forgejo/routers/web/repo/setting/setting.go

1116 lines
37 KiB
Go
Raw Normal View History

2014-05-01 13:44:22 +04:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2018 The Gitea Authors. All rights reserved.
2024-05-24 14:28:15 +03:00
// Copyright 2024 The Forgejo Authors. All rights reserved.
// SPDX-License-Identifier: MIT
2014-05-01 13:44:22 +04:00
package setting
2014-05-01 13:44:22 +04:00
import (
[MODERATION] User blocking - Add the ability to block a user via their profile page. - This will unstar their repositories and visa versa. - Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations). - Blocked users cannot comment on the doer's opened issues or pull requests. - Blocked users cannot add reactions to doer's comments. - Blocked users cannot cause a notification trough mentioning the doer. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540 (cherry picked from commit 687d852480388897db4d7b0cb397cf7135ab97b1) (cherry picked from commit 0c32a4fde531018f74e01d9db6520895fcfa10cc) (cherry picked from commit 1791130e3cb8470b9b39742e0004d5e4c7d1e64d) (cherry picked from commit 37858b7e8fb6ba6c6ea0ac2562285b3b144efa19) (cherry picked from commit a3e2bfd7e9eab82cc2c17061f6bb4e386a108c46) (cherry picked from commit 7009b9fe87696b6182fab65ae82bf5a25cd39971) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go templates/user/profile.tmpl (cherry picked from commit b2aec3479177e725cfc7cbbb9d94753226928d1c) (cherry picked from commit e2f1b73752f6bd3f830297d8f4ac438837471226) [MODERATION] organization blocking a user (#802) - Resolves #476 - Follow up for: #540 - Ensure that the doer and blocked person cannot follow each other. - Ensure that the block person cannot watch doer's repositories. - Add unblock button to the blocked user list. - Add blocked since information to the blocked user list. - Add extra testing to moderation code. - Blocked user will unwatch doer's owned repository upon blocking. - Add flash messages to let the user know the block/unblock action was successful. - Add "You haven't blocked any users" message. - Add organization blocking a user. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802 (cherry picked from commit 0505a1042197bd9136b58bc70ec7400a23471585) (cherry picked from commit 37b4e6ef9b85e97d651cf350c9f3ea272ee8d76a) (cherry picked from commit c17c121f2cf1f00e2a8d6fd6847705df47d0771e) [MODERATION] organization blocking a user (#802) (squash) Changes to adapt to: 6bbccdd177 Improve AJAX link and modal confirm dialog (#25210) Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962 Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561 (cherry picked from commit 523635f83cb2a1a4386769b79326088c5c4bbec7) (cherry picked from commit 4743eaa6a0be0ef47de5b17c211dfe8bad1b7af9) (cherry picked from commit eff5b43d2e843d5d537756d4fa58a8a010b6b527) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go (cherry picked from commit 9d359be5ed11237088ccf6328571939af814984e) (cherry picked from commit b1f3069a22a03734cffbfcd503ce004ba47561b7) [MODERATION] add user blocking API - Follow up for: #540, #802 - Add API routes for user blocking from user and organization perspective. - The new routes have integration testing. - The new model functions have unit tests. - Actually quite boring to write and to read this pull request. (cherry picked from commit f3afaf15c7e34038363c9ce8e1ef957ec1e22b06) (cherry picked from commit 6d754db3e5faff93a58fab2867737f81f40f6599) (cherry picked from commit 2a89ddc0acffa9aea0f02b721934ef9e2b496a88) (cherry picked from commit 4a147bff7e963ab9dffcfaefa5c2c01c59b4c732) Conflicts: routers/api/v1/api.go templates/swagger/v1_json.tmpl (cherry picked from commit bb8c33918569f65f25b014f0d7fe6ac20f9036fc) (cherry picked from commit 5a11569a011b7d0a14391e2b5c07d0af825d7b0e) (cherry picked from commit 2373c801ee6b84c368b498b16e6ad18650b38f42) [MODERATION] restore redirect on unblock ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink()) was replaced by ctx.JSONOK() in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739) thus changing the behavior (nicely spotted by the tests). This restores it. (cherry picked from commit 597c243707c3c86e7256faf1e6ba727224554de3) (cherry picked from commit cfa539e590127b4b953b010fba3dea21c82a1714) [MODERATION] Add test case (squash) - Add an test case, to test an property of the function. (cherry picked from commit 70dadb1916bfef8ba8cbc4e9b042cc8740f45e28) [MODERATION] Block adding collaborators - Ensure that the doer and blocked user cannot add each other as collaborators to repositories. - The Web UI gets an detailed message of the specific situation, the API gets an generic Forbidden code. - Unit tests has been added. - Integration testing for Web and API has been added. - This commit doesn't introduce removing each other as collaborators on the block action, due to the complexity of database calls that needs to be figured out. That deserves its own commit and test code. (cherry picked from commit 747be949a1b3cd06f6586512f1af4630e55d7ad4) [MODERATION] move locale_en-US.ini strings to avoid conflicts Conflicts: web_src/css/org.css web_src/css/user.css https://codeberg.org/forgejo/forgejo/pulls/1180 (cherry picked from commit e53f955c888ebaafc863a6e463da87f70f5605da) Conflicts: services/issue/comments.go https://codeberg.org/forgejo/forgejo/pulls/1212 (cherry picked from commit b4a454b576eee0c7738b2f7df1acaf5bf7810d12) Conflicts: models/forgejo_migrations/migrate.go options/locale/locale_en-US.ini services/pull/pull.go https://codeberg.org/forgejo/forgejo/pulls/1264 [MODERATION] Remove blocked user collaborations with doer - When the doer blocks an user, who is also an collaborator on an repository that the doer owns, remove that collaboration. - Added unit tests. - Refactor the unit test to be more organized. (cherry picked from commit ec8701617830152680d69d50d64cb43cc2054a89) (cherry picked from commit 313e6174d832501c57724ae7a6285194b7b81aab) [MODERATION] QoL improvements (squash) - Ensure that organisations cannot be blocked. It currently has no effect, as all blocked operations cannot be executed from an organisation standpoint. - Refactored the API route to make use of the `UserAssignmentAPI` middleware. - Make more use of `t.Run` so that the test code is more clear about which block of code belongs to which test case. - Added more integration testing (to ensure the organisations cannot be blocked and some authorization/permission checks). (cherry picked from commit e9d638d0756ee20b6bf1eb999c988533a5066a68) [MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/ (cherry picked from commit ce8b30be1327ab98df2ba061dd7e2a278b278c5b) (cherry picked from commit f911dc402508b04cd5d5fb2f3332c2d640e4556e) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1354 (cherry picked from commit c1b37b7fdaf06ee60da341dff76d703990c08082) (cherry picked from commit 856a2e09036adf56d987c6eee364c431bc37fb2e) [MODERATION] Show graceful error on comment creation - When someone is blocked by the repository owner or issue poster and try to comment on that issue, they get shown a graceful error. - Adds integration test. (cherry picked from commit 490646302e1e3dc3c59c9d75938b4647b6873ce7) (cherry picked from commit d3d88667cbb928a6ff80658eba8ef0c6c508c9e0) (cherry picked from commit 6818de13a921753e082b7c3d64c23917cc884e4b) [MODERATION] Show graceful error on comment creation (squash) typo (cherry picked from commit 1588d4834a37a744f092f2aeea6c9ef4795d7356) (cherry picked from commit d510ea52d091503e841d66f2f604348add8b4535) (cherry picked from commit 8249e93a14f628bb0e89fe3be678e4966539944e) [MODERATION] Refactor integration testing (squash) - Motivation for this PR is that I'd noticed that a lot of repeated calls are happening between the test functions and that certain tests weren't using helper functions like `GetCSRF`, therefor this refactor of the integration tests to keep it: clean, small and hopefully more maintainable and understandable. - There are now three integration tests: `TestBlockUser`, `TestBlockUserFromOrganization` and `TestBlockActions` (and has been moved in that order in the source code). - `TestBlockUser` is for doing blocking related actions as an user and `TestBlockUserFromOrganization` as an organisation, even though they execute the same kind of tests they do not share any database calls or logic and therefor it currently doesn't make sense to merge them together (hopefully such oppurtinutiy might be presented in the future). - `TestBlockActions` now contain all tests for actions that should be blocked after blocking has happened, most tests now share the same doer and blocked users and a extra fixture has been added to make this possible for the comment test. - Less code, more comments and more re-use between tests. (cherry picked from commit ffb393213d2f1269aad3c019d039cf60d0fe4b10) (cherry picked from commit 85505e0f815fede589c272d301c95204f9596985) (cherry picked from commit 0f3cf17761f6caedb17550f69de96990c2090af1) [MODERATION] Fix network error (squash) - Fix network error toast messages on user actions such as follow and unfollow. This happened because the javascript code now expects an JSON to be returned, but this wasn't the case due to cfa539e590127b4953b010fba3dea21c82a1714. - The integration testing has been adjusted to instead test for the returned flash cookie. (cherry picked from commit 112bc25e548d317a4ee00f9efa9068794a733e3b) (cherry picked from commit 1194fe4899eb39dcb9a2410032ad0cc67a62b92b) (cherry picked from commit 9abb95a8441e227874fe156095349a3173cc5a81) [MODERATION] Modernize frontend (squash) - Unify blocked users list. - Use the new flex list classes for blocked users list to avoid using the CSS helper classes and thereby be consistent in the design. - Fix the modal by using the new modal class. - Remove the icon in the modal as looks too big in the new design. - Fix avatar not displaying as it was passing the context where the user should've been passed. - Don't use italics for 'Blocked since' text. - Use namelink template to display the user's name and homelink. (cherry picked from commit ec935a16a319b14e819ead828d1d9875280d9259) (cherry picked from commit 67f37c83461aa393c53a799918e9708cb9b89b30) Conflicts: models/user/follow.go models/user/user_test.go routers/api/v1/user/follower.go routers/web/shared/user/header.go routers/web/user/profile.go templates/swagger/v1_json.tmpl https://codeberg.org/forgejo/forgejo/pulls/1468 (cherry picked from commit 6a9626839c6342cd2767ea12757ee2f78eaf443b) Conflicts: tests/integration/api_nodeinfo_test.go https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385 (cherry picked from commit 7378b251b481ed1e60e816caf8f649e8397ee5fc) Conflicts: models/fixtures/watch.yml models/issues/reaction.go models/issues/reaction_test.go routers/api/v1/repo/issue_reaction.go routers/web/repo/issue.go services/issue/issue.go https://codeberg.org/forgejo/forgejo/pulls/1547 (cherry picked from commit c2028930c101223820de0bbafc318e9394c347b8) (cherry picked from commit d3f9134aeeef784586e8412e8dbba0a8fceb0cd4) (cherry picked from commit 7afe154c5c40bcc65accdf51c9224b2f7627a684) (cherry picked from commit 99ac7353eb1e834a77fe42aa89208791cc2364ff) (cherry picked from commit a9cde00c5c25ea8c427967cb7ab57abb618e44cb) Conflicts: services/user/delete.go https://codeberg.org/forgejo/forgejo/pulls/1736 (cherry picked from commit 008c0cc63d1a3b8eb694bffbf77a7b25c56afd57) [DEADCODE] add exceptions (cherry picked from commit 12ddd2b10e3309f6430b0af42855c6af832832ee) [MODERATION] Remove deadcode (squash) - Remove deadcode that's no longer used by Forgejo. (cherry picked from commit 0faeab4fa9b0aa59f86760b24ecbc07815026c82) [MODERATION] Add repo transfers to blocked functionality (squash) - When someone gets blocked, remove all pending repository transfers from the blocked user to the doer. - Do not allow to start transferring repositories to the doer as blocked user. - Added unit testing. - Added integration testing. (cherry picked from commit 8a3caac33013482ddbee2fa51510c6918ba54466) (cherry picked from commit a92b4cfeb63b90eb2d90d0feb51cec62e0502d84) (cherry picked from commit acaaaf07d999974dbe5f9c5e792621c597bfb542) (cherry picked from commit 735818863c1793aa6f6983afedc4bd3b36026ca5) (cherry picked from commit f50fa43b32160d0d88eca1dbdca09b5f575fb62b) (cherry picked from commit e16683643388fb3c60ea478f1419a6af4f4aa283) (cherry picked from commit 82a0e4a3814a66ce44be6a031bdf08484586c61b) (cherry picked from commit ff233c19c4a5edcc2b99a6f41a2d19dbe8c08b3b) (cherry picked from commit 8ad87d215f2b6adb978de77e53ba2bf7ea571430) [MODERATION] Fix unblock action (squash) - Pass the whole context instead of only giving pieces. - This fixes CSRF not correctly being inserted into the unblock buttons. (cherry picked from commit 2aa51922ba6a0ea2f8644277baa74fc8f34ab95a) (cherry picked from commit 7ee8db0f018340bc97f125415503e3e5db5f5082) (cherry picked from commit e4f8b999bcd3b68b3ef7f54f5b17c3ada0308121) (cherry picked from commit 05aea60b1302bbd3ea574a9c6c34e1005a5d73bf) (cherry picked from commit dc0d61b012cfaf2385f71e97cda5f220b58b9fa4) (cherry picked from commit f53fa583de671ff60a0a1d0f3ab8c260e1ba4e1f) (cherry picked from commit c65b89a58d11b32009c710c2f5e75f0cd3539395) (cherry picked from commit 69e50b9969db3ab71cefaed520757876a9629a5c) (cherry picked from commit ec127440b86cb5fcf51799d8bd76a9fd6b9cebcc) [MODERATION] cope with shared fixtures * There is one more issue in the fixtures and this breaks some tests * The users in the shared fixtures were renamed for clarity and that breaks some tests (cherry picked from commit 707a4edbdf67d0eb168d7bb430cf85dd8cd63c52) Conflicts: modules/indexer/issues/indexer_test.go https://codeberg.org/forgejo/forgejo/pulls/1508 (cherry picked from commit 82cc044366c749df80ffad44eed2988b8e64211e) (cherry picked from commit 2776aec7e85850f1d7f01a090a72491550fb9d29) (cherry picked from commit 1fbde36dc784b5b2cc6193f02ff0d436b0f2a629) (cherry picked from commit 1293db3c4e5df218501f5add9f9d41101ffcb8aa) (cherry picked from commit 6476802175bac3ef78dd8f24ff6bebc16f398a78) (cherry picked from commit 5740f2fc830356acb7929a02fe304008b94a0ca5) (cherry picked from commit afc12d7b6e9b773fa89718aa79cd95c0e0ce4406) [MODERATION] Fix transfer confirmation (squash) - Fix problem caused by the clearer confirmation for dangerous actions commit. (cherry picked from commit 3488f4a9cb1f7f73103ae0017d644f13ca3ab798) (cherry picked from commit ed7de91f6ace23a1459bc6552edf719d62c7c941) (cherry picked from commit 2d97929b9b7b8d979eb12bf0994d3f169d41f7fd) (cherry picked from commit 50d035a7b058b9c4486c38cd4be0b02a4e1bf4d9) (cherry picked from commit 0a0c07d78a1dee3489b97ab359bb957e3f7fb94b) (cherry picked from commit 85e55c4dbc2f513f3d5254dac20915e8c3c22886) (cherry picked from commit d8282122ad6e8b497de35d1ed89e3093a2cd5ee2) (cherry picked from commit 3f0b3b6cc582c3d672d371dd9fe1203a56cb88c0) [MODERATION] Purge issues on user deletion (squash) (cherry picked from commit 4f529d9596ffbfc4e754c28830ba028f6344dc5b) (cherry picked from commit f0e3acadd321fcb99e8ea3e3ce1c69df25c4ca4d) (cherry picked from commit 682c4effe69dc0d4ed304fa7ce6259d9ce573629) (cherry picked from commit e43c2d84fd4b6fd31e2370cec1034262d12e5c34) (cherry picked from commit 9c8e53ccc78053026e4f667889959c23c8d95934) (cherry picked from commit a9eb7ac783b2c16ee3702a88203bf857cb4147fc) [MODERATION] Purge issues on user deletion (squash) revert shared fixtures workarounds (cherry picked from commit 7224653a40e32186892e89bfedd49edecf5b8f81) (cherry picked from commit aa6e8672f9473a9100e7575051dec9eda37709a0) (cherry picked from commit 58c7947e95648f50237ddcd46b6bd025b224a70f) (cherry picked from commit f1aacb1851b232082febcd7870a40a56de3855a6) (cherry picked from commit 0bf174af87f7de9a8d869304f709e2bf41f3dde9) (cherry picked from commit f9706f4335df3b7688ed60853d917efa72fb464a) [MODERATION] Prepare moderation for context locale changes (squash) - Resolves https://codeberg.org/forgejo/forgejo/issues/1711 (cherry picked from commit 2e289baea943dcece88f02d110b03d344308a261) (cherry picked from commit 97b16bc19ae680db62608d6020b00fe5ac451c60) [MODERATION] User blocking (squash) do not use shared fixture It conflicts with a fixtured added in the commit Fix comment permissions (#28213) (#28216) (cherry picked from commit ab40799dcab24e9f495d765268b791931da81684) (cherry picked from commit 996c92cafdb5b33a6d2d05d94038e950d97eb7de) (cherry picked from commit 259912e3a69071c5ad57871464d0b79f69a8e72c) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1921 (cherry picked from commit 1e82abc032c18015b92c93a7617a5dd06d50bd2d) (cherry picked from commit a176fee1607d571b25b345184f1c50d403029610) (cherry picked from commit 0480b76dfeda968849e900da9454a3efd82590fa) (cherry picked from commit 4bc06b7b3841c74e3d790b1ef635c2b382ca7123) (cherry picked from commit 073094cf722a927a623408d66537c758d7d64e4c) (cherry picked from commit ac6201c647a4d3a2cfb2b0303b851a8fe7a29444) (cherry picked from commit 7e0812674da3fbd1e96bdda820962edad6826fbd) (cherry picked from commit 068c741e5696957710b3d1c2e18c00be2ffaa278) Conflicts: models/repo_transfer.go models/repo_transfer_test.go routers/web/user/profile.go https://codeberg.org/forgejo/forgejo/pulls/2298
2023-08-15 02:07:38 +03:00
"errors"
Repository avatars (#6986) * Repository avatars - first variant of code from old work for gogs - add migration 87 - add new option in app.ini - add en-US locale string - add new class in repository.less * Add changed index.css, remove unused template name * Update en-us doc about configuration options * Add comments to new functions, add new option to docker app.ini * Add comment for lint * Remove variable, not needed * Fix formatting * Update swagger api template * Check if avatar exists * Fix avatar link/path checks * Typo * TEXT column can't have a default value * Fixes: - remove old avatar file on upload - use ID in name of avatar file - users may upload same files - add simple tests * Fix fmt check * Generate PNG instead of "static" GIF * More informative comment * Fix error message * Update avatar upload checks: - add file size check - add new option - update config docs - add new string to en-us locale * Fixes: - use FileHEader field for check file size - add new test - upload big image * Fix formatting * Update comments * Update log message * Removed wrong style - not needed * Use Sync2 to migrate * Update repos list view - bigger avatar - fix html blocks alignment * A little adjust avatar size * Use small icons for explore/repo list * Use new cool avatar preparation func by @lafriks * Missing changes for new function * Remove unused import, move imports * Missed new option definition in app.ini Add file size check in user/profile avatar upload * Use smaller field length for Avatar * Use session to update repo DB data, update DeleteAvatar - use session too * Fix err variable definition * As suggested @lafriks - return as soon as possible, code readability
2019-05-30 05:22:26 +03:00
"fmt"
"net/http"
"strconv"
"strings"
"time"
"code.gitea.io/gitea/models"
actions_model "code.gitea.io/gitea/models/actions"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/organization"
feat(quota): Quota enforcement The previous commit laid out the foundation of the quota engine, this one builds on top of it, and implements the actual enforcement. Enforcement happens at the route decoration level, whenever possible. In case of the API, when over quota, a 413 error is returned, with an appropriate JSON payload. In case of web routes, a 413 HTML page is rendered with similar information. This implementation is for a **soft quota**: quota usage is checked before an operation is to be performed, and the operation is *only* denied if the user is already over quota. This makes it possible to go over quota, but has the significant advantage of being practically implementable within the current Forgejo architecture. The goal of enforcement is to deny actions that can make the user go over quota, and allow the rest. As such, deleting things should - in almost all cases - be possible. A prime exemption is deleting files via the web ui: that creates a new commit, which in turn increases repo size, thus, is denied if the user is over quota. Limitations ----------- Because we generally work at a route decorator level, and rarely look *into* the operation itself, `size:repos:public` and `size:repos:private` are not enforced at this level, the engine enforces against `size:repos:all`. This will be improved in the future. AGit does not play very well with this system, because AGit PRs count toward the repo they're opened against, while in the GitHub-style fork + pull model, it counts against the fork. This too, can be improved in the future. There's very little done on the UI side to guard against going over quota. What this patch implements, is enforcement, not prevention. The UI will still let you *try* operations that *will* result in a denial. Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-06 11:30:16 +03:00
quota_model "code.gitea.io/gitea/models/quota"
repo_model "code.gitea.io/gitea/models/repo"
unit_model "code.gitea.io/gitea/models/unit"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/indexer/code"
"code.gitea.io/gitea/modules/indexer/stats"
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
"code.gitea.io/gitea/modules/lfs"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/validation"
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 18:36:53 +03:00
"code.gitea.io/gitea/modules/web"
actions_service "code.gitea.io/gitea/services/actions"
asymkey_service "code.gitea.io/gitea/services/asymkey"
"code.gitea.io/gitea/services/context"
2024-05-24 14:28:15 +03:00
"code.gitea.io/gitea/services/federation"
"code.gitea.io/gitea/services/forms"
"code.gitea.io/gitea/services/migrations"
mirror_service "code.gitea.io/gitea/services/mirror"
repo_service "code.gitea.io/gitea/services/repository"
wiki_service "code.gitea.io/gitea/services/wiki"
)
const (
tplSettingsOptions base.TplName = "repo/settings/options"
tplSettingsUnits base.TplName = "repo/settings/units"
tplCollaboration base.TplName = "repo/settings/collaboration"
tplBranches base.TplName = "repo/settings/branches"
tplGithooks base.TplName = "repo/settings/githooks"
tplGithookEdit base.TplName = "repo/settings/githook_edit"
tplDeployKeys base.TplName = "repo/settings/deploy_keys"
)
// SettingsCtxData is a middleware that sets all the general context data for the
// settings template.
func SettingsCtxData(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("repo.settings.options")
2014-08-02 21:47:33 +04:00
ctx.Data["PageIsSettingsOptions"] = true
ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate
ctx.Data["MirrorsEnabled"] = setting.Mirror.Enabled
ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
ctx.Data["DisableNewPushMirrors"] = setting.Mirror.DisableNewPush
ctx.Data["DefaultMirrorInterval"] = setting.Mirror.DefaultInterval
ctx.Data["MinimumMirrorInterval"] = setting.Mirror.MinInterval
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
signing, _ := asymkey_service.SigningKey(ctx, ctx.Repo.Repository.RepoPath())
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
ctx.Data["SigningKeyAvailable"] = len(signing) > 0
ctx.Data["SigningSettings"] = setting.Repository.Signing
ctx.Data["CodeIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
if ctx.Doer.IsAdmin {
if setting.Indexer.RepoIndexerEnabled {
status, err := repo_model.GetIndexerStatus(ctx, ctx.Repo.Repository, repo_model.RepoIndexerTypeCode)
if err != nil {
ctx.ServerError("repo.indexer_status", err)
return
}
ctx.Data["CodeIndexerStatus"] = status
}
status, err := repo_model.GetIndexerStatus(ctx, ctx.Repo.Repository, repo_model.RepoIndexerTypeStats)
if err != nil {
ctx.ServerError("repo.indexer_status", err)
return
}
ctx.Data["StatsIndexerStatus"] = status
}
pushMirrors, _, err := repo_model.GetPushMirrorsByRepoID(ctx, ctx.Repo.Repository.ID, db.ListOptions{})
if err != nil {
ctx.ServerError("GetPushMirrorsByRepoID", err)
return
}
ctx.Data["PushMirrors"] = pushMirrors
ctx.Data["CanUseSSHMirroring"] = git.HasSSHExecutable
}
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
// Units show a repositorys unit settings page
func Units(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("repo.settings.units.units")
ctx.Data["PageIsRepoSettingsUnits"] = true
ctx.HTML(http.StatusOK, tplSettingsUnits)
}
func UnitsPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.RepoUnitSettingForm)
repo := ctx.Repo.Repository
var repoChanged bool
var units []repo_model.RepoUnit
var deleteUnitTypes []unit_model.Type
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
if repo.CloseIssuesViaCommitInAnyBranch != form.EnableCloseIssuesViaCommitInAnyBranch {
repo.CloseIssuesViaCommitInAnyBranch = form.EnableCloseIssuesViaCommitInAnyBranch
repoChanged = true
}
if form.EnableCode && !unit_model.TypeCode.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeCode,
})
} else if !unit_model.TypeCode.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeCode)
}
if form.EnableWiki && form.EnableExternalWiki && !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
if !validation.IsValidExternalURL(form.ExternalWikiURL) {
ctx.Flash.Error(ctx.Tr("repo.settings.external_wiki_url_error"))
ctx.Redirect(repo.Link() + "/settings/units")
return
}
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeExternalWiki,
Config: &repo_model.ExternalWikiConfig{
ExternalWikiURL: form.ExternalWikiURL,
},
})
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
} else if form.EnableWiki && !form.EnableExternalWiki && !unit_model.TypeWiki.UnitGlobalDisabled() {
var wikiPermissions repo_model.UnitAccessMode
if form.GloballyWriteableWiki {
wikiPermissions = repo_model.UnitAccessModeWrite
} else {
wikiPermissions = repo_model.UnitAccessModeRead
}
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeWiki,
Config: new(repo_model.UnitConfig),
DefaultPermissions: wikiPermissions,
})
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
} else {
if !unit_model.TypeExternalWiki.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalWiki)
}
if !unit_model.TypeWiki.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeWiki)
}
}
if form.EnableIssues && form.EnableExternalTracker && !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
if !validation.IsValidExternalURL(form.ExternalTrackerURL) {
ctx.Flash.Error(ctx.Tr("repo.settings.external_tracker_url_error"))
ctx.Redirect(repo.Link() + "/settings/units")
return
}
if len(form.TrackerURLFormat) != 0 && !validation.IsValidExternalTrackerURLFormat(form.TrackerURLFormat) {
ctx.Flash.Error(ctx.Tr("repo.settings.tracker_url_format_error"))
ctx.Redirect(repo.Link() + "/settings/units")
return
}
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeExternalTracker,
Config: &repo_model.ExternalTrackerConfig{
ExternalTrackerURL: form.ExternalTrackerURL,
ExternalTrackerFormat: form.TrackerURLFormat,
ExternalTrackerStyle: form.TrackerIssueStyle,
ExternalTrackerRegexpPattern: form.ExternalTrackerRegexpPattern,
},
})
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
} else if form.EnableIssues && !form.EnableExternalTracker && !unit_model.TypeIssues.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeIssues,
Config: &repo_model.IssuesConfig{
EnableTimetracker: form.EnableTimetracker,
AllowOnlyContributorsToTrackTime: form.AllowOnlyContributorsToTrackTime,
EnableDependencies: form.EnableIssueDependencies,
},
})
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
} else {
if !unit_model.TypeExternalTracker.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeExternalTracker)
}
if !unit_model.TypeIssues.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeIssues)
}
}
if form.EnableProjects && !unit_model.TypeProjects.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeProjects,
})
} else if !unit_model.TypeProjects.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeProjects)
}
if form.EnableReleases && !unit_model.TypeReleases.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeReleases,
})
} else if !unit_model.TypeReleases.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeReleases)
}
if form.EnablePackages && !unit_model.TypePackages.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypePackages,
})
} else if !unit_model.TypePackages.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePackages)
}
if form.EnableActions && !unit_model.TypeActions.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypeActions,
})
} else if !unit_model.TypeActions.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypeActions)
}
if form.EnablePulls && !unit_model.TypePullRequests.UnitGlobalDisabled() {
units = append(units, repo_model.RepoUnit{
RepoID: repo.ID,
Type: unit_model.TypePullRequests,
Config: &repo_model.PullRequestsConfig{
IgnoreWhitespaceConflicts: form.PullsIgnoreWhitespace,
AllowMerge: form.PullsAllowMerge,
AllowRebase: form.PullsAllowRebase,
AllowRebaseMerge: form.PullsAllowRebaseMerge,
AllowSquash: form.PullsAllowSquash,
AllowFastForwardOnly: form.PullsAllowFastForwardOnly,
AllowManualMerge: form.PullsAllowManualMerge,
AutodetectManualMerge: form.EnableAutodetectManualMerge,
AllowRebaseUpdate: form.PullsAllowRebaseUpdate,
DefaultDeleteBranchAfterMerge: form.DefaultDeleteBranchAfterMerge,
DefaultMergeStyle: repo_model.MergeStyle(form.PullsDefaultMergeStyle),
DefaultAllowMaintainerEdit: form.DefaultAllowMaintainerEdit,
},
})
} else if !unit_model.TypePullRequests.UnitGlobalDisabled() {
deleteUnitTypes = append(deleteUnitTypes, unit_model.TypePullRequests)
}
if len(units) == 0 {
ctx.Flash.Error(ctx.Tr("repo.settings.update_settings_no_unit"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings/units")
return
}
if err := repo_service.UpdateRepositoryUnits(ctx, repo, units, deleteUnitTypes); err != nil {
ctx.ServerError("UpdateRepositoryUnits", err)
return
}
if repoChanged {
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
ctx.ServerError("UpdateRepository", err)
return
}
}
log.Trace("Repository advanced settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings/units")
}
// Settings show a repository's settings page
func Settings(ctx *context.Context) {
ctx.HTML(http.StatusOK, tplSettingsOptions)
}
2016-11-24 10:04:31 +03:00
// SettingsPost response for changes of a repository
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 18:36:53 +03:00
func SettingsPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.RepoSettingForm)
ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate
ctx.Data["MirrorsEnabled"] = setting.Mirror.Enabled
ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
ctx.Data["DisableNewPushMirrors"] = setting.Mirror.DisableNewPush
ctx.Data["DefaultMirrorInterval"] = setting.Mirror.DefaultInterval
ctx.Data["MinimumMirrorInterval"] = setting.Mirror.MinInterval
signing, _ := asymkey_service.SigningKey(ctx, ctx.Repo.Repository.RepoPath())
ctx.Data["SigningKeyAvailable"] = len(signing) > 0
ctx.Data["SigningSettings"] = setting.Repository.Signing
ctx.Data["CodeIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
2015-08-31 08:36:31 +03:00
repo := ctx.Repo.Repository
switch ctx.FormString("action") {
case "update":
if ctx.HasError() {
ctx.HTML(http.StatusOK, tplSettingsOptions)
return
}
newRepoName := form.RepoName
// Check if repository name has been changed.
2015-08-31 08:36:31 +03:00
if repo.LowerName != strings.ToLower(newRepoName) {
// Close the GitRepo if open
if ctx.Repo.GitRepo != nil {
ctx.Repo.GitRepo.Close()
ctx.Repo.GitRepo = nil
}
if err := repo_service.ChangeRepositoryName(ctx, ctx.Doer, repo, newRepoName); err != nil {
2015-08-31 08:36:31 +03:00
ctx.Data["Err_RepoName"] = true
switch {
case repo_model.IsErrRepoAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), tplSettingsOptions, &form)
case db.IsErrNameReserved(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(db.ErrNameReserved).Name), tplSettingsOptions, &form)
case repo_model.IsErrRepoFilesAlreadyExist(err):
Adopt repositories (#12920) * Don't automatically delete repository files if they are present Prior to this PR Gitea would delete any repository files if they are present during creation or migration. This can in certain circumstances lead to data-loss and is slightly unpleasant. This PR provides a mechanism for Gitea to adopt repositories on creation and otherwise requires an explicit flag for deletion. PushCreate is slightly different - the create will cause adoption if that is allowed otherwise it will delete the data if that is allowed. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix tests and migrate overwrite Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @lunny Only offer to adopt or overwrite if the user can do that. Allow the site administrator to adopt or overwrite in all circumstances Signed-off-by: Andrew Thornton <art27@cantab.net> * Use setting.Repository.DefaultBranch for the default branch Signed-off-by: Andrew Thornton <art27@cantab.net> * Always set setting.Repository.DefaultBranch Signed-off-by: Andrew Thornton <art27@cantab.net> * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * update templates Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure repo closed Signed-off-by: Andrew Thornton <art27@cantab.net> * Rewrite of adoption as per @6543 and @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * missing not Signed-off-by: Andrew Thornton <art27@cantab.net> * add modals and flash reporting Signed-off-by: Andrew Thornton <art27@cantab.net> * Make the unadopted page searchable Signed-off-by: Andrew Thornton <art27@cantab.net> * Add API Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle empty and non-master branched repositories Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * remove commented out code Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-25 07:09:23 +03:00
ctx.Data["Err_RepoName"] = true
switch {
case ctx.IsUserSiteAdmin() || (setting.Repository.AllowAdoptionOfUnadoptedRepositories && setting.Repository.AllowDeleteOfUnadoptedRepositories):
ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt_or_delete"), tplSettingsOptions, form)
case setting.Repository.AllowAdoptionOfUnadoptedRepositories:
ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.adopt"), tplSettingsOptions, form)
case setting.Repository.AllowDeleteOfUnadoptedRepositories:
ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist.delete"), tplSettingsOptions, form)
default:
ctx.RenderWithErr(ctx.Tr("form.repository_files_already_exist"), tplSettingsOptions, form)
}
case db.IsErrNamePatternNotAllowed(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(db.ErrNamePatternNotAllowed).Pattern), tplSettingsOptions, &form)
default:
ctx.ServerError("ChangeRepositoryName", err)
}
return
}
2015-08-31 08:36:31 +03:00
log.Trace("Repository name changed: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newRepoName)
}
2015-08-31 08:36:31 +03:00
// In case it's just a case change.
repo.Name = newRepoName
repo.LowerName = strings.ToLower(newRepoName)
repo.Description = form.Description
repo.Website = form.Website
Template Repositories (#8768) * Start work on templates Signed-off-by: jolheiser <john.olheiser@gmail.com> * Continue work Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix IsTemplate vs IsGenerated Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix tabs vs spaces * Tabs vs Spaces * Add templates to API & start adding tests Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix integration tests Signed-off-by: jolheiser <john.olheiser@gmail.com> * Remove unused User Signed-off-by: jolheiser <john.olheiser@gmail.com> * Move template tests to existing repos Signed-off-by: jolheiser <john.olheiser@gmail.com> * Minor re-check updates and cleanup Signed-off-by: jolheiser <john.olheiser@gmail.com> * make fmt Signed-off-by: jolheiser <john.olheiser@gmail.com> * Test cleanup Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix optionalbool Signed-off-by: jolheiser <john.olheiser@gmail.com> * make fmt Signed-off-by: jolheiser <john.olheiser@gmail.com> * Test fixes and icon change Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add new user and repo for tests Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix tests (finally) Signed-off-by: jolheiser <john.olheiser@gmail.com> * Update meta repo with env variables Signed-off-by: jolheiser <john.olheiser@gmail.com> * Move generation to create page Combine with repo create template Modify API search to prioritize owner for repo Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix tests and coverage Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix swagger and JS lint Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix API searching for own private repos Signed-off-by: jolheiser <john.olheiser@gmail.com> * Change wording Signed-off-by: jolheiser <john.olheiser@gmail.com> * Fix repo search test. User had a private repo that didn't show up Signed-off-by: jolheiser <john.olheiser@gmail.com> * Another search test fix Signed-off-by: jolheiser <john.olheiser@gmail.com> * Clarify git content Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Feedback updates Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add topics WIP Signed-off-by: jolheiser <john.olheiser@gmail.com> * Finish adding topics Signed-off-by: jolheiser <john.olheiser@gmail.com> * Update locale Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-11-11 18:15:29 +03:00
repo.IsTemplate = form.Template
2015-11-18 23:01:11 +03:00
// Visibility of forked repository is forced sync with base repository.
if repo.IsFork {
form.Private = repo.BaseRepo.IsPrivate || repo.BaseRepo.Owner.Visibility == structs.VisibleTypePrivate
2015-11-18 23:01:11 +03:00
}
2015-08-31 08:36:31 +03:00
visibilityChanged := repo.IsPrivate != form.Private
// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
if visibilityChanged && setting.Repository.ForcePrivate && !form.Private && !ctx.Doer.IsAdmin {
ctx.RenderWithErr(ctx.Tr("form.repository_force_private"), tplSettingsOptions, form)
return
}
2015-08-31 08:36:31 +03:00
repo.IsPrivate = form.Private
if err := repo_service.UpdateRepository(ctx, repo, visibilityChanged); err != nil {
ctx.ServerError("UpdateRepository", err)
2015-09-01 16:29:52 +03:00
return
}
2015-12-05 05:30:33 +03:00
log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
2024-05-24 14:28:15 +03:00
case "federation":
if !setting.Federation.Enabled {
ctx.NotFound("", nil)
ctx.Flash.Info(ctx.Tr("repo.settings.federation_not_enabled"))
return
}
2024-05-29 19:31:06 +03:00
followingRepos := strings.TrimSpace(form.FollowingRepos)
followingRepos = strings.TrimSuffix(followingRepos, ";")
2024-05-24 14:28:15 +03:00
maxFollowingRepoStrLength := 2048
2024-05-29 19:31:06 +03:00
errs := validation.ValidateMaxLen(followingRepos, maxFollowingRepoStrLength, "federationRepos")
2024-05-24 14:28:15 +03:00
if len(errs) > 0 {
2024-05-29 19:31:06 +03:00
ctx.Data["ERR_FollowingRepos"] = true
2024-05-24 14:28:15 +03:00
ctx.Flash.Error(ctx.Tr("repo.form.string_too_long", maxFollowingRepoStrLength))
ctx.Redirect(repo.Link() + "/settings")
return
}
federationRepoSplit := []string{}
2024-05-29 19:31:06 +03:00
if followingRepos != "" {
federationRepoSplit = strings.Split(followingRepos, ";")
2024-05-24 14:28:15 +03:00
}
for idx, repo := range federationRepoSplit {
federationRepoSplit[idx] = strings.TrimSpace(repo)
}
if _, _, err := federation.StoreFollowingRepoList(ctx, ctx.Repo.Repository.ID, federationRepoSplit); err != nil {
ctx.ServerError("UpdateRepository", err)
return
}
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
case "mirror":
if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
ctx.NotFound("", nil)
return
}
pullMirror, err := repo_model.GetMirrorByRepoID(ctx, ctx.Repo.Repository.ID)
if err == repo_model.ErrMirrorNotExist {
ctx.NotFound("", nil)
return
}
if err != nil {
ctx.ServerError("GetMirrorByRepoID", err)
return
}
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
interval, err := time.ParseDuration(form.Interval)
2019-01-26 11:26:23 +03:00
if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
ctx.Data["Err_Interval"] = true
ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
return
}
pullMirror.EnablePrune = form.EnablePrune
pullMirror.Interval = interval
pullMirror.ScheduleNextUpdate()
if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
ctx.ServerError("UpdateMirror", err)
return
}
2019-04-12 23:52:57 +03:00
u, err := git.GetRemoteURL(ctx, ctx.Repo.Repository.RepoPath(), pullMirror.GetRemoteName())
if err != nil {
ctx.Data["Err_MirrorAddress"] = true
handleSettingRemoteAddrError(ctx, err, form)
return
}
if u.User != nil && form.MirrorPassword == "" && form.MirrorUsername == u.User.Username() {
form.MirrorPassword, _ = u.User.Password()
}
address, err := forms.ParseRemoteAddr(form.MirrorAddress, form.MirrorUsername, form.MirrorPassword)
if err == nil {
err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
}
if err != nil {
2019-04-12 23:52:57 +03:00
ctx.Data["Err_MirrorAddress"] = true
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
handleSettingRemoteAddrError(ctx, err, form)
2019-04-12 23:52:57 +03:00
return
}
if err := mirror_service.UpdateAddress(ctx, pullMirror, address); err != nil {
ctx.ServerError("UpdateAddress", err)
return
}
remoteAddress, err := util.SanitizeURL(address)
if err != nil {
ctx.Data["Err_MirrorAddress"] = true
handleSettingRemoteAddrError(ctx, err, form)
return
}
pullMirror.RemoteAddress = remoteAddress
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
form.LFS = form.LFS && setting.LFS.StartServer
if len(form.LFSEndpoint) > 0 {
ep := lfs.DetermineEndpoint("", form.LFSEndpoint)
if ep == nil {
ctx.Data["Err_LFSEndpoint"] = true
ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_lfs_endpoint"), tplSettingsOptions, &form)
return
}
err = migrations.IsMigrateURLAllowed(ep.String(), ctx.Doer)
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
if err != nil {
ctx.Data["Err_LFSEndpoint"] = true
handleSettingRemoteAddrError(ctx, err, form)
return
}
}
pullMirror.LFS = form.LFS
pullMirror.LFSEndpoint = form.LFSEndpoint
if err := repo_model.UpdateMirror(ctx, pullMirror); err != nil {
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
ctx.ServerError("UpdateMirror", err)
return
}
2014-08-02 21:47:33 +04:00
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
2015-12-05 05:30:33 +03:00
case "mirror-sync":
if !setting.Mirror.Enabled || !repo.IsMirror || repo.IsArchived {
ctx.NotFound("", nil)
return
}
feat(quota): Quota enforcement The previous commit laid out the foundation of the quota engine, this one builds on top of it, and implements the actual enforcement. Enforcement happens at the route decoration level, whenever possible. In case of the API, when over quota, a 413 error is returned, with an appropriate JSON payload. In case of web routes, a 413 HTML page is rendered with similar information. This implementation is for a **soft quota**: quota usage is checked before an operation is to be performed, and the operation is *only* denied if the user is already over quota. This makes it possible to go over quota, but has the significant advantage of being practically implementable within the current Forgejo architecture. The goal of enforcement is to deny actions that can make the user go over quota, and allow the rest. As such, deleting things should - in almost all cases - be possible. A prime exemption is deleting files via the web ui: that creates a new commit, which in turn increases repo size, thus, is denied if the user is over quota. Limitations ----------- Because we generally work at a route decorator level, and rarely look *into* the operation itself, `size:repos:public` and `size:repos:private` are not enforced at this level, the engine enforces against `size:repos:all`. This will be improved in the future. AGit does not play very well with this system, because AGit PRs count toward the repo they're opened against, while in the GitHub-style fork + pull model, it counts against the fork. This too, can be improved in the future. There's very little done on the UI side to guard against going over quota. What this patch implements, is enforcement, not prevention. The UI will still let you *try* operations that *will* result in a denial. Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-06 11:30:16 +03:00
ok, err := quota_model.EvaluateForUser(ctx, repo.OwnerID, quota_model.LimitSubjectSizeReposAll)
if err != nil {
ctx.ServerError("quota_model.EvaluateForUser", err)
return
}
if !ok {
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
ctx.RenderWithErr(ctx.Tr("repo.settings.pull_mirror_sync_quota_exceeded"), tplSettingsOptions, &form)
return
}
mirror_service.AddPullMirrorToQueue(repo.ID)
ctx.Flash.Info(ctx.Tr("repo.settings.pull_mirror_sync_in_progress", repo.OriginalURL))
ctx.Redirect(repo.Link() + "/settings")
case "push-mirror-sync":
if !setting.Mirror.Enabled {
ctx.NotFound("", nil)
return
}
m, err := selectPushMirrorByForm(ctx, form, repo)
if err != nil {
ctx.NotFound("", nil)
return
}
mirror_service.AddPushMirrorToQueue(m.ID)
ctx.Flash.Info(ctx.Tr("repo.settings.push_mirror_sync_in_progress", m.RemoteAddress))
ctx.Redirect(repo.Link() + "/settings")
2023-08-01 19:00:59 +03:00
case "push-mirror-update":
if !setting.Mirror.Enabled || repo.IsArchived {
2023-08-01 19:00:59 +03:00
ctx.NotFound("", nil)
return
}
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
interval, err := time.ParseDuration(form.PushMirrorInterval)
if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &forms.RepoSettingForm{})
return
}
id, err := strconv.ParseInt(form.PushMirrorID, 10, 64)
if err != nil {
ctx.ServerError("UpdatePushMirrorIntervalPushMirrorID", err)
return
}
m := &repo_model.PushMirror{
ID: id,
Interval: interval,
}
if err := repo_model.UpdatePushMirrorInterval(ctx, m); err != nil {
ctx.ServerError("UpdatePushMirrorInterval", err)
return
}
// Background why we are adding it to Queue
// If we observed its implementation in the context of `push-mirror-sync` where it
// is evident that pushing to the queue is necessary for updates.
// So, there are updates within the given interval, it is necessary to update the queue accordingly.
mirror_service.AddPushMirrorToQueue(m.ID)
2023-08-01 19:00:59 +03:00
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
case "push-mirror-remove":
if !setting.Mirror.Enabled || repo.IsArchived {
ctx.NotFound("", nil)
return
}
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
m, err := selectPushMirrorByForm(ctx, form, repo)
if err != nil {
ctx.NotFound("", nil)
return
}
if err = mirror_service.RemovePushMirrorRemote(ctx, m); err != nil {
ctx.ServerError("RemovePushMirrorRemote", err)
return
}
if err = repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
ctx.ServerError("DeletePushMirrorByID", err)
return
}
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
case "push-mirror-add":
if setting.Mirror.DisableNewPush || repo.IsArchived {
ctx.NotFound("", nil)
return
}
// This section doesn't require repo_name/RepoName to be set in the form, don't show it
// as an error on the UI for this action
ctx.Data["Err_RepoName"] = nil
interval, err := time.ParseDuration(form.PushMirrorInterval)
if err != nil || (interval != 0 && interval < setting.Mirror.MinInterval) {
ctx.Data["Err_PushMirrorInterval"] = true
ctx.RenderWithErr(ctx.Tr("repo.mirror_interval_invalid"), tplSettingsOptions, &form)
return
}
if form.PushMirrorUseSSH && (form.PushMirrorUsername != "" || form.PushMirrorPassword != "") {
ctx.Data["Err_PushMirrorUseSSH"] = true
ctx.RenderWithErr(ctx.Tr("repo.mirror_denied_combination"), tplSettingsOptions, &form)
return
}
if form.PushMirrorUseSSH && !git.HasSSHExecutable {
ctx.RenderWithErr(ctx.Tr("repo.mirror_use_ssh.not_available"), tplSettingsOptions, &form)
return
}
address, err := forms.ParseRemoteAddr(form.PushMirrorAddress, form.PushMirrorUsername, form.PushMirrorPassword)
if err == nil {
err = migrations.IsMigrateURLAllowed(address, ctx.Doer)
}
if err != nil {
ctx.Data["Err_PushMirrorAddress"] = true
handleSettingRemoteAddrError(ctx, err, form)
return
}
remoteSuffix, err := util.CryptoRandomString(10)
if err != nil {
ctx.ServerError("RandomString", err)
return
}
remoteAddress, err := util.SanitizeURL(address)
if err != nil {
ctx.Data["Err_PushMirrorAddress"] = true
handleSettingRemoteAddrError(ctx, err, form)
return
}
m := &repo_model.PushMirror{
RepoID: repo.ID,
Repo: repo,
RemoteName: fmt.Sprintf("remote_mirror_%s", remoteSuffix),
SyncOnCommit: form.PushMirrorSyncOnCommit,
Interval: interval,
RemoteAddress: remoteAddress,
}
var plainPrivateKey []byte
if form.PushMirrorUseSSH {
publicKey, privateKey, err := util.GenerateSSHKeypair()
if err != nil {
ctx.ServerError("GenerateSSHKeypair", err)
return
}
plainPrivateKey = privateKey
m.PublicKey = string(publicKey)
}
if err := db.Insert(ctx, m); err != nil {
ctx.ServerError("InsertPushMirror", err)
return
}
if form.PushMirrorUseSSH {
if err := m.SetPrivatekey(ctx, plainPrivateKey); err != nil {
ctx.ServerError("SetPrivatekey", err)
return
}
}
if err := mirror_service.AddPushMirrorRemote(ctx, m, address); err != nil {
if err := repo_model.DeletePushMirrors(ctx, repo_model.PushMirrorOptions{ID: m.ID, RepoID: m.RepoID}); err != nil {
log.Error("DeletePushMirrors %v", err)
}
ctx.ServerError("AddPushMirrorRemote", err)
return
}
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.Link() + "/settings")
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
case "signing":
changed := false
trustModel := repo_model.ToTrustModel(form.TrustModel)
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
if trustModel != repo.TrustModel {
repo.TrustModel = trustModel
changed = true
}
if changed {
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
Add configurable Trust Models (#11712) * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-19 19:44:55 +03:00
ctx.ServerError("UpdateRepository", err)
return
}
}
log.Trace("Repository signing settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
case "admin":
if !ctx.Doer.IsAdmin {
ctx.Error(http.StatusForbidden)
return
}
if repo.IsFsckEnabled != form.EnableHealthCheck {
repo.IsFsckEnabled = form.EnableHealthCheck
}
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
ctx.ServerError("UpdateRepository", err)
return
}
log.Trace("Repository admin settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
case "admin_index":
if !ctx.Doer.IsAdmin {
ctx.Error(http.StatusForbidden)
return
}
switch form.RequestReindexType {
case "stats":
if err := stats.UpdateRepoIndexer(ctx.Repo.Repository); err != nil {
ctx.ServerError("UpdateStatsRepondexer", err)
return
}
case "code":
if !setting.Indexer.RepoIndexerEnabled {
ctx.Error(http.StatusForbidden)
return
}
code.UpdateRepoIndexer(ctx.Repo.Repository)
default:
ctx.NotFound("", nil)
return
}
log.Trace("Repository reindex for %s requested: %s/%s", form.RequestReindexType, ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.reindex_requested"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
case "convert":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
[SHARED] make confirmation clearer for dangerous actions [GITEA] Fix cancelled migration deletion modal - https://codeberg.org/forgejo/forgejo/pulls/1473 made that dangerous actions such as deletion also would need to type in the owner's name. This was apparently not reflected to the deletion modal for migrations that failed or were cancelled. (cherry picked from commit c38dbd6f889aeb52745eddb276225acd0153cba6) (cherry picked from commit 7c07592d01b086b612195367c6a13560e5539767) (cherry picked from commit 78637af2b6440ae307de5e21b284c08c02dd4d13) [SHARED] make confirmation clearer for dangerous actions - Currently the confirmation for dangerous actions such as transferring the repository or deleting it only requires the user to ~~copy paste~~ type the repository name. - This can be problematic when the user has a fork or another repository with the same name as an organization's repository, and the confirmation doesn't make clear that it could be deleting the wrong repository. While it's mentioned in the dialog, it's better to be on the safe side and also add the owner's name to be an element that has to be typed for these dangerous actions. - Added integration tests. (cherry picked from commit bf679b24dd23c9ed586b9439e293bbd27cc89232) (cherry picked from commit 1963085dd9d1521b7a4aa8558d409bd1a9f2e1da) (cherry picked from commit fb94095d1992c3e47f03e0fccc98a90707a5271b) (cherry picked from commit e1d1e46afee6891becdb6ccd027fc66843b56db9) (cherry picked from commit 93993029e4ec8a20a8bc38d80bb4b801e52ee1b7) (cherry picked from commit df3b058179d8f3e06cc6fb335b287c72c8952821) (cherry picked from commit 8ccc6b9cba46a736665e4b25523da0baf1679702) (cherry picked from commit 9fbe28fca35e3d02c23521e063679775ec0792f8) (cherry picked from commit 4ef2be6dc705c693735e024b28fd7dac3de39d47) https://codeberg.org/forgejo/forgejo/pulls/1873 Moved test from repo_test.go to forgejo_confirmation_repo_test.go to avoid conflicts. (cherry picked from commit 83cae67aa3fe8f9eb732f86020e58b9ea4d8b5ec) (cherry picked from commit 447009ff568a542985f6b3a9bc7237b9de3e3c54) (cherry picked from commit 72c0a6150aee7c3a965c87e7348faa2b48c520de) (cherry picked from commit 8ee9c070b98f64263d63dfef32d54bdad5f0d266) (cherry picked from commit 89aba06403be898adbfff6b2d7bb01aad239a87c) (cherry picked from commit 798407599f3d77bdd8bad5fa7abba81d417cd916) (cherry picked from commit 41c9a2606bd8d7036e7d54ad7ab35af06ec99a34) (cherry picked from commit a57b214e366435240c4a210115c6a3fda0d37f8b) (cherry picked from commit fd287a91349bc7844544f9b6ff88e46157d3dc80)
2023-11-23 22:24:52 +03:00
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
}
2016-02-14 23:22:36 +03:00
if !repo.IsMirror {
ctx.Error(http.StatusNotFound)
2016-02-14 23:22:36 +03:00
return
}
repo.IsMirror = false
if _, err := repo_service.CleanUpMigrateInfo(ctx, repo); err != nil {
ctx.ServerError("CleanUpMigrateInfo", err)
return
} else if err = repo_model.DeleteMirrorByRepoID(ctx, ctx.Repo.Repository.ID); err != nil {
ctx.ServerError("DeleteMirrorByRepoID", err)
return
}
log.Trace("Repository converted from mirror to regular: %s", repo.FullName())
ctx.Flash.Success(ctx.Tr("repo.settings.convert_succeed"))
ctx.Redirect(repo.Link())
case "convert_fork":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
if err := repo.LoadOwner(ctx); err != nil {
ctx.ServerError("Convert Fork", err)
return
}
[SHARED] make confirmation clearer for dangerous actions [GITEA] Fix cancelled migration deletion modal - https://codeberg.org/forgejo/forgejo/pulls/1473 made that dangerous actions such as deletion also would need to type in the owner's name. This was apparently not reflected to the deletion modal for migrations that failed or were cancelled. (cherry picked from commit c38dbd6f889aeb52745eddb276225acd0153cba6) (cherry picked from commit 7c07592d01b086b612195367c6a13560e5539767) (cherry picked from commit 78637af2b6440ae307de5e21b284c08c02dd4d13) [SHARED] make confirmation clearer for dangerous actions - Currently the confirmation for dangerous actions such as transferring the repository or deleting it only requires the user to ~~copy paste~~ type the repository name. - This can be problematic when the user has a fork or another repository with the same name as an organization's repository, and the confirmation doesn't make clear that it could be deleting the wrong repository. While it's mentioned in the dialog, it's better to be on the safe side and also add the owner's name to be an element that has to be typed for these dangerous actions. - Added integration tests. (cherry picked from commit bf679b24dd23c9ed586b9439e293bbd27cc89232) (cherry picked from commit 1963085dd9d1521b7a4aa8558d409bd1a9f2e1da) (cherry picked from commit fb94095d1992c3e47f03e0fccc98a90707a5271b) (cherry picked from commit e1d1e46afee6891becdb6ccd027fc66843b56db9) (cherry picked from commit 93993029e4ec8a20a8bc38d80bb4b801e52ee1b7) (cherry picked from commit df3b058179d8f3e06cc6fb335b287c72c8952821) (cherry picked from commit 8ccc6b9cba46a736665e4b25523da0baf1679702) (cherry picked from commit 9fbe28fca35e3d02c23521e063679775ec0792f8) (cherry picked from commit 4ef2be6dc705c693735e024b28fd7dac3de39d47) https://codeberg.org/forgejo/forgejo/pulls/1873 Moved test from repo_test.go to forgejo_confirmation_repo_test.go to avoid conflicts. (cherry picked from commit 83cae67aa3fe8f9eb732f86020e58b9ea4d8b5ec) (cherry picked from commit 447009ff568a542985f6b3a9bc7237b9de3e3c54) (cherry picked from commit 72c0a6150aee7c3a965c87e7348faa2b48c520de) (cherry picked from commit 8ee9c070b98f64263d63dfef32d54bdad5f0d266) (cherry picked from commit 89aba06403be898adbfff6b2d7bb01aad239a87c) (cherry picked from commit 798407599f3d77bdd8bad5fa7abba81d417cd916) (cherry picked from commit 41c9a2606bd8d7036e7d54ad7ab35af06ec99a34) (cherry picked from commit a57b214e366435240c4a210115c6a3fda0d37f8b) (cherry picked from commit fd287a91349bc7844544f9b6ff88e46157d3dc80)
2023-11-23 22:24:52 +03:00
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
}
if !repo.IsFork {
ctx.Error(http.StatusNotFound)
return
}
if !ctx.Repo.Owner.CanCreateRepo() {
maxCreationLimit := ctx.Repo.Owner.MaxCreationLimit()
msg := ctx.TrN(maxCreationLimit, "repo.form.reach_limit_of_creation_1", "repo.form.reach_limit_of_creation_n", maxCreationLimit)
ctx.Flash.Error(msg)
ctx.Redirect(repo.Link() + "/settings")
return
}
if err := repo_service.ConvertForkToNormalRepository(ctx, repo); err != nil {
log.Error("Unable to convert repository %-v from fork. Error: %v", repo, err)
ctx.ServerError("Convert Fork", err)
return
}
log.Trace("Repository converted from fork to regular: %s", repo.FullName())
ctx.Flash.Success(ctx.Tr("repo.settings.convert_fork_succeed"))
ctx.Redirect(repo.Link())
case "transfer":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
[SHARED] make confirmation clearer for dangerous actions [GITEA] Fix cancelled migration deletion modal - https://codeberg.org/forgejo/forgejo/pulls/1473 made that dangerous actions such as deletion also would need to type in the owner's name. This was apparently not reflected to the deletion modal for migrations that failed or were cancelled. (cherry picked from commit c38dbd6f889aeb52745eddb276225acd0153cba6) (cherry picked from commit 7c07592d01b086b612195367c6a13560e5539767) (cherry picked from commit 78637af2b6440ae307de5e21b284c08c02dd4d13) [SHARED] make confirmation clearer for dangerous actions - Currently the confirmation for dangerous actions such as transferring the repository or deleting it only requires the user to ~~copy paste~~ type the repository name. - This can be problematic when the user has a fork or another repository with the same name as an organization's repository, and the confirmation doesn't make clear that it could be deleting the wrong repository. While it's mentioned in the dialog, it's better to be on the safe side and also add the owner's name to be an element that has to be typed for these dangerous actions. - Added integration tests. (cherry picked from commit bf679b24dd23c9ed586b9439e293bbd27cc89232) (cherry picked from commit 1963085dd9d1521b7a4aa8558d409bd1a9f2e1da) (cherry picked from commit fb94095d1992c3e47f03e0fccc98a90707a5271b) (cherry picked from commit e1d1e46afee6891becdb6ccd027fc66843b56db9) (cherry picked from commit 93993029e4ec8a20a8bc38d80bb4b801e52ee1b7) (cherry picked from commit df3b058179d8f3e06cc6fb335b287c72c8952821) (cherry picked from commit 8ccc6b9cba46a736665e4b25523da0baf1679702) (cherry picked from commit 9fbe28fca35e3d02c23521e063679775ec0792f8) (cherry picked from commit 4ef2be6dc705c693735e024b28fd7dac3de39d47) https://codeberg.org/forgejo/forgejo/pulls/1873 Moved test from repo_test.go to forgejo_confirmation_repo_test.go to avoid conflicts. (cherry picked from commit 83cae67aa3fe8f9eb732f86020e58b9ea4d8b5ec) (cherry picked from commit 447009ff568a542985f6b3a9bc7237b9de3e3c54) (cherry picked from commit 72c0a6150aee7c3a965c87e7348faa2b48c520de) (cherry picked from commit 8ee9c070b98f64263d63dfef32d54bdad5f0d266) (cherry picked from commit 89aba06403be898adbfff6b2d7bb01aad239a87c) (cherry picked from commit 798407599f3d77bdd8bad5fa7abba81d417cd916) (cherry picked from commit 41c9a2606bd8d7036e7d54ad7ab35af06ec99a34) (cherry picked from commit a57b214e366435240c4a210115c6a3fda0d37f8b) (cherry picked from commit fd287a91349bc7844544f9b6ff88e46157d3dc80)
2023-11-23 22:24:52 +03:00
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
}
newOwner, err := user_model.GetUserByName(ctx, ctx.FormString("new_owner_name"))
if err != nil {
if user_model.IsErrUserNotExist(err) {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
return
}
ctx.ServerError("IsUserExist", err)
return
}
if newOwner.Type == user_model.UserTypeOrganization {
if !ctx.Doer.IsAdmin && newOwner.Visibility == structs.VisibleTypePrivate && !organization.OrgFromUser(newOwner).HasMemberWithUserID(ctx, ctx.Doer.ID) {
// The user shouldn't know about this organization
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
return
}
}
feat(quota): Quota enforcement The previous commit laid out the foundation of the quota engine, this one builds on top of it, and implements the actual enforcement. Enforcement happens at the route decoration level, whenever possible. In case of the API, when over quota, a 413 error is returned, with an appropriate JSON payload. In case of web routes, a 413 HTML page is rendered with similar information. This implementation is for a **soft quota**: quota usage is checked before an operation is to be performed, and the operation is *only* denied if the user is already over quota. This makes it possible to go over quota, but has the significant advantage of being practically implementable within the current Forgejo architecture. The goal of enforcement is to deny actions that can make the user go over quota, and allow the rest. As such, deleting things should - in almost all cases - be possible. A prime exemption is deleting files via the web ui: that creates a new commit, which in turn increases repo size, thus, is denied if the user is over quota. Limitations ----------- Because we generally work at a route decorator level, and rarely look *into* the operation itself, `size:repos:public` and `size:repos:private` are not enforced at this level, the engine enforces against `size:repos:all`. This will be improved in the future. AGit does not play very well with this system, because AGit PRs count toward the repo they're opened against, while in the GitHub-style fork + pull model, it counts against the fork. This too, can be improved in the future. There's very little done on the UI side to guard against going over quota. What this patch implements, is enforcement, not prevention. The UI will still let you *try* operations that *will* result in a denial. Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-06 11:30:16 +03:00
// Check the quota of the new owner
ok, err := quota_model.EvaluateForUser(ctx, newOwner.ID, quota_model.LimitSubjectSizeReposAll)
if err != nil {
ctx.ServerError("quota_model.EvaluateForUser", err)
return
}
if !ok {
ctx.RenderWithErr(ctx.Tr("repo.settings.transfer_quota_exceeded", newOwner.Name), tplSettingsOptions, &form)
return
}
// Close the GitRepo if open
if ctx.Repo.GitRepo != nil {
ctx.Repo.GitRepo.Close()
ctx.Repo.GitRepo = nil
}
oldFullname := repo.FullName()
if err := repo_service.StartRepositoryTransfer(ctx, ctx.Doer, newOwner, repo, nil); err != nil {
[MODERATION] User blocking - Add the ability to block a user via their profile page. - This will unstar their repositories and visa versa. - Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations). - Blocked users cannot comment on the doer's opened issues or pull requests. - Blocked users cannot add reactions to doer's comments. - Blocked users cannot cause a notification trough mentioning the doer. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540 (cherry picked from commit 687d852480388897db4d7b0cb397cf7135ab97b1) (cherry picked from commit 0c32a4fde531018f74e01d9db6520895fcfa10cc) (cherry picked from commit 1791130e3cb8470b9b39742e0004d5e4c7d1e64d) (cherry picked from commit 37858b7e8fb6ba6c6ea0ac2562285b3b144efa19) (cherry picked from commit a3e2bfd7e9eab82cc2c17061f6bb4e386a108c46) (cherry picked from commit 7009b9fe87696b6182fab65ae82bf5a25cd39971) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go templates/user/profile.tmpl (cherry picked from commit b2aec3479177e725cfc7cbbb9d94753226928d1c) (cherry picked from commit e2f1b73752f6bd3f830297d8f4ac438837471226) [MODERATION] organization blocking a user (#802) - Resolves #476 - Follow up for: #540 - Ensure that the doer and blocked person cannot follow each other. - Ensure that the block person cannot watch doer's repositories. - Add unblock button to the blocked user list. - Add blocked since information to the blocked user list. - Add extra testing to moderation code. - Blocked user will unwatch doer's owned repository upon blocking. - Add flash messages to let the user know the block/unblock action was successful. - Add "You haven't blocked any users" message. - Add organization blocking a user. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802 (cherry picked from commit 0505a1042197bd9136b58bc70ec7400a23471585) (cherry picked from commit 37b4e6ef9b85e97d651cf350c9f3ea272ee8d76a) (cherry picked from commit c17c121f2cf1f00e2a8d6fd6847705df47d0771e) [MODERATION] organization blocking a user (#802) (squash) Changes to adapt to: 6bbccdd177 Improve AJAX link and modal confirm dialog (#25210) Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962 Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561 (cherry picked from commit 523635f83cb2a1a4386769b79326088c5c4bbec7) (cherry picked from commit 4743eaa6a0be0ef47de5b17c211dfe8bad1b7af9) (cherry picked from commit eff5b43d2e843d5d537756d4fa58a8a010b6b527) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go (cherry picked from commit 9d359be5ed11237088ccf6328571939af814984e) (cherry picked from commit b1f3069a22a03734cffbfcd503ce004ba47561b7) [MODERATION] add user blocking API - Follow up for: #540, #802 - Add API routes for user blocking from user and organization perspective. - The new routes have integration testing. - The new model functions have unit tests. - Actually quite boring to write and to read this pull request. (cherry picked from commit f3afaf15c7e34038363c9ce8e1ef957ec1e22b06) (cherry picked from commit 6d754db3e5faff93a58fab2867737f81f40f6599) (cherry picked from commit 2a89ddc0acffa9aea0f02b721934ef9e2b496a88) (cherry picked from commit 4a147bff7e963ab9dffcfaefa5c2c01c59b4c732) Conflicts: routers/api/v1/api.go templates/swagger/v1_json.tmpl (cherry picked from commit bb8c33918569f65f25b014f0d7fe6ac20f9036fc) (cherry picked from commit 5a11569a011b7d0a14391e2b5c07d0af825d7b0e) (cherry picked from commit 2373c801ee6b84c368b498b16e6ad18650b38f42) [MODERATION] restore redirect on unblock ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink()) was replaced by ctx.JSONOK() in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739) thus changing the behavior (nicely spotted by the tests). This restores it. (cherry picked from commit 597c243707c3c86e7256faf1e6ba727224554de3) (cherry picked from commit cfa539e590127b4b953b010fba3dea21c82a1714) [MODERATION] Add test case (squash) - Add an test case, to test an property of the function. (cherry picked from commit 70dadb1916bfef8ba8cbc4e9b042cc8740f45e28) [MODERATION] Block adding collaborators - Ensure that the doer and blocked user cannot add each other as collaborators to repositories. - The Web UI gets an detailed message of the specific situation, the API gets an generic Forbidden code. - Unit tests has been added. - Integration testing for Web and API has been added. - This commit doesn't introduce removing each other as collaborators on the block action, due to the complexity of database calls that needs to be figured out. That deserves its own commit and test code. (cherry picked from commit 747be949a1b3cd06f6586512f1af4630e55d7ad4) [MODERATION] move locale_en-US.ini strings to avoid conflicts Conflicts: web_src/css/org.css web_src/css/user.css https://codeberg.org/forgejo/forgejo/pulls/1180 (cherry picked from commit e53f955c888ebaafc863a6e463da87f70f5605da) Conflicts: services/issue/comments.go https://codeberg.org/forgejo/forgejo/pulls/1212 (cherry picked from commit b4a454b576eee0c7738b2f7df1acaf5bf7810d12) Conflicts: models/forgejo_migrations/migrate.go options/locale/locale_en-US.ini services/pull/pull.go https://codeberg.org/forgejo/forgejo/pulls/1264 [MODERATION] Remove blocked user collaborations with doer - When the doer blocks an user, who is also an collaborator on an repository that the doer owns, remove that collaboration. - Added unit tests. - Refactor the unit test to be more organized. (cherry picked from commit ec8701617830152680d69d50d64cb43cc2054a89) (cherry picked from commit 313e6174d832501c57724ae7a6285194b7b81aab) [MODERATION] QoL improvements (squash) - Ensure that organisations cannot be blocked. It currently has no effect, as all blocked operations cannot be executed from an organisation standpoint. - Refactored the API route to make use of the `UserAssignmentAPI` middleware. - Make more use of `t.Run` so that the test code is more clear about which block of code belongs to which test case. - Added more integration testing (to ensure the organisations cannot be blocked and some authorization/permission checks). (cherry picked from commit e9d638d0756ee20b6bf1eb999c988533a5066a68) [MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/ (cherry picked from commit ce8b30be1327ab98df2ba061dd7e2a278b278c5b) (cherry picked from commit f911dc402508b04cd5d5fb2f3332c2d640e4556e) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1354 (cherry picked from commit c1b37b7fdaf06ee60da341dff76d703990c08082) (cherry picked from commit 856a2e09036adf56d987c6eee364c431bc37fb2e) [MODERATION] Show graceful error on comment creation - When someone is blocked by the repository owner or issue poster and try to comment on that issue, they get shown a graceful error. - Adds integration test. (cherry picked from commit 490646302e1e3dc3c59c9d75938b4647b6873ce7) (cherry picked from commit d3d88667cbb928a6ff80658eba8ef0c6c508c9e0) (cherry picked from commit 6818de13a921753e082b7c3d64c23917cc884e4b) [MODERATION] Show graceful error on comment creation (squash) typo (cherry picked from commit 1588d4834a37a744f092f2aeea6c9ef4795d7356) (cherry picked from commit d510ea52d091503e841d66f2f604348add8b4535) (cherry picked from commit 8249e93a14f628bb0e89fe3be678e4966539944e) [MODERATION] Refactor integration testing (squash) - Motivation for this PR is that I'd noticed that a lot of repeated calls are happening between the test functions and that certain tests weren't using helper functions like `GetCSRF`, therefor this refactor of the integration tests to keep it: clean, small and hopefully more maintainable and understandable. - There are now three integration tests: `TestBlockUser`, `TestBlockUserFromOrganization` and `TestBlockActions` (and has been moved in that order in the source code). - `TestBlockUser` is for doing blocking related actions as an user and `TestBlockUserFromOrganization` as an organisation, even though they execute the same kind of tests they do not share any database calls or logic and therefor it currently doesn't make sense to merge them together (hopefully such oppurtinutiy might be presented in the future). - `TestBlockActions` now contain all tests for actions that should be blocked after blocking has happened, most tests now share the same doer and blocked users and a extra fixture has been added to make this possible for the comment test. - Less code, more comments and more re-use between tests. (cherry picked from commit ffb393213d2f1269aad3c019d039cf60d0fe4b10) (cherry picked from commit 85505e0f815fede589c272d301c95204f9596985) (cherry picked from commit 0f3cf17761f6caedb17550f69de96990c2090af1) [MODERATION] Fix network error (squash) - Fix network error toast messages on user actions such as follow and unfollow. This happened because the javascript code now expects an JSON to be returned, but this wasn't the case due to cfa539e590127b4953b010fba3dea21c82a1714. - The integration testing has been adjusted to instead test for the returned flash cookie. (cherry picked from commit 112bc25e548d317a4ee00f9efa9068794a733e3b) (cherry picked from commit 1194fe4899eb39dcb9a2410032ad0cc67a62b92b) (cherry picked from commit 9abb95a8441e227874fe156095349a3173cc5a81) [MODERATION] Modernize frontend (squash) - Unify blocked users list. - Use the new flex list classes for blocked users list to avoid using the CSS helper classes and thereby be consistent in the design. - Fix the modal by using the new modal class. - Remove the icon in the modal as looks too big in the new design. - Fix avatar not displaying as it was passing the context where the user should've been passed. - Don't use italics for 'Blocked since' text. - Use namelink template to display the user's name and homelink. (cherry picked from commit ec935a16a319b14e819ead828d1d9875280d9259) (cherry picked from commit 67f37c83461aa393c53a799918e9708cb9b89b30) Conflicts: models/user/follow.go models/user/user_test.go routers/api/v1/user/follower.go routers/web/shared/user/header.go routers/web/user/profile.go templates/swagger/v1_json.tmpl https://codeberg.org/forgejo/forgejo/pulls/1468 (cherry picked from commit 6a9626839c6342cd2767ea12757ee2f78eaf443b) Conflicts: tests/integration/api_nodeinfo_test.go https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385 (cherry picked from commit 7378b251b481ed1e60e816caf8f649e8397ee5fc) Conflicts: models/fixtures/watch.yml models/issues/reaction.go models/issues/reaction_test.go routers/api/v1/repo/issue_reaction.go routers/web/repo/issue.go services/issue/issue.go https://codeberg.org/forgejo/forgejo/pulls/1547 (cherry picked from commit c2028930c101223820de0bbafc318e9394c347b8) (cherry picked from commit d3f9134aeeef784586e8412e8dbba0a8fceb0cd4) (cherry picked from commit 7afe154c5c40bcc65accdf51c9224b2f7627a684) (cherry picked from commit 99ac7353eb1e834a77fe42aa89208791cc2364ff) (cherry picked from commit a9cde00c5c25ea8c427967cb7ab57abb618e44cb) Conflicts: services/user/delete.go https://codeberg.org/forgejo/forgejo/pulls/1736 (cherry picked from commit 008c0cc63d1a3b8eb694bffbf77a7b25c56afd57) [DEADCODE] add exceptions (cherry picked from commit 12ddd2b10e3309f6430b0af42855c6af832832ee) [MODERATION] Remove deadcode (squash) - Remove deadcode that's no longer used by Forgejo. (cherry picked from commit 0faeab4fa9b0aa59f86760b24ecbc07815026c82) [MODERATION] Add repo transfers to blocked functionality (squash) - When someone gets blocked, remove all pending repository transfers from the blocked user to the doer. - Do not allow to start transferring repositories to the doer as blocked user. - Added unit testing. - Added integration testing. (cherry picked from commit 8a3caac33013482ddbee2fa51510c6918ba54466) (cherry picked from commit a92b4cfeb63b90eb2d90d0feb51cec62e0502d84) (cherry picked from commit acaaaf07d999974dbe5f9c5e792621c597bfb542) (cherry picked from commit 735818863c1793aa6f6983afedc4bd3b36026ca5) (cherry picked from commit f50fa43b32160d0d88eca1dbdca09b5f575fb62b) (cherry picked from commit e16683643388fb3c60ea478f1419a6af4f4aa283) (cherry picked from commit 82a0e4a3814a66ce44be6a031bdf08484586c61b) (cherry picked from commit ff233c19c4a5edcc2b99a6f41a2d19dbe8c08b3b) (cherry picked from commit 8ad87d215f2b6adb978de77e53ba2bf7ea571430) [MODERATION] Fix unblock action (squash) - Pass the whole context instead of only giving pieces. - This fixes CSRF not correctly being inserted into the unblock buttons. (cherry picked from commit 2aa51922ba6a0ea2f8644277baa74fc8f34ab95a) (cherry picked from commit 7ee8db0f018340bc97f125415503e3e5db5f5082) (cherry picked from commit e4f8b999bcd3b68b3ef7f54f5b17c3ada0308121) (cherry picked from commit 05aea60b1302bbd3ea574a9c6c34e1005a5d73bf) (cherry picked from commit dc0d61b012cfaf2385f71e97cda5f220b58b9fa4) (cherry picked from commit f53fa583de671ff60a0a1d0f3ab8c260e1ba4e1f) (cherry picked from commit c65b89a58d11b32009c710c2f5e75f0cd3539395) (cherry picked from commit 69e50b9969db3ab71cefaed520757876a9629a5c) (cherry picked from commit ec127440b86cb5fcf51799d8bd76a9fd6b9cebcc) [MODERATION] cope with shared fixtures * There is one more issue in the fixtures and this breaks some tests * The users in the shared fixtures were renamed for clarity and that breaks some tests (cherry picked from commit 707a4edbdf67d0eb168d7bb430cf85dd8cd63c52) Conflicts: modules/indexer/issues/indexer_test.go https://codeberg.org/forgejo/forgejo/pulls/1508 (cherry picked from commit 82cc044366c749df80ffad44eed2988b8e64211e) (cherry picked from commit 2776aec7e85850f1d7f01a090a72491550fb9d29) (cherry picked from commit 1fbde36dc784b5b2cc6193f02ff0d436b0f2a629) (cherry picked from commit 1293db3c4e5df218501f5add9f9d41101ffcb8aa) (cherry picked from commit 6476802175bac3ef78dd8f24ff6bebc16f398a78) (cherry picked from commit 5740f2fc830356acb7929a02fe304008b94a0ca5) (cherry picked from commit afc12d7b6e9b773fa89718aa79cd95c0e0ce4406) [MODERATION] Fix transfer confirmation (squash) - Fix problem caused by the clearer confirmation for dangerous actions commit. (cherry picked from commit 3488f4a9cb1f7f73103ae0017d644f13ca3ab798) (cherry picked from commit ed7de91f6ace23a1459bc6552edf719d62c7c941) (cherry picked from commit 2d97929b9b7b8d979eb12bf0994d3f169d41f7fd) (cherry picked from commit 50d035a7b058b9c4486c38cd4be0b02a4e1bf4d9) (cherry picked from commit 0a0c07d78a1dee3489b97ab359bb957e3f7fb94b) (cherry picked from commit 85e55c4dbc2f513f3d5254dac20915e8c3c22886) (cherry picked from commit d8282122ad6e8b497de35d1ed89e3093a2cd5ee2) (cherry picked from commit 3f0b3b6cc582c3d672d371dd9fe1203a56cb88c0) [MODERATION] Purge issues on user deletion (squash) (cherry picked from commit 4f529d9596ffbfc4e754c28830ba028f6344dc5b) (cherry picked from commit f0e3acadd321fcb99e8ea3e3ce1c69df25c4ca4d) (cherry picked from commit 682c4effe69dc0d4ed304fa7ce6259d9ce573629) (cherry picked from commit e43c2d84fd4b6fd31e2370cec1034262d12e5c34) (cherry picked from commit 9c8e53ccc78053026e4f667889959c23c8d95934) (cherry picked from commit a9eb7ac783b2c16ee3702a88203bf857cb4147fc) [MODERATION] Purge issues on user deletion (squash) revert shared fixtures workarounds (cherry picked from commit 7224653a40e32186892e89bfedd49edecf5b8f81) (cherry picked from commit aa6e8672f9473a9100e7575051dec9eda37709a0) (cherry picked from commit 58c7947e95648f50237ddcd46b6bd025b224a70f) (cherry picked from commit f1aacb1851b232082febcd7870a40a56de3855a6) (cherry picked from commit 0bf174af87f7de9a8d869304f709e2bf41f3dde9) (cherry picked from commit f9706f4335df3b7688ed60853d917efa72fb464a) [MODERATION] Prepare moderation for context locale changes (squash) - Resolves https://codeberg.org/forgejo/forgejo/issues/1711 (cherry picked from commit 2e289baea943dcece88f02d110b03d344308a261) (cherry picked from commit 97b16bc19ae680db62608d6020b00fe5ac451c60) [MODERATION] User blocking (squash) do not use shared fixture It conflicts with a fixtured added in the commit Fix comment permissions (#28213) (#28216) (cherry picked from commit ab40799dcab24e9f495d765268b791931da81684) (cherry picked from commit 996c92cafdb5b33a6d2d05d94038e950d97eb7de) (cherry picked from commit 259912e3a69071c5ad57871464d0b79f69a8e72c) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1921 (cherry picked from commit 1e82abc032c18015b92c93a7617a5dd06d50bd2d) (cherry picked from commit a176fee1607d571b25b345184f1c50d403029610) (cherry picked from commit 0480b76dfeda968849e900da9454a3efd82590fa) (cherry picked from commit 4bc06b7b3841c74e3d790b1ef635c2b382ca7123) (cherry picked from commit 073094cf722a927a623408d66537c758d7d64e4c) (cherry picked from commit ac6201c647a4d3a2cfb2b0303b851a8fe7a29444) (cherry picked from commit 7e0812674da3fbd1e96bdda820962edad6826fbd) (cherry picked from commit 068c741e5696957710b3d1c2e18c00be2ffaa278) Conflicts: models/repo_transfer.go models/repo_transfer_test.go routers/web/user/profile.go https://codeberg.org/forgejo/forgejo/pulls/2298
2023-08-15 02:07:38 +03:00
if errors.Is(err, user_model.ErrBlockedByUser) {
ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_blocked_doer"), tplSettingsOptions, nil)
} else if repo_model.IsErrRepoAlreadyExist(err) {
ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), tplSettingsOptions, nil)
} else if models.IsErrRepoTransferInProgress(err) {
ctx.RenderWithErr(ctx.Tr("repo.settings.transfer_in_progress"), tplSettingsOptions, nil)
} else {
ctx.ServerError("TransferOwnership", err)
}
return
}
if ctx.Repo.Repository.Status == repo_model.RepositoryPendingTransfer {
log.Trace("Repository transfer process was started: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newOwner)
ctx.Flash.Success(ctx.Tr("repo.settings.transfer_started", newOwner.DisplayName()))
} else {
log.Trace("Repository transferred: %s -> %s", oldFullname, ctx.Repo.Repository.FullName())
ctx.Flash.Success(ctx.Tr("repo.settings.transfer_succeed"))
}
ctx.Redirect(repo.Link() + "/settings")
case "cancel_transfer":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
repoTransfer, err := models.GetPendingRepositoryTransfer(ctx, ctx.Repo.Repository)
if err != nil {
if models.IsErrNoPendingTransfer(err) {
ctx.Flash.Error("repo.settings.transfer_abort_invalid")
ctx.Redirect(repo.Link() + "/settings")
} else {
ctx.ServerError("GetPendingRepositoryTransfer", err)
}
return
}
if err := repoTransfer.LoadAttributes(ctx); err != nil {
ctx.ServerError("LoadRecipient", err)
return
}
if err := repo_service.CancelRepositoryTransfer(ctx, ctx.Repo.Repository); err != nil {
ctx.ServerError("CancelRepositoryTransfer", err)
return
}
log.Trace("Repository transfer process was cancelled: %s/%s ", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.transfer_abort_success", repoTransfer.Recipient.Name))
ctx.Redirect(repo.Link() + "/settings")
case "delete":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
[SHARED] make confirmation clearer for dangerous actions [GITEA] Fix cancelled migration deletion modal - https://codeberg.org/forgejo/forgejo/pulls/1473 made that dangerous actions such as deletion also would need to type in the owner's name. This was apparently not reflected to the deletion modal for migrations that failed or were cancelled. (cherry picked from commit c38dbd6f889aeb52745eddb276225acd0153cba6) (cherry picked from commit 7c07592d01b086b612195367c6a13560e5539767) (cherry picked from commit 78637af2b6440ae307de5e21b284c08c02dd4d13) [SHARED] make confirmation clearer for dangerous actions - Currently the confirmation for dangerous actions such as transferring the repository or deleting it only requires the user to ~~copy paste~~ type the repository name. - This can be problematic when the user has a fork or another repository with the same name as an organization's repository, and the confirmation doesn't make clear that it could be deleting the wrong repository. While it's mentioned in the dialog, it's better to be on the safe side and also add the owner's name to be an element that has to be typed for these dangerous actions. - Added integration tests. (cherry picked from commit bf679b24dd23c9ed586b9439e293bbd27cc89232) (cherry picked from commit 1963085dd9d1521b7a4aa8558d409bd1a9f2e1da) (cherry picked from commit fb94095d1992c3e47f03e0fccc98a90707a5271b) (cherry picked from commit e1d1e46afee6891becdb6ccd027fc66843b56db9) (cherry picked from commit 93993029e4ec8a20a8bc38d80bb4b801e52ee1b7) (cherry picked from commit df3b058179d8f3e06cc6fb335b287c72c8952821) (cherry picked from commit 8ccc6b9cba46a736665e4b25523da0baf1679702) (cherry picked from commit 9fbe28fca35e3d02c23521e063679775ec0792f8) (cherry picked from commit 4ef2be6dc705c693735e024b28fd7dac3de39d47) https://codeberg.org/forgejo/forgejo/pulls/1873 Moved test from repo_test.go to forgejo_confirmation_repo_test.go to avoid conflicts. (cherry picked from commit 83cae67aa3fe8f9eb732f86020e58b9ea4d8b5ec) (cherry picked from commit 447009ff568a542985f6b3a9bc7237b9de3e3c54) (cherry picked from commit 72c0a6150aee7c3a965c87e7348faa2b48c520de) (cherry picked from commit 8ee9c070b98f64263d63dfef32d54bdad5f0d266) (cherry picked from commit 89aba06403be898adbfff6b2d7bb01aad239a87c) (cherry picked from commit 798407599f3d77bdd8bad5fa7abba81d417cd916) (cherry picked from commit 41c9a2606bd8d7036e7d54ad7ab35af06ec99a34) (cherry picked from commit a57b214e366435240c4a210115c6a3fda0d37f8b) (cherry picked from commit fd287a91349bc7844544f9b6ff88e46157d3dc80)
2023-11-23 22:24:52 +03:00
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
2014-08-27 12:39:36 +04:00
}
// Close the gitrepository before doing this.
if ctx.Repo.GitRepo != nil {
ctx.Repo.GitRepo.Close()
}
if err := repo_service.DeleteRepository(ctx, ctx.Doer, ctx.Repo.Repository, true); err != nil {
ctx.ServerError("DeleteRepository", err)
return
}
2015-08-31 08:36:31 +03:00
log.Trace("Repository deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.deletion_success"))
2015-08-31 08:36:31 +03:00
ctx.Redirect(ctx.Repo.Owner.DashboardLink())
case "delete-wiki":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
[SHARED] make confirmation clearer for dangerous actions [GITEA] Fix cancelled migration deletion modal - https://codeberg.org/forgejo/forgejo/pulls/1473 made that dangerous actions such as deletion also would need to type in the owner's name. This was apparently not reflected to the deletion modal for migrations that failed or were cancelled. (cherry picked from commit c38dbd6f889aeb52745eddb276225acd0153cba6) (cherry picked from commit 7c07592d01b086b612195367c6a13560e5539767) (cherry picked from commit 78637af2b6440ae307de5e21b284c08c02dd4d13) [SHARED] make confirmation clearer for dangerous actions - Currently the confirmation for dangerous actions such as transferring the repository or deleting it only requires the user to ~~copy paste~~ type the repository name. - This can be problematic when the user has a fork or another repository with the same name as an organization's repository, and the confirmation doesn't make clear that it could be deleting the wrong repository. While it's mentioned in the dialog, it's better to be on the safe side and also add the owner's name to be an element that has to be typed for these dangerous actions. - Added integration tests. (cherry picked from commit bf679b24dd23c9ed586b9439e293bbd27cc89232) (cherry picked from commit 1963085dd9d1521b7a4aa8558d409bd1a9f2e1da) (cherry picked from commit fb94095d1992c3e47f03e0fccc98a90707a5271b) (cherry picked from commit e1d1e46afee6891becdb6ccd027fc66843b56db9) (cherry picked from commit 93993029e4ec8a20a8bc38d80bb4b801e52ee1b7) (cherry picked from commit df3b058179d8f3e06cc6fb335b287c72c8952821) (cherry picked from commit 8ccc6b9cba46a736665e4b25523da0baf1679702) (cherry picked from commit 9fbe28fca35e3d02c23521e063679775ec0792f8) (cherry picked from commit 4ef2be6dc705c693735e024b28fd7dac3de39d47) https://codeberg.org/forgejo/forgejo/pulls/1873 Moved test from repo_test.go to forgejo_confirmation_repo_test.go to avoid conflicts. (cherry picked from commit 83cae67aa3fe8f9eb732f86020e58b9ea4d8b5ec) (cherry picked from commit 447009ff568a542985f6b3a9bc7237b9de3e3c54) (cherry picked from commit 72c0a6150aee7c3a965c87e7348faa2b48c520de) (cherry picked from commit 8ee9c070b98f64263d63dfef32d54bdad5f0d266) (cherry picked from commit 89aba06403be898adbfff6b2d7bb01aad239a87c) (cherry picked from commit 798407599f3d77bdd8bad5fa7abba81d417cd916) (cherry picked from commit 41c9a2606bd8d7036e7d54ad7ab35af06ec99a34) (cherry picked from commit a57b214e366435240c4a210115c6a3fda0d37f8b) (cherry picked from commit fd287a91349bc7844544f9b6ff88e46157d3dc80)
2023-11-23 22:24:52 +03:00
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
}
err := wiki_service.DeleteWiki(ctx, repo)
2019-06-12 22:41:28 +03:00
if err != nil {
log.Error("Delete Wiki: %v", err.Error())
}
log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
2016-03-04 07:24:22 +03:00
ctx.Flash.Success(ctx.Tr("repo.settings.wiki_deletion_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
[GITEA] Allow changing the repo Wiki branch to main Previously, the repo wiki was hardcoded to use `master` as its branch, this change makes it possible to use `main` (or something else, governed by `[repository].DEFAULT_BRANCH`, a setting that already exists and defaults to `main`). The way it is done is that a new column is added to the `repository` table: `wiki_branch`. The migration will make existing repositories default to `master`, for compatibility's sake, even if they don't have a Wiki (because it's easier to do that). Newly created repositories will default to `[repository].DEFAULT_BRANCH` instead. The Wiki service was updated to use the branch name stored in the database, and fall back to the default if it is empty. Old repositories with Wikis using the older `master` branch will have the option to do a one-time transition to `main`, available via the repository settings in the "Danger Zone". This option will only be available for repositories that have the internal wiki enabled, it is not empty, and the wiki branch is not `[repository].DEFAULT_BRANCH`. When migrating a repository with a Wiki, Forgejo will use the same branch name for the wiki as the source repository did. If that's not the same as the default, the option to normalize it will be available after the migration's done. Additionally, the `/api/v1/{owner}/{repo}` endpoint was updated: it will now include the wiki branch name in `GET` requests, and allow changing the wiki branch via `PATCH`. Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu> (cherry picked from commit d87c526d2a313fa45093ab49b78bb30322b33298)
2024-01-30 14:18:53 +03:00
case "rename-wiki-branch":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusNotFound)
return
}
if repo.FullName() != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), tplSettingsOptions, nil)
return
}
if err := wiki_service.NormalizeWikiBranch(ctx, repo, setting.Repository.DefaultBranch); err != nil {
log.Error("Normalize Wiki branch: %v", err.Error())
ctx.Flash.Error(ctx.Tr("repo.settings.wiki_branch_rename_failure"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
return
}
log.Trace("Repository wiki normalized: %s#%s", repo.FullName(), setting.Repository.DefaultBranch)
ctx.Flash.Success(ctx.Tr("repo.settings.wiki_branch_rename_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
2019-01-23 21:58:38 +03:00
case "archive":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusForbidden)
2019-01-23 21:58:38 +03:00
return
}
if repo.IsMirror {
ctx.Flash.Error(ctx.Tr("repo.settings.archive.error_ismirror"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
return
}
if err := repo_model.SetArchiveRepoState(ctx, repo, true); err != nil {
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 10:48:31 +03:00
log.Error("Tried to archive a repo: %s", err)
2019-01-23 21:58:38 +03:00
ctx.Flash.Error(ctx.Tr("repo.settings.archive.error"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
return
}
if err := actions_model.CleanRepoScheduleTasks(ctx, repo); err != nil {
log.Error("CleanRepoScheduleTasks for archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
}
2019-01-23 21:58:38 +03:00
ctx.Flash.Success(ctx.Tr("repo.settings.archive.success"))
log.Trace("Repository was archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
2019-01-23 21:58:38 +03:00
case "unarchive":
if !ctx.Repo.IsOwner() {
ctx.Error(http.StatusForbidden)
2019-01-23 21:58:38 +03:00
return
}
if err := repo_model.SetArchiveRepoState(ctx, repo, false); err != nil {
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 10:48:31 +03:00
log.Error("Tried to unarchive a repo: %s", err)
2019-01-23 21:58:38 +03:00
ctx.Flash.Error(ctx.Tr("repo.settings.unarchive.error"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
return
}
if ctx.Repo.Repository.UnitEnabled(ctx, unit_model.TypeActions) {
if err := actions_service.DetectAndHandleSchedules(ctx, repo); err != nil {
log.Error("DetectAndHandleSchedules for un-archived repo %s/%s: %v", ctx.Repo.Owner.Name, repo.Name, err)
}
}
2019-01-23 21:58:38 +03:00
ctx.Flash.Success(ctx.Tr("repo.settings.unarchive.success"))
log.Trace("Repository was un-archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
default:
ctx.NotFound("", nil)
}
}
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
func handleSettingRemoteAddrError(ctx *context.Context, err error, form *forms.RepoSettingForm) {
if models.IsErrInvalidCloneAddr(err) {
addrErr := err.(*models.ErrInvalidCloneAddr)
switch {
case addrErr.IsProtocolInvalid:
ctx.RenderWithErr(ctx.Tr("repo.mirror_address_protocol_invalid"), tplSettingsOptions, form)
case addrErr.IsURLError:
ctx.RenderWithErr(ctx.Tr("form.url_error", addrErr.Host), tplSettingsOptions, form)
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
case addrErr.IsPermissionDenied:
if addrErr.LocalPath {
ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied"), tplSettingsOptions, form)
} else {
ctx.RenderWithErr(ctx.Tr("repo.migrate.permission_denied_blocked"), tplSettingsOptions, form)
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
}
case addrErr.IsInvalidPath:
ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_local_path"), tplSettingsOptions, form)
default:
ctx.ServerError("Unknown error", err)
}
return
Add LFS Migration and Mirror (#14726) * Implemented LFS client. * Implemented scanning for pointer files. * Implemented downloading of lfs files. * Moved model-dependent code into services. * Removed models dependency. Added TryReadPointerFromBuffer. * Migrated code from service to module. * Centralised storage creation. * Removed dependency from models. * Moved ContentStore into modules. * Share structs between server and client. * Moved method to services. * Implemented lfs download on clone. * Implemented LFS sync on clone and mirror update. * Added form fields. * Updated templates. * Fixed condition. * Use alternate endpoint. * Added missing methods. * Fixed typo and make linter happy. * Detached pointer parser from gogit dependency. * Fixed TestGetLFSRange test. * Added context to support cancellation. * Use ReadFull to probably read more data. * Removed duplicated code from models. * Moved scan implementation into pointer_scanner_nogogit. * Changed method name. * Added comments. * Added more/specific log/error messages. * Embedded lfs.Pointer into models.LFSMetaObject. * Moved code from models to module. * Moved code from models to module. * Moved code from models to module. * Reduced pointer usage. * Embedded type. * Use promoted fields. * Fixed unexpected eof. * Added unit tests. * Implemented migration of local file paths. * Show an error on invalid LFS endpoints. * Hide settings if not used. * Added LFS info to mirror struct. * Fixed comment. * Check LFS endpoint. * Manage LFS settings from mirror page. * Fixed selector. * Adjusted selector. * Added more tests. * Added local filesystem migration test. * Fixed typo. * Reset settings. * Added special windows path handling. * Added unit test for HTTPClient. * Added unit test for BasicTransferAdapter. * Moved into util package. * Test if LFS endpoint is allowed. * Added support for git:// * Just use a static placeholder as the displayed url may be invalid. * Reverted to original code. * Added "Advanced Settings". * Updated wording. * Added discovery info link. * Implemented suggestion. * Fixed missing format parameter. * Added Pointer.IsValid(). * Always remove model on error. * Added suggestions. * Use channel instead of array. * Update routers/repo/migrate.go * fmt Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
2021-04-09 01:25:57 +03:00
}
ctx.RenderWithErr(ctx.Tr("repo.mirror_address_url_invalid"), tplSettingsOptions, form)
}
func selectPushMirrorByForm(ctx *context.Context, form *forms.RepoSettingForm, repo *repo_model.Repository) (*repo_model.PushMirror, error) {
id, err := strconv.ParseInt(form.PushMirrorID, 10, 64)
if err != nil {
return nil, err
}
pushMirrors, _, err := repo_model.GetPushMirrorsByRepoID(ctx, repo.ID, db.ListOptions{})
if err != nil {
return nil, err
}
for _, m := range pushMirrors {
if m.ID == id {
m.Repo = repo
return m, nil
}
}
return nil, fmt.Errorf("PushMirror[%v] not associated to repository %v", id, repo)
}