Florian Zschocke [Sun, 24 Oct 2021 15:55:36 +0000 (17:55 +0200)]
raw: URL encode the links to raw view of files
So far links to raw view were not encoded. The browser did some encoding
of spaces on its own, which the servlet would unescape, since it uses
the `HttpServletRequest.getPathInfo` method. That decodes the path
before returning it.
A problem arises when a bracket is in the file (or folder) name. The
brackets are the characters that are not allowed in the path, according
to the `URI.parse` method. (Which is a bit harsh, because brackets
actually are only reserved for the host part since IPv6.) That means
that the decoding fails when a bracket character is encountered.
This went unnoticed since the failed decoding will return the path
as it got it. But once there is a space in the file name, which the
browser helpfully encoded for us, the failed decoding will now leave the
encoded space in there. And that will result in a path that does not
exist, e.g. `file%20[a]`.
To be on the safe side, we simply encode the path in the links that we
generate, so that it complies with the rules that are used in `getPathInfo`.
Florian Zschocke [Sat, 23 Oct 2021 22:44:18 +0000 (00:44 +0200)]
TimeUtils: Change daysAgo to calculate difference in calendar days
The `daysAgo` method seemed to want to normalize on a calendar day? I
can't really tell what it was trying to do, but the problem is that it
does not take into account any time shift due to time zones so it never
really worked outside of GMT.
So instead a new `calendarDaysAgo` method is added (because I am unsure
on what the `daysAgo` method is trying to do. It can probably be removed).
The new method cleanly calculates difference in calendar days because it
normalizes the two given time stamps on the same time zone.
The `timeAgo` method now used the new method. This fixes #1248.
Florian Zschocke [Sat, 23 Oct 2021 21:41:25 +0000 (23:41 +0200)]
TimeUtils: Move unit test to same package as TimeUtils is
For some reason the `TimeUtilsTest` class is, like almost all tests, in
the `com.gitblit.tests` package. But this way all methods in classes
which we might predominately need for tests have to be public.
So move the unit test class `TimeUtilsTest` to the same package as the
class it is testing, i.e. `com.gitblit.utils.TimeUtils`.
This way we ca set the new added methods which get the current time
passed in to be at least not public.
Florian Zschocke [Sat, 23 Oct 2021 21:20:47 +0000 (23:20 +0200)]
TimeUtils: Increase testability and add tests
Add tests for `timeAgo` to analyse issue #1248.
The tests are dependent on when they run as they time functions use the
current date and time. To make them testable in a reproducible way, we
need the ability to pass in what we think is "now". So add overloaded
methods that take a `now` parameter so that we can pass in the current
time.
Florian Zschocke [Thu, 21 Oct 2021 20:03:12 +0000 (22:03 +0200)]
Property bundle: Fix incorrect property keys
Some property keys had typos.
There is a `gb.ticketStatus` and a `gb.ticketState`. Neither is used
anywhere in the code, but only the former is defined in the default file.
So only use `gb.ticketStatus`.
Florian Zschocke [Thu, 21 Oct 2021 19:02:11 +0000 (21:02 +0200)]
fix: Remove duplicate property keys from properties files
Some property keys were duplicated, mostly `status`, `permission` and
`comment`.
The problem with `gb.comment` is, that it is used in two different
locations in two different meanings. One as a verb, the second as a
noun. Which makes no difference in English, but other languages.
The solution is that the second key is renamed to `gb.sshKeyComment`.
The code is adjusted accordingly.
Florian Zschocke [Wed, 20 Oct 2021 19:05:02 +0000 (21:05 +0200)]
Add a unit test to check if the resource bundle can be loaded
To prevent that we have a resource file in a resource bundle broken and
not loading undiscovered for years, add a unit test that will load the
resource properties file for each of the languages.
In order to check if the file was loaded and the bundle mechanism
didn't fall back on the default, a new property key is added to each
language file, solely for the purpose to be checked in the unit test.
Fix output of migrate-/reindex-tickets bash scripts
Fix the output of the help texts in the reindex-tickets and
reindex-tickets bash scripts.
For one the double quotes are unnecessary and get printed out, too.
Secondly, an empty line needs a `echo.`. A simple `echo` will prin the
state of the echo setting, i.e. `Echo is enabled (1)` or something similar.
Use SETLOCAL in batch scripts to restrict the visibility of variables
that are set in the script to the script execution. Otherwise the variables
will also be set in the calling shell. That is not a problem when a script
is executed by double clicking it in Windows Explorer. But now that the
scripts are changed so that they can be called on the command line from
other folders, they should also no clutter the calling environment.
Zwixx [Wed, 26 May 2021 15:05:26 +0000 (17:05 +0200)]
Use full path to Gitblit directory in batch scripts
In order to call the Windows batch scripts on the command line
from a different folder, the path to the files in the Gitblit
directory needs to be explicitly stated in the Java command.
Otherwise the JAR files or data directory are not found as they
would be searched in the current directory.
The last fix for the stored config merged from Curly060 used Java8-isms.
In order to be able to include this fix in the next release, which will
be for 1.9, I have converted this to be compatible with Java 7.
Also, a file header was added to place it under APL.
raw: Fix raw links to branches with a slash in their name
When a branch has a slash in the name, the raw servlet was not able
to find the path under that branch. This is due to the replacement of
the forward slash character for URLs. It was not taken into account
when comparing the branch name later.
This fixes #1290 and its duplicates #1234 and #813.
raw: Fix getPath with trailing slash that was escaped
While this may be an unlikely scenario, let's still prevent this.
When a link was created for a path that ends in a trailing slash,
that trailing slash would be replaced with the `forwardSlashCharacter`.
But in getPath that final slash would be transformed back *after* the
check to chop off trailing slashes. This is now switched so that such a
trailing slash is also chopped off.
raw: Refactor RawServlet:getBranch and :getPath parameters
Refactor the `getBranch` and `getPath` methods to take a String as
second parameter, which is the already sanitised path info. Don't get
the path info from a passed in request anymore.
The methods are only ever called from within `processRequest`, which
already does some checks on the path info, like removing a leading
slash character. So no need to do that every time again the methods
and passing a request for that.
raw: Strip leading and trailing slash from repo and path names for link
When creating a link for raw display, a trailing slash is stripped from
the end of the base URL. Also do this for the repository, as well as
stripping leading slashes from the repository and the path values.
Florian Zschocke [Thu, 29 Oct 2020 11:41:20 +0000 (12:41 +0100)]
Fix 1150: Use external link instead of internal wiki link for tickets_setup
The `tickets_overview` page links to the `tickets_setup` page using a
wiki style internal link: `[[tickets setup]]`. Whatever library is
interpreting that is creating a link under the assumption that the
resulting page will be called `tickets-setup.html`. But that is not the
convention used by Moxie, which will use the source file name and thus
create a file called `tickets_setup.html`.
I was not able to find out which of the many libraries included is the
one that parses this file and creates the link. Messy.
There are two solutions. One is to configure the Moxie site build to
generate the file as `tickets-setup.html`. But this would break any
links to that page that might exist somewhere on the Interweb. So I
opted for the other option, which is to not use wiki syntax for the
reference to the local page but normal markdown syntax. This is not
a wiki, afterall.
Florian Zschocke [Thu, 22 Oct 2020 18:43:45 +0000 (20:43 +0200)]
build: Activate JaCoCo explicitly for Ant build
When building with Ant, instead of Moxie, JaCoCo is not included in the
classpath. So explicitly initialise the full `jacocoant.jar` from the
`.moxie` repository.
For this we had to switch the dependency to use the `nodeps` jar which
includes all dependencies.
While most systems will not need the class path passed to the JVM with
the `-cp` parameter to be in quotes, apparently some exist where that
will not work without the quotes, e.g. FreeBSD.
So always use quotes for the class path in all scripts.
Delete password from memory in AuthenticationManager
Zero out the password to remove it from memory after use.
This is only a first step, implementing it for one method:
`AuthenticationManager.authenticate(String, char[], String)`.
The upgrade of a MD5 stored password hash to a PBKDF password hash
destroys the stored password. The has check zeroes out the password that
is tested, so that the new hash is built over the zeroed out value.
This fix prevents that an also adds a check to the test.
The Eclipse maven repositories changed to only allow HTTPS and not
serve HTTP anymore. HTTP will redirect to HTTPS, which moxie does
not handle well and fails.
So the registered Eclipse repositories are changed to 'https://'
transport.
Florian Zschocke [Thu, 30 Jan 2020 20:42:13 +0000 (21:42 +0100)]
Build: Store release version information in file.
If requested, by setting a file name in the `versionInfo`
property, store release version and tag in a file, for
other scripts and programs to pick up.
Florian Zschocke [Tue, 28 Jan 2020 12:53:39 +0000 (13:53 +0100)]
Add Maven Central to registeredRepositories
Moxie does have these defined by default, but with transport HTTP.
Since January 2020, Maven Central only accepts HTTPS, no HTTP
anymore. So we add them here explicitly, with `https://`.
We add it to the `build.moxie` file, instead of keeping it in a
local `settings.moxie`, so that a CI server can immediately use it.
Florian Zschocke [Mon, 27 Jan 2020 20:53:15 +0000 (21:53 +0100)]
Doc: Update built-in docs with missing pages and links
Add pages for `fail2ban` and GFS to the `generateDocs` target, so that
they also show up in the documentation on GO etc.
Also adjust the links to issues and commits.
Florian Zschocke [Mon, 27 Jan 2020 19:30:44 +0000 (20:30 +0100)]
Add project property `release.tag` as a global `project.tag`
Add property `release.tag` to keep a generally available property.
The `project.tag` was getting used in many places, so I need a global
definition for it. The property `project.tag`, defined in the target
`tagRelease` could not be reused, since when that target runs, the
version is still a SNAPSHOT version. (And properties don't get
re-assigned.) So instead a new property `release.tag` is defined,
just like `release.name`, which can be only used sensible in a
release stage, i.e. after `tagRelease` ran.
Florian Zschocke [Sun, 26 Jan 2020 18:50:58 +0000 (19:50 +0100)]
Adjust `release.template` for publishing releases on GitHub
The major change is switching from `publishBinaries`, which still
exists and uploads to Bintray, to `releaseBinaries`, which creates
a draft release on GitHub and uploads the binaries.
Another change is some reordering. Now first the binaries are
uploaded, the maven artifacts pubished and the tag and site pages
pushed. Then the GitHub release is made public.
Only after that is the minor version bumped and pushed.
The whole script could use some error checking and stoping when
things go wrong, instead of blindly continuing.
A minor change, and temporary, is that we need and check for Ant 1.9,
as we still build with Java 7.
Florian Zschocke [Sun, 26 Jan 2020 15:47:44 +0000 (16:47 +0100)]
Add deployment of a release to GitHub
Add Ant tasks and macros to deploy binaries to GitHub,
using GitHub's releases.
Adds an Awk script to extract GH flavoured markdown release notes
from the release.moxie file.
Adds `ok.sh` to the repository so that it is readily available.
This is a Bourne shell GitHub API client, used to create a release
on GitHub and upload the binaries.
Florian Zschocke [Fri, 10 Jan 2020 22:24:08 +0000 (23:24 +0100)]
ci: Add build with Java 7 on Linux
Add a job to run a build with Java 7.
The job currently only runs on Linux.
In order to run on Java 7, an old Ant version is downloaded and
installed. We use moxie+ant for this, so we build with moxie.
Build on matrix of latest Ubunutu and latest Windows.
Currently that is Ubuntu 18.04 and Windows Server 2019.
https://help.github.com/en/actions/automating-your-workflow-with-github-actions/virtual-environments-for-github-hosted-runners
Florian Zschocke [Mon, 11 Nov 2019 22:45:56 +0000 (23:45 +0100)]
Adjust versions of JaCoCo and parboiled to match and work.
Adjust the version of JaCoCo down to 0.8.4 and the version
of parboiled-java up to 1.3.1. They need to match because both
use ASM. This combination has the same dependency on ASM: 7.1.
And it seems to work, at least the docs get generated and the
`moxie test` doesn't fail building the report anymore.