Commit graph

932 commits

Author SHA1 Message Date
Moritz Heiber
7e12aac61c Only allow token authentication with 2FA enabled (#2184)
* Don't allow for plain username/password authentication when 2FA is enabled

* Removed debugging statement

* Don't assume a token belongs to a given user, handle two-factor errors properly

* Simplified user/token matching, refactored error handling for two-factor authentication

* Change authentication response to avoid bruteforcing

* Add TODO item as a comment for changing the response for security purposes
2017-07-26 15:33:16 +08:00
Bwko
8f171210b9 Revert "Add ability to fork your own repos (#761)" (#2193) 2017-07-26 15:17:38 +08:00
Lauris BH
783b1967e2 Fix release display and correct paging (#2080) 2017-06-29 23:11:38 +08:00
iszla
3f9016430f Pagination on releases page (#2035)
* Added count to GetReleasesByRepoID so pagination will work

* Separated it out to a new function, can then also leave the API part unaffected

* Remove extra whitespace added in untouched function

* Added comment and corrected name in error handler

* Account for if the user is owner or not in the count

* Also check if repo is draft

* revert back to the correct count in the ReleasesToDisplay loop

* Fixed lint error regarding else with return statement

* Use Cond struct instead of string, corrected name in error handler

* Removed unused return variable names
2017-06-28 22:47:00 +08:00
Shuanglei Tao
d389ed25a5 Fix: http: multiple response.WriteHeader calls (#2038)
We can't change the http status code here, because the response has been written.
2017-06-28 14:08:47 +08:00
Ethan Koenig
2559a34b97 Load label ID in NewLabels (#2045) 2017-06-25 14:15:09 +08:00
Kim "BKC" Carlbäcker
cc6b3f60c6 Fix displaying commits and files of PR created from now deleted fork (#2023)
Fix displaying commits and files of PR created from now deleted fork
2017-06-22 19:40:47 +02:00
Lunny Xiao
228247511a repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032) 2017-06-22 23:30:47 +08:00
Lauris BH
0a5dc640a1 Make branch deletion URL more like GitHub's, fixes #1397 (#1994)
* Make branch deletion URL more like GitHub's, fixes #1397

* Add PR branch deletion integration test

* Do not allow deleting protected branch

* Change http error code to 403 if user has no write rights to repository

* Add check to not panic if forked repository has alrady been deleted
2017-06-21 09:00:03 +08:00
Lauris Bukšis-Haberkorns
63504bf132
Fix displaying commits and files of PR created from now deleted forked repository 2017-06-21 01:25:38 +03:00
Ethan Koenig
4df1a24096 Let not-logged-in users view releases (#1999) 2017-06-18 11:38:24 +08:00
Ethan Koenig
8fc64741d9 Fix deleted milestone bug (#1942)
* Fix deleted milestone bug

* Use locale for ghost milestone name

* Fix pointer bug
2017-06-17 12:51:28 +08:00
Ethan Koenig
8fcda0442e Fix search by issue type (#1914)
* Fix search by issue type
2017-06-15 05:09:03 +02:00
Ethan Koenig
5e92b82ac6 Fix uppercase default branch bug (#1965) 2017-06-14 08:42:36 +08:00
silverwind
f2fcd9dcd8 Support CRLF when splitting code lines for display (#1862)
* Support CRLF when splitting code lines for display

* refactor, fix mixed match

* fmt

* split on both LF and CRLF, use raw literals in regexes

* simplify
2017-06-10 23:20:25 +08:00
Bo-Yi Wu
703d18e50d feat: add check misspelling (#1877) 2017-06-05 02:49:46 -05:00
Ethan Koenig
817a405118 Fix paginater length (#1866) 2017-06-04 11:07:20 +08:00
Ethan Koenig
2ec5dc1661 Fix 404 for external tracking issues (#1852)
* Fix 404 for external tracking issues

* Fix 404 for new/upload file
2017-06-03 00:56:36 -05:00
Ethan Koenig
b900c04316 Display draft releases (#1854)
* Display draft releases

* Include ctx.User in user cache

* Integration test
2017-06-03 11:46:56 +08:00
Rémy Boulanouar
e0c6ab2d44 Add Gitea Webhook (#1755)
* Replace Gogs by Gitea

* Fix missing changes

* Create Gitea webhook and put Gogs webhook apart.
2017-05-29 02:17:15 -05:00
Ethan Koenig
ff2464c87d Fix renaming bug (#1786) 2017-05-24 14:01:02 +08:00
Jonas Östanbäck
7b907ed348 Rename RepoCreationNum -> MaxCreationLimit (#1766) 2017-05-24 08:27:08 +08:00
Jonas Östanbäck
85a7396525 Add error direclty when user tries to create new repo and limit already hit (#1767) 2017-05-20 16:47:48 +08:00
Lunny Xiao
6362462da8
fix admin lost permission caused by #947 2017-05-19 08:59:26 +08:00
Lunny Xiao
fd6034aaf2 Add units to team (#947)
* add units to team

* fix lint

* finish team setting backend

* finished permission controll on routes

* fix import blank line

* add unit check on ssh/http pull and push and fix test failed

* fix fixtures data

* remove unused code
2017-05-18 22:54:24 +08:00
Lauris BH
79494047b0 Show commit status icon in commits table (#1688)
* Show commit status icon in commits table

* Add comments

* Fix icons

* Few more places where commit table is displayed

* Change integration test to use goquery for parsing html

* Add integration tests for commit table and status icons

* Fix status to return lates status correctly on all databases

* Rewrote lates commit status selects
2017-05-07 22:40:31 +08:00
Lunny Xiao
930d1759ae Remove env user salt since no need to use (#1515)
* remove env user salt since no need to use

* remove unused variable from update.go
2017-05-06 21:21:22 +08:00
Lauris BH
2e17dda8bb Remove sha1 hash display in repository table and add latest commit GPG check (#1678) 2017-05-05 15:15:36 +08:00
silverwind
935caa7f95 Download files to their original filename (#1676) 2017-05-05 14:03:54 +08:00
Bo-Yi Wu
75f1afd1fd fix: tag contain character ) will http 500 on release page (#1670) 2017-05-04 23:38:34 +08:00
Lunny Xiao
0d1e001b9c fix multiple readme file rendering and fix #1657 (#1658)
* fix multiple readme file rendering and fix #1657

* remove unnecessary loop
2017-05-02 16:57:54 +08:00
Lauris BH
0144817971 Do not allow commiting to protected branch from online editor (#1502)
* Do not allow commiting to protected branch from online editor

* Add editor integration tests for adding new file and not allowing to add new file to protected branch
2017-05-02 08:49:55 +08:00
Lunny Xiao
e31c02d4bf fix bug on issue view when not login (#1624)
* fix bug on issue view when not login

* hide issue watch when not login

* update the tests

* fix test on issue
2017-04-29 13:52:25 +08:00
Antoine GIRARD
8371f94d06 Rework SSH key management UI to add GPG (#1293)
* Rework SSH key management UI to add GPG

* Add more detail to gpg key display

* Update CHANGELOG.md

* Implement deletion UI

* Implement adding gpg UI

* Various fixes

- Fix duplicate entry in locale
- Re-generate hash before verification since they are consumed

* Add missing translation

* Split template

* Catch not found/verified email error
2017-04-26 21:10:43 +08:00
Lunny Xiao
52627032bc Add markup package to prepare for org markup format (#1493) 2017-04-21 09:01:08 +02:00
Lunny Xiao
f0db3da713 fix go get sub package and add domain on installation to let go get work defaultly (#1518)
* fix go get sub package and add domain on installation to let go get work defaultly

* fix import sequence

* fix .git problem
2017-04-21 10:43:29 +08:00
Lauris BH
bb14c97d40 Fix empty file download (#1506) 2017-04-20 10:38:56 +08:00
Jonas
54f0293f0a Mirror sync interval specified as duration string (#1407)
* Sync interval specifed as duration string

* Changed mirror interval text

* make fmt

* Add MinInterval for mirror sync

* Use duration internally

* Changed min default to 10m

* make fmt

* Incorrect default

* Removed defaults in MustDuration()

* Add Mirror interval migration

* Default values corrected

* Use transaction during migration

* Change http 500 to page with error message

* Cleanup session.commit()
2017-04-08 23:27:26 +08:00
Andrey Nering
18952c40f8 Add copyright headers 2017-03-30 19:11:58 -03:00
Andrey Nering
b674460748 Add watch button on issue 2017-03-29 20:31:47 -03:00
Antoine GIRARD
14fe9010ae GPG commit validation (#1150)
* GPG commit validation

* Add translation

+ some little fix

* Move hash calc after retrieving of potential key + missing translation

* Add some little test
2017-03-22 18:43:54 +08:00
Lunny Xiao
bd8fe49076 fix wiki bugs (#1294) 2017-03-20 21:36:19 +08:00
Bo-Yi Wu
1c3bd436cc feat: Only use issue and wiki on repo. (#1297) 2017-03-18 18:59:07 +08:00
Fabian Zaremba
f1d2f16b54 Add notice that LFS mirroring is not supported (#1251)
* Add notice that LFS mirroring is not supported

* Drop German translation
2017-03-16 19:33:22 +08:00
Ethan Koenig
09fe4a2ae9 Batch updates for issues (#926) 2017-03-15 02:10:35 +01:00
Ethan Koenig
ec0ae5d50c Refactor and fix incorrect comment (#1247) 2017-03-15 08:51:46 +08:00
Lunny Xiao
be5738243c fix repo settings external tracker failed and check external urls (#1215) 2017-03-13 09:41:40 +08:00
Lunny Xiao
af9998b8a7 fix UI display problem when wiki name is non-ascii charset (#1142) 2017-03-08 08:34:22 +08:00
Lunny Xiao
d2165a5890 fix compare button failed when there is no fork repos (#1104) 2017-03-03 16:53:59 +08:00
Lunny Xiao
c2eef171ff fix some typos (#1082) 2017-02-28 12:56:15 +08:00
Lunny Xiao
cd1821a7e2 Move push update to post-receive and protected branch check to pre-receive (#1030)
* move all push update to git hook post-receive and protected branch check to git hook pre-receive

* add SSH_ORIGINAL_COMMAND check back

* remove all unused codes

* fix the import
2017-02-25 22:54:40 +08:00
Willem van Dreumel
01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov
fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Lunny Xiao
7a9a5c8a69 Fix assigned issues dashboard (#920)
* Fix assigned/created issues in dashboard. (#3560)

* Fix assigned/created issues in dashboard.

* Use GetUserIssueStats for getting all Dashboard stats.

* Use gofmt to format the file properly.

* Replace &Issue{} with new(Issue).

* Check if user has access to given repository.

* Remove unnecessary filtering of issues.

* Return 404 error if invalid repository is given.

* Use correct number of issues in paginater.

* fix issues on dashboard
2017-02-14 22:15:18 +08:00
Andrew Boyarshin
dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Andrey Nering
05157808de Fix HighlightJS not working on compare diff page (#914) 2017-02-13 10:11:08 +08:00
Lunny Xiao
cf0f451c37 Add delete branch track on pull request comments (#888)
* add delete branch track on pull request comments

* don't change vendor
2017-02-11 12:00:29 +08:00
Bo-Yi Wu
3576e1ee73 fix: trim the whitespaces for the search keyword (#893) 2017-02-11 12:00:01 +08:00
Lunny Xiao
45a324b437 fix releases count and resolved #764 (#857) 2017-02-07 23:38:24 +08:00
Zsombor
e388db311b Add checkbox to search for all the branches by commit message (#813)
and updating the vendor directory
2017-02-05 22:43:28 +08:00
Ethan Koenig
027591a3a5 Redirects for renamed repos (#807)
* Redirects for renamed repos

* Remove unused phrase from locales
2017-02-05 22:35:03 +08:00
Lunny Xiao
8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
Lunny Xiao
3e0525b47d Track assignee for issue (#808)
* track assignee for issue

* fix lint

* use getUserByID instead Get
2017-02-03 23:09:10 +08:00
Ethan Koenig
68bdaf0a6b Drop redundant columns from issue_user table (#638) 2017-02-03 15:22:39 +08:00
Gabriel Jackson
bf6f61cc69 Cleanup log messaging
This change corrects a few logging issues:

 * Standardized formatting errors with '%v'.
 * Standardized failure warning word usage.
 * Corrected an instance of using the standard log library when
   the gitea log library should be used instead.
2017-02-02 15:24:18 +01:00
Lunny Xiao
081485ecfd add milestone changed traker on issue view (#804) 2017-02-01 10:36:08 +08:00
Lunny Xiao
f94869d2d1 Track labels changed on issue view & resolved #542 (#788)
* track labels changed on issue view & resolved #542

* add missing head comment & sort & fix refresh
2017-01-30 20:46:45 +08:00
Thomas Boerger
78535fb08e Allow custom public files (#782)
* Allow custom public files

* Gofmt code, lots of places not related to this pr
2017-01-28 23:14:56 +01:00
Andrey Nering
27d30f1a61 Notifying on open PR, and Close/Reopen/Merge issue or PR 2017-01-28 13:59:58 -02:00
Bwko
e08421017c Add ability to fork your own repos (#761) 2017-01-26 22:44:37 +08:00
Ethan Koenig
833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Lunny Xiao
f8c2903484 fixed bugs on Wiki and resolved #667 (#674) 2017-01-21 20:50:51 +08:00
Philip Couling
1610b9f547 Spun attachments into seperate go file (#701)
Moved attachments into seperate go file
2017-01-20 07:58:46 +01:00
Philip Couling
64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
Lunny Xiao
7209917fd7 bug fix release 2017-01-09 21:54:03 +01:00
Lunny Xiao
61306fa737 Make releases faster than before and resolved #490 (#588)
* make releases faster than before and resolved #490

* fix comment
2017-01-06 09:51:15 +08:00
Manuel Kuhlmann
dc3ff9f2ab Rename .gogs to .gitea and comply with github template guidelines (#568) (#582)
Signed-off-by: Manuel Kuhlmann <manuel@mkuhlmann.org>
2017-01-05 08:48:23 +08:00
Lunny Xiao
70900bd167 bug fixed for fork repos (#560) 2017-01-03 12:41:10 +08:00
Lunny Xiao
3c7116382f change the default action when deleting a release to not delete tag 2017-01-03 02:27:38 +01:00
Bo-Yi Wu
6510e57758 fix gofmt error
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-12-30 20:41:10 +01:00
Andrey Nering
42904cb98a Notification - Step 1 (#523)
* Notification - Step 1

* Add copyright headers

* Cache issue and repository on notification model
2016-12-31 00:44:54 +08:00
Gogs
37eec6c9b7 push + pull now works with reverse proxy + basic auth on apache 2.4 2016-12-29 22:37:50 +01:00
Lunny Xiao
2d1a1fce93 Cache users on list releases (#527) 2016-12-29 21:21:19 +08:00
Kjell Kvinge
22e1bd31c6 commithgraph / timeline (#428)
* Add model and tests for graph

* Add route and router for graph

* Add assets for graph

* Add template for graph
2016-12-29 07:44:32 +08:00
Bwko
71dee6b7c0 Improve the way how branches are deleted
Delete branch from HeadRepo instead of BaseRepo
Prevent the deletion of a master branch
Show a yes/no overlay when you press the delete branch button
2016-12-26 11:55:28 +01:00
Fabian Zaremba
2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Lunny Xiao
4b7594d9fa Provide button to delete merged pull request (#441)
* provide button to delete merged pull request

* golint fix
2016-12-25 23:27:25 +08:00
Bwko
a345a03d99 Added sorting to the labels & milestones page (#199) 2016-12-24 22:41:09 +08:00
Ethan Koenig
d0932ef147 Bug fixes for Issues filters (#413)
Correctly handle simultaneous assignee/poster filters, and conflicting assignee filters
2016-12-24 18:33:21 +08:00
Lunny Xiao
0e1392501d Check if file is a symlink with web editor (#3687) (#445)
* Check if file is a symlink with web editor (#3687)

* editor checks for symlinks

* translate file_is_a_symlink message

* credit translation author

* fix error constant
2016-12-22 13:27:32 +01:00
Lunny Xiao
47a7529d96 update code.gitea.io/git (#450) 2016-12-22 10:30:52 +01:00
Ethan Koenig
4c89a9c33c Bug fixes and tests for modules/base (#442)
Also address other TODOs
2016-12-22 16:58:04 +08:00
Nico Mandery
6ade13e86e serve video files using the HTML5 video tag (#418)
* serve video files using the HTML5 video tag

* lint fix: add comment to IsVideoFile
2016-12-20 16:09:11 +08:00
Lunny Xiao
15c3d14d55 fixed vulnerabilities on deleting release (#399) 2016-12-16 19:42:39 +08:00
Ethan Koenig
04b9a7e7a2 Bug fixes for repo permissions in API
Also move duplicated code into repo.APIFormat(..)
2016-12-07 12:55:24 +01:00
Thomas Boerger
83ed234472 Integrate templates into bindata optionally (#314)
Integrated optional bindata for the templates
2016-12-06 18:58:31 +01:00
Lunny Xiao
2343feadd4 resolved #310: hide fork to self (#323) 2016-12-01 18:51:50 +08:00
Lunny Xiao
ec87a75c00 golint fixed for modules/auth 2016-11-27 21:39:06 +08:00
Bwko
a4ece1f223 Fixes typos 2016-11-27 12:59:12 +01:00
Andrey Nering
c664ffd1db Merge pull request #270 from andreynering/gitea/http-headers-download
Fix HTTP headers for issue attachment download
2016-11-27 08:48:26 -02:00