This PR makes it possible for the markdown renderer to render images and media straight from the LFS.
Fix #5746
Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview
* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles
* Move branch checkout functions out of repo_editor.go as they are no longer used there
* BUGFIX: The default permissions should be 100644
This is a change from the previous code but is more in keeping
with the default behaviour of git.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Standardise cleanUploadFilename to more closely match git
See verify_path in: 7f4e641693/read-cache.c (L951)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Redirect on bad paths
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Refactor to move the uploading functions out to a module
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add LFS support
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update upload.go attribution header
Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.
* Delete upload files after session committed
* Ensure that GIT_AUTHOR_NAME etc. are valid for git
see #5774
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add in test cases per @lafriks comment
* Add space between gitea and github imports
Signed-off-by: Andrew Thornton <art27@cantab.net>
* more examples in TestCleanUploadName
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix formatting
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch off SSH_ORIGINAL_COMMAND
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixes #5957
* add tests to make sure config option is respected
* use already defined struct
* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created
- fix copy/paste error in copyright header year and rearrange import
- use repo config instead of server config value to determine if a commit should close an issue
- update testsuite
* use global config only when creating a new repository
* allow repo admin toggle feature via UI
* fix typo and improve testcase
* fix fixtures
* add DEFAULT prefix to config value
* fix test
* Feature - Pagination for git tree API
* Handles case when page is negative
* Does a for loop over the start and end rather than all entries
* Removed redundent logic
* Adds per_page as a query parameter
* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt
* Fix typo in cheat-sheet en
* Makes page start at 1, generated swagger
* Use updates to SDK
* Updates to use latest sdk
* Updates swagger for tree api
* Adds test for GetTreeBySHA
* Updates per PR reviews
* Updates per PR reviews
* Remove file
* Formatting
* Fix to swagger file
* Fix to swagger
* Update v1_json.tmpl
* Fix to swagger file
* Fix serving of raw wiki files other than .md
Closes #4690.
Closes #4395.
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Simplify code at routers/repo/wiki.go
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add more files to user2/repo1.wiki for testing
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Update macaron to v1.3.2
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add tests for WikiRaw
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Fix NewResponseWriter usage due to macaron update
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Add raw to reserved wiki names
Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
* Don't display buttons if there are no notices
* clear stopwatch on merging a PR
* remove redundant gt check
* use ctx.Flash as per @bkcsoft comment
* stop timer on closing issues/PRs too
* updated translation as per review
* redirect to login page after successfully activating account
* remove unrelated changes
* stop timer for issues that are closed via commits too..Not just the 'close' UI button
* Revert #5877
This unfortunately was not the solution.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Change permission check to create pull requests to CanReadIssuesOrPulls
Signed-off-by: Andrew Thornton <art27@cantab.net>
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix #1357
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived
* Refuse creating an issue/PR via API calls too
* Pooled and buffered gzip implementation
* Add test for gzip
* Add integration test
* Ensure lfs check within transaction
The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.
* Try to avoid primary key problem in postgres
The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
* add util method and tests
* make sure the title of an issue cannot be empty
* wiki title cannot be empty
* pull request title cannot be empty
* update to make use of the new util methof
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
* api: Add an endpoint to list a particular member of team.
* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.
`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.
* models: Add `GetUserTeams()`.
Returns all the teams that a user belongs to.
* api: Add an endpoint for GET '/user/teams'.
A GET request to this endpoint lists all the teams that a user
belongs to.
* add default PR title
Set default PR title to commit summary if there's a single commit on the head branch, else set it to the head branch name
* set default PR description
If there's a single commit on the head branch, and it's multiline, then set it as the default PR description
* Do not display the raw OpenID error in the UI
If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.
Fix #4973
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update auth_openid.go
Place error log within the `err != nil` branch.