* Fixes #2738 - /git/tags API
* proper URLs
* Adds function comments
* Updates swagger
* Removes newline from tag message
* Removes trailing newline from commit message
* Adds integration test
* Removed debugging
* Adds tests
* Fixes bug where multiple tags of same commit show wrong tag name
* Fix formatting
* Removes unused varaible
* Fix to annotated tag function names and response
* Update modules/git/repo_tag.go
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Uses TagPrefix
* Changes per review, better error handling for getting tag and commit IDs
* Fix to getting commit ID
* Fix to getting commit ID
* Fix to getting commit ID
* Fix to getting commit ID
* Supports tags when comparing commits or branches
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Hide headline when only comparing and don't load unused data
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Merges compare logics to allow comparing branches, commits and tags with eachother
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Display branch or tag instead of commit when used for comparing
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show pull request form after click on button
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Transfers relevant pull.go changes from master to compare.go
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes error when comparing forks against a commit or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Removes console.log from JavaScript file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Show icon next to commit reference when comparing branch or tag
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Updates css file
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Fixes import order
* Renames template variable
* Update routers/repo/compare.go
Co-Authored-By: zeripath <art27@cantab.net>
* Update from master
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Allow short-shas in compare
* Renames prInfo to compareInfo
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Check PR permissions only if compare is pull request
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adjusts comment
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Use compareInfo instead of prInfo
* Only show repository avatar in list when one was selected
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adds fallback configuration option for repository avatar
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Implements repository avatar fallback
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Adds admin task for deleting generated repository avatars
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Solve linting issues
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Save avatar before updating database
* Linting
* Update models/repo.go
Co-Authored-By: zeripath <art27@cantab.net>
* Move hook functionality internally
* Internalise serv logic
* Remove old internal paths
* finally remove the gitlogger
* Disallow push on archived repositories
* fix lint error
* Update modules/private/key.go
* Update routers/private/hook.go
* Update routers/private/hook.go
* Update routers/private/hook.go
* Updated routers/private/serv.go
* Fix LFS Locks over SSH
* rev-list needs to be run by the hook process
* fixup
* Improve git test
* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* slight refactor
* Remove unnecessary "/"
* Restore ensureAnonymousClone
* Restore ensureAnonymousClone
* Run rev-list on server side
* Try passing in the alternative directories instead
* Mark test as skipped
* Improve git test
* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
* Feature - #5960 - API Endpoint for Repo Editing
* Revert from merge
* Adds integration testing
* Updates to integration tests
* Revert changes
* Update year in file header
* Misspell fix
* XORM = test
* XORM = test
* revert XORM = file
* Makes RepoUnit.ID be pk and autoincr
* Fix to units
* revert header
* Remove print statement
* Adds other responses
* Improves swagger for creating repo
* Fixes import order
* Better Unit Type does not exist error
* Adds editable repo properties to the response repo structure
* Fix to api_repo_edit_test.go
* Fixes repo test
* Changes per review
* Fixes typo and standardizes comments in the EditRepoOption struct for swagger
* Fixes typo and standardizes comments in the EditRepoOption struct for swagger
* Actually can unarchive through the API
* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo
* Fix to swagger comments for field name change
* Update to swagger docs
* Update swagger
* Changes allow_pull_requests to has_pull_requests
* Repository avatars
- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less
* Add changed index.css, remove unused template name
* Update en-us doc about configuration options
* Add comments to new functions, add new option to docker app.ini
* Add comment for lint
* Remove variable, not needed
* Fix formatting
* Update swagger api template
* Check if avatar exists
* Fix avatar link/path checks
* Typo
* TEXT column can't have a default value
* Fixes:
- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests
* Fix fmt check
* Generate PNG instead of "static" GIF
* More informative comment
* Fix error message
* Update avatar upload checks:
- add file size check
- add new option
- update config docs
- add new string to en-us locale
* Fixes:
- use FileHEader field for check file size
- add new test - upload big image
* Fix formatting
* Update comments
* Update log message
* Removed wrong style - not needed
* Use Sync2 to migrate
* Update repos list view
- bigger avatar
- fix html blocks alignment
* A little adjust avatar size
* Use small icons for explore/repo list
* Use new cool avatar preparation func by @lafriks
* Missing changes for new function
* Remove unused import, move imports
* Missed new option definition in app.ini
Add file size check in user/profile avatar upload
* Use smaller field length for Avatar
* Use session to update repo DB data, update DeleteAvatar - use session too
* Fix err variable definition
* As suggested @lafriks - return as soon as possible, code readability
Handle case where an orginization is private but a user who is not a
member of the orgninization has been added as a collaborator of a repo
within that org
Fixes #6962
* Add options to git.Clone to make it more capable
* Begin the process of removing the local copy and tidy up
* Remove Wiki LocalCopy Checkouts
* Remove the last LocalRepo helpers
* Remove WithTemporaryFile
* Enable push-hooks for these routes
* Ensure tests cope with hooks
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove Repository.LocalCopyPath()
* Move temporary repo to use the standard temporary path
* Fix the tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove LocalWikiPath
* Fix missing remove
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use AppURL for Oauth user link (#6894)
* Use AppURL for Oauth user link
Fix #6843
* Update oauth.go
* Update oauth.go
* internal/ssh: ignore env command totally (#6825)
* ssh: ignore env command totally
* Remove commented code
Needed fix described in issue #6889
* Escape the commit message on issues update and title in telegram hook (#6901)
* update sdk to latest (#6903)
* improve description of branch protection (fix #6886) (#6906)
The branch protection description text were not quite accurate.
* Fix logging documentation (#6904)
* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG
* Allow DISABLE_ROUTER_LOG to be set in the [log] section
* [skip ci] Updated translations via Crowdin
* Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs
* fix tests
* fix fmt
* fix swagger
* fix vendor
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
* Add GET requests to webhook
* make fmt
* Handle invalid http method on webhook
* Uppercase http method in webhook
* Rename v85.go to v86.go
* make fmt
* Improve issue reference on commit
Allow commits to properly reference issues in other repositories and also to
close/reopen those issues if user has code permission. Should match
Github behavior described here: https://help.github.com/en/articles/closing-issues-using-keywords
Fixes 6664
* Fix missing return
* Match user/repo directly in regex
* fix org visibility bug
* fix permission check
* add integration tests
* fix tests
* change test user name for easier maintainance and fix test
* fix test git repo name
* Add log.ColorFormat and log.ColorFormatted
Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add basic ColorFormat to repository and user
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add basic ColorFormat to access and unit
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ColorFormat to permission and on trace log it
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add log.NewColoredIDValue to make ID value coloring consistent
Signed-off-by: Andrew Thornton <art27@cantab.net>
* formatting changes
* Add some better tracing to permission denied for read issues/pulls
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Trace logging on permission denied
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove isTrace() check from deferred func
* Adjust repo and allow logging of team
* use FormatInt instead of Itoa
* Add blank line
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update access.go
* Use go-git for tree reading and commit info lookup.
Signed-off-by: Filip Navara <navara@emclient.com>
* Use TreeEntry.IsRegular() instead of ObjectType that was removed.
Signed-off-by: Filip Navara <navara@emclient.com>
* Use the treePath to optimize commit info search.
Signed-off-by: Filip Navara <navara@emclient.com>
* Extract the latest commit at treePath along with the other commits.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix listing commit info for a directory that was created in one commit and never modified after.
Signed-off-by: Filip Navara <navara@emclient.com>
* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).
Signed-off-by: Filip Navara <navara@emclient.com>
* Use go-git for reading blobs.
Signed-off-by: Filip Navara <navara@emclient.com>
* Make SHA1 type alias for plumbing.Hash in go-git.
Signed-off-by: Filip Navara <navara@emclient.com>
* Make Signature type alias for object.Signature in go-git.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix GetCommitsInfo for repository with only one commit.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix PGP signature verification.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix issues with walking commit graph across merges.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix typo in condition.
Signed-off-by: Filip Navara <navara@emclient.com>
* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix lising submodules.
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix build
Signed-off-by: Filip Navara <navara@emclient.com>
* Add back commit cache because of name-rev
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix tests
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix code style
* Fix spelling
* Address PR feedback
Signed-off-by: Filip Navara <navara@emclient.com>
* Update vendor module list
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix getting trees by commit id
Signed-off-by: Filip Navara <navara@emclient.com>
* Fix remaining unit test failures
* Fix GetTreeBySHA
* Avoid running `git name-rev` if not necessary
Signed-off-by: Filip Navara <navara@emclient.com>
* Move Branch code to git module
* Clean up GPG signature verification and fix it for tagged commits
* Address PR feedback (import formatting, copyright headers)
* Make blob lookup by SHA working
* Update tests to use public API
* Allow getting content from any type of object through the blob interface
* Change test to actually expect the object content that is in the GIT repository
* Change one more test to actually expect the object content that is in the GIT repository
* Add comments
* Add oauth2 grants ui
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add delete functionality
Add translations
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Refactor DeleteOAuth2Grant
Use results.Close()
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Refactor DeleteOAuth2Grant (again)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Check if user ID is zero
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Check if grant ID is zero
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add API for manipulating Git hooks
Signed-off-by: Segev Finer <segev@codeocean.com>
* Replace code.gitea.io/sdk with PR branch temporarily for CI
* Switch back to code.gitea.io/sdk@master
* Return 403 instead of 404 on no permission to edit hooks in API
* Add tests for Git hooks API
* Update models/repo_list_test.go
Co-Authored-By: segevfiner <segev208@gmail.com>
* Update models/repo_list_test.go
Co-Authored-By: segevfiner <segev208@gmail.com>
* empty line
* Improve issue autolinks
Update autolinks to match what github does here:
Issue in same repo: #1
Issue in different repo: org/repo#1
Fixes #6264
* Use setting.AppURL when parsing URL
Using setting.AppURL here is a more reliable way of parsing the current
URL and what other functions in this file seem to use.
* Make ComposeMetas always return a valid context
* Add per repository markdown renderers for better context
* Update for use of context metas
Now that we include the user and repo name inside context metas, update
various code and tests for this new logic
* Support searching commits with prefix syntax
For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.
For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob
"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.
Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong
* Remove unneeded logging
* Add missing files of test repository
* Add missing repo_unit entries to test fixtures
* Update test cases
* Add tooltip for commits search button
* Update tooltip text
I have no idea about how to format it with line breaks.
* Make the usage example more real
* Add a test case
* Add new options struct for SearchCommits
* Prefer len(s) > 0 over s != ""
* Add NewSearchCommitsOptions
* Make distinction between DisplayName and Username in email templates
Store the actual username in the variable named Username and store the
separate DisplayName in another variable. This allows us to access the
actual username when we need, which currently fails if a user has set a
full name.
Fixes #6161
* Use u.Name directly
No need for extra function, also change use in all mail sending
functions here
* Don't include Username when not used
* Panic don't fatal on create new logger
Fixes #5854
Signed-off-by: Andrew Thornton <art27@cantab.net>
* partial broken
* Update the logging infrastrcture
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Reset the skip levels for Fatal and Error
Signed-off-by: Andrew Thornton <art27@cantab.net>
* broken ncsa
* More log.Error fixes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove nal
* set log-levels to lowercase
* Make console_test test all levels
* switch to lowercased levels
* OK now working
* Fix vetting issues
* Fix lint
* Fix tests
* change default logging to match current gitea
* Improve log testing
Signed-off-by: Andrew Thornton <art27@cantab.net>
* reset error skip levels to 0
* Update documentation and access logger configuration
* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE
* Fix broken level caching
* Refactor the router log
* Add Router logger
* Add colorizing options
* Adjust router colors
* Only create logger if they will be used
* update app.ini.sample
* rename Attribute ColorAttribute
* Change from white to green for function
* Set fatal/error levels
* Restore initial trace logger
* Fix Trace arguments in modules/auth/auth.go
* Properly handle XORMLogger
* Improve admin/config page
* fix fmt
* Add auto-compression of old logs
* Update error log levels
* Remove the unnecessary skip argument from Error, Fatal and Critical
* Add stacktrace support
* Fix tests
* Remove x/sync from vendors?
* Add stderr option to console logger
* Use filepath.ToSlash to protect against Windows in tests
* Remove prefixed underscores from names in colors.go
* Remove not implemented database logger
This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.
* Ensure that log paths are relative to ROOT_PATH
* use path.Join
* rename jsonConfig to logConfig
* Rename "config" to "jsonConfig" to make it clearer
* Requested changes
* Requested changes: XormLogger
* Try to color the windows terminal
If successful default to colorizing the console logs
* fixup
* Colorize initially too
* update vendor
* Colorize logs on default and remove if this is not a colorizing logger
* Fix documentation
* fix test
* Use go-isatty to detect if on windows we are on msys or cygwin
* Fix spelling mistake
* Add missing vendors
* More changes
* Rationalise the ANSI writer protection
* Adjust colors on advice from @0x5c
* Make Flags a comma separated list
* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING
* Ensure matching is done on the non-colored message - to simpify EXPRESSION
* Make Ghost not link to 404 page
* Make correct localization label show
* Create and use GetLastEventLabelFake for when a Ghost user has made the action, thus not linking to a user profile
* Add corresponding _fake entries to locale_en-US
* Make Ghost avatar not link to 404 page
* Make Ghost on milestone_issues not link to 404 page
Partially implement #770.
Add "Default Webhooks" page in site admin UI.
Persist to the existing webhooks table, but store with RepoID=0 and OrgID=0.
Upon repo creation, copy the set of default webhooks into the new repo.
* Use PathUnescape instead of QueryUnescape when working with branch names
Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.
Using PathUnescape should be better since it is defined as:
// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).
Fixes #6333
* Change error to match new function name
* Add new util function PathEscapeSegments
This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.
Putting this in new file url.go and also moving a couple similar
functions into that file as well.
* Use EscapePathSegments where appropriate
Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.
* Reformat comment to make drone build happy
* Remove no longer used url library
* Requested code changes
* Fix ParsePatch to work properly with quoted diff --git string
Currently ParsePatch fails when a diff contains a quoted diff line like:
diff --git "a/file" "b/file"
This patch makes it properly parse the line when that happens.
Fixes #6309
* Add test for regular case while here
* Simplify string modification
In #6211, we started creating repo_redirects for ownership transfers,
however that opens an edge case where a user might perform the
following sequence:
rename org1/repo1 -> org1/repo2 (creates org1/repo1 redirect)
transfer org2/repo1 -> org1/repo1 (org1/repo1 redirect continues to exist)
rename org1/repo1 -> org1/repo3 (fails due to existing org1/repo1 redirect)
This change ensures that each time we rename or transfer a repo,
we delete any existing redirects at the target location. This
already happens when a new repo is created. By doing this we ensure
that we'll never have both a repo and a redirect at the same location.
Signed-off-by: James E. Blair <jeblair@redhat.com>
* Show email if the authenticated user owns the profile page being
requested for.
Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page
* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called
* fix panic in tests
* try to fix tests
* Update year
* Test CI fail
* Revert change
* User 3 is not allowed to authorize
* Set user2 email to be private
* Change to user4 in explore page as user2 now has private email option set
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview
* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles
* Move branch checkout functions out of repo_editor.go as they are no longer used there
* BUGFIX: The default permissions should be 100644
This is a change from the previous code but is more in keeping
with the default behaviour of git.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Standardise cleanUploadFilename to more closely match git
See verify_path in: 7f4e641693/read-cache.c (L951)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Redirect on bad paths
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Refactor to move the uploading functions out to a module
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add LFS support
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update upload.go attribution header
Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.
* Delete upload files after session committed
* Ensure that GIT_AUTHOR_NAME etc. are valid for git
see #5774
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add in test cases per @lafriks comment
* Add space between gitea and github imports
Signed-off-by: Andrew Thornton <art27@cantab.net>
* more examples in TestCleanUploadName
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix formatting
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch off SSH_ORIGINAL_COMMAND
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixes #5957
* add tests to make sure config option is respected
* use already defined struct
* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created
- fix copy/paste error in copyright header year and rearrange import
- use repo config instead of server config value to determine if a commit should close an issue
- update testsuite
* use global config only when creating a new repository
* allow repo admin toggle feature via UI
* fix typo and improve testcase
* fix fixtures
* add DEFAULT prefix to config value
* fix test
* Fix serving of raw wiki files other than .md
Closes #4690.
Closes #4395.
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Simplify code at routers/repo/wiki.go
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add more files to user2/repo1.wiki for testing
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Update macaron to v1.3.2
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add tests for WikiRaw
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Fix NewResponseWriter usage due to macaron update
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add raw to reserved wiki names
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Don't display buttons if there are no notices
* clear stopwatch on merging a PR
* remove redundant gt check
* use ctx.Flash as per @bkcsoft comment
* stop timer on closing issues/PRs too
* updated translation as per review
* redirect to login page after successfully activating account
* remove unrelated changes
* stop timer for issues that are closed via commits too..Not just the 'close' UI button
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix #1357
Previous code could potentially dereference nil - this PR ensures
that the poster is loaded before dereferencing it.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Add a new config option to enable / disable the automatic watching of
repos for new repositories and if a user is added to a team.
Fixes #653
Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
* Ensure valid git author names passed in signatures
Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.
* Account for pathologically named external users
LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"
* Add Tests and adjust test users
Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Optimize pulls merging
By utilizing `git clone -s --no-checkout` rather than cloning the whole
repo.
* Use sparse-checkout to speedup pulls merge
* Use bytes.Buffer instead of strings.Builder for backward compatibility
* Fix empty diff-tree output for repos with only the initial commit
* Fix missing argument for the format string
* Rework diff-tree-list generation
* Remove logging code
* File list for sparse-checkout must be prefix with /
Otherwise, they would match all files with the same name under
subdirectories.
* Update onto the rebased head
* Use referecen repo to avoid fetching objects
* Pooled and buffered gzip implementation
* Add test for gzip
* Add integration test
* Ensure lfs check within transaction
The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.
* Try to avoid primary key problem in postgres
The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
Unfortunately the last fix didn't completely fix the migration to v79 of the db
due to bug with schema locking during Sync2. This should fix this issue.
Fix #5759
Signed-off-by: Andrew Thornton <art27@cantab.net>
* api: Add an endpoint to list a particular member of team.
* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.
`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.
* models: Add `GetUserTeams()`.
Returns all the teams that a user belongs to.
* api: Add an endpoint for GET '/user/teams'.
A GET request to this endpoint lists all the teams that a user
belongs to.
* Fixed deadlock in CreateComment
* Fix possible deadlock in UpdateIssueDeadline from createDeadlineComment
* Ensure that calls to IsTimeTracker enabled are called within session
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure that calls to reactionList are also called within session
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure all calls in NewPullRequest with the session are called within the session
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Deal with potential deadlocks in repo
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ensure that isStaring is checked within our transaction
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix mistake in isOrganizationMember
Sorry.
* add migration and basic UI for changing a user's theme
* update user themem
* use right text on button
* load theme based on users' selection
* load theme based on users' selection in pwa too
* update sample config
* delete older theme loading
* implement AfterLoad to set users' theme properly
* set up default theme when creating a user. This uses the installation wide theme
* use flash messages for error
* set default theme when creating a user from the cli
* fix @lunny review
* Fix sqlite deadlock when assigning to a PR
Fix 5639
Signed-off-by: Andrew Thornton <art27@cantab.net>
* More possible deadlocks found and fixed
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Added test environment for m$sql
* Added template for test environment for m$sql
* Fix password
* Fix password (again)
* Fix password (again again)
* Fix db
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Create master database for mssql integration tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Create database only if master do not exist
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix mssql integration tests by using custom database "gitea"
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved defer
* bump xorm
* updated xorm
* Fixed build
* Add branch protection for approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add required approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add missing comments and fmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add type = approval and group by reviewer_id to review
* Prevent users from adding negative review limits
* Add migration for approval whitelists
Signed-off-by: Jonas Franz <info@jonasfranz.software>
MSSQL is using the wrong type here which results in a strconv.ParseInt: parsing "2018-12-07T00:00:00Z": invalid syntax error.
The added datediff(SECOND, '19700101', x) results in the unix timestamp to be returned.
Signed-off-by: Christopher Dziomba <christopher.dziomba@gmail.com>
right now the `closed_at` field for json responses is not filled during
the `APIIssue` creation for api responses.
For a closed issue you get a result like:
```json
"state":"open","comments":0,"created_at":"2018-11-29T16:39:24+01:00",
"updated_at":"2018-11-30T10:49:19+01:00","closed_at":null,
"due_date":null,"pull_request":null}
```
which has no information about the closing date. (which exists in the
db and ui)
with this PR the result changes to this:
```json
:null,"assignee":null,"assignees":null,
"state":"closed",
"comments":0,"created_at":"2018-11-29T16:43:05+01:00",
"updated_at":"2018-12-02T19:17:05+01:00",
"closed_at":"2018-12-02T19:17:05+01:00",
"due_date":null,"pull_request":null}
```
fixes: https://github.com/go-gitea/gitea/issues/5446
Signed-off-by: Roman <romaaan.git@gmail.com>
* add milestone issues and pulls page instead of redirecting issues page
* add milestone when creating issue from milestone page
* refactor to merge similiar codes as a new function issues
* remove milestone info on milestone issues list
* fix missing params
* show only opened milestones on issues page milestone filter
* update Godoc
* update Godoc everywhere
* update swagger
* use false instead of 0
* Add seccond ordering by ID for milestones where no deadline is set
* Remove field from migration to support upgrades from older version
That will ensure the field does not get queried in the Select if it does
not exist yet:
```
[I] [SQL] SELECT "id", "repo_id", "index", "poster_id", "name", "content", "milestone_id", "priority", "assignee_id", "is_closed", "is_pull", "num_comments", "ref", "deadline_unix", "created_unix", "updated_unix
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: column "ref" does not exist
```
see #5318
* Skip remove stale watcher migration if not required
Otherwise the migration will fail if executed from a older database
version without multiple IssueWatch feature.
```
2018/11/11 23:51:14 [I] [SQL] SELECT DISTINCT "issue_watch"."user_id", "issue"."repo_id" FROM "issue_watch" INNER JOIN issue ON issue_watch.issue_id = issue.id WHERE (issue_watch.is_watching = $1) LIMIT 50 []int
[...itea/routers/init.go:60 GlobalInit()] [E] Failed to initialize ORM engine: migrate: do migrate: pq: relation "issue_watch" does not exist
```
see #5318
* Add private information to the deploy keys api
This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add private information to the user keys API
This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ability to search keys by fingerprint
This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add integration test