Commit Graph

2046 Commits (722a7c902dd39bd3d4328345ca969220640774d7)

Author SHA1 Message Date
Lanre Adelowo de6539fc8c Add state param to milestone listing API (#7131)
* Support state params

* update tests

* fix tests

* add state=all support

* update tests

* update swagger

* update swagger
2019-06-06 08:37:45 +08:00
Rob Watson 8bf405986e Add Rust highlighting (#7125) 2019-06-04 17:01:47 -04:00
mrsdizzie 2ac2a5b0ba Refactor submodule URL parsing (#7100)
Use combination of url.Parse and regex to parse refURL rather than by
hand with indexes & attempt to check if refURL is from same instance and
adjust output to match.

Also now return empty string instead of our original
guess at URL if we are unable to parse it.

Fixes #1526
2019-06-03 23:11:19 +08:00
Lunny Xiao 83b90e4199 Use vfsgen instead of go-bindata (#7080)
* use vfsgen instead of go-bindata

* fix templates

* fix fmt

* vendor vsfgen
2019-06-03 00:43:47 +03:00
Mario Lubenka 8eba27c792 Repository avatar fallback configuration (#7087)
* Only show repository avatar in list when one was selected

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds fallback configuration option for repository avatar

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Implements repository avatar fallback

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds admin task for deleting generated repository avatars

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Solve linting issues

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Save avatar before updating database

* Linting

* Update models/repo.go

Co-Authored-By: zeripath <art27@cantab.net>
2019-06-02 14:40:12 +08:00
zeripath 356854fc5f Move serv hook functionality & drop GitLogger (#6993)
* Move hook functionality internally

* Internalise serv logic

* Remove old internal paths

* finally remove the gitlogger

* Disallow push on archived repositories

* fix lint error

* Update modules/private/key.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Update routers/private/hook.go

* Updated routers/private/serv.go

* Fix LFS Locks over SSH

* rev-list needs to be run by the hook process

* fixup

* Improve git test

* Ensure that the lfs files are created with a different prefix

* Reduce the replication in git_test.go

* slight refactor

* Remove unnecessary "/"

* Restore ensureAnonymousClone

* Restore ensureAnonymousClone

* Run rev-list on server side

* Try passing in the alternative directories instead

* Mark test as skipped

* Improve git test

* Ensure that the lfs files are created with a different prefix
* Reduce the replication in git_test.go
* Remove unnecessary "/"
2019-06-01 23:00:21 +08:00
mrsdizzie de6ef14d04 Validate External Tracker URL Format (#7089)
* Validate External Tracker URL Format

Add some validation checks for external tracker URL format.

Fixes #7068

* Don't make {index} a hard requirement

* Fix Description

* make fmt

* move regex to package level

* fix copyright date
2019-05-31 10:21:15 +01:00
Robert A. Nowak 592924a34b Fix Erlang and Elixir highlight mappings (#7044) 2019-05-30 17:23:16 -04:00
Lunny Xiao 7d12ec2abd improve github downloader on migrations (#7049)
* improve github downloader on migrations

* fix tests

* fix  uppercase function parameters
2019-05-30 16:26:57 -04:00
Richard Mahn 43cf2f3b55 Fixes #7023 - API Org Visibility (#7028) 2019-05-30 13:57:55 -04:00
Richard Mahn 1831b3b571 Fixes #5960 - Adds API Endpoint for Repo Edit (#7006)
* Feature - #5960 - API Endpoint for Repo Editing

* Revert from merge

* Adds integration testing

* Updates to integration tests

* Revert changes

* Update year in file header

* Misspell fix

* XORM = test

* XORM = test

* revert XORM = file

* Makes RepoUnit.ID be pk and autoincr

* Fix to units

* revert header

* Remove print statement

* Adds other responses

* Improves swagger for creating repo

* Fixes import order

* Better Unit Type does not exist error

* Adds editable repo properties to the response repo structure

* Fix to api_repo_edit_test.go

* Fixes repo test

* Changes per review

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Fixes typo and standardizes comments in the EditRepoOption struct for swagger

* Actually can unarchive through the API

* Unlike delete, user doesn't have to be the owner of the org, just admin to the repo

* Fix to swagger comments for field name change

* Update to swagger docs

* Update swagger

* Changes allow_pull_requests to has_pull_requests
2019-05-30 11:09:05 -04:00
Sergey Dryabzhinsky 3fd18838aa Repository avatars (#6986)
* Repository avatars

- first variant of code from old work for gogs
- add migration 87
- add new option in app.ini
- add en-US locale string
- add new class in repository.less

* Add changed index.css, remove unused template name

* Update en-us doc about configuration options

* Add comments to new functions, add new option to docker app.ini

* Add comment for lint

* Remove variable, not needed

* Fix formatting

* Update swagger api template

* Check if avatar exists

* Fix avatar link/path checks

* Typo

* TEXT column can't have a default value

* Fixes:

- remove old avatar file on upload
- use ID in name of avatar file - users may upload same files
- add simple tests

* Fix fmt check

* Generate PNG instead of "static" GIF

* More informative comment

* Fix error message

* Update avatar upload checks:

- add file size check
- add new option
- update config docs
- add new string to en-us locale

* Fixes:

- use FileHEader field for check file size
- add new test - upload big image

* Fix formatting

* Update comments

* Update log message

* Removed wrong style - not needed

* Use Sync2 to migrate

* Update repos list view

- bigger avatar
- fix html blocks alignment

* A little adjust avatar size

* Use small icons for explore/repo list

* Use new cool avatar preparation func by @lafriks

* Missing changes for new function

* Remove unused import, move imports

* Missed new option definition in app.ini

Add file size check in user/profile avatar upload

* Use smaller field length for Avatar

* Use session to update repo DB data, update DeleteAvatar - use session too

* Fix err variable definition

* As suggested @lafriks - return as soon as possible, code readability
2019-05-29 22:22:26 -04:00
Bo-Yi Wu 743697a549
refactor: append, build variable and type switch (#4940)
* refactor: append, build variable and type switch

* fix: remove redundant space.
2019-05-28 23:45:54 +08:00
zeripath 31557b1274
Fix LFS Locks over SSH (#6999)
* Fix LFS Locks over SSH
* Mark test as skipped
2019-05-28 11:32:41 +01:00
zeripath 69d81b6569
Handle insecure and ports in go get (#7041)
* Handle insecure and ports in go get

* Fix IsExternalURL for non-standard ports
2019-05-27 22:08:38 +01:00
Lunny Xiao 063fa99159
when git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047) 2019-05-26 17:50:06 +08:00
Rob Watson daaae2aad5 migrations: ensure rollback on error (#7039) (#7040) 2019-05-25 22:18:27 +01:00
Lunny Xiao 355ab0c62c Fix wrong init dependency on markup extensions (#7038)
* fix wrong init dependency on markup extensions
2019-05-25 18:15:39 +01:00
Rob Watson df2557835b Improve handling of non-square avatars (#7025)
* Crop avatar before resizing (#1268)

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>

* Fix spelling error

Signed-off-by: Rob Watson <rfwatson@users.noreply.github.com>
2019-05-25 14:46:14 +03:00
Marat Radchenko 844f9a4bd8 Fix /verify LFS handler expecting wrong content-type (#7015)
Fixes #6960

According to [spec][1], /verify requests must have `Accept: application/vnd.git-lfs+json`

Previous code works because `git-lfs` also [violates spec and doesn't send any Accept header at all][2]
For other clients that DO set `Accept: application/vnd.git-lfs+json`, addition of `Accept: application/vnd.git-lfs`
either forces them to violate the spec or is ignored, depending on order in what they create header list.

[1]: https://github.com/git-lfs/git-lfs/blob/master/docs/api/basic-transfers.md#verification
[2]: https://github.com/git-lfs/git-lfs/issues/3662
2019-05-24 22:21:00 +01:00
Vladimir Panteleev a98e085031 Show git-notes (#6984)
* Show git-notes

* Make git-notes heading text localizable

* Refactor git-notes data fetching to a separate function

* Display the author and time of git notes

* Move note bubble inside the commit bubble

* Revert "Move note bubble inside the commit bubble"

This reverts commit c0951fe0e3b4dea38064515546b1825c1bcf19e1.

* Add test for git-notes

* testing ui

* Polish CSS

* Apply suggestions from code review

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-05-24 10:52:05 +03:00
Lunny Xiao d5a98a2969 Add support of utf8mb4 for mysql (#6992) 2019-05-24 00:15:26 -04:00
zeripath 0d69dfb4ca
Do not attempt to return blob on submodule (#6996) 2019-05-21 22:32:52 +01:00
Lunny Xiao 02542a2c15 fix missing repo description when migrating (#7000) 2019-05-20 15:43:43 +03:00
zeripath 775a5a5b0f
Stop colorizing files by default (#6949) 2019-05-15 22:37:06 +01:00
Lunny Xiao 710245e81e
Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
* refactor models.NewRepoContext to extract git related codes to modules/git

* fix imports

* refactor
2019-05-15 09:57:00 +08:00
zeripath e55c874dd2 Add work path CLI option (#6922)
Makes it possible to set the work path as a CLI option instead of
relying on environment variables which are somewhat opaque
2019-05-14 11:20:35 -04:00
Lunny Xiao 8b36f01f45 Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
* move xorm logger bridge from log to models so that log module could be a standalone package

* fix tests

* save logger on xorm log bridge
2019-05-14 10:04:07 +03:00
Lunny Xiao 6123840745 Remove macaron dependent on modules/log (#6933) 2019-05-13 22:55:52 -04:00
zeripath c0fc6cd9a8 rotate unusual logs and stop stacktracing (#6935) 2019-05-14 03:08:34 +03:00
Tamal Saha 34d06f4c6b Handle CORS requests (#6289) 2019-05-13 11:38:53 -04:00
zeripath ce8de35334 Remove local clones & make hooks run on merge/edit/upload (#6672)
* Add options to git.Clone to make it more capable

* Begin the process of removing the local copy and tidy up

* Remove Wiki LocalCopy Checkouts

* Remove the last LocalRepo helpers

* Remove WithTemporaryFile

* Enable push-hooks for these routes

* Ensure tests cope with hooks

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Repository.LocalCopyPath()

* Move temporary repo to use the standard temporary path

* Fix the tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove LocalWikiPath

* Fix missing remove

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Use AppURL for Oauth user link (#6894)

* Use AppURL for Oauth user link

Fix #6843

* Update oauth.go

* Update oauth.go

* internal/ssh: ignore env command totally (#6825)

* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889

* Escape the commit message on issues update and title in telegram hook (#6901)

* update sdk to latest (#6903)

* improve description of branch protection (fix #6886) (#6906)

The branch protection description text were not quite accurate.

* Fix logging documentation (#6904)

* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section

* [skip ci] Updated translations via Crowdin

* Move sdk structs to modules/structs (#6905)

* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 11:29:17 -04:00
Lunny Xiao 34eee25bd4
Move sdk structs to modules/structs (#6905)
* move sdk structs to moduels/structs

* fix tests

* fix fmt

* fix swagger

* fix vendor
2019-05-11 18:21:34 +08:00
zeripath e3166744fe
Fix logging documentation (#6904)
* ENABLE_MACARON_REDIRECT should be REDIRECT_MACARON_LOG

* Allow DISABLE_ROUTER_LOG to be set in the [log] section
2019-05-11 10:13:57 +01:00
Antoine GIRARD 10ff527fae internal/ssh: ignore env command totally (#6825)
* ssh: ignore env command totally

* Remove commented code 

Needed fix described in issue #6889
2019-05-09 18:41:43 -04:00
Wim 4508380cf7 Show full name if DefaultShowFullName setting activated (#6710)
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
2019-05-08 11:41:35 +03:00
Lunny Xiao 08069dc465
Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
* add migrations

* fix package dependency

* fix lints

* implements migrations except pull requests

* add releases

* migrating releases

* fix bug

* fix lint

* fix migrate releases

* fix tests

* add rollback

* pull request migtations

* fix import

* fix go module vendor

* add tests for upload to gitea

* more migrate options

* fix swagger-check

* fix misspell

* add options on migration UI

* fix log error

* improve UI options on migrating

* add support for username password when migrating from github

* fix tests

* remove comments and fix migrate limitation

* improve error handles

* migrate API will also support migrate milestones/labels/issues/pulls/releases

* fix tests and remove unused codes

* add DownloaderFactory and docs about how to create a new Downloader

* fix misspell

* fix migration docs

* Add hints about migrate options on migration page

* fix tests
2019-05-07 09:12:51 +08:00
Simon a2a006a5d5 Add GET requests to webhook (#6771)
* Add GET requests to webhook

* make fmt

* Handle invalid http method on webhook

* Uppercase http method in webhook

* Rename v85.go to v86.go

* make fmt
2019-05-05 14:09:02 -04:00
Mario Lubenka 55a8e12d85 Number of commits ahead/behind in branch overview (#6695)
* Call Git API to determine divergence of a branch and its base branch

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Show commit divergance in branch list

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds missing comment

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adds test for diverging commits

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Try comparing commits instead of branches

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Removes test as CI can't run it

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Adjusts signature of percentage function to allow providing multiple integers as numerator

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>

* Moves CountDivergingCommits function into repofiles module

Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
2019-05-05 19:25:25 +03:00
ngourdon 7806deab96 add french specific rule for translating plural texts (#6846) 2019-05-04 23:44:43 +01:00
techknowlogick 46373e7657
Hash App token (#6724) 2019-05-04 11:45:34 -04:00
Lauris BH 1fa9662946
Git statistics in Activity tab (#4724)
* Initial implementation for git statistics in Activity tab

* Create top user by commit count endpoint

* Add UI and update src-d/go-git dependency

* Add coloring

* Fix typo

* Move git activity stats data extraction to git module

* Fix message

* Add git code stats test
2019-05-04 15:39:03 +03:00
Filip Navara dbb0c9658c Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
* Allow git.GetTree to take both commit and tree names, return full paths on entries listed through Tree.ListEntriesRecursive

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Fix the SHA returned on Git Tree APIs called with commit hash or symbolic name

Signed-off-by: Filip Navara <filip.navara@gmail.com>
2019-05-02 20:33:11 -04:00
zeripath ade88a877d Allow Recaptcha service url to be configured (#6820) 2019-05-02 16:09:39 +03:00
Filip Navara 55daee8d22 Remove `seen` map from `getLastCommitForPaths` (#6807)
Ensures correctly traversing the commit graph for all path and avoids
erroneously skipping some. Also preallocate some arrays to correct size
to prevent unnecessary reallocations.

Fixes #6708.

Signed-off-by: Filip Navara <filip.navara@gmail.com>
2019-04-30 16:27:41 +03:00
zeripath 8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
Nicola Scattaglia cde6079879 Restore IsWindows variable assignment (#6722) (#6790)
Signed-off-by: Nicola Scattaglia <scattaglia.nicola.work@gmail.com>
2019-04-28 22:48:46 +03:00
ngourdon d29d97d91c Set user search base field optional in DLDAP edit page (#6779) 2019-04-28 09:53:55 -04:00
zeripath f6eedd4dc8 UI: Detect and restore encoding and BOM in content (#6727)
* detect and remove a decoded BOM

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Restore the previous encoding and BOM

* On error keep as UTF-8

Signed-off-by: Andrew Thornton <art27@cantab.net>

* create remove BOM function

* Deal with LFSed content

* Update modules/repofiles/update.go

* Fix final LFS bug

* Keep LFS sections referring to opts.Content
2019-04-26 15:00:30 +03:00
techknowlogick ec2d489d15
OAuth2 token can be used in basic auth (#6747) 2019-04-25 18:42:50 -04:00
Lunny Xiao 199faadea3 Fix org visibility bug when git cloning (#6743)
* fix org visibility bug

* fix permission check

* add integration tests

* fix tests

* change test user name for easier maintainance and fix test

* fix test git repo name
2019-04-25 21:59:10 +03:00
James E. Blair dabee9b1a4 Handle redirects in git clone commands (#6688)
Add support for repo_redirect objects in the git smart http
handler so that when a user clones a repo that has been moved
or renamed, they are redirected to the new location.

This requires that the query string be included in the redirect
as well, so that is added.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-04-25 08:51:40 +03:00
mrsdizzie 0064535ad2 Fix domain name pattern in email regex (#6739)
Fixes #6735
2019-04-24 21:53:41 -04:00
zeripath be666b03ee Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted

Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to repository and user

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add basic ColorFormat to access and unit

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add ColorFormat to permission and on trace log it

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add log.NewColoredIDValue to make ID value coloring consistent

Signed-off-by: Andrew Thornton <art27@cantab.net>

* formatting changes

* Add some better tracing to permission denied for read issues/pulls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add Trace logging on permission denied

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove isTrace() check from deferred func

* Adjust repo and allow logging of team

* use FormatInt instead of Itoa

* Add blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update access.go
2019-04-22 23:40:51 +03:00
Filip Navara b83114f140 Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
* Fix flaw in the commit history lookup that caused unnecessary traversal
when the repository contains a lot of merge commits.

Also return the merge commit as the changed one if the file or
directory was changed as part of the merge, eg. through conflict
resolution.

Signed-off-by: Filip Navara <filip.navara@gmail.com>

* Perform history simplification. If a file is present on multiple parents
in a merge commit follow only the first parent.
2019-04-21 16:49:06 +08:00
zeripath 3d5d2fa9d8
Unfortunately MemProvider Init does not actually Init properly (#6692)
* Unfortunately MemProvider Init does not actually Init properly

Worse all of its members are private and you cannot update them.
Simple fix copy it in to modules session.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix misspelling
2019-04-20 12:47:17 +01:00
zeripath b33f7f792b
Prevent creating empty sessions (#6677)
* Prevent creating empty sessions

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update modules/setting/session.go

* Remove unnecessary option

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add destory to list of ignored misspellings

* rename cookie.go -> virtual.go

* Delete old file

* Add test to ensure that sessions are not created without being logged in

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update integrations/create_no_session_test.go
2019-04-20 07:44:50 +01:00
Mario Lubenka fcbac38d6f Unifies pagination template usage (#6531) (#6533) 2019-04-20 00:15:19 -04:00
Daniel Grier b9d1fb6de3 Add support for MS Teams webhooks (#6632) 2019-04-19 10:18:06 -04:00
Filip Navara 2af67f6044 Improve listing performance by using go-git (#6478)
* Use go-git for tree reading and commit info lookup.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use TreeEntry.IsRegular() instead of ObjectType that was removed.

Signed-off-by: Filip Navara <navara@emclient.com>

* Use the treePath to optimize commit info search.

Signed-off-by: Filip Navara <navara@emclient.com>

* Extract the latest commit at treePath along with the other commits.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix listing commit info for a directory that was created in one commit and never modified after.

Signed-off-by: Filip Navara <navara@emclient.com>

* Avoid nearly all external 'git' invocations when doing directory listing (.editorconfig code path is still hit).

Signed-off-by: Filip Navara <navara@emclient.com>

* Use go-git for reading blobs.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make SHA1 type alias for plumbing.Hash in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Make Signature type alias for object.Signature in go-git.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix GetCommitsInfo for repository with only one commit.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix PGP signature verification.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix issues with walking commit graph across merges.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix typo in condition.

Signed-off-by: Filip Navara <navara@emclient.com>

* Speed up loading branch list by keeping the repository reference (and thus all the loaded packfile indexes).

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix lising submodules.

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix build

Signed-off-by: Filip Navara <navara@emclient.com>

* Add back commit cache because of name-rev

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix tests

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix code style

* Fix spelling

* Address PR feedback

Signed-off-by: Filip Navara <navara@emclient.com>

* Update vendor module list

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix getting trees by commit id

Signed-off-by: Filip Navara <navara@emclient.com>

* Fix remaining unit test failures

* Fix GetTreeBySHA

* Avoid running `git name-rev` if not necessary

Signed-off-by: Filip Navara <navara@emclient.com>

* Move Branch code to git module

* Clean up GPG signature verification and fix it for tagged commits

* Address PR feedback (import formatting, copyright headers)

* Make blob lookup by SHA working

* Update tests to use public API

* Allow getting content from any type of object through the blob interface

* Change test to actually expect the object content that is in the GIT repository

* Change one more test to actually expect the object content that is in the GIT repository

* Add comments
2019-04-19 20:17:27 +08:00
techknowlogick 19ec2606e9 API OTP Context (#6674)
* API OTP Context

* Update api.go

* token

* token

* fix per discord

* copyright header

* remove check for token in OTP

* Update auth.go

* simplify

* Update api.go
2019-04-19 11:59:26 +03:00
techknowlogick 56da256853
Telegram webhook (#4227) 2019-04-18 22:45:02 -04:00
Richard Mahn 2262811e40 Fixes 4762 - Content API for Creating, Updating, Deleting Files (#6314) 2019-04-17 12:06:35 -04:00
Mura Li 2a9806bfc6 Pre-calculate the absolute path of git (#6575)
* Pre-caculate the absolute path of git

* Do not repeat string literals which has been defined somewhere

Also make it flexible to accept customized/user-defined value.
2019-04-17 14:11:37 +03:00
Segev Finer 34548369e1 Add API for manipulating Git hooks (#6436)
* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <segev@codeocean.com>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <segev208@gmail.com>

* empty line
2019-04-17 01:31:08 -04:00
zeripath 827ab6b75a Add SUBJECT_PREFIX mailer config option (#6605)
* Add SUBJECT_PREFIX mailer config option

* Add space between subject prefix and subject (Change from Gogs)

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-04-17 00:56:40 -04:00
mrsdizzie 1bce1894f5 Use ctx.metas for SHA hash links (#6645)
Since #6273 was merged, we now have access to proper context metas
always. Update SHA generated links to use these instead of urlPrefix.

Update tests as well.

Fixes #4536.
2019-04-16 08:53:57 +01:00
Segev Finer ecfa5f1594 Fix forking an empty repository (#6637)
Fixes #6633

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-04-15 16:48:35 -04:00
Jonas Franz 62d3f49c28 Add json tags for oauth2 form (#6627) 2019-04-15 11:54:50 -04:00
Jonas Franz 783cd64927 Add option to disable refresh token invalidation (#6584)
* Add option to disable refresh token invalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add integration tests and remove wrong todos

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix typo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix tests and add documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2019-04-12 15:50:21 +08:00
mrsdizzie 3ff0a126e1 Improve issue autolinks (#6273)
* Improve issue autolinks

Update autolinks to match what github does here:

Issue in same repo: #1
Issue in different repo: org/repo#1

Fixes #6264

* Use setting.AppURL when parsing URL

Using setting.AppURL here is a more reliable way of parsing the current
URL and what other functions in this file seem to use.

* Make ComposeMetas always return a valid context

* Add per repository markdown renderers for better context

* Update for use of context metas

Now that we include the user and repo name inside context metas, update
various code and tests for this new logic
2019-04-12 08:53:34 +03:00
Mura Li 3186ef554c Support search operators for commits search (#6479)
* Support searching commits with prefix syntax

For now, support auther: committer:
When more than one prefix is supplied is presented, the result is the union.
When different prefixes are supplied, the result is the intersection.

For example,
"author:alice author:bob"
=> the result is all commits authored by Alice OR Bob

"hello committer:alice"
=> the result is all commits committed by Alice AND has the keyword
'hello' in the message.

Note that there should NOT have any space after the colon(:) of the prefix.
For example,
"author:bill" => correct
"author: bill" => wrong

* Remove unneeded logging

* Add missing files of test repository

* Add missing repo_unit entries to test fixtures

* Update test cases

* Add tooltip for commits search button

* Update tooltip text

I have no idea about how to format it with line breaks.

* Make the usage example more real

* Add a test case

* Add new options struct for SearchCommits

* Prefer len(s) > 0 over s != ""

* Add NewSearchCommitsOptions
2019-04-12 10:28:44 +08:00
Lunny Xiao 2f53b5f88c fix mail notification when close/reopen issue (#6581) 2019-04-11 22:59:01 +01:00
zeripath 89cc7c646d
Prevent server 500 on compare branches with no common history (#6555)
* Prevent 500 if there is no common mergebase
* Prevent creation of PR with no history
2019-04-09 21:45:58 +01:00
zeripath 0af0b078f9 wrap the ServerError and NotFound and log from the caller (#6550) 2019-04-09 21:10:42 +03:00
silverwind 8e949db3b5 Render SHA1 links as code blocks (#6546) 2019-04-09 06:18:48 +03:00
Lunny Xiao e7d7dcb090 Issue indexer queue redis support (#6218)
* add redis queue

* finished indexer redis queue

* add redis vendor

* fix vet

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: lunny <xiaolunwen@gmail.com>

* switch to go mod

* Update required changes for new logging func signatures
2019-04-08 12:05:15 +03:00
Vasek Sraier 49b2f45f75 Cleaned permission checks for API -> site admin can now do anything (#6483)
* cleaned permission checks for API -> site admin can now do anything

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: helper methods moved to context/context.go, added missing return

Signed-off-by: Vasek Sraier <git@vakabus.cz>

* PR #6483: added documentation to new exported helper functions in context/context.go

Signed-off-by: Vasek Sraier <git@vakabus.cz>
2019-04-08 01:49:34 +03:00
mrsdizzie 6293736d02 Use stricter boundaries for auto-link detection (#6522)
* Use stricter boundaries for auto-link detection

Currently autolinks use \W for boundary detection which creates many
situations of inserting links into places they don't belong (paths,
URLs, UUIDs, etc...)

This fixes that by replacing \W and only allowing these matches to touch
an open paren or bracket (matching what seems to be Github behavior) in
addition to whitespace and start of line. Similar for ending boundary as
well.

Fixes #6149
(and probably others)

* Update test

Replace incorrect test with a value that is a valid username, based on:

"Username should contain only alphanumeric, dash ('-'), underscore ('_')
and dot ('.') characters."

* Also allow for period at the end

Matching Github behavior

* Fix email regex to work properly with specificed boundaries

Create a specific capture group for email address and then use
FindStringSubmatchIndex to allow for non-matching patterns as
boundaries.

* Add Tests

Add tests for new behavior -- including tests for email addresses which
were absent before.
2019-04-07 12:18:16 +01:00
zeripath 5422f23ed8 Quieter Integration Tests (#6513)
* Rename BaseLogger to WriterLogger to help the creation of other providers

* Don't export ColorBytes and ResetBytes from ColoredValues

* Make integration tests only print logs if they fail

* check can color before coloring

* I always forget about MSSQL

* Oh and use LEVEL in sqlite.ini

* Make the test logger log at info - as it means you see the router

* Remove empty expected changes

* Make the migrations quieter too

* Don't display SQL on error - it can be looked at in the file logs if necessary

* Fix skip when using onGiteaRun
2019-04-07 03:25:14 +03:00
silverwind 2242a9f82e Improve SHA1 link detection (#6526)
This improves the SHA1 link detection to not pick up extraneous
non-whitespace characters at the end of the URL. The '.' is a special
case handled in code itself because of missing regexp lookahead
support.

Regex test cases: https://regex101.com/r/xUMlqh/3
2019-04-06 21:28:45 +03:00
mrsdizzie 54c1cb6c5f Add X-Auto-Response-Suppress header to outgoing messages (#6492)
This is a header used to suggest mail servers not to respond to a message
with an auto-responder:

 https://docs.microsoft.com/en-us/openspecs/exchange_server_protocols/ms-oxcmail/ced68690-498a-4567-9d14-5c01f974d8b1

This header is also used by github and gitlab in outgoing messages.

Fixes #6484
2019-04-02 11:45:54 -04:00
zeripath 704da08fdc
Better logging (#6038) (#6095)
* Panic don't fatal on create new logger

Fixes #5854

Signed-off-by: Andrew Thornton <art27@cantab.net>

* partial broken

* Update the logging infrastrcture

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Reset the skip levels for Fatal and Error

Signed-off-by: Andrew Thornton <art27@cantab.net>

* broken ncsa

* More log.Error fixes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove nal

* set log-levels to lowercase

* Make console_test test all levels

* switch to lowercased levels

* OK now working

* Fix vetting issues

* Fix lint

* Fix tests

* change default logging to match current gitea

* Improve log testing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* reset error skip levels to 0

* Update documentation and access logger configuration

* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE

* Fix broken level caching

* Refactor the router log

* Add Router logger

* Add colorizing options

* Adjust router colors

* Only create logger if they will be used

* update app.ini.sample

* rename Attribute ColorAttribute

* Change from white to green for function

* Set fatal/error levels

* Restore initial trace logger

* Fix Trace arguments in modules/auth/auth.go

* Properly handle XORMLogger

* Improve admin/config page

* fix fmt

* Add auto-compression of old logs

* Update error log levels

* Remove the unnecessary skip argument from Error, Fatal and Critical

* Add stacktrace support

* Fix tests

* Remove x/sync from vendors?

* Add stderr option to console logger

* Use filepath.ToSlash to protect against Windows in tests

* Remove prefixed underscores from names in colors.go

* Remove not implemented database logger

This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.

* Ensure that log paths are relative to ROOT_PATH

* use path.Join

* rename jsonConfig to logConfig

* Rename "config" to "jsonConfig" to make it clearer

* Requested changes

* Requested changes: XormLogger

* Try to color the windows terminal

If successful default to colorizing the console logs

* fixup

* Colorize initially too

* update vendor

* Colorize logs on default and remove if this is not a colorizing logger

* Fix documentation

* fix test

* Use go-isatty to detect if on windows we are on msys or cygwin

* Fix spelling mistake

* Add missing vendors

* More changes

* Rationalise the ANSI writer protection

* Adjust colors on advice from @0x5c

* Make Flags a comma separated list

* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING

* Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 08:48:31 +01:00
mrsdizzie c8650aef0a Change order that PostProcess Processors are run (#6445)
Make sure Processors that work on full links are run first so that
something matching another pattern doesn't alter a link before we get to
it, for example:

 https://stackoverflow.com/questions/2896191/what-is-go-used-fore

Fixes #4813
2019-03-27 11:37:54 -04:00
Mura Li d77176912b Use Go1.11 module (#5743)
* Migrate to go modules

* make vendor

* Update mvdan.cc/xurls

* make vendor

* Update code.gitea.io/git

* make fmt-check

* Update github.com/go-sql-driver/mysql

* make vendor
2019-03-27 19:15:23 +08:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
mrsdizzie d056bf300f Clean up ref name rules (#6437)
* Clean up ref name rules

Clean up checks on reference names to better conform to the guideline
here: https://git-scm.com/docs/git-check-ref-format

This fixes half of #6321

* Update branch create integration test

According to: https://git-scm.com/docs/git-check-ref-format

And: git check-ref-format "master/feature=test1"

This is a valid branch name and we should not be testing for it to fail.
2019-03-26 21:59:48 +02:00
Roland Koebler 57ecf09787 Markdown: enable some more extensions (#6362)
* Markdown: enable some more extensions

Improve Markdown-rendering by enabling some extensions:

- enable definitions lists
- enable footnotes
- enable header-ids and automatically generate header-ids (for linking to README-sections or creating table-of-contents for larger READMEs)

* Markdown: update and exted tests

Update and add tests for additionally enabled Markdown-extensions.
2019-03-21 15:53:06 +02:00
John Olheiser cac9e6e760 Updates to API 404 responses (#6077) 2019-03-18 22:29:43 -04:00
techknowlogick d1c982cb73
Add bio field for user (#6113)
Fix #4339
2019-03-18 22:28:10 -04:00
mrsdizzie ca46385637 Clean up various use of escape/unescape functions for URL generation (#6334)
* Use PathUnescape instead of QueryUnescape when working with branch names

Currently branch names with a '+' fail in certain situations because
QueryUnescape replaces the + character with a blank space.

Using PathUnescape should be better since it is defined as:

// PathUnescape is identical to QueryUnescape except that it does not
// unescape '+' to ' ' (space).

Fixes #6333

* Change error to match new function name

* Add new util function PathEscapeSegments

This function simply runs PathEscape on each segment of a path without
touching the forward slash itself. We want to use this instead of
PathEscape/QueryEscape in most cases because a forward slash is a valid name for a
branch etc... and we don't want that escaped in a URL.

Putting this in new file url.go and also moving a couple similar
functions into that file as well.

* Use EscapePathSegments where appropriate

Replace various uses of EscapePath/EscapeQuery with new
EscapePathSegments. Also remove uncessary uses of various
escape/unescape functions when the text had already been escaped or was
not escaped.

* Reformat comment to make drone build happy

* Remove no longer used url library

* Requested code changes
2019-03-18 10:00:23 -04:00
zeripath d78bb1d564 Add lang specific font stacks for CJK (#6007)
* Add lang specific font stacks

* Force font changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix icons

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix octicons and icons

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just override the semantic ui fonts only

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Missed the headers... override them too

* Missed some more semantic ui stuff

* Fix PT Sans

Signed-off-by: Andrew Thornton <art27@cantab.net>

* More changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Squashed commit of the following:

commit 7d1679e9079541359869c9e677ba7412bfcc59f3
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 13:53:49 2019 +0100

    Remove missed YaHei leftover from _home.less

commit 0079121ea91860a323ed4e5cc1a9c0d490d9cefd
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 12:03:54 2019 +0100

    Fix overdone fixes (inherit, :lang)

commit 62c919915928ec1db4731d547e95885f91a0618d
Author: Mike L <cl.jeremy@qq.com>
Date:   Wed Mar 13 02:29:10 2019 +0100

    Fix elements w/ explicit lang (language chooser)

commit b3117587aa2eb8570d60bed583a11ee5565418be
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 20:17:26 2019 +0100

    Fix textarea also (to match body)

commit 81cedf2c3012c4dd05a7680782b4a98e1b947f67
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 19:41:39 2019 +0100

    Revert css temporarily to fix conflict

commit 80ff82797f3203cbeaf866f22e961334e137df89
Author: Mike L <cl.jeremy@qq.com>
Date:   Tue Mar 12 19:15:30 2019 +0100

    Tweak CJK, fix Yu Gothic, more monospace inherits

commit 581dceb9a869646c2c486dabb925c88c2680d70c
Author: Mike L <cl.jeremy@qq.com>
Date:   Mon Mar 11 13:09:26 2019 +0100

    Add Lato for latin extd. & cyrillic, improve CJK

* update stylesheet
2019-03-18 08:49:01 -04:00
Lunny Xiao 379289639e
split setting.go to multiple files (#6154)
* split setting.go to multiple files

* fix lint
2019-03-16 11:12:44 +08:00
techknowlogick d7542bfde3
Add InternalTokenURI to load InteralToken from an external file (#5812) 2019-03-13 18:49:43 -04:00
zeripath b2e9894988 Fix reported issue in repo description (#6306) 2019-03-11 22:23:34 -04:00
zeripath 663874e8be Use url.PathEscape to escape the branchname (#6304)
* Use url.PathEscape to escape the branchname

* GetRepositoryByOwnerAndName should also have url.PathEscape as the owner and reponame are provided by the client
2019-03-12 00:53:41 +02:00
zeripath dbab98c8e0 Remove util.RemoveAll - should have been removed since go 1.7 (#6299) 2019-03-10 23:56:36 +02:00
Jonas Franz e777c6bdc6 Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
mrsdizzie f2de5dc8c8 Replace linkRegex with xurls library (#6261)
* Replace linkRegex with xurls library

Rather than maintaining a complicated regex to match URLs for
autolinking, gitea can use this existing go library that takes care of
the matching with very little code change to gitea itself. After
spending a while trying to find the perfect regex for all cases this library
still works better as it is more flexible than a single regex ever will be.

This will also fix the following issues: #5844 #3095 #3381

This passes all our current tests and I've added new ones mentioned in
those issues as well.

* Use xurls.StrictMatchingScheme instead of xurls.Strict

This is much faster and we only care about https? links to preserve
existing behavior.
2019-03-07 15:12:01 -05:00
mrsdizzie 020075e12f Remove visitLinksForShortLinks features (#6257)
The visitLinksForShortLinks feature would look inside of an <a> tag and
run shortLinkProcessorFull on any text, which attempts to create links
out of potential 'short links' like [[test]] [[link|example]] etc...
This makes no sense because you can't have nested links within an <a>
tag. Specifically, the html5 standard says <a> tags can't include
interactive content if they contain the href attribute:

 http://w3c.github.io/html/single-page.html#the-a-element

And also defines an <a> element with a href attribute as interactive:

 http://w3c.github.io/html/single-page.html#interactive-content

Therefore you can't really put a link inside of another link. In
practice none of this works anyways since browsers won't render it, it
would probably be broken if they tried, and it is causing a bug
(#4946). No current tests rely on this behavior either.

This removes the feature and also explicitly excludes the
current visitNodeForShortLinks from looking in <a> tags.
2019-03-07 14:13:44 -05:00
Zsombor f80caa5a8c Fix #6234 : Check organization visibility before everything else (#6235)
* Fix #6234 : Check organization visibility before everything else

* Ensure that Owner is available in the Repo
2019-03-05 15:15:24 -05:00
mrsdizzie 4a2e92bcd1 Modify linkRegex to require http|https (#6171)
Modify the current linkRegex to require http|https which appears to be
the intended behavior based on the comments. Right now, it also matches
anything starting with www as well. Also add testing for linkRegex
2019-02-28 20:31:53 +08:00
Lunny Xiao c812ba7f87
fix display dashboard even if require to change password (#6214)
* fix display dashboard even if require to change password

* fix comments
2019-02-28 16:01:42 +08:00
James E. Blair 48c101affe Create a repo redirect when transferring ownership (#6210) (#6211)
When transferring ownership of a repo to a different user/org,
create a repo redirect that points to the new location in the same
way that is done when a repo is renamed.

Signed-off-by: James E. Blair <jeblair@redhat.com>
2019-02-28 11:51:46 +08:00
Segev Finer 594f591691 Increase Username and Orgname MaxSize 35 -> 40 (#6178)
* Increase Username and Orgname MaxSize 35 -> 40

Signed-off-by: Segev Finer <segev@codeocean.com>

* Dep update code.gitea.io/sdk

Signed-off-by: Segev Finer <segev@codeocean.com>

* Run generate-swagger

Signed-off-by: Segev Finer <segev@codeocean.com>
2019-02-25 13:56:47 -05:00
Lunny Xiao 15ecc08475 fix bug when set indexer as db and add tests (#6173) 2019-02-24 11:16:20 -05:00
Lunny Xiao 477ef46251
Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
* add more tests and docs for issue indexer, add db indexer type for searching from database

* fix typo

* fix typo

* fix lint

* improve docs
2019-02-21 13:01:28 +08:00
Lunny Xiao 0751153613
refactor issue indexer, add some testing and fix a bug (#6131)
* refactor issue indexer, add some testing and fix a bug

* fix error copyright year on comment header

* issues indexer package import keep consistent
2019-02-21 08:54:05 +08:00
John Olheiser d26d249748 Minor UI tweaks (#5980)
* Remove all CommitStatus when a repo is deleted

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor UI tweaks (#5782)
Added 'No License' option
Added link and octicon change for external issue trackers
Reset password now notifies right away if the code is invalid

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* More UI tweaks
More info in PR

* Generate stylesheet for arc-green

* Make gofmt work

* Change PR integration since the button is changed

* Rebase

* Generate stylesheet

* UI updates
Made the PR button a "basic" button
Vertically centered the issue checkboxes
Labels will update only once after modal is closed

* Commit to reference related issues
Resolves #5782
Resolves #5861
Addresses original question in #5993

* Change the comment wording since PR button is no longer little and green.

* Revert changes that made Windows work

* Regenerate stylesheet

* Regenerate stylesheets

* make generate-stylesheets

* Update integration again, changed button style

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Added ID to PR button
Changed integration to use the ID to avoid breaking in the future

* Added missing semi-colons

* Added back distinction between issue actions and filters (overlooked it before)
Moved action button over next to other action dropdowns

* Remove extra tab formatting in list.tmpl

* Remove more formatting from GoLand

* Replace hardcoded "No License" with i18n license helper.
2019-02-19 18:09:47 -05:00
Lunny Xiao 987a521e2f remove unused file (#6121) 2019-02-19 17:22:42 +02:00
Lunny Xiao 830ae61456 Refactor issue indexer (#5363) 2019-02-19 09:39:39 -05:00
Lunny Xiao f5fa22a499 Fix prohibit login check on authorization (#6106)
* fix bug prohibit login not applied on dashboard

* fix tests

* fix bug user status leak

* fix typo

* return after render
2019-02-19 09:19:28 +02:00
Lanre Adelowo 44114b38e6 Implement "conversation lock" for issue comments (#5073) 2019-02-18 22:55:04 +02:00
Rémy Boulanouar 64ce159a6e Allow to set organization visibility (public, internal, private) (#1763) 2019-02-18 18:00:27 +02:00
zeripath 22770c324d
Move to ldap.v3 to fix #5928 (#6105)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-18 12:34:37 +00:00
xdch47 5e7dee0db5 modules/context/auth.go: fix redirect loop (#5965)
Closes #5815
2019-02-17 13:44:25 +08:00
zeripath 2a03e96bce
Allow markdown files to read from the LFS (#5787)
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix #5746

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
zeripath 296814e887 Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: GetDiffPreview

* Use git plumbing for upload: #5621 repo_editor.go: DeleteRepoFile

* Use git plumbing for upload: #5621 repo_editor.go: UploadRepoFiles

* Move branch checkout functions out of repo_editor.go as they are no longer used there

* BUGFIX: The default permissions should be 100644

    This is a change from the previous code but is more in keeping
    with the default behaviour of git.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Standardise cleanUploadFilename to more closely match git

See verify_path in: 7f4e641693/read-cache.c (L951)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Redirect on bad paths

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Refactor to move the uploading functions out to a module

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add LFS support

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update upload.go attribution header

Upload.go is essentially the remnants of repo_editor.go. The remaining code is essentially unchanged from the Gogs code, hence the Gogs attribution.

* Delete upload files after session committed

* Ensure that GIT_AUTHOR_NAME etc. are valid for git

see #5774

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in test cases per @lafriks comment

* Add space between gitea and github imports

Signed-off-by: Andrew Thornton <art27@cantab.net>

* more examples in TestCleanUploadName

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix formatting

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Set the SSH_ORIGINAL_COMMAND to ensure hooks are run

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch off SSH_ORIGINAL_COMMAND

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-02-12 15:07:31 +02:00
manuelluis fc038caa69 In basic auth check for tokens before call UserSignIn (#5725)
* Check first if user/password is a token

* In basic auth check if user/password is a token

* Remove unnecessary else statement

* Changes of fmt
2019-02-12 11:20:08 +02:00
Lanre Adelowo 9d8178b3ac Add option to close issues via commit on a non master branch (#5992)
* fixes #5957

* add tests to make sure config option is respected

* use already defined struct

* - use migration to make the flag repo wide not for the entire gitea instance
Also note that the config value can still be set so as to be able to control the value for new repositories that are to be created

- fix copy/paste error in copyright header year and rearrange import

- use repo config instead of server config value to determine if a commit should close an issue

- update testsuite

* use global config only when creating a new repository

* allow repo admin toggle feature via UI

* fix typo and improve testcase

* fix fixtures

* add DEFAULT prefix to config value

* fix test
2019-02-10 21:27:19 +02:00
Lunny Xiao 820e28c904
Split setting.go as multiple files (#6014)
* split setting.go as multiple files

* fix comments
2019-02-10 09:37:37 +08:00
Lunny Xiao 9e8cc3b18d add default time out for git operations (#6015) 2019-02-09 22:44:24 +00:00
Thomas Loubiou d252d4eb8c Remove extra spaces (#6016) 2019-02-09 14:48:28 +02:00
Thomas Loubiou 7fb09f035a Fix #5799 - swagger for mergePullRequest (#5996) 2019-02-08 08:08:38 +00:00
Lunny Xiao 2d213b64d1 use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
* use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines

* fix tests and add comment head
2019-02-07 02:13:12 -05:00
Richard Mahn da1edbfb79 Feature - Pagination for git tree API (#5838)
* Feature - Pagination for git tree API

* Handles case when page is negative

* Does a for loop over the start and end rather than all entries

* Removed redundent logic

* Adds per_page as a query parameter

* Adds DEFAULT_GIT_TREES_PER_PAGE for settings, ran make fmt

* Fix typo in cheat-sheet en

* Makes page start at 1, generated swagger

* Use updates to SDK

* Updates to use latest sdk

* Updates swagger for tree api

* Adds test for GetTreeBySHA

* Updates per PR reviews

* Updates per PR reviews

* Remove file

* Formatting

* Fix to swagger file

* Fix to swagger

* Update v1_json.tmpl

* Fix to swagger file
2019-02-06 18:19:26 +00:00
zeripath f286a5abb4 Allow Macaron to be set to log through to gitea.log (#5667)
* Allow Macaron to be set to log through gitea.log

Fix #4291
2019-02-05 22:06:41 -05:00
techknowlogick 9de871a0f8
add other session providers (#5963) 2019-02-05 11:52:51 -05:00
zeripath 01c10a951b
Fix ssh deploy and user key constraints (#1357) (#5939)
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.

We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:

- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.

Fix #1357
2019-02-03 23:56:53 +00:00
zeripath 3d91bb2f2d Make log mailer for testing (#5893)
* Create log mailer for testing email settings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Switch on the log mailer for the integration tests

This ensures that the sending mail process works

Signed-off-by: Andrew Thornton <art27@cantab.net>

* rename the from user for mysql/mssql

* rename log sender to dummy sender

* update the integration tests
2019-02-02 21:06:52 -05:00
Lunny Xiao bbad9b6178 Fix bug when read public repo lfs file (#5912)
* fix bug when read public repo lfs file

* add comment on lfs permission check
2019-01-31 13:36:57 +00:00
zeripath 0823791d17 Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
This PR protects against the panic referred to in chaseadmsio/goorgeous#82
by recovering from the panic and just returning the raw bytes if
there is an error.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:17:43 -05:00
zeripath ca00ca8ee4 Provide better panic handling (#5902)
This PR gitea'ises the macaron.Recovery() handler meaning that in
the event of panic we get proper gitea 500 pages and the stacktrace
is logged with the gitea logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-30 17:00:00 -05:00
zeripath 0f295ababa Only allow local login if password is non-empty (#5906) 2019-01-30 23:18:54 +02:00
Lauris BH 80098bd752 Fix go-get URL generation (#5905) 2019-01-30 21:04:19 +00:00
sebastian-sauer 84076211b3 Config option to disable automatic repo watching (#5852)
Add a new config option to enable / disable the automatic watching of
repos for new repositories and if a user is added to a team.

Fixes #653

Signed-off-by: Sebastian Sauer <sauer.sebastian@gmail.com>
2019-01-27 09:25:21 +00:00
Lunny Xiao 892bfd0b19 improve the releases api paging (#5831)
* improve the releases api paging

* add max limit on API paging
2019-01-24 20:59:27 +02:00
Joona Hoikkala 3b364029f7 Fix TLS errors when using acme/autocert for local connections (#5820) 2019-01-23 19:47:54 -05:00
Lauris BH 331c9120e8
Request for public keys only if LDAP attribute is set (#5816)
* Update go-ldap dependency

* Request for public keys only if attribute is set
2019-01-24 01:25:33 +02:00
kolaente 0b510725c9 Feature: Archive repos (#5009) 2019-01-23 13:58:38 -05:00
zeripath 7d434376f1 Pooled and buffered gzip implementation (#5722)
* Pooled and buffered gzip implementation

* Add test for gzip

* Add integration test

* Ensure lfs check within transaction

The previous code made it possible for a race condition to occur whereby a LFSMetaObject could be checked into the database twice. We should check if the LFSMetaObject is within the database and insert it if not in one transaction.

* Try to avoid primary key problem in postgres

The integration tests are being affected by
https://github.com/go-testfixtures/testfixtures/issues/39 if we set the
primary key high enough, keep a count of this and remove at the end of
each test we shouldn't be affected by this.
2019-01-23 10:56:51 +02:00
Lanre Adelowo e1fcd6b742 Disallow empty titles (#5785)
* add util method and tests

* make sure the title of an issue cannot be empty

* wiki title cannot be empty

* pull request title cannot be empty

* update to make use of the new util methof
2019-01-21 13:45:32 +02:00
Paul Brackin 1bb22b2b47 Make db connect more robust (#5738) 2019-01-19 16:17:08 -05:00
John Olheiser 6f194b83c6 Moved defaults in defaults.go to setting.go (#5764)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-01-19 15:39:27 -05:00
Harshit Bansal 6822a8993b ldap: Adjust log settings when a user is not found. (#5771)
Fixes: #3849.
2019-01-19 14:57:27 -05:00
Robert Sprunk 65b6ebf243 Log IP of failed ssh connection (#5766)
Fix #5765 by log the IP address of a connecting remote machine in case of a SSH connection error for the built-in ssh server.

Signed-off-by: Robert Sprunk <github@sprunk.me>
2019-01-19 16:29:17 +00:00
zeripath 07802a2bc5 Refactor repo.isBare to repo.isEmpty #5629 (#5714)
* Refactor repo.isBare to repo.isEmpty #5629

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove Sync call
2019-01-17 19:01:04 -05:00
Lunny Xiao 82e08a3364
Refactor notification for indexer (#5111)
* notification for indexer

* use NullNotifier as parent struct
2019-01-17 22:23:22 +08:00
Lunny Xiao 270fa6d63b Support CORS headers to git smart http protocol (#5719) 2019-01-14 16:05:27 -05:00
Khaled Hamed bd75965296 Prioritize "readme.md" (#5691)
* prioritize readme.md

* Improve IsReadmeFile

* Add more tests
2019-01-14 14:15:06 -05:00
techknowlogick 5c44f751a3
Discord Oauth2 support (#4476)
* add discord auth

* add vendor for discord

* fix syntax error

* make fmt

* update version of goth in use

* update markbates/goth
2019-01-13 14:06:22 -05:00
Lunny Xiao beab2df122 Refactor mail notification (#5110)
* mail notification implement interface

* fix file comment year

* use NullNotifier as parent struct of notifiers
2019-01-13 16:42:55 +02:00
zeripath dd13327382 When redirecting clean the path to avoid redirecting to //www.othersite.com (#5669)
Fix #5627

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-09 13:39:01 -05:00
Lanre Adelowo 8d2c24f7f9 Allow for user specific themes (#5668)
* add migration and basic UI for changing a user's theme

* update user themem

* use right text on button

* load theme based on users' selection

* load theme based on users' selection in pwa too

* update sample config

* delete older theme loading

* implement AfterLoad to set users' theme properly

* set up default theme when creating a user. This uses the installation wide theme

* use flash messages for error

* set default theme when creating a user from the cli

* fix @lunny review
2019-01-09 12:22:57 -05:00
zeripath 8bb0a6f425 Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
* Synchronize SSH keys on login with LDAP

* BUG: Fix hang on sqlite during LDAP key deletion
2018-12-27 12:28:48 -05:00
Tony Homrich 2058c362a8 LDAP via simple auth separate bind user and search base (#5055) 2018-12-27 11:51:19 -05:00
Julian 4a685f8b87 Add rebase with merge commit merge style (#3844) (#4052)
Signed-off-by: Julian Tölle <julian.toelle97@gmail.com>
2018-12-27 12:27:08 +02:00
Lunny Xiao b65e37ed72
fix indexer reindex bug when gitea restart (#5563)
* fix issue indexer bug reindex when restart gitea

* also fix code indexer reindex when gitea restart
2018-12-19 16:37:48 +08:00
Lunny Xiao 7fd34c0517
fix lfs version check warning log when using ssh protocol (#5501) 2018-12-19 09:17:43 +08:00
zeripath 2a660a1de1 Support reverse proxy providing email (#5554)
This PR implements #2347
2018-12-18 12:05:48 -05:00
Lunny Xiao ba75319157 fix clone wiki failed via ssh (#5503) 2018-12-11 13:37:32 -05:00
Jonas Franz 9681c83734 Approvals at Branch Protection (#5350)
* Add branch protection for approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add required approvals

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing comments and fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add type = approval and group by reviewer_id to review

* Prevent users from adding negative review limits

* Add migration for approval whitelists

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-12-11 19:28:37 +08:00
Lunny Xiao eabbddcd98
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems

* fix some bugs and merge LoadUnits to repoAssignment

* refactor permission struct and add some copyright heads

* remove unused codes

* fix routes units check

* improve permission check

* add unit tests for permission

* fix typo

* fix tests

* fix some routes

* fix api permission check

* improve permission check

* fix some permission check

* fix tests

* fix tests

* improve some permission check

* fix some permission check

* refactor AccessLevel

* fix bug

* fix tests

* fix tests

* fix tests

* fix AccessLevel

* rename CanAccess

* fix tests

* fix comment

* fix bug

* add missing unit for test repos

* fix bug

* rename some functions

* fix routes check
2018-11-28 19:26:14 +08:00
Michael Kuhn 0222623be9 Explicitly disable Git credential helper (#5367)
* Explicitly disable Git credential helper

If the user running Gitea has configured a credential helper, Git
credentials might leak out of Gitea.

There are two problems with credential helpers when combined with Gitea:

1. Credentials entered by a user when doing a migration or setting up a
   mirror will end up in the credential store. In the worst case, this
   is the plain text file ~/.git-credentials.
2. Credentials in the credential store will be used for migrations and
   mirrors by all users. For example, if user A sets up a mirror, their
   credentials will be stored. If user B later sets up a mirror from the
   same host and does not enter any credentials, user A's credentials
   will be used.

This PR prepends -c credential.helper= to all Git commands to clear the
list of helpers. This requires at least Git version 2.9, as previous
versions will try to load an empty helper instead. For more details, see
24321375cd

* Update git module
2018-11-28 09:00:25 +02:00
SohnyBohny 294904321c Create Progressive Web App (#4730)
* Create manifest and serviceworker

* Create templates and add AppSubUrl

* Add JSRenderer

* fix ctx type

* Add JSRenderer to static.go

* Complete adding {{AppSubUrl}}

* Add more fonts to urlsToCache

* Add 512px and 192px icons

* Hardcode font MD5

* Default theme doesn't have a specific CSS file
2018-11-27 10:18:26 -05:00
Lauris BH e09fe48773 Refactor heatmap to vue component (#5401) 2018-11-27 10:36:54 +01:00
Lanre Adelowo 3a1ed82529 Explicitly decide whether to use TLS in mailer's configuration (#5024)
* explicitly decide on using TLS for mail connections

* explicitly decide on using TLS for mail connections

* keep compatibility
2018-11-26 14:21:41 -05:00
Lunny Xiao cef0f12c51 support envs on external render commands (#5278) 2018-11-20 17:11:21 -05:00
Peter Hoffmann e08c7e521b Add raw blob endpoint to get objects by SHA ID (#5334)
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git #132

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Lanre Adelowo b97af15de6 Block registration based on email domain (#5157)
* implement email domain whitelist
2018-11-14 20:00:04 -05:00
Lauris BH 8f8ff5a295
Remove maxlines option for file logger (#5282) 2018-11-07 06:48:53 +02:00
Stanislav 078c404c3b Prometheus endpoint (#5256)
* Add prometheus collector and route

* dep ensure -add github.com/prometheus/client_golang/prometheus

* dep ensure -update github.com/golang/protobuf

* add metrics to reserved usernames

* add comment head in metrics package

* fix style imports

* add metrics settings

* add bearer token check

* mapping metrics configs

* fix lint

* update config cheat sheet

* update conf sample, typo fix
2018-11-04 22:20:00 -05:00
zeripath 7096085f2b Fix #5226 by adding CSRF checking to api reqToken and add CSRF to the POST header for deadline (#5250)
* Add CSRF checking to reqToken and place CSRF in the post for deadline creation

Fixes #5226, #5249

* /api/v1/admin/users routes should have reqToken middleware
2018-11-03 21:15:55 -04:00
zeripath 7d9a191a3c Create AuthorizedKeysCommand (#5236) 2018-11-01 09:41:07 -04:00
L.E.R b686bd0c94 Fix markdown image with link (#4675)
* Fix markdown image with link

* Add gitea copyright notice

* add a test for markdown image with link

* remove svg related variables
2018-10-30 18:26:28 -04:00
Nicolas Lenz 220ee6ae42 Pass link prefixes to external markup parsers (#5201)
* Pass environment variables for URL prefixes to external markup parser

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>

* Document external markup link prefix environment variables

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>

* Run format on link prefix changes

Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
2018-10-30 10:34:12 -04:00
Antoine GIRARD 617a2433a3 Make gitea serv use api/internal (#4886)
* Start to move to internal/private

* Add GetPublicKeyByID

* Add HasDeployKey

* Add private.UpdateDeployKeyUpdated

* Add private.GetUserByKeyID

* Add private.AccessLevel

* Add private.CheckUnitUser

* Fix mistakes I made

* Some cleaning + moving code to separate files

* Fix error handling

* Remove useless error handling for setup

* lint: fix comment on exported func

* fix copyright header

* Fix order of args
2018-10-30 14:20:13 +08:00
Jonas Bröms db30d6d791 Serve audio files using HTML5 audio tag (#5221)
* Serve audio files using HTML5 audio tag

* Correct copy paste error
2018-10-30 10:17:26 +08:00
Antoine GIRARD ffd5fb8139 Set heatmap color range configurable (#5165) 2018-10-24 16:38:04 +02:00
kolaente 6759237eda User action heatmap (#5131)
* Added basic heatmap data

* Added extra case for sqlite

* Built basic heatmap into user profile

* Get contribution data from api & styling

* Fixed lint & added extra group by statements for all database types

* generated swagger spec

* generated swagger spec

* generated swagger spec

* fixed swagger spec

* fmt

* Added tests

* Added setting to enable/disable user heatmap

* Added locale for loading text

* Removed UseTiDB

* Updated librejs & moment.js

* Fixed import order

* Fixed heatmap in postgresql

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-Authored-By: kolaente <konrad@kola-entertainments.de>

* Added copyright header

* Fixed a bug to show the heatmap for the actual user instead of the currently logged in

* Added integration test for heatmaps

* Added a heatmap on the dashboard

* Fixed timestamp parsing

* Hide heatmap on mobile

* optimized postgresql group by query

* Improved sqlite group by statement
2018-10-23 10:57:42 +08:00
Jonas Franz f38fce916e Add comment replies (#5104)
* Add comment replies

* Replace reviewID with review.ID
2018-10-22 16:13:35 -04:00
Oleg Kovalov 5a4648cdd6 Remove check for negative length (#5120) 2018-10-20 17:25:14 -04:00
Julien Tant dea3d849e1 Give user a link to create PR after push (#4716)
* Give user a link to create PR after push

* Forks now create PR in the base repository + make sure PR creation is allowed

* fix code style
2018-10-20 09:59:06 +03:00
Oleg Kovalov 971dccda16 Use type switch (#5122) 2018-10-19 14:54:26 -04:00
Lunny Xiao ea619b39b2
Add notification interface and refactor UI notifications (#5085)
* add notification interface and refactor UI notifications

* add missing methods on notification interface and notifiy only issue status really changed

* implement NotifyPullRequestReview for ui notification
2018-10-18 19:23:05 +08:00
SagePtr eb0c848f5b Use native go method to get current user rather than environment variable (#4930)
* Use native go method to get current user rather than environment var

* Use t.Skip instead of return in test
2018-10-18 15:08:20 +08:00
Lauris BH 81702e6ec9 Detect charset and convert non UTF-8 files for display (#4950)
* Detect charset and convert non UTF-8 files for display

* Refactor and move function to correct module

* Revert unrelated changes

* More unrelated changes

* Duplicate content for small text to have better encoding detection

* Check if original content is valid before duplicating it
2018-09-29 16:33:54 +08:00
Lanre Adelowo 2a6d3ba058 Allow admin toggle forcing a password change for newly created users (#4563) 2018-09-13 12:34:36 -04:00
Lanre Adelowo 126ba796dc Force user to change password (#4489)
* redirect to login page after successfully activating account

* force users to change password if account was created by an admin

* force users to change password if account was created by an admin

* fixed build

* fixed build

* fix pending issues with translation and wrong routes

* make sure path check is safe

* remove unneccessary newline

* make sure users that don't have to view the form get redirected

* move route to use /settings prefix so as to make sure unauthenticated users can't view the page

* update as per @lafriks review

* add necessary comment

* remove unrelated changes

* support redirecting to location the user actually want to go to before being forced to change his/her password

* run make fmt

* added tests

* improve assertions

* add assertion

* fix copyright year

Signed-off-by: Lanre Adelowo <yo@lanre.wtf>
2018-09-13 15:04:25 +03:00
Drew Bowering 8e3e59fdb8 Fix: Let's Encrypt configuration settings (#4911)
ENABLE_LETSENCRYPT and LETSENCRYPT_ACCEPTTOS were not being properly loaded from the config file, always resulting in the default settings being in place.
2018-09-12 00:06:44 -04:00
B-OnTheGo e47df0b301 Enforce token on api routes [fixed critical security issue #4357] (#4840) 2018-09-10 12:15:52 -04:00
Lanre Adelowo be48397945 Slack webhook channel name cannot be empty or just contain an hashtag (#4786) 2018-09-10 10:31:08 -04:00
Lauris BH fa4663e61e Add push webhook support for mirrored repositories (#4127) 2018-09-06 22:06:09 -04:00
SagePtr bf55276189 Fix redirect with non-ascii branch names (#4764) (#4810)
* Fix redirect with non-ascii branch names (#4764)

* Add integration tests for non-ascii branch redirect

* Fix mysql test and coverage test
2018-09-06 21:37:02 -04:00
Nicolas Lenz 668a477c69 Fix trimming of markup section names (#4863)
Signed-off-by: Nicolas Lenz <nicolas@eisfunke.com>
2018-09-03 20:59:02 -04:00
techknowlogick 080428b2bf
Upgrade images in .drone.yml to more recent versions (#4819) 2018-08-29 09:43:58 -04:00
Piotr Orzechowski 56d931aeac Hide home button when landing page is not set to home (#4651) 2018-08-26 22:23:27 -04:00
EnricoFerro 0a24f5cac8 Disable 'May Import Local Repository' when is disabled by setting (Issue #4779) (#4780) 2018-08-24 01:00:22 -04:00
Fluf b82c14b3d2 add letsencrypt to Gitea (#4189) 2018-08-21 09:56:50 -04:00
Lauris BH 92466129ec
Improve URL validation for external wiki and external issues (#4710)
* Improve URL validation for external wiki  and external issues

* Do not allow also localhost address for external URLs
2018-08-15 09:29:37 +03:00
Julien Tant 7781e8cef2 Disable merging a WIP Pull request (#4529)
* prevent pull request to be merged when PR is a WIP

* add tests

* add helper to prepend WIP: in PR title

* move default wip prefixes into settings

* use configurable WIP prefixes in javascript and default to first one in templates

* add documentation

* add unit test on pull model

Signed-off-by: Julien Tant <julien@craftyx.fr>
2018-08-13 22:04:39 +03:00
Piotr Orzechowski 152c6af97e Fix custom templates being ignored (#4638) 2018-08-08 14:15:48 +03:00
SagePtr 32145b6de8 Push whitelist now doesn't apply to branch deletion (#4601) (#4607) 2018-08-08 11:17:10 +08:00
Jerry Jacobs b1bc08e268 cmd/serve: pprof cpu and memory profile dumps to disk (#4560) 2018-08-07 14:49:18 -04:00
Lanre Adelowo 0df7cab4fb prevent empty review comment (#4632)
* prevent empty review comment

This would only require a comment for rejection and comment

* add tests

* add comment
2018-08-07 20:15:41 +03:00
Lauris BH 6e64f9db8e Pull request review/approval and comment on code (#3748)
* Initial ui components for pull request review

* Add Review
Add IssueComment types

Signed-off-by: Jonas Franz <info@jonasfranz.software>

(cherry picked from commit 2b4daab)
Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Replace ReviewComment with Content

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add load functions
Add ReviewID to findComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add create review comment implementation
Add migration for review
Other small changes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Simplified create and find functions for review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved "Pending" to first position

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add GetCurrentReview to simplify fetching current review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Preview for listing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move new comment form to its own file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Implement Review form
Show Review comments on comment stream

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for single comments
Showing buttons in context

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add pending tag to pending review comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for Review

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fetch all review ids at once
Add unit tests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improved comment rendering in "Files" view by adding Comments to DiffLine

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for invalidating comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Switched back to code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Moved review migration from v64 to v65

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Rebuild css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Improve translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit tests by updating fixtures and updating outdated test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Comments will be shown at the right place now

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for deleting CodeComments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by files in subdirectories

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for showing code comments of reviews in conversation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for "Show/Hide outdated"

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update code.gitea.io/git

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add support for new webhooks

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Resolve conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor UI improvements

* update code.gitea.io/git

* Fix ui bug reported by @lunny causing wrong position of add button
Add functionality to "Cancel" button
Add scale effects to add button
Hide "Cancel" button for existing comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Prepare solving conflicts

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show add button only if no comments already exist for the line

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add missing vendor files

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if reviewer is nil

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Show forms only to users who are logged in

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Revert "Show forms only to users who are logged in"

This reverts commit c083682

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Save patch in comment
Render patch for code comments

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add link to comment in code

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add reply form to comment list
Show forms only to signed in users

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add 'Reply' as translatable
Add CODE_COMMENT_LINES setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems introduced by checking for singed in user

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add v70

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update generated stylesheet

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix preview
Beginn with new review comment patch system

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add new algo to generate diff for line range
Remove old algo used for cutting big diffs (it was very buggy)

* Add documentation and example for CutDiffAroundLine

* Fix example of CutDiffAroundLine

* Fix some comment UI rendering bugs

* Add code comment edit mode

* Send notifications / actions to users until review gets published
Fix diff generation bug
Fix wrong hashtag

* Fix vet errors

* Send notifications also for single comments

* Fix some notification bugs, fix link

* Fix: add comment icon is only shown on code lines

* Add lint comment

* Add unit tests for git diff

* Add more error messages

* Regenerated css

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* fmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Regenerated CSS with latest less version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by updating comment type to new ID

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Introducing CodeComments as type for map[string]map[int64][]*Comment
Other minor code improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix data-tab issues

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove unnecessary change

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* refactored checkForInvalidation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Append comments instead of setting

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Use HeadRepo instead of BaseRepo

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update migration

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Regenerated CSS

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add copyright

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Update index.css

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-08-06 06:43:21 +02:00
Piotr Orzechowski a74426d631 Swagger.v1.json template (#3572)
* Turn swagger.v1.json into template

* Rename ENABLE_SWAGGER_ENDPOINT option to ENABLE_SWAGGER
2018-07-28 03:19:01 +03:00
Kjell Kvinge ba358ecbf5 Make max commits in graph configurable (#4498) 2018-07-23 17:12:06 +03:00
Lunny Xiao 0bb1c84208 Add csv file render support defaultly (#4105)
* add csv file render support defaultly

* escaping csv column content
2018-07-21 00:08:15 +03:00
Lunny Xiao d1337299e2 add valid for lfs oid (#4461) 2018-07-19 11:39:19 -04:00
kolaente 1bff02de55 Added dependencies for issues (#2196) (#2531) 2018-07-17 17:23:58 -04:00
techknowlogick f1d6a1fffc
Add the ability to have built in themes in Gitea (#4198)
This makes it easier for user who want to theme but
don't have the ability to know how to customize templates
all that is required is a change in a config option

The reason why I chose the DEFAULT_THEME as variable,
as perhaps in the future we will allow users to chose their
theme whon logged in just like we do with languages
2018-07-05 17:25:04 -04:00
Jonas Franz 2a60e72fcd
Replace src with raw to fix image paths (#4377)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-07-05 22:36:45 +02:00
Fluf f035dcd4f2 Add Recaptcha functionality to Gitea (#4044) 2018-07-05 00:13:05 -04:00
Kim "BKC" Carlbäcker cbee921c28 Limit uploaded avatar image-size to 4096x3072 by default (#4353) 2018-07-03 06:56:32 +03:00
techknowlogick 4ee52b7161 Add scope to Gitlab oauth request (#4330)
Fix #3449
2018-06-30 20:13:17 +03:00
Jonas Franz 801843b011 Fix open redirect vulnerability on login screen (#4312)
* Fix open redirect vulnerability on login screen

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Reorder imports

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Replace www. from Domain too

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-06-26 22:45:18 +08:00
Jonas Franz 85414d8b75 Show second line by using >= 1 instead of > 1 (#4251)
Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-06-15 10:07:48 -04:00
Antoine GIRARD 23ba5c870f markup: escape short wiki link (#4091) 2018-06-15 20:42:49 +08:00
David Schneiderbauer adba2ad609 fix not respecting landing page setting (#4209)
* fix not respecting landing page setting

* fmt

* add landing page test
2018-06-15 11:42:46 +08:00
Inon S 1bcabb8b1e Removed unnecessary line referencing LFS struct (#4113)
https://github.com/go-gitea/gitea/pull/4035#issuecomment-394286204

@ohwgiles points out that the config section should, in fact, still be in accordance with the "server" struct, which contains the "LFS" struct. I should just remove the line
```
sec = Cfg.Section("LFS")
```
2018-06-04 21:07:42 +03:00
Bwko 1f877f8c87 Add tag check to release draft creation (#3729) 2018-06-04 08:34:44 +03:00
Antoine GIRARD 35c3510335 Fix #4081 Check for leading / in base before removing it (#4082) 2018-05-30 21:23:43 +08:00
Inon S 15f6ec9632 LFS: make HTTP auth period configurable (#4035)
* LFS: make HTTP auth period configurable

* Formatting: Removed semicolon

Due to automated fmt-check failure (drone.gitea.io)

* applying code reviews

* Applied code review comment: Change HTTPAuthExpiry to time.Duration

* Updated config cheat sheet
2018-05-29 16:07:16 +08:00
Jonas Franz 2139c152cb Fix relative markdown links with anchors (#4058)
* Replace '%28' with '#'
Add test case

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Use ResolveReference instead of strings.Replace

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-28 23:51:42 -04:00
Lunny Xiao 5c95f7c7ce
fix attachment ENABLED (#4064)
* fix attachment ENABLED

* change wrong name on app.ini.sample
2018-05-28 22:56:54 +08:00
3_1_3_u 8ebd15e6a6 fix add a Ukrainian language (#4036) (#4042) 2018-05-24 15:35:46 -04:00
Magnus Lindvall cdb9478774 LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Add migration: add login source id column for public_key table

* Only update keys if needed

* Add function to only list pubkey synchronized from ldap

* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.

* Only get keys belonging to current login source id

* Set default login source id to 0

* Some minor cleanup. Add integration tests (updete dep testify)
2018-05-24 07:59:02 +03:00
Jonas Franz 951309f76a Add support for FIDO U2F (#3971)
* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
2018-05-19 17:12:37 +03:00
David Schneiderbauer 80d1998981 add missing token validation and fix missing alert on application settings page (#3976) 2018-05-16 22:18:13 +08:00
Lunny Xiao 24941a1046
Add more webhooks support and refactor webhook templates directory (#3929)
* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* add more webhook support

* move hooks templates to standalone dir and add more webhooks ui

* fix tests

* update vendor checksum

* update vendor

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* load attributes when created release

* update comparsion doc
2018-05-16 22:01:55 +08:00
FabioFortini 1546458f7d issue-2768: added new option allow_only_external_registration (#3910) 2018-05-13 15:51:16 +08:00
kolaente 95f2e2b57b Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
Lauris BH 501fb228e6
Add option to use paged LDAP search when synchronizing users (#3895) 2018-05-05 17:30:47 +03:00
kolaente 1fdf560678 Added user language setting (#3875)
* Added user language setting

* Added translation string for setting

* Fixed import order + typo

* improved checking if the user has a language saved in the db

* The current saved language is now set a default inside the dropdown

* fmt

* When a user signs in and doesn't have a language saved, the current browser language is saved

* updated gitea-sdk

* Merge branch 'master' of https://github.com/go-gitea/gitea into save-user-language

# Conflicts:
#	models/migrations/migrations.go
#	models/migrations/v62.go

* Made tests work again

* trigger CI

* trigger CI

* fmt

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* re-trigger that FUCKING CI SO IT REALLY PICKS UP THE LATEST COMMIT ISTEAD OF PREDENDING TO DO SO

* When loggin in, only the language col gets updated instead of everything
2018-05-05 08:28:30 +08:00
kolaente 1a97030017 Issue due date (#3794)
* Started adding deadline to ui

* Implemented basic issue due date managing

* Improved UI for due date managing

* Added at least write access to the repo in order to modify issue due dates

* Ui improvements

* Added issue comments creation when adding/modifying/removing a due date

* Show due date in issue list

* Added api support for issue due dates

* Fixed lint suggestions

* Added deadline to sdk

* Updated css

* Added support for adding/modifiying deadlines for pull requests via api

* Fixed comments not created when updating or removing a deadline

* update sdk (will do properly once go-gitea/go-sdk#103 is merged)

* enhanced updateIssueDeadline

* Removed unnessecary Issue.DeadlineString

* UI improvements

* Small improvments to comment creation
+ ui & validation improvements

* Check if an issue is overdue is now a seperate function

* Updated go-sdk with govendor as it was merged

* Simplified isOverdue method

* removed unessecary deadline to 0 set

* Update swagger definitions

* Added missing return

* Added an explanary comment

* Improved updateIssueDeadline method so it'll only update `deadline_unix`

* Small changes and improvements
* no need to explicitly load the issue when updating a deadline, just use whats already there
* small optimisations

* Added check if a deadline was modified before updating it

* Moved comment creating logic into its own function

* Code cleanup for creating deadline comment

* locale improvement

* When modifying a deadline, the old deadline is saved with the comment

* small improvments to xorm session handling when updating an issue deadline
+ style nitpicks

* style nitpicks

* Moved checking for if the user has write acces to middleware
2018-05-01 22:05:28 +03:00
Tris Forster 85d14cc229 Symlink icons (#1416) (#3826)
* Updated vendor code for code.gitea.io/git

* Display symlinks correctly for files and directories

* Added symlink tests

* Applied silverwinds stylesheet patch

Signed-off-by: Tris Forster <tris.git@shoddynet.org>
2018-05-01 10:04:36 +03:00
Lauris BH 181b3a8f09 Fix path cleanup in multiple places (#3871) 2018-05-01 09:46:04 +08:00
Ethan Koenig 7ea4bfc561 API endpoint for testing webhook (#3550)
* API endpoint for testing webhook

* Empty commit to rerun CI
2018-04-29 14:21:33 +08:00
Lauris BH 5a62eb30df
Store OAuth2 session data in database (#3660)
* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error
2018-04-29 09:09:24 +03:00
Jonas Franz 8d5f58d834 Shows total tracked time in issue and milestone list (#3341)
* Show total tracked time in issue and milestone list
Show total tracked time at issue page

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Optimizing TotalTimes by using SumInt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixing wrong total times for milestones caused by a missing JOIN
Adding unit tests for total times

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Logging error instead of ignoring it

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Correcting spelling mistakes

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change error message to a short version

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add error handling to TotalTimes
Add variable for totalTimes

Signed-off-by: Jonas Franz <info@jonasfranz.de>

* Introduce TotalTrackedTimes as variable of issue
Load TotalTrackedTimes by loading attributes of IssueList
Load TotalTrackedTimes by loading attributes of single issue
Add Sec2Time as helper to use it in templates

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fixed test + gofmt

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Load TotalTrackedTimes via MilestoneList instead of single requests

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add documentation for MilestoneList

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Change comment from SQL query to description

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix unit test by using int64 instead of int

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Check if timetracker is enabled

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix test by enabling timetracking

Signed-off-by: Jonas Franz <info@jonasfranz.de>
2018-04-29 13:58:47 +08:00
Lunny Xiao bec69f702b
Add topic support (#3711)
* add topic models and unit tests

* fix comments

* fix comment

* add the UI to show or add topics for a repo

* show topics on repositories list

* fix test

* don't show manage topics link when no permission

* use green basic as topic label

* fix topic label color

* remove trace content

* remove debug function
2018-04-11 10:51:44 +08:00
Bwko 8ee45eb614 Add EnableTimetracking option to app settings (#3719) 2018-04-09 23:15:32 +08:00
Lunny Xiao d877bf7e15
Add config option to enable or disable log executed SQL (#3726)
* add config option to enable or disable log executed SQL

* rename ShowSQL to LogSQL
2018-03-30 22:49:46 +08:00
Allen Wild 15c6bb500b Add repository setting to enable/disable health checks (#3607)
New Feature:
  * Repository struct field for IsFsckEnabled (default true of course)
  * Admin Settings section on repo options page, accessible only by
    admin users

Possible Enhancements:
  * There's no way to force running health checks on all repos
    regardless of their IsFsckEnabled setting. This would be useful if
    there were an admin API or dashboard button to run fsck immediately.

Issue: https://github.com/go-gitea/gitea/issues/1712
Signed-off-by: Allen Wild <allenwild93@gmail.com>
2018-03-27 22:13:20 +08:00
Chri-s 9350ba7947 Add protected branch whitelists for merging (#3689)
* Add database migrations for merge whitelist

* Add merge whitelist settings for protected branches

* Add checks for merge whitelists
2018-03-25 13:01:32 +03:00
Lunny Xiao 9e5d0a09eb
Global code search support (#3664)
* add global code search on explore

* fix bug when no anyone public repos

* change the icon

* fix typo and add UnitTypeCode check for login non-admin user

* fix ui description when no match
2018-03-16 22:04:33 +08:00
Lauris BH 7b2b900e13 Refactor and simplify redirect to url (#3674) 2018-03-15 22:13:34 +01:00
Lauris BH c0d41b1b77 Add label descriptions (#3662)
* Add label descriptions

* Add default descriptions to label template
2018-03-13 10:03:55 +08:00
Chaz Reid 69ea5e4385 Fix wiki inter-links with cases and add tests for this case (#3560) 2018-03-05 20:39:12 +02:00