| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix #1357
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
variables (#5935)
The gitea prerecieve and postrecieve hooks and the gitea PushUpdate function require that the PusherID and PusherName are real users. Previously, these environment variables were not being set when using a deploy key - the main result being that pushing to empty repositories meant that is_empty status was not changed.
I've also added an integration test to ensure that the is_empty status is updated on pushing with a deploy key.
There is a slight issue in that the deploy key is now considered a proxy for the owner - we don't have a way of separating out the deploy key from the owner at present. This can be fixed in another PR.
Fix #3795
Signed-off-by: Andrew Thornton art27@cantab.net
|
|
|
|
|
|
|
| |
By default, if `setting.NewContext()` prints out any warning logs, these are printed to the stdout breaking `git receive-pack` etc. meaning that even if there is a warning because of a minor problem in your app.ini but gitea starts despite this - you **CANNOT** push or pull over SSH.
This PR disables the console logger whilst in `serv.go`
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add util method and tests
* make sure the title of an issue cannot be empty
* wiki title cannot be empty
* pull request title cannot be empty
* update to make use of the new util methof
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add migration and basic UI for changing a user's theme
* update user themem
* use right text on button
* load theme based on users' selection
* load theme based on users' selection in pwa too
* update sample config
* delete older theme loading
* implement AfterLoad to set users' theme properly
* set up default theme when creating a user. This uses the installation wide theme
* use flash messages for error
* set default theme when creating a user from the cli
* fix @lunny review
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#5537)
Before:
$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000//">Found</a>.
After:
$ curl 0.0.0.0:3001
<a href="https://gitea.example.com:3000/">Found</a>.
Fixes #5536
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix the Let's Encrypt handler by listening on a valid address
Also handle errors in the HTTP server go routine, return a fatal error
when something goes wrong.
Thanks to @gbl08ma for finding the actual bug
Here is an example of the error handling:
2018/12/11 14:23:07 [....io/gitea/cmd/web.go:87 func1()] [E] Failed to
start the Let's Encrypt handler on port 30: listen tcp 0.0.0.0:30: bind:
permission denied
Closes #5280
* Fix a typo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fix units permission problems
* fix some bugs and merge LoadUnits to repoAssignment
* refactor permission struct and add some copyright heads
* remove unused codes
* fix routes units check
* improve permission check
* add unit tests for permission
* fix typo
* fix tests
* fix some routes
* fix api permission check
* improve permission check
* fix some permission check
* fix tests
* fix tests
* improve some permission check
* fix some permission check
* refactor AccessLevel
* fix bug
* fix tests
* fix tests
* fix tests
* fix AccessLevel
* rename CanAccess
* fix tests
* fix comment
* fix bug
* add missing unit for test repos
* fix bug
* rename some functions
* fix routes check
|
| |
|
|
|
|
|
|
|
|
| |
via cli (#5391)
* don't force a password change for the admin user
* don't totally dicard -must-change-password flag if creating the first (admin) user via the cli. Use flag if present but make sure to default to not forcing a password update
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* add random-password flag
* run make fmt
* add length cli flag rather than use a default value
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Start to move to internal/private
* Add GetPublicKeyByID
* Add HasDeployKey
* Add private.UpdateDeployKeyUpdated
* Add private.GetUserByKeyID
* Add private.AccessLevel
* Add private.CheckUnitUser
* Fix mistakes I made
* Some cleaning + moving code to separate files
* Fix error handling
* Remove useless error handling for setup
* lint: fix comment on exported func
* fix copyright header
* Fix order of args
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* add support for an admin to force a user to change his/her password from thee cli
* use BoolFlag instead
* default to true
* simplify by removing unnneccessary if/else
|
|
|
|
|
|
|
|
| |
* Give user a link to create PR after push
* Forks now create PR in the base repository + make sure PR creation is allowed
* fix code style
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* LFS: make HTTP auth period configurable
* Formatting: Removed semicolon
Due to automated fmt-check failure (drone.gitea.io)
* applying code reviews
* Applied code review comment: Change HTTPAuthExpiry to time.Duration
* Updated config cheat sheet
|
|
|
|
|
|
|
|
|
|
| |
* Add cli commands to regen hooks & keys
* make fmt
* Allow passing path to config as an option
* add docs
|
| |
|
|
|
| |
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
* Fix SSH auth LFS locks
* Activate SSH/lock test
* Remove debug
* Follow @lunny recommendation for AfterLoad method
|
|
|
|
|
|
|
|
| |
* General refactor of the cmd package
* Address breakage in runCreateUser
* Place "common" functions into cmd.go
|
| |
|
|
|
|
|
|
| |
* Change EncodePasswd to HashPassword
* Create test+benchmark for HashPassword
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add repo-sync-releases admin command
Will help recovering corrupted database, see #3247
* Load repos in chunks of 10, exit with error if unable to get a list, scan private repos, fix typo
* Fix debug output about num releases
* Introduce RepositoryListDefaultPageSize constant, set to 64
Use it from the new admin command
* Use RepositoryListDefaultPageSize in more places
* Document RepositoryListDefaultPageSize
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add an option to allow redirect of http port 80 to https.
This is an "opt in" option (default is to not redirect). It will only redirect
if protocol is https and the new REDIRECT_PORT_80 option is set to true.
The Port to redirect in previous commit was hardcoded to 80, now it can be
specified in the app.ini, defaulting to 80. The boolean option to turn
redirection on has been changed to REDIRECT_OTHER_PORT to be logically
consistent with the new port option.
Signed-off-by: Mike Fellows <mike.fellows@shaw.ca>
|
|
|
|
|
|
| |
* improvements for supporting UI Location
* improved the comment
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* remove GetRepositoryByRef and add GetRepositoryByOwnerAndName
* fix tests
* fix tests bug
* some improvements
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add external markup render support
* bug fixed
* refacotr codes and fix wrong error log
* fix comments and add check to prevent leaks
* add check for config file and improve the example
* check file close error
* use ioutil.TempFile instead uuid
* correct Render -> Parser
* improve warning when incorrect markup setting
* fix typos
|
|
|
|
|
|
|
|
|
|
| |
* Set session and indexers' data files rel to AppDataPath
The setting AppDataPath is now relative to the working directory.
The session svc's PROVIDER_CONFIG now defaults to AppDataPath/data/sessions.
The issue indexer's IssuePath now defaults to AppDataPath/indexers/issues.bleves.
* fix bug
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* improve protected branch to add whitelist support
* fix lint
* fix style check
* fix tests
* fix description on UI and import
* fix test
* bug fixed
* fix tests and languages
* move isSliceInt64Eq to util pkg; improve function names & typo
|
|
|
|
|
|
| |
* only update needed columns when update user
* fix missing update_unix column
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add units to team
* fix lint
* finish team setting backend
* finished permission controll on routes
* fix import blank line
* add unit check on ssh/http pull and push and fix test failed
* fix fixtures data
* remove unused code
|