* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen
Fix#3985
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Pass up the unable to verify
* Add Matrix webhook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add template and related translations for Matrix hook
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add actual webhook routes and form
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Add missing file
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Update modules/webhook/matrix_test.go
* Use stricter regex to replace URLs
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Escape url and text
Signed-off-by: Till Faelligen <tfaelligen@gmail.com>
* Remove unnecessary whitespace
* Fix copy and paste mistake
Co-Authored-By: Tulir Asokan <tulir@maunium.net>
* Fix indention inconsistency
* Use Authorization header instead of url parameter
* Add raw commit information to webhook
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Tulir Asokan <tulir@maunium.net>
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs
Fix#10460
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
speed up page generation by making avatar lookup occur at the browser
not at page generation
* Protect against evil email address ".."
* hash the complete email address
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-Authored-By: Lauris BH <lauris@nix.lv>
* Option to set default branch at repository creation
* Handle template repos with non-default master branch
* Add DefaultBranch handling on creation to API
Fix#9542
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Create system webhook column (and migration)
* Create system webhook DB methods
Based on the default webhook ones
* Modify router to handle system webhooks and default ones
* Remove old unused admin nav template
* Adjust orgRepoCtx to differentiate system and default webhook URLs
* Assign IsSystemWebhook when creating webhooks
* Correctly use booleans for IsSystemWebhook
* Use system webhooks when preparing webhooks for payload
* Add UI and locale changes
* Use router params to differentiate admin hook pages
* Fix deleting admin webhooks and rename method
* Add clarity to webhook docs
* Revert "Remove old unused admin nav template"
This reverts commit 191a20a738.
* Rename WebHooksNewPost to GiteaHooksNewPost for clarity
* Reintroduce blank line lost during merge conflict
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Display pull request head branch even the branch deleted or repository deleted
* Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available
* retrieve sha from pull head when pull request branch deleted and fix tests
* Fix test
* Ensure MustHeadRepoName returns empty string if no head repo
Co-authored-by: zeripath <art27@cantab.net>
* adding search capability to user's issues dashboard
* global issue search
* placement of search bar on issues dashboard
* fixed some bugs in the issue dashboard search
* added unit test because IssueIDs option was added to UserIssueStatsOptions
* some renaming of fields in the issue dashboard code to be more clear; also trying to fix issue of searching the right repos based on the filter
* added unit test fro GetRepoIDsForIssuesOptions; fixed search lost on pagination; using shown issue status for open/close count; removed some debugging
* fix issue with all count showing incorrectly
* removed todo comment left in by mistake
* typo pulling wrong count
* fxied all count being off when selecting repositories
* setting the opts.IsClosed after pulling repos to search, this is done so that the list of repo ids to serach for the keyword is not limited, we need to get all the issue ids for the shown issue stats
* added "accessibleRepositoryCondition" check on the query to pull the repo ids to search for issues, this is an added protection to ensure we don't search repos the user does not have access to
* added code so that in the issues search, we won't use an in clause of issues ids that goes over 1000
* fixed unit test
* using 950 as the limit for issue search, removed unneeded group by in GetRepoIDsForIssuesOptions, showing search on pulls dashboard page too (not just issues)
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* add API endpoint to create OAuth2 Application.
* move endpoint to /user. Add swagger documentations and proper response type.
* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.
* change response status to Created (201)
* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.
* add APIFormat convert method and file header
* fixed header
* hide secret on oauth2 application list
* add Created time to API response
* add API integration tests for create/list/delete OAuth2 applications.
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Show Signer in commit lists and add basic trust
Show the avatar of the signer in the commit list pages as we do not
enforce that the signer is an author or committer. This makes it
clearer who has signed the commit.
Also display commits signed by non-members differently from
members and in particular make it clear when a non-member signer
is different from the committer to help reduce the risk of
spoofing.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* ensure orange text and background is available
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update gpg_key.go
* Update models/gpg_key.go
* Apply suggestions from code review
* Require team collaborators to have access to UnitTypeCode
* as per @6543
* fix position of sha as per @silverwind
* as per @guillep2k
* refactor
* optimize
* remove Iretating function
LoadWatchUsers do not load Users into IW object and it is used only in api ... so move this logic
* remove unessesary
* Apply suggestions from code review
Thx
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* make Tests more robust
* fix rebase
* restart CI
* CI no dont hit sqlites deadlock
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add fixture gen tool and fix "access" test
* Close file before exiting
* Add missing repo_unit for repo id: 5
* Fix count on TestAPIOrgRepos
* Generate access fixture from contrib and add test
* Remove old access fixture generation
* Fix lint
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add fixture gen tool and fix "access" test
* Close file before exiting
* Add missing repo_unit for repo id: 5
* Fix count on TestAPIOrgRepos
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* add API branch protection endpoint
* lint
* Change to use team names instead of ids.
* Status codes.
* fix
* Fix
* Add new branch protection options (BlockOnRejectedReviews, DismissStaleApprovals, RequireSignedCommits)
* Do xorm query directly
* fix xorm GetUserNamesByIDs
* Add some tests
* Improved GetTeamNamesByID
* http status created for CreateBranchProtection
* Correct status code in integration test
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Implementation for calculating language statistics
Impement saving code language statistics to database
Implement rendering langauge stats
Add primary laguage to show in repository list
Implement repository stats indexer queue
Add indexer test
Refactor to use queue module
* Do not timeout for queues
* Only check for merging if the PR has not been merged in the interim
* fixup! Only check for merging if the PR has not been merged in the interim
* Try to fix test failure
* Use PR2 not PR1 in tests as PR1 merges automatically
* return already merged error
* enforce locking
* enforce locking - fix-test
* enforce locking - fix-testx2
* enforce locking - fix-testx3
* move pullrequest checking to after merge
This might improve the chance that the race does not affect us but does not prevent it.
* Remove minor race with getting merge commit id
* fixup
* move check pr after merge
* Remove unnecessary prepareTestEnv - onGiteaRun does this for us
* Add information about when merging occuring
* fix fmt
* More logging
* Attempt to fix mysql
* Try MySQL fix again
* try again
* Try again?!
* Try again?!
* Sigh
* remove the count - perhaps that will help
* next remove the update id
* next remove the update id - make it updated_unix instead
* On failure to merge ensure that the pr is rechecked for conflict errors
* On failure to merge ensure that the pr is rechecked for conflict errors
* Update models/pull.go
* Update models/pull.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* add check to DeleteUser
* add check to DeleteOrganization
* add Test
* remove redundancy (deleteOrg is only used in DeleteOrganization)
* Update models/org.go
Co-authored-by: zeripath <art27@cantab.net>
* Always limit results by what is accessible to the user
* Change signature of AccessibleRepoIDsQuery
* Ensure that user with ID <= 0 is handled
* Update models/repo_list.go
* Repo name added to automatically generated commit message when merging pull request
* As per @lunny
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
* fix pull view when head repository or head branch missed and close related pull requests when delete branch
* fix pull view broken when head repository deleted
* close pull requests when head repositories deleted
* Add tests for broken pull request head repository or branch
* fix typo
* ignore special error when close pull request
Co-authored-by: Lauris BH <lauris@nix.lv>
* fix typo
* Migrate reviews when migrating repository from github
* fix lint
* Added test and migration when external user login
* fix test
* fix commented state
* Some improvements
* fix bug when get pull request and ref original author on code comments
* Fix migrated line; Added comment for review
* Don't load all pull requests attributes
* Fix typo
* wrong change copy head
* fix tests
* fix reactions
* Fix test
* fix fmt
* fix review comment reactions
* Fix wrong hint when status checking is running on pull request view
* fix lint
* fix test
* fix test
* fix wrong tmpl
* fix import
* rename function name
* fixed link to issue in issue comments after adding/removing a dependency, before links assumed the issue was in the same repository. also changed the format of the displayed issue since the issue will not necessarily be in the same repo
* based on pr comments, changed to use HTMLURL instead of piecing together the issue url, and added an if statement around the issue link display as a nil protection
* only showing repo name in dependency comment if the issue is from another repo
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* Add support for database schema
* Require setting search_path for the db user
* Add schema setting to admin/config.tmpl
* Use a schema different from default for psql tests
* Update postgres scripts to use custom schema
* Update to xorm/core 0.7.3 and xorm/xorm c37aff9b3a
* Fix migration test
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add possibility to global disable repo units.
* Add Default Repo Unit app.ini setting.
* Hide units
* Hide disabled repo units
* Minor fixes
* Indicate disabled units in team settings.
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
* Add require signed commit for protected branch
* Fix fmt
* Make editor show if they will be signed
* bugfix
* Add basic merge check and better information for CRUD
* linting comment
* Add descriptors to merge signing
* Slight refactor
* Slight improvement to appearances
* Handle Merge API
* manage CRUD API
* Move error to error.go
* Remove fix to delete.go
* prep for merge
* need to tolerate \r\n in message
* check protected branch before trying to load it
* Apply suggestions from code review
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* fix commit-reader
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* introduce GET /notifications/new
* add TEST
* use Sprintf instead of path.Join
* Error more verbose
* return number of notifications if unreaded exist
* 200 http status for available notifications
* Restricted users (#4334): initial implementation
* Add User.IsRestricted & UI to edit it
* Pass user object instead of user id to places where IsRestricted flag matters
* Restricted users: maintain access rows for all referenced repos (incl public)
* Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses
* Add basic repo access tests for restricted users
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Mention restricted users in the faq
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg`
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Remove unnecessary `org.IsOrganization()` call
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* Revert to an `int64` keyed `accessMap`
* Add type `userAccess`
* Add convenience func updateUserAccess()
* Turn accessMap into a `map[int64]userAccess`
Signed-off-by: Manush Dodunekov <manush@stendahls.se>
* or even better: `map[int64]*userAccess`
* updateUserAccess(): use tighter syntax as suggested by lafriks
* even tighter
* Avoid extra loop
* Don't disclose limited orgs to unauthenticated users
* Don't assume block only applies to orgs
* Use an array of `VisibleType` for filtering
* fix yet another thinko
* Ok - no need for u
* Revert "Ok - no need for u"
This reverts commit 5c3e886aab.
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
* add "before" query to ListIssueComments and ListRepoIssueComments
* Add TEST
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
* introduce `GET /orgs`
* add TEST
* show also other VisibleType's
* update description
* refactor a lot
* SearchUserOptions by default return only public