Commit graph

2138 commits

Author SHA1 Message Date
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
Lanre Adelowo
634cbaad2b show user who created the repository instead of the organization in action feed (#5948) 2019-02-04 01:21:08 +02:00
Lanre Adelowo
746cf22d8a handle milestone events for issues and PR (#5947) 2019-02-03 13:31:58 -05:00
John Olheiser
f81c6cc2a9 Remove all CommitStatus when a repo is deleted (#5940)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-02 23:03:45 -05:00
Sergey Romanov
67567eff0e fix log output (#5938) 2019-02-02 21:56:15 +00:00
Lanre Adelowo
f9d4bd53e6 support reviewing on a deleted file path (#5880) 2019-02-01 09:37:20 +08:00
zeripath
0f295ababa Only allow local login if password is non-empty (#5906) 2019-01-30 23:18:54 +02:00
Lauris BH
80098bd752 Fix go-get URL generation (#5905) 2019-01-30 21:04:19 +00:00
Lanre Adelowo
6dc2f401c9 Don't discard the value of DISABLE_REGULAR_ORG_CREATION (#5886)
* Consider the configuration value of DISABLE_REGULAR_ORG_CREATION when
creating a user
2019-01-30 12:04:14 -05:00
zeripath
2569363204
Also ensure the repo is loaded (#5895)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-29 22:43:40 +00:00
zeripath
036964b4a7 Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
Previous code could potentially dereference nil - this PR ensures
that the poster is loaded before dereferencing it.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-29 16:26:17 -05:00
Harshit Bansal
7e8242ddb1 Fix an error while adding a dependency via UI. (#5862)
Fixes: #5783
2019-01-27 13:31:40 +02:00
sebastian-sauer
84076211b3 Config option to disable automatic repo watching (#5852)
Add a new config option to enable / disable the automatic watching of
repos for new repositories and if a user is added to a team.

Fixes #653

Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
2019-01-27 09:25:21 +00:00
Jakub Arbet
a757920f4e Fix failing migration v67 (#5849)
Fixes #5848
2019-01-26 14:50:36 +00:00
yasuokav
d663930023 fix delete correct temp directory (#5839) 2019-01-25 02:54:09 -05:00
zeripath
44371b96f5 Ensure valid git author names passed in signatures (#5774)
* Ensure valid git author names passed in signatures

Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-24 16:12:17 +02:00
Mura Li
ec31ee1c1c Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
* Make sure .git/info is created before generating .git/info/sparse-checkout

* fix permissions
2019-01-24 09:43:37 +02:00
Lauris BH
386e5312a4 When creating new repository fsck option should be enabled (#5817) 2019-01-23 22:26:18 -05:00
Shashvat Kedia
1b90692844 New API routes added (#5594)
* New API routes added

* Comments added

* Build fix

* swagger_v1_json.tmpl without new line character

* Typo fix

* Code review changes

* Code review changes

* Add copyright

* Add copyright

* Add copyright

* Update per @lafriks feedback

* Update org.go

* Update user.go

* Update user.go

* make fmt
2019-01-23 17:30:19 -05:00
kolaente
0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
Mura Li
6ad834e236 Optimize pulls merging (#4921)
* Optimize pulls merging

By utilizing `git clone -s --no-checkout` rather than cloning the whole
repo.

* Use sparse-checkout to speedup pulls merge

* Use bytes.Buffer instead of strings.Builder for backward compatibility

* Fix empty diff-tree output for repos with only the initial commit

* Fix missing argument for the format string

* Rework diff-tree-list generation

* Remove logging code

* File list for sparse-checkout must be prefix with /

Otherwise, they would match all files with the same name under
subdirectories.

* Update onto the rebased head

* Use referecen repo to avoid fetching objects
2019-01-23 12:26:32 +02:00
zeripath
7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lauris BH
075649572d Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
Lunny Xiao
b80d6490f3 fix migration 78 error mssql (#5791) 2019-01-21 12:12:45 +02:00
zeripath
b0fbefc76b Fix the v78 migration script (#5776)
Unfortunately the last fix didn't completely fix the migration to v79 of the db
due to bug with schema locking during Sync2. This should fix this issue.

Fix #5759

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-19 20:20:52 -05:00
Lunny Xiao
41f19e1a38 fix migration bug (#5762) 2019-01-18 09:50:38 -05:00
zeripath
07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao
82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Harshit Bansal
5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
zeripath
6868378673 Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
* Fixed deadlock in CreateComment

* Fix possible deadlock in UpdateIssueDeadline from createDeadlineComment

* Ensure that calls to IsTimeTracker enabled are called within session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure that calls to reactionList are also called within session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure all calls in NewPullRequest with the session are called within the session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Deal with potential deadlocks in repo

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Ensure that isStaring is checked within our transaction

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix mistake in isOrganizationMember

Sorry.
2019-01-13 21:29:58 -05:00
techknowlogick
5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Lunny Xiao
beab2df122 Refactor mail notification (#5110)
* mail notification implement interface

* fix file comment year

* use NullNotifier as parent struct of notifiers
2019-01-13 16:42:55 +02:00
Lanre Adelowo
9e9d1b8f95 Fix migration for user defined themes (#5682) 2019-01-12 14:43:47 -05:00
Lunny Xiao
0b84b5ee49 fix public will not be reused as public key after deleting as deploy key (#5671) 2019-01-09 13:10:46 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
gdeverlant
d3dc07f282 Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
Julian
c42bde719e Only count users own actions for heatmap contributions (#5647)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2019-01-06 21:29:05 +02:00
zeripath
6311e4ce6a Fix sqlite deadlock when assigning to a PR (#5640)
* Fix sqlite deadlock when assigning to a PR

Fix 5639

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More possible deadlocks found and fixed

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-04 16:51:27 -05:00
Harshit Bansal
9f476b8d1e Don't close issues via commits on non-default branch. (#5622)
Adds a small check to close the issues only if the referencing commits
are on the default branch.

Fixes: #2314.
2019-01-04 11:22:58 +02:00
Harshit Bansal
63bd1b9203 mirror: Delete tags in mirror which are removed for original repo. (#5609)
This bug was being caused by an error in the logic in `release.go`.
Credit to @yasuokav for tracing the root of the issue.

Fixes: #5192.
2018-12-31 18:00:54 -05:00
Daniel Wolf
b46c279587 update v71.go to resolve #5595 (#5613) 2018-12-31 21:23:03 +08:00
Lanre Adelowo
945804f800 Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
zeripath
8bb0a6f425 Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
* Synchronize SSH keys on login with LDAP

* BUG: Fix hang on sqlite during LDAP key deletion
2018-12-27 12:28:48 -05:00
Lanre Adelowo
21357a4ae0 fix nil pointer when adding a due date (#5587)
* fix nil pointer

* remove nil check and just call loadRepo regardless
2018-12-27 16:02:43 +01:00
Julian
4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Lunny Xiao
9d0dee88d2
fix table name typo on SQL (#5562)
* fix table name typo on SQL

* fix reserved word user when on mssql
2018-12-19 20:58:46 +08:00
Lunny Xiao
fe55ab2a68 fix forgot removed records when deleting user (#5429)
* fix forgot removed records when deleting user

* fix migration

* fix rewritekey lock on sqlite

* remove unused codes
2018-12-18 11:26:26 -05:00
Jonas Franz
e726e4b828 Add base repo nil check (#5555)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-17 12:35:21 -05:00
Lunny Xiao
b3b7598ec6 Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
kolaente
6db7dbd333 Added test environment for mssql (#4282)
* Added test environment for m$sql

* Added template for test environment for m$sql

* Fix password

* Fix password (again)

* Fix password (again again)

* Fix db

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Ci trigger (Looking at you drone....)

* Create master database for mssql integration tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Create database only if master do not exist

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix mssql integration tests by using custom database "gitea"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved defer

* bump xorm

* updated xorm

* Fixed build
2018-12-12 09:01:41 +08:00