* use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines
* fix tests and add comment head
* Feature - Pagination for git tree API
* Handles case when page is negative
* Does a for loop over the start and end rather than all entries
* Removed redundent logic
* Adds per_page as a query parameter
* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt
* Fix typo in cheat-sheet en
* Makes page start at 1, generated swagger
* Use updates to SDK
* Updates to use latest sdk
* Updates swagger for tree api
* Adds test for GetTreeBySHA
* Updates per PR reviews
* Updates per PR reviews
* Remove file
* Formatting
* Fix to swagger file
* Fix to swagger
* Update v1_json.tmpl
* Fix to swagger file
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix#1357
* Create log mailer for testing email settings
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch on the log mailer for the integration tests
This ensures that the sending mail process works
Signed-off-by: Andrew Thornton <art27@cantab.net>
* rename the from user for mysql/mssql
* rename log sender to dummy sender
* update the integration tests
This PR protects against the panic referred to in chaseadmsio/goorgeous#82
by recovering from the panic and just returning the raw bytes if
there is an error.
Signed-off-by: Andrew Thornton <art27@cantab.net>
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Add a new config option to enable / disable the automatic watching of
repos for new repositories and if a user is added to a team.
Fixes#653
Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
* Pooled and buffered gzip implementation
* Add test for gzip
* Add integration test
* Ensure lfs check within transaction
The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.
* Try to avoid primary key problem in postgres
The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
* add util method and tests
* make sure the title of an issue cannot be empty
* wiki title cannot be empty
* pull request title cannot be empty
* update to make use of the new util methof
Fix#5765 by log the IP address of a connecting remote machine in case of a SSH connection error for the built-in ssh server.
Signed-off-by: Robert Sprunk <github@sprunk.me>
* add migration and basic UI for changing a user's theme
* update user themem
* use right text on button
* load theme based on users' selection
* load theme based on users' selection in pwa too
* update sample config
* delete older theme loading
* implement AfterLoad to set users' theme properly
* set up default theme when creating a user. This uses the installation wide theme
* use flash messages for error
* set default theme when creating a user from the cli
* fix @lunny review
* Add branch protection for approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add required approvals
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add missing comments and fmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add type = approval and group by reviewer_id to review
* Prevent users from adding negative review limits
* Add migration for approval whitelists
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Explicitly disable Git credential helper
If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.
There are two problems with credential helpers when combined with Gitea:
1. Credentials entered by a user when doing a migration or setting up a
mirror will end up in the credential store. In the worst case, this
is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
mirrors by all users. For example, if user A sets up a mirror, their
credentials will be stored. If user B later sets up a mirror from the
same host and does not enter any credentials, user A's credentials
will be used.
This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
24321375cd
* Update git module
* Create manifest and serviceworker
* Create templates and add AppSubUrl
* Add JSRenderer
* fix ctx type
* Add JSRenderer to static.go
* Complete adding {{AppSubUrl}}
* Add more fonts to urlsToCache
* Add 512px and 192px icons
* Hardcode font MD5
* Default theme doesn't have a specific CSS file
* Add raw blob endpoint
This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.
* fix: Make it work
* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132
Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
* Update Gopkg.lock
Can't update all vendors due to errors
Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>
* style: Add Gitea copyright header
* feat: Added integration test for /repo/u/r/raw/blob
* fix: correct year in copyright header
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation
Fixes#5226, #5249
* /api/v1/admin/users routes should have reqToken middleware
* Pass environment variables for URL prefixes to external markup parser
Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
* Document external markup link prefix environment variables
Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
* Run format on link prefix changes
Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
* Added basic heatmap data
* Added extra case for sqlite
* Built basic heatmap into user profile
* Get contribution data from api & styling
* Fixed lint & added extra group by statements for all database types
* generated swagger spec
* generated swagger spec
* generated swagger spec
* fixed swagger spec
* fmt
* Added tests
* Added setting to enable/disable user heatmap
* Added locale for loading text
* Removed UseTiDB
* Updated librejs & moment.js
* Fixed import order
* Fixed heatmap in postgresql
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-Authored-By: kolaente <konrad@kola-entertainments.de>
* Added copyright header
* Fixed a bug to show the heatmap for the actual user instead of the currently logged in
* Added integration test for heatmaps
* Added a heatmap on the dashboard
* Fixed timestamp parsing
* Hide heatmap on mobile
* optimized postgresql group by query
* Improved sqlite group by statement
* add notification interface and refactor UI notifications
* add missing methods on notification interface and notifiy only issue status really changed
* implement NotifyPullRequestReview for ui notification
* Detect charset and convert non UTF-8 files for display
* Refactor and move function to correct module
* Revert unrelated changes
* More unrelated changes
* Duplicate content for small text to have better encoding detection
* Check if original content is valid before duplicating it
* redirect to login page after successfully activating account
* force users to change password if account was created by an admin
* force users to change password if account was created by an admin
* fixed build
* fixed build
* fix pending issues with translation and wrong routes
* make sure path check is safe
* remove unneccessary newline
* make sure users that don't have to view the form get redirected
* move route to use /settings prefix so as to make sure unauthenticated users can't view the page
* update as per @lafriks review
* add necessary comment
* remove unrelated changes
* support redirecting to location the user actually want to go to before being forced to change his/her password
* run make fmt
* added tests
* improve assertions
* add assertion
* fix copyright year
Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
ENABLE_LETSENCRYPT and LETSENCRYPT_ACCEPTTOS were not being properly loaded from the config file, always resulting in the default settings being in place.
* prevent pull request to be merged when PR is a WIP
* add tests
* add helper to prepend WIP: in PR title
* move default wip prefixes into settings
* use configurable WIP prefixes in javascript and default to first one in templates
* add documentation
* add unit test on pull model
Signed-off-by: Julien Tant <julien@craftyx.fr>
* Initial ui components for pull request review
* Add Review
Add IssueComment types
Signed-off-by: Jonas Franz <info@jonasfranz.software>
(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Replace ReviewComment with Content
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add load functions
Add ReviewID to findComments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add create review comment implementation
Add migration for review
Other small changes
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Simplified create and find functions for review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved "Pending" to first position
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add GetCurrentReview to simplify fetching current review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Preview for listing comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Move new comment form to its own file
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Implement Review form
Show Review comments on comment stream
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for single comments
Showing buttons in context
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add pending tag to pending review comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add unit tests for Review
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fetch all review ids at once
Add unit tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Improved comment rendering in "Files" view by adding Comments to DiffLine
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for invalidating comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Switched back to code.gitea.io/git
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved review migration from v64 to v65
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Rebuild css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Improve translations
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit tests by updating fixtures and updating outdated test
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Comments will be shown at the right place now
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for deleting CodeComments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix problems caused by files in subdirectories
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for showing code comments of reviews in conversation
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for "Show/Hide outdated"
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update code.gitea.io/git
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add support for new webhooks
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update comparison
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Resolve conflicts
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Minor UI improvements
* update code.gitea.io/git
* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Prepare solving conflicts
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Show add button only if no comments already exist for the line
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add missing vendor files
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Check if reviewer is nil
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Show forms only to users who are logged in
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Revert "Show forms only to users who are logged in"
This reverts commit c083682
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Save patch in comment
Render patch for code comments
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add link to comment in code
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add reply form to comment list
Show forms only to signed in users
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix problems introduced by checking for singed in user
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add v70
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update generated stylesheet
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix preview
Beginn with new review comment patch system
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)
* Add documentation and example for CutDiffAroundLine
* Fix example of CutDiffAroundLine
* Fix some comment UI rendering bugs
* Add code comment edit mode
* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag
* Fix vet errors
* Send notifications also for single comments
* Fix some notification bugs, fix link
* Fix: add comment icon is only shown on code lines
* Add lint comment
* Add unit tests for git diff
* Add more error messages
* Regenerated css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* fmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Regenerated CSS with latest less version
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix test by updating comment type to new ID
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix data-tab issues
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Remove unnecessary change
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* refactored checkForInvalidation
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Append comments instead of setting
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Use HeadRepo instead of BaseRepo
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update migration
Signed-off-by: Jonas Franz <info@jonasfranz.de>
* Regenerated CSS
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add copyright
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Update index.css
Signed-off-by: Jonas Franz <info@jonasfranz.software>
This makes it easier for user who want to theme but
don't have the ability to know how to customize templates
all that is required is a change in a config option
The reason why I chose the DEFAULT_THEME as variable,
as perhaps in the future we will allow users to chose their
theme whon logged in just like we do with languages
* Fix open redirect vulnerability on login screen
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Reorder imports
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Replace www. from Domain too
Signed-off-by: Jonas Franz <info@jonasfranz.software>
https://github.com/go-gitea/gitea/pull/4035#issuecomment-394286204
@ohwgiles points out that the config section should, in fact, still be in accordance with the "server" struct, which contains the "LFS" struct. I should just remove the line
```
sec = Cfg.Section("LFS")
```
* Replace '%28' with '#'
Add test case
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Use ResolveReference instead of strings.Replace
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add LDAP Key Synchronization feature
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Add migration: add login source id column for public_key table
* Only update keys if needed
* Add function to only list pubkey synchronized from ldap
* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.
* Only get keys belonging to current login source id
* Set default login source id to 0
* Some minor cleanup. Add integration tests (updete dep testify)
* Add support for U2F
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add vendor library
Add missing translations
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Minor improvements
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add U2F login page to OAuth
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Move U2F user settings to a separate file
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add unit tests for u2f model
Renamed u2f table name
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix problems caused by refactoring
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add U2F documentation
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Remove not needed console.log-s
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add default values to app.ini.sample
Add FIDO U2F to comparison
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* add more webhook support
* move hooks templates to standalone dir and add more webhooks ui
* fix tests
* update vendor checksum
* add more webhook support
* move hooks templates to standalone dir and add more webhooks ui
* fix tests
* update vendor checksum
* update vendor
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* load attributes when created release
* update comparsion doc
* Added user language setting
* Added translation string for setting
* Fixed import order + typo
* improved checking if the user has a language saved in the db
* The current saved language is now set a default inside the dropdown
* fmt
* When a user signs in and doesn't have a language saved, the current browser language is saved
* updated gitea-sdk
* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language
# Conflicts:
# models/migrations/migrations.go
# models/migrations/v62.go
* Made tests work again
* trigger CI
* trigger CI
* fmt
* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO
* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO
* When loggin in, only the language col gets updated instead of everything
* Started adding deadline to ui
* Implemented basic issue due date managing
* Improved UI for due date managing
* Added at least write access to the repo in order to modify issue due dates
* Ui improvements
* Added issue comments creation when adding/modifying/removing a due date
* Show due date in issue list
* Added api support for issue due dates
* Fixed lint suggestions
* Added deadline to sdk
* Updated css
* Added support for adding/modifiying deadlines for pull requests via api
* Fixed comments not created when updating or removing a deadline
* update sdk (will do properly once go-gitea/go-sdk#103 is merged)
* enhanced updateIssueDeadline
* Removed unnessecary Issue.DeadlineString
* UI improvements
* Small improvments to comment creation
+ ui & validation improvements
* Check if an issue is overdue is now a seperate function
* Updated go-sdk with govendor as it was merged
* Simplified isOverdue method
* removed unessecary deadline to 0 set
* Update swagger definitions
* Added missing return
* Added an explanary comment
* Improved updateIssueDeadline method so it'll only update `deadline_unix`
* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations
* Added check if a deadline was modified before updating it
* Moved comment creating logic into its own function
* Code cleanup for creating deadline comment
* locale improvement
* When modifying a deadline, the old deadline is saved with the comment
* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks
* style nitpicks
* Moved checking for if the user has write acces to middleware
* Show total tracked time in issue and milestone list
Show total tracked time at issue page
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Optimizing TotalTimes by using SumInt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fixing wrong total times for milestones caused by a missing JOIN
Adding unit tests for total times
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Logging error instead of ignoring it
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Correcting spelling mistakes
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Change error message to a short version
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add error handling to TotalTimes
Add variable for totalTimes
Signed-off-by: Jonas Franz <info@jonasfranz.de>
* Introduce TotalTrackedTimes as variable of issue
Load TotalTrackedTimes by loading attributes of IssueList
Load TotalTrackedTimes by loading attributes of single issue
Add Sec2Time as helper to use it in templates
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fixed test + gofmt
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Load TotalTrackedTimes via MilestoneList instead of single requests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add documentation for MilestoneList
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Add documentation for MilestoneList
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix test
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Change comment from SQL query to description
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit test by using int64 instead of int
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix unit test by using int64 instead of int
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Check if timetracker is enabled
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix test by enabling timetracking
Signed-off-by: Jonas Franz <info@jonasfranz.de>
* add topic models and unit tests
* fix comments
* fix comment
* add the UI to show or add topics for a repo
* show topics on repositories list
* fix test
* don't show manage topics link when no permission
* use green basic as topic label
* fix topic label color
* remove trace content
* remove debug function
New Feature:
* Repository struct field for IsFsckEnabled (default true of course)
* Admin Settings section on repo options page, accessible only by
admin users
Possible Enhancements:
* There's no way to force running health checks on all repos
regardless of their IsFsckEnabled setting. This would be useful if
there were an admin API or dashboard button to run fsck immediately.
Issue: https://github.com/go-gitea/gitea/issues/1712
Signed-off-by: Allen Wild <allenwild93@gmail.com>
* add global code search on explore
* fix bug when no anyone public repos
* change the icon
* fix typo and add UnitTypeCode check for login non-admin user
* fix ui description when no match
* Get rid of autolink
* autolink in markdown
* Replace email addresses with mailto links
* better handling of links
* Remove autolink.js from footer
* Refactor entire html.go
* fix some bugs
* Make tests green, move what we can to html_internal_test, various other changes to processor logic
* Make markdown tests work again
This is just a description to allow me to force push in order to restart
the drone build.
* Fix failing markdown tests in routers/api/v1/misc
* Add license headers, log errors, future-proof <body>
* fix formatting
* Enable caching on assets and avatars
Fixes#3323
* Only set avatar in user BeforeUpdate when there is no avatar set
* add error checking after stat
* gofmt
* Change cache time for avatars to an hour