* Cleaning up public/ and documenting js/css libs.
This commit mostly addresses #1484 by moving vendor'ed plugins into a
vendor/ directory and documenting their upstream source and license in
vendor/librejs.html.
This also proves gitea is using only open source js/css libraries which
helps toward reaching #1524.
* Removing unused css file.
The version of this file in use is located at:
vendor/plugins/highlight/github.css
* Cleaned up librejs.html and added javascript header
A SafeJS function was added to templates/helper.go to allow keeping
comments inside of javascript.
A javascript comment was added in the header of templates/base/head.tmpl
to mark all non-inline source as free.
The librejs.html file was updated to meet the current librejs spec. I
have now verified that the librejs plugin detects most of the scripts
included in gitea and suspect the non-free detections are the result of
a bug in the plugin. I believe this commit is enough to meet the C0.0
requirement of #1534.
* Updating SafeJS function per lint suggestion
* Added VERSIONS file, per request
* Remove unit types commits and settings
* Can not limit units in administrator teams
* Limit changing units only to teams with read and write access mode
* Small code optimization
* Add configuration flag SSH_EXPOSE_ANONYMOUS
If this flag (default True) is set to false, the SSH clone URL will only be exposed if the current user is signed in.
* Default SSH exposure set to false
To match GitHub and for security reasons, SSH URL exposure is disabled by default.
In addition to that. minor code changes have been applied.
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
* Add integration tests
* Hide clone button neither HTTP and SSH is enabled
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
* Make compare button URL aware if current repo is a fork (#2162)
* Optimize code
* To not change current behaviour check if signed in user has fork of base repository
* Fix to check only if signed user has forked repo otherwise it will still redirect to wrong page
* Display all organization from user settings
* fix Tab selection
* Update locale_en-US.ini
* Add a condition for display Create organization button
* Remove french translation
* Remove unnecessary admin flag
Firefox users will experience a flash of unstyled content on loading
various pages, this patch will fix this issue using Filament Groups
loadCSS library to asynchronously load the CSS responsible for the FOUC.
Will fix #1698.
Signed-off-by: Sondre Nilsen <nilsen.sondre@gmail.com>
* add units to team
* fix lint
* finish team setting backend
* finished permission controll on routes
* fix import blank line
* add unit check on ssh/http pull and push and fix test failed
* fix fixtures data
* remove unused code
* Forgot password should use ResetPwdCodeLives, not ActiveCodeLives
* Improve documentation for different send mail functions related to password reset
* Improve documentation in conf/app.ini regarding xxx_CODE_LIVE_MINUTES settings
* Show commit status icon in commits table
* Add comments
* Fix icons
* Few more places where commit table is displayed
* Change integration test to use goquery for parsing html
* Add integration tests for commit table and status icons
* Fix status to return lates status correctly on all databases
* Rewrote lates commit status selects
- Generate swagger.json into public/
- Add swagger-ui auto-installation
- Add footer link to local swagger-ui
- Add /swagger url for using app url.
- Fix Swagger-UI version via git tag
* Do not allow commiting to protected branch from online editor
* Add editor integration tests for adding new file and not allowing to add new file to protected branch
* add google+
* sort signin oauth2 providers based on the name so order is always the same
* update auth tip for google+
* add gitlab provider
* add bitbucket provider (and some go fmt)
* add twitter provider
* add facebook provider
* add dropbox provider
* add openid connect provider incl. new format of tips section in "Add New Source"
* lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow)
* imports according to goimport and code style
* make it possible to set custom urls to gitlab and github provider (only these could have a different host)
* split up oauth2 into multiple files
* small typo in comment
* fix indention
* fix indentation
* fix new line before external import
* fix layout of signin part
* update "broken" dependency
* Implementation of the feature to view repository size in admin panel
* Move GetRepoSize to git module
* Repository.RepoSize -> Repository.Size
* RepoSize -> Size in template
* Redo a few bits and pieces
* Update size when syncing mirror or forking
* Remove GetRepoSize
* Changed fatal errors to error message
* Copy migration code from Gogs
* make fmt
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION
Omit the configuration variable (the default) to be dependent.
Fixes #1363
* Move OpenID settings under Service object
* Show OpenID SignUp and SignIn status in admin panel / configuration
* GPG commit validation
* Add translation
+ some little fix
* Move hash calc after retrieving of potential key + missing translation
* Add some little test
* Take navbar out of column
* Add styles to navbar
* Changed navbar classes
* Remove unneeded !important from index.css
* Remove unneeded !important from _explore.less
Also renames `forgot_password` translation key to
`forgot_password_title` and `forget_password` to
`forgot_password`
Includes entry in CHANGELOG about the breaking change
(and some markdown fixes in there)
It's helpful when you forgot your password thus cannot change it
(can happen if you log in via OAuth2 or OpenID)
Also make sure that both the delete-account and password-change
links to forgot-password will have the primary email pre-filled
* Fix for #828
Add build tags to ldflags and print in version output
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Reworked formatBuiltWith function
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Add tags to version information in admin panel
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Added new variable for use on admin page.
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Fixed incorrect indentation
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)
* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)
* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
* Protected branches system
* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
- Admin does not restrict
- Owner not to limit
- To write permission restrictions
* reformat tmpl
* finished the UI and add/delete protected branch response
* remove unused comment
* indent all the template files and remove ru translations since we use crowdin
* fix the push bug
* Fix assigned/created issues in dashboard. (#3560)
* Fix assigned/created issues in dashboard.
* Use GetUserIssueStats for getting all Dashboard stats.
* Use gofmt to format the file properly.
* Replace &Issue{} with new(Issue).
* Check if user has access to given repository.
* Remove unnecessary filtering of issues.
* Return 404 error if invalid repository is given.
* Use correct number of issues in paginater.
* fix issues on dashboard
* feat: support search bar on star tab of user profile.
* fix: update testing.
* fix: Using loadAttributes
* fix: remove empty line.
* remove LOWER
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* Markdown rendering overhaul
Cleaned up and squashed commits into single one.
Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
* Fix markdown API, add markdown module and API tests, improve code coverage
Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
* Moved attachaments POST url from /issues/attachments to /attachments
* Implemented attachment upload on release page
* Implemented downloading attachments on the release page
* Added zip and gzip files to default allowed attachments
* Implemented uploading attachments on edit release
* Renamed UploadIssueAttachment to UploadAttachment
* Use relative URLs
* Notifications - Mark as read/unread
* Feature of pinning a notification
* On view issue, do not mark as read a pinned notification
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.
Add NO_REPLY_ADDRESS to conf/app.ini.
* UI config to toggle whether user email shows up in Explore Users
* Recommendation made by @tboerger
66a1c59fe7 (r94122732)
* fixed typo, rename ShowUserEmailInExplore to ShowUserEmail
* Fixed typo merged conflict
* Hide email in the user profile page
if you are active ShowUserEmail
ref https://github.com/go-gitea/gitea/pull/336#issuecomment-269843725
* Please replace MustBool() with MustBool(true)
* restrict creating organizations based on right on user
* revert bindata.go
* reverse vendor lib
* revert goimports change
* set AllowCreateOrganization default value to true
* revert locale
* added default value for AllowCreateOrganization
* fix typo in migration-comment
* fix comment
* add coments in migration
* Tab on user profile to show starred repos
* Make golint happy and use transactions on StarRepo function
* x -> sess
* Use sess.Close() instead of sess.Rollback()
* Add copyright
* Fix lint
* Import github.com/git-lfs/lfs-test-server as lfs module base
Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198
Removed:
Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md
* Remove config, add JWT support from github.com/mgit-at/lfs-test-server
Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83
* Add LFS settings
* Add LFS meta object model
* Add LFS routes and initialization
* Import github.com/dgrijalva/jwt-go into vendor/
* Adapt LFS module: handlers, routing, meta store
* Move LFS routes to /user/repo/info/lfs/*
* Add request header checks to LFS BatchHandler / PostHandler
* Implement LFS basic authentication
* Rework JWT secret generation / load
* Implement LFS SSH token authentication with JWT
Specification: https://github.com/github/git-lfs/tree/master/docs/api
* Integrate LFS settings into install process
* Remove LFS objects when repository is deleted
Only removes objects from content store when deleted repo is the only
referencing repository
* Make LFS module stateless
Fixes bug where LFS would not work after installation without
restarting Gitea
* Change 500 'Internal Server Error' to 400 'Bad Request'
* Change sql query to xorm call
* Remove unneeded type from LFS module
* Change internal imports to code.gitea.io/gitea/
* Add Gitea authors copyright
* Change basic auth realm to "gitea-lfs"
* Add unique indexes to LFS model
* Use xorm count function in LFS check on repository delete
* Return io.ReadCloser from content store and close after usage
* Add LFS info to runWeb()
* Export LFS content store base path
* LFS file download from UI
* Work around git-lfs client issue with unauthenticated requests
Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088
* Fix unauthenticated UI downloads from public repositories
* Authentication check order, Finish LFS file view logic
* Ignore LFS hooks if installed for current OS user
Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.
* Hide LFS metafile diff from commit view, marking as binary
* Show LFS notice if file in commit view is tracked
* Add notbefore/nbf JWT claim
* Correct lint suggestions - comments for structs and functions
- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion
* Move secret generation code out of conditional
Ensures no LFS code may run with an empty secret
* Do not hand out JWT tokens if LFS server support is disabled
* Can use a predefined set of labels
* Change UI
* Fix HTML file indentation
* Avoid reading file from other directory (security issue)
* Apply a better fix
* Remove not used variable
* Merge upstream/develop
* Do modifications
* Raname
* remove binding + rename variable
* Implement wiki mirroring, add Update mirrors operation to admin dashboard
* bindata.go update after merge
* Implement checking Git repo endpoint existence, support for BB included
* Remove admin dashboard operation
Fix bindata.go
* Apply gofmt to repo model file
* Try to remove bindata from PR
* Revert accepted wiki names change in favor of better system
* Remove unused imports
This is an attempt to fix #3089 following the strategy introduced
in d625e41c6c, although that strategy
by itself does not seem to be sufficient.
What needs be done is honouring the redirect_url query parameter
from the auth router.
* Do not show the "Sign up for free" button in issue tracker
The "Sign in to comment" link is good enough and will correctly
show or not show the "Sign Up" button link for those not having
an account already.
Fixes #3407 (link to nowhere when registration is disabled)
* Move html from translation to template
* Remove extra space in `{{ .SignInLink }}`.
* Add support for federated avatars
Fixes #3105
Removes avatar fetching duplication code
Adds an "Enable Federated Avatar" checkbox in user settings
(defaults to unchecked)
Moves avatar settings all in the same form, making
local and remote avatars mutually exclusive
Renames UploadAvatarForm to AvatarForm
as it's not anymore only for uploading
* Run gofmt on all modified files
* Move Avatar form in its own page
* Add go-libravatar dependency to vendor/ dir
Hopefully helps with accepting the contribution.
See also #3214
* Revert "Add go-libravatar dependency to vendor/ dir"
This reverts commit a8cb93ae640bbb90f7d25012fc257bda9fae9b82.
* Make federated avatar setting a global configuration
Removes the per-user setting
* Move avatar handling back to base tool, disable federated avatar in offline mode
* Format, handle error
* Properly set fallback host
* Use unsupported github.com mirror for importing go-libravatar
* Remove comment showing life exists outside of github.com
... pity, but contribution would not be accepted otherwise
* Use Combo for Get and Post methods over /avatar
* FEDERATED_AVATAR -> ENABLE_FEDERATED_AVATAR
* Fix persistance of federated avatar lookup checkbox at install time
* Federated Avatars -> Enable Federated Avatars
* Use len(string) == 0 instead of string == ""
* Move import line where it belong
See
https://github.com/Unknwon/go-code-convention/blob/master/en-US/import_packages.md
Pity the import url is still the unofficial one, but oh well...
* Save a line (and waste much more expensive time)
* Remove redundant parens
* Remove an empty line
* Remove empty lines
* Reorder lines to make diff smaller
* Remove another newline
Unknwon review got me start a fight against newlines
* Move DISABLE_GRAVATAR and ENABLE_FEDERATED_AVATAR after OFFLINE_MODE
On re-reading the diff I figured what Unknwon meant here:
https://github.com/gogits/gogs/pull/3320/files#r73741106
* Remove newlines that weren't there before my intervention
If anonymous (not signed in user) requests page
"/:owner/:repo/pulls" he gets an error:
template: repo/issue/list:11:105: executing "repo/issue/list" at <.PullRequestCtx.Base...>: nil pointer evaluating *models.Repository.Link
This commit fixes that.
Signed-off-by: Dmitry Yu Okunev <dyokunev@ut.mephi.ru>
Executed go fmt
getEngine() not handles DB parameters (#2972) (#2974)
Uses .AllCols() for Update in updateMirror()
Spanish traslation removed
Fixed a wrong way to ommit the --prune option in process.ExecDir() for MirrorUpdate function
Re: issues gogits/gogs#2863 and gogits/gogs#3231
As a result of modifications to the contents of the conf folder, `make bindata`
was run, causing an update to bindata.go.
Meta
-----
This commit will be rebased onto the 'develop' branch.
Always send user to settings screen to change avatar.
Drops "change_custom_avatar" localized message, keeps "change_avatar"
for the generic one.
NOTE: only changes the en-US locale, as per
https://github.com/gogits/gogs/wiki/Contributing-Code#those-we-do-not-accept
NOTE: requires rebuild of bindata.go to fully see effects
* Add and start jQuery AreYouSure
* Update SimpleMDE to 1.10.1 for `forceSync` support
* Forgot to remove old version SimpleMDE 1.10.0
* formatting -.-
When use builtin SSH server with concurrent operations, there are probabilities
One connection could use the command from another connections.
Fix this by set SSH_ORIGINAL_COMMAND for each command, not set in global scope.
Set the description meta tag correctly when there is no repo
description. Also use the ability to trim trailing whitespaces,
to make the template cleaner.