| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
So far links to raw view were not encoded. The browser did some encoding
of spaces on its own, which the servlet would unescape, since it uses
the `HttpServletRequest.getPathInfo` method. That decodes the path
before returning it.
A problem arises when a bracket is in the file (or folder) name. The
brackets are the characters that are not allowed in the path, according
to the `URI.parse` method. (Which is a bit harsh, because brackets
actually are only reserved for the host part since IPv6.) That means
that the decoding fails when a bracket character is encountered.
This went unnoticed since the failed decoding will return the path
as it got it. But once there is a space in the file name, which the
browser helpfully encoded for us, the failed decoding will now leave the
encoded space in there. And that will result in a path that does not
exist, e.g. `file%20[a]`.
To be on the safe side, we simply encode the path in the links that we
generate, so that it complies with the rules that are used in `getPathInfo`.
This fixes #1375.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The `daysAgo` method seemed to want to normalize on a calendar day? I
can't really tell what it was trying to do, but the problem is that it
does not take into account any time shift due to time zones so it never
really worked outside of GMT.
So instead a new `calendarDaysAgo` method is added (because I am unsure
on what the `daysAgo` method is trying to do. It can probably be removed).
The new method cleanly calculates difference in calendar days because it
normalizes the two given time stamps on the same time zone.
The `timeAgo` method now used the new method. This fixes #1248.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For some reason the `TimeUtilsTest` class is, like almost all tests, in
the `com.gitblit.tests` package. But this way all methods in classes
which we might predominately need for tests have to be public.
So move the unit test class `TimeUtilsTest` to the same package as the
class it is testing, i.e. `com.gitblit.utils.TimeUtils`.
This way we ca set the new added methods which get the current time
passed in to be at least not public.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Add tests for `timeAgo` to analyse issue #1248.
The tests are dependent on when they run as they time functions use the
current date and time. To make them testable in a reproducible way, we
need the ability to pass in what we think is "now". So add overloaded
methods that take a `now` parameter so that we can pass in the current
time.
|
| |\ \
| | |
| | | |
Fix mirrored http(s) with a username and password
|
| | | |
| | |
| | |
| | | |
This fixes #1059
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Double escaped backslashes, wrongly escaped unicode codes, broken escaped
newlines.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some property keys had typos.
There is a `gb.ticketStatus` and a `gb.ticketState`. Neither is used
anywhere in the code, but only the former is defined in the default file.
So only use `gb.ticketStatus`.
|
| | | |
| | |
| | |
| | | |
If keeps acting up when trying to stage parts of it. I hope this fixes that.
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some property keys were duplicated, mostly `status`, `permission` and
`comment`.
The problem with `gb.comment` is, that it is used in two different
locations in two different meanings. One as a verb, the second as a
noun. Which makes no difference in English, but other languages.
The solution is that the second key is renamed to `gb.sshKeyComment`.
The code is adjusted accordingly.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
To prevent that we have a resource file in a resource bundle broken and
not loading undiscovered for years, add a unit test that will load the
resource properties file for each of the languages.
In order to check if the file was loaded and the bundle mechanism
didn't fall back on the default, a new property key is added to each
language file, solely for the purpose to be checked in the unit test.
|
| | |
| |
| |
| | |
This fixes #834
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The last fix for the stored config merged from Curly060 used Java8-isms.
In order to be able to include this fix in the next release, which will
be for 1.9, I have converted this to be compatible with Java 7.
Also, a file header was added to place it under APL.
|
| | | |
|
| | |
| |
| | |
Updated simplified Chinese translation and added missing entries. This translation is now 100% completed.
|
| | |
| |
| |
| |
| |
| | |
Add a link parser also for `ExpLinks` because we need to escape paths
to files in subfolders.
This closes #1358
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When a branch has a slash in the name, the raw servlet was not able
to find the path under that branch. This is due to the replacement of
the forward slash character for URLs. It was not taken into account
when comparing the branch name later.
This fixes #1290 and its duplicates #1234 and #813.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
While this may be an unlikely scenario, let's still prevent this.
When a link was created for a path that ends in a trailing slash,
that trailing slash would be replaced with the `forwardSlashCharacter`.
But in getPath that final slash would be transformed back *after* the
check to chop off trailing slashes. This is now switched so that such a
trailing slash is also chopped off.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Refactor the `getBranch` and `getPath` methods to take a String as
second parameter, which is the already sanitised path info. Don't get
the path info from a passed in request anymore.
The methods are only ever called from within `processRequest`, which
already does some checks on the path info, like removing a leading
slash character. So no need to do that every time again the methods
and passing a request for that.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
When creating a link for raw display, a trailing slash is stripped from
the end of the base URL. Also do this for the repository, as well as
stripping leading slashes from the repository and the path values.
|
| | |
| |
| |
| |
| |
| | |
Zero out the password to remove it from memory after use.
This is only a first step, implementing it for one method:
`AuthenticationManager.authenticate(String, char[], String)`.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The upgrade of a MD5 stored password hash to a PBKDF password hash
destroys the stored password. The has check zeroes out the password that
is tested, so that the new hash is built over the zeroed out value.
This fix prevents that an also adds a check to the test.
Fixes #1335
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Due to a wrong comparison, when loading the preferred locale in the
user preferences page, in cases like `zh_CN` or `de_DE` the wrong
locale would be chosen.
As with too many things, the code is duplicated on the `UserPage`
and the `EditUserPage`. And they differ. So extract the choosing of
the preferred language for display into a method in the (more up-to-date)
`UserPage` and call that from the `EditUserPage`.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
If, for example, an external site links to a docs page or a specific
doc page, and the branch that link points to is no longer existing,
an internal error happens due to a NPE.
The NPE is guarded against and a No Docs page is returned.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Renames `static final` variables according to convention to be in all
upper case. That makes it easier to see that in an `equals` comparison
the final variable should come first as it will not trigger a NPE.
Also strip parameters from the URL when extracting the repository
name from it. Parameters can not be part of a repository name, and
this way an empty repository name can be detected.
Fixes #1092
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
They will need to be called with the classpath and main class now,
instead of simply using the Jar.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
When GitBlit server did not start properly, is running but couldn't
start the `PluginManager`, then stopping the server via the `--stop`
argument on the command line resulted in a NullpointerException.
Which left the server running. Now this is prevented and the server
will actually shut down.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The (moxie and other) Launcher do not work with Java 9 and later anymore.
It used to dynamically extend the classpath, misusing an internal
interface of the `URLClassLoader`. This is no longer possible since Java 9,
which closed that path and does not offer any way to dynamically extend
the classpath during runtime.
So the choice is between providing one large Jar with everything in it,
providing a Jar that has the Jars in `ext` listed explicitly in its
manifest, and specifying the classpath on the command line where
the `ext` directory can be added and all contained jar files will
be put on the classpath.
The motivation for the Launcher class was to be able to simply drop
new jar files into a directory and they will be picked up at the
application start, without having to specify a classpath. We opt
for solution three here. This way jar files can still be dropped
into the ext directory, albeit the directory needs to be added to
the classpath on the command line. Unfortunately using a wildcard
is not possible in the manifest file. We change the calls in the
script files accordingly. This seems like a good compromise,
since no one will run the application manually typing the whole
commandline anyway.
This also does away with the splash screen, by the way. Again,
doesn't seem like a big loss, as I don't think it was ever shown
for the Authority.
Personally, I am not convinced that it is the best way, because
I don't really think that the use case of dropping whatever jar
files into the `ext` directory is a valid one that happened a lot.
This does not yet fix the client programs, which still use a
Launcher. Maybe for them a all-in-one Jar is a better solution.
Fixes #1262
Fixes #1294
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With three versions about to be supported right now
it is getting more important to know which Java version is
used when building and testing Gitblit, and which Java
version is used to run Gitblit.
So have the Moxie build report the javac version, and the
JVM version that Moxie is running on. These might be
different.
The `GitBlitServer` will print the Java version and vendor,
so that it gets visible if a user would paste a log output
for analysis.
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Integrate the `PasswordHash` class and subclass in the user
and password editing and authentication. Replaces the old code and
the previous `SecurePasswordHashingUtils` class.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Integrate the work of pingunaut to add support for PBKDF2 password
hashing. A new class `PasswordHashPbkdf2` is added, which builds
on his `SecurePasswordHashUtils` class, but makes it a subclass
of `PasswordHash`. This will replace the original class when
integrating the new PasswordHash way into GitBlit.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of having to deal with the implementation details of hashing
and verifying passwords in multiple places, have a central unit
be responsible for it. Otherwise we need to edit three different places
when adding a new hashing scheme.
With this class adding a new hashing scheme just requires creating a
new subclass of `PasswordHash` and registering its type in the enum
`PasswordHash.Type`.
The rest of the code will use a common interface for all hashing
schemes and doesn't need to be changed when a new one is added.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Addresses #1166
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove guard rails at the left to get a cleaner look.
To make it easier to determine which repositories belong to which
folder, display the repositories first, then the subfolder.
Decreased indentation a little.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix for #725.
Also covers #527.
This is a squashed commit of the following commits,
merging and closing pull request #1267:
commit 55fee41769ffab1aff59344fe117d481687aa743
Author: Martin Spielmann <mail@martinspielmann.de>
Date: Mon Nov 6 17:19:53 2017 +0100
declared local variable final to fix travis build
commit 131e4d14a48c2a3fdce621fa54637de50684d040
Author: Martin Spielmann <mail@martinspielmann.de>
Date: Mon Nov 6 14:11:55 2017 +0100
fix formatting (use tab for identation)
commit 8da5f6d5967894f157251c320928acdab3a451e7
Author: Martin Spielmann <mail@martinspielmann.de>
Date: Mon Nov 6 13:45:39 2017 +0100
Add repositoryListType tree. Addresses #725, 527 and includes #1224
commit 6c061651fb95212ae242dbca06c8d9ef80146201
Merge: f365daa3 40ee9653
Author: Martin Spielmann <mail@martinspielmann.de>
Date: Sat Nov 4 13:19:08 2017 +0100
Merge remote-tracking branch 'collapsible/ticket/527' into 725_nested_repos
commit f365daa3b1d6be135365f9b11bdece320beabf4e
Author: Martin Spielmann <mail@martinspielmann.de>
Date: Sat Nov 4 13:10:24 2017 +0100
first working version of tree model
|
| | | | |
|
