Commit graph

2621 commits

Author SHA1 Message Date
赵智超
fec1521555
Not using "ctx.ServerError" in api (#12907)
This function will render a whole html page which is not useful for API.

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-09-20 21:20:14 +01:00
zeripath
4979f15c3f
Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
6543
1418288734
Refactor: move Commit To APIFormat Code & Lot of StopWatch related things (#12729)
* move GitCommit to APIFormat convertion into convert package

* rename Commit convert functions

* move stopwatch to api convertion into convert package & rm unused code & extend test

* fix compare time

* Gitea not Gogs ;)
2020-09-18 20:09:26 +08:00
zeripath
9c439a7c99
Support slashes in release tags (#12864)
Fix #12861

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-17 19:24:23 +01:00
赵智超
ec5677b7a2
Simplify CheckUnitUser logic (#12854)
if check one user's unit in different repos, it's not necessary to
get user data every time.

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-15 19:49:34 -04:00
6543
07995e2301
Fix [API] [Bug] CreateRepo missing information (#12848)
* Fix [API] [Bug] CreateRepo missing information

* add code comment

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-15 18:42:19 -04:00
zeripath
d5e6211987
Fix notifications page links (#12838)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-15 07:06:08 +01:00
6543
00a806de68
[API] Milestone endpoints accept names too (#12649)
* API: Milestone endpoints accept names too

* add test

* rename

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-09-14 14:48:03 +03:00
John Olheiser
26c4a049da
Issue templates directory (#11450)
* Issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add some comments, appease the linter

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add docs and re-use dir candidates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add default labels to issue templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Suggested changes

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update issue.go

* Suggestions

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Extract metadata from legacy if possible

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:48:39 -04:00
Lunny Xiao
dd1a651b58
Move all push update operations to a queue (#10133)
* Fix test

* Add no queue for test only

* improve code

* Auto watch whatever branch operation

* Fix lint

* Rename noqueue to immediate

* Remove old PushUpdate function

* Fix tests

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-11 10:14:48 -04:00
zeripath
a064153235
Set opengraph attributes on org pages (#12803)
Fix #12778

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-11 07:41:43 +01:00
6543
fd60ebfe14
[API] Migration: Change ServiceType String (#12672)
* use different structs for MigrateRepoOptions on UI and API

* Fix TokenAuth and rename UID to an understandable Name

* fix swagger doc

* simplify & mk redable

* R E F A C T O R:
migration has now internal 3 structs to store its options:
 * the Options for WebUI: modules/auth/repo_form.go
 * the Options for API: modules/structs/repo.go
 * the option struct with after validation for internal prossessing: modules/migrations/base/options.go

* Copyright Header

* Deprecate UID - add RepoOwner

* adopt repo.go -> migrate.go

* add comment about each struct purpose

* lint
2020-09-10 23:29:19 +01:00
赵智超
4f8dad37f8
ui: change commentTag style (#11668)
* ui: change commentTag style

* Add comment tag in first comment (issue content)
* Show CommentTagPoster in other way

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update routers/repo/issue.go

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* revert CommentTagPoster

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-10 14:09:14 -04:00
John Olheiser
c3e8c9441a
Add check for LDAP group membership (#10869)
This is a port of gogs/gogs#4398

The only changes made by myself are:

Add locales
Add some JS to the UI
Otherwise all code credit goes to @aboron

Resolves #10829

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-10 16:30:07 +01:00
Lunny Xiao
e153cf07c3
Add a migrate service type switch page (#12697)
* Add a migrat service type switch page

* Improve translations

* remove images

* Fix images

* remove extra create repo button on dashboard

* Follow reviewers' opinions

* Fix frontend lint

* Remove wrong submit file

* Fix tests

* Adjust the size of image

* Apply suggestions from code review

Co-authored-by: 赵智超 <1012112796@qq.com>

* Remove username and password from migration of github/gitlab

* Improve docs

* Improve interface docs

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-09 14:29:10 -04:00
John Olheiser
c6e4bc53aa
Check passwords against HaveIBeenPwned (#12716)
* Implement pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update module

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Apply suggestions mrsdizzie

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Add link to HIBP

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add more details to admin command

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add context to pwn

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Consistency and making some noise ;)

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-08 17:06:39 -05:00
Vedran
e204398754
Change/remove a branch of an open issue (#9080)
* Add field with isIssueWriter to front end

* Make branch field editable

* Switch frontend to form and POST from javascript

* Add /issue/id/ref endpoint to routes

* Use UpdateIssueTitle model to change ref in backend

* Removed crossreference check and adding comments on branch change

* Use ref returned from POST to update the field

* Prevent calling loadRepo from models/

* Branch/tag refreshed without page reload

* Remove filter for empty branch name

* Add clear option to tag list as well

* Delete button translation and coloring

* Fix for not showing selected branch name in new issue

* Check that branch is not being changed on a PR

* Change logic

* Notification when changing issue ref

* Fix for renamed permission parameter

* Fix for failing build

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-08 12:29:51 -04:00
Lunny Xiao
7a5465fc56
LFS support to be stored on minio (#12518)
* LFS support to be stored on minio

* Fix test

* Fix lint

* Fix lint

* Fix check

* Fix test

* Update documents and add migration for LFS

* Fix some bugs
2020-09-08 23:45:10 +08:00
mrsdizzie
489c8a1478
Compare SSH_DOMAIN when parsing submodule URLs (#12753)
Right now we only compare the hostname from a submodule with the prefixURL it is viewed from to check if the submodule is hosted on the same Gitea instance. This adds an additional check to compare it against SSH_DOMAIN as well since the same Gitea instance might have a different hostname for SSH and if the submodule uses that hostname we should also detect that and link to the proper DOMAIN value.

Fixes #12747, #9756
2020-09-07 20:08:10 -04:00
zeripath
a722dd72db
Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752)
* Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes

Fix #11738

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 23:53:42 -04:00
6543
3408fb73b6
Add better Swagger description and a example for GetArchive (#12743)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-06 12:23:47 -04:00
6543
bc11caff94
[Vendor] Switch go-version lib (#12719)
* vendor: switch from "mcuadros/go-version" to "hashicorp/go-version"

* Adapt P1

* simplify

* fix lint

* adapt

* fix lint & rm old code

* no deadlock

* rm RWMutex and check GoVersion only 1-time

* Copyright header

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 12:42:58 -04:00
6543
dba5d82f86
Expose Attachemnt Settings by API (#12514)
close #12368
2020-09-05 08:43:06 +01:00
6543
2a52aeec49
API: Expose its limitation settings (#12714)
* API: Expose its limitation settings

* TESTs

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 14:10:15 -04:00
6543
6c5266c9ca
[BugFix] Fix comment broken issue ref dependence (#12651)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* Add migration

* Ignore 'dependent_issue_id = 0' case

* exchange as per @lunny

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 09:36:56 +08:00
赵智超
3981f1b127
Remove duplicate logic in initListSubmits (#12660)
* Remove duplicate logic in initListSubmits

Using the same logic to handle Choosing reviewers and assignees as
choosing label. It's the first step of #10926.

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix choose block

* fix nit

* try fix bug

* simple code

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-02 12:55:13 -04:00
zeripath
d257485bc0
Rename models.ProtectedBranchRepoID to models.EnvRepoID and ensure EnvPusherEmail is set (#12646)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-30 08:24:39 +01:00
zeripath
17fbbe97d7
Do not disable commit changes button on repost (#12644)
If the user has pressed commit changes and the post has failed - do not disable
the commit changes button.

Fix #12072

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-29 17:32:46 -04:00
6543
d5b6931dbe
[API] Delete Token accept names too (#12366)
* Delete Token accept names too

* better description

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-28 11:09:33 +03:00
zeripath
eb1bf2377b
Set context for running CreateArchive in to that of the request (#12555)
Set the context for CreateArchive to that of the request to ensure that archives
are only built for as long as a request is requesting them

Fix #11551

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-28 09:55:12 +03:00
zeripath
d3b5edacb6
Escape more things that are passed through str2html (#12622)
* Escape more things that are passed through str2html

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Bloody editors!

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update routers/user/oauth.go

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-28 00:37:05 -04:00
John Olheiser
211321fb93
Git migration UX (#12619)
* Initial work

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Implementation

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix gitlab and token cloning

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Imports and JS

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Linting

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Generate swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move mirror toggle and rename options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-28 09:36:37 +08:00
zeripath
2ae8c7ab1c
Add cron running API (#12421)
* Add cron running API

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

* placate-swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* return not found

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-24 11:48:15 -04:00
zeripath
1bf7b8d7c1
Fix signing.wont_sign.%!s(<nil>) if Require Signing commits but not signed in (#12581)
signing.wont_sign.%!s(<nil>) will be displayed if the repository needs signed
commits but the user is not logged in.

This is displayed because of complicated logic in the the template repo/issue/view_content/pull.tmpl
and a shortcut in the code of routers/repo/issue.go

This PR adds a default value of notsignedin if users are not signed in, which
although our templates will not show will prevent custom templates from showing
the above.

It also fixes the template to avoid showing signing errors if the user is not
authorized to sign.

Replaces #12564
Close #12564

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 22:59:41 +01:00
John Olheiser
43a397ce9a
Initial support for push options (#12169)
* Initial support for push options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix misspelling 🤦

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix formatting after conflict resolution

* defer close git repo

* According the GitLab documentation, git >= 2.10

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Words are hard. Thanks @mrsdizzie 😅

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Only update if there are push options

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
2020-08-23 17:02:35 +01:00
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf
d4e35b9dc6
Hide 'New Project board' button for users that are not signed in (#12547)
* hide: 'New Project board' button

* there is no reason to show the button for users that are not signed in

* update template: specifies the condition together with another one

as per lafriks' suggestion in the comment

* chore: add proper user authorization check

* chore: also hide button if repo is archived

* chore: show project board edit/delete menu to authorized users only

* chore: drop the redundant IsSigned check

* CanWriteIssues and CanWritePulls implies (and requires) signed in user

* Add CanWriteProjects and properly assert permissions

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-22 02:58:59 -04:00
zeripath
7c2cf236f8
Allow addition of gpg keyring with multiple keys (#12487)
Related #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-21 13:45:50 +03:00
Gjergji Ramku
0c9eb468e9
Fix typos (#12542)
Signed-off-by: Gjergji Ramku <gjergjiramku@gmail.com>
2020-08-20 09:53:06 -05:00
6543
dcb543ac2a
Show 2FA info on Admin Pannel: Users List (#12515) 2020-08-20 09:53:49 +08:00
zeripath
a5440fcb1e
Report error if API merge is not allowed (#12528)
#12496 demonstrated that the API merge needs to return some information as
to why a merge has been disallowed with a status code 422.

This PR ensures that a reason is always returned.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-19 17:35:06 -04:00
Lunny Xiao
62e6c9bc6c
Add a storage layer for attachments (#11387)
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
Lanre Adelowo
4027c5dd7c
Kanban board (#8346)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Kerry <flatline-studios@users.noreply.github.com>
Co-authored-by: Jaqra <jaqra@hotmail.com>
Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com>
Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com>
Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-16 23:07:38 -04:00
zeripath
d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
zeripath
2ef318e6f1
Add Access-Control-Expose-Headers (#12446)
Fix #12424

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-13 18:18:18 +01:00
Lunny Xiao
4e1c7cc4ef
Fix ignored login on compare (#12476) 2020-08-12 12:34:57 +02:00
zeripath
74bd9691c6
Re-attempt to delete temporary upload if the file is locked by another process (#12447)
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.

Fix #12339

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-11 21:05:34 +01:00
zeripath
2c1ae6c82d
Render the git graph on the server (#12333)
Rendering the git graph on the server means that we can properly track flows and switch from the Canvas implementation to a SVG implementation.

* This implementation provides a 16 limited color selection
* The uniqued color numbers are also provided
* And there is also a monochrome version
*In addition is a hover highlight that allows users to highlight commits on the same flow.

Closes #12209

Signed-off-by: Andrew Thornton art27@cantab.net
Co-authored-by: silverwind <me@silverwind.io>
2020-08-06 09:04:08 +01:00
6543
2872a04f27
UserProfile Page: Render Description (#12415)
* If Description contain more that one line render it

* simpler ...

* only render if description exists

* Fix NPE in tests

* Update routers/user/profile.go

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:48:37 +08:00
zeripath
33391e04fe
Prevent empty div when editing comment (#12404)
* Prevent empty div when editing comment

The template for attachments needs to remove whitespace and return empty when there are no attachments.

Fix #10220
2020-08-04 22:30:02 +01:00
赵智超
8a6790b2aa
Add API to update pr headBranch (#12419)
* [API] Add update pr headBranch api

Signed-off-by: a1012112796 <1012112796@qq.com>
2020-08-04 21:55:22 +01:00