Commit graph

3496 commits

Author SHA1 Message Date
6543
4ed32e79b6
Fix possible panic when repository is empty (#20509) (#20526)
Backport #20509
2022-07-28 21:18:49 +01:00
Norwin
0a32bd56eb
Show hint to link package to repo when viewing empty repo package list (#20504) (#20507) 2022-07-27 10:06:54 -04:00
Tyrone Yeh
bed13bfa9e
Add repository condition for issue count (#20496) 2022-07-27 07:09:25 +01:00
Norwin
435038b2c6
fix enabling repo packages when projects are off (#20486) (#20488) 2022-07-26 16:50:45 +02:00
silverwind
2fe0dab2d5
Add Cache-Control header to html and api responses, add no-transform (#20432) (#20459)
`no-transform` allegedly disables CloudFlare auto-minify and we did not
set caching headers on html or api requests, which seems good to have
regardless.

Transformation is still allowed for asset requests.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-07-23 11:58:58 +01:00
6543
e930d66a9c
Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407) 2022-07-19 17:46:33 +02:00
zeripath
c16f0d2a19
Add missing return for when topic isn't found (#20351) (#20395) 2022-07-18 10:16:58 +08:00
silverwind
3f5d72709f
Fix commit status icon when in subdirectory (#20285) (#20385)
When viewing a subdirectory and the latest commit to that directory in
the table, the commit status icon incorrectly showed the status of the
HEAD commit instead of the latest for that directory.
2022-07-16 14:54:49 +02:00
Gusted
95a27eb662
Set target on create release with existing tag (#20381) (#20382)
When you create a new release(e.g. via Tea) and specify a tag that already exists on the repository, Gitea will instead use the `UpdateRelease` functionality. However it currently doesn't set the Target field. This PR fixes that.
2022-07-15 20:39:48 +02:00
zeripath
c91b8c8089
Initialize cron last (#20373) (#20384)
Backport #20373

Cron will try to run certain things at startup but these depend on multiple things
being set-up. Therefore we should initialize cron last.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-15 13:44:22 -04:00
Lunny Xiao
66686f6d0e
Hide notify mail setting ui if not enabled (#20138) (#20336)
Co-authored-by: 6543 <6543@obermui.de>
2022-07-13 09:47:29 +08:00
Gusted
b8ab9298e1
Add write check for creating Commit status (#20332) (#20333)
- Backport #20332
  - Add write code checks for creating new commit status
  - Regression from #5314
  - Resolves #20331
2022-07-12 14:51:35 +02:00
wxiaoguang
54ef658861
Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)
Backport #20299. Follow #20298. Only the `GlobalInitInstalled` function should prepare the SSH files for external server or starts the builtin server.
* `trustedUserCaKeys` is removed, use `SSH.TrustedUserCAKeys` directly
* introduce `ssh.Init`, move the SSH init code from `routers/init.go` to it
* `ssh.Init` will start builtin SSH server or prepare external SSH server files
2022-07-11 23:27:51 +08:00
zeripath
a92d247fdd
Only show Followers that current user can access (#20220) (#20252)
Backport #20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-06 22:03:23 +01:00
Lunny Xiao
3e4fe009e7
Check if project has the same repository id with issue when assign project to issue (#20133) (#20188)
* Check if project has the same repository id with issue when assign project to issue

* Check if issue's repository id match project's repository id

* Add more permission checking

* Remove invalid argument

* Fix errors

* Add generic check

* Remove duplicated check

* Return error + add check for new issues

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2022-07-01 15:00:05 +02:00
Lunny Xiao
fb5ca1bf64
Fix wrong login requirement routers (#20101) (#20104) 2022-06-24 15:02:22 +08:00
SteveTheEngineer
764e75d9b9
Catch the error before the response is processed by goth. (#20000) (#20102)
The code introduced by #18185 gets the error from response after it was processed by goth.

That is incorrect, as goth (and golang.org/x/oauth) doesn't really care about the error, and it sends a token request with an empty authorization code to the server anyway, which always results in a `oauth2: cannot fetch token: 400 Bad Request` error from goth.
It means that unless the "state" parameter is omitted from the error response (which is required to be present, according to [RFC 6749, Section 4.1.2.1](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1)) or the page is reloaded (makes the session invalid), a 500 Internal Server Error page will be displayed.
This fixes it by handling the error before the request is passed to goth.
2022-06-24 10:05:23 +08:00
Jimmy Praet
05464ac2a5
Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)
Fixes #20080
2022-06-23 11:51:44 +02:00
6543
29ac31628c
Release page show all tags in compare dropdown (#20070) (#20072)
Backport #20070 

Just get all tags when creating the compare dropdown.

Fix #19936
2022-06-21 19:08:25 +01:00
a1012112796
a4b1967ea3
Fix delete pull head ref for DeleteIssue (#20032) (#20034)
Backport #20032 

In DeleteIssue the PR git head reference should be `/refs/pull/xxx/head` not `/refs/pull/xxx`

Fix #19655

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-19 14:37:14 +01:00
zeripath
ae446b13f9
Stop spurious APIFormat stopwatches logs (#20008)
If there are dangling stopwatches with missing issues there will be repeated
logging of Unable to APIFormat stopwatches. These are unhelpful and instead
we should only log if the error is not an issue not exist error.

And we should also prevent an error on missing issue in GetActiveStopwatch too

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 22:47:15 +01:00
Lunny Xiao
27ba86d283
move agit dependcy (#19998) 2022-06-17 20:17:12 +02:00
Lunny Xiao
bdde56c95c
Fix Readme render bug (#19992)
Fix #19988 

Co-authored-by: zeripath <art27@cantab.net>
2022-06-17 06:48:10 +01:00
oGi4i
9068c784c8
Use DisplayName() instead of FullName in Oauth provider (#19991)
Use DisplayName() in Oauth as this provides a fallback if FullName is not set.

Closes #19382
2022-06-16 23:29:54 +01:00
a1012112796
e3e06d13af
fix permission check for delete tag (#19985)
fix #19970

by the way, fix some error response about protected tags.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-16 22:03:03 +02:00
Lunny Xiao
b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
Hugo Hoitink
6473bd333a
In code search, get code unit accessible repos in one (main) query (#19764)
* When non-admin users use code search, get code unit accessible repos in one main query

* Modified some comments to match the changes

* Removed unnecessary check for Access Mode in Collaboration table

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-06-16 02:24:10 +03:00
Lauris BH
1f8f9c3826
Remove tab/TabName usage where it's not needed (#19973)
`tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
2022-06-15 23:05:32 +08:00
Lunny Xiao
1a9821f57a
Move issues related files into models/issues (#19931)
* Move access and repo permission to models/perm/access

* fix test

* fix git test

* Move functions sequence

* Some improvements per @KN4CK3R and @delvh

* Move issues related code to models/issues

* Move some issues related sub package

* Merge

* Fix test

* Fix test

* Fix test

* Fix test

* Rename some files
2022-06-13 17:37:59 +08:00
yutotnh
3708ca8e28
fix: some typos (#19956) 2022-06-13 15:34:46 +08:00
Lunny Xiao
110fc57cbc
Move some code into models/git (#19879)
* Move access and repo permission to models/perm/access

* fix test

* Move some git related files into sub package models/git

* Fix build

* fix git test

* move lfs to sub package

* move more git related functions to models/git

* Move functions sequence

* Some improvements per @KN4CK3R and @delvh
2022-06-12 23:51:54 +08:00
Gusted
edf14202fe
Unify repo settings & show better error (#19828)
* Unify context data
* Actually show invalid url in error
2022-06-12 13:43:27 +08:00
xkcdstickfigure
47bb06236d
fixed comment typo (#19944) 2022-06-11 14:54:08 -04:00
6543
a9cc9c0f7a
Auto merge pull requests when all checks succeeded via WebUI (#19648)
Add WebUI part of Auto merge feature

close #19621

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-11 16:44:20 +02:00
Lunny Xiao
ce3dd04c63
Fix some mirror bugs (#18649)
* Fix some mirror bugs

* Remove unnecessary code

* Fix lint

* rename stdard url

* Allow more charactors in git ssh protocol url

* improve the detection

* support ipv6 for git url parse

* Fix bug

* Fix template

* Fix bug

* fix template

* Fix tmpl

* Fix tmpl

* Fix parse ssh with interface

* Rename functions name

Co-authored-by: zeripath <art27@cantab.net>
2022-06-11 21:50:14 +08:00
wxiaoguang
88f2e457d8
Fix data-race problems in git module (quick patch) (#19934)
* Fix data-race problems in git module

* use HomeDir instead of setting.RepoRootPath

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-11 11:56:27 +08:00
Sandro Santilli
52c2e82813
Custom regexp external issues (#17624)
* Implement custom regular expression for external issue tracking.

Signed-off-by: Alexander Beyn <malex@fatelectrons.org>

* Fix syntax/style

* Update repo.go

* Set metas['regexp']

* gofmt

* fix some tests

* fix more tests

* refactor frontend

* use LRU cache for regexp

* Update modules/markup/html_internal_test.go

Co-authored-by: Alexander Beyn <malex@fatelectrons.org>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-10 13:39:53 +08:00
wxiaoguang
a0051634b9
Refactor git module, make Gitea use internal git config (#19732)
* Refactor git module, make Gitea use internal git config, add safe.directory config

* introduce git.InitSimple and git.InitWithConfigSync, make serv cmd use gitconfig

* use HOME instead of GIT_CONFIG_GLOBAL, because git always needs a correct HOME

* fix cmd env in cmd/serv.go

* fine tune error message

* Fix a incorrect test case

* fix configAddNonExist

* fix configAddNonExist logic, add `--fixed-value` flag, add tests

* add configSetNonExist function in case it's needed.

* use configSetNonExist for `user.name` and `user.email`

* add some comments

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/git/git.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/setting/setting.go

Co-authored-by: zeripath <art27@cantab.net>

* Update modules/git/repo_attribute.go

Co-authored-by: zeripath <art27@cantab.net>

* fix spaces in messages

* use `configSet("core.protectNTFS", ...)` instead of `globalCommandArgs`

* remove GIT_CONFIG_NOSYSTEM, continue to use system's git config

* Update cmd/serv.go

Co-authored-by: zeripath <art27@cantab.net>

* fix merge

* remove code for safe.directory

* separate git.CommonEnvs to CommonGitCmdEnvs and CommonCmdServEnvs

* avoid Golang's data race error

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-10 09:57:49 +08:00
Roger Luo
2ae45cebbf
Feature: Find files in repo (#15028)
* Create finding files page ui in repo page

* Get tree entries for find repo files.

* Move find files JS to individual file.

* gen swagger.

* Add enry.IsVendor to exclude entries

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-09 14:15:08 +03:00
Lauris BH
f92b7a6331
Add support for rendering terminal output with colors (#19497) 2022-06-09 00:46:39 +03:00
zeripath
ac88f21ecc
Automatically render wiki TOC (#19873)
Automatically add sidebar in the wiki view containing a TOC for the wiki page.
Make the TOC collapsable

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-08 16:59:16 +08:00
zeripath
d8236f1b16
Ensure minimum mirror interval is reported on settings page (#19895)
* Ensure minimum mirror interval is reported on settings page

Expecting users to guess the minimum mirror interval appears a little unkind.
In this PR we simply change the locale string to include the minimum interval.
This will of course be affected by our current localization framework but...
we can fix that else where.

This PR also includes some fixes for error handling on the settings page as
previously the mirror block amongst others would simply disappear on error.

Fix #3737

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update options/locale/locale_en-US.ini

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update options/locale/locale_en-US.ini

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-06-07 13:40:12 -04:00
Lunny Xiao
26095115f4
Move some repository related code into sub package (#19711)
* Move some repository related code into sub package

* Move more repository functions out of models

* Fix lint

* Some performance optimization for webhooks and others

* some refactors

* Fix lint

* Fix

* Update modules/repository/delete.go

Co-authored-by: delvh <dev.lh@web.de>

* Fix test

* Merge

* Fix test

* Fix test

* Fix test

* Fix test

Co-authored-by: delvh <dev.lh@web.de>
2022-06-06 16:01:49 +08:00
Wim
e528e2b435
Implement http signatures support for the API (#17565)
Fixes #12338

This allows use to talk to the API with our ssh certificate (and/or ssh-agent) without needing to fetch an API key or tokens.
It will just automatically work when users have added their ssh principal in gitea.

This needs client code in tea
Update: also support normal pubkeys

ref: https://tools.ietf.org/html/draft-cavage-http-signatures

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-05 08:16:14 +01:00
Mai-Lapyst
090d89e0f9
Fixing wrong paging when filtering on the issue dashboard (#19801)
Fixes #19791 by adding an check if filtering after any repo; if yes, simply set the total count for the pageing to the sum of the issue count for each selected repo by utilize `issueCountByRepo`.

Fix #19791
2022-06-04 21:12:14 +01:00
Gusted
744e452185
Move /info outside authorization (#19888)
- To use the web's API to get information about a issue/pull on a
repository, doesn't require authorization(nor that the repository isn't
archived).
- Regressed by: #19318


Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-06-04 21:10:54 +01:00
zeripath
449ea6005f
Exclude Archived repos from Dashboard Milestones (#19882)
Milestones in archived repos should not be displayed on `/milestones`. Therefore
we should exclude these repositories from milestones page.

Fix #18257

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-04 19:30:01 +01:00
qwerty287
df9612bb53
Add API to serve blob or LFS file content (#19689)
* Add LFS API

* Update routers/api/v1/repo/file.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Apply suggestions

* Apply suggestions

* Update routers/api/v1/repo/file.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Report errors

* ADd test

* Use own repo for test

* Use different repo name

* Improve handling

* Slight restructures

1. Avoid reading the blob data multiple times
2. Ensure that caching is only checked when about to serve the blob/lfs
3. Avoid nesting by returning early
4. Make log message a bit more clear
5. Ensure that the dataRc is closed by defer when passed to ServeData

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-04 21:17:53 +08:00
Paweł Bogusławski
14d96ff7ac
Disable unnecessary mirroring elements (#18527)
* Disable unnecessary mirroring elements

This mod fixes disabling unnecessary mirroring elements.

Related: https://github.com/go-gitea/gitea/pull/16957
Related: https://github.com/go-gitea/gitea/pull/13084
Author-Change-Id: IB#1105104

* Checkbox rendering disabled instead of hiding it

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#pullrequestreview-878061913
Author-Change-Id: IB#1105104

* Update custom/conf/app.example.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Mirror filter removed only when whole mirroring feature is disabled

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#discussion_r883268890
Author-Change-Id: IB#1105104

Co-authored-by: silverwind <me@silverwind.io>
2022-06-04 19:42:17 +08:00
Lunny Xiao
e09fb30d34
improvement some release related code (#19867) 2022-06-03 02:13:58 -04:00
ttys3
0c759fd4de
feat: add DEFAULT_MERGE_STYLE to repository.pull-request section for repo init (#19751) 2022-06-02 23:45:54 -04:00
zeripath
d002e3da00
Fix spelling mistake in ProcReceive (#19853)
There was a spelling mistake in the ProcReceive handler. This PR fixes
this.
2022-06-01 04:06:31 +01:00
Mai-Lapyst
4698a1ec47
Adding button to link accounts from user settings (#19792)
* Adding button to link accounts from user settings

* Only display button to link user accounts when at least one OAuth2 provider is active
2022-05-29 02:03:17 +02:00
Lauris BH
65e0688a5c
Fix raw endpoint PDF file headers (#19825) 2022-05-28 18:10:14 +03:00
zeripath
93ab90743d
Prevent loop if there is an error in GetNotificationCount (#19799)
If the context is cancelled `.NotificationUnreadCount` in a template can
cause an infinite loop with `ctx.ServerError()` being called, which
creates a template that then calls `.NotificationUnreadCount` calling
`GetNotificationCount()` with the cancelled context resulting in an
error that calls `ctx.ServerError`... and so on...

This PR simply stops calling `ctx.ServerError` in the error handler code
for `.NotificationUnreadCount` as we have already started rendering and
so it is too late to call `ctx.ServerError`. Additionally we skip
logging the error if it's a context cancelled error.

Fix #19793

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-25 08:51:53 +08:00
zeripath
468387e9ce
Prevent NPE when cache service is disabled (#19703)
The cache service can be disabled - at which point ctx.Cache will be nil
and the use of it will cause an NPE.

The main part of this PR is that the cache is used for restricting
resending of activation mails and without this we cache we cannot
restrict this. Whilst this code could be re-considered to use the db and
probably should be, I think we can simply disable this code in the case
that the cache is disabled.

There are also several bug fixes in the /nodeinfo API endpoint.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-05-21 22:29:49 +08:00
Lunny Xiao
fd7d83ace6
Move almost all functions' parameter db.Engine to context.Context (#19748)
* Move almost all functions' parameter db.Engine to context.Context
* remove some unnecessary wrap functions
2022-05-20 22:08:52 +08:00
Lunny Xiao
d81e31ad78
Move org functions (#19753)
* Move org functions

* Fix comment
2022-05-20 12:20:51 +02:00
Guo Y.K
3e5ea9a978
Update base.go (#19739)
use http.StatusTemporaryRedirect(307) when serve avatar directly

browser caches 301 redirections, pre-signed s3 url would expire at some later point

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-19 11:20:34 -04:00
KN4CK3R
9ea9206406
ContainerRegistry - removed Basic Auth header (#19735)
* Removed Basic Auth header.

* Fixed test.
2022-05-17 19:58:42 +08:00
Gusted
71ca131582
Fix issue overview for teams (#19652)
- Don't use hacky solution to limit to the correct RepoID's, instead use
current code to handle these limits. The existing code is more correct
than the hacky solution.
- Resolves #19636
- Add test-case
2022-05-16 17:49:17 +08:00
zeripath
d494cc3356
Fix nodeinfo caching and prevent NPE if cache non-existent (#19721)
Extract from #19703

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-05-16 15:36:57 +08:00
6543
00a981d341
Update go-chi/cache to utilize Ping() (#19719)
* update gitea.com/go-chi/cache -> v0.2.0

* ajust to new interface

* refactor
2022-05-15 20:43:27 +02:00
6543
b135313c47
[Refactor] convert team(s) to apiTeam(s) (#13745)
* Refactor: teams to api convert

* make org load optional

* more info in tests
2022-05-13 19:27:58 +02:00
Lunny Xiao
ea38e90e6b
Fix oauth setting list bug (#19682) 2022-05-11 21:06:02 +08:00
Lunny Xiao
cbd45471b1
Move access and repo permission to models/perm/access (#19350)
* Move access and repo permission to models/perm/access

* Remove unnecessary code
2022-05-11 12:09:36 +02:00
silverwind
318f360252
Update go tool dependencies (#19676)
* Update go tool dependencies

Updated all tool dependencies to latest tags, hoping CI will like it.

* fix new lint errors

* handle more strings.Title cases

* remove lint skip
2022-05-10 23:55:54 +02:00
Lunny Xiao
64a40962cc
Fix new release from tags list UI (#19670) 2022-05-10 15:41:37 +03:00
KN4CK3R
3da9dafc60
Add Webfinger endpoint (#19462)
This adds the [Webfinger](https://webfinger.net/) endpoint for federation.

Supported schemes are `acct` and `mailto`. The profile and avatar url are returned as metadata.
2022-05-09 20:20:21 +02:00
zeripath
9f5ddca57c
Set the LastModified header for raw files (#18356)
Although the use of LastModified dates for caching of git objects should be
discouraged (as it is not native to git - and there are a LOT of ways this
could be incorrect) - LastModified dates can be a helpful somewhat more human
way of caching for simple cases.

This PR adds this header and handles the If-Modified-Since header to the /raw/
routes.

Fix #18354

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-05-09 17:54:51 +02:00
KN4CK3R
a9ca4b4100
Calculate filename hash only once (#19654)
* Calculate hash only once.

* remove unused Sha1 template helper function, use ctx.Data["FileNameHash"]

* fix unit tests
2022-05-09 00:29:50 +02:00
Lunny Xiao
9efa47131f
Admin should not delete himself (#19423)
Admin should not be able to delete themselves.

Also partially fix #15449
2022-05-08 21:22:55 +01:00
Lunny Xiao
4ca1d7547a
Move some helper files out of models (#19355)
* Move some helper files out of models

* Some improvements

Co-authored-by: delvh <dev.lh@web.de>
2022-05-08 18:46:32 +02:00
Lunny Xiao
d4834071da
Repository level enable package or disable (#19323) 2022-05-08 17:51:50 +02:00
6543
6a969681cd
Delete related PullAutoMerge and ReviewState on User/Repo Deletion (#19649)
* delete pullautomerges on repo/user deletion
* delete reviewstates on repo/user deletion
* optimize automerhe code
* add index to reviewstate
2022-05-08 15:46:34 +02:00
Lunny Xiao
4344a64107
Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
* Allow custom default merge message with .gitea/MERGE_MESSAGE_<merge_style>_TEMPLATE.md

* Some improvements

* Follow some advices

* Fix bug

* Fix bug

* Fix lint

* Fix close comment

* Fix test

* Fix and docs

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* Fix test

* improve code

* ignore unknow unit type

* return error for GetDefaultMergeMessage

* Update services/pull/merge.go

* Some improvements

* Follow some advices

* Fix bug

* Fix lint

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* improve code

* Handle deleted HeadRepo in GetDefaultMergeMessage

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix test

* Fix test

Co-authored-by: zeripath <art27@cantab.net>
2022-05-08 20:32:45 +08:00
delvh
5ca224a789
Allow to mark files in a PR as viewed (#19007)
Users can now mark files in PRs as viewed, resulting in them not being shown again by default when they reopen the PR again.
2022-05-07 20:28:10 +02:00
kolaente
59b30f060a
Auto merge pull requests when all checks succeeded via API (#9307)
* Fix indention

Signed-off-by: kolaente <k@knt.li>

* Add option to merge a pr right now without waiting for the checks to succeed

Signed-off-by: kolaente <k@knt.li>

* Fix lint

Signed-off-by: kolaente <k@knt.li>

* Add scheduled pr merge to tables used for testing

Signed-off-by: kolaente <k@knt.li>

* Add status param to make GetPullRequestByHeadBranch reusable

Signed-off-by: kolaente <k@knt.li>

* Move "Merge now" to a seperate button to make the ui clearer

Signed-off-by: kolaente <k@knt.li>

* Update models/scheduled_pull_request_merge.go

Co-authored-by: 赵智超 <1012112796@qq.com>

* Update web_src/js/index.js

Co-authored-by: 赵智超 <1012112796@qq.com>

* Update web_src/js/index.js

Co-authored-by: 赵智超 <1012112796@qq.com>

* Re-add migration after merge

* Fix frontend lint

* Fix version compare

* Add vendored dependencies

* Add basic tets

* Make sure the api route is capable of scheduling PRs for merging

* Fix comparing version

* make vendor

* adopt refactor

* apply suggestion: User -> Doer

* init var once

* Fix Test

* Update templates/repo/issue/view_content/comments.tmpl

* adopt

* nits

* next

* code format

* lint

* use same name schema; rm CreateUnScheduledPRToAutoMergeComment

* API: can not create schedule twice

* Add TestGetBranchNamesForSha

* nits

* new go routine for each pull to merge

* Update models/pull.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* Update models/scheduled_pull_request_merge.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* fix & add renaming sugestions

* Update services/automerge/pull_auto_merge.go

Co-authored-by: a1012112796 <1012112796@qq.com>

* fix conflict relicts

* apply latest refactors

* fix: migration after merge

* Update models/error.go

Co-authored-by: delvh <dev.lh@web.de>

* Update options/locale/locale_en-US.ini

Co-authored-by: delvh <dev.lh@web.de>

* Update options/locale/locale_en-US.ini

Co-authored-by: delvh <dev.lh@web.de>

* adapt latest refactors

* fix test

* use more context

* skip potential edgecases

* document func usage

* GetBranchNamesForSha() -> GetRefsBySha()

* start refactoring

* ajust to new changes

* nit

* docu nit

* the great check move

* move checks for branchprotection into own package

* resolve todo now ...

* move & rename

* unexport if posible

* fix

* check if merge is allowed before merge on scheduled pull

* debugg

* wording

* improve SetDefaults & nits

* NotAllowedToMerge -> DisallowedToMerge

* fix test

* merge files

* use package "errors"

* merge files

* add string names

* other implementation for gogit

* adapt refactor

* more context for models/pull.go

* GetUserRepoPermission use context

* more ctx

* use context for loading pull head/base-repo

* more ctx

* more ctx

* models.LoadIssueCtx()

* models.LoadIssueCtx()

* Handle pull_service.Merge in one DB transaction

* add TODOs

* next

* next

* next

* more ctx

* more ctx

* Start refactoring structure of old pull code ...

* move code into new packages

* shorter names ... and finish **restructure**

* Update models/branches.go

Co-authored-by: zeripath <art27@cantab.net>

* finish UpdateProtectBranch

* more and fix

* update datum

* template: use "svg" helper

* rename prQueue 2 prPatchCheckerQueue

* handle automerge in queue

* lock pull on git&db actions ...

* lock pull on git&db actions ...

* add TODO notes

* the regex

* transaction in tests

* GetRepositoryByIDCtx

* shorter table name and lint fix

* close transaction bevore notify

* Update models/pull.go

* next

* CheckPullMergable check all branch protections!

* Update routers/web/repo/pull.go

* CheckPullMergable check all branch protections!

* Revert "PullService lock via pullID (#19520)" (for now...)

This reverts commit 6cde7c9159a5ea75a10356feb7b8c7ad4c434a9a.

* Update services/pull/check.go

* Use for a repo action one database transaction

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update services/issue/status.go

Co-authored-by: delvh <dev.lh@web.de>

* Update services/issue/status.go

Co-authored-by: delvh <dev.lh@web.de>

* use db.WithTx()

* gofmt

* make pr.GetDefaultMergeMessage() context aware

* make MergePullRequestForm.SetDefaults context aware

* use db.WithTx()

* pull.SetMerged only with context

* fix deadlock in `test-sqlite\#TestAPIBranchProtection`

* dont forget templates

* db.WithTx allow to set the parentCtx

* handle db transaction in service packages but not router

* issue_service.ChangeStatus just had caused another deadlock :/
it has to do something with how notification package is handled

* if we merge a pull in one database transaktion, we get a lock, because merge infoce internal api that cant handle open db sessions to the same repo

* ajust to current master

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* dont open db transaction in router

* make generate-swagger

* one _success less

* wording nit

* rm

* adapt

* remove not needed test files

* rm less diff & use attr in JS

* ...

* Update services/repository/files/commit.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* ajust db schema for PullAutoMerge

* skip broken pull refs

* more context in error messages

* remove webUI part for another pull

* remove more WebUI only parts

* API: add CancleAutoMergePR

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* fix lint

* Apply suggestions from code review

* cancle -> cancel

Co-authored-by: delvh <dev.lh@web.de>

* change queue identifyer

* fix swagger

* prevent nil issue

* fix and dont drop error

* as per @zeripath

* Update integrations/git_test.go

Co-authored-by: delvh <dev.lh@web.de>

* Update integrations/git_test.go

Co-authored-by: delvh <dev.lh@web.de>

* more declarative integration tests (dedup code)

* use assert.False/True helper

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-08 01:05:52 +08:00
KN4CK3R
8adba93498
Hide private repositories in packages (#19584) 2022-05-07 18:21:15 +02:00
Gusted
0eac09e066
Improve reviewing PR UX (#19612) 2022-05-07 01:35:12 -04:00
KN4CK3R
4691e59828
Skip duplicated layers. (#19624) 2022-05-05 23:02:09 +01:00
wxiaoguang
04fc4b7e05
Call MultipartForm.RemoveAll when request finishes (#19606) 2022-05-05 16:13:23 +02:00
wxiaoguang
7b089c465d
Remove RequireHighlightJS field, update plantuml example. (#19615) 2022-05-05 10:53:38 +03:00
ttys3
e933f31426
Add health check endpoint (#18465)
* chore: add health check endpoint

docs: update document about health check

fix: fix up Sqlite3 ping. current ping will success even if the db file is missing

fix: do not expose privacy information in output field

* refactor: remove HealthChecker struct

* Added `/api/healthz` to install routes.

This was needed for using /api/healthz endpoint in Docker healthchecks,
otherwise, Docker would never become healthy if using healthz endpoint
and users would not be able to complete the installation of Gitea.

* Update modules/cache/cache.go

* fine tune

* Remove unnecessary test code. Now there are 2 routes for installation (and maybe more in future)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Marcos de Oliveira <marcossantos@furb.br>
2022-05-04 14:56:20 +03:00
Gusted
cc3016f70d
Use correct context in routers/web (#19597)
- Don't use the `APIContext` in the web routers.
2022-05-03 23:38:34 +02:00
6543
92f139d091
Use for a repo action one database transaction (#19576)
... more context

(part of #9307)
2022-05-03 21:46:28 +02:00
Gusted
c8ec2261a9
Fix sending empty notifications (#19589)
- Don't send empty notifications on read notifications API.
2022-05-02 21:27:42 -05:00
99rgosse
438646e0b5
Handle the error of a missing blob object fix #19530 (#19552)
* Handle the error of a missing blob object

* Show error in logs

* as per @zeripath

* Add missing error check

* Add missing error check

* Update compare.go

* Use formal code

* Update compare.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-02 18:46:50 +02:00
wxiaoguang
c18d8d6968
Remove legacy +build: constraint (#19582)
Go 1.17 and later use modern `//go:build` constraints, the old `// +build:` constraints should be removed.
2022-05-02 23:22:45 +08:00
6543
e2a3f3d259
Federation: return useful statistic information for nodeinfo (#19561)
Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
2022-05-02 21:35:45 +08:00
Vladimir Smagin
0ba3ada866
add smtp password to install page (#17564)
* add smtp password to install page

* Update routers/install/install.go

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-02 16:45:23 +08:00
6543
d8905cb623
Dont overwrite err with nil & rename PullCheckingFuncs to reflect there usage (#19572)
- dont overwrite err with nil unintentionaly
- rename CheckPRReadyToMerge to CheckPullBranchProtections
- rename prQueue to prPatchCheckerQueue

from #9307

Co-authored-by: delvh <dev.lh@web.de>
2022-05-02 01:54:44 +02:00
qwerty287
ac6c338428
Add API to check if team has repo access (#19540)
* Add API to check if team has repo access

* Add test case
2022-05-01 17:39:04 +02:00
Gusted
c0a6309a5f
Simplify loops to copy (#19569)
- Simplify two loops into `copy` statements.
2022-05-01 01:53:56 +02:00
6543
1597e2da3e
Use middleware to open gitRepo (#19559) 2022-04-30 16:32:01 +02:00
Jimmy Praet
5aebc4f000
Respect DefaultUserIsRestricted system default when creating new user (#19310)
* Apply DefaultUserIsRestricted in CreateUser

* Enforce system defaults in CreateUser

Allow for overwrites with CreateUserOverwriteOptions

* Fix compilation errors

* Add "restricted" option to create user command

* Add "restricted" option to create user admin api

* Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed

* Revert "Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed"

This reverts commit ee95d3e8dc.
2022-04-29 15:38:11 -04:00
Florin Hillebrand
ad6d08d155
Add API to query collaborators permission for a repository (#18761)
Targeting #14936, #15332

Adds a collaborator permissions API endpoint according to GitHub API: https://docs.github.com/en/rest/collaborators/collaborators#get-repository-permissions-for-a-user to retrieve a collaborators permissions for a specific repository.

### Checks the repository permissions of a collaborator. 

`GET` `/repos/{owner}/{repo}/collaborators/{collaborator}/permission`

Possible `permission` values are `admin`, `write`, `read`, `owner`, `none`.

```json
{
  "permission": "admin",
  "role_name": "admin",
  "user": {}
}
```

Where `permission` and `role_name` hold the same `permission` value and `user` is filled with the user API object. Only admins are allowed to use this API endpoint.
2022-04-29 14:24:38 +02:00
Gusted
334707fee9
Don't error when branch's commit doesn't exist (#19547)
* Don't error when branch's commit doesn't exist

- If one of the branches no longer exists, don't throw an error, it's possible that the branch was destroyed during the process. Simply skip it and disregard it.
- Resolves #19541

* Don't send empty objects

* Use more minimal approach
2022-04-29 16:44:40 +08:00
qwerty287
8eb1cd9264
Add "Allow edits from maintainer" feature (#18002)
Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7).
If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option.
Then users with write access to the base branch get more permissions on this branch:
* use the update pull request button
* push directly from the command line (`git push`)
* edit/delete/upload files via web UI
* use related API endpoints

You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions.

This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR.

Closes #17728

Co-authored-by: 6543 <6543@obermui.de>
2022-04-28 17:45:33 +02:00
Gusted
92dfbada37
Better describe what /repos/{owner}/{repo}/raw/{filepath} returns on 200 (#19542)
- Set on the description that it returns the raw file content.
- Resolves #19514
2022-04-28 09:57:56 -05:00