComposeMetas always return a valid context

* Add per repository markdown renderers for better context

* Update for use of context metas

Now that we include the user and repo name inside context metas, update
various code and tests for this new logic
2019-04-12 08:53:34 +03:00
Mura Li
3186ef554c Support search operators for commits search (#6479)
* Support searching commits with prefix syntax

For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.

For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob

"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.

Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong

* Remove unneeded logging

* Add missing files of test repository

* Add missing repo_unit entries to test fixtures

* Update test cases

* Add tooltip for commits search button

* Update tooltip text

I have no idea about how to format it with line breaks.

* Make the usage example more real

* Add a test case

* Add new options struct for SearchCommits

* Prefer len(s) > 0 over s != ""

* Add NewSearchCommitsOptions
2019-04-12 10:28:44 +08:00
Lunny Xiao
1b7dffc3a3 fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) 2019-04-11 19:29:41 -04:00
Matthias Beckert
5348573fdf Allow admin users to set a repositoires visibility to public, even if FORCE_PRIVATE is to true (#6541) (#6572)
Signed-off-by: Matthias Beckert <beckert.matthias@googlemail.com>
2019-04-11 16:32:42 +08:00
John Olheiser
aa02463ded Delete local branch if it exists (#6497)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-04-08 08:08:02 +03:00
Vasek Sraier
49b2f45f75 Cleaned permission checks for API -> site admin can now do anything (#6483)
* cleaned permission checks for API -> site admin can now do anything

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: helper methods moved to context/context.go, added missing return

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: added documentation to new exported helper functions in context/context.go

Signed-off-by: Vasek Sraier <git@vakabus.cz>
2019-04-08 01:49:34 +03:00
Elias Norberg
bf5af87eef Show last commit status in pull request lists (#6465) 2019-04-02 15:54:29 -04:00
Lunny Xiao
09fb036ad6 fix upload attachments (#6481)
* fix upload attachments

* add migration for new column uploader_id on table attachment

* fix imports sequence
2019-04-02 15:25:05 -04:00
zeripath
704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Lunny Xiao
ef2a343e27 fix bug when user login and want to resend register confirmation email (#6482) 2019-04-02 08:44:33 +03:00
Lunny Xiao
d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie
d056bf300f Clean up ref name rules (#6437)
* Clean up ref name rules

Clean up checks on reference names to better conform to the guideline
here: https://git-scm.com/docs/git-check-ref-format

This fixes half of #6321

* Update branch create integration test

According to: https://git-scm.com/docs/git-check-ref-format

And: git check-ref-format "master/feature=test1"

This is a valid branch name and we should not be testing for it to fail.
2019-03-26 21:59:48 +02:00
Segev Finer
b4941f707b Fix Hook & HookList in Swagger (#6432)
Signed-off-by: Segev Finer <segev@codeocean.com>
2019-03-26 21:41:17 +02:00
Allen Wild
909feaafa7 routers/repo/setting: display correct error for invalid mirror interval (#6414)
Set Err_Interval in the context data so that the mirror interval box is
highlighted red as expected.

Clear Err_RepoName for the mirror and advanced actions. repo_name is not
set by these forms, causing auth.validate() to set the Err_RepoName
before SettingsPost is called, which would lead to the repository name
box getting erroneously highlighted red.

Fixes: https://github.com/go-gitea/gitea/issues/6396
2019-03-25 17:51:55 -04:00
Richard Mahn
ecce28f9df Updates SDK dep (#6406) 2019-03-22 11:38:49 -04:00
Roland Koebler
57ecf09787 Markdown: enable some more extensions (#6362)
* Markdown: enable some more extensions

Improve Markdown-rendering by enabling some extensions:

- enable definitions lists
- enable footnotes
- enable header-ids and automatically generate header-ids (for linking to README-sections or creating table-of-contents for larger READMEs)

* Markdown: update and exted tests

Update and add tests for additionally enabled Markdown-extensions.
2019-03-21 15:53:06 +02:00
mrsdizzie
6f2e1bd23a Don't Unescape redirect_to cookie value (#6399)
redirect_to holds a value that we want to redirect back to after login.
This value can be a path with intentonally escaped values and we
should not unescape it.

Fixes #4475
2019-03-20 22:06:16 -04:00
mrsdizzie
f125330fcf Include more variables on admin/config page (#6378)
Include the current CustomPath location in the admin section and also
display GITEA_WORK_DIR and/or GITEA_CUSTOM env var if they are set.

Right now there is no easy way to see this information, and if you try
and help most users they won't be able to tell you anything about these
values -- just that their custom template isn't working, files aren't in
the right place, etc... Now you can see all paths and if they were set
by ENV or not.
2019-03-19 18:40:13 -04:00
Lanre Adelowo
5c82ef098e make sure units of a team are returned (#6379) 2019-03-19 17:50:06 -04:00
Russell Aunger
b34996a629 Implement Default Webhooks (#4299)
Partially implement #770.
Add "Default Webhooks" page in site admin UI.
Persist to the existing webhooks table, but store with RepoID=0 and OrgID=0.
Upon repo creation, copy the set of default webhooks into the new repo.
2019-03-18 22:33:20 -04:00
John Olheiser
cac9e6e760 Updates to API 404 responses (#6077) 2019-03-18 22:29:43 -04:00
techknowlogick
d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
mrsdizzie
ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
John Olheiser
c55bdca562 Add same changes from issues page to milestone->issues page (#6328) 2019-03-15 11:50:27 -04:00
Bogdan Petrea
583968f274 Return 409 when creating repo if it already exists. (#6330) 2019-03-15 10:19:09 -04:00
Lunny Xiao
4334fe754e
update git vendor to fix wrong release commit id and add migrations (#6224)
* update git vendor to fix wrong release commit id and add migrations

* fix count

* fix migration release

* fix tests
2019-03-11 11:44:58 +08:00
Jonas Franz
2315019fef Add support for client basic auth for exchanging access tokens (#6293)
* Add support for client basic auth for exchanging access tokens

* Improve error messages

* Fix tests
2019-03-11 10:54:59 +08:00
Aidan Fitzgerald
f5cf9a8355 Copyedit docs (#6275) 2019-03-09 16:15:45 -05:00
Jonas Franz
8fffb06168
Add regenerate secret feature for oauth2 (#6291)
* Add regenerate secret functionality

* Fix lint
2019-03-09 17:29:58 +01:00
John Olheiser
8211e01d9e Add unit types to repo action URL to correctly show 404 when archived (#6247)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-03-09 11:00:38 +00:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
Lanre Adelowo
141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
Lunny Xiao
c812ba7f87
fix display dashboard even if require to change password (#6214)
* fix display dashboard even if require to change password

* fix comments
2019-02-28 16:01:42 +08:00
James E. Blair
48c101affe Create a repo redirect when transferring ownership (#6210) (#6211)
When transferring ownership of a repo to a different user/org,
create a repo redirect that points to the new location in the same
way that is done when a repo is renamed.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-02-28 11:51:46 +08:00
John Olheiser
7548037a64 Adds MustChangePassword to user create/edit API, defaults to true (#6193)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-27 21:37:57 +02:00
Lunny Xiao
7afe81f28e fix bug when migrate repository 500 when repo is existed (#6188)
* fix bug when migrate repository 500 when repo is existed

* use 409 but not 422 for error status code when not exist

* translation fix
2019-02-26 09:28:56 -05:00
Lunny Xiao
4a2fbbeb10 fix bug user could change private repository to public when force private enabled. (#6156) 2019-02-22 21:56:05 +00:00
Lunny Xiao
134e55510e fix bug when update owner team then visit team's repo return 404 (#6119) 2019-02-22 11:14:45 -05:00
John Olheiser
df30010dbd Make repo creation for API similar to UI (#6142) 2019-02-21 17:07:58 -05:00
zeripath
3b61ff1895 Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
* Fix display of >1Kb LFS text files

* Make LFS stored Readme files viewable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* catch errors and restructure LFS sections
2019-02-21 15:57:16 -05:00
John Olheiser
994b1be9d1 Admins can now do unlimited page size user search (listAllUsers & listAllOrgs) (#6143)
Non-admins will default to 10 page size
2019-02-21 15:42:54 -05:00
Lunny Xiao
0751153613
refactor issue indexer, add some testing and fix a bug (#6131)
* refactor issue indexer, add some testing and fix a bug

* fix error copyright year on comment header

* issues indexer package import keep consistent
2019-02-21 08:54:05 +08:00
John Olheiser
d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
John Olheiser
ba0749b7db Load Issue attributes for API call (#6122)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-19 19:07:19 +02:00
Lunny Xiao
830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lanre Adelowo
094263db4d Show email if the authenticated user owns the profile page being requested for (#4981)
* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
2019-02-19 09:11:50 -05:00
Lunny Xiao
f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
Zsombor
538a26d56f Show private organization for admin, fix #6111 (#6112) 2019-02-19 09:16:06 +08:00
Lanre Adelowo
44114b38e6 Implement "conversation lock" for issue comments (#5073) 2019-02-18 22:55:04 +02:00
Rémy Boulanouar
64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
John Olheiser
0b72c00fad Allow labels to contain emoji (#6063)
* Add emoji to labels
Minor cleanup of tribute code in footer.tmpl

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Quick find/replace in other i18n files containing label translations

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert "Quick find/replace in other i18n files containing label translations"

This reverts commit ec3e1a3a1775989301bb2c1cd08e8871b317688d.

* Add style to overwrite emoji height in labels

* Revert Makefile change that makes Windows work
2019-02-16 19:33:09 +02:00
Lanre Adelowo
f2256d9881 make sure labels are actually returned (#6053) 2019-02-13 10:45:19 -05:00
zeripath
2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
zeripath
296814e887 Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview

* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles

* Move branch checkout functions out of repo_editor.go as they are no longer used there

* BUGFIX: The default permissions should be 100644

    This is a change from the previous code but is more in keeping
    with the default behaviour of git.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Standardise cleanUploadFilename to more closely match git

See verify_path in: 7f4e641693/read-cache.c (L951)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Redirect on bad paths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Refactor to move the uploading functions out to a module

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add LFS support

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update upload.go attribution header

Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.

* Delete upload files after session committed

* Ensure that GIT_AUTHOR_NAME etc. are valid for git

see #5774

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in test cases per @lafriks comment

* Add space between gitea and github imports

Signed-off-by: Andrew Thornton <art27@cantab.net>

* more examples in TestCleanUploadName

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix formatting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch off SSH_ORIGINAL_COMMAND

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-12 15:07:31 +02:00
manuelluis
fc038caa69 In basic auth check for tokens before call UserSignIn (#5725)
* Check first if user/password is a token

* In basic auth check if user/password is a token

* Remove unnecessary else statement

* Changes of fmt
2019-02-12 11:20:08 +02:00
Luo Yifei
7884353a04 Add the Owner Name to differentiate when merging (#3807) 2019-02-12 10:37:32 +02:00
Lanre Adelowo
d0cb5aa9f9 fix #3200 (#6033) 2019-02-11 03:27:24 +02:00
Lanre Adelowo
9d8178b3ac Add option to close issues via commit on a non master branch (#5992)
* fixes #5957

* add tests to make sure config option is respected

* use already defined struct

* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created

- fix copy/paste error in copyright header year and rearrange import

- use repo config instead of server config value to determine if a commit should close an issue

- update testsuite

* use global config only when creating a new repository

* allow repo admin toggle feature via UI

* fix typo and improve testcase

* fix fixtures

* add DEFAULT prefix to config value

* fix test
2019-02-10 21:27:19 +02:00
Paul
8c865f3ce8 Fix metrics auth token detection (#6006)
Signed-off-by: Pauls Barkans <paulsb@gmail.com>
2019-02-09 00:58:31 -05:00
Richard Mahn
ba91214633 Feature - #3031 - search for org repos (#5986) 2019-02-08 11:45:43 -05:00
Thomas Loubiou
7fb09f035a Fix #5799 - swagger for mergePullRequest (#5996) 2019-02-08 08:08:38 +00:00
Lunny Xiao
01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Lunny Xiao
06a1739553 fix bug when deleting a linked account will removed all (#5989) 2019-02-07 01:51:23 -05:00
Lanre Adelowo
9dfdf80af0 Expose issue stopwatch toggling via API (#5970) 2019-02-06 21:57:25 -05:00
Richard Mahn
da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
zeripath
f286a5abb4 Allow Macaron to be set to log through to gitea.log (#5667)
* Allow Macaron to be set to log through gitea.log

Fix #4291
2019-02-05 22:06:41 -05:00
Gabriel Silva Simões
3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lunny Xiao
bf4badad1d Pull request conflict files detection (#5951)
* add conflict detection

* test pull request conflict files

* fix detection files number

* fix comments
2019-02-05 06:54:49 -05:00
Lanre Adelowo
5390791224 Automatically clear stopwatch on merging a PR (#4327)
* Don't display buttons if there are no notices

* clear stopwatch on merging a PR

* remove redundant gt check

* use ctx.Flash as per @bkcsoft comment

* stop timer on closing issues/PRs too

* updated translation as per review

* redirect to login page after successfully activating account

* remove unrelated changes

* stop timer for issues that are closed via commits too..Not just the 'close' UI button
2019-02-05 13:38:11 +02:00
Lanre Adelowo
024871ade6 Add label names as filter in issue search api (#5946) 2019-02-04 10:20:44 -05:00
zeripath
24a36e84cc Issue 5924 fix compare button (#5929)
* Revert #5877

This unfortunately was not the solution.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Change permission check to create pull requests to CanReadIssuesOrPulls

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 19:56:18 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
Lunny Xiao
ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
techknowlogick
3a7306945c
Disable redirect for i18n (#5910) 2019-01-31 09:38:20 -05:00
zeripath
ca00ca8ee4 Provide better panic handling (#5902)
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:00:00 -05:00
Lanre Adelowo
57a69ef277 don't allow pull requests to be created on an archived repository (#5883)
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived

* Refuse creating an issue/PR via API calls too
2019-01-30 12:20:40 -05:00
Lanre Adelowo
7933a950d0 respect value of REQUIRE_SIGNIN_VIEW (#5901) 2019-01-30 11:45:48 -05:00
Lauris BH
fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lanre Adelowo
8b5f6ced22 if repo does not exist, show a 404 not a 500 (#5900) 2019-01-30 11:13:39 -05:00
kekero
3568d426fe New Issue ?body= query (#5851)
* New Issue ?body= query

* Override issue template with body query

* Add documentation for issue body query
2019-01-28 10:23:59 -05:00
zeripath
bf47f70c3b
API: Fix null pointer in attempt to Sudo if not logged in (#5872)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-28 14:13:59 +00:00
yasuokav
8510ac2687 Fix MinInterval (#5856)
Fixes #5847
2019-01-26 08:26:23 +00:00
Lunny Xiao
6b0c2e9e35 update swagger for release API pagination (#5841) 2019-01-25 09:10:50 +02:00
Lunny Xiao
892bfd0b19 improve the releases api paging (#5831)
* improve the releases api paging

* add max limit on API paging
2019-01-24 20:59:27 +02:00
kolaente
9a137faaaf Added docs for the tree api (#5834)
* Added docs for the tree api

* Added missing response definition

* Fixed swagger docs
2019-01-24 13:13:30 -05:00
Lauris BH
cd83c2ca05
Fix topics saving internal error and disable for archived repos (#5821) 2019-01-24 12:22:27 +02:00
Shashvat Kedia
1b90692844 New API routes added (#5594)
* New API routes added

* Comments added

* Build fix

* swagger_v1_json.tmpl without new line character

* Typo fix

* Code review changes

* Code review changes

* Add copyright

* Add copyright

* Add copyright

* Update per @lafriks feedback

* Update org.go

* Update user.go

* Update user.go

* make fmt
2019-01-23 17:30:19 -05:00
kolaente
0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
zeripath
7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lauris BH
075649572d Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
Lanre Adelowo
e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Paul Brackin
f631702299 Ensure error is logged on db reconnection attempts (#5780)
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
2019-01-20 09:30:37 +00:00
Paul Brackin
1bb22b2b47 Make db connect more robust (#5738) 2019-01-19 16:17:08 -05:00
zeripath
07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao
82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Harshit Bansal
5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
Elijah Oyekunle
734834a676 Add Default Pull Request Title (#5735)
* add default PR title
Set default PR title to commit summary if there's a single commit on the head branch, else set it to the head branch name

* set default PR description
If there's a single commit on the head branch, and it's multiline, then set it as the default PR description
2019-01-16 22:50:11 +01:00
silverwind
44759fd66c Add proper CORS preflight origin validation (#5740) 2019-01-15 23:16:45 -05:00
Lunny Xiao
270fa6d63b Support CORS headers to git smart http protocol (#5719) 2019-01-14 16:05:27 -05:00
Khaled Hamed
bd75965296 Prioritize "readme.md" (#5691)
* prioritize readme.md

* Improve IsReadmeFile

* Add more tests
2019-01-14 14:15:06 -05:00
zeripath
2b36bdd490 Do not display the raw OpenID error in the UI (#5705)
* Do not display the raw OpenID error in the UI

If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.

Fix #4973

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update auth_openid.go

Place error log within the `err != nil` branch.
2019-01-12 14:24:47 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
gdeverlant
d3dc07f282 Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
Julian
97dafdc057 fix commit page showing status for current default branch (#5650)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2019-01-06 16:32:00 +02:00
zeripath
fd1e8563f8 SECURITY: protect DeleteFilePost et al with cleanUploadFileName (#5631)
This commit wraps more of the TreePaths with cleanUploadFileName

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-04 11:08:26 -05:00
Harshit Bansal
8764f1512d branch: Trigger update when deleting branch via UI. (#5617)
Fixes: #5309.
2019-01-02 20:56:58 +08:00
Rodrigo Villablanca Vásquez
4c52858c39 Issue is not overdue when it is on the same date #5566 (#5568)
* Due date time of issues and milestones is set to 23:59:59

* Add docs

* make gen swagger

* fix swagger gen
2019-01-01 18:56:47 +01:00
Shashvat Kedia
6e20b504b1 Delete organization endpoint added (#5601)
* Delete organization endpoint added

* Parameters added in comment

* Typo fix

* Newline character removed
2018-12-27 16:36:58 +01:00
Julian
4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Shashvat Kedia
ba2c02b75d Fix route in swagger (#5598) 2018-12-26 21:13:49 +02:00
Lunny Xiao
4a02a783c4 fix bug on upload file name (#5571) 2018-12-20 21:32:11 -05:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
zeripath
2a660a1de1 Support reverse proxy providing email (#5554)
This PR implements #2347
2018-12-18 12:05:48 -05:00
Lunny Xiao
b3b7598ec6 Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
Lunny Xiao
b1f3685015 fix approvals limitation (#5521) 2018-12-11 18:49:33 -05:00
Lunny Xiao
58c4559d3b fix permission check on api create org (#5523) 2018-12-11 14:33:24 -05:00
Lunny Xiao
ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Lunny Xiao
ccea91652f fix adding reaction fail for read permission (#5515) 2018-12-11 13:12:06 -05:00
Jonas Franz
9681c83734 Approvals at Branch Protection (#5350)
* Add branch protection for approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add required approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing comments and fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add type = approval and group by reviewer_id to review

* Prevent users from adding negative review limits

* Add migration for approval whitelists

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-11 19:28:37 +08:00
Lunny Xiao
928417ae39 Fix empty wiki (#5504)
* fix wiki page when wiki path is exist but empty

* improve the error check
2018-12-09 17:45:44 -05:00
Lunny Xiao
7c0c965532 Improve team members and repositories settings UI (#5457)
* improve team members and repositories settings UI

* use tab on team pages

* add default description on team members and repos

* add blank on numbers and texts

* improve translation
2018-12-09 08:42:11 +02:00
Lunny Xiao
da5a0b8382
add tests for api user orgs (#5494)
* add tests for api user orgs

* add permission for admin to list user's orgs even he is a private user of org
2018-12-09 10:19:50 +08:00
Lanre Adelowo
9441bfaccc admin should be able to delete repos even if he is not a member of the organization (#5443) 2018-12-02 11:08:33 -05:00
Lucien Kerl
552014a068 Removing Labels via EditPullRequest API (#5348)
* added the ability to provide an empty array at the EditPullRequests API to remove all labels

Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>

* Update pull.go
2018-12-01 01:05:57 -05:00
Lanre Adelowo
0787056e07 Allow to add organization members as collaborators on organization owned repositories (#4748)
repository... Fixes #4507
2018-11-30 10:49:55 +02:00
Lunny Xiao
2dc805c0c6
Milestone issues and pull requests (#5293)
* add milestone issues and pulls page instead of redirecting issues page

* add milestone when creating issue from milestone page

* refactor to merge similiar codes as a new function issues

* remove milestone info on milestone issues list

* fix missing params
2018-11-29 09:46:30 +08:00
Kasi Reddy
d5d847e5c4 Git-Trees API (#5403)
* Git-Trees API

* update vendor'd libs

* added comments to exported function and formatted.

* make fmt

* update per @lafirks feedback
2018-11-28 16:17:09 -05:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lauris BH
08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
SohnyBohny
294904321c Create Progressive Web App (#4730)
* Create manifest and serviceworker

* Create templates and add AppSubUrl

* Add JSRenderer

* fix ctx type

* Add JSRenderer to static.go

* Complete adding {{AppSubUrl}}

* Add more fonts to urlsToCache

* Add 512px and 192px icons

* Hardcode font MD5

* Default theme doesn't have a specific CSS file
2018-11-27 10:18:26 -05:00
Lanre Adelowo
5e022a98e6 show only opened milestones on issues page milestone filter (#5051)
* show only opened milestones on issues page milestone filter

* update Godoc

* update Godoc everywhere

* update swagger

* use false instead of 0

* Add seccond ordering by ID for milestones where no deadline is set
2018-11-26 16:45:42 +08:00
Daniel Balko
3379141d81 API: '/orgs/:org/repos': return private repos with read access (#5310) (#3829) (#5383)
Signed-off-by: Daniel Balko <inxonic+github@gmail.com>
2018-11-23 16:23:27 -05:00
kolaente
0dcf31ae49 Show review summary in pull requests (#5132) 2018-11-22 15:17:36 +02:00
Lunny Xiao
8ef177f8c5 add api for user to create org (#5268)
* add api for user to create org

* remove unused blank line on the swagger file end

* fix create and add test

* fix tests

* fix routes of create org API

* fix bug

* add copyright heads
2018-11-20 12:31:30 -05:00
Peter Hoffmann
e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Lucien Kerl
89eea64e10 added the ability to set labels on the "edit pull request" api (#5347)
Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>
2018-11-16 12:12:44 +01:00
Lanre Adelowo
b97af15de6 Block registration based on email domain (#5157)
* implement email domain whitelist
2018-11-14 20:00:04 -05:00
Lunny Xiao
b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
Jonas Bröms
599adde1bc Add option to disable automatic mirror syncing. (#5242)
Setting the interval to 0 will disable to automatic syncing.
2018-11-08 18:58:02 -05:00
Stanislav
078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
zeripath
7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath
00533d3870 Keys API changes (#4960)
* Add private information to the deploy keys api

This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add private information to the user keys API

This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add integration test
2018-10-31 23:40:49 -04:00
zeripath
a3e084716e Add AutoHead functionality. (#5186)
Fixes #5153
2018-10-30 11:08:49 -04:00
Antoine GIRARD
617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Jonas Bröms
db30d6d791 Serve audio files using HTML5 audio tag (#5221)
* Serve audio files using HTML5 audio tag

* Correct copy paste error
2018-10-30 10:17:26 +08:00
AJ ONeal
b8451190d8 UX of link account (Step 1) (#5006)
* Show either sign up OR sign in

* disambiguate fresh start from adding recovery options

* use tabs to switch between account link flows

* add active to tab body as well

* changes as per discussion

* handle specific error; fix missing err typo
2018-10-28 18:46:16 -04:00
Rodrigo Villablanca Vásquez
48badd59e9 Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* Fix to 3819

* Changes suggested

* Empty line removed

* Fix error: non-name opts.Labels on left side of :=
2018-10-28 07:55:01 +01:00
kolaente
6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
Jonas Franz
f38fce916e Add comment replies (#5104)
* Add comment replies

* Replace reviewID with review.ID
2018-10-22 16:13:35 -04:00
zeripath
43f9233914 Fix Swagger JSON autogeneration issues. (#4845)
* Fix Swagger JSON.

Remove unnecessary schema references for the forbidden and empty responses

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger API for CreateAccessToken

* Fix admin create org swagger

* Fix swagger for adminCreateRepo

* More swagger fixes

Set int64 format for those which are int64
Some more form fixes

* Fix swagger description of GET /repos/{owner}/{repo}/pulls
2018-10-20 23:40:42 -04:00
Oleg Kovalov
5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Julien Tant
dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Lunny Xiao
ea619b39b2
Add notification interface and refactor UI notifications (#5085)
* add notification interface and refactor UI notifications

* add missing methods on notification interface and notifiy only issue status really changed

* implement NotifyPullRequestReview for ui notification
2018-10-18 19:23:05 +08:00
zeripath
dd62ca7ba9 Add support for search by uid (#4876)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2018-10-18 16:44:51 +08:00
Lauris BH
ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00