zeripath [Thu, 27 May 2021 18:46:11 +0000 (19:46 +0100)]
Allow Token/Basic auth on raw paths (#15987)
It appears that people have been using token authentication to navigate to raw paths
and recent changes have broken this. Whilst ideally these paths would not be being used
like this - it was not the intention to be a breaking change.
zeripath [Wed, 26 May 2021 02:50:35 +0000 (03:50 +0100)]
Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
As revealed by #15964 there is inconsistent use of filepath Join and path Join
for these directories. The best thing to do is to use filepath.Join but then ToSlash
them for consistency.
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Viktor Yakovchuk [Mon, 24 May 2021 14:57:46 +0000 (17:57 +0300)]
Add possibility to make branch in branch page (#15960)
* Add possibility to make branch in branch page (#15911)
Add possibility to make branch in branch page
in the area next to Download and Delete buttons.
It is a more intuitive place in the interface
compared to what is already there.
Signed-off-by: Viktor Yakovchuk <viktor@yakovchuk.net>
* Update templates/repo/branch/list.tmpl
a1012112796 [Fri, 21 May 2021 21:37:16 +0000 (05:37 +0800)]
add a new internal hook to save ssh log (#15787)
* add a new internal hook to save ssh log
as title, when a ssh error ocure like #15785.
only when switch ``RUN_MODE`` to dev can we
found which error is ocure. But this way is
not a good idea for production envirment.
this changes try save ssh error mesage to the
log file like other log by a new internal hook.
I think it's usefull for find error message
in production envirment. Thanks.
Signed-off-by: a1012112796 <1012112796@qq.com>
* rename and fix nit
silverwind [Mon, 17 May 2021 13:09:15 +0000 (15:09 +0200)]
Use Wants= over Requires= in systemd file (#15897)
`Requires=` has the behaviour of stopping `gitea.service` when the
database is stopped but not bringing it up again after the database is
started again. Use `Wants=` to define a weak requirement instead,
meaning `gitea.service` will be kept running when the database is
stopped, which is not an issue because gitea will just reconnect later
on.
silverwind [Sun, 16 May 2021 20:18:18 +0000 (22:18 +0200)]
Issue sidebar and misc css fixes (#15524)
- Replace remaining font icons with SVG in issue sidebar
- Rework issue due date display
- Realign avatar in timeline
- Fix font size in repo search and code explore
- Consolidate active button styles
- Fix loading form on arc-green
- Align time tracker buttons vertically
Ian Wienand [Sun, 16 May 2021 13:51:53 +0000 (23:51 +1000)]
Rework Token API comments (#15162)
Move the token API discussion into a common section discussing the
generation and listing of the tokens. Add a note on the display of
the sha1 during creation and listing.
zeripath [Sun, 16 May 2021 08:41:37 +0000 (09:41 +0100)]
Systemd needs After as well as Require (#15881)
If the gitea service is stopped because of the db going down
it needs an `After=db.service` to ensure it is restarted in
addition to the `Requires=db.service` to ensure that the db
is started before gitea is started.
Fix #15866
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
zeripath [Sun, 16 May 2021 00:12:55 +0000 (01:12 +0100)]
Move sans-serif fallback font higher than emoji fonts (#15855)
The Tor browser does not use the system-ui font and no other fonts in the stack match
its default fonts. In fact it is possible that it will in future only
match generic fonts. This means that all rendering will first try the
emoji fonts before falling back to the sans-serif font for glyphs.
In this case has the emoji fall back fonts for Tor contains empty glyphs
for numbers - in order to protect privacy - and leads to numbers being
rendered as empty glyphs. This is clearly not ideal and whilst we could
use the Arimo font - as I state above I suspect that Tor will eventually
ban detecting this and we should instead move the sans-serif font higher
in the stack so that it matches before the emoji fonts.
zeripath [Sat, 15 May 2021 15:32:09 +0000 (16:32 +0100)]
Prevent double-login for Git HTTP and LFS and simplify login (#15303)
* Prevent double-login for Git HTTP and LFS and simplify login
There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.
This duplicated code had individual inconsistencies that were not
helpful and caused confusion.
This PR does the following:
* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.
* add test
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
zeripath [Fri, 14 May 2021 12:26:03 +0000 (13:26 +0100)]
Add timeout to writing to responses (#15831)
In #15826 it has become apparent that there are a few occasions when a response can
hang during writing, and because there is no timeout go will happily just block
interminably. This PR adds a fixed 5 second timeout to all writes to a connection.
zeripath [Thu, 13 May 2021 22:11:47 +0000 (23:11 +0100)]
Restore PAM user autocreation functionality (#15825)
* Restore PAM user autocreation functionality
PAM autoregistration of users currently fails due to email invalidity.
This PR adds a new setting to PAM to allow an email domain to be set
or just sets the email to the noreply address and if that fails falls
back to uuid@localhost
Fix #15702
Signed-off-by: Andrew Thornton <art27@cantab.net>
* As per KN4CKER
silverwind [Wed, 12 May 2021 18:36:53 +0000 (20:36 +0200)]
Unregister non-matching serviceworkers (#15834)
* Unregister non-matching serviceworkers
With the addition of the /assets url, users who visited a previous
version of the site now may have two active service workers, one with
the old scope `/` and one with scope `/assets`. This check for
serviceworkers that do not match the current script path and unregisters
them.
Also included is a small refactor to publicpath.js which was simplified
because AssetUrlPrefix is always present now. Also it makes use of the
new joinPaths helper too.
zeripath [Wed, 12 May 2021 05:11:42 +0000 (06:11 +0100)]
Tagger can be empty, as can Commit and Author - tolerate this (#15835)
Unfortunately some old repositories can have tags with empty Tagger, Commit
or Author. Go-Git variants will always have empty values for these whereas
the native git variant leaves them at nil. The simplest solution is just to
always have these set to empty Signatures.
v156 migration also makes the incorrect assumption that these cannot be empty.
Therefore add some handling to this and add logging and adjust broken
logging elsewhere in this migration.
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
silverwind [Mon, 10 May 2021 06:45:17 +0000 (08:45 +0200)]
Use single shared random string generation function (#15741)
* Use single shared random string generation function
- Replace 3 functions that do the same with 1 shared one
- Use crypto/rand over math/rand for a stronger RNG
- Output only alphanumerical for URL compatibilty
zeripath [Sun, 9 May 2021 21:10:05 +0000 (22:10 +0100)]
Comment out app.example.ini (#15807)
This PR is an alternative to #15559.
Instead of deleting the app.example.ini - just comment out most of the
thing. This makes it clear what needs to be set and what is completely
optional - and keeps the documentation.
The app.example.ini is moved around to move the most important settings
higher in the document.