Commit graph

14517 commits

Author SHA1 Message Date
wxiaoguang
affdd40296
Make issue title edit buttons focusable and fix incorrect ajax requests (#22807)
Replace #19922 , which is stale since my last review:
https://github.com/go-gitea/gitea/pull/19922#pullrequestreview-1003546506
and https://github.com/go-gitea/gitea/pull/19922#issuecomment-1153181546

Close #19769

Changes:
1. Use `<button>` instead of `<div>` for buttons
2. Prevent default event handler in `initGlobalButtonClickOnEnter`
3. Fix the incorrect call to `pullrequest_targetbranch_change`
4. Add a slight margin-left to the input element to make UI look better

The logic in repo-issue.js is not ideal, but this PR isn't going to
touch the logic.

This is also an example for future developers to understand how to make
buttons work properly.

### Before


![image](https://user-images.githubusercontent.com/2114189/217262515-ec0462f7-7051-46a5-bfa2-2f6c6a807b7d.png)

### After

* Add a slight margin-left.
* The `Cancel` button is focused.


![image](https://user-images.githubusercontent.com/2114189/217264891-934c9c8d-d190-4866-98b5-666cea57e28d.png)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-09 12:11:16 -05:00
Brecht Van Lommel
bdd2c9d2ef
Fix update by rebase being wrongly disabled by protected base branch (#22825)
The branch this is force pushing to is the head branch in the head repo,
so it should be checking if that is protected, not the base.
2023-02-09 12:08:42 -05:00
Brecht Van Lommel
137fcc989b
Fix inconsistent Filter Project name in issue list (#22827)
Use Project instead of Filter Project like the other filter menus.
2023-02-09 11:39:31 -05:00
wxiaoguang
24a9caa2f3
Fix more HTMLURL in templates (#22831)
I haven't tested `runs_list.tmpl` but I think it could be right.

After this PR, besides the `<meta .. HTMLURL>` in html head, the only
explicit HTMLURL usage is in `pull_merge_instruction.tmpl`, which
doesn't affect users too much and it's difficult to fix at the moment.

There are still many usages of `AppUrl` in the templates (eg: the
package help manual), they are similar problems as the HTMLURL in
pull_merge_instruction, and they might be fixed together in the future.

Diff without space:
https://github.com/go-gitea/gitea/pull/22831/files?diff=unified&w=1
2023-02-09 11:31:30 -05:00
John Olheiser
0c190e396d
Fix unmatched div in project filter (#22832)
(Note that the below screenshots aren't the same repo, the former is try
and the latter is local)

Before

![div-before](https://user-images.githubusercontent.com/42128690/217723899-a15da77f-a196-4b23-a157-e7f1e1979610.png)

After

![div-after](https://user-images.githubusercontent.com/42128690/217723878-e54235bc-a7d7-425e-bd0d-47d1814f18ba.png)

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-09 11:15:07 -05:00
wxiaoguang
cef8f50286
Improve AppUrl/ROOT_URL checking (#22836)
After some PRs:
* #21986
* #22795
* #22808
* #22831
* #22839

Users won't be affected by the ROOT_URL problem in most cases. Close
#19345

This PR improves AppUrl/ROOT_URL checking, only check it on the admin
page, and the message is also updated.

Feel free to suggest about more English-native messages.



![image](https://user-images.githubusercontent.com/2114189/217811809-7d44ddb7-2c4a-46d0-a5db-8ae6ee65f8c3.png)
2023-02-09 11:14:45 -05:00
Jason Song
e253888a0e
Fix isAllowed of escapeStreamer (#22814)
The use of `sort.Search` is wrong: The slice should be sorted, and
`return >= 0` doen't mean it exists, see the
[manual](https://pkg.go.dev/sort#Search).

Could be fixed like this if we really need it:

```diff
diff --git a/modules/charset/escape_stream.go b/modules/charset/escape_stream.go
index 823b63513..fcf1ffbc1 100644
--- a/modules/charset/escape_stream.go
+++ b/modules/charset/escape_stream.go
@@ -20,6 +20,9 @@ import (
 var defaultWordRegexp = regexp.MustCompile(`(-?\d*\.\d\w*)|([^\` + "`" + `\~\!\@\#\$\%\^\&\*\(\)\-\=\+\[\{\]\}\\\|\;\:\'\"\,\.\<\>\/\?\s\x00-\x1f]+)`)

 func NewEscapeStreamer(locale translation.Locale, next HTMLStreamer, allowed ...rune) HTMLStreamer {
+       sort.Slice(allowed, func(i, j int) bool {
+               return allowed[i] < allowed[j]
+       })
        return &escapeStreamer{
                escaped:                 &EscapeStatus{},
                PassthroughHTMLStreamer: *NewPassthroughStreamer(next),
@@ -284,14 +287,8 @@ func (e *escapeStreamer) runeTypes(runes ...rune) (types []runeType, confusables
 }

 func (e *escapeStreamer) isAllowed(r rune) bool {
-       if len(e.allowed) == 0 {
-               return false
-       }
-       if len(e.allowed) == 1 {
-               return e.allowed[0] == r
-       }
-
-       return sort.Search(len(e.allowed), func(i int) bool {
+       i := sort.Search(len(e.allowed), func(i int) bool {
                return e.allowed[i] >= r
-       }) >= 0
+       })
+       return i < len(e.allowed) && e.allowed[i] == r
 }
```

But I don't think so, a map is better to do it.
2023-02-09 20:51:36 +08:00
wxiaoguang
29aea3642f
Make clone URL use current page's host (#22808)
Follow #21986

Even if the ROOT_URL is incorrect, the clone URL on the UI should be
correct.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 17:29:13 +08:00
yp05327
7ae10cb7f1
change org_type.go to visible_type.go and fix the notes (#22752)
It seems `VisibleType` is only designed for org at first. But it is also
used by user's visibility now.
So I think `org_type.go` can be changed to `visible_type.go`.
2023-02-09 06:40:34 +00:00
silverwind
90cf07a2c8
Improve notification and stopwatch styles (#22169)
- Add dot-style indicators to notification and time tracker
- Slightly reduce whitespace between right-aligned icons
- Move notification icon to right on mobile
- Switch menu icon to SVG

<img width="270" alt="Screenshot 2022-12-19 at 19 40 32"
src="https://user-images.githubusercontent.com/115237/208496795-ce8734a0-f109-47b7-8eb8-96931e867b23.png">
<img width="607" alt="Screenshot 2022-12-19 at 19 41 04"
src="https://user-images.githubusercontent.com/115237/208496797-2ff68197-f520-4174-927e-ead15addd63e.png">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 13:42:18 +08:00
Brecht Van Lommel
87261f3fb9
Fix blame view missing lines (#22826)
Creating a new buffered reader for every part of the blame can miss
lines, as it will read and buffer bytes that the next buffered reader
will not get.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 11:51:02 +08:00
John Olheiser
4dd7d61ac8
Load issue before accessing index in merge message (#22822)
Fixes #22821

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-09 10:47:52 +08:00
Michal
5ae07d4c2f
include build info in Prometheus metrics (#22819)
Related to: https://github.com/go-gitea/gitea/issues/18061

This PR adds build info to the Prometheus metrics. This includes:
- goarch: https://pkg.go.dev/runtime#GOARCH
- goos: https://pkg.go.dev/runtime#pkg-constants
- goversion: https://pkg.go.dev/runtime#Version
- gitea version: just exposes the existing
code.gitea.io/gitea/modules/setting.AppVer

It's a similar approach to what some other Golang projects are doing,
e.g. Prometheus:
https://github.com/prometheus/common/blob/main/version/info.go

example /metrics response from Prometheus:
```
# HELP prometheus_build_info A metric with a constant '1' value labeled by version, revision, branch, goversion from which prometheus was built, and the goos and goarch for the build.
# TYPE prometheus_build_info gauge
prometheus_build_info{branch="HEAD",goarch="amd64",goos="linux",goversion="go1.19.4",revision="c0d8a56c69014279464c0e15d8bfb0e153af0dab",version="2.41.0"} 1
```

/metrics response from gitea with this PR:
```
# HELP gitea_build_info Build information
# TYPE gitea_build_info gauge
gitea_build_info{goarch="amd64",goos="linux",goversion="go1.20",version="2c6cc0b8c"} 1
```

Signed-off-by: Michal Wasilewski <mwasilewski@gmx.com>

<!--

Please check the following:

1. Make sure you are targeting the `main` branch, pull requests on
release branches are only allowed for bug fixes.
2. Read contributing guidelines:
https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md
3. Describe what your pull request does and which issue you're targeting
(if any)

-->

Signed-off-by: Michal Wasilewski <mwasilewski@gmx.com>
2023-02-08 19:54:01 +02:00
Jason Song
7d3c4c3e8a
Fix rerun button of Actions (#22798)
When clicking the return button, the page should be refreshed. However,
the browser may cancel the previous fetch request, and it fails to rerun
the job. It's easier to reproduce the bug in Safari or Firefox than
Chrome for some reason.

<img width="384" alt="image"
src="https://user-images.githubusercontent.com/9418365/217142792-a783f9a1-7089-44db-b7d8-46c46c72d284.png">


<img width="752" alt="image"
src="https://user-images.githubusercontent.com/9418365/217132406-b8381b63-b323-474e-935b-2596b1b5c046.png">
2023-02-08 15:55:57 +08:00
KN4CK3R
e8186f1c0f
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555

Test-Instructions:
https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000

This PR implements the mapping of user groups provided by OIDC providers
to orgs teams in Gitea. The main part is a refactoring of the existing
LDAP code to make it usable from different providers.

Refactorings:
- Moved the router auth code from module to service because of import
cycles
- Changed some model methods to take a `Context` parameter
- Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The
JSON mapping format is the same as for LDAP.


![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-08 14:44:42 +08:00
wxiaoguang
2c6cc0b8c9
Fix links for the menus in the view file page (#22795) 2023-02-08 00:08:44 +08:00
wxiaoguang
d5fa2e7510
Fix restore repo bug, clarify the problem of ForeignIndex (#22776)
Fix #22581

TLDR: #18446 made a mess with ForeignIndex and triggered a design
flaw/bug of #16356, then a quick patch #21271 helped #18446, then the
the bug was re-triggered by #21721 .

Related:
* #16356
* BasicIssueContext
https://github.com/go-gitea/gitea/pull/16356/files#diff-7938eb670d42a5ead6b08121e16aa4537a4d716c1cf37923c70470020fb9d036R16-R27
* #18446 
* If some issues were dumped without ForeignIndex, then they would be
imported as ForeignIndex=0
https://github.com/go-gitea/gitea/pull/18446/files#diff-1624a3e715d8fc70edf2db1630642b7d6517f8c359cc69d58c3958b34ba4ce5eR38-R39
* #21271
* It patched the above bug (somewhat), made the issues without
ForeignIndex could have the same value as LocalIndex
* #21721 
    * It re-triggered the zero-ForeignIndex bug.


ps: I am not sure whether the changes in `GetForeignIndex` are ideal (at
least, now it has almost the same behavior as BasicIssueContext in
#16356), it's just a quick fix. Feel free to edit on this PR directly or
replace it.

Co-authored-by: zeripath <art27@cantab.net>
2023-02-07 09:18:52 +08:00
Peyton Duncan
3ae78bc0a9
Grammar fix (#22790)
Noticed a minor grammatical error.
2023-02-06 16:05:59 -06:00
Lunny Xiao
769be877f2
Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986)
partially fix #19345

This PR add some `Link` methods for different objects. The `Link`
methods are not different from `HTMLURL`, they are lack of the absolute
URL. And most of UI `HTMLURL` have been replaced to `Link` so that users
can visit them from a different domain or IP.

This PR also introduces a new javascript configuration
`window.config.reqAppUrl` which is different from `appUrl` which is
still an absolute url but the domain has been replaced to the current
requested domain.
2023-02-06 12:09:18 -06:00
John Olheiser
189d5b7045
Add repo adoption to FAQ (#22778)
This should be a simple set of steps to achieve
repo adoption.
2023-02-06 10:20:20 -06:00
KN4CK3R
f8c1e14a13
Use import of OCI structs (#22765)
Fixes #22758

Otherwise we would need to rewrite the structs in `oci.go`.
2023-02-06 10:07:09 +00:00
John Olheiser
361d807274
Update gogs upgrade information (#22777)
It seems that migrating from Gogs `0.12.x` and above may require more
work as time goes on and the projects continue to diverge.

This PR updates the docs to make it more clear.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-06 14:37:18 +08:00
Adi
c13eb8e6b3
Add CLI option tenant ID for oauth2 source (#22769)
Fixes #22713
2023-02-05 22:12:13 -06:00
wxiaoguang
50111c71c3
Refactor legacy strange git operations (#22756)
During the refactoring of the git module, I found there were some
strange operations. This PR tries to fix 2 of them

1. The empty argument `--` in repo_attribute.go, which was introduced by
#16773. It seems unnecessary because nothing else would be added later.
2. The complex git service logic in repo/http.go. 
* Before: the `hasAccess` only allow `service == "upload-pack" ||
service == "receive-pack"`
* After: unrelated code is removed. No need to call ToTrustedCmdArgs
anymore.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 10:23:17 +08:00
KN4CK3R
d987ac6bf1
Add Chef package registry (#22554)
This PR implements a [Chef registry](https://chef.io/) to manage
cookbooks. This package type was a bit complicated because Chef uses RSA
signed requests as authentication with the registry.


![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png)


![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 09:49:21 +08:00
techknowlogick
ff18d17442
use drone secrets for s3 config (#22770) 2023-02-05 16:42:48 -05:00
yp05327
c07199f9ab
remove update language in ProfilePost (#22748)
Fixes https://github.com/go-gitea/gitea/issues/22703

Change language has been moved to `UpdateUserLang`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 00:06:26 +08:00
Jason Song
d74d16a4b1
Set PR for issue when load attributes for PRs (#22766)
A missing patch for #22650.
2023-02-05 08:24:43 -06:00
Jason Song
c18a62279a
Fix time to NotifyPullRequestSynchronized (#22650)
Should call `PushToBaseRepo` before
`notification.NotifyPullRequestSynchronized`.

Or the notifier will get an old commit when reading branch
`pull/xxx/head`.

Found by ~#21937~ #22679.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 19:57:38 +08:00
KN4CK3R
df789d962b
Add Cargo package registry (#21888)
This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/)
to manage Rust packages. This package type was a little bit more
complicated because Cargo needs an additional Git repository to store
its package index.

Screenshots:

![grafik](https://user-images.githubusercontent.com/1666336/203102004-08d812ac-c066-4969-9bda-2fed818554eb.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102141-d9970f14-dca6-4174-b17a-50ba1bd79087.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102244-dc05743b-78b6-4d97-998e-ef76341a978f.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 18:12:31 +08:00
ByLCY
7baeb9c52a
Add new captcha: cloudflare turnstile (#22369)
Added a new captcha(cloudflare turnstile) and its corresponding
document. Cloudflare turnstile official instructions are here:
https://developers.cloudflare.com/turnstile

Signed-off-by: ByLCY <bylcy@bylcy.dev>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-05 15:29:03 +08:00
yp05327
e35f8e15a6
add default user visibility to cli command "admin user create" (#22750)
Fixes https://github.com/go-gitea/gitea/issues/22523
2023-02-04 17:35:04 +00:00
Lunny Xiao
8574a6433f
Show all projects, not just repo projects and open/closed projects (#22640)
This PR fixes two problems. One is when filter repository issues, only
repository level projects are listed. Another is if you list open
issues, only open projects will be displayed in filter options and if
you list closed issues, only closed projects will be displayed in filter
options.

In this PR, both repository level and org/user level projects will be
displayed in filter, and both open and closed projects will be listed as
filter items.

---------

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2023-02-04 22:35:08 +08:00
delvh
4d20a4a1ba
Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
Every user can already disable the filter manually, so the explicit
setting is absolutely useless and only complicates the logic.

Previously, there was also unexpected behavior when multiple query
parameters were present.

---------

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 21:26:38 +08:00
wxiaoguang
ea13b23349
Escape path for the file list (#22741)
Fix #22740
2023-02-04 10:30:55 +00:00
techknowlogick
2741546bed
Repositories: by default disable all units except code and pulls on forks (#22541)
Most of the time forks are used for contributing code only, so not
having
issues, projects, release and packages is a better default for such
cases.
They can still be enabled in the settings.

A new option `DEFAULT_FORK_REPO_UNITS` is added to configure the default
units on forks.

Also add missing `repo.packages` unit to documentation.

code by: @brechtvl

## ⚠️ BREAKING ⚠️ 

When forking a repository, the fork will now have issues, projects,
releases, packages and wiki disabled. These can be enabled in the
repository settings afterwards. To change back to the previous default
behavior, configure `DEFAULT_FORK_REPO_UNITS` to be the same value as
`DEFAULT_REPO_UNITS`.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-02-04 14:48:38 +08:00
silverwind
c2774d9e80
Fix color of tertiary button on dark theme (#22739)
Before:
<img width="266" alt="Screenshot 2023-02-03 at 14 07 34"
src="https://user-images.githubusercontent.com/115237/216611151-92e98305-c4b5-42f3-b2e2-8b1b805fa644.png">

After:
<img width="271" alt="Screenshot 2023-02-03 at 14 07 52"
src="https://user-images.githubusercontent.com/115237/216611156-878a8a75-39a1-415b-9b6d-4f035985444e.png">

This is the only instance of such a button in all templates.

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 11:17:43 +08:00
wxiaoguang
6bc3079c00
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)

## Review without space diff

https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1

## Purpose of this PR

1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command

## The main idea of this PR

* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
    * Before: `AddArguments("-m").AddDynamicArguments(message)`
    * After: `AddOptionValues("-m", message)`
    * -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`

## FAQ

### Why these changes were not done in #21535 ?

#21535 is mainly a search&replace, it did its best to not change too
much logic.

Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.


### The naming of `AddOptionXxx`

According to git's manual, the `--xxx` part is called `option`.

### How can it guarantee that `internal.CmdArg` won't be not misused?

Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.

And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.

### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?

Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.

### Why there was a `CmdArgCheck` and why it's removed?

At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.


### Why many codes for `signArg == ""` is deleted?

Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 10:30:43 +08:00
zeripath
3c5655ce18
Improve trace logging for pulls and processes (#22633)
Our trace logging is far from perfect and is difficult to follow.

This PR:

* Add trace logging for process manager add and remove.
* Fixes an errant read file for git refs in getMergeCommit
* Brings in the pullrequest `String` and `ColorFormat` methods
introduced in #22568
* Adds a lot more logging in to testPR etc.

Ref #22578

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-03 18:11:48 -05:00
Francesco Siddi
01f082287d
Remove 'primary' class from tab counter labels (#22687)
Using the primary color for each label counter makes the use of color
redundant, as well as suggesting this is a call to action. Use the base
grey color instead.



![grey_lables](https://user-images.githubusercontent.com/451841/215778889-0d5dddad-353f-4703-a48f-1540080dee26.jpg)
2023-02-03 17:25:55 -05:00
Yarden Shoham
ce4fd95233
Use native error checking with exec.ErrDot (#22735)
This was meant to land in #22073 but was blocked until #22732 was merged

Signed-off-by: Yarden Shoham <hrsi88@gmail.com>
2023-02-03 17:22:11 +00:00
techknowlogick
cfb1cb1168
update to build with go1.20 (#22732)
as title

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-02-03 11:23:52 -05:00
Lunny Xiao
1410e13dc5
Add missed reverse proxy authentication documentation (#22250)
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-03 18:37:25 +08:00
jladbrook
891391689a
Update button is shown when a Pull Request is marked WIP - Issue #21740 (#22683)
Fix #21740.

Updated the Pull Request template so that the 'Update branch by merge'
button is visible for WIP PR's. Making the behaviour match a non WIP-PR.

Previous WIP page with changes pending on the branch:


![image](https://user-images.githubusercontent.com/1656302/215738307-e68a2f92-5ff8-4f48-a541-35ca81d1f1a4.png)

Updated UI adding the update button:


![image](https://user-images.githubusercontent.com/1656302/215737872-e0e9d712-b7aa-4b90-b7ed-6a92a14fc182.png)

## Notes

* have not removed the **$canAutoMerge** variable from the pull.tmpl on
this
[line](36dc11869d/templates/repo/issue/view_content/pull.tmpl (L131))
- doesn't appear to be used elsewhere but wasn't sure
* In order to avoid duplicating code corresponding UI code was added to
a new tmpl file, ```update_branch_by_merge.tmpl``` and is called in two
places from ```pull.tmpl```.

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-03 14:24:45 +08:00
Jason Song
82728a7cec
Do not overwrite empty DefaultBranch (#22708)
Fix #21994. 
And fix #19470.

While generating new repo from a template, it does something like
"commit to git repo, re-fetch repo model from DB, and update default
branch if it's empty".


19d5b2f922/modules/repository/generate.go (L241-L253)

Unfortunately, when load repo from DB, the default branch will be set to
`setting.Repository.DefaultBranch` if it's empty:


19d5b2f922/models/repo/repo.go (L228-L233)

I believe it's a very old temporary patch but has been kept for many
years, see:
[2d2d85bb](https://github.com/go-gitea/gitea/commit/2d2d85bb#diff-1851799b06733db4df3ec74385c1e8850ee5aedee70b8b55366910d22725eea8)

I know it's a risk to delete it, may lead to potential behavioral
changes, but we cannot keep the outdated `FIXME` forever. On the other
hand, an empty `DefaultBranch` does make sense: an empty repo doesn't
have one conceptually (actually, Gitea will still set it to
`setting.Repository.DefaultBranch` to make it safer).
2023-02-02 14:48:48 -06:00
zeripath
2914c5299b
Improve error report when user passes a private key (#22726)
The error reported when a user passes a private ssh key as their ssh
public key is not very nice.

This PR improves this slightly.

Ref #22693

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2023-02-02 18:25:54 +00:00
wxiaoguang
ccb3851281
Add some comments for recent code (#22725)
When using the main branch, I found that some changed code didn't have
comments.

This PR adds some comments.
2023-02-02 11:39:38 -06:00
Lunny Xiao
368d43643f
Fix actions workflow branches match bug (#22724)
caused by #22680 

`pushPayload.Ref` and `prPayload.PullRequest.Base.Ref` have the format
like `refs/heads/<branch_name>`, so we need to trim the prefix before
comparing.
2023-02-02 20:40:08 +08:00
Pavel Ezhov
98770d3db8
Fix group filter for ldap source sync (#22506)
There are 2 separate flows of creating a user: authentication and source
sync.
When a group filter is defined, source sync ignores group filter, while
authentication respects it.
With this PR I've fixed this behavior, so both flows now apply this
filter when searching users in LDAP in a unified way.

- Unified LDAP group membership lookup for authentication and source
sync flows
- Replaced custom group membership lookup (used for authentication flow)
with an existing listLdapGroupMemberships method (used for source sync
flow)
- Modified listLdapGroupMemberships and getUserAttributeListedInGroup in
a way group lookup could be called separately
- Added user filtering based on a group membership for a source sync
- Added tests to cover this logic

Co-authored-by: Pavel Ezhov <paejov@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 15:45:00 +08:00
yp05327
9ef8bfb69b
set user dashboard org visibility to basic (#22706)
Same to https://github.com/go-gitea/gitea/pull/22674 and
https://github.com/go-gitea/gitea/pull/22605

Sorry to create 3 PR to fix this.
I checked all span with class `org-visibility`, i think this is the last
one :)

And I found that private/limited user has no private/limited tag in
dashboard. but org does.
If it is ok i will add this feature in another pr.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 14:53:14 +08:00