Commit graph

2478 commits

Author SHA1 Message Date
guillep2k
8ae96a37ce Add change title notification for issues (#8061) 2019-09-02 22:35:31 -04:00
Gary Kim
f1c414882c Add Ability for User to Customize Email Notification Frequency (#7813)
* Add Backend Logic for Toggling Email Notification

This commit adds the backend logic for
allowing users to enable or disable email
notifications. The implementation ensures
that only issue notification emails get disabled
and important emails are still sent regardless
of the setting.

The UI to toggle this setting has not yet been
implemented.

* Add UI and complete user email notification enable

This commit completes the functionality to allow
users to disable their own email notifications.

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Third Option for Only Email on Mention

Signed-off-by: Gary Kim <gary@garykim.dev>

* Readd NOT NULL to new preference string

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add Tests and Rewrite Comment

Signed-off-by: Gary Kim <gary@garykim.dev>

* Allow admin to set default email frequency

Signed-off-by: Gary Kim <gary@garykim.dev>

* Add new config option to docs

Signed-off-by: Gary Kim <gary@garykim.dev>

* Fix a few mistakes

Signed-off-by: Gary Kim <gary@garykim.dev>

* Only update required columns

Signed-off-by: Gary Kim <gary@garykim.dev>

* Simplify an error check

Signed-off-by: Gary Kim <gary@garykim.dev>

* Make email_notification_preference column in DB be VARCHAR(20)

Signed-off-by: Gary Kim <gary@garykim.dev>

* Handle errors

Signed-off-by: Gary Kim <gary@garykim.dev>

* Update models/migrations/v93.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-29 17:05:42 +03:00
jaqra
245457d4d3 Move line number to :before attr to hide from search on browser (#8002)
* Move line number to :before attr to hide from search on browser

* Use same variable in WriteString

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-28 00:59:05 +02:00
guillep2k
5fe2ec264f Retry create issue to cope with duplicate keys (#7898)
* Retry create issue to cope with duplicate keys

* Use  .SetExpr().Where().Insert()
2019-08-26 22:17:23 -04:00
Gary Kim
541fab196f Fix adding default Telegram webhook (#7972)
* Fix adding default Telegram webhook

Fixes #7932

Signed-off-by: Gary Kim <gary@garykim.dev>

* Run goimports

Signed-off-by: Gary Kim <gary@garykim.dev>
2019-08-26 18:59:10 -04:00
Richard Mahn
bb5f7cdae6 Adds details about what tags can use the Git tags API (#7989) 2019-08-26 21:52:04 +02:00
Mike Schwörer
042089fbaf API method to list all commits of a repository (#6408)
* Added API endpoint ListAllCommits (/repos/{owner}/{repo}/git/commits)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Fixed failing drone build

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Implemented requested changes (PR reviews)

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* gofmt

Signed-off-by: Mike Schwörer <mailport@mikescher.de>

* Changed api route from "/repos/{owner}/{repo}/git/commits" to "/repos/{owner}/{repo}/commits"

* Removed unnecessary line

* better error message when git repo is empty

* make generate-swagger

* fixed removed return

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Update routers/api/v1/repo/commits.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* go fmt

* Refactored common code into ToCommit()

* made toCommit not exported

* added check for userCache == nil
2019-08-26 16:09:10 +02:00
Tamal Saha
6b3f52fe5f Run CORS handler first for /api routes (#7967)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-26 13:33:06 +02:00
David Svantesson
c9546d4cdd Include description in repository search. (#7942)
* Add description in repository search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Refactor SearchRepositoryByName with a general function SearchRepository

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Allow to specify if description shall be included in API repo search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add new app.ini setting for whether to search within repo description.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Search keyword in description (if setting enabled) on:
 - Explore page
 - Organization profile page
 - User profile page
 - Admin repo page

Do not search keyword in description on:
 - Any non-keyword search (not relevant)
 - Incremental search (uses API)

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Put parameters related to keyword directly after it

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Add test cases for including (and not including) repository description in search.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Rename test function from TestSearchRepositoryByName to TestSearchRepository.

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* Make setting SEARCH_REPO_DESCRIPTION default to true

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-08-25 20:06:36 +03:00
Lunny Xiao
f83db078f0 Move database settings from models to setting (#7806)
* move database settings from models to setting

* update docs

* fix checkout pr

* fix tests

* fix lint

* remove unsupported tidb options

* correct wrong variable name

* remove tidb totally
2019-08-24 11:24:45 +02:00
David Svantesson
26af3401c3 Document possibility to limit API Repo search to topics only. (#7957)
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
2019-08-23 23:17:10 -04:00
Tamal Saha
171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
zeripath
bee1227b2f
Extract the username and password from the mirror url (#7651)
* Explode out mirror username and password

* Update models/repo_mirror.go

* Just roundtrip the password

* remove unused declaration

* Update templates/repo/settings/options.tmpl
2019-08-16 22:56:57 +01:00
Norwin
867f46f78e Detect delimiter in CSV rendering (#7869)
* detect csv delimiter in csv rendering

fixes #7868

* make linter happy

* fix failing testcase & use ints where possible

* expose markup type to template

previously all markup had the .markdown class, which is incorrect,
as it applies markdown CSS & JS logic to CSV rendering

* fix build (missing `make css`)

* ignore quoted csv content for delimiter scoring

also fix html generation
2019-08-16 01:09:50 +03:00
Lunny Xiao
85202d4784
Display ui time with customize time location (#7792)
* display ui time with customize time location

* fix lint

* rename UILocation to DefaultUILocation

* move time related functions to modules/timeutil

* fix tests

* fix tests

* fix build

* fix swagger
2019-08-15 22:46:21 +08:00
guillep2k
5a44be627c Convert files to utf-8 for indexing (#7814)
* Convert files to utf-8 for indexing

* Move utf8 functions to modules/base

* Bump repoIndexerLatestVersion to 3

* Add tests for base/encoding.go

* Changes to pass gosimple

* Move UTF8 funcs into new modules/charset package
2019-08-15 20:07:28 +08:00
Lanre Adelowo
a315c8d992 fix non existent milestone with 500 error (#7867) 2019-08-14 19:43:50 -04:00
Lunny Xiao
c021890930
move CreateReview to moduels/pull (#7841) 2019-08-14 23:32:19 +08:00
zeripath
def84840db Attempt to fix hook problem (#7854) 2019-08-14 12:25:05 +03:00
Mario Lubenka
8bfeb85f93 Enable switching to a different source branch when PR already exists (#7819)
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-08-11 23:23:49 +08:00
David Svantesson
cde95f9923 Rewrite existing repo units if setting is not included in api body (#7763)
* Rewrite existing repo units if setting is not included in api body

Signed-off-by: David Svantesson <davidsvantesson@gmail.com>

* else-if on one row
2019-08-10 12:32:46 +03:00
Antoine GIRARD
2b6f45299d api: fix multiple bugs with statuses endpoints (#7785)
* fix commit statuses api url

* search refs before passing sha

* adjust tests

* directly search tags and branches names + remove un-needed check in NewCommitStatus

* fix comment

* de-duplicate code

* test: use relative setting.AppURL

* Update routers/api/v1/repo/status.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* remove return

* Update routers/api/v1/repo/status.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-08-09 10:13:03 +08:00
Lunny Xiao
b16be15803 Display error as string but not bytes (#7780)
* display error as string but not bytes

* Update routers/repo/http.go

Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com>
2019-08-07 19:33:29 +03:00
Lunny Xiao
5b902e2368 add pagination for admin api get orgs and fix only list public orgs bug (#7742) 2019-08-04 14:33:36 -04:00
Lunny Xiao
7d9a13035e display as error (#7724) 2019-08-03 10:07:51 +03:00
Antoine GIRARD
76408d50fb org/members: display 2FA members states + optimize sql requests (#7621)
* org/members: display 2FA state

* fix comment typo

* lay down UserList bases

* add basic test for previous methods

* add comment for UserList type

* add valid two-fa account

* test new UserList methods

* optimize MembersIsPublic by side loading info on GetMembers + fix integrations tests

* respect fmt rules

* use map for data

* Optimize GetTwoFaStatus

* rewrite by using existing sub func

* Optimize IsUserOrgOwner

* remove un-used code

* tests: cover empty org + fix import order

* tests: add ErrTeamNotExist path

* tests: fix wrong expected result
2019-08-02 12:06:27 -04:00
Lunny Xiao
02999c9a44 improve branches list performance and fix protected branch icon when no-login (#7695) 2019-08-01 10:50:06 -04:00
renothing
cbf231a675 fix wrong email when use gitea as OAuth2 provider (#7640)
when you use gitea as OAuth2 provider, the /api/v1/user should return
user primary email as identifier, which is unique in OAuth2 clients.

this patch use convert.ToUser replace all u.APIFormat in api requests,
return primary email when caller is yourself or admin.
2019-07-27 16:15:30 +03:00
zeripath
734aa96508
Fix #7136: Add paging and extend API GetCommitStatuses (#7141)
* Fix #7136: Add paging and extend API GetCommitStatuses

* update swagger

* Update routers/api/v1/repo/status.go

Co-Authored-By: techknowlogick <matti@mdranta.net>

* Update routers/api/v1/repo/status.go

Co-Authored-By: techknowlogick <matti@mdranta.net>

* Update routers/api/v1/repo/status.go

Co-Authored-By: techknowlogick <matti@mdranta.net>

* Apply suggestions from code review
2019-07-25 11:55:06 +01:00
zeripath
635e7b38bd
Swagger: Add information to API Token header (#7585)
* Add a description to the API Token header for swagger
2019-07-24 09:34:11 +01:00
zeripath
c236ba35ca
use 403 instead of 401 for ErrUserProhibitLogin (#7591) 2019-07-23 21:38:47 +01:00
Christian Muehlhaeuser
54d96c79b5 Removed unnecessary conversions (#7557)
No need to convert to the same type.
2019-07-23 19:50:39 +01:00
zeripath
2f75766532
Handle ErrUserProhibitLogin in http git (#7586) 2019-07-23 18:32:53 +01:00
Richard Mahn
26b493bb26 Fixes #7564 - Malformed URLs in API git/commits response (#7565) 2019-07-22 18:32:22 +01:00
Christian Muehlhaeuser
b0cd3b8ab9 Fixed ineffectual assignments (#7555)
Don't assign values we never use.
2019-07-22 17:35:53 +08:00
Richard Mahn
5d3e351864 Fixes #7474 - Handles all redirects for Web UI File CRUD (#7478)
* Fixes #7474 - Handles all redirects for Web UI File CRUD

* Fixes lint errors

* Typo fix

* Adds unit tests for a few helper functions

* Fixes per review

* Fix for new branch creation and to unit test

* Fixes the template used for errors on delete
2019-07-17 14:40:28 -04:00
Lunny Xiao
ce087c58ef
Remove settting dependency on modules/session (#7237)
* remove settting dependency on modules/session

* fix fmt

* fix tests

* fix lint
2019-07-17 09:04:37 +08:00
Richard Mahn
2771619acf Fixes #7475 - Settings pages giving UnitType error message (#7482) 2019-07-15 23:43:30 -04:00
Tamal Saha
2102f9d92d Support setting cookie domain (#6288)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-07-12 09:57:31 -04:00
Lunny Xiao
d95237b561
add notification placeholder (#7409) 2019-07-12 16:55:46 +08:00
Gary Kim
072bdfa3f5 Only show "New Pull Request" button if repo allows pulls (#7426)
Signed-off-by: Gary Kim <gary@garykim.dev>
2019-07-11 16:21:16 -04:00
Cherrg
a7b1ba0e3d wiki history improvements (#7391)
* add history comments to detect page delete

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* fix too much history entries
- caused by --follow flag
  - if files with same contents exists

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* style imprevements wiki
- history - wrap long author names

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-11 22:45:10 +08:00
Cherrg
0622e83055 add missing template variable on organisation settings (#7385)
fix #6755

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-09 01:11:04 +08:00
Cherrg
e5b247ea8e wiki - page revisions list (#7369)
fix #7

* add wiki page revision list

* mobile improvements

* css improvements for long usernames

* split renderWikiPage into 3 functions

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-07-08 11:20:22 +03:00
Antoine GIRARD
f369788347 Refactor filetype is not allowed errors (#7309) 2019-07-06 22:25:05 -04:00
AJ ONeal
62d6127f1b Make captcha and password optional for external accounts (#6606) 2019-07-06 15:48:02 -04:00
leonklingele
ef57fe4ae3 routers: do not leak secrets via timing side channel (#7364)
* routers: do not leak secrets via timing side channel

* routers/repo: do not leak secrets via timing side channel
2019-07-06 13:03:13 -04:00
leonklingele
96b66e330b routers/user: ensure that decryption of cookie actually suceeds (#7363)
Previously, only the first return value of ctx.GetSuperSecureCookie
was used to check whether decryption of the auth cookie succeeded.
ctx.GetSuperSecureCookie also returns a second value, a boolean,
indicating success or not. That value should be checked first to
be on the safe side and not rely on internal logic of the encryption
and decryption blackbox.
2019-07-06 23:47:09 +08:00
Lunny Xiao
b5aa7f7ceb fix api route (#7346) 2019-07-03 06:31:29 +01:00
zeripath
3563650bdb #6946 Run hooks on merge/edit and cope with protected branches (#6961)
* Fix #6946 by checking PullRequest ID on pushing

* Ensure we have the owner name, the pr attributes and the the issue

* Fix TestSearchRepo by waiting till indexing is done

* Update integrations/repo_search_test.go

* changes as per @mrsdizzie

* missing comma

* Spelling mistake

* Fix full pushing environment
2019-07-01 09:18:13 +08:00
Lunny Xiao
ff85dd3e12 Add commit statuses reports on pull request view (#6845)
* Add commit statuses reports on pull view

* Add some translations

* improve the UI

* fix fmt

* fix tests

* add a new test git repo to fix tests

* fix bug when headRepo or headBranch missing

* fix tests

* fix tests

* fix consistency

* fix tests

* fix tests

* change the test repo

* fix tests

* fix tests

* fix migration

* keep db size consistency

* fix translation

* change commit hash status table unique index

* remove unused table

* use char instead varchar

* make hashCommitStatusContext private

* split merge section with status check on pull view ui

* fix tests; fix arc-green theme on pull ui
2019-06-30 08:57:59 +01:00
Richard Mahn
cd96dee982 Fixes #7292 - API File Contents bug (#7301) 2019-06-29 16:51:10 -04:00
Richard Mahn
002b597c1f Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
* Fixes #7152 - Allow create/update/delete message to be empty, use default message

* Linting fix

* Fix to delete integration tests
2019-06-29 16:19:24 +01:00
Richard Mahn
567e117df8 Fixes #7238 - Annotated tag commit ID incorrect (#7321)
* Fixes #7238 - Annotated tag commit ID incorrect

* Fixes #7238 - Annotated tag commit ID incorrect
2019-06-29 11:44:17 +01:00
Mario Lubenka
7c0f2b9843 Show Pull Request button or status of latest PR in branch list (#6990)
* Show Pull Request button or status of latest PR in branch list

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Do not show pull request button on deleted branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Do not show commit divergence on deleted branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Use XORMs Get instead of limit

* Links pull request ID and use smaller labels for displaying the pull request status

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Handle error when getting latest pull request

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Indent template

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Check error when loading issue

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-06-27 22:15:30 +08:00
Lunny Xiao
edc94c7041 Monitor all git commands; move blame to git package and replace git as a variable (#6864)
* monitor all git commands; move blame to git package and replace git as a variable

* use git command but not other commands

* fix build

* move exec.Command to git.NewCommand

* fix fmt

* remove unrelated changes

* remove unrelated changes

* refactor IsEmpty and add tests

* fix tests

* fix tests

* fix tests

* fix tests

* remove gitLogger

* fix fmt

* fix isEmpty

* fix lint

* fix tests
2019-06-26 14:15:26 -04:00
Lunny Xiao
161e12e157
Shadow the password on cache and session config on admin panel (#7300)
* shadow the password on cache and session config on admin panel

* add shadow password of mysql/postgres/couchbase

* fix log import
2019-06-27 00:12:38 +08:00
Lunny Xiao
aa7c34cf86 Fix error log when loading issues caused by a xorm bug (#7271)
* fix error log when loading issues caused by a xorm bug

* upgrade packages

* fix fmt

* fix Consistency

* fix tests
2019-06-23 18:22:43 +03:00
zeripath
baefea311f
Fix #732: Add LFS objects to base repository on merging (#7082)
On merge we walk the merge history and ensure that all lfs objects pointed to in
the history are added to the base repository. This switches from relying on having git-lfs installed on the server, (and in fact .gitattributes being correctly installed.)
2019-06-22 18:35:34 +01:00
Lunny Xiao
8ec659722d Only check and config git on web subcommand but not others (#7236)
* only check and config git on web subcommand but not others

* add Init in git tests
2019-06-19 19:53:37 +03:00
Lunny Xiao
1e8a616426 show lfs config on admin panel (#7220) 2019-06-16 19:24:49 +01:00
Lunny Xiao
d8168b356d
Add missing description of label on API (#7159)
* add missing description of label on API

* fix comment head

* fix swagger
2019-06-16 20:39:52 +08:00
zeripath
cf2221e3ac Add LastLogin to the User API (#7196) 2019-06-15 23:28:32 -04:00
Cherrg
2f39fc7bb6 fix drone build bug (#7192) 2019-06-13 00:23:45 -04:00
kolaente
f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00
Mario Lubenka
1608f63e39 Fixes diff on merged pull requests (#7171) 2019-06-11 19:32:08 -04:00
Lunny Xiao
7162fbf3d6
if milestone id is zero don't get it from database (#7169) 2019-06-10 22:16:02 +08:00
Lunny Xiao
d93e6232e8
Move PushUpdate dependency from models to repofiles (#6763)
* remove push_update

* move models.PushUpdate to repofiles.PushUpdate
2019-06-10 19:35:13 +08:00
Lanre Adelowo
3e05661d8d archived repos can be starred and watched (#7163) 2019-06-10 09:02:42 +08:00
Richard Mahn
8de0b0a3f0 Fixes #2738 - Adds the /git/tags API endpoint (#7138)
* Fixes #2738 - /git/tags API

* proper URLs

* Adds function comments

* Updates swagger

* Removes newline from tag message

* Removes trailing newline from commit message

* Adds integration test

* Removed debugging

* Adds tests

* Fixes bug where multiple tags of same commit show wrong tag name

* Fix formatting

* Removes unused varaible

* Fix to annotated tag function names and response

* Update modules/git/repo_tag.go

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Uses TagPrefix

* Changes per review, better error handling for getting tag and commit IDs

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID

* Fix to getting commit ID
2019-06-08 17:31:11 +03:00
Mario Lubenka
311ce2d1d0 Compare branches, commits and tags with each other (#6991)
* Supports tags when comparing commits or branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Hide headline when only comparing and don't load unused data

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Merges compare logics to allow comparing branches, commits and tags with eachother

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Display branch or tag instead of commit when used for comparing

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show pull request form after click on button

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Transfers relevant pull.go changes from master to compare.go

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Fixes error when comparing forks against a commit or tag

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes console.log from JavaScript file

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show icon next to commit reference when comparing branch or tag

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Updates css file

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Fixes import order

* Renames template variable

* Update routers/repo/compare.go

Co-Authored-By: zeripath <art27@cantab.net>

* Update from master

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Allow short-shas in compare

* Renames prInfo to compareInfo

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Check PR permissions only if compare is pull request

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Use compareInfo instead of prInfo
2019-06-07 16:29:29 -04:00
Lanre Adelowo
de6539fc8c Add state param to milestone listing API (#7131)
* Support state params

* update tests

* fix tests

* add state=all support

* update tests

* update swagger

* update swagger
2019-06-06 08:37:45 +08:00
Mario Lubenka
8eba27c792 Repository avatar fallback configuration (#7087)
* Only show repository avatar in list when one was selected

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds fallback configuration option for repository avatar

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Implements repository avatar fallback

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds admin task for deleting generated repository avatars

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Solve linting issues

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Save avatar before updating database

* Linting

* Update models/repo.go

Co-Authored-By: zeripath <art27@cantab.net>
2019-06-02 14:40:12 +08:00
zeripath
356854fc5f Move serv hook functionality & drop GitLogger (#6993)
* Move hook functionality internally

* Internalise serv logic

* Remove old internal paths

* finally remove the gitlogger

* Disallow push on archived repositories

* fix lint error

* Update modules/private/key.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Updated routers/private/serv.go

* Fix LFS Locks over SSH

* rev-list needs to be run by the hook process

* fixup

* Improve git test

* Ensure that the lfs files are created with a different prefix

* Reduce the replication in git_test.go

* slight refactor

* Remove unnecessary "/"

* Restore ensureAnonymousClone

* Restore ensureAnonymousClone

* Run rev-list on server side

* Try passing in the alternative directories instead

* Mark test as skipped

* Improve git test

* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
2019-06-01 23:00:21 +08:00
mrsdizzie
de6ef14d04 Validate External Tracker URL Format (#7089)
* Validate External Tracker URL Format

Add some validation checks for external tracker URL format.

Fixes #7068

* Don't make {index} a hard requirement

* Fix Description

* make fmt

* move regex to package level

* fix copyright date
2019-05-31 10:21:15 +01:00
Richard Mahn
43cf2f3b55 Fixes #7023 - API Org Visibility (#7028) 2019-05-30 13:57:55 -04:00
Richard Mahn
1831b3b571 Fixes #5960 - Adds API Endpoint for Repo Edit (#7006)
* Feature - #5960 - API Endpoint for Repo Editing

* Revert from merge

* Adds integration testing

* Updates to integration tests

* Revert changes

* Update year in file header

* Misspell fix

* XORM = test

* XORM = test

* revert XORM = file

* Makes RepoUnit.ID be pk and autoincr

* Fix to units

* revert header

* Remove print statement

* Adds other responses

* Improves swagger for creating repo

* Fixes import order

* Better Unit Type does not exist error

* Adds editable repo properties to the response repo structure

* Fix to api_repo_edit_test.go

* Fixes repo test

* Changes per review

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Actually can unarchive through the API

* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo

* Fix to swagger comments for field name change

* Update to swagger docs

* Update swagger

* Changes allow_pull_requests to has_pull_requests
2019-05-30 11:09:05 -04:00
Sergey Dryabzhinsky
3fd18838aa Repository avatars (#6986)
* Repository avatars

- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less

* Add changed index.css, remove unused template name

* Update en-us doc about configuration options

* Add comments to new functions, add new option to docker app.ini

* Add comment for lint

* Remove variable, not needed

* Fix formatting

* Update swagger api template

* Check if avatar exists

* Fix avatar link/path checks

* Typo

* TEXT column can't have a default value

* Fixes:

- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests

* Fix fmt check

* Generate PNG instead of "static" GIF

* More informative comment

* Fix error message

* Update avatar upload checks:

- add file size check
- add new option
- update config docs
- add new string to en-us locale

* Fixes:

- use FileHEader field for check file size
- add new test - upload big image

* Fix formatting

* Update comments

* Update log message

* Removed wrong style - not needed

* Use Sync2 to migrate

* Update repos list view

- bigger avatar
- fix html blocks alignment

* A little adjust avatar size

* Use small icons for explore/repo list

* Use new cool avatar preparation func by @lafriks

* Missing changes for new function

* Remove unused import, move imports

* Missed new option definition in app.ini

Add file size check in user/profile avatar upload

* Use smaller field length for Avatar

* Use session to update repo DB data, update DeleteAvatar - use session too

* Fix err variable definition

* As suggested @lafriks - return as soon as possible, code readability
2019-05-29 22:22:26 -04:00
Bo-Yi Wu
743697a549
refactor: append, build variable and type switch (#4940)
* refactor: append, build variable and type switch

* fix: remove redundant space.
2019-05-28 23:45:54 +08:00
zeripath
31557b1274
Fix LFS Locks over SSH (#6999)
* Fix LFS Locks over SSH
* Mark test as skipped
2019-05-28 11:32:41 +01:00
zeripath
bd9ed96da5
Install page - Handle invalid administrator username better (#7060)
* Install page - detect invalid admin username before installing

* Also fix #6954
2019-05-28 07:18:40 +01:00
Hui Hui
cf3ffebfde fix issuer of OTP URI should be URI-encoded. (#6634)
* fix: Issuer of OTP URI should be URI-encoded.

follow this link https://github.com/google/google-authenticator/wiki/Key-Uri-Format .

* filter unsafe character ':' in issuer

* Use Replace rather than ReplaceAll
2019-05-27 18:00:32 +01:00
Lunny Xiao
d67fd69474 fix charset was not saved after installation finished (#7048) 2019-05-26 13:36:33 -04:00
Lunny Xiao
355ab0c62c Fix wrong init dependency on markup extensions (#7038)
* fix wrong init dependency on markup extensions
2019-05-25 18:15:39 +01:00
Vladimir Panteleev
a98e085031 Show git-notes (#6984)
* Show git-notes

* Make git-notes heading text localizable

* Refactor git-notes data fetching to a separate function

* Display the author and time of git notes

* Move note bubble inside the commit bubble

* Revert "Move note bubble inside the commit bubble"

This reverts commit c0951fe0e3b4dea38064515546b1825c1bcf19e1.

* Add test for git-notes

* testing ui

* Polish CSS

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-05-24 10:52:05 +03:00
Lunny Xiao
d5a98a2969 Add support of utf8mb4 for mysql (#6992) 2019-05-24 00:15:26 -04:00
Lunny Xiao
c385dcc26b
Fix index produces problem when issues/pulls deleted (#6973)
* fix index produces problem when issues/pulls deleted

* fix tests

* fix tests

* fix tests
2019-05-18 10:37:49 +08:00
zeripath
56ae539bed SearchRepositoryByName improvements and unification (#6897) 2019-05-15 11:24:39 -04:00
techknowlogick
5fb1ad7011 Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
* Fix #6951 - logs show proper HTTP Method, and allow change HTTP method
in form

* enforce POST method for webhook

* set default if method is empty
2019-05-15 20:01:53 +08:00
Lunny Xiao
710245e81e
Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* refactor models.NewRepoContext to extract git related codes to modules/git

* fix imports

* refactor
2019-05-15 09:57:00 +08:00
Lunny Xiao
6123840745 Remove macaron dependent on modules/log (#6933) 2019-05-13 22:55:52 -04:00
Tamal Saha
34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
techknowlogick
5ffc9656c6
Change drone token name to let users know to use oauth2 (#6912) 2019-05-12 13:29:07 -04:00
iliyan ivanov
13583a650f fix syntax highlight in blame view #6895 (#6909) 2019-05-11 23:27:39 +03:00
zeripath
ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao
34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
techknowlogick
2f21bc33a5 Use AppURL for Oauth user link (#6894)
* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go
2019-05-09 20:22:35 +03:00
Richard Mahn
6db3dc7c02 Fixes #6881 - API users search fix (#6882) 2019-05-08 22:17:32 +03:00
Lunny Xiao
9f18b23129 Fix 404 when send pull request some situation (#6871) 2019-05-07 13:20:23 -04:00
Lunny Xiao
08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
Lunny Xiao
01ebd52a1f fix config ui error about cache ttl (#6861) 2019-05-06 17:35:11 +03:00
Lunny Xiao
2382f1b057
fix 500 when reviewer is deleted with integration tests (#6856) 2019-05-06 20:09:31 +08:00
Simon
a2a006a5d5 Add GET requests to webhook (#6771)
* Add GET requests to webhook

* make fmt

* Handle invalid http method on webhook

* Uppercase http method in webhook

* Rename v85.go to v86.go

* make fmt
2019-05-05 14:09:02 -04:00
Mario Lubenka
55a8e12d85 Number of commits ahead/behind in branch overview (#6695)
* Call Git API to determine divergence of a branch and its base branch

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show commit divergance in branch list

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds missing comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds test for diverging commits

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Try comparing commits instead of branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes test as CI can't run it

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts signature of percentage function to allow providing multiple integers as numerator

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Moves CountDivergingCommits function into repofiles module

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-05-05 19:25:25 +03:00
techknowlogick
46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Lauris BH
1fa9662946
Git statistics in Activity tab (#4724)
* Initial implementation for git statistics in Activity tab

* Create top user by commit count endpoint

* Add UI and update src-d/go-git dependency

* Add coloring

* Fix typo

* Move git activity stats data extraction to git module

* Fix message

* Add git code stats test
2019-05-04 15:39:03 +03:00
zeripath
ade88a877d Allow Recaptcha service url to be configured (#6820) 2019-05-02 16:09:39 +03:00
ngourdon
4e311123d8 Fix team edit API panic (#6780) 2019-04-27 19:32:33 -04:00
Lunny Xiao
4c34bc111c
fix pulls broken when fork repository deleted (#6754)
* fix pulls broken when fork repository deleted

* fix lint
2019-04-26 11:03:39 +08:00
techknowlogick
ec2d489d15
OAuth2 token can be used in basic auth (#6747) 2019-04-25 18:42:50 -04:00
Lunny Xiao
199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
Lunny Xiao
e8f4c7733a
fix missing return (#6751) 2019-04-25 19:30:38 +08:00
James E. Blair
dabee9b1a4 Handle redirects in git clone commands (#6688)
Add support for repo_redirect objects in the git smart http
handler so that when a user clones a repo that has been moved
or renamed, they are redirected to the new location.

This requires that the query string be included in the redirect
as well, so that is added.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-04-25 08:51:40 +03:00
Lunny Xiao
ff03b2f606 Fix: Sort repos on org home page with non-admin login (#6741) 2019-04-24 19:20:22 +01:00
Lunny Xiao
59be704efb Fix team members API (#6714) 2019-04-24 01:32:35 -04:00
John Olheiser
45fa5cc1be [API] Load issue attributes when editing an issue (#6723) 2019-04-23 13:07:12 -04:00
zeripath
be666b03ee Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted

Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to repository and user

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to access and unit

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ColorFormat to permission and on trace log it

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add log.NewColoredIDValue to make ID value coloring consistent

Signed-off-by: Andrew Thornton <art27@cantab.net>

* formatting changes

* Add some better tracing to permission denied for read issues/pulls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Trace logging on permission denied

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove isTrace() check from deferred func

* Adjust repo and allow logging of team

* use FormatInt instead of Itoa

* Add blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update access.go
2019-04-22 23:40:51 +03:00
Mario Lubenka
bc86134759 Show "delete branch" button on closed pull requests (#6570) (#6601)
* Show button to delete a pull request branch after a pull request has been closed (#6570)

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Update routers/repo/pull.go

Co-Authored-By: saitho <mario.lubenka@googlemail.com>
2019-04-20 23:50:34 +03:00
zeripath
6cb127d497
Fix reversion caused by 6314 (#6685)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-04-20 08:59:34 +01:00
Mario Lubenka
fcbac38d6f Unifies pagination template usage (#6531) (#6533) 2019-04-20 00:15:19 -04:00
Andrzej Ressel
469d9b7d9a Add option to blame files (#5721) 2019-04-19 22:47:00 -04:00
Daniel Grier
b9d1fb6de3 Add support for MS Teams webhooks (#6632) 2019-04-19 10:18:06 -04:00
Filip Navara
2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
techknowlogick
19ec2606e9 API OTP Context (#6674)
* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
2019-04-19 11:59:26 +03:00
techknowlogick
56da256853
Telegram webhook (#4227) 2019-04-18 22:45:02 -04:00
AJ ONeal
6dbd261852 UX + Security current user password reset (#5042)
* allow current user to reset their own password

* handle reset password edge cases properly and consistently

* remove dangling assignment

* properly label account recovery instead of reset password

* remove 'Click here' from button

* update English-only account-recovery templates
2019-04-18 10:23:59 +03:00
Lunny Xiao
dd1acd7ce4 Comments list performance optimization (#5305) 2019-04-18 01:00:03 -04:00
Richard Mahn
2262811e40 Fixes 4762 - Content API for Creating, Updating, Deleting Files (#6314) 2019-04-17 12:06:35 -04:00
Jonas Franz
7a4c29c739 OAuth2 Grant UI (#6625)
* Add oauth2 grants ui

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add delete functionality
Add translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant
Use results.Close()

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Refactor DeleteOAuth2Grant (again)

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if user ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if grant ID is zero

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-17 16:18:16 +08:00
Segev Finer
34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath
6821a32d81 Properly escape on the redirect from the web editor (#6657) 2019-04-16 20:07:13 -04:00
zeripath
837116875e Return a UserList from /api/v1/admin/users (#6629) 2019-04-15 12:36:59 -04:00
Antoine GIRARD
d699de32f2 add .gpg url (match github behaviour) (#6610)
* add .gpg url (match github behaviour)

* wildcard

* test to export maximum data

* working POC

* add comment for old imported keys

* cleaning

* Update routers/user/profile.go

Co-Authored-By: sapk <sapk@users.noreply.github.com>

* add migration script

* add integration tests
2019-04-14 12:43:56 -04:00
zeripath
b3e757a06c
Correctly adjust mirror url (#6593) 2019-04-12 21:52:57 +01:00
John Olheiser
cb64b21a7f Change summary to full message (#6591)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-04-12 17:11:09 +01:00
Jonas Franz
783cd64927 Add option to disable refresh token invalidation (#6584)
* Add option to disable refresh token invalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add integration tests and remove wrong todos

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix typo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix tests and add documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-12 15:50:21 +08:00
mrsdizzie
3ff0a126e1 Improve issue autolinks (#6273)
* Improve issue autolinks

Update autolinks to match what github does here:

Issue in same repo: #1
Issue in different repo: org/repo#1

Fixes #6264

* Use setting.AppURL when parsing URL

Using setting.AppURL here is a more reliable way of parsing the current
URL and what other functions in this file seem to use.

* Make ComposeMetas always return a valid context

* Add per repository markdown renderers for better context

* Update for use of context metas

Now that we include the user and repo name inside context metas, update
various code and tests for this new logic
2019-04-12 08:53:34 +03:00
Mura Li
3186ef554c Support search operators for commits search (#6479)
* Support searching commits with prefix syntax

For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.

For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob

"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.

Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong

* Remove unneeded logging

* Add missing files of test repository

* Add missing repo_unit entries to test fixtures

* Update test cases

* Add tooltip for commits search button

* Update tooltip text

I have no idea about how to format it with line breaks.

* Make the usage example more real

* Add a test case

* Add new options struct for SearchCommits

* Prefer len(s) > 0 over s != ""

* Add NewSearchCommitsOptions
2019-04-12 10:28:44 +08:00
Lunny Xiao
1b7dffc3a3 fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) 2019-04-11 19:29:41 -04:00
Matthias Beckert
5348573fdf Allow admin users to set a repositoires visibility to public, even if FORCE_PRIVATE is to true (#6541) (#6572)
Signed-off-by: Matthias Beckert <beckert.matthias@googlemail.com>
2019-04-11 16:32:42 +08:00
John Olheiser
aa02463ded Delete local branch if it exists (#6497)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-04-08 08:08:02 +03:00
Vasek Sraier
49b2f45f75 Cleaned permission checks for API -> site admin can now do anything (#6483)
* cleaned permission checks for API -> site admin can now do anything

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: helper methods moved to context/context.go, added missing return

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: added documentation to new exported helper functions in context/context.go

Signed-off-by: Vasek Sraier <git@vakabus.cz>
2019-04-08 01:49:34 +03:00
Elias Norberg
bf5af87eef Show last commit status in pull request lists (#6465) 2019-04-02 15:54:29 -04:00
Lunny Xiao
09fb036ad6 fix upload attachments (#6481)
* fix upload attachments

* add migration for new column uploader_id on table attachment

* fix imports sequence
2019-04-02 15:25:05 -04:00
zeripath
704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
Lunny Xiao
ef2a343e27 fix bug when user login and want to resend register confirmation email (#6482) 2019-04-02 08:44:33 +03:00
Lunny Xiao
d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie
d056bf300f Clean up ref name rules (#6437)
* Clean up ref name rules

Clean up checks on reference names to better conform to the guideline
here: https://git-scm.com/docs/git-check-ref-format

This fixes half of #6321

* Update branch create integration test

According to: https://git-scm.com/docs/git-check-ref-format

And: git check-ref-format "master/feature=test1"

This is a valid branch name and we should not be testing for it to fail.
2019-03-26 21:59:48 +02:00
Segev Finer
b4941f707b Fix Hook & HookList in Swagger (#6432)
Signed-off-by: Segev Finer <segev@codeocean.com>
2019-03-26 21:41:17 +02:00
Allen Wild
909feaafa7 routers/repo/setting: display correct error for invalid mirror interval (#6414)
Set Err_Interval in the context data so that the mirror interval box is
highlighted red as expected.

Clear Err_RepoName for the mirror and advanced actions. repo_name is not
set by these forms, causing auth.validate() to set the Err_RepoName
before SettingsPost is called, which would lead to the repository name
box getting erroneously highlighted red.

Fixes: https://github.com/go-gitea/gitea/issues/6396
2019-03-25 17:51:55 -04:00
Richard Mahn
ecce28f9df Updates SDK dep (#6406) 2019-03-22 11:38:49 -04:00
Roland Koebler
57ecf09787 Markdown: enable some more extensions (#6362)
* Markdown: enable some more extensions

Improve Markdown-rendering by enabling some extensions:

- enable definitions lists
- enable footnotes
- enable header-ids and automatically generate header-ids (for linking to README-sections or creating table-of-contents for larger READMEs)

* Markdown: update and exted tests

Update and add tests for additionally enabled Markdown-extensions.
2019-03-21 15:53:06 +02:00
mrsdizzie
6f2e1bd23a Don't Unescape redirect_to cookie value (#6399)
redirect_to holds a value that we want to redirect back to after login.
This value can be a path with intentonally escaped values and we
should not unescape it.

Fixes #4475
2019-03-20 22:06:16 -04:00
mrsdizzie
f125330fcf Include more variables on admin/config page (#6378)
Include the current CustomPath location in the admin section and also
display GITEA_WORK_DIR and/or GITEA_CUSTOM env var if they are set.

Right now there is no easy way to see this information, and if you try
and help most users they won't be able to tell you anything about these
values -- just that their custom template isn't working, files aren't in
the right place, etc... Now you can see all paths and if they were set
by ENV or not.
2019-03-19 18:40:13 -04:00
Lanre Adelowo
5c82ef098e make sure units of a team are returned (#6379) 2019-03-19 17:50:06 -04:00
Russell Aunger
b34996a629 Implement Default Webhooks (#4299)
Partially implement #770.
Add "Default Webhooks" page in site admin UI.
Persist to the existing webhooks table, but store with RepoID=0 and OrgID=0.
Upon repo creation, copy the set of default webhooks into the new repo.
2019-03-18 22:33:20 -04:00
John Olheiser
cac9e6e760 Updates to API 404 responses (#6077) 2019-03-18 22:29:43 -04:00
techknowlogick
d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
mrsdizzie
ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
John Olheiser
c55bdca562 Add same changes from issues page to milestone->issues page (#6328) 2019-03-15 11:50:27 -04:00
Bogdan Petrea
583968f274 Return 409 when creating repo if it already exists. (#6330) 2019-03-15 10:19:09 -04:00
Lunny Xiao
4334fe754e
update git vendor to fix wrong release commit id and add migrations (#6224)
* update git vendor to fix wrong release commit id and add migrations

* fix count

* fix migration release

* fix tests
2019-03-11 11:44:58 +08:00
Jonas Franz
2315019fef Add support for client basic auth for exchanging access tokens (#6293)
* Add support for client basic auth for exchanging access tokens

* Improve error messages

* Fix tests
2019-03-11 10:54:59 +08:00
Aidan Fitzgerald
f5cf9a8355 Copyedit docs (#6275) 2019-03-09 16:15:45 -05:00
Jonas Franz
8fffb06168
Add regenerate secret feature for oauth2 (#6291)
* Add regenerate secret functionality

* Fix lint
2019-03-09 17:29:58 +01:00
John Olheiser
8211e01d9e Add unit types to repo action URL to correctly show 404 when archived (#6247)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-03-09 11:00:38 +00:00
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
Lanre Adelowo
141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
Lunny Xiao
c812ba7f87
fix display dashboard even if require to change password (#6214)
* fix display dashboard even if require to change password

* fix comments
2019-02-28 16:01:42 +08:00
James E. Blair
48c101affe Create a repo redirect when transferring ownership (#6210) (#6211)
When transferring ownership of a repo to a different user/org,
create a repo redirect that points to the new location in the same
way that is done when a repo is renamed.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-02-28 11:51:46 +08:00
John Olheiser
7548037a64 Adds MustChangePassword to user create/edit API, defaults to true (#6193)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-27 21:37:57 +02:00
Lunny Xiao
7afe81f28e fix bug when migrate repository 500 when repo is existed (#6188)
* fix bug when migrate repository 500 when repo is existed

* use 409 but not 422 for error status code when not exist

* translation fix
2019-02-26 09:28:56 -05:00
Lunny Xiao
4a2fbbeb10 fix bug user could change private repository to public when force private enabled. (#6156) 2019-02-22 21:56:05 +00:00
Lunny Xiao
134e55510e fix bug when update owner team then visit team's repo return 404 (#6119) 2019-02-22 11:14:45 -05:00
John Olheiser
df30010dbd Make repo creation for API similar to UI (#6142) 2019-02-21 17:07:58 -05:00
zeripath
3b61ff1895 Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
* Fix display of >1Kb LFS text files

* Make LFS stored Readme files viewable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* catch errors and restructure LFS sections
2019-02-21 15:57:16 -05:00
John Olheiser
994b1be9d1 Admins can now do unlimited page size user search (listAllUsers & listAllOrgs) (#6143)
Non-admins will default to 10 page size
2019-02-21 15:42:54 -05:00
Lunny Xiao
0751153613
refactor issue indexer, add some testing and fix a bug (#6131)
* refactor issue indexer, add some testing and fix a bug

* fix error copyright year on comment header

* issues indexer package import keep consistent
2019-02-21 08:54:05 +08:00
John Olheiser
d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
John Olheiser
ba0749b7db Load Issue attributes for API call (#6122)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-19 19:07:19 +02:00
Lunny Xiao
830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lanre Adelowo
094263db4d Show email if the authenticated user owns the profile page being requested for (#4981)
* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
2019-02-19 09:11:50 -05:00
Lunny Xiao
f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
Zsombor
538a26d56f Show private organization for admin, fix #6111 (#6112) 2019-02-19 09:16:06 +08:00
Lanre Adelowo
44114b38e6 Implement "conversation lock" for issue comments (#5073) 2019-02-18 22:55:04 +02:00
Rémy Boulanouar
64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
John Olheiser
0b72c00fad Allow labels to contain emoji (#6063)
* Add emoji to labels
Minor cleanup of tribute code in footer.tmpl

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Quick find/replace in other i18n files containing label translations

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert "Quick find/replace in other i18n files containing label translations"

This reverts commit ec3e1a3a1775989301bb2c1cd08e8871b317688d.

* Add style to overwrite emoji height in labels

* Revert Makefile change that makes Windows work
2019-02-16 19:33:09 +02:00
Lanre Adelowo
f2256d9881 make sure labels are actually returned (#6053) 2019-02-13 10:45:19 -05:00
zeripath
2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
zeripath
296814e887 Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview

* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles

* Move branch checkout functions out of repo_editor.go as they are no longer used there

* BUGFIX: The default permissions should be 100644

    This is a change from the previous code but is more in keeping
    with the default behaviour of git.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Standardise cleanUploadFilename to more closely match git

See verify_path in: 7f4e641693/read-cache.c (L951)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Redirect on bad paths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Refactor to move the uploading functions out to a module

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add LFS support

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update upload.go attribution header

Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.

* Delete upload files after session committed

* Ensure that GIT_AUTHOR_NAME etc. are valid for git

see #5774

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in test cases per @lafriks comment

* Add space between gitea and github imports

Signed-off-by: Andrew Thornton <art27@cantab.net>

* more examples in TestCleanUploadName

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix formatting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch off SSH_ORIGINAL_COMMAND

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-12 15:07:31 +02:00
manuelluis
fc038caa69 In basic auth check for tokens before call UserSignIn (#5725)
* Check first if user/password is a token

* In basic auth check if user/password is a token

* Remove unnecessary else statement

* Changes of fmt
2019-02-12 11:20:08 +02:00
Luo Yifei
7884353a04 Add the Owner Name to differentiate when merging (#3807) 2019-02-12 10:37:32 +02:00
Lanre Adelowo
d0cb5aa9f9 fix #3200 (#6033) 2019-02-11 03:27:24 +02:00
Lanre Adelowo
9d8178b3ac Add option to close issues via commit on a non master branch (#5992)
* fixes #5957

* add tests to make sure config option is respected

* use already defined struct

* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created

- fix copy/paste error in copyright header year and rearrange import

- use repo config instead of server config value to determine if a commit should close an issue

- update testsuite

* use global config only when creating a new repository

* allow repo admin toggle feature via UI

* fix typo and improve testcase

* fix fixtures

* add DEFAULT prefix to config value

* fix test
2019-02-10 21:27:19 +02:00
Paul
8c865f3ce8 Fix metrics auth token detection (#6006)
Signed-off-by: Pauls Barkans <paulsb@gmail.com>
2019-02-09 00:58:31 -05:00
Richard Mahn
ba91214633 Feature - #3031 - search for org repos (#5986) 2019-02-08 11:45:43 -05:00
Thomas Loubiou
7fb09f035a Fix #5799 - swagger for mergePullRequest (#5996) 2019-02-08 08:08:38 +00:00
Lunny Xiao
01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Lunny Xiao
06a1739553 fix bug when deleting a linked account will removed all (#5989) 2019-02-07 01:51:23 -05:00
Lanre Adelowo
9dfdf80af0 Expose issue stopwatch toggling via API (#5970) 2019-02-06 21:57:25 -05:00
Richard Mahn
da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
zeripath
f286a5abb4 Allow Macaron to be set to log through to gitea.log (#5667)
* Allow Macaron to be set to log through gitea.log

Fix #4291
2019-02-05 22:06:41 -05:00
Gabriel Silva Simões
3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lunny Xiao
bf4badad1d Pull request conflict files detection (#5951)
* add conflict detection

* test pull request conflict files

* fix detection files number

* fix comments
2019-02-05 06:54:49 -05:00
Lanre Adelowo
5390791224 Automatically clear stopwatch on merging a PR (#4327)
* Don't display buttons if there are no notices

* clear stopwatch on merging a PR

* remove redundant gt check

* use ctx.Flash as per @bkcsoft comment

* stop timer on closing issues/PRs too

* updated translation as per review

* redirect to login page after successfully activating account

* remove unrelated changes

* stop timer for issues that are closed via commits too..Not just the 'close' UI button
2019-02-05 13:38:11 +02:00
Lanre Adelowo
024871ade6 Add label names as filter in issue search api (#5946) 2019-02-04 10:20:44 -05:00
zeripath
24a36e84cc Issue 5924 fix compare button (#5929)
* Revert #5877

This unfortunately was not the solution.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Change permission check to create pull requests to CanReadIssuesOrPulls

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 19:56:18 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
Lunny Xiao
ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
techknowlogick
3a7306945c
Disable redirect for i18n (#5910) 2019-01-31 09:38:20 -05:00
zeripath
ca00ca8ee4 Provide better panic handling (#5902)
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:00:00 -05:00
Lanre Adelowo
57a69ef277 don't allow pull requests to be created on an archived repository (#5883)
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived

* Refuse creating an issue/PR via API calls too
2019-01-30 12:20:40 -05:00
Lanre Adelowo
7933a950d0 respect value of REQUIRE_SIGNIN_VIEW (#5901) 2019-01-30 11:45:48 -05:00
Lauris BH
fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lanre Adelowo
8b5f6ced22 if repo does not exist, show a 404 not a 500 (#5900) 2019-01-30 11:13:39 -05:00
kekero
3568d426fe New Issue ?body= query (#5851)
* New Issue ?body= query

* Override issue template with body query

* Add documentation for issue body query
2019-01-28 10:23:59 -05:00
zeripath
bf47f70c3b
API: Fix null pointer in attempt to Sudo if not logged in (#5872)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-28 14:13:59 +00:00
yasuokav
8510ac2687 Fix MinInterval (#5856)
Fixes #5847
2019-01-26 08:26:23 +00:00
Lunny Xiao
6b0c2e9e35 update swagger for release API pagination (#5841) 2019-01-25 09:10:50 +02:00
Lunny Xiao
892bfd0b19 improve the releases api paging (#5831)
* improve the releases api paging

* add max limit on API paging
2019-01-24 20:59:27 +02:00
kolaente
9a137faaaf Added docs for the tree api (#5834)
* Added docs for the tree api

* Added missing response definition

* Fixed swagger docs
2019-01-24 13:13:30 -05:00
Lauris BH
cd83c2ca05
Fix topics saving internal error and disable for archived repos (#5821) 2019-01-24 12:22:27 +02:00
Shashvat Kedia
1b90692844 New API routes added (#5594)
* New API routes added

* Comments added

* Build fix

* swagger_v1_json.tmpl without new line character

* Typo fix

* Code review changes

* Code review changes

* Add copyright

* Add copyright

* Add copyright

* Update per @lafriks feedback

* Update org.go

* Update user.go

* Update user.go

* make fmt
2019-01-23 17:30:19 -05:00
kolaente
0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
zeripath
7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lauris BH
075649572d Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
Lanre Adelowo
e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Paul Brackin
f631702299 Ensure error is logged on db reconnection attempts (#5780)
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
2019-01-20 09:30:37 +00:00
Paul Brackin
1bb22b2b47 Make db connect more robust (#5738) 2019-01-19 16:17:08 -05:00
zeripath
07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao
82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Harshit Bansal
5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
Elijah Oyekunle
734834a676 Add Default Pull Request Title (#5735)
* add default PR title
Set default PR title to commit summary if there's a single commit on the head branch, else set it to the head branch name

* set default PR description
If there's a single commit on the head branch, and it's multiline, then set it as the default PR description
2019-01-16 22:50:11 +01:00
silverwind
44759fd66c Add proper CORS preflight origin validation (#5740) 2019-01-15 23:16:45 -05:00
Lunny Xiao
270fa6d63b Support CORS headers to git smart http protocol (#5719) 2019-01-14 16:05:27 -05:00
Khaled Hamed
bd75965296 Prioritize "readme.md" (#5691)
* prioritize readme.md

* Improve IsReadmeFile

* Add more tests
2019-01-14 14:15:06 -05:00
zeripath
2b36bdd490 Do not display the raw OpenID error in the UI (#5705)
* Do not display the raw OpenID error in the UI

If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.

Fix #4973

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update auth_openid.go

Place error log within the `err != nil` branch.
2019-01-12 14:24:47 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
gdeverlant
d3dc07f282 Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
Julian
97dafdc057 fix commit page showing status for current default branch (#5650)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2019-01-06 16:32:00 +02:00
zeripath
fd1e8563f8 SECURITY: protect DeleteFilePost et al with cleanUploadFileName (#5631)
This commit wraps more of the TreePaths with cleanUploadFileName

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-04 11:08:26 -05:00
Harshit Bansal
8764f1512d branch: Trigger update when deleting branch via UI. (#5617)
Fixes: #5309.
2019-01-02 20:56:58 +08:00
Rodrigo Villablanca Vásquez
4c52858c39 Issue is not overdue when it is on the same date #5566 (#5568)
* Due date time of issues and milestones is set to 23:59:59

* Add docs

* make gen swagger

* fix swagger gen
2019-01-01 18:56:47 +01:00
Shashvat Kedia
6e20b504b1 Delete organization endpoint added (#5601)
* Delete organization endpoint added

* Parameters added in comment

* Typo fix

* Newline character removed
2018-12-27 16:36:58 +01:00
Julian
4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Shashvat Kedia
ba2c02b75d Fix route in swagger (#5598) 2018-12-26 21:13:49 +02:00
Lunny Xiao
4a02a783c4 fix bug on upload file name (#5571) 2018-12-20 21:32:11 -05:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
zeripath
2a660a1de1 Support reverse proxy providing email (#5554)
This PR implements #2347
2018-12-18 12:05:48 -05:00
Lunny Xiao
b3b7598ec6 Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
Lunny Xiao
b1f3685015 fix approvals limitation (#5521) 2018-12-11 18:49:33 -05:00
Lunny Xiao
58c4559d3b fix permission check on api create org (#5523) 2018-12-11 14:33:24 -05:00
Lunny Xiao
ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Lunny Xiao
ccea91652f fix adding reaction fail for read permission (#5515) 2018-12-11 13:12:06 -05:00
Jonas Franz
9681c83734 Approvals at Branch Protection (#5350)
* Add branch protection for approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add required approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing comments and fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add type = approval and group by reviewer_id to review

* Prevent users from adding negative review limits

* Add migration for approval whitelists

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-11 19:28:37 +08:00
Lunny Xiao
928417ae39 Fix empty wiki (#5504)
* fix wiki page when wiki path is exist but empty

* improve the error check
2018-12-09 17:45:44 -05:00
Lunny Xiao
7c0c965532 Improve team members and repositories settings UI (#5457)
* improve team members and repositories settings UI

* use tab on team pages

* add default description on team members and repos

* add blank on numbers and texts

* improve translation
2018-12-09 08:42:11 +02:00
Lunny Xiao
da5a0b8382
add tests for api user orgs (#5494)
* add tests for api user orgs

* add permission for admin to list user's orgs even he is a private user of org
2018-12-09 10:19:50 +08:00
Lanre Adelowo
9441bfaccc admin should be able to delete repos even if he is not a member of the organization (#5443) 2018-12-02 11:08:33 -05:00
Lucien Kerl
552014a068 Removing Labels via EditPullRequest API (#5348)
* added the ability to provide an empty array at the EditPullRequests API to remove all labels

Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>

* Update pull.go
2018-12-01 01:05:57 -05:00
Lanre Adelowo
0787056e07 Allow to add organization members as collaborators on organization owned repositories (#4748)
repository... Fixes #4507
2018-11-30 10:49:55 +02:00
Lunny Xiao
2dc805c0c6
Milestone issues and pull requests (#5293)
* add milestone issues and pulls page instead of redirecting issues page

* add milestone when creating issue from milestone page

* refactor to merge similiar codes as a new function issues

* remove milestone info on milestone issues list

* fix missing params
2018-11-29 09:46:30 +08:00
Kasi Reddy
d5d847e5c4 Git-Trees API (#5403)
* Git-Trees API

* update vendor'd libs

* added comments to exported function and formatted.

* make fmt

* update per @lafirks feedback
2018-11-28 16:17:09 -05:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lauris BH
08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
SohnyBohny
294904321c Create Progressive Web App (#4730)
* Create manifest and serviceworker

* Create templates and add AppSubUrl

* Add JSRenderer

* fix ctx type

* Add JSRenderer to static.go

* Complete adding {{AppSubUrl}}

* Add more fonts to urlsToCache

* Add 512px and 192px icons

* Hardcode font MD5

* Default theme doesn't have a specific CSS file
2018-11-27 10:18:26 -05:00
Lanre Adelowo
5e022a98e6 show only opened milestones on issues page milestone filter (#5051)
* show only opened milestones on issues page milestone filter

* update Godoc

* update Godoc everywhere

* update swagger

* use false instead of 0

* Add seccond ordering by ID for milestones where no deadline is set
2018-11-26 16:45:42 +08:00
Daniel Balko
3379141d81 API: '/orgs/:org/repos': return private repos with read access (#5310) (#3829) (#5383)
Signed-off-by: Daniel Balko <inxonic+github@gmail.com>
2018-11-23 16:23:27 -05:00
kolaente
0dcf31ae49 Show review summary in pull requests (#5132) 2018-11-22 15:17:36 +02:00
Lunny Xiao
8ef177f8c5 add api for user to create org (#5268)
* add api for user to create org

* remove unused blank line on the swagger file end

* fix create and add test

* fix tests

* fix routes of create org API

* fix bug

* add copyright heads
2018-11-20 12:31:30 -05:00
Peter Hoffmann
e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Lucien Kerl
89eea64e10 added the ability to set labels on the "edit pull request" api (#5347)
Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>
2018-11-16 12:12:44 +01:00
Lanre Adelowo
b97af15de6 Block registration based on email domain (#5157)
* implement email domain whitelist
2018-11-14 20:00:04 -05:00
Lunny Xiao
b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
Jonas Bröms
599adde1bc Add option to disable automatic mirror syncing. (#5242)
Setting the interval to 0 will disable to automatic syncing.
2018-11-08 18:58:02 -05:00
Stanislav
078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
zeripath
7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath
00533d3870 Keys API changes (#4960)
* Add private information to the deploy keys api

This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add private information to the user keys API

This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add integration test
2018-10-31 23:40:49 -04:00
zeripath
a3e084716e Add AutoHead functionality. (#5186)
Fixes #5153
2018-10-30 11:08:49 -04:00
Antoine GIRARD
617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Jonas Bröms
db30d6d791 Serve audio files using HTML5 audio tag (#5221)
* Serve audio files using HTML5 audio tag

* Correct copy paste error
2018-10-30 10:17:26 +08:00
AJ ONeal
b8451190d8 UX of link account (Step 1) (#5006)
* Show either sign up OR sign in

* disambiguate fresh start from adding recovery options

* use tabs to switch between account link flows

* add active to tab body as well

* changes as per discussion

* handle specific error; fix missing err typo
2018-10-28 18:46:16 -04:00
Rodrigo Villablanca Vásquez
48badd59e9 Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* Fix to 3819

* Changes suggested

* Empty line removed

* Fix error: non-name opts.Labels on left side of :=
2018-10-28 07:55:01 +01:00
kolaente
6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
Jonas Franz
f38fce916e Add comment replies (#5104)
* Add comment replies

* Replace reviewID with review.ID
2018-10-22 16:13:35 -04:00
zeripath
43f9233914 Fix Swagger JSON autogeneration issues. (#4845)
* Fix Swagger JSON.

Remove unnecessary schema references for the forbidden and empty responses

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger API for CreateAccessToken

* Fix admin create org swagger

* Fix swagger for adminCreateRepo

* More swagger fixes

Set int64 format for those which are int64
Some more form fixes

* Fix swagger description of GET /repos/{owner}/{repo}/pulls
2018-10-20 23:40:42 -04:00
Oleg Kovalov
5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Julien Tant
dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Lunny Xiao
ea619b39b2
Add notification interface and refactor UI notifications (#5085)
* add notification interface and refactor UI notifications

* add missing methods on notification interface and notifiy only issue status really changed

* implement NotifyPullRequestReview for ui notification
2018-10-18 19:23:05 +08:00
zeripath
dd62ca7ba9 Add support for search by uid (#4876)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2018-10-18 16:44:51 +08:00
Lauris BH
ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00
Lauris BH
81702e6ec9 Detect charset and convert non UTF-8 files for display (#4950)
* Detect charset and convert non UTF-8 files for display

* Refactor and move function to correct module

* Revert unrelated changes

* More unrelated changes

* Duplicate content for small text to have better encoding detection

* Check if original content is valid before duplicating it
2018-09-29 16:33:54 +08:00
zeripath
36e7cb9755 Update Swagger API to match the return of /users/search (#4847)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2018-09-21 16:56:26 +08:00
Lauris BH
4befec242a
Code review UI improvements and bugfixes (#4682)
* Code review UI improvements

* More fixes to dark theme

* Style fix

* Fix to allow add code review comments only on review files tab

* More readability dark style fixes

* Fix commenting on deleted files. Fixes #4752

* Fix line blame getting for multiple corner cases
2018-09-17 17:59:49 +03:00
Lanre Adelowo
acb6f8a518 make sure to catch the right error so it is displayed as an error on the ui not a 500 (#4945) 2018-09-16 18:27:43 +03:00
Lanre Adelowo
2a6d3ba058 Allow admin toggle forcing a password change for newly created users (#4563) 2018-09-13 12:34:36 -04:00
Lanre Adelowo
126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
Bo-Yi Wu
ea20adaa84
feat(repo): support search repository by topic name (#4505)
* feat(repo): support search repository by topic name
2018-09-13 10:33:48 +08:00
techknowlogick
f1ad4bb3d5
Remove traces of embedded TiDB (#4906)
Fix #3357
2018-09-11 10:42:40 -04:00
Lanre Adelowo
8ee9922fe6 Add file name and branch to page title (#4902) 2018-09-10 13:01:49 -04:00
B-OnTheGo
e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
Bobonium
387a4b09c1 allow api to create tags for releases (#4890) 2018-09-10 10:57:41 -04:00
Lanre Adelowo
be48397945 Slack webhook channel name cannot be empty or just contain an hashtag (#4786) 2018-09-10 10:31:08 -04:00
Lewis Cowles
c43399cad8 Fixes repo branch endpoint summary (#4893)
in browser saw `/repos/{owner}/{repo}/branches/{branch} List a repository's branches` fixed

Addresses https://github.com/go-gitea/debian-packaging/pull/1

Fixes https://github.com/go-gitea/gitea#4892
2018-09-09 11:36:08 +08:00
zeripath
d293a2b9d6 Add sudo functionality to the API (#4809) 2018-09-06 23:31:29 -04:00
Lunny Xiao
e48df3ee47 issues api allow pulls and fix #4832 (#4852) 2018-09-03 13:20:54 -04:00
Najib Idrissi
b9ae16d15e Make reverse proxy auth optional (#4643)
* Make reverse proxy auth optional

If the option ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled, make
reverse proxy auth optional, instead of failing if the authentication
did not succeed.

Fixes #3973

Signed-off-by: Najib Idrissi <najib.idrissi.kaitouni@gmail.com>

* Update http.go
2018-08-29 10:39:16 -04:00
EnricoFerro
912953e82a API /admin/users/{username} missing parameter (#4775) 2018-08-23 19:59:47 -04:00
Lanre Adelowo
6ca8fbd2f9 Fixed bug where team with admin privelege type doesn't get any unit attached to the team (#4719) 2018-08-21 13:02:32 -04:00
Lanre Adelowo
6c1a31ffaa User shouldn't be able to approve or reject his/her own PR (#4729)
* Make sure author cannot reject/approve their own PR

* Disable buttons in templates too

* Remove unneccessary if check since the switch below catches it

* Fix IsOwner check

* Update template and remove new template variable

* Add alert template and redirect to diff page on review failure

* Redirect to files diff as a little update to #4632
2018-08-20 07:04:01 +02:00
Lanre Adelowo
a6cdda115d Display error when adding a user to a team twice (#4746) 2018-08-19 21:49:19 +03:00
Lauris BH
92466129ec
Improve URL validation for external wiki and external issues (#4710)
* Improve URL validation for external wiki  and external issues

* Do not allow also localhost address for external URLs
2018-08-15 09:29:37 +03:00
SagePtr
0449330dbc Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) 2018-08-14 23:16:37 +03:00
nemoinho
ca112f0a04 Add whitespace handling to PR-comparsion (#4683)
* Add whitespace handling to PR-comparsion

In a PR we have to keep an eye on a lot of different things. But sometimes the
bare code is the key-thing we want to care about and just don't want to care
about fixed indention on some places. Especially if we follow the pathfinder
rule we face a lot of these situations because these changes don't break the
code in many languages but improve the readability a lot.

So this change introduce a fine graned button to adjust the way how the
reviewer want to see whitespace-changes within the code.

The possibilities reflect the possibilities from git itself except of the
`--ignore-blank-lines` flag because that one is also handled by `-b` and is
really rare.

Signed-off-by: Felix Nehrke <felix@nehrke.info>
2018-08-14 13:49:33 -04:00
Julien Tant
7781e8cef2 Disable merging a WIP Pull request (#4529)
* prevent pull request to be merged when PR is a WIP

* add tests

* add helper to prepend WIP: in PR title

* move default wip prefixes into settings

* use configurable WIP prefixes in javascript and default to first one in templates

* add documentation

* add unit test on pull model

Signed-off-by: Julien Tant <julien@craftyx.fr>
2018-08-13 22:04:39 +03:00
techknowlogick
ce7c64c7e1
Use updated docs link on install page (#4668)
Fix #4665
2018-08-11 21:05:52 -04:00
Lanre Adelowo
3422077a89 make sure to set pr split view (#4617)
Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-08-11 20:20:33 -04:00
Lanre Adelowo
69a855f3d4 log user in after a successful sign up (#4615) 2018-08-11 15:33:19 -04:00
Lanre Adelowo
0df7cab4fb prevent empty review comment (#4632)
* prevent empty review comment

This would only require a comment for rejection and comment

* add tests

* add comment
2018-08-07 20:15:41 +03:00
Lanre Adelowo
59b10e66f7 An inactive user shouldn't be able to be added as a collaborator (#4535)
* an inactive user shouldn't be able to be a collaborator

* use translated error message

* add active user check when adding a new collaborator via the api

* fix translation text

* added collaborator test

* improvee testcases
2018-08-07 13:01:06 +03:00
Lanre Adelowo
c7a6ee5c0b Don't fail silently if trying to add a collaborator twice (#4533)
* don't fail silently if trying to add a collaborator twice

* fix translation text

* added collaborator test

* improvee testcases

* Added tests to make sure a collaborator cannot be added twice
2018-08-07 09:59:42 +08:00
Lauris BH
6e64f9db8e Pull request review/approval and comment on code (#3748)
* Initial ui components for pull request review

* Add Review
Add IssueComment types

Signed-off-by: Jonas Franz <info@jonasfranz.software>

(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Replace ReviewComment with Content

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add load functions
Add ReviewID to findComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add create review comment implementation
Add migration for review
Other small changes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Simplified create and find functions for review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved "Pending" to first position

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add GetCurrentReview to simplify fetching current review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Preview for listing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move new comment form to its own file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Implement Review form
Show Review comments on comment stream

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for single comments
Showing buttons in context

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add pending tag to pending review comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for Review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fetch all review ids at once
Add unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improved comment rendering in "Files" view by adding Comments to DiffLine

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for invalidating comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Switched back to code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved review migration from v64 to v65

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Rebuild css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improve translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests by updating fixtures and updating outdated test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Comments will be shown at the right place now

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for deleting CodeComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by files in subdirectories

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for showing code comments of reviews in conversation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for "Show/Hide outdated"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for new webhooks

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Resolve conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor UI improvements

* update code.gitea.io/git

* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Prepare solving conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show add button only if no comments already exist for the line

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing vendor files

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if reviewer is nil

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show forms only to users who are logged in

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Revert "Show forms only to users who are logged in"

This reverts commit c083682

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Save patch in comment
Render patch for code comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add link to comment in code

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add reply form to comment list
Show forms only to signed in users

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems introduced by checking for singed in user

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add v70

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update generated stylesheet

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix preview
Beginn with new review comment patch system

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)

* Add documentation and example for CutDiffAroundLine

* Fix example of CutDiffAroundLine

* Fix some comment UI rendering bugs

* Add code comment edit mode

* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag

* Fix vet errors

* Send notifications also for single comments

* Fix some notification bugs, fix link

* Fix: add comment icon is only shown on code lines

* Add lint comment

* Add unit tests for git diff

* Add more error messages

* Regenerated css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Regenerated CSS with latest less version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by updating comment type to new ID

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix data-tab issues

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove unnecessary change

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* refactored checkForInvalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Append comments instead of setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Use HeadRepo instead of BaseRepo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update migration

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Regenerated CSS

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add copyright

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update index.css

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-08-06 06:43:21 +02:00
Allen Wild
c40f5d2d4c api: repos/search: add parameters to control the sort order (#3964)
The backend SearchRepositoryByName function supports several sort order
options, hook these up to the /repos/search API.

New parameters for /repos/search:
    'sort':  alpha, created, updated, size, or id
    'order': asc or desc

'sort' defaults to alpha.
'order' defaults to ascending, and is ignored if 'sort' is not specified.
The overall default behavior is unchanged (alphabetically ascending).

This partially implements issue #3963

Signed-off-by: Allen Wild <allenwild93@gmail.com>
2018-08-02 16:10:02 +08:00
Dingjun
819f50ccd5 fix panic issue on update avatar email (#4580) (#4581)
fix #4580
2018-08-01 17:38:56 +08:00
Julien Tant
ced08d18a4 fix IsPullReuqestBroken->IsPullRequestBroken (#4578)
Signed-off-by: Julien Tant <julien@craftyx.fr>
2018-08-01 11:00:35 +08:00
Piotr Orzechowski
a74426d631 Swagger.v1.json template (#3572)
* Turn swagger.v1.json into template

* Rename ENABLE_SWAGGER_ENDPOINT option to ENABLE_SWAGGER
2018-07-28 03:19:01 +03:00
techknowlogick
adf3f004b6
Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 08:54:50 -04:00
Lukas Treyer
be4ec0cbba env var GITEA_PUSHER_EMAIL (#4516)
* env var GITEA_PUSHER_EMAIL

* set pusher email only if email address is not private
2018-07-26 19:38:55 +03:00
Lanre Adelowo
630f234223 Add flash message after an account has been successfully activated (#4510)
* added new locale text
2018-07-25 20:54:56 +03:00
Lanre Adelowo
4bf0cae1f5 Respect email privacy option in user search via API (#4512)
* respect user's email privacy option

* make email visible to admin irrespective of privacy option
2018-07-25 15:11:22 +03:00
techknowlogick
492ec97a46
Redirect to correct page after using scratch token (#4458) 2018-07-19 13:58:33 -04:00
kolaente
1bff02de55 Added dependencies for issues (#2196) (#2531) 2018-07-17 17:23:58 -04:00
kolaente
ef6813abc9 Issue due date api (#3890)
* Implemented basic api endpoint to manage deadlines

* Fixed checking for permissions

* Updating a deadline from the ui is now entirely done via the api

* cleanup

* Cosmetics

* fixed lint + fmt

* Added swagger model definition for deadline response

* Updated gitea-sdk

* Updated gitea-sdk

* More cleanup

* Generate swagger json

* Merge branch 'master' of https://github.com/go-gitea/gitea into issue-due-date-api

# Conflicts:
#	public/swagger.v1.json

* Fixed permission to update a deadline via api

* Re-added form to change a deadline

* Added client-side validation + not ignore error messages from the api

* Added locale for error message

* Merge branch 'master' of https://github.com/go-gitea/gitea

# Conflicts:
#	models/issue_comment.go

* Proper date validation

* Fixed indention

* moved css to css file

* added documentation for error codes

* after merge cleanup

* Added swagger description

* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD

* DO NOTHING BUT TRIGGER THAT F*CKIN CI SO IT PICKS UP THE LATEST COMMIT AS IT SHOULD

* regenerated stylesheets
2018-07-16 14:43:00 +02:00
Lauris BH
659bc727bd
Fix query parameter name comment in issue API (#4421) 2018-07-12 16:40:41 +03:00
techknowlogick
ab55ca7ebd
Add ability to delete a token (#4235)
Fix #4234
2018-07-06 21:54:30 -04:00
Nicolas Da Mutten
e07d3ad0fc Fixes repo membership check in API (#4341)
Untested, since I can't compile (yet).
2018-07-05 15:14:56 +08:00
Fluf
f035dcd4f2 Add Recaptcha functionality to Gitea (#4044) 2018-07-05 00:13:05 -04:00
Lauris BH
69e2ab1611 Allow administrator to create repository for any organization (#4368) 2018-07-05 01:51:02 +02:00
Lauris BH
4a8ee0b5cc
Check that repositories can only be migrated to own user or organizations (#4366)
* Repositories can only migrated to own user or organizations

* Add check for organization that user does not belong to

* Allow admin to migrate repositories for other users
2018-07-05 01:45:15 +03:00
tarelda
5676f60cba Keep preseeded database password (#4284) 2018-07-03 20:09:55 -04:00
Clar Charr
c71ee33057 Increase default TOTP secret size to 320 bits (#4287) 2018-07-03 18:10:35 -04:00
Jonas Franz
801843b011 Fix open redirect vulnerability on login screen (#4312)
* Fix open redirect vulnerability on login screen

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Reorder imports

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Replace www. from Domain too

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-06-26 22:45:18 +08:00
David Schneiderbauer
0b3ea42847 hide issues from org private repos w/o team assignment (#4034) 2018-06-21 12:00:13 -04:00
Alexey Terentyev
46d19c4676 Fix topics addition (Another solution) (#4031) (#4258)
* Added topics validation, fixed repo topics duplication (#4031)

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Added tests

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Fixed fmt

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Added comments to exported functions

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Deleted RemoveDuplicateTopics function

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Fixed messages

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Added migration

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* fmt migration file

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* fixed lint

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Added Copyright

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Added query solution for duplicates

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Fixed migration query

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Changed RegExp. Fixed migration

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* fmt migration file

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Fixed test for changed regexp

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Removed validation log messages

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Renamed migration file

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Renamed validate function

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2018-06-21 17:09:46 +08:00
Russell Aunger
9ae7664df7 Fix webhook type conflation. (#4285)
- Fix typo that caused Gogs hooks to be created as Gitea hooks.
- Fix typo that caused Gogs hooks to be duplicated upon edit (though this bug was masked by the previous one).

Signed-off-by: Russell Aunger <rba@live.com>
2018-06-21 07:22:03 +02:00
Jonas Franz
467ff4d343 Fix milestone appliance and permission checks (#4271)
* Fix milestone appliance
Fix missing permission check

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix comment

* Add Gitea copyright line
2018-06-19 23:15:11 +08:00
David Schneiderbauer
69bfd81b1c fix missing data on redirects (#3975) 2018-06-18 14:24:45 -04:00
stevegt
a7aaacb633 fix CreateIssueCommentOption reference (#4239)
* fixes a warning remaining from #4010 and #4220
2018-06-15 15:47:13 +08:00
David Schneiderbauer
adba2ad609 fix not respecting landing page setting (#4209)
* fix not respecting landing page setting

* fmt

* add landing page test
2018-06-15 11:42:46 +08:00
Antoine GIRARD
6efdcaed86 Fix swagger security parts (#4236) 2018-06-12 19:23:00 -04:00
Antoine GIRARD
908e8942cc Fix swagger errors (#4220)
Fix all the resting errors to have a valid swagger file.

They are still some warnings but nothing blocking.

Doing so I found that some request still misses son parameters for some POST/PUT/PATCH request. This means the a client generated from the swagger file will not work completely. 

Fix #4088 by activating validation in drone
Should fix #4010.
2018-06-12 22:59:22 +08:00
nickolas360
2bb73fe12c HTML-escape text READMEs (#4192) 2018-06-10 21:42:16 +03:00
stevegt
a5f63fc4d1 swagger: add 'required: true' for params in URL (#4097)
* Partial fix for #4010

Swagger validation needs 'required: true' for parameters that are in
the URL path.

Signed-off-by: Steve Traugott <stevegt@t7a.org>
2018-06-02 18:20:28 +03:00
stevegt
39f2aa7c12 add simple descriptions for file API responses (#4089)
* Partial fix for #4010

Swagger needs a description field in each swagger:operation response.  Adding
minimal text for now on the way to getting swagger validate to pass.  Many
standard swagger client libraries will not work with gitea until validate
passes, so prioritizing that over better descriptions for now.

Signed-off-by: Steve Traugott <stevegt@t7a.org>
2018-06-01 13:51:49 +08:00
stevegt
7707ad7a0a add simple descriptions for swagger validate (#4087)
* Partial fix for #4010

Swagger needs a comment line above each swagger:response comment -- it
uses these to populate the description: fields.  Adding minimal text
for now on the way to getting swagger validate to pass.  Many standard
swagger client libraries will not work at all with gitea until validate
passes, so prioritizing that over better descriptions for now.

Signed-off-by: Steve Traugott <stevegt@t7a.org>
2018-05-31 19:13:55 +08:00
Alexey Terentyev
f86f56e19c Added deletion of an empty line at the end of the file (#4050) (#4054)
Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2018-05-29 11:08:55 +08:00
Michael Kuhn
fd274ffcd9 Fix wiki redirects (#3919)
When creating or editing a wiki page, the redirect to the wiki page does
not work because the file name is used instead of the page name.
2018-05-28 09:38:20 -04:00
Fluf
2a9799493a Make home.tmpl visible with Signin-View enabled (#4040)
Fix #3846
2018-05-24 15:51:28 -04:00
Magnus Lindvall
cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Alexey Terentyev
b908ac9fab Added repository search ordered by stars or forks. Forks column in admin repo list. (#3969)
* Added repository search order by stars or forks.
Added Forks column to admin repository list.

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>

* Renamed search repo template

Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2018-05-24 09:03:42 +08:00
Lunny Xiao
60d95a0b85
fix bugs caused by #3929 (#3999) 2018-05-23 15:23:23 +08:00
Aleksandr Bulyshchenko
ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
David Schneiderbauer
31067c0a89 remove collaborative repositories from search on user profiles (#3996)
* remove collaborative repositories from search on user profiles

* rename 'My Repositories' to 'Repositories'
2018-05-21 23:07:34 +03:00
Lunny Xiao
6bdc556b7f
Fix some webhooks bugs (#3981)
* fix some webhooks bugs

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* fix test

* fix clearlabels

* fix pullrequest webhook bug fix #3492

* update release webhook description

* remove unused code

* fix push webhook in pull request

* small changes
2018-05-21 10:28:29 +08:00
Jonas Franz
951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer
44754774f1 Re-enable random avatar feature (#3988)
* reenable random avatar feature

* replace Size check by Filename check
2018-05-19 21:22:09 +08:00
David Schneiderbauer
2aabfc1afa Splitted the user settings code into several files to be more maintainable (#3968)
* refactor setting router code

splitted up one huge router settings file into the smaller files
representing the actual page structure

* move code to subfolder

* rename functions

* renamed files

* add copyright information
2018-05-17 12:05:00 +08:00
Lunny Xiao
24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
David Schneiderbauer
099372d76c Refactor User Settings (#3900)
* moved avatar to profile page

* combined password change, email and account deletion into account settings page

* combined totp, access tokens, linked accounts and openid into security settings page

* move access tokens to applications settings page

* small change to restart drone build

* fix change avatar url on profile page

* redirect old settings urls to new ones

* enforce only one autofocus attribute on settings pages

* set correct redirect status code

* fmt fix
2018-05-15 13:07:32 +03:00
FabioFortini
1546458f7d issue-2768: added new option allow_only_external_registration (#3910) 2018-05-13 15:51:16 +08:00
Lunny Xiao
c14870c5ac
fix blank topic (#3948) 2018-05-11 16:15:18 +08:00
kolaente
95f2e2b57b Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
David Schneiderbauer
ea01decb6b fix wrong issue endpoints in swagger doc (#3914) 2018-05-08 14:05:18 +08:00
Lauris BH
501fb228e6
Add option to use paged LDAP search when synchronizing users (#3895) 2018-05-05 17:30:47 +03:00
kolaente
1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
Lauris BH
1e1ece8f3d
Do not allow to reuse TOTP passcode (#3878) 2018-05-02 18:02:02 +03:00
kolaente
1a97030017 Issue due date (#3794)
* Started adding deadline to ui

* Implemented basic issue due date managing

* Improved UI for due date managing

* Added at least write access to the repo in order to modify issue due dates

* Ui improvements

* Added issue comments creation when adding/modifying/removing a due date

* Show due date in issue list

* Added api support for issue due dates

* Fixed lint suggestions

* Added deadline to sdk

* Updated css

* Added support for adding/modifiying deadlines for pull requests via api

* Fixed comments not created when updating or removing a deadline

* update sdk (will do properly once go-gitea/go-sdk#103 is merged)

* enhanced updateIssueDeadline

* Removed unnessecary Issue.DeadlineString

* UI improvements

* Small improvments to comment creation
+ ui & validation improvements

* Check if an issue is overdue is now a seperate function

* Updated go-sdk with govendor as it was merged

* Simplified isOverdue method

* removed unessecary deadline to 0 set

* Update swagger definitions

* Added missing return

* Added an explanary comment

* Improved updateIssueDeadline method so it'll only update `deadline_unix`

* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations

* Added check if a deadline was modified before updating it

* Moved comment creating logic into its own function

* Code cleanup for creating deadline comment

* locale improvement

* When modifying a deadline, the old deadline is saved with the comment

* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks

* style nitpicks

* Moved checking for if the user has write acces to middleware
2018-05-01 22:05:28 +03:00
Lauris BH
181b3a8f09 Fix path cleanup in multiple places (#3871) 2018-05-01 09:46:04 +08:00
Ethan Koenig
7ea4bfc561 API endpoint for testing webhook (#3550)
* API endpoint for testing webhook

* Empty commit to rerun CI
2018-04-29 14:21:33 +08:00
Lauris BH
5a62eb30df
Store OAuth2 session data in database (#3660)
* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error
2018-04-29 09:09:24 +03:00
Jonas Franz
8d5f58d834 Shows total tracked time in issue and milestone list (#3341)
* Show total tracked time in issue and milestone list
Show total tracked time at issue page

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Optimizing TotalTimes by using SumInt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixing wrong total times for milestones caused by a missing JOIN
Adding unit tests for total times

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Logging error instead of ignoring it

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Correcting spelling mistakes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change error message to a short version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add error handling to TotalTimes
Add variable for totalTimes

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Introduce TotalTrackedTimes as variable of issue
Load TotalTrackedTimes by loading attributes of IssueList
Load TotalTrackedTimes by loading attributes of single issue
Add Sec2Time as helper to use it in templates

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixed test + gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Load TotalTrackedTimes via MilestoneList instead of single requests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change comment from SQL query to description

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if timetracker is enabled

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by enabling timetracking

Signed-off-by: Jonas Franz <info@jonasfranz.de>
2018-04-29 13:58:47 +08:00
Morgan Bazalgette
e3028d124f don't reset team/repo count when updating team via API (#3831)
fixes #3600
2018-04-29 13:22:57 +08:00
Lunny Xiao
bec69f702b
Add topic support (#3711)
* add topic models and unit tests

* fix comments

* fix comment

* add the UI to show or add topics for a repo

* show topics on repositories list

* fix test

* don't show manage topics link when no permission

* use green basic as topic label

* fix topic label color

* remove trace content

* remove debug function
2018-04-11 10:51:44 +08:00
Lunny Xiao
45d1fc03cb
fix go vet error (#3740) 2018-03-30 07:21:27 +08:00
Bo-Yi Wu
1c5cbc390b refactor: import order. (#3736) 2018-03-29 21:32:40 +08:00
Lauris BH
ab5cc6f3a9 Correctly check http git access rights for reverse proxy authorized users (#3721) 2018-03-29 09:39:51 +08:00
Allen Wild
15c6bb500b Add repository setting to enable/disable health checks (#3607)
New Feature:
  * Repository struct field for IsFsckEnabled (default true of course)
  * Admin Settings section on repo options page, accessible only by
    admin users

Possible Enhancements:
  * There's no way to force running health checks on all repos
    regardless of their IsFsckEnabled setting. This would be useful if
    there were an admin API or dashboard button to run fsck immediately.

Issue: https://github.com/go-gitea/gitea/issues/1712
Signed-off-by: Allen Wild <allenwild93@gmail.com>
2018-03-27 22:13:20 +08:00
Chri-s
9350ba7947 Add protected branch whitelists for merging (#3689)
* Add database migrations for merge whitelist

* Add merge whitelist settings for protected branches

* Add checks for merge whitelists
2018-03-25 13:01:32 +03:00
Chri-s
e64aa18dc9 Change protected branch settings title to existing locale entry (#3694) 2018-03-21 20:12:49 +02:00
Alex Ward
4ebdcbc5df Fix style of "In your repositories" when selected (#3699)
Signed-off-by: Alex Ward <alxwrd@googlemail.com>
2018-03-20 23:39:14 +02:00
Lunny Xiao
9e5d0a09eb
Global code search support (#3664)
* add global code search on explore

* fix bug when no anyone public repos

* change the icon

* fix typo and add UnitTypeCode check for login non-admin user

* fix ui description when no match
2018-03-16 22:04:33 +08:00
Lauris BH
7b2b900e13 Refactor and simplify redirect to url (#3674) 2018-03-15 22:13:34 +01:00
Chri-s
a2a49c93c7 Added checks for protected branches in pull requests (#3544)
* Added checks for protected branches in pull requests

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Moved check for protected branch into new function CheckUserAllowedToMerge

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Removed merge conflict lines from last commit

Signed-off-by: Christian Wulff <NChris@posteo.net>

* Explicit check for error type in ViewIssue

Signed-off-by: Christian Wulff <NChris@posteo.net>
2018-03-13 11:46:14 +08:00
Lauris BH
c0d41b1b77 Add label descriptions (#3662)
* Add label descriptions

* Add default descriptions to label template
2018-03-13 10:03:55 +08:00
kolaente
1a83581121 Added issue search via api (#3612)
* Started implementing issue api search

* Implemented issue search via api

* Added search to swagger.json

* Removed todo

* fmt

* Added comment to generate swagger json via "generate-swagger"

* Simplified search

* fmt

* Removed unessecary comment

* Removed unessecary declaration of the issues-variable

* Removed unessecary comment

* Removed unessecary comment

* Added explanation keyword

* Simplified check for empty keyword

* corrected check if keyword is empty
2018-03-07 12:00:56 +02:00
Jonas Franz
9a5e628a7e Add Attachment API (#3478)
* Add Attachment API
* repos/:owner/:repo/releases (add attachments)
* repos/:owner/:repo/releases/:id (add attachments)
* repos/:owner/:repo/releases/:id/attachments
* repos/:owner/:repo/releases/:id/attachments/:attachment_id

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Add unit tests for new attachment functions
Fix comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* fix lint

* Update vendor.json

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* remove version of sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests
Add missing license header

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add CreateReleaseAttachment
Add EditReleaseAttachment
Add DeleteReleaseAttachment

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add filename query parameter for choosing another name for an attachment

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix order of imports

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Restricting updatable attachment columns

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update go-sdk
Replace Attachments with Assets

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Update go-sdk

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Updating go-sdk and regenerating swagger

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing file of go-sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change origin of code.gitea.io/sdk to code.gitea.io/sdk
Update code.gitea.io/sdk

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update swagger

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update updateAttachment
2018-03-06 09:22:16 +08:00
Mahmoud Al-Qudsi
171914e9a7 Log attachment blocked events (#3615)
Include both a log entry and the blocked mime type in the gitea log when
an attachment upload is blocked.

Chosen log level is info; this may need to be dialed down to trace.
2018-03-05 08:51:10 +08:00
Allen Wild
8606d9f5bc Add admin dashboard option to run health checks (#3606)
There's one for git gc, why not git fsck too?

Also add a couple more trace logs to GitFsck to see progress
2018-03-02 11:09:43 +02:00
Morgan Bazalgette
535445c32e Rework special link parsing in the post-processing of markup (#3354)
* Get rid of autolink

* autolink in markdown

* Replace email addresses with mailto links

* better handling of links

* Remove autolink.js from footer

* Refactor entire html.go

* fix some bugs

* Make tests green, move what we can to html_internal_test, various other changes to processor logic

* Make markdown tests work again

This is just a description to allow me to force push in order to restart
the drone build.

* Fix failing markdown tests in routers/api/v1/misc

* Add license headers, log errors, future-proof <body>

* fix formatting
2018-02-27 09:09:18 +02:00
bugreport0
521945a2d2 Fix missing translations when updating username. (#3564)
* Fix missing translations when updating username.

* Fix reserved username translated string test.

* Fix 'username reserved' string test a bit more.
2018-02-25 15:56:25 +02:00