1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-04 08:17:24 -05:00
Commit Graph

2062 Commits

Author SHA1 Message Date
Jonas Franz
e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
Lanre Adelowo
141c58f5a6 add isAdmin to user model (#6231)
update vendor and add tests

fix swagger
2019-03-03 17:57:24 -05:00
Lunny Xiao
c812ba7f87
fix display dashboard even if require to change password (#6214)
* fix display dashboard even if require to change password

* fix comments
2019-02-28 16:01:42 +08:00
James E. Blair
48c101affe Create a repo redirect when transferring ownership (#6210) (#6211)
When transferring ownership of a repo to a different user/org,
create a repo redirect that points to the new location in the same
way that is done when a repo is renamed.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-02-28 11:51:46 +08:00
John Olheiser
7548037a64 Adds MustChangePassword to user create/edit API, defaults to true (#6193)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-27 21:37:57 +02:00
Lunny Xiao
7afe81f28e fix bug when migrate repository 500 when repo is existed (#6188)
* fix bug when migrate repository 500 when repo is existed

* use 409 but not 422 for error status code when not exist

* translation fix
2019-02-26 09:28:56 -05:00
Lunny Xiao
4a2fbbeb10 fix bug user could change private repository to public when force private enabled. (#6156) 2019-02-22 21:56:05 +00:00
Lunny Xiao
134e55510e fix bug when update owner team then visit team's repo return 404 (#6119) 2019-02-22 11:14:45 -05:00
John Olheiser
df30010dbd Make repo creation for API similar to UI (#6142) 2019-02-21 17:07:58 -05:00
zeripath
3b61ff1895 Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
* Fix display of >1Kb LFS text files

* Make LFS stored Readme files viewable

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Slight restructure

Signed-off-by: Andrew Thornton <art27@cantab.net>

* catch errors and restructure LFS sections
2019-02-21 15:57:16 -05:00
John Olheiser
994b1be9d1 Admins can now do unlimited page size user search (listAllUsers & listAllOrgs) (#6143)
Non-admins will default to 10 page size
2019-02-21 15:42:54 -05:00
Lunny Xiao
0751153613
refactor issue indexer, add some testing and fix a bug (#6131)
* refactor issue indexer, add some testing and fix a bug

* fix error copyright year on comment header

* issues indexer package import keep consistent
2019-02-21 08:54:05 +08:00
John Olheiser
d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
John Olheiser
ba0749b7db Load Issue attributes for API call (#6122)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-02-19 19:07:19 +02:00
Lunny Xiao
830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lanre Adelowo
094263db4d Show email if the authenticated user owns the profile page being requested for (#4981)
* Show email if the authenticated user owns the profile page being
requested for.

Also removed `setting.UI.ShowUserEmail` as it's documentation says it
only controls the email setting on the explore page

* fix current user check... This prevents a panic as a user must be signed in before ctx.User is called

* fix panic in tests

* try to fix tests

* Update year

* Test CI fail

* Revert change

* User 3 is not allowed to authorize

* Set user2 email to be private

* Change to user4 in explore page as user2 now has private email option set
2019-02-19 09:11:50 -05:00
Lunny Xiao
f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
Zsombor
538a26d56f Show private organization for admin, fix #6111 (#6112) 2019-02-19 09:16:06 +08:00
Lanre Adelowo
44114b38e6 Implement "conversation lock" for issue comments (#5073) 2019-02-18 22:55:04 +02:00
Rémy Boulanouar
64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
John Olheiser
0b72c00fad Allow labels to contain emoji (#6063)
* Add emoji to labels
Minor cleanup of tribute code in footer.tmpl

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Quick find/replace in other i18n files containing label translations

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Revert "Quick find/replace in other i18n files containing label translations"

This reverts commit ec3e1a3a17.

* Add style to overwrite emoji height in labels

* Revert Makefile change that makes Windows work
2019-02-16 19:33:09 +02:00
Lanre Adelowo
f2256d9881 make sure labels are actually returned (#6053) 2019-02-13 10:45:19 -05:00
zeripath
2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
zeripath
296814e887 Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview

* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles

* Move branch checkout functions out of repo_editor.go as they are no longer used there

* BUGFIX: The default permissions should be 100644

    This is a change from the previous code but is more in keeping
    with the default behaviour of git.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Standardise cleanUploadFilename to more closely match git

See verify_path in: 7f4e641693/read-cache.c (L951)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Redirect on bad paths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Refactor to move the uploading functions out to a module

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add LFS support

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update upload.go attribution header

Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.

* Delete upload files after session committed

* Ensure that GIT_AUTHOR_NAME etc. are valid for git

see #5774

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in test cases per @lafriks comment

* Add space between gitea and github imports

Signed-off-by: Andrew Thornton <art27@cantab.net>

* more examples in TestCleanUploadName

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix formatting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch off SSH_ORIGINAL_COMMAND

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-12 15:07:31 +02:00
manuelluis
fc038caa69 In basic auth check for tokens before call UserSignIn (#5725)
* Check first if user/password is a token

* In basic auth check if user/password is a token

* Remove unnecessary else statement

* Changes of fmt
2019-02-12 11:20:08 +02:00
Luo Yifei
7884353a04 Add the Owner Name to differentiate when merging (#3807) 2019-02-12 10:37:32 +02:00
Lanre Adelowo
d0cb5aa9f9 fix #3200 (#6033) 2019-02-11 03:27:24 +02:00
Lanre Adelowo
9d8178b3ac Add option to close issues via commit on a non master branch (#5992)
* fixes #5957

* add tests to make sure config option is respected

* use already defined struct

* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created

- fix copy/paste error in copyright header year and rearrange import

- use repo config instead of server config value to determine if a commit should close an issue

- update testsuite

* use global config only when creating a new repository

* allow repo admin toggle feature via UI

* fix typo and improve testcase

* fix fixtures

* add DEFAULT prefix to config value

* fix test
2019-02-10 21:27:19 +02:00
Paul
8c865f3ce8 Fix metrics auth token detection (#6006)
Signed-off-by: Pauls Barkans <paulsb@gmail.com>
2019-02-09 00:58:31 -05:00
Richard Mahn
ba91214633 Feature - #3031 - search for org repos (#5986) 2019-02-08 11:45:43 -05:00
Thomas Loubiou
7fb09f035a Fix #5799 - swagger for mergePullRequest (#5996) 2019-02-08 08:08:38 +00:00
Lunny Xiao
01bbf5ea69 Add API to list tags (#5850)
* Add API to list tags

* update dependency gitea sdk vendor

* fix swagger generation

* fix swagger

* add tests

* update code.gitea.io/git vendor
2019-02-07 12:00:52 +00:00
Lunny Xiao
06a1739553 fix bug when deleting a linked account will removed all (#5989) 2019-02-07 01:51:23 -05:00
Lanre Adelowo
9dfdf80af0 Expose issue stopwatch toggling via API (#5970) 2019-02-06 21:57:25 -05:00
Richard Mahn
da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
zeripath
f286a5abb4 Allow Macaron to be set to log through to gitea.log (#5667)
* Allow Macaron to be set to log through gitea.log

Fix #4291
2019-02-05 22:06:41 -05:00
Gabriel Silva Simões
3b7f41f9f7 Fix serving of raw wiki files other than .md (#5814)
* Fix serving of raw wiki files other than .md

Closes #4690.
Closes #4395.

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Simplify code at routers/repo/wiki.go

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add more files to user2/repo1.wiki for testing

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Update macaron to v1.3.2

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add tests for WikiRaw

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Fix NewResponseWriter usage due to macaron update

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>

* Add raw to reserved wiki names

Signed-off-by: Gabriel Silva Simões <simoes.sgabriel@gmail.com>
2019-02-05 20:58:55 -05:00
Lunny Xiao
bf4badad1d Pull request conflict files detection (#5951)
* add conflict detection

* test pull request conflict files

* fix detection files number

* fix comments
2019-02-05 06:54:49 -05:00
Lanre Adelowo
5390791224 Automatically clear stopwatch on merging a PR (#4327)
* Don't display buttons if there are no notices

* clear stopwatch on merging a PR

* remove redundant gt check

* use ctx.Flash as per @bkcsoft comment

* stop timer on closing issues/PRs too

* updated translation as per review

* redirect to login page after successfully activating account

* remove unrelated changes

* stop timer for issues that are closed via commits too..Not just the 'close' UI button
2019-02-05 13:38:11 +02:00
Lanre Adelowo
024871ade6 Add label names as filter in issue search api (#5946) 2019-02-04 10:20:44 -05:00
zeripath
24a36e84cc Issue 5924 fix compare button (#5929)
* Revert #5877

This unfortunately was not the solution.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Change permission check to create pull requests to CanReadIssuesOrPulls

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-03 19:56:18 -05:00
zeripath
01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
Lunny Xiao
ecefa9e724 Add single commit API support (#5843)
* add single commit API support
2019-02-02 22:35:17 -05:00
techknowlogick
3a7306945c
Disable redirect for i18n (#5910) 2019-01-31 09:38:20 -05:00
zeripath
ca00ca8ee4 Provide better panic handling (#5902)
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:00:00 -05:00
Lanre Adelowo
57a69ef277 don't allow pull requests to be created on an archived repository (#5883)
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived

* Refuse creating an issue/PR via API calls too
2019-01-30 12:20:40 -05:00
Lanre Adelowo
7933a950d0 respect value of REQUIRE_SIGNIN_VIEW (#5901) 2019-01-30 11:45:48 -05:00
Lauris BH
fada6968a8 Fix new release creation API to allow empty target (#5870)
* Fix new release creation API to allow empty target

* Add more test cases

* Update swagger
2019-01-30 11:33:00 -05:00
Lanre Adelowo
8b5f6ced22 if repo does not exist, show a 404 not a 500 (#5900) 2019-01-30 11:13:39 -05:00
kekero
3568d426fe New Issue ?body= query (#5851)
* New Issue ?body= query

* Override issue template with body query

* Add documentation for issue body query
2019-01-28 10:23:59 -05:00
zeripath
bf47f70c3b
API: Fix null pointer in attempt to Sudo if not logged in (#5872)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-28 14:13:59 +00:00
yasuokav
8510ac2687 Fix MinInterval (#5856)
Fixes #5847
2019-01-26 08:26:23 +00:00
Lunny Xiao
6b0c2e9e35 update swagger for release API pagination (#5841) 2019-01-25 09:10:50 +02:00
Lunny Xiao
892bfd0b19 improve the releases api paging (#5831)
* improve the releases api paging

* add max limit on API paging
2019-01-24 20:59:27 +02:00
kolaente
9a137faaaf Added docs for the tree api (#5834)
* Added docs for the tree api

* Added missing response definition

* Fixed swagger docs
2019-01-24 13:13:30 -05:00
Lauris BH
cd83c2ca05
Fix topics saving internal error and disable for archived repos (#5821) 2019-01-24 12:22:27 +02:00
Shashvat Kedia
1b90692844 New API routes added (#5594)
* New API routes added

* Comments added

* Build fix

* swagger_v1_json.tmpl without new line character

* Typo fix

* Code review changes

* Code review changes

* Add copyright

* Add copyright

* Add copyright

* Update per @lafriks feedback

* Update org.go

* Update user.go

* Update user.go

* make fmt
2019-01-23 17:30:19 -05:00
kolaente
0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
zeripath
7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lauris BH
075649572d Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
Lanre Adelowo
e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Paul Brackin
f631702299 Ensure error is logged on db reconnection attempts (#5780)
Unfortunately a scoping problem was missed on the previous PR which meant that the only nil error was logged on failure to connect to the db. This pr fixes this.
2019-01-20 09:30:37 +00:00
Paul Brackin
1bb22b2b47 Make db connect more robust (#5738) 2019-01-19 16:17:08 -05:00
zeripath
07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao
82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Harshit Bansal
5ac6da3c41 api: Add missing GET teams endpoints (#5382)
* api: Add an endpoint to list a particular member of team.

* models: Rename `GetUserTeams()` to `GetUserOrgTeams()` in `org_team` model.

`GetUserTeams()` sounds a bit misnomer since it actually returns
the teams that user belongs to in a given organization rather than
all the teams across all the organization that the user has joined.

* models: Add `GetUserTeams()`.

Returns all the teams that a user belongs to.

* api: Add an endpoint for GET '/user/teams'.

A GET request to this endpoint lists all the teams that a user
belongs to.
2019-01-16 19:39:50 -05:00
Elijah Oyekunle
734834a676 Add Default Pull Request Title (#5735)
* add default PR title
Set default PR title to commit summary if there's a single commit on the head branch, else set it to the head branch name

* set default PR description
If there's a single commit on the head branch, and it's multiline, then set it as the default PR description
2019-01-16 22:50:11 +01:00
silverwind
44759fd66c Add proper CORS preflight origin validation (#5740) 2019-01-15 23:16:45 -05:00
Lunny Xiao
270fa6d63b Support CORS headers to git smart http protocol (#5719) 2019-01-14 16:05:27 -05:00
Khaled Hamed
bd75965296 Prioritize "readme.md" (#5691)
* prioritize readme.md

* Improve IsReadmeFile

* Add more tests
2019-01-14 14:15:06 -05:00
zeripath
2b36bdd490 Do not display the raw OpenID error in the UI (#5705)
* Do not display the raw OpenID error in the UI

If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.

Fix #4973

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update auth_openid.go

Place error log within the `err != nil` branch.
2019-01-12 14:24:47 -05:00
Lanre Adelowo
8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
gdeverlant
d3dc07f282 Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
Julian
97dafdc057 fix commit page showing status for current default branch (#5650)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2019-01-06 16:32:00 +02:00
zeripath
fd1e8563f8 SECURITY: protect DeleteFilePost et al with cleanUploadFileName (#5631)
This commit wraps more of the TreePaths with cleanUploadFileName

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-04 11:08:26 -05:00
Harshit Bansal
8764f1512d branch: Trigger update when deleting branch via UI. (#5617)
Fixes: #5309.
2019-01-02 20:56:58 +08:00
Rodrigo Villablanca Vásquez
4c52858c39 Issue is not overdue when it is on the same date #5566 (#5568)
* Due date time of issues and milestones is set to 23:59:59

* Add docs

* make gen swagger

* fix swagger gen
2019-01-01 18:56:47 +01:00
Shashvat Kedia
6e20b504b1 Delete organization endpoint added (#5601)
* Delete organization endpoint added

* Parameters added in comment

* Typo fix

* Newline character removed
2018-12-27 16:36:58 +01:00
Julian
4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Shashvat Kedia
ba2c02b75d Fix route in swagger (#5598) 2018-12-26 21:13:49 +02:00
Lunny Xiao
4a02a783c4 fix bug on upload file name (#5571) 2018-12-20 21:32:11 -05:00
Lunny Xiao
7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
zeripath
2a660a1de1 Support reverse proxy providing email (#5554)
This PR implements #2347
2018-12-18 12:05:48 -05:00
Lunny Xiao
b3b7598ec6 Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
Lunny Xiao
b1f3685015 fix approvals limitation (#5521) 2018-12-11 18:49:33 -05:00
Lunny Xiao
58c4559d3b fix permission check on api create org (#5523) 2018-12-11 14:33:24 -05:00
Lunny Xiao
ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Lunny Xiao
ccea91652f fix adding reaction fail for read permission (#5515) 2018-12-11 13:12:06 -05:00
Jonas Franz
9681c83734 Approvals at Branch Protection (#5350)
* Add branch protection for approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add required approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing comments and fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add type = approval and group by reviewer_id to review

* Prevent users from adding negative review limits

* Add migration for approval whitelists

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-11 19:28:37 +08:00
Lunny Xiao
928417ae39 Fix empty wiki (#5504)
* fix wiki page when wiki path is exist but empty

* improve the error check
2018-12-09 17:45:44 -05:00
Lunny Xiao
7c0c965532 Improve team members and repositories settings UI (#5457)
* improve team members and repositories settings UI

* use tab on team pages

* add default description on team members and repos

* add blank on numbers and texts

* improve translation
2018-12-09 08:42:11 +02:00
Lunny Xiao
da5a0b8382
add tests for api user orgs (#5494)
* add tests for api user orgs

* add permission for admin to list user's orgs even he is a private user of org
2018-12-09 10:19:50 +08:00
Lanre Adelowo
9441bfaccc admin should be able to delete repos even if he is not a member of the organization (#5443) 2018-12-02 11:08:33 -05:00
Lucien Kerl
552014a068 Removing Labels via EditPullRequest API (#5348)
* added the ability to provide an empty array at the EditPullRequests API to remove all labels

Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>

* Update pull.go
2018-12-01 01:05:57 -05:00
Lanre Adelowo
0787056e07 Allow to add organization members as collaborators on organization owned repositories (#4748)
repository... Fixes #4507
2018-11-30 10:49:55 +02:00
Lunny Xiao
2dc805c0c6
Milestone issues and pull requests (#5293)
* add milestone issues and pulls page instead of redirecting issues page

* add milestone when creating issue from milestone page

* refactor to merge similiar codes as a new function issues

* remove milestone info on milestone issues list

* fix missing params
2018-11-29 09:46:30 +08:00
Kasi Reddy
d5d847e5c4 Git-Trees API (#5403)
* Git-Trees API

* update vendor'd libs

* added comments to exported function and formatted.

* make fmt

* update per @lafirks feedback
2018-11-28 16:17:09 -05:00
Lunny Xiao
eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Lauris BH
08bf443016 Implement git refs API for listing references (branches, tags and other) (#5354)
* Inital routes to git refs api

* Git refs API implementation

* Update swagger

* Fix copyright

* Make swagger happy add basic test

* Fix test

* Fix test again :)
2018-11-27 16:52:20 -05:00
SohnyBohny
294904321c Create Progressive Web App (#4730)
* Create manifest and serviceworker

* Create templates and add AppSubUrl

* Add JSRenderer

* fix ctx type

* Add JSRenderer to static.go

* Complete adding {{AppSubUrl}}

* Add more fonts to urlsToCache

* Add 512px and 192px icons

* Hardcode font MD5

* Default theme doesn't have a specific CSS file
2018-11-27 10:18:26 -05:00
Lanre Adelowo
5e022a98e6 show only opened milestones on issues page milestone filter (#5051)
* show only opened milestones on issues page milestone filter

* update Godoc

* update Godoc everywhere

* update swagger

* use false instead of 0

* Add seccond ordering by ID for milestones where no deadline is set
2018-11-26 16:45:42 +08:00
Daniel Balko
3379141d81 API: '/orgs/:org/repos': return private repos with read access (#5310) (#3829) (#5383)
Signed-off-by: Daniel Balko <inxonic+github@gmail.com>
2018-11-23 16:23:27 -05:00
kolaente
0dcf31ae49 Show review summary in pull requests (#5132) 2018-11-22 15:17:36 +02:00
Lunny Xiao
8ef177f8c5 add api for user to create org (#5268)
* add api for user to create org

* remove unused blank line on the swagger file end

* fix create and add test

* fix tests

* fix routes of create org API

* fix bug

* add copyright heads
2018-11-20 12:31:30 -05:00
Peter Hoffmann
e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Lucien Kerl
89eea64e10 added the ability to set labels on the "edit pull request" api (#5347)
Signed-off-by: Lucien Kerl <lucien.kerl@wuerth-it.com>
2018-11-16 12:12:44 +01:00
Lanre Adelowo
b97af15de6 Block registration based on email domain (#5157)
* implement email domain whitelist
2018-11-14 20:00:04 -05:00
Lunny Xiao
b3000ae623 Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
Jonas Bröms
599adde1bc Add option to disable automatic mirror syncing. (#5242)
Setting the interval to 0 will disable to automatic syncing.
2018-11-08 18:58:02 -05:00
Stanislav
078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
zeripath
7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath
00533d3870 Keys API changes (#4960)
* Add private information to the deploy keys api

This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add private information to the user keys API

This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ability to search keys by fingerprint

This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add integration test
2018-10-31 23:40:49 -04:00
zeripath
a3e084716e Add AutoHead functionality. (#5186)
Fixes #5153
2018-10-30 11:08:49 -04:00
Antoine GIRARD
617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Jonas Bröms
db30d6d791 Serve audio files using HTML5 audio tag (#5221)
* Serve audio files using HTML5 audio tag

* Correct copy paste error
2018-10-30 10:17:26 +08:00
AJ ONeal
b8451190d8 UX of link account (Step 1) (#5006)
* Show either sign up OR sign in

* disambiguate fresh start from adding recovery options

* use tabs to switch between account link flows

* add active to tab body as well

* changes as per discussion

* handle specific error; fix missing err typo
2018-10-28 18:46:16 -04:00
Rodrigo Villablanca Vásquez
48badd59e9 Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* Fix to 3819

* Changes suggested

* Empty line removed

* Fix error: non-name opts.Labels on left side of :=
2018-10-28 07:55:01 +01:00
kolaente
6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
Jonas Franz
f38fce916e Add comment replies (#5104)
* Add comment replies

* Replace reviewID with review.ID
2018-10-22 16:13:35 -04:00
zeripath
43f9233914 Fix Swagger JSON autogeneration issues. (#4845)
* Fix Swagger JSON.

Remove unnecessary schema references for the forbidden and empty responses

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix swagger API for CreateAccessToken

* Fix admin create org swagger

* Fix swagger for adminCreateRepo

* More swagger fixes

Set int64 format for those which are int64
Some more form fixes

* Fix swagger description of GET /repos/{owner}/{repo}/pulls
2018-10-20 23:40:42 -04:00
Oleg Kovalov
5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Julien Tant
dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Lunny Xiao
ea619b39b2
Add notification interface and refactor UI notifications (#5085)
* add notification interface and refactor UI notifications

* add missing methods on notification interface and notifiy only issue status really changed

* implement NotifyPullRequestReview for ui notification
2018-10-18 19:23:05 +08:00
zeripath
dd62ca7ba9 Add support for search by uid (#4876)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2018-10-18 16:44:51 +08:00
Lauris BH
ab5b245182 Disable debug routes unless PPROF is enabled in configuration (#4995) 2018-09-29 18:44:06 -04:00
Lauris BH
81702e6ec9 Detect charset and convert non UTF-8 files for display (#4950)
* Detect charset and convert non UTF-8 files for display

* Refactor and move function to correct module

* Revert unrelated changes

* More unrelated changes

* Duplicate content for small text to have better encoding detection

* Check if original content is valid before duplicating it
2018-09-29 16:33:54 +08:00
zeripath
36e7cb9755 Update Swagger API to match the return of /users/search (#4847)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2018-09-21 16:56:26 +08:00
Lauris BH
4befec242a
Code review UI improvements and bugfixes (#4682)
* Code review UI improvements

* More fixes to dark theme

* Style fix

* Fix to allow add code review comments only on review files tab

* More readability dark style fixes

* Fix commenting on deleted files. Fixes #4752

* Fix line blame getting for multiple corner cases
2018-09-17 17:59:49 +03:00
Lanre Adelowo
acb6f8a518 make sure to catch the right error so it is displayed as an error on the ui not a 500 (#4945) 2018-09-16 18:27:43 +03:00
Lanre Adelowo
2a6d3ba058 Allow admin toggle forcing a password change for newly created users (#4563) 2018-09-13 12:34:36 -04:00
Lanre Adelowo
126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
Bo-Yi Wu
ea20adaa84
feat(repo): support search repository by topic name (#4505)
* feat(repo): support search repository by topic name
2018-09-13 10:33:48 +08:00
techknowlogick
f1ad4bb3d5
Remove traces of embedded TiDB (#4906)
Fix #3357
2018-09-11 10:42:40 -04:00
Lanre Adelowo
8ee9922fe6 Add file name and branch to page title (#4902) 2018-09-10 13:01:49 -04:00
B-OnTheGo
e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
Bobonium
387a4b09c1 allow api to create tags for releases (#4890) 2018-09-10 10:57:41 -04:00
Lanre Adelowo
be48397945 Slack webhook channel name cannot be empty or just contain an hashtag (#4786) 2018-09-10 10:31:08 -04:00
Lewis Cowles
c43399cad8 Fixes repo branch endpoint summary (#4893)
in browser saw `/repos/{owner}/{repo}/branches/{branch} List a repository's branches` fixed

Addresses https://github.com/go-gitea/debian-packaging/pull/1

Fixes https://github.com/go-gitea/gitea#4892
2018-09-09 11:36:08 +08:00
zeripath
d293a2b9d6 Add sudo functionality to the API (#4809) 2018-09-06 23:31:29 -04:00
Lunny Xiao
e48df3ee47 issues api allow pulls and fix #4832 (#4852) 2018-09-03 13:20:54 -04:00
Najib Idrissi
b9ae16d15e Make reverse proxy auth optional (#4643)
* Make reverse proxy auth optional

If the option ENABLE_REVERSE_PROXY_AUTHENTICATION is enabled, make
reverse proxy auth optional, instead of failing if the authentication
did not succeed.

Fixes #3973

Signed-off-by: Najib Idrissi <najib.idrissi.kaitouni@gmail.com>

* Update http.go
2018-08-29 10:39:16 -04:00
EnricoFerro
912953e82a API /admin/users/{username} missing parameter (#4775) 2018-08-23 19:59:47 -04:00
Lanre Adelowo
6ca8fbd2f9 Fixed bug where team with admin privelege type doesn't get any unit attached to the team (#4719) 2018-08-21 13:02:32 -04:00
Lanre Adelowo
6c1a31ffaa User shouldn't be able to approve or reject his/her own PR (#4729)
* Make sure author cannot reject/approve their own PR

* Disable buttons in templates too

* Remove unneccessary if check since the switch below catches it

* Fix IsOwner check

* Update template and remove new template variable

* Add alert template and redirect to diff page on review failure

* Redirect to files diff as a little update to #4632
2018-08-20 07:04:01 +02:00
Lanre Adelowo
a6cdda115d Display error when adding a user to a team twice (#4746) 2018-08-19 21:49:19 +03:00
Lauris BH
92466129ec
Improve URL validation for external wiki and external issues (#4710)
* Improve URL validation for external wiki  and external issues

* Do not allow also localhost address for external URLs
2018-08-15 09:29:37 +03:00
SagePtr
0449330dbc Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) 2018-08-14 23:16:37 +03:00
nemoinho
ca112f0a04 Add whitespace handling to PR-comparsion (#4683)
* Add whitespace handling to PR-comparsion

In a PR we have to keep an eye on a lot of different things. But sometimes the
bare code is the key-thing we want to care about and just don't want to care
about fixed indention on some places. Especially if we follow the pathfinder
rule we face a lot of these situations because these changes don't break the
code in many languages but improve the readability a lot.

So this change introduce a fine graned button to adjust the way how the
reviewer want to see whitespace-changes within the code.

The possibilities reflect the possibilities from git itself except of the
`--ignore-blank-lines` flag because that one is also handled by `-b` and is
really rare.

Signed-off-by: Felix Nehrke <felix@nehrke.info>
2018-08-14 13:49:33 -04:00
Julien Tant
7781e8cef2 Disable merging a WIP Pull request (#4529)
* prevent pull request to be merged when PR is a WIP

* add tests

* add helper to prepend WIP: in PR title

* move default wip prefixes into settings

* use configurable WIP prefixes in javascript and default to first one in templates

* add documentation

* add unit test on pull model

Signed-off-by: Julien Tant <julien@craftyx.fr>
2018-08-13 22:04:39 +03:00
techknowlogick
ce7c64c7e1
Use updated docs link on install page (#4668)
Fix #4665
2018-08-11 21:05:52 -04:00