1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-04 08:17:24 -05:00
Commit Graph

404 Commits

Author SHA1 Message Date
Lunny Xiao
5842a55b31
Move login related structs and functions to models/login (#17093)
* Move login related structs and functions to models/login

* Fix test

* Fix lint

* Fix lint

* Fix lint of windows

* Fix lint

* Fix test

* Fix test

* Only load necessary fixtures when preparing unit tests envs

* Fix lint

* Fix test

* Fix test

* Fix error log

* Fix error log

* Fix error log

* remove unnecessary change

* fix error log

* merge main branch
2021-09-24 19:32:56 +08:00
delvh
b22be7f594
Fix typo skipping a migration (#17130) 2021-09-23 20:42:42 +08:00
Lunny Xiao
d9c69596ff
Fix commit status index problem (#17061)
* Fix commit status index problem

* remove unused functions

* Add fixture and test for migration

* Fix lint

* Fix fixture

* Fix lint

* Fix test

* Fix bug

* Fix bug
2021-09-23 18:50:06 +08:00
Eng Zer Jun
f2e7d5477f
refactor: move from io/ioutil to io and os package (#17109)
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-22 13:38:34 +08:00
Lunny Xiao
a4bfef265d
Move db related basic functions to models/db (#17075)
* Move db related basic functions to models/db

* Fix lint

* Fix lint

* Fix test

* Fix lint

* Fix lint

* revert unnecessary change

* Fix test

* Fix wrong replace string

* Use *Context

* Correct committer spelling and fix wrong replaced words

Co-authored-by: zeripath <art27@cantab.net>
2021-09-19 19:49:59 +08:00
Jimmy Praet
3d6cb25e31
Support unprotected file patterns (#16395)
Fixes #16381

Note that changes to unprotected files via the web editor still cannot be pushed directly to the protected branch. I could easily add such support for edits and deletes if needed. But for adding, uploading or renaming unprotected files, it is not trivial.

* Extract & Move GetAffectedFiles to modules/git
2021-09-11 16:21:17 +02:00
Lunny Xiao
ddc709ff7f
Add repo_id for attachment (#16958)
When create a new issue or comment and paste/upload an attachment/image, it will not assign an issue id before submit. So if user give up the creating, the attachments will lost key feature and become dirty content. We don't know if we need to delete the attachment even if the repository deleted.

This PR add a repo_id in attachment table so that even if a new upload attachment with no issue_id or release_id but should have repo_id. When deleting a repository, they could also be deleted.

Co-authored-by: 6543 <6543@obermui.de>
2021-09-08 17:19:30 +02:00
zeripath
697213bdb3
Add primary_key to issue_index (#16813)
Make the group_id a primary key in issue_index. This already has an unique index
and therefore is a good candidate for becoming a primary key.

This PR also changes all other uses of this table to add the group_id as the
primary key.

Fix #16802

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-08-25 09:42:51 +01:00
Lunny Xiao
efaf109435
Add information for migrate failure (#16803)
Improve the reporting of errors when there is a migration failure
2021-08-24 18:46:55 +01:00
wxiaoguang
b55c699c62
Alter issue/comment table TEXT fields to LONGTEXT (#16765)
* Alter issue/comment table TEXT fields to LONGTEXT

* Use If not Switch

Co-authored-by: zeripath <art27@cantab.net>
2021-08-22 23:33:05 +08:00
zeripath
c9bca8c5e0
Recreate Tables should Recreate indexes on MySQL (#16718)
The MySQL indexes are not being renamed at the same time as RENAME table despite the
CASCADE. Therefore it is probably better to just recreate the indexes instead.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-08-19 07:11:36 +03:00
6543
eaa791bedd
Add Version info to migrations.go (#16653)
Gitea migrations of 1.15.0 ends at v189
2021-08-08 13:34:42 -04:00
zeripath
9c116f2bb5
Restore compatibility with SQLServer 2008 R2 in migrations (#16627)
* Restore compatibility with SQLServer 2008 R2 in migrations

`ALTER TABLE DROP ... IF EXISTS ...` is only supported in SQL Server >16.

The `IF EXISTS` here is a belt-and-braces and does not need to be present. Therefore
can be dropped.

We need to figure out some way of restricting our SQL syntax against the minimum
version of SQL Server we will support.

My suspicion is that `ALTER DATABASE database_name SET COMPATIBILITY_LEVEL = 100` may
do that but there may be other side-effects so I am not whether to do that.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try just dropping the index only

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use lowercase for system tables

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-08 13:34:24 +03:00
a1012112796
3705168837
Add agit flow support in gitea (#14295)
* feature: add agit flow support

ref: https://git-repo.info/en/2020/03/agit-flow-and-git-repo/

example:

```Bash
git checkout -b test
echo "test" >> README.md
git commit -m "test"
git push origin HEAD:refs/for/master -o topic=test
```

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix lint

* simplify code add fix some nits

* update merge help message

* Apply suggestions from code review. Thanks @jiangxin

* add forced-update message

* fix lint

* splite writePktLine

* add refs/for/<target-branch>/<topic-branch> support also

* Add test code add fix api

* fix lint

* fix test

* skip test if git version < 2.29

* try test with git 2.30.1

* fix permission check bug

* fix some nit

* logic implify and test code update

* fix bug

* apply suggestions from code review

* prepare for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix permission check bug

- test code update
- apply suggestions from code review @zeripath

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix bug when target branch isn't exist

* prevent some special push and fix some nits

* fix lint

* try splite

* Apply suggestions from code review

- fix permission check
- handle user rename

* fix version negotiation

* remane

* fix template

* handle empty repo

* ui: fix  branch link under the title

* fix nits

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-07-28 17:42:56 +08:00
Lunny Xiao
9f31f3aa8a
Add an abstract json layout to make it's easier to change json library (#16528)
* Add an abstract json layout to make it's easier to change json library

* Fix import

* Fix import sequence

* Fix blank lines

* Fix blank lines
2021-07-24 18:03:58 +02:00
zeripath
5d2e11eedb
Refactor: Move login out of models (#16199)
`models` does far too much. In particular it handles all `UserSignin`.

It shouldn't be responsible for calling LDAP, SMTP or PAM for signing in.

Therefore we should move this code out of `models`.

This code has to depend on `models` - therefore it belongs in `services`.

There is a package in `services` called `auth` and clearly this functionality belongs in there.

Plan:

- [x] Change `auth.Auth` to `auth.Method` - as they represent methods of authentication.
- [x] Move `models.UserSignIn` into `auth`
- [x] Move `models.ExternalUserLogin`
- [x] Move most of the `LoginVia*` methods to `auth` or subpackages
- [x] Move Resynchronize functionality to `auth`
  - Involved some restructuring of `models/ssh_key.go` to reduce the size of this massive file and simplify its files.
- [x] Move the rest of the LDAP functionality in to the ldap subpackage
- [x] Re-factor the login sources to express an interfaces `auth.Source`?
  - I've done this through some smaller interfaces Authenticator and Synchronizable - which would allow us to extend things in future
- [x] Now LDAP is out of models - need to think about modules/auth/ldap and I think all of that functionality might just be moveable
- [x] Similarly a lot Oauth2 functionality need not be in models too and should be moved to services/auth/source/oauth2
  - [x] modules/auth/oauth2/oauth2.go uses xorm... This is naughty - probably need to move this into models.
  - [x] models/oauth2.go - mostly should be in modules/auth/oauth2 or services/auth/source/oauth2 
- [x] More simplifications of login_source.go may need to be done
- Allow wiring in of notify registration -  *this can now easily be done - but I think we should do it in another PR*  - see #16178 
- More refactors...?
  - OpenID should probably become an auth Method but I think that can be left for another PR
  - Methods should also probably be cleaned up  - again another PR I think.
  - SSPI still needs more refactors.* Rename auth.Auth auth.Method
* Restructure ssh_key.go

- move functions from models/user.go that relate to ssh_key to ssh_key
- split ssh_key.go to try create clearer function domains for allow for
future refactors here.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-24 11:16:34 +01:00
lengyuqu
078e2b2c39
Add support for corporate WeChat webhooks (#15910)
* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* Update templates/admin/hook_new.tmpl

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update services/webhook/wechatwork.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* 修善wechatwork

* 修善wechatwork

* fix

* Update locale_cs-CZ.ini

fix

* fix build

* fix

* fix build

* make webhooks.zh-cn.md

* delet unnecessary blank line

* delet unnecessary blank line

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* Update templates/admin/hook_new.tmpl

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update services/webhook/wechatwork.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* 修善wechatwork

* 修善wechatwork

* fix

* fix build

* fix

* fix build

* make webhooks.zh-cn.md

* delet unnecessary blank line

* delet unnecessary blank line

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix

* fix

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix wechat

* fix wechat

* fix wechat

* fix wechat

* Fix invalid params and typo of email templates (#16394)

Signed-off-by: Meano <meanocat@gmail.com>

* Add LRU mem cache implementation (#16226)

The current default memory cache implementation is unbounded in size and number of
objects cached. This is hardly ideal.

This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea.
The cache is limited by the number of objects stored in the cache (rather than size)
for simplicity. The default number of objects is 50000 - which is perhaps too small
as most of our objects cached are going to be much less than 1kB.

It may be worth considering using a different LRU implementation that actively limits
sizes or avoids GC - however, this is just a beginning implementation.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* [skip ci] Updated translations via Crowdin

* Replace `plugins/docker` with `techknowlogick/drone-docker`in ci (#16407)

* plugins/docker -> techknowlogick/drone-docker

* It is multi-arch

* docs: rewrite email setup (#16404)

* Add intro for both the docs page and mailer methods
  * Fix numbering level in SMTP section
  * Recommends implicit TLS

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>

* Validate Issue Index before querying DB (#16406)

* Fix external renderer (#16401)

* fix external renderer

* use GBackground context as fallback

* no fallback, return error

Co-authored-by: Lauris BH <lauris@nix.lv>

* Add checkbox to delete pull branch after successful merge (#16049)

* Add checkbox to delete pull branch after successful merge

* Omit DeleteBranchAfterMerge field in json

* Log a warning instead of error when PR head branch deleted

* Add DefaultDeleteBranchAfterMerge to PullRequestConfig

* Add support for delete_branch_after_merge via API

* Fix for API: the branch should be deleted from the HEAD repo

If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo

* Don't delegate to CleanupBranch, only reuse branch deletion code

CleanupBranch contains too much logic that has already been performed by the Merge

* Reuse gitrepo in MergePullRequest

Co-authored-by: Andrew Thornton <art27@cantab.net>

* [skip ci] Updated translations via Crowdin

* Detect encoding changes while parsing diff (#16330)

* Detect encoding changes while parsing diff

* Let branch/tag name be a valid ref to get CI status (#16400)

* fix #16384#

* refactor: move shared helper func to utils package

* extend Tests

* use ctx.Repo.GitRepo if not nil

* fix

* fix

* 企业微信webhook

* 企业微信webhook

* 企业微信webhook

* fix build

* fix build

* Apply suggestions from code review

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: myheavily <myheavily>
Co-authored-by: zhaoxin <gitea@fake.local>
Co-authored-by: Meano <Meano@foxmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Bagas Sanjaya <bagasdotme@gmail.com>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Jimmy Praet <jimmy.praet@telenet.be>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-07-23 12:41:27 +08:00
zeripath
b82293270c
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-13 15:28:07 +02:00
luzpaz
e0296b6a6d
Fix various documentation, user-facing, and source comment typos (#16367)
* Fix various doc, user-facing, and source comment typos

Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby`
2021-07-08 13:38:13 +02:00
KN4CK3R
9b1b4b5433
Refactor Webhook + Add X-Hub-Signature (#16176)
This PR removes multiple unneeded fields from the `HookTask` struct and adds the two headers `X-Hub-Signature` and `X-Hub-Signature-256`.

## ⚠️ BREAKING ⚠️ 

* The `Secret` field is no longer passed as part of the payload.
* "Breaking" change (or fix?): The webhook history shows the real called url and not the url registered in the webhook (`deliver.go`@129).

Close #16115
Fixes #7788
Fixes #11755

Co-authored-by: zeripath <art27@cantab.net>
2021-06-27 20:21:09 +01:00
Lunny Xiao
e3c626834b
Let package git depend on setting but not opposite (#15241)
* Let package git depend on setting but not opposite

* private some package variables
2021-06-26 13:28:55 +02:00
KN4CK3R
44b8b07631
Add tag protection (#15629)
* Added tag protection in hook.

* Prevent UI tag creation if protected.

* Added settings page.

* Added tests.

* Added suggestions.

* Moved tests.

* Use individual errors.

* Removed unneeded methods.

* Switched delete selector.

* Changed method names.

* No reason to be unique.

* Allow editing of protected tags.

* Removed unique key from migration.

* Added docs page.

* Changed date.

* Respond with 404 to not found tags.

* Replaced glob with regex pattern.

* Added support for glob and regex pattern.

* Updated documentation.

* Changed white* to allow*.

* Fixed edit button link.

* Added cancel button.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-06-25 16:28:55 +02:00
Lunny Xiao
b223d36195
Rework repository archive (#14723)
* Use storage to store archive files

* Fix backend lint

* Add archiver table on database

* Finish archive download

* Fix test

* Add database migrations

* Add status for archiver

* Fix lint

* Add queue

* Add doctor to check and delete old archives

* Improve archive queue

* Fix tests

* improve archive storage

* Delete repo archives

* Add missing fixture

* fix fixture

* Fix fixture

* Fix test

* Fix archiver cleaning

* Fix bug

* Add docs for repository archive storage

* remove repo-archive configuration

* Fix test

* Fix test

* Fix lint

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-23 17:12:38 -04:00
zeripath
6d69df2804
Add Status Updates whilst Gitea migrations are occurring (#15076)
* Add migrating message

Signed-off-by: Andrew Thornton <art27@cantab.net>

* simplify messenger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* make messenger an interface

Signed-off-by: Andrew Thornton <art27@cantab.net>

* rename

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prepare for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per tech

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-06-16 18:02:24 -04:00
zeripath
15fbf23d13
v180 migration should be standalone (#16151)
Unfortunately the v180 migration picked up a few non-standalone dependencies. This PR
forcibly copies the important parts back into the migration.

Fix #16150

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-06-14 15:07:49 -04:00
KN4CK3R
440039c0cc
Add push to remote mirror repository (#15157)
* Added push mirror model.

* Integrated push mirror into queue.

* Moved methods into own file.

* Added basic implementation.

* Mirror wiki too.

* Removed duplicated method.

* Get url for different remotes.

* Added migration.

* Unified remote url access.

* Add/Remove push mirror remotes.

* Prevent hangs with missing credentials.

* Moved code between files.

* Changed sanitizer interface.

* Added push mirror backend methods.

* Only update the mirror remote.

* Limit refs on push.

* Added UI part.

* Added missing table.

* Delete mirror if repository gets removed.

* Changed signature. Handle object errors.

* Added upload method.

* Added "upload" unit tests.

* Added transfer adapter unit tests.

* Send correct headers.

* Added pushing of LFS objects.

* Added more logging.

* Simpler body handling.

* Process files in batches to reduce HTTP calls.

* Added created timestamp.

* Fixed invalid column name.

* Changed name to prevent xorm auto setting.

* Remove table header im empty.

* Strip exit code from error message.

* Added docs page about mirroring.

* Fixed date.

* Fixed merge errors.

* Moved test to integrations.

* Added push mirror test.

* Added test.
2021-06-14 19:20:43 +02:00
Lunny Xiao
0393a57511
Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
* Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index

* Fix pull index

* Add tests for concurrent creating issues

* Fix lint

* Fix tests

* Fix postgres test

* Add test for migration v180

* Rename wrong test file name

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-06-14 10:22:55 +08:00
Lunny Xiao
b9d611e917
Always store primary email address into email_address table and also the state (#15956)
* Always store primary email address into email_address table and also the state

* Add lower_email to not convert email to lower as what's added

* Fix fixture

* Fix tests

* Use BeforeInsert to save lower email

* Fix v180 migration

* fix tests

* Fix test

* Remove wrong submited codes

* Fix test

* Fix test

* Fix test

* Add test for v181 migration

* remove change user's email to lower

* Revert change on user's email column

* Fix lower email

* Fix test

* Fix test
2021-06-08 11:52:51 +08:00
Norwin
cb940c4312
Encrypt migration credentials at rest (#15895)
* encrypt migration credentials in task persistence

Not sure this is the best approach, we could encrypt the entire
`PayloadContent` instead. Also instead of clearing individual fields in
payload content, we could just delete the task once it has
(successfully) finished..?

* remove credentials of past migrations

* only run DB migration for completed tasks

* fix binding

* add omitempty

* never serialize unencrypted credentials

* fix import order

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-05-31 04:25:47 -04:00
zeripath
2a565478d1
Tagger can be empty, as can Commit and Author - tolerate this (#15835)
Unfortunately some old repositories can have tags with empty Tagger, Commit
or Author. Go-Git variants will always have empty values for these whereas
the native git variant leaves them at nil. The simplest solution is just to
always have these set to empty Signatures.

v156 migration also makes the incorrect assumption that these cannot be empty.
Therefore add some handling to this and add logging and adjust broken
logging elsewhere in this migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-05-12 01:11:42 -04:00
silverwind
1e6fa57acb
Use single shared random string generation function (#15741)
* Use single shared random string generation function

- Replace 3 functions that do the same with 1 shared one
- Use crypto/rand over math/rand for a stronger RNG
- Output only alphanumerical for URL compatibilty

Fixes: #15536

* use const string method

* Update modules/avatar/avatar.go

Co-authored-by: a1012112796 <1012112796@qq.com>

Co-authored-by: a1012112796 <1012112796@qq.com>
2021-05-10 07:45:17 +01:00
techknowlogick
ea40eb749b
Resolve panic on failed interface conversion in migration v156 (#15604)
go panics otherwise with `panic: interface conversion: error is git.ErrNotExist, not *git.ErrNotExist`, thanks to Codeberg/Andi for reporting this.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-04-24 11:14:39 +08:00
zeripath
b1e138511b
Prevent migration 156 failure if tag commit missing (#15519)
It is possible that tag commits could be deleted or missing from repos. This causes
migration 156 to fail and breaks upgrade.

This PR simply logs the failure.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-04-16 19:28:40 -04:00
Martin Michaelis
55eb1745bd
OAuth2 auto-register (#5123)
* Refactored handleOAuth2SignIn in routers/user/auth.go

The function handleOAuth2SignIn was called twice but some code path could only
be reached by one of the invocations. Moved the unnecessary code path out of
handleOAuth2SignIn.


* Refactored user creation

There was common code to create a user and display the correct error message.
And after the creation the only user should be an admin and if enabled a
confirmation email should be sent. This common code is now abstracted into
two functions and a helper function to call both.

* Added auto-register for OAuth2 users

If enabled new OAuth2 users will be registered with their OAuth2 details.
The UserID, Name and Email fields from the gothUser are used.
Therefore the OpenID Connect provider needs additional scopes to return
the coresponding claims.

* Added error for missing fields in OAuth2 response

* Linking and auto linking on oauth2 registration

* Set default username source to nickname

* Add automatic oauth2 scopes for github and google

* Add hint to change the openid connect scopes if fields are missing

* Extend info about auto linking security risk

Co-authored-by: Viktor Kuzmin <kvaster@gmail.com>
Signed-off-by: Martin Michaelis <code@mgjm.de>
2021-04-14 14:02:12 +02:00
6543
ca2e1d8090
docs: migration start new section (#15462) 2021-04-14 08:46:17 +02:00
zeripath
cd79fbf94a
v172 migration adds created_unix field instead of expiry (#15458)
The Session table must have an Expiry field not a created_unix field - somehow
this migration adds the incorrect named field leading to #15445 reports.

Fix #15445

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-04-13 20:04:17 -04:00
KN4CK3R
c03e488e14
Add LFS Migration and Mirror (#14726)
* Implemented LFS client.

* Implemented scanning for pointer files.

* Implemented downloading of lfs files.

* Moved model-dependent code into services.

* Removed models dependency. Added TryReadPointerFromBuffer.

* Migrated code from service to module.

* Centralised storage creation.

* Removed dependency from models.

* Moved ContentStore into modules.

* Share structs between server and client.

* Moved method to services.

* Implemented lfs download on clone.

* Implemented LFS sync on clone and mirror update.

* Added form fields.

* Updated templates.

* Fixed condition.

* Use alternate endpoint.

* Added missing methods.

* Fixed typo and make linter happy.

* Detached pointer parser from gogit dependency.

* Fixed TestGetLFSRange test.

* Added context to support cancellation.

* Use ReadFull to probably read more data.

* Removed duplicated code from models.

* Moved scan implementation into pointer_scanner_nogogit.

* Changed method name.

* Added comments.

* Added more/specific log/error messages.

* Embedded lfs.Pointer into models.LFSMetaObject.

* Moved code from models to module.

* Moved code from models to module.

* Moved code from models to module.

* Reduced pointer usage.

* Embedded type.

* Use promoted fields.

* Fixed unexpected eof.

* Added unit tests.

* Implemented migration of local file paths.

* Show an error on invalid LFS endpoints.

* Hide settings if not used.

* Added LFS info to mirror struct.

* Fixed comment.

* Check LFS endpoint.

* Manage LFS settings from mirror page.

* Fixed selector.

* Adjusted selector.

* Added more tests.

* Added local filesystem migration test.

* Fixed typo.

* Reset settings.

* Added special windows path handling.

* Added unit test for HTTPClient.

* Added unit test for BasicTransferAdapter.

* Moved into util package.

* Test if LFS endpoint is allowed.

* Added support for git://

* Just use a static placeholder as the displayed url may be invalid.

* Reverted to original code.

* Added "Advanced Settings".

* Updated wording.

* Added discovery info link.

* Implemented suggestion.

* Fixed missing format parameter.

* Added Pointer.IsValid().

* Always remove model on error.

* Added suggestions.

* Use channel instead of array.

* Update routers/repo/migrate.go

* fmt

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-04-08 18:25:57 -04:00
zeripath
39ef6f83d5
Create Proper Migration Tests (#15116)
* Create Proper Migration tests

Unfortunately our testing regime has so far meant that migrations do not
get proper testing.

This PR begins the process of creating migration tests for this.

* Add test for v176

* fix mssql drop db

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-24 19:27:22 +01:00
zeripath
750ac52db2
Fix Migration 176 yet again (#15131)
* Fix Migration 176 yet again

Whilst creating a test for v176 in the migrations_test PR
it has become clear that this was still wrong.

This is now fixed. Genuinely.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and fix repo transfer

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-23 23:10:19 +00:00
zeripath
dfb3e50dce
Fix the v176 migration (#15110)
There is a serious issue with the v176 migration where there is a mistaken missing
label_id selection.

*introduced by #14912*

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-22 19:26:38 +01:00
6543
a3a65137ba
Delete Labels & IssueLabels on Repo Delete too (#15039)
* Doctor: find IssueLabels without existing label

* on Repo Delete: delete labels & issue_labels too

* performance nits

* Add Migration: Delete orphaned IssueLabels

* Migration v174: use Sync2

* USE sess !!!

* better func name

* code format & comment

* RAW SQL

* Update models/migrations/v176.go

* next try?
2021-03-19 21:01:24 +02:00
zeripath
dace0ce1b1
Prevent addition of labels from outside the repository or organisation in issues (#14912)
* Never add labels not from this repository or organisation and remove org labels on transfer

Prevent the addition of labels from outside of the repository or
organisation and remove organisation labels on transfer.

Related #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* switch to use sql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* subquery alias

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Give me some AS?

Signed-off-by: Andrew Thornton <art27@cantab.net>

* double AS

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* once more around the merry go round

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix api problem

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add outside label consistency check into doctor

This PR adds another consistency check into doctor in order to detect
labels that have been added from outside of repositories and organisations

Fix #14908

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for merge

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-19 21:25:14 +08:00
zeripath
070c57867d
Fix postgres ID sequences broken by recreate-table (#15015)
* Fix postgres ID sequences broken by recreate-table

Unfortunately there is a subtle problem with recreatetable on postgres which
leads to the sequences not being renamed and not being left at 0.

Fix #14725

Signed-off-by: Andrew Thornton <art27@cantab.net>

* let us try information_schema instead

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-18 02:06:40 -04:00
Bo-Yi Wu
167b0f46ef
chore(models): rewrite code format. (#14754)
* chore: rewrite format.

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: Adjacent parameters with the same type should be grouped together

* chore: update format.
2021-03-14 19:52:12 +01:00
zeripath
f0e15250b9
Migrate to use jsoniter instead of encoding/json (#14841)
* Migrate to use jsoniter

* fix tests

* update gitea.com/go-chi/binding

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-01 22:08:10 +01:00
6543
a4148c0f12
Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
* make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination

* if new pending transfer ocured, create UI & Mail notifications
2021-03-01 01:47:30 +01:00
Lunny Xiao
f3e64f677f
Remove unused commit (#14741)
* Remove unused commit

* a small nit

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: a1012112796 <1012112796@qq.com>
2021-02-20 15:02:39 +01:00
Norwin
d38ae597e1
Add UI to delete tracked times (#14100)
Co-authored-by: 6543 <6543@obermui.de>
2021-02-19 12:52:11 +02:00
zeripath
0a9a484e1e
Create DB session provider(based on xorm) (#13031)
* Create Xorm session provider

This PR creates a Xorm session provider which creates
the appropriate Session table for macaron/session.

Fix #7137

Signed-off-by: Andrew Thornton <art27@cantab.net>

* extraneous l

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* use key instead of ID to be compatible with go-macaron/session

Signed-off-by: Andrew Thornton <art27@cantab.net>

* And change the migration too.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update spacing of imports

Co-authored-by: 6543 <6543@obermui.de>

* Update modules/session/xorm.go

Co-authored-by: techknowlogick <matti@mdranta.net>

* add xorm provider to the virtual provider

Signed-off-by: Andrew Thornton <art27@cantab.net>

* prep for master merge

* prep for merge master

* As per @lunny

* move migration out of the way

* Move to call this db session as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-15 00:33:31 -05:00
6543
9e852edc41
Add v171 (addSortingColToProjectBoard) migration for #14634 (#14652)
* add v171 Migration for #14634

* NOT NULL

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-02-12 13:01:26 +02:00
a1012112796
ac701637b4
Add dismiss review feature (#12674)
* Add dismiss review feature

refs:
    https://github.blog/2016-10-12-dismissing-reviews-on-pull-requests/
    https://developer.github.com/v3/pulls/reviews/#dismiss-a-review-for-a-pull-request

* change modal ui and error message

* Add unDismissReview api

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-02-11 18:32:25 +01:00
zeripath
378acc9d96
Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
Fix #14545

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-02-08 11:09:14 +08:00
zeripath
fcfbab99fc
Set the name Mapper in migrations (#14526)
Migrations currently uses the default Xorm mapper which is
not the same as the mapper Gitea actually uses.

This means that there is a difference between the struct
parsing and mapping to database tables in migrations as
compared to normal Sync2.

This was the cause for the catastrophic problem in v168 -
untagged fields are not mapped in the same way in migrations
as compared to outside of migrations.

This is also likely the cause of some weird subtle failures
in other migrations as any untagged field may not be being
mapped exactly the same way.

This PR suggests that we ensure that the mapper is set at
the start of the migrations code - but also enforces a strict
clean mapper between each migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-01-30 16:24:25 +01:00
John Olheiser
e92552abb4
noop (#14521)
Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-29 23:52:13 +08:00
6543
2ebe609d65
Fix migration v141 (#14387)
* Fix mig 141

* Add Migration to fix it

* update null values to false first

* Alter Table if posible

* use dropTableColumns instead of recreateTable

* MySQL use Alter

* Postgres use Alter

* Update models/migrations/v167.go

* Apply suggestions from code review

* use 2x add col & 2x update & 2x drop col

* let sqlite be the only issue

* use recreate since it just WORKS
2021-01-28 23:58:33 +01:00
Andrew Bezold
bc05ddc0eb
Redirect on changed user and org name (#11649)
* Add redirect for user

* Add redirect for orgs

* Add user redirect test

* Appease linter

* Add comment to DeleteUserRedirect function

* Fix locale changes

* Fix GetUserByParams

* Fix orgAssignment

* Remove debug logging

* Add redirect prompt

* Dont Export DeleteUserRedirect & only use it within a session

* Unexport newUserRedirect

* cleanup

* Fix & Dedub API code

* Format Template

* Add Migration & rm dublicat

* Refactor: unexport newRepoRedirect() & rm dedub del exec

* if this fails we'll need to re-rename the user directory

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-01-24 16:23:05 +01:00
6543
74a0481586
[Refactor] Passwort Hash/Set (#14282)
* move SaltGeneration into HashPasswort and rename it to what it does

* Migration: Where Password is Valid with Empty String delete it

* prohibit empty password hash

* let SetPassword("") unset pwd stuff
2021-01-10 20:05:18 +02:00
Lunny Xiao
3c96a37162
Some code improvements (#14266) 2021-01-06 19:23:57 +00:00
Lunny Xiao
9f73cae635
Fix wrong type on hooktask to convert typ from char(16) to varchar(16) (#14148)
* Fix wrong type on hooktask to convert typ from char(16) to varchar(16)

* Fix bugs

* Improve code

* Use different trim function for MSSQL

* Fix bug

* Removed wrong changed line

* Removed wrong changed line

* Fix nullable

* Fix lint

* Ignore sqlite on migration

* Fix mssql modify column failure

* Move modifyColumn to migrations.go so that other migrate function could use it
2021-01-06 16:11:23 +01:00
Johnny Oskarsson
a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
Lunny Xiao
cf9d471631
Change topic name size from 25 to 50 (#14150)
* Change topic name size from 25 to 50

* recreateTable requires full bean definition

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-12-26 23:28:47 +00:00
Lunny Xiao
6edfa6bc88
Fix broken migration on webhook (#13911)
* Fix broken migration on webhook

* Fix lint

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-12-09 17:20:13 +00:00
6543
658e90a114
[Docu] Fix Location of Comments in migrations.go (#13900) 2020-12-09 00:24:23 +01:00
Lunny Xiao
42354dfe45
Move webhook type from int to string (#13664)
* Move webhook type from int to string

* rename webhook_services

* finish refactor

* Fix merge

* Ignore unnecessary ci

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-12-08 11:41:14 +01:00
6543
594cc4aa2a
Update Gitea Version & Fix Migration Comments (#13789)
* correct migration version comments

* update lates version in docs
2020-12-03 00:04:19 +08:00
a1012112796
9c26dc1f3a
Add block on official review requests branch protection (#13705)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-28 21:30:46 +02:00
zeripath
3fd060eb37
Include OriginalAuthor in Reaction constraint (#13505)
When migrating repositories with reactions with deleted users, the original
author id may be -1. This means that it is possible to end up attempting
to create multiple reactions with the same [ Type, IssueID, CommentID, UserID,
OriginalAuthorID ] thus breaking the constraints.

On SQLite this appears to cause a deadlock but on other dbs this will
cause the migration to fail.

This PR extends the constraint to include the original author username
in the constraint.

Fix #13271

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-11-10 22:37:11 +00:00
Lunny Xiao
542edc22c4
Some improvements for v156 (#13497) 2020-11-10 13:44:45 +02:00
zeripath
b091c994b5
Comments on review should have the same sha (#13448)
* When replying to an outdated comment it should not appear on the files page

This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.

There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix broken migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Create temporary table because ... well MSSQL ...

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix mssql

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move session within the batch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* regen the sqlcmd each time round the loop

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @lunny

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-09 01:15:09 -05:00
Lunny Xiao
35cc82abbf
Revert "Replies to outdated code comments should also be outdated (#13217)" (#13439)
This reverts commit 3cab3bee57.
2020-11-06 09:04:21 +02:00
zeripath
3cab3bee57
Replies to outdated code comments should also be outdated (#13217)
* When replying to an outdated comment it should not appear on the files page

This happened because the comment took the latest commitID as its base instead of the
reviewID that it was replying to.

There was also no way of creating an already outdated comment - and a
reply to a review on an outdated line should be outdated.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-04 17:55:15 -05:00
Lunny Xiao
afb3a5c1d5
Fix bug on release publisherid migrations (#13410)
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2020-11-03 23:47:54 +08:00
zeripath
4099e4f1b6
Ensure topics added using the API are added to the repository (#13285)
* Ensure topics added using the API are added to the repository

Fix #12426

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-10-24 15:11:30 +01:00
Lunny Xiao
be82b8f99a
Keep database transactions not too big (#13254)
* Keep database transactions not too big

* Fix #13255

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Only cache the last repo

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-10-22 11:45:54 -04:00
Lanre Adelowo
e918636283
Enhance release list (#6025)
* show author for releases created outside Gitea UI.

Also show the number of commits behind the default branch for tags created outside the UI

don't show the tag date again for tags pushed to the repo. Since it is already on the sidebar and looks like duplication

* add migration for already existing tags

* update as per review

* fix build

* add space

* fix import statments

* Update models/migrations/v113.go

Co-Authored-By: zeripath <art27@cantab.net>

* Update models/migrations/v114.go

Co-authored-by: 6543 <6543@obermui.de>

* Update services/release/release.go

Co-authored-by: 6543 <6543@obermui.de>

* impruve

* remove dependency on models package

* Close the gitrepos in a defer to ensure that they are closed.

* gofmt

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-21 20:55:25 -04:00
Lunny Xiao
80a6b0f5bc
Avatars and Repo avatars support storing in minio (#12516)
* Avatar support minio

* Support repo avatar minio storage

* Add missing migration

* Fix bug

* Fix test

* Add test for minio store type on avatars and repo avatars; Add documents

* Fix bug

* Fix bug

* Add back missed avatar link method

* refactor codes

* Simplify the codes

* Code improvements

* Fix lint

* Fix test mysql

* Fix test mysql

* Fix test mysql

* Fix settings

* Fix test

* fix test

* Fix bug
2020-10-14 21:07:51 +08:00
赵智超
dfa7291f8f
[Enhancement] Allow admin to merge pr with protected file changes (#12078)
* [Enhancement] Allow admin to merge pr with protected file changes

As tilte, show protected message in diff page and merge box.

Signed-off-by: a1012112796 <1012112796@qq.com>

* remove unused ver

* Update options/locale/locale_en-US.ini

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Add TrN

* Apply suggestions from code review

* fix lint

* Update options/locale/locale_en-US.ini

Co-authored-by: zeripath <art27@cantab.net>

* Apply suggestions from code review

* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed

* Apply review suggestion @CirnoT

* move to service @lunny

* slightly restructure routers/private/hook.go

Adds a lot of comments and simplifies the logic

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* skip duplicate protected files check

* fix check logic

* slight refactor of TestPatch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking for protected files changes in TestPatch use the temporary repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix introduced issue with hook

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the check on PR index being greater than 0 as it unnecessary

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-13 14:50:57 -04:00
6543
ade9c8dc3c
[API] If User is Admin, show 500 error message on PROD mode too (#13115)
* API: show admin 500 error message on PROD mode too

* a nit

* dont miss InternalServerError

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-12 20:41:49 -04:00
6543
f4ffe8ed54
Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
* Add timestamps to Star, Label, LanguageStat, Follow, Watch and Collaboration

* Star do not need updated

* LanguageStat do not need update (they wont change)

* fix unit-test
2020-10-12 20:01:57 -04:00
赵智超
8be3e439c2
Add team support for review request (#12039)
Add team support for review request

Block #11355

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-10-12 20:55:13 +01:00
6543
9513638715
Prohibit automatic downgrades (#13108)
Prohibit automatic downgrades by checking the version of the db and warning if the version number should be lower.

Close #13107

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
2020-10-12 15:35:56 +01:00
kolaente
64133126cd
Update golangci-lint to version 1.31.0 (#13102)
This PR updates golangci-lint to the latest version 1.31.0.

The upgrade introduced a new check for which I've fixed or disabled most cases.

Signed-off-by: kolaente <k@knt.li>
2020-10-11 21:27:20 +01:00
zeripath
4979f15c3f
Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
zeripath
772b5e0f54
Add migration for password algorithm change (#12784)
* Add migration for password algorithm change

#12688 changed the default for the user table leading to sync2 warnings

Unfortunately changing defaults requires a complete table rewrite in general.

However, just dropping columns could be bad - so this PR leverages the
techniques used in recreate table to recreate from the inferred schema
and recreates the user table.

This is not necessarily the correct thing to do - but code sometimes speaks
louder than words.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops

Signed-off-by: Andrew Thornton <art27@cantab.net>

* ok lets use the shorter bits for other dbs

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/migrations/v150.go

* Update models/migrations/v150.go

* fix migration

Signed-off-by: Andrew Thornton <art27@cantab.net>

* mv v150 to v151.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-15 18:02:41 -04:00
zeripath
47289344e2
Add Primary Key to Topic and RepoTopic (#12639)
Add a primary key to Topic and RepoTopic tables

Fix #8920

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-10 20:45:01 +01:00
zeripath
1b9d5074a7
Add command to recreate tables (#12407)
Provides new command: `gitea doctor recreate-table` which will recreate
db tables and copy the old data in to the new table.

This function can be used to remove the old warning of struct defaults being
out of date.

Fix #8868
Fix #3265
Fix #8894

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-09-06 22:52:01 +01:00
Lunny Xiao
e8958bfc38
Fix bug of migraition v111 (#12738) 2020-09-06 11:34:51 +01:00
Lunny Xiao
6590cac89b
Fix bug on migration 111 (#12736)
* Fix bug on migration 111

* Check reviews when migrating v111

* Fix bug

* Fix commit
2020-09-06 16:54:29 +08:00
6543
1ea1cade85
Add Created & Updated to Milestone (#12662)
* Add Created and Updated to Milestone table and expose via API

* Expose to UI - To Overloaded ?!?

* fix unit test

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 13:38:54 -04:00
6543
6c5266c9ca
[BugFix] Fix comment broken issue ref dependence (#12651)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* Add migration

* Ignore 'dependent_issue_id = 0' case

* exchange as per @lunny

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-04 09:36:56 +08:00
Lunny Xiao
2026d885d6
Fix bug on migration 147 (#12565) 2020-08-22 18:12:40 +01:00
zeripath
9c9c3348bb
Prevent NPE on commenting on lines with invalidated comments (with migration) (#12549)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add migration and remove template hacks

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:53:14 +03:00
Lunny Xiao
62e6c9bc6c
Add a storage layer for attachments (#11387)
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
Lanre Adelowo
4027c5dd7c
Kanban board (#8346)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Kerry <flatline-studios@users.noreply.github.com>
Co-authored-by: Jaqra <jaqra@hotmail.com>
Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com>
Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com>
Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-08-16 23:07:38 -04:00
zeripath
d1e67d7ade
Fix bug preventing transfer to private organization (#12497)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere
2020-08-16 16:27:08 -04:00
zeripath
74bd9691c6
Re-attempt to delete temporary upload if the file is locked by another process (#12447)
Replace all calls to os.Remove/os.RemoveAll by retrying util.Remove/util.RemoveAll and remove circular dependencies from util.

Fix #12339

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-11 21:05:34 +01:00
zeripath
d87dbd7519
Fix Migration 145 on MSSQL if varchar is changed to nvarchar (#12445)
* Handle MSSQL constraints

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/migrations/v145.go

* Prevent hang with Sync2

* Agh it's uniques not indexes

* Let us try a different way of finding constraints on the language column

Signed-off-by: Andrew Thornton <art27@cantab.net>

* minor simplification

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Try drop index instead?

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-10 16:01:10 +03:00
zeripath
e17e3f71f4
Use transaction in V102 migration (#12395)
The code for dropTableColumns has a slightly confusing portion whereby the session is committed for MSSQL but not for other variants.

The v102 migration doesn't actually start a transaction so this weirdness does not affect it. However it probably should attempt to run this in a transaction.

Signed-off-by: Andrew Thornton art27@cantab.net
2020-08-06 19:16:49 +01:00
zeripath
5e5c893555
Need RepoID in the languagestat field (#12427)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-04 14:38:31 -04:00
zeripath
502e38c33c
Increase size of the language column in language_stat (#12396)
In #12379 it was discovered that enry v2 has a maximum language length
of 34 characters which is larger than the 30 previously provided.

This PR updates the language column to 50.

Fix #12379
2020-08-04 14:54:29 +01:00