Lunny Xiao [Wed, 5 Jan 2022 03:37:00 +0000 (11:37 +0800)]
Team permission allow different unit has different permission (#17811)
* Team permission allow different unit has different permission
* Finish the interface and the logic
* Fix lint
* Fix translation
* align center for table cell content
* Fix fixture
* merge
* Fix test
* Add deprecated
* Improve code
* Add tooltip
* Fix swagger
* Fix newline
* Fix tests
* Fix tests
* Fix test
* Fix test
* Max permission of external wiki and issues should be read
* Move team units with limited max level below units table
* Update label and column names
* Some improvements
* Fix lint
* Some improvements
* Fix template variables
* Add permission docs
* improve doc
* Fix fixture
* Fix bug
* Fix some bug
* fix
* gofumpt
* Integration test for migration (#18124)
integrations: basic test for Gitea {dump,restore}-repo
This is a first step for integration testing of DumpRepository and
RestoreRepository. It:
runs a Gitea server,
dumps a repo via DumpRepository to the filesystem,
restores the repo via RestoreRepository from the filesystem,
dumps the restored repository to the filesystem,
compares the first and second dump and expects them to be identical
The verification is trivial and the goal is to add more tests for each
topic of the dump.
Signed-off-by: Loïc Dachary <loic@dachary.org>
* Team permission allow different unit has different permission
* Finish the interface and the logic
* Fix lint
* Fix translation
* align center for table cell content
* Fix fixture
* merge
* Fix test
* Add deprecated
* Improve code
* Add tooltip
* Fix swagger
* Fix newline
* Fix tests
* Fix tests
* Fix test
* Fix test
* Max permission of external wiki and issues should be read
* Move team units with limited max level below units table
integrations: basic test for Gitea {dump,restore}-repo
This is a first step for integration testing of DumpRepository and
RestoreRepository. It:
runs a Gitea server,
dumps a repo via DumpRepository to the filesystem,
restores the repo via RestoreRepository from the filesystem,
dumps the restored repository to the filesystem,
compares the first and second dump and expects them to be identical
The verification is trivial and the goal is to add more tests for each
topic of the dump.
Gusted [Tue, 4 Jan 2022 15:13:52 +0000 (15:13 +0000)]
Increase Salt randomness (#18179)
- The current implementation of `RandomString` doesn't give you a most-possible unique randomness. It gives you 6*`length` instead of the possible 8*`length` bits(or as `length`x bytes) randomness. This is because `RandomString` is being limited to a max value of 63, this in order to represent the random byte as a letter/digit.
- The recommendation of pbkdf2 is to use 64+ bit salt, which the `RandomString` doesn't give with a length of 10, instead of increasing 10 to a higher number, this patch adds a new function called `RandomBytes` which does give you the guarentee of 8*`length` randomness and thus corresponding of `length`x bytes randomness.
- Use hexadecimal to store the bytes value in the database, as mentioned, it doesn't play nice in order to convert it to a string. This will always be a length of 32(with `length` being 16).
- When we detect on `Authenticate`(source: db) that a user has the old format of salt, re-hash the password such that the user will have it's password hashed with increased salt.
Thanks to @zeripath for working out the rouge edges from my first commit 😄.
Gusted [Mon, 3 Jan 2022 23:24:12 +0000 (23:24 +0000)]
Include folders into size cost (#18158)
- Include folders for the disk consumption size, they should be included
as they are also saved on the disk :)
- Have a more accurate picture of the size of a repo.
- Mostly they are the size of the file system's block size. E.g. 4Kb on
Linux.
tests: add coverage for models migration helpers (#18162)
They were previously not covered at all, either by integration tests or unit tests.
This PR also fixes a bug where the `num_comments` field was incorrectly set to include all types of comments.
It sets num_closed_issues: 0 as default in milestone unit test fixtures. If they are not set, Incr("num_closed_issues") will be a noop because the field is null.
qwerty287 [Sat, 1 Jan 2022 14:12:25 +0000 (15:12 +0100)]
Add API to get issue/pull comments and events (timeline) (#17403)
* Add API to get issue/pull comments and events (timeline)
Adds an API to get both comments and events in one endpoint with all required data.
Closes go-gitea/gitea#13250
* Fix swagger
* Don't show code comments (use review api instead)
wxiaoguang [Sat, 1 Jan 2022 09:05:31 +0000 (17:05 +0800)]
Allow admin to associate missing LFS objects for repositories (#18143)
This PR reworked the Find pointer files feature in Settings -> LFS page.
When a LFS object is missing from database but exists in LFS content store, admin can associate it to the repository by clicking the Associate button.
This PR is not perfect (because the LFS module itself should be improved too), it's just a nice-to-have feature to help users recover their LFS repositories (eg: database was lost / table was truncated)
The GITEA_UNIT_TESTS_VERBOSE variable is an undocumented variable
introduced in 2017 (see 1028ef2defd94a64f2433b07fe5d93681864cebb)
whose sole purpose has been to log SQL statements when running unit
tests.
It is renamed for clarity and a warning is displayed for backward
compatibility for people and scripts that know about it.
The documentation is updated to reflect this change.
singuliere [Sat, 1 Jan 2022 02:52:00 +0000 (03:52 +0100)]
services/repository: fix ListUnadoptedRepositories incorrect total count (#17865)
The total count returned by ListUnadoptedRepositories is incorrectly
calculated.
The code snippet within ListUnadoptedRepositories used to verify
unadopted repositories is repeated three times in the function. It is
moved in the checkUnadoptedRepositories function and a unit test is
added to verify it works as expected.
A unit test is added to verify the total count returned by
ListUnadoptedRepositories is as expected.
zeripath [Fri, 31 Dec 2021 12:33:55 +0000 (12:33 +0000)]
Reset the conflicted files list in testpatch (#18139)
Although #18004 will seriously reduce the likelihood of finding
conflicts in the first place - one bug was introduced whereby the
conflicted files status was not being reset properly. This leads to
conflicted PRs remaining conflicted when the conflict has been resolved.
DuckDuckWhale [Wed, 29 Dec 2021 03:12:19 +0000 (19:12 -0800)]
Fix: unstable sort skips/duplicates issues across pages (#18094)
When viewing issues in sorted order, some issues are duplicated across
pages and some are missing. This is caused by the lack of tie-breakers
in database queries, making pagination inconsistent.
Gusted [Tue, 28 Dec 2021 13:28:27 +0000 (13:28 +0000)]
Handle invalid issues (#18111)
* Handle invalid issues
- When you hover over a issue reference, and the issue doesn't exist, it
will just hang on the loading animation.
- This patch fixes that by showing them the pop-up with a "Error
occured" message.
zeripath [Fri, 24 Dec 2021 16:50:49 +0000 (16:50 +0000)]
Instead of using routerCtx just escape the url before routing (#18086)
A consequence of forcibly setting the RoutePath to the escaped url is that the
auto routing to endpoints without terminal slashes fails (Causing #18060.) This
failure raises the possibility that forcibly setting the RoutePath causes other
unexpected behaviors too.
Therefore, instead we should simply pre-escape the URL in the process registering
handler. Then the request URL will be properly escaped for all the following calls.
wxiaoguang [Fri, 24 Dec 2021 15:36:26 +0000 (23:36 +0800)]
When the git repository on storage is changed, the repository modal should also be updated (#18088)
User would keep seeing an empty repo if:
* An error occurs during the first git pushing/receiving
* A user replaces the Gitea's empty repository manually
Fix: when a user is viewing the repository web page, if the repoModal.IsEmpty is true, we check the git repository again to detect whether it is really empty.
However: the IsEmpty flag is deeply broken and should be removed. For example it's possible for a repository to be non-empty by that flag but still 500 because there are no branches - only tags -or the default branch is non-extant as it has been 0-pushed.
- name: new parameter in CreateForkOption to give the forked repository (#18066)
a custom name, intended to be used when there's a name conflict
- When a fork request results in a name conflict, HTTP 409: Conflict is
returned instead of 500
- API documentation for the above mentioned changes
zeripath [Thu, 23 Dec 2021 13:44:00 +0000 (13:44 +0000)]
Do not read or write git reference files directly (#18079)
Git will and can pack references into packfiles and therefore if you write/read the
files directly you will get false results. Instead you should use update-ref and
show-ref. To that end I have created three new functions in git/repo_commit.go that
will do this correctly.
zeripath [Wed, 22 Dec 2021 10:39:28 +0000 (10:39 +0000)]
Add NotFound handler (#18062)
PR #17997 means that urls with terminal '/' are no longer immediately mapped
to the url without a terminal slash. However, it has revealed that the NotFound handler
appears to have been lost.
This PR adds back in a NotFound handler that simply redirects to a path without the
terminal slash or runs the NotFound handler.
zeripath [Tue, 21 Dec 2021 03:10:16 +0000 (03:10 +0000)]
TestRepository_GetTag intermittently panics due to an NPE (#18043)
There are repeated panics in tests due to TestRepository_GetTag failing
to run properly. This happens when we attempt to reset the internal
repo for a tag which has failed to load. The problem is - the panic that
this is causing is preventing us from finding what the real error is.
This PR simply moves the failure out so we have a chance to see what
really is failing.
mscherer [Mon, 20 Dec 2021 20:55:05 +0000 (21:55 +0100)]
Make test work with different default branch config (#18038)
* Make test work with different default branch config
On a system configured with a different default branch name, doGitInitTestRepository
will create a repository with a branch named differently, and so further tests
would break:
--- FAIL: TestGit/HTTP/PushCreate/SuccessfullyPushAndCreateTestRepository (0.02s)
git_helper_for_declarative_test.go:167:
Error Trace: git_helper_for_declarative_test.go:167
Error: Received unexpected error:
exit status 1 - error: src refspec master does not match any
error: failed to push some refs to 'http://127.0.0.1:3003/user2/repo-tmp-push-create-http.git'
Test: TestGit/HTTP/PushCreate/SuccessfullyPushAndCreateTestRepository
git_test.go:587:
Error Trace: git_test.go:587
Error: Received unexpected error:
repository does not exist [id: 0, uid: 0, owner_name: user2, name: repo-tmp-push-create-http]
Test: TestGit/HTTP/PushCreate
silverwind [Mon, 20 Dec 2021 20:07:49 +0000 (12:07 -0800)]
Extract CodeMirror styles (#17960)
- Extract CodeMirror-related styles to separate files
- Generalize CodeMirror styles where possible
- Improve fullscreen and side-by-side mode for dark theme
zeripath [Mon, 20 Dec 2021 17:18:26 +0000 (17:18 +0000)]
Move POST /{username}/action/{action} to simply POST /{username} (#18045)
The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.
You can manually generate dashboards, but first you should install some tools:
```bash
go get github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb
go get github.com/google/go-jsonnet/cmd/jsonnet
# or in brew: brew install go-jsonnet
```
For linting and formatting, you would also need `mixtool` and `jsonnetfmt` installed. If you
have a working Go development environment, it's easiest to run the following:
```bash
go get github.com/monitoring-mixins/mixtool/cmd/mixtool
go get github.com/google/go-jsonnet/cmd/jsonnetfmt
```
The files in `dashboards_out` need to be imported
into your Grafana server. The exact details will be depending on your environment.
Edit `config.libsonnet` (for example, list of Gitea metrics to be shown under stats can be adjusted). if required and then build JSON dashboard files for Grafana:
```bash
make
```
For more about mixins, please see:
https://github.com/monitoring-mixins/docs
https://www.youtube.com/watch?v=GDdnL5R_l-Y* add gitea mixin
* remove alerts/rules
* gitea-mixin: add interval factor of 1/2 to remove duplicated change events
zeripath [Mon, 20 Dec 2021 02:15:49 +0000 (02:15 +0000)]
Prevent off-by-one error on comments on newly appended lines (#18029)
* Prevent off-by-one error on comments on newly appended lines
There was a bug in CutDiffAroundLine whereby if a file without a terminal new line
has a patch which appends lines to it and a comment is placed on one of those lines
the comment diff will be a line out of place.
This fixes CutDiffAroundLine to simply ignore the missing terminal newline - however,
we should really improve this rendering to add a marker to say that there was a
previously missing terminal newline.
zeripath [Mon, 20 Dec 2021 00:32:54 +0000 (00:32 +0000)]
Abort merge if head has been updated before pressing merge (#18032)
* Abort merge if head has been updated before pressing merge
It is possible that a PR head may be pushed to between the merge page being shown
and the merge button being pressed. Pass the current expected head in as a parameter
and cancel the merge if it has changed.
Fix #18028
Signed-off-by: Andrew Thornton <art27@cantab.net>
* adjust swagger
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix test
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
zeripath [Sun, 19 Dec 2021 21:00:22 +0000 (21:00 +0000)]
Stop printing 03d after escaped characters in logs (#18030)
Strangely a weird bug was present in the log escaping code whereby any escaped
character would gain 03d - this was due to a mistake in the format string where
it should have read %03o but read instead %o03d. This has led to spurious 03d
trailing characters on these escaped characters!
zeripath [Sun, 19 Dec 2021 04:19:25 +0000 (04:19 +0000)]
Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
The current TestPatch conflict code uses a plain git apply which does not properly
account for 3-way merging. However, we can improve things using `git read-tree -m` to
do a three-way merge then follow the algorithm used in merge-one-file. We can also use
`--patience` and/or `--histogram` to generate a nicer diff for applying patches too.
zeripath [Fri, 17 Dec 2021 02:03:39 +0000 (02:03 +0000)]
Ensure complexity, minlength and ispwned are checked on password setting (#18005)
It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.
Fix #17977
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
zeripath [Thu, 16 Dec 2021 19:01:14 +0000 (19:01 +0000)]
Prevent hang in git cat-file if repository is not a valid repository and other fixes (#17991)
This PR contains multiple fixes. The most important of which is:
* Prevent hang in git cat-file if the repository is not a valid repository
Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.
Fix #14734
Fix #9271
Fix #16113
Otherwise there are a few small other fixes included which this PR was initially intending to fix:
* Fix panic on partial compares due to missing PullRequestWorkInProgressPrefixes
* Fix links on pulls pages due to regression from #17551 - by making most /issues routes match /pulls too - Fix #17983
* Fix links on feeds pages due to another regression from #17551 but also fix issue with syncing tags - Fix #17943
* Add missing locale entries for oauth group claims
* Prevent NPEs if ColorFormat is called on nil users, repos or teams.